™ ENJOY THE FREEDOM OF WIRELESS NETWORKING 802.11 Wireless Networking Guide ENTERASYS.
NOTICE Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such changes have been made. The hardware, firmware, or software described in this document is subject to change without notice.
Contents Preface Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii Associated Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv Getting Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents 2 Understanding Wireless Network Characteristics In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1 802.11 Standard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 UPN Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3 Wireless Network Name . . . . . . . .
Contents Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using the Access Point 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using the RoamAbout R2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents 5 Configuring the Wireless Network In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1 Configuring APs in an Infrastructure Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 Parameters Used . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Setting Spanning Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using the RoamAbout R2 Console Port or Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using the RoamAbout R2 Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using the Access Point 2000 Console Port . .
Contents Configuring the Console Port for Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . RoamAbout R2 Console Port or Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using the RoamAbout R2 Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Access Point 2000 Console Port . . . . . . . .
Contents 8 Problem Solving In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1 Using the AP LEDs to Determine the Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 RoamAbout R2 LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2 AP 2000 LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Figures Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure 1-1: Cells Within a Wireless Infrastructure Network . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7 1-2: Point-to-Point Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9 1-3: Point-to-Multipoint Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Table Table Table Table Table Table 8-10: 8-11: 8-12: A-1: A-2: A-3: RoamAbout AP (Classic and 2000) PC Card Counters.......................................... 8-14 RoamAbout R2 Counters........................................................................................ 8-17 RoamAbout PC Card LED Description.................................................................. 8-20 802.11b Radio Characteristics .................................................................................
Preface A RoamAbout wireless network consists of RoamAbout wireless products, such as the RoamAbout R2 Wireless Access Platform, RoamAbout Access Point 2000, RoamAbout PC Card, and other wireless products that use an 802.11 Direct Sequence (DS) compliant radio. This manual describes how to design, install, configure and maintain a RoamAbout wireless network. It also describes how to troubleshoot problems that may arise during installation or operation.
Associated Documents Associated Documents You can download the documentation, drivers, and utilities from the RoamAbout Wireless web site. Check the RoamAbout Wireless web site regularly for product upgrades: www.enterasys.com/wireless Component Information Location RoamAbout AP Manager RoamAbout 802.
Document Conventions Document Conventions The following icons are used in this document: Icon Meaning CAUTION: Contains information essential to avoid personal injury or damage to the equipment. NOTE: Calls the reader’s attention to any item of information that may be of special importance.
Getting Help Getting Help For additional support related to this device or document, contact Enterasys Networks using one of the following methods: World Wide Web: www.enterasys.com/wireless Phone: North America: (603) 332-9400 Europe: 353 61 701 910 Asia: +800 8827-2878 Internet mail: support@enterasys.com To send comments or suggestions concerning this document, contact the Enterasys Networks Technical Writing Department via the following e-mail address: TechWriting@enterasys.
Chapter 1 Wireless Network Configurations There are three basic RoamAbout wireless network configurations: • One or more APs connecting wireless clients to a wired network, using the workgroup bridge mode. A wireless client can be any computer with an 802.11 Direct-Sequence (DS) compliant radio card. This type of network is referred to as a wireless infrastructure network. • Two or more APs used as a wireless link connecting wired networks. This is called a LAN-to-LAN configuration.
RoamAbout AP RoamAbout AP This guide addresses the different RoamAbout AP hardware platforms: RoamAbout Access Point (sometimes referred to as Classic), RoamAbout Access Point 2000, and RoamAbout R2 Wireless Access Platform. Unless otherwise specified, AP refers to all the RoamAbout AP platforms. The RoamAbout Access Point Classic is no longer available; however, a number of the Access Point 2000 reference information and procedures apply to the Classic platform.
RoamAbout AP • Dynamic address learning The forwarding and translating process module automatically adds new source addresses to the address database while the AP is operating. This reverse learning of the address and port association allows automatic network configuration without prior downline loading of configuration data to the AP. Address learning is protocol and management entity independent. An Aging Timer determines how long an address remains in the database.
RoamAbout PC Card RoamAbout PC Card The RoamAbout PC Card is an IEEE 802.11 Direct Sequence (DS) compliant wireless network interface card. The RoamAbout PC Card functions like any standard wired Ethernet card; however, the RoamAbout PC Card uses radio frequencies instead of a cable for the LAN connection. When installed in a computer, the PC Card and computer are referred to as a RoamAbout wireless client.
RoamAbout PC Card Drivers RoamAbout PC Card Drivers You can have clients with various operating systems in the same wireless network. The RoamAbout PC card supports drivers for a number of operating systems. The drivers are only necessary for RoamAbout PC cards in a wireless client. Refer to the RoamAbout 802.11 PC Card Drivers and Utilities Setup and Installation Guide for setup and installation information. For the latest version of the RoamAbout drivers, see the RoamAbout web site: www.enterasys.
Wireless Infrastructure Network Wireless Infrastructure Network In a wireless infrastructure network, wireless clients communicate with an AP to connect to a wired LAN. A RoamAbout wireless infrastructure network can support clients with various operating systems. The area where a client can communicate with the AP is called a coverage area. To increase the coverage area, you can add APs to the wireless network. Single AP A single AP supports a single wireless infrastructure network.
Wireless Infrastructure Network Figure 1-1: Cells Within a Wireless Infrastructure Network Cell 1 Coverage Areas Cell 2 AP2 AP1 Workgroup Mode Workgroup Mode Wireless Client To allow wireless clients to physically move within a wireless network, the coverage areas should overlap. In Figure 1-1, Cell 1 and Cell 2 share overlapping areas of coverage.
Wireless Infrastructure Network Wireless Client Behavior You can configure the wireless client to connect to a specific wireless network or the first available wireless network. If you configure the client to connect to a specific wireless network, the client establishes a radio connection to the AP in the specified wireless network that provides the best communications quality. APs in a different wireless network are ignored.
LAN-to-LAN Configuration LAN-to-LAN Configuration You can connect separate LANs over a wireless link by configuring two or more RoamAbout APs to communicate with each other. This is called a LAN-to-LAN configuration. There are two variations of the RoamAbout LAN-to-LAN configuration: • Point-to-point, using the LAN-to-LAN endpoint bridge mode, which connects two wired networks. • Point-to-multipoint, using the LAN-to-LAN multipoint bridge mode, which can connect multiple wired networks.
LAN-to-LAN Configuration Point-to-Multipoint You can connect wired LANs in different buildings using the LAN-to-LAN multipoint feature. At least one of the APs is configured as a multipoint AP, called the Central AP. The Central AP can communicate directly with up to six APs. The six APs are configured as endpoints, which can only communicate directly to the Central AP. The Central AP allows the endpoint APs to communicate with each other through the Central AP.
LAN-to-LAN Configuration Figure 1-4 provides an example of two Central APs in the same point-to-multipoint configuration. In this configuration, six APs are configured to communicate with the same Central AP. You can configure one or more of those six APs as a Central AP to communicate with up to five additional APs. If using an Access Point 2000, this configuration requires the Wireless Relay parameter to be enabled.
LAN-to-LAN Configuration In Figure 1-4, Building A is the Central AP for Buildings A1 through A5 and Building B. However, Building B is also the Central AP for Building A and Buildings B1 through B5. You could expand this one further by making Building B3 a Central AP for five other buildings, although adding additional hops may decrease network performance. To avoid bridging problems, do not configure an AP as an endpoint for more than one Central AP.
RoamAbout R2 Configuration Examples RoamAbout R2 Configuration Examples This section provides configuration examples using the RoamAbout R2 (with the two-slot option). Restrictions • The RoamAbout R2 slot 2 does not support LAN-to-LAN multipoint. • If two 802.11b PC Cards are installed in the RoamAbout R2 Wireless Access Platform, one of the PC Cards must be connected to the Range Extender antenna to prevent radio interference between the two cards.
RoamAbout R2 Configuration Examples Workgroup Mode and LAN-to-LAN Example Figure 1-7 shows two RoamAbout R2s in different buildings using an outdoor directional antenna to connect the LANs in those buildings. Each RoamAbout R2 contains two radio slots; one slot configured in workgroup mode, and one slot configured in LAN-to-LAN endpoint bridge mode. In addition, a RoamAbout R2 can be configured for multipoint mode (slot 1 only), connect to an omni-directional antenna, and connect to other APs.
Ad-Hoc Network Ad-Hoc Network Wireless ad-hoc networks do not include APs. Instead, the ad-hoc network is a loose association, or workgroup, of computers that can communicate with each other using the PC Card in Ad-Hoc Mode. Figure 1-8 shows an ad-hoc network. The ad-hoc network is also known as a peer-to-peer network or independent network. The size of the ad-hoc network coverage area is determined by various factors, such as proximity and obstacles in the environment.
Optional Antennas Optional Antennas The RoamAbout PC Card has two integrated antennas (also known as antenna diversity) that perform best in an open environment with as few obstacles as possible. Depending on the environment and wireless network configuration, you may need an optional antenna. The following sections describe the types of optional antennas available with the RoamAbout products.
Optional Antennas Range Extender Antenna Use the Range Extender antenna (Figure 1-10), which also incorporates antenna diversity, to ensure optimal transmission and reception quality for situations where the integrated antennas are shielded, such as: • The wireless device, such as a desktop client, is close to metal surfaces. • The wireless device is installed in a hidden location, such as in a cabinet. • Objects shield the wireless device.
Optional Antennas Outdoor Antenna Kit There are two RoamAbout antennas available for outdoor use: • 14-dBi directional antenna • 7-dBi omni-directional antenna The RoamAbout outdoor antennas support outdoor LAN-to-LAN wireless links that are used to connect separate LANs. The directional antenna is typically used in a point-to-point wireless link. The omni-directional antenna is typically used in a point-to-multipoint configuration.
Chapter 2 Understanding Wireless Network Characteristics This chapter describes many of the wireless networking concepts and characteristics. You should be familiar with this information before you design, implement, or manage a RoamAbout wireless network. Not all characteristics apply to all network configurations. Some of the features listed are not available with earlier versions of the AP and the PC Card driver.
802.11 Standard Topic Page RoamAbout AP Secure Access 2-14 Wired Equivalent Privacy (WEP) Encryption 2-15 Authentication 2-16 802.1X Rapid Rekeying 2-18 SNMP Community Names 2-20 Console Port Security 2-21 Secure Telnet Sessions 2-21 Secure Web Sessions 2-22 RADIUS Accounting 2-23 Network Protocols 2-24 Wireless Traffic 2-25 Spanning Tree Protocol 2-27 VLANs 2-28 RoamAbout SNMP Management 2-31 802.11 Standard The 802.
UPN Support UPN Support User Personalized Networks (UPN) is an architecture that allows network administrators to map network services to identified users, machines, peripherals and other network entities. UPN consists of three tiers: • Classification rules make up the first or bottom tier. The rules apply to devices in the UPN environment, such as switches, routers and the RoamAbout R2. The rules are designed to be implemented at or near the user’s point of entry to the network.
Wireless Network Name Wireless Network Name A wireless network name, also called an SSID, is the name of the wireless infrastructure network. To add an AP to an existing wireless network, configure the AP with the name of the wireless network. To create a new wireless infrastructure network, configure the AP with a unique wireless network name. The wireless network name is case sensitive. The AP has a Secure Access feature.
AP MAC Addresses AP MAC Addresses The MAC address is a unique identifier for networking devices. Each LAN device (including Ethernet cards, bridges, routers, and gateways) is identified by a unique factory-set MAC address. You cannot change the universal MAC address of a networking device. RoamAbout wireless clients are identified by the MAC address of the RoamAbout PC Card.
Channel Frequencies Channel Frequencies The channel sets the center radio frequency for the wireless device. The RoamAbout PC Card can support up to 14 channels; however, the number of available channels varies in different countries. • APs within the same wireless infrastructure network can be set to different channels. You can change the channel in an AP. The client automatically uses the same channel as the AP.
Transmit Rate Transmit Rate The transmit rate identifies the preferred data transmission speed of the AP. The actual data transmission speed is subject to the type of PC Cards at both ends of the wireless link and the communications quality of the link. Transmissions at faster rates allow for higher data throughput and quicker network response times. However, transmissions at lower rates are usually more reliable and cover longer distances than the higher rates.
Transmit Rate Auto Rate With the auto rate option, the PC Card in a client or AP automatically switches to the next lower rate when data transmissions fail more than once. Shortly after completing the transmission, the PC Card returns to transmitting data at the higher rate. In most environments, Auto Rate allows the PC Card to use a higher rate for better data throughput, yet the PC Card can still use the more reliable slower rate when transmissions fail.
Communications Quality Communications Quality Communications quality is measured by the Signal to Noise Ratio (SNR). The SNR is a dynamic indicator that indicates the relative strength of the radio signal (signal level) versus the radio interference (noise level) in the radio signal path. In most environments, SNR is a good indicator for the quality of the radio link between transmitter and receiver. A higher SNR value means a better quality radio link.
Data Throughput Efficiency Data Throughput Efficiency Data throughput efficiency is measured in transmissions sent, lost, or received. When a data transmission fails, the wireless device automatically retransmits the data. It is normal in many environments for a transmission to fail occasionally. Data is not lost since the wireless device automatically retransmits the data frames. Many failed transmissions may result in longer network response times.
RTS/CTS Protocol RTS/CTS Protocol Each device in a wireless network can sense transmissions from other devices in its network that use the same frequency. To avoid collisions and lost data, a device only transmits when it senses that no other device is transmitting. This behavior is referred to as the Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) protocol. The RTS/CTS (Request to Send/Clear to Send) protocol is useful when collisions do occur.
RTS/CTS Protocol Hidden Station A wireless device is a hidden station when its transmissions cannot be sensed by another wireless device in the same network. Therefore, multiple devices could transmit at the same time. This problem can occur with clients located at opposite ends of an AP coverage area. Figure 2-2 illustrates a hidden station example. Clients A and B are within range of the AP.
802.11 Power Management 802.11 Power Management Power management can extend the battery life of clients by allowing the client to sleep for short periods of time while its messages are buffered by the AP. You may need to balance wireless performance versus battery-life. Power management imposes a more active use of the wireless medium, which might lead to more frequent transmission delays experienced as slower network response times during file transfers.
Security Security The following lists the types of security in a RoamAbout wireless environment: • Network operating system security • RoamAbout AP Secure Access • Wired Equivalent Privacy (WEP) Encryption • Device Authentication, which requires a RADIUS (Remote Authentication Dial-In User Service) server. Authentication can be based on MAC address, 802.1X, or both. • 802.
Security Wired Equivalent Privacy (WEP) Encryption The WEP feature encrypts all data transmitted within the wireless network. The encryption uses the RC4 algorithm as defined in the IEEE 802.11 Wired Equivalent Privacy standard. NOTE: Broadcast and multicast messages are not encrypted. The RoamAbout devices can be configured with four encryption keys. Each key is placed in a specific position (Key 1, Key 2, Key 3, or Key 4). You select one key to encrypt transmitted data.
Security Authentication The RoamAbout AP supports authentication of wireless workgroup clients. An AP can authenticate clients based on: • MAC address • 802.1X • Both MAC address and 802.1X (Hybrid authentication) When using any of these types of authentication, you must configure the AP as a RADIUS client. RADIUS Client RADIUS (Remote Authentication Dial In User Service) is a protocol that the AP uses to communicate with a remote Authentication Server.
Security 802.1X Authentication IEEE 802.1X authentication allows logins based on user name, password, user certificates, and other methods that may be mutually supported by the authentication server and the clients. Only clients that support 802.1X can participate in a wireless network that uses this type of authentication. IEEE 802.1X authentication also imposes more requirements on the RADIUS server. For MAC address authentication, a RADIUS server only needs to handle RADIUS. For 802.
Security 802.1X Rapid Rekeying Rapid Rekeying, also known as Key Tumbling, provides automatic IEEE 802.11 WEP encryption key generation and frequent redistribution of WEP keys. The following information applies to using Rapid Rekeying: • Rapid Rekeying requires the use of 802.1X authentication. Unauthenticated clients and MAC address authentication clients cannot receive updated WEP keys, and would soon lose connectivity to the LAN.
Security 2. The key period expires. The AP creates two new random keys and loads them into the inactive authenticator key indexes (Keys 3 and 4 in this example). The keys are not yet used for transmission or reception. AP Client Key # Encryption TX/RX State TX/RX Encryption Key1 aaaaaaaaaaaaaa RX Active TX aaaaaaaaaaaaaa Key2 bbbbbbbbbbbbb TX Active RX bbbbbbbbbbbbb Key3 cccccccccccccc Inactive xxxxxxxxxxxxx Key4 ddddddddddddd Inactive xxxxxxxxxxxxx 3.
Security 5. The key period expires. The AP creates two new random keys, loads them into the inactive authenticator key indexes (Keys 1 and 2 in this example), and repeats the process (starting at step 3).
Security Console Port Security The RoamAbout R2 console port supports SNMPv3. Access to the console requires a password. The default username is admin and the password is password. The password must be a minimum of eight ASCII characters, and is case-sensitive. The RoamAbout Access Point 2000 console port has two security features: • You can configure the console port to require a password before users can access the Installation Menu.
Security Secure Web Sessions The R2 has the following security features for users who access the R2 using the web interface: • Ability to enable or disable web management. • Password protection. At anytime, you can change the password needed by users to access the R2 using the web interface. • Secure web sessions in addition to the normal web sessions. The R2 allows you to enable TLS (Transport Layer Security), which is based on SSL 3.0, for a secure HTTP session.
RADIUS Accounting RADIUS Accounting The RADIUS accounting feature allows the AP, as a RADIUS client, to save accounting data on a RADIUS accounting server. The accounting feature stores the time of each user’s session for billing purposes. Authentication, 802.1x or MAC, must be configured before accounting can be enabled. An accounting session begins once a user is successfully authenticated by a RADIUS server.
Network Protocols Network Protocols When you install a RoamAbout PC Card in a computer using a Windows operating system, you may need to install and configure a set of networking protocols. The type of protocols needed depends on the network operating system used within your LAN environment. The most common protocols are: • IPX/SPX compatible protocols if your networking environment is using the Novell NetWare network operating system.
Wireless Traffic Wireless Traffic In addition to data, wireless network traffic includes beacons and various types of messages. Beacons A beacon is a message that is transmitted at regular intervals by the RoamAbout APs to all wireless clients in the wireless infrastructure. Beacons are used to maintain and optimize communications by helping mobile RoamAbout clients to automatically connect to the AP that provides the best communications quality.
Wireless Traffic Filters The following filters are only available using the RoamAbout AP Manager, or a Network Management Station that uses SNMP. • Protocol Use the protocol filter to NOT forward specific protocol traffic to the wireless network, which can reduce unnecessary traffic and increase the network response time. However, filtering the wrong protocols can negatively affect the operation of the network. When solving network problems, you should clear all filters.
Spanning Tree Protocol Spanning Tree Protocol The RoamAbout AP uses 802.1d Spanning Tree protocol to prevent network loops. A loop occurs when there are alternate routes between networks, as described in Preventing Network Loops on page 1-12. A loop can cause bridges to continually forward multicast traffic and degrade network performance. In normal LAN-to-LAN operation, keep Spanning Tree ENABLED. You should only disable Spanning Tree when using an application in a configuration that requires it.
VLANs VLANs A VLAN is a logical partition of one or more physical networks. A single VLAN can span multiple LANs, and multiple VLANs can reside within a single LAN. One major benefit of a VLAN is that traffic is restricted to a subset of the physical LAN or LANs. Multicasts are only sent to the VLAN member ports. Therefore, a VLAN can conserve network bandwidth and improve security. All the devices in a designated VLAN need not necessarily support VLANs.
VLANs Network Configurations Both the RoamAbout Access Point 2000 and the R2 can be used as a wireless bridge to an existing VLAN. For example, two APs can connect VLANs residing in different buildings, as illustrated in Figure 2-4. The wired side of each AP is connected to a switch that supports VLAN IDs. Switch 1 connects to VLANs Red, Blue, and Green, but only forwards data from VLANs Red and Green. Switch 2, in a different building, connects to VLANs Red and Green.
VLANs Ingress filtering is always enabled on the RoamAbout R2. That is, the R2 does NOT forward data from a VLAN defined on other ports if it is received on a port that is not configured for that VLAN. In Figure 2-5, should R2(A) be configured incorrectly and forward VLAN Green data from Switch 2 to R2(E), R2 (E) would not forward the data. Although other R2(E) ports are configured for VLAN Green, the port receiving the data is not configured for VLAN Green. It is only configured for VLAN Red.
RoamAbout SNMP Management RoamAbout SNMP Management Access Point 2000 The Access Point 2000 supports the Simple Network Management Protocol (SNMP) through any standard Network Management Station (NMS) that supports SNMP. The SNMP management capability enables you to manage standard SNMP MIB characteristics, such as protocol filtering and address filtering. The Access Point 2000 supports the following MIB objects: • DEC-ELAN-Vendor-MIB • IEEE 802.
RoamAbout SNMP Management RoamAbout R2 The RoamAbout R2 supports SNMPv3. If your Network Management Station (NMS) does not support SNMPv3, use the RoamAbout R2 console port to configure the communities views for SNMPv1 and SNMPv2c access.
Chapter 3 Designing and Implementing a Wireless Network The first step in designing a wireless network is to determine which network configuration best fits your needs. The wireless network configurations are discussed in Chapter 1. Once you have chosen a configuration, this chapter lists the various site requirements necessary for each type of network. Some of the features listed are not available with earlier versions of the AP and the PC Card driver.
Infrastructure Network Infrastructure Network To plan a wireless infrastructure network, determine the following: • Coverage area - the area where the clients are located. If the clients are mobile, this is the area where the clients can connect to the network. • Supported users - the number of clients that you expect to support. • Network utilization - how users intend to use the network.
Infrastructure Network Determining the Coverage Area and Supported Users Coverage area is determined by a number of factors, including physical obstructions and noise levels as shown in Figure 3-1. The following is an example of the coverage area in a semi-open environment, which is defined as work space divided by shoulder-height, hollow wall elements. The distances in your environment may be different. • 11 Mbit/s - 165 feet (50 meters) • 5.
Infrastructure Network Noise levels in the radio frequencies can reduce the coverage area. Such noise can be generated by microwave ovens and elevator motors. Increasing the AP Density will also reduce the coverage area of a single AP. A RoamAbout Access Point 2000 can support up to 250 users within its coverage area. The RoamAbout R2 supports up to 250 users per slot.
Infrastructure Network Selecting the Locations for Multiple APs Consider the following: • Each coverage area must overlap another coverage area to allow roaming for clients. • The amount of overlap depends on number of users in a coverage area and utilization of the network. If you expect that one coverage area has more users or higher network utilization than the other coverage areas, increase the overlap of the adjacent coverage areas by moving the APs closer together (see Figure 3-2).
Infrastructure Network RoamAbout R2 Mezzanine Special Considerations The following information pertains to the RoamAbout R2 with the Mezzanine option installed: • Slot 2 does not support LAN-to-LAN multipoint. • If two 802.11b PC Cards are installed in the RoamAbout R2, one of the PC Cards must be connected to the Range Extender antenna to prevent radio interference between the two cards. The antenna must be placed at least two feet away from the RoamAbout R2.
LAN-to-LAN Network Configuration LAN-to-LAN Network Configuration There are two types of LAN-to-LAN configurations. The LAN-to-LAN endpoint bridge mode is used in a point-to-point configuration to connect two separate wired LANs. The LAN-to-LAN multipoint bridge mode is used in a point-to-multipoint configuration to connect multiple wired LANs. Typically, the LANs are in different buildings and the configuration requires the RoamAbout outdoor antenna kit. Consider the following: • Type of antenna.
Ad-Hoc Network Ad-Hoc Network The only requirement for an ad-hoc network is the ability to communicate with one or more other wireless users. To do this: • All PC Cards must use the same channel. Default channels are listed in Table A-3 on page A-3. • Determine the size of the coverage area. The speed of the RoamAbout PC Card is one factor that determines the client coverage area. Other factors include physical obstructions and noise levels.
Wireless Network Hardware Installation Overview Wireless Network Hardware Installation Overview Once you have designed the wireless network and determined where to place the wireless devices, install and configure the hardware as described in the following sections. Wireless Infrastructure Network The following is an overview of the steps to install the wireless devices in a wireless infrastructure network. 1. Install the RoamAbout AP in the location you have chosen.
Wireless Network Hardware Installation Overview Ad-Hoc Network The following is an overview of the steps to install the wireless clients in an ad-hoc network. 1. Create wireless clients by installing the RoamAbout PC Card into the appropriate computers. Refer to the RoamAbout PC Card documentation. 2. If installing the RoamAbout Client Utility (recommended), see the RoamAbout Client Utility on page 4-7. 3. Configure the wireless clients, as described in the RoamAbout 802.
Chapter 4 Wireless Network Tools This chapter describes the configuration tools. You can configure the AP using one or more of these tools: • RoamAbout AP Manager • RoamAbout console port • Telnet (RoamAbout R2 only) • Web Management (RoamAbout R2 only) • Network Management Station (NMS) To configure the AP for the first time, you need to use the RoamAbout AP Manager or the console port.
RoamAbout AP Manager RoamAbout AP Manager The RoamAbout AP Manager is a configuration tool for new APs and a management tool to assist the ongoing management and support of RoamAbout wireless networks. The AP Manager can manage multiple APs simultaneously. The AP Manager has the following features: 4-2 • Ability to manage multiple APs remotely, including changing parameters on multiple APs in a wireless network with a single command. • Ability to group APs.
RoamAbout AP Manager Installing the RoamAbout AP Manager The AP Manager supports Windows 95, Windows 98, Windows 2000, Windows Me, Windows NT (V4.0 or later), and Windows XP. The AP Manager can manage APs from a wireless computer. However, the AP Manager needs to be on a computer connected to the same wired LAN as the AP to assign an IP address or upgrade the AP firmware. The AP Manager is included on the CD-ROM in the RoamAbout AP kit, and can also be downloaded from the enterasys.com/wireless web site.
RoamAbout AP Manager Using the AP Manager You can manage APs individually or as a single group. You can group APs based on any criteria, such as: • All APs belonging to the same network are in one group. For example, have one group for the Accounting network and one group for the Engineering network. • To avoid confusion, you should have different groups for APs in an infrastructure network and APs in a LAN-to-LAN configuration. APs in these configurations are managed differently.
Other SNMP Management Tools Other SNMP Management Tools The AP supports the Simple Network Management Protocol (SNMP) through any standard Network Management Station (NMS) that supports SNMP. The SNMP management capability enables you to manage standard SNMP MIB characteristics, such as protocol filtering and address filtering. • To manage the AP with an NMS, you must first use the console port or AP Manager to configure the AP with a valid IP address. • The RoamAbout R2 supports SNMPv3.
Telnet Telnet You can manage the RoamAbout R2 by using Telnet to access the console port menu. However, you must first assign the R2 an IP address. Perform the following steps to access the R2 through Telnet: 1. Open a DOS Prompt. 2. Telnet to the IP Address that you assigned to the RoamAbout R2. For example: telnet 10.0.0.00 You are prompted for a username and password. The default username is admin and the default password is password. The Main Menu displays. 3.
RoamAbout Client Utility RoamAbout Client Utility The RoamAbout Client Utility is a diagnostic tool for RoamAbout wireless networks. The RoamAbout Client Utility is included on the RoamAbout 802.11 PC Card Drivers and Utilities CD-ROM, or you can download it from the RoamAbout Wireless web site. Refer to the RoamAbout 802.11 PC Card Drivers and Utilities Setup and Installation Guide for setup and installation information.
Chapter 5 Configuring the Wireless Network This chapter provides the procedures to configure the wireless device parameters. Before performing these procedures, you need to install the wireless network tools as described in Chapter 4. If configuring a wireless infrastructure network, configure the APs first. Many of the wireless client parameters are based on the AP settings. For infrastructure and ad-hoc networks, document the common settings for clients that join the network at a future date.
Configuring APs in an Infrastructure Network Configuring APs in an Infrastructure Network After installing the AP, you configure its network and wireless parameters as described in this section. After performing the procedure in this section, refer to the other sections in this chapter to configure features such as filters, VLANs, and CDP. Refer to Chapter 6 to configure the security features. Parameters Used If adding APs to an existing wireless network, write down the wireless parameter settings.
Configuring APs in an Infrastructure Network Table 5-1: Parameters Used in an Infrastructure Network (Cont’d) Parameter Description Wireless network name Any alphanumeric string (uppercase and lowercase) with a maximum of 32 characters. Spaces are allowed. The name is case-sensitive. An example of a wireless network name is: My RoamAbout NETWORK 2 Station name Select a unique name that helps identify the location of the AP. Each AP should have a unique station name. Bridge Mode Set to Workgroup.
Configuring APs in an Infrastructure Network Using the AP Manager Refer to Table 5-1 for a description of the parameters used in this procedure. 1. If you are currently managing APs with the AP Manager, determine if the new AP belongs to an existing group. Refer to RoamAbout AP Manager on page 4-2 for a description of configuration groups. File→Open (adds the AP to an existing group) File→New (starts a new group) 2. Click on Setup/Add New AP. 3.
Configuring APs in an Infrastructure Network Using the RoamAbout R2 Console Port or Telnet Connection 1. Choose Network Configuration from the Main Menu. 2. Enter the parameters as described in Table 5-1. 3. Choose Save. 4. Choose Wireless Configuration from the Main Menu, then choose Set/Show Wireless Configuration. 5. At the top of screen, choose the radio slot (1 or 2) to configure. 6. Enter the wireless parameters as described in Table 5-1. 7.
Configuring APs in an Infrastructure Network Using the Access Point 2000 Console Port 1. Choose Set IP Address from the Installation Menu. Enter the parameters as described in Table 5-1. 2. Choose Module-Specific Options from the Installation Menu. 3. Choose Set Wireless Configuration. Enter the wireless parameters for your wireless network as described in Table 5-1. 4. Choose Module-Specific Options from the Installation Menu and set the bridge mode and rate limiting parameters as described in Table 5-1.
Configuring APs in a Point-to-Point Network Configuring APs in a Point-to-Point Network You can configure two APs to communicate with each other in a LAN-to-LAN point-to-point configuration as described in the following sections. After performing the procedure in this section, refer to the other sections in this chapter to configure features such as filters, VLANs, and CDP. Refer to Chapter 6 to configure the security features.
Configuring APs in a Point-to-Point Network Table 5-2: Parameters Used in a Point-to-Point Network (Cont’d) Parameter Description Ethernet Speed This sets the speed of the wired Ethernet connection. The default setting, autonegotiate, works well in most environments. CDP RoamAbout R2 only. This setting is Auto Enabled by default in LAN-to-LAN mode. To change this setting, refer to Setting the Cabletron Discovery Protocol on page 5-21. Slot 1/Slot 2 For a RoamAbout R2 only.
Configuring APs in a Point-to-Point Network Using the AP Manager Refer to Table 5-2 for a description of the parameters used in this procedure. 1. If you are currently managing APs with the AP Manager, determine if the new AP belongs to an existing group. Refer to RoamAbout AP Manager on page 4-2 for a description of configuration groups. File→Open (adds the AP to an existing group) File→New (starts a new group) 2. Click on Setup/Add New AP. 3.
Configuring APs in a Point-to-Point Network Using the RoamAbout R2 Console Port or Telnet Connection 1. Choose Network Configuration from the Main Menu. 2. Enter the parameters as described in Table 5-2. 3. Choose Save. 4. Choose Wireless Configuration from the Main Menu, then choose Set/Show Wireless Configuration. 5. At the top of screen, choose the radio slot (1 or 2) to configure. 6. Enter the wireless parameters. 7. Set the Reset Option to Reset Radio if necessary (default setting). 8. Choose Save. 9.
Configuring APs in a Point-to-Point Network Using the Access Point 2000 Console Port 1. Choose Set IP Address from the Installation Menu. 2. Enter the IP address, subnet mask, and default gateway. 3. Choose Module-Specific Options from the Installation Menu. 4. Choose Set Wireless Configuration. Enter the parameters for your wireless network. 5. Choose Bridge Mode Options in the Module-Specific Options menu. Set the parameters as described in Table 5-2. 6.
Configuring the AP for Point-to-Multipoint Configuring the AP for Point-to-Multipoint You can configure up to seven APs in a point-to-multipoint configuration. At least one AP must be configured as a Central AP. The other APs are configured as endpoint APs, as described in Point-to-Multipoint on page 1-10. After performing the procedure in this section, refer to the other sections in this chapter to configure features such as filters, VLANs, and CDP. Refer to Chapter 6 to configure the security features.
Configuring the AP for Point-to-Multipoint Table 5-3: Parameters Used in a Point-to-Multipoint Network (Cont’d) Parameter IP Address Mode Description Set to Manual when configuring an AP for the first time. For more information, see Modifying the IP Address on page 5-18. Ethernet Speed This sets the speed of the wired Ethernet connection. The default setting, autonegotiate, works well in most environments. CDP RoamAbout R2 only. This setting is Auto Enabled by default in LAN-to-LAN mode.
Configuring the AP for Point-to-Multipoint The following AP parameters are not used in this configuration: • Wireless Network Name • AP Density • Secure Access • Power Management (DTIM Period) • IntraBSS Relay • Multicast Transmit Rate • Load Balancing Using the AP Manager Refer to Table 5-3 for a description of the parameters used in this procedure. 1. Determine which AP is the Central AP, as described in Point-to-Multipoint on page 1-10. 2.
Configuring the AP for Point-to-Multipoint 9. To implement your changes: R2 AP: Select Reset from the main window. If changing the bridge mode, select Reset with Current Settings. Otherwise, select Reset Slot x, where x is the slot (1 or 2) you configured. AP 2000: Select Reset from the main window. Select Reset with Current Settings. Allow approximately one minute for the AP to reset and complete its self-test. 10. Repeat this procedure at the other APs.
Configuring the AP for Point-to-Multipoint 6. Open Wireless Parameters in the navigation tree. 7. Select the slot to configure. Enter the parameters as described in Table 5-3. When configuring the bridge mode of the Central AP to LAN-to-LAN Multipoint, you must enter the Multipoint activation key. This option is only available on slot 1. Click on the LAN-to-LAN Properties button to enter the wireless MAC addresses of the other APs. Any unused fields must be null (contain no characters). 8. Click on Save. 9.
Viewing Current AP Settings Viewing Current AP Settings You can view the current settings before you modify the RoamAbout AP parameters. • AP Manager Select the AP from the Managed List field and click on the various buttons, such as Wireless Parameters, Network Parameters, and Hardware. In the Wireless Parameters dialog box, click on the Advanced button to view all the wireless parameters.
Modifying the IP Address Modifying the IP Address The AP can obtain an IP address using these methods: • BootP (default): The AP obtains its IP Address from a BootP server when it reboots. A BootP server must be configured in advance to respond with the desired IP address. • DHCP: The AP obtains its IP address from a DHCP server. This option is not recommended for enterprise networks. • Manual: Prevents the AP from issuing BootP or DHCP requests to obtain an IP address.
Modifying the IP Address To manually change the IP address of an Access Point 2000, perform the following. You will need the AP’s wired MAC address and an unused IP address. 1. Select the AP in the managed list. 2. Click on the Network Parameters button. 3. Set the Address State to Volatile. 4. Select Manual from the IP Address Initialization option. 5. Click on OK. 6. In the main AP Manager window, click on the Reset button. Then, click on Reset with Current Settings. 7.
Modifying the IP Address Using the RoamAbout R2 Web Interface 1. Open Network Configuration in the navigation tree. 2. Select Network Parameters and enter the following parameters: IP address: If manually entering an IP address, enter the IP address you wish to assign to the AP. Subnet mask: Enter the subnet mask you wish to assign to the AP. Default gateway: Enter the IP address of the default gateway. IP Address Initialization: Choose the method to obtain an IP address on the next reset. 3.
Setting the Ethernet Speed Setting the Ethernet Speed This sets the speed of the wired Ethernet connection for the RoamAbout R2. Typically, the default setting, autonegotiate, is used in most environments. You might need to use a fixed setting to support a network device that does not work well with the autonegotiate setting. To access the Ethernet speed using the AP Manager, click on Network Parameters in the main window.
Modifying Wireless Parameters Modifying Wireless Parameters The following AP wireless parameters can be modified as necessary: • AP Density: Should only be changed when APs are moved closer or further apart from each other. This parameter is only available when the AP is in workgroup bridge mode. See AP Density and Roaming on page 2-10 for more information.
Modifying Wireless Parameters • IntraBSS Relay: When enabled, it allows wireless users associated with an AP to see and communicate between each other. This is accomplished by taking a multicast packet from one wireless user and rebroadcasting it so that all wireless users see it. When disabled, it prevents communication between users associated with an AP.
Configuring for VLANs Configuring for VLANs The RoamAbout AP supports the forwarding of tagged VLAN data. The RoamAbout R2 can be configured to forward VLAN data to specific endpoints. The Access Point 2000 can only be configured to forward or not forward VLAN data. When forwarding VLAN data, the Access Point 2000 forwards to all endpoints. NOTE: VLAN 1 is a default VLAN used by the R2 to allow pass-through of untagged data.
Configuring for VLANs Ports are displayed according to the Remote Wireless MAC addresses you set up for the RoamAbout R2 configuration. In the LAN-to-LAN multipoint configuration, the ports are assigned according to the wireless MAC Addresses you entered in the Multipoint Properties dialog box. The ports are defined as follows: • Port 1: The 10/100 Ethernet Port. • Port 2: R2 Slot 1 if the slot is in LAN-to-LAN endpoint mode. • Ports 2 through 7: R2 Slot 1 if the slot is in LAN-to-LAN multipoint mode.
Configuring for VLANs To enable or disable GVRP (RoamAbout R2 only): 1. Click on the VLAN Parameters button. 2. Enable or disable GVRP. 3. Click on OK. To enable or disable VLAN compatibility on the AP 2000: 1. Click on the VLAN Parameters button. 2. Enable or disable Allow Tagged Packets. 3. Click on OK. Using the RoamAbout R2 Web Interface To access the VLAN configuration pages, click on VLANs/Multicast Groups in the navigation tree.
Setting Spanning Tree Setting Spanning Tree It is important to avoid point-to-multipoint configurations that will cause bridge loops. A bridge loop occurs when two parallel network paths are created between any two LANs, causing packets to be continuously regenerated through both parallel paths. This situation eventually renders the network unusable due to the excessive traffic that is being generated by the loop.
Setting Spanning Tree Using the Access Point 2000 Console Port You can enable or disable the Spanning Tree when in endpoint bridge mode. Spanning Tree is disabled when in workgroup bridge mode and enabled in multipoint bridge mode. To enable or disable Spanning Tree using the console port, perform the following: 1. Choose Module-Specific Options from the RoamAbout AP Installation Menu. 2. Choose Bridge Mode Options. 3. Choose Set Spanning Tree Mode and set to Enabled or Disabled. 4.
Filtering Traffic by Protocols Filtering Traffic by Protocols Using the AP Manager only, you can configure the AP to NOT forward specific protocol traffic to the wireless network. This could reduce unnecessary traffic and increase the network response time. However, filtering the wrong protocols can negatively affect the operation of the network. When solving network problems, you should clear all filters. To select the protocol to filter using the AP Manager, perform the following steps: 1.
Filtering Traffic by Protocols Table 5-4: Protocols to Filter(Cont’d) Protocol Description LAT Does not forward Local Area Transport (LAT) packets. Used primarily in terminal/server communication. AppleTalk Ethernet II Does not forward AppleTalk packets carried in Ethernet V2 frames. Used primarily in Apple native networking. AppleTalk AARP Does not forward AppleTalk AARP packets. Used primarily in Apple native networking.
Filtering Traffic by Addresses Filtering Traffic by Addresses Using the AP Manager only, you can filter traffic to the network using Address Denied, or you can restrict access to the network using Addresses Allowed. The device can be on either side of the AP (wired or wireless). You identify the device by its MAC address. The maximum number of entries for each AP in the list is 128 entries. • Addresses Denied The AP does not forward traffic from a device with its MAC address in the Addresses Denied field.
Limiting Traffic Limiting Traffic The R2 has the capability to limit broadcast traffic. The AP 2000 can limit multicast traffic. R2 Broadcast Rate Limit The broadcast rate limit filter only applies to incoming traffic on the selected interface. NOTE: Unicast packets with an unknown MAC destination address are treated as broadcast packets. To limit broadcast traffic, enable or disable broadcast rate limiting at each interface.
Checking the Configuration on Multiple APs Checking the Configuration on Multiple APs The AP Manager provides integrity tests that check for consistent settings across all the APs in a single group. Use the integrity tests to make sure that the APs in a single wireless network are configured correctly. To access the tests, click on Integrity on the AP Manager menu bar.
Resetting the RoamAbout AP Resetting the RoamAbout AP This section describes how to reset the AP. • Reset with Current Settings If you change any wireless configuration parameter, such as the wireless network name or channel, you must select this option to reset the AP to implement your changes. Allow approximately one minute for the AP to reset and complete its self-test. — From the AP Manager, select Reset then select Reset with Current Settings.
Configuring Clients • Hardware Reload/Reset button — RoamAbout R2. The R2 has a reload/reset button that is only used to download a new image from a TFTP server, as described in Using the AP Hardware Reset Button on page 7-18. When downloading a new image, the R2 automatically resets to the factory default values. — AP 2000. The AP’s reload/reset button forces the AP to download a new firmware image from a BootP/TFTP server and reset to factory default values.
Chapter 6 Configuring for Security This chapter provides the procedures to configure the RoamAbout APs for security. Before performing these procedures, the APs must be configured in a wireless network as described in Chapter 5.
Determining Security for Your Wireless Network Determining Security for Your Wireless Network This section describes the security measures you can implement in each type of wireless network, as well as the security features used when managing the AP.
Determining Security for Your Wireless Network Security for Managing a RoamAbout AP The RoamAbout R2 can be managed from the AP Manager, a Network Management Station (NMS) using SNMP, the R2 console port, Telnet which accesses the console port menu, and the R2 web interface. NOTE: The RMON parameters and Aging Timer on the AP can only be changed by an NMS. Review these suggestions to maximize security when managing an R2: • Determine which tools need to access the AP.
Setting Secure Access Setting Secure Access Secure Access only applies in a wireless infrastructure network. This parameter is only available at the AP. When Secure Access is enabled, the AP denies access to wireless clients that do not use the correct wireless network name. When Secure Access is disabled, the AP allows access to wireless clients that use ANY (all uppercase) as the wireless network name or have a blank wireless network name.
Setting Encryption Setting Encryption Before configuring encryption on the AP, determine the encryption parameters as follows: 1. Create up to four keys, where the keys can be: — 5 printable characters or 10 hexadecimal digits if the RoamAbout PC Card supports 40-bit WEP encryption. — 13 printable characters or 26 hexadecimal digits if the RoamAbout PC Card supports 128-bit encryption. You must create at least one key. The printable character keys are case-sensitive.
Setting Encryption Using the RoamAbout R2 Console Port or Telnet 1. Choose Wireless Configuration from the Main Menu. 2. Choose Encryption Configuration. 3. Choose the slot to configure. 4. Enter the encryption parameters as described previously. The Exclude Unencrypted setting, when enabled, prevents the AP from communicating with clients that do not use encryption. 5. Reset Option: Set to Reset Radio if necessary (default setting). 6. Choose Save. 7.
Setting Encryption Using the Access Point 2000 Console Port 1. Choose Module-Specific Options from the RoamAbout AP Installation Menu. 2. Choose Set Encryption Configuration. 3. Enter the encryption parameters as described previously. The Set Exclude Unencrypted setting, when enabled, prevents the AP from communicating with clients that do not use encryption. 4.
Configuring the R2 for SNMPv1 or SNMPv2c Configuring the R2 for SNMPv1 or SNMPv2c The RoamAbout R2 supports SNMPv3. To support management tools using SNMPv2c or SNMPv1, the R2 provides four community names that allow SNMPv1 and SNMPv2c read-only and read-write access. The names are disabled by default with the exception of Community Name #1, which is set to public. The community names are only accessible from the R2 console port.
Configuring the AP for Authentication Configuring the AP for Authentication Authentication uses a RADIUS server to authenticate wireless clients in a wireless infrastructure network. Refer to Authentication on page 2-16 for a description of the types of authentication. The following lists the basic tasks to configure for authentication: • Configuring a RADIUS server (not described in this document). • Configuring the AP as a RADIUS client and choosing the type of authentication.
Configuring the AP for Authentication Using the AP Manager To enter a custom RADIUS Management Authenticator, perform the following steps: 1. Click on the Authentication button in the RoamAbout AP Manager main window. 2. Click on the Change Authenticator button. The RADIUS Client Management Authenticator dialog box displays. 3. Click on the Custom radio button. 4. Enter the Custom Authenticator. The format is 16 printable ASCII characters, or 32 hexadecimal digits preceded by 0x. 5. Click on OK.
Configuring the AP for Authentication 5. Choose Save. NOTE: If you use the AP Manager after you set the Authenticator in the console, you must set the AP RADIUS Management Authenticator to match the Authenticator you set in the console. Configuring the AP for Authentication Before you can configure the AP as a RADIUS client, you must choose the type of authentication to use: MAC address, 802.1X, or both.
Configuring the AP for Authentication If using 802.1X or hybrid authentication, you need the following 802.1X parameter settings: • Reauthentication: When enabled, authenticates 802.1X clients at regular intervals. When disabled, clients are only authenticated once. • Time Between Reauthentications: Time, in minutes, between each reauthentication when Reauthentication is enabled. The default is 60 minutes.
Configuring the AP for Authentication 5. If you enabled MAC or 802.1X authentication, perform the following to implement your changes. If only changing RADIUS or 802.1X parameters, a reset is not needed. R2 AP: Select Reset from the main window. Select Reset Slot x, where x is the slot (1 or 2) you configured. AP 2000: If prompted, reset the AP. Otherwise, select Reset from the main window. Select Reset with Current Settings. Allow approximately one minute for the AP to reset and complete its self-test.
Configuring the AP for Authentication Using the RoamAbout R2 Web Interface 1. Open Authentication in the navigation tree. 2. Select Slot 1 or Slot 2. 3. Select the authentication mode: MAC, 802.1X, or Hybrid. The None option disables authentication. 4. If you selected 802.1X or Hybrid authentication, enter the 802.1X parameters. 5. Optionally, if you selected 802.1X or Hybrid authentication, enable Rapid Rekeying and enter its parameters.
Configuring the AP for Authentication Using the Access Point 2000 Console Port 1. Choose Module-Specific Options from the RoamAbout AP Installation Menu. 2. Choose Authentication Options. 3. Choose Configure RADIUS Client. 4. Choose Enable/Disable RADIUS Authentication. Enable this setting. 5. In the Configure RADIUS Client Parameters menu, choose Enter All RADIUS Client Parameters. 6. Enter all the RADIUS client parameters.
Configuring RADIUS Accounting Configuring RADIUS Accounting The RADIUS accounting feature allows the AP to save accounting data on a RADIUS accounting server, as described in RADIUS Accounting on page 2-23. Accounting is only available on the R2, which must also be configured for authentication. To configure the R2 for accounting, have the following RADIUS accounting information available: 6-16 • Primary Accounting Server IP Address: IP Address of the primary RADIUS accounting server.
Configuring RADIUS Accounting • Interim Interval Minimum: If the RADIUS server overrides the Interim Interval setting, this setting determines the minimum number of minutes between each interim update. If the RADIUS server interim interval is smaller than this setting, the R2 uses this setting. The minimum value for this setting is 1; however, the value SHOULD NOT be smaller than 10 (default), and careful consideration should be given to its impact on network traffic. Using the AP Manager 1.
Configuring for Rapid Rekeying Configuring for Rapid Rekeying To use Rapid Rekeying, you must set up the AP for 802.1X authentication, as described in Configuring the AP for Authentication on page 6-9. Rapid Rekeying must be configured on the AP and the wireless clients. The following lists the Rapid Rekeying parameters: • Time Between Key Changes (or Rekeying Period): This is the interval, in minutes, that the AP waits before starting a new key sequence. Time can be 1 to 525600 minutes.
Configuring for Rapid Rekeying Using the Access Point 2000 Console Port 1. Choose Module-Specific Options from the Installation Menu. 2. Choose Authentication Options. 3. Choose Configure Wireless Authentication Type. 4. Choose 802.1X Authentication with Rapid Rekeying. 5. Enter the 802.1X activation key, then enter the 802.1X parameters as described in Configuring the AP for Authentication on page 6-11. 6. Choose Configure Rapid Rekeying Parameters from the Authentication Options menu. 7.
Configuring for Rapid Rekeying Set Up Rapid Rekeying on the Clients This section describes how to set up Rapid Rekeying on a Windows XP client. For more information, refer to the Release Notes or the Readme file that came with the RoamAbout PC Card driver. 1. Open the Control Panel by selecting Start→Programs→Control Panel. 2. In the Control Panel, open Network Connections then open the Wireless Network Connection (RoamAbout 802.11 DS). 3.
Configuring for Rapid Rekeying 6. In the Wireless Network Properties window (shown below), select the following: a) Check the box marked Data encryption (WEP enabled). b) Check the box marked The Key is provided for me automatically. c) Un-check any other checked boxes. d) Click on OK to apply the changes. 7. Click on OK, or Close, to close all open windows.
Configuring for Secure Telnet Sessions Configuring for Secure Telnet Sessions This section describes how to configure Secure Shell for secure Telnet sessions with a RoamAbout R2. For additional information on Secure Shell, refer to Secure Telnet Sessions on page 2-21. The following describes the Secure Shell parameters: • Host Key Type: The key type is RSA or DSA, along with the size of the key in bits, which can be 512, 768, 1024, 2048, and 3072.
Configuring for Secure Web Management Sessions Configuring for Secure Web Management Sessions This section describes how to configure TLS for secure web sessions with a RoamAbout R2. Note that enabling TLS does not prevent users from having normal web sessions. For additional information on TLS, refer to Secure Web Sessions on page 2-22. The following describes the TLS parameters: • Host Key Type: The key type is RSA along with the size of the key in bits, which can be 512, 768, 1024, 2048, and 3072.
Configuring the Console Port for Security Configuring the Console Port for Security For the AP 2000, the AP Manager and any other SNMP Manager must have the correct read/write community name associated with the AP; otherwise, the tool cannot make any changes to the AP. For the R2, the AP Manager and any other SNMP Manager must have the correct Authentication and Privacy passwords. AP Manager For the AP 2000, the AP Manager can change both the read-only and read/write SNMP community names.
Configuring the Console Port for Security Using the RoamAbout R2 Web Interface You can enable or disable web or Telnet access to the RoamAbout R2 as follows: 1. Open Management Configuration in the navigation tree. 2. Select Telnet/Web. 3. Enable or disable each interface. 4. Select Save. To change the password used by the console port and web interface, perform the following: 1. Open Management Configuration in the navigation tree. 2. Select Change Password. 3.
Chapter 7 Maintaining the Wireless Network To maintain the wireless network, you should regularly check the wireless coverage area, communications quality, and data throughput efficiency. As your environment changes, you may need to adjust wireless parameters or move APs to account for new obstructions or new sources of radio interference. You may also need to add APs should the number of users increase. In addition, you should regularly check the RoamAbout Wireless web site for product updates.
Testing Radio Communications Quality Testing Radio Communications Quality You can test the radio communications quality from the AP to another wireless device using the AP Manager, or from a client to another wireless device using the RoamAbout Client Utility. Using the AP Manager The RoamAbout AP Manager provides a Link Test tool that tests the signal quality from the AP to a client or another AP. Click on the Help button in any window for more information. 1.
Testing Radio Communications Quality Using the RoamAbout Client Utility This procedure requires the RoamAbout Client Utility on a RoamAbout client. The RoamAbout Client Utility Link Test window allows you to investigate the specific link between the RoamAbout client and its test partner. Click on the Help button in any window for more information. 1. To start the Client Utility, perform the following: — Click on the Client Utility icon Taskbar.
Testing Radio Communications Quality A low signal level indicates that the client and the test partner may be too far apart or there may be obstructions between them. If possible, remove the obstructions, move the devices closer, or use the optional Range Extender antenna described in Range Extender Antenna on page 1-17. 4. Check the Total Messages column. Data throughput efficiency is measured in messages sent, lost, or received. 5. Divide the number of Messages Lost by the number of Messages Sent.
Optimizing RoamAbout AP Placement If one or more clients are transmitting simultaneously with the AP in an infrastructure network, you may need to lower the RTS Threshold on the AP as described in the RTS/ CTS Protocol on page 2-11. If the concentration of users per AP is high, you may need to place the APs closer together to distribute the load, or add APs to the wireless network. To measure values over time, click on the Test History tab.
Optimizing RoamAbout AP Placement To open the Site Monitor window, perform the following steps: 1. To start the Client Utility, perform the following: — Click on the Client Utility icon Taskbar. located on the System Tray of your Windows or — From the Windows Taskbar, click on Start, then select Programs→RoamAbout→RoamAbout Client Utility. 2. Click on the Advanced drop-down menu and select Site Monitor. 3. Select the network in the Selection tab if you have multiple wireless networks. 4.
Optimizing RoamAbout Outdoor Antenna Placement 5. Check the signal level and noise level if the SNR is low between the AP and the wireless device. If the signal level is low, the devices may be too far apart or there are obstructions between them. If the noise level is high, determine the source of interference by selecting other clients. If available, use the RoamAbout Client Utility Site Monitor tool at a mobile client to better determine the location of the interference.
Logging Measurement Data Logging Measurement Data You can save the results of your RoamAbout Client Utility Link Test or Site Monitor session in a log file. For information about a Client Utility window, press while in that window. You can use this log file to: • Evaluate the results at a later time. • Compare the results with previous measurements, which may help you investigate the performance of your wireless LAN over a period of time.
Checking the Client RoamAbout PC Card Checking the Client RoamAbout PC Card The RoamAbout Client Utility has a Diagnose Card tool that allows you to investigate the operation of your RoamAbout PC Card and the installed driver. Run the card test only in situations where there is a card failure or when you suspect a configuration mismatch. When contacting RoamAbout technical support, the card test results may help the support representative determine the cause of a malfunctioning device.
Monitoring the AP Using RMON Monitoring the AP Using RMON The AP supports four of the nine Remote Network Monitoring MIB (RMON) groups: • Statistics - Contains statistics measured by the probe for the wired LAN and the wireless LAN interfaces. • History - Records periodic statistical samples from a network and stores them for later retrieval. • Alarm - Periodically takes statistical samples from variables in the probe and compares them to previously configured thresholds.
Monitoring RADIUS Client Operations Monitoring RADIUS Client Operations You can view the currently connected clients, also called supplicants, and their states. You can also monitor the RADIUS authentication client and RADIUS accounting statistics for the primary and secondary RADIUS servers. Using the AP Manager To view the currently connected wireless clients, select the AP in the main window and click on the Clients button.
Monitoring RADIUS Client Operations Using the Access Point 2000 Console Port 1. Choose Module-Specific Options from the RoamAbout AP Installation Menu. 2. Choose Authentication Options. 3. To view the currently connected wireless clients, choose Show Wireless Supplicants. 4. To view the RADIUS counters, choose Monitor RADIUS Client Operation. The menu options are: List RADIUS Client Statistics: Displays the AP RADIUS counter information. List RADIUS Client Parameters: Displays the AP RADIUS configuration.
Monitoring RADIUS Client Operations Table 7-1: RADIUS Client Statistics Menu - Field Descriptions Field Description Round Trip Time Time interval (in hundredths of seconds) between the most recent Access-Reply/ Access-Challenge and the Access-Request that matched it from the RADIUS authentication server. Access Requests Number of RADIUS Access-Request packets sent to the server. This does not include retransmissions.
Monitoring RADIUS Client Operations Table 7-2: RADIUS Client Accounting Statistics Menu - Field Descriptions 7-14 Field Description Round Trip Time Time interval (in hundredths of seconds) between the most recent Accounting-Response and the Accounting-Request that matched it from the RADIUS accounting server. Accounting Requests Number of RADIUS Accounting-Request packets sent to the server. This does not include retransmissions.
Checking RoamAbout Product Version Numbers Checking RoamAbout Product Version Numbers Using AP Manager To check the RoamAbout AP firmware version, run the RoamAbout AP Manager, click on the Hardware button and check the software version (SW=Vx.x). Refer to the AP Manager on-line help for additional information. Using the RoamAbout R2 Console Port or Telnet Choose Current Configuration from the Main Menu.
Upgrading the RoamAbout AP Firmware Upgrading the RoamAbout AP Firmware The AP firmware, also called embedded software, can be easily upgraded. Regularly check the RoamAbout web site for the latest information concerning RoamAbout updates. To upgrade the AP, copy the image file from the web site to the same directory as the AP Manager or BootP/TFTP server. • For the Access Point Classic, select the latest V*.BIN file for firmware upgrades. • For the Access Point 2000, select the N*.
Upgrading the RoamAbout AP Firmware Using the RoamAbout R2 Console Port or Telnet 1. Make sure that you have properly configured a BootP/TFTP server. 2. Choose Reset/Upgrade from the Main Menu. 3. Choose Upgrade Flash. 4. Enter the following: Image Path: If using NetRider Loader, only enter the filename. Otherwise, enter the path to the image file relative to the TFTP server’s local root directory. For example: c:\rmabt\image\filename.
Upgrading the RoamAbout AP Firmware Using the Access Point 2000 Console Port Do not choose the Save command when using the Upgrade Flash command. 1. Make sure that you have properly configured a BootP/TFTP server. 2. Choose Module-Specific Options from the Access Point Installation Menu. 3. Choose Upgrade Flash from the next menu. 4. Choose BootP Server if a BootP server has been configured with the correct file. Choose TFTP Server if you wish to upgrade the AP with a specific image.
Replacing the PC Card in an AP Replacing the PC Card in an AP You may need to replace a defective PC Card or upgrade the PC Card in an AP. If upgrading the AP from a 2 Mbit/s PC Card to an 11 Mbit/s PC Card, make sure that the AP firmware version is V5.0 or greater, as described in Checking RoamAbout Product Version Numbers on page 7-15. NOTE: Refer to the Regulatory information, FCC requirements, and installation information shipped with the PC Card before you install it.
Chapter 8 Problem Solving This chapter contains problem solving information for the RoamAbout wireless network. If the problem appears to be with an AP or a specific client, check the LEDs first. The AP LEDs are described in the next section. The client LEDs are described in RoamAbout PC Card LED Activity in a Client on page 8-19.
Using the AP LEDs to Determine the Problem Using the AP LEDs to Determine the Problem The AP LEDs show status and help diagnose problems. The following sections describe the LEDs on the AP 2000 and the original release of the AP. Figure 8-1 shows the RoamAbout APs. Figure 8-1: RoamAbout APs Acce ss Po 1 S1 int S2 1 TU V 2 SN MA AD C D R2 Wireless Access Platform Access Point 2000 Access Point Classic RoamAbout R2 LEDs Table 8-1 describes the function of each LED.
Using the AP LEDs to Determine the Problem Table 8-1: RoamAbout R2 LED Descriptions Name Description System Status Lights when the RoamAbout R2 passes self-test. If the RoamAbout R2 fails the test, the LED blinks at a steady rate. Power Lights when the power is on. Wired Forwarding Lights when the RoamAbout R2 is forwarding packets to the wired Ethernet port. 1 Wireless Forwarding (Slot 1) Lights when the RoamAbout R2 is forwarding packets to the wireless port (slot 1).
Using the AP LEDs to Determine the Problem Table 8-2: RoamAbout R2 LED Patterns Wireless LAN Slot 2 2 Wireless Forwarding Slot 2 Wireless LAN Slot 1 1 3 Wireless Forwarding Slot 1 2 Wired Forwarding Power System OK Meaning of LED Pattern 1 No power. Check power connections. Diagnostics failed. If pattern continues to display, contact technical support. Normal operating mode. R2 is waiting for the Spanning Tree. No action required.
Using the AP LEDs to Determine the Problem AP 2000 LEDs Table 8-3 describes the function of each LED. Error conditions cause the LEDs to turn on, off, or blink in a pattern. Table 8-4 describes the patterns, the most likely causes, and possible corrective actions. Table 8-5 describes the LED patterns during an AP firmware upgrade. If you suspect an AP failure, run the self-test by removing then reapplying AC power.
Using the AP LEDs to Determine the Problem Table 8-4: RoamAbout AP 2000 LED Patterns Wired LAN Wireless LAN AP Saturated 2 Bridge State Power/ System Status Meaning of LED Pattern 1 No power. Check the power connections. Diagnostics failed. The AP automatically resets after one minute. If the pattern continues to display, contact technical support. Normal operating mode. AP is waiting for the Spanning Tree. No action is required. or Spanning Tree detected a bridge loop and disconnected the port.
Using the AP LEDs to Determine the Problem Table 8-5: RoamAbout AP 2000 Network Loading LED Patterns Wired LAN Wireless LAN AP Saturated 2 Bridge State Power/ System OK Meaning of LED Pattern 1 Downline loading image from load host. TFTP file not found or other TFTP error. (LEDs blink 10 times.) Upgrading Flash. (LEDs blink then turn on one at a time starting with Wireless LAN.) All LEDs, except Wired LAN, are on when the Flash upgrade is successful. Invalid load image.
Using the AP LEDs to Determine the Problem AP (Classic) LEDs Table 8-6 describes the LED functions. Table 8-7 describes the patterns, likely causes, and possible corrective actions. Table 8-8 describes the patterns during a firmware upgrade. Table 8-6: AP (Classic) LEDS Name Description Power OK Lights (green) when the AP has power. Module OK Lights (green) when the AP passes its power-up self-test. The LED is off if the AP fails the test.
Using the AP LEDs to Determine the Problem Table 8-7: AP (Classic) LED Patterns Power OK Module OK Wired LAN Bridge State Saturated 1 Wireless LAN Card Present Meaning of LED Pattern 2 Ethernet connection is not working or there is a hardware failure. Failure while initializing/testing the memory. Normal operating mode. Waiting for the Spanning Tree. No action is required. AP is occasionally saturated due to excessive traffic. No action is required. PC Card is defective.
Using the AP LEDs to Determine the Problem Table 8-8: AP (Classic) Network Loading/Upline Dumping LED Patterns Power OK Module OK Wired LAN Bridge State Saturated 1 Wireless LAN Card Present Meaning of LED Pattern 2 Waiting for downline load from load host Downline loading image from load host Firmware error detected while downline loading image from load host TFTP file not found Waiting for retry of TFTP load Upgrading Flash Flash upgrade successful Invalid (wrong) load image Unsuccessful Flash up
Showing Counters Showing Counters You can display the values of all the counters maintained by the AP. This information can help you monitor the performance of your wireless network or better understand a problem. Typically, this information is used by RoamAbout support personnel to help you diagnose a problem. Using the AP Manager Perform the following to show a subset of the counters using the AP Manager. For a description of the counters, click on the Help button. 1.
Showing Counters Table 8-9: RoamAbout AP (Classic and 2000) Counters Counter Description Individually addressed bytes sent Total number of bytes transmitted by the interface as part of unicast messages. Normal behavior for this counter shows a relatively high value that is increasing rapidly. Multicast bytes sent Total number of bytes transmitted by the interface as part of multicast messages. This value is expected to be a large number.
Showing Counters Table 8-9: RoamAbout AP (Classic and 2000) Counters (Cont’d) Counter Description Single collision Number of successfully transmitted frames on the selected interface for which transmission is inhibited by exactly one collision. Frames counted in this counter are not counted by the MultipleCollisionFrames counter. Multiple collisions Number of successfully transmitted frames on the selected interface for which transmission is inhibited by more than one collision.
Showing Counters Table 8-10: RoamAbout AP (Classic and 2000) PC Card Counters Counter Description Individually addressed frames sent (TxUnicastFrames) Number of messages sent by the PC Card that are destined for another wireless device. In most LAN applications, it is normal behavior for this counter to have a high value and continuously increase (you can see it run). For example, this counter should increase rapidly when running the Link Test.
Showing Counters Table 8-10: RoamAbout AP (Classic and 2000) PC Card Counters (Cont’d) Counter Description Transmit retry limit exceeded frames (TxRetryLimitExceeded) Number of messages that could not be delivered after the maximum number of retransmissions. You can use this counter with TxDiscards to identify a wireless network that is overloaded due to severe interference or excessive load of wireless data traffic.
Showing Counters Table 8-10: RoamAbout AP (Classic and 2000) PC Card Counters (Cont’d) Counter Description Wrong station address on transmit (TxDiscardsWrongSA) Number of times a message transmission was not done because a wrong MAC address was used by the protocol stack. A non-zero value indicates an error situation in the communication between the driver and protocol stack.
Showing Counters Table 8-11: RoamAbout R2 Counters Counter Wired Description DropEvents Total number of events in which packets were dropped by the probe due to lack of resources. This number is not necessarily the number of packets dropped; it is just the number of times this condition has been detected. Octets Total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets).
Displaying Error Logs Table 8-11: RoamAbout R2 Counters (Cont’d) Counter Wired Description Pkts 128 to 255 Octets Total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets). Pkts 256 to 511 Octets Total number of packets (including bad packets) received that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets).
RoamAbout PC Card LED Activity in a Client RoamAbout PC Card LED Activity in a Client If you encounter difficulty using a RoamAbout client, the error may be related to various causes, such as: • Out-of range situation, which prevents the PC Card from establishing a wireless connection with the network. • Configuration mismatch, which prevents the PC Card from establishing a wireless connection with the (correct) network. • Absence of or conflict of the RoamAbout Driver.
RoamAbout PC Card LED Activity in a Client Table 8-12: RoamAbout PC Card LED Description Power LED Transmit /Receive LED Continuous Green Blinking Standard operational mode: Card is powered on. Sensing/transmitting wireless data. • • Off Flicker Description/Action Flicker • • Card is powered on. A network connection was established but currently there is no wireless activity. This could be a normal situation. Also, the client may have moved out of the range of the wireless network.
Windows Does Not Detect the RoamAbout PC Card Windows Does Not Detect the RoamAbout PC Card If the RoamAbout PC Card was properly working at one time in the client, the problem could be one of the following: • The PC Card is no longer properly inserted. Reinsert the PC Card into the PC Card slot. • The PC Card was removed and reinserted but the computer requires a reboot to recognize the PC Card. Restart the computer. • The RoamAbout PC Card driver was improperly removed or corrupted.
Checking the Network Protocols on a Windows System Checking the Network Protocols on a Windows System To verify that the client is configured for the correct type of networking and networking protocols on Windows 95, 98, and Me operating systems: 1. From the Windows desktop, click on Start then select Settings→Control Panel. 2. Double-click on Network. Verify that the list of network components includes Client for Microsoft Networks and, optionally, Client for NetWare Networks. 3.
Device Conflict on a Windows System Device Conflict on a Windows System A device conflict under Windows NT may be related to the RoamAbout ISA card or PC Card. To detect which card is causing the conflict, use the Windows NT diagnostics. This problem can also appear on Windows 98 and the early version of Windows 95 (OSR0).
Device Conflict on a Windows System 6. Enter the I/O Port and IRQ values that you wrote down. A conflict can still occur even after using the Windows NT Diagnostics program to determine unused I/O port addresses and IRQ values. This can happen when your computer has one or more devices and/or peripherals installed that claimed an I/O Base Address or IRQ value without notifying the Windows NT operating system. Therefore, the Windows NT Diagnostics program does not display these values as used.
Device Conflict on a Windows System Changing the ISA Adapter Address If the device conflict is related to the I/O port address of the ISA card, you can change the ISA address by changing the jumper setting on the ISA card (Figure 8-3).
Setting SNMP Trap Addresses (Access Point 2000 Only) Setting SNMP Trap Addresses (Access Point 2000 Only) To have the AP send SNMP traps, you need to enter the IP address of the device where the trap is to be sent. A trap is a defined event or condition detected by the RoamAbout AP SNMP agent. NOTE: This feature is not available on the RoamAbout R2. The AP sends an SNMP trap when any of the following events occur: • AP is powered on (coldstart trap).
Setting Upline Dump (Access Point 2000 Only) Setting Upline Dump (Access Point 2000 Only) The upline dump mode is disabled by default. This option allows you to specify whether the AP uploads diagnostic information about itself in the event of a crash. This option should be DISABLED unless a support representative tells you otherwise. NOTE: This feature is not available on the RoamAbout R2.
Appendix A PC Card Information Consult your authorized RoamAbout reseller sales office for information about the radio regulations that apply in your country. Radio Characteristics Table A-1: 802.
Radio Characteristics Signal strength can be affected by closeness to metal surfaces and solid high-density materials. The ranges listed above provide a general guideline and may vary according to the actual physical environment where the product is used. • • In open environments, there are no physical obstructions between antennas. In semi-open environments, work space is divided by shoulder-height, hollow wall elements; antennas are at desktop level.
Supported Frequency Sub-Bands Supported Frequency Sub-Bands The RoamAbout PC Card supports a number of factory-programmed channels. The number of available frequencies is subject to local radio regulations as defined by local authorities. In RoamAbout infrastructure environments, the RoamAbout PC Card automatically starts operation at the frequency channel that is used by the RoamAbout AP. This frequency is controlled by the LAN administrator who sets the RoamAbout AP configuration.
Appendix B Connecting a Device to the Console Port This Appendix describes how to connect a device to the console port. Refer to the Hardware Installation Guide for more information. You can manage the AP using its console port or using the RoamAbout AP Manager program. You do not need to use the console port if you use the AP Manager. You can connect a terminal or personal computer running terminal emulation software to the console port.
For the RoamAbout R2 Wireless Access Platform: Pin Assignment [1, 4, 6]* (1) Data Carrier Detect (DCD) (4) Data Terminal Ready (DTR) (6) Data Set Ready (DSR) 2 3 5 7, 8* 9 Receive Data (RXD) Transmit Data (TXD) Ground (7) Request to Send (RTS) (8) Clear to Send (CTS) No connect 1 6 5 9 LKG-8996-931-01 * [1,4,6] and [7,8] are tied together. 3. If using a terminal, configure the transmit and receive baud rates to 9600 baud only. 4.
5. Press until the RoamAbout Main Menu is displayed. The Installation Menu allows you to display and modify various AP and wireless networking parameters. If this is a RoamAbout R2, you are prompted for a username and password. The default username is admin and the default password is password. NOTE: If your screen remains blank after 3 seconds, press the Ctrl and L keys together. If the screen still remains blank, shut down the terminal emulation program and restart it.
Appendix C ASCII to HEX Conversion This appendix provides the ASCII to HEX conversion for use with third party products that do not allow ASCII entry of encryption keys.
C-2 ASCII Value HEX Value J j K k L l M m N n O o P p Q q R r S s T t U u V v W w X x Y y Z z 4A 6A 4B 6B 4C 6C 4D 6D 4E 6E 4F 6F 50 70 51 71 52 72 53 73 54 74 55 75 56 76 57 77 58 78 59 79 5A 7A
Glossary access platform See R2 Wireless Access Platform. access point A wired to wireless bridge that connects a wireless LAN to a wired Ethernet LAN. ad-hoc network A group of wireless clients that participate in wireless communication without connection to a wireless infrastructure network. An ad-hoc network does not include APs. Ad-hoc networks are also referred to as peer-to-peer networks.
Glossary broadcast message A data message that is transmitted by a wired or wireless device to all devices within a network. Broadcast messages are forwarded across the AP. broadcast storm An occurrence where a large number of broadcast messages are sent through the network, usually degrading network performance. cell A single AP and its wireless clients within a wireless infrastructure network containing multiple APs. channel (frequency) The center radio frequency that the wireless device uses to transmit.
Glossary encryption algorithm A formula used to turn data into a secret code. Each algorithm uses a string of bits known as a "key" to perform the calculations. The larger the key (the more bits in the key), the greater the number of potential patterns can be created, thus making it harder to break the code and descramble the contents. RoamAbout uses the RC4 Algorithm for 40 and 128 bit WEP encryption.
Glossary IEEE The Institute of Electrical & Electronics Engineers, Inc. (IEEE) is an organization that develops standards for electrical and electronic equipment. IEEE 802.xx standards define the access technologies for local and metropolitan area networks. IEEE 802.11 IEEE 802.11 compliant networking products based on the same type of distribution system are interoperable with one another regardless of the device’s manufacturer. 802.11 provides 1 or 2 Mbps transmission in the 2.4GHz band. 802.
Glossary omni-directional antenna An antenna that radiates RF signals in all directions. An omni-directional antenna typically has a lower gain and covers less distance than a directional antenna. A 7 dBi omni-directional antenna is available as an option for the RoamAbout AP. PC card A network card that installs in an AP or wireless client to provide wireless connectivity in a LAN environment.
Glossary RADIUS RADIUS (Remote Authentication Dial-In User Service). RADIUS is an IETF standard protocol for Authentication, Authorization and Accounting. range extender antenna An indoor antenna that extends the coverage area of a RoamAbout wireless device. Rapid Rekeying Also known as Key Tumbling, provides frequent, automatic, redistribution of IEEE 802.11 WEP Encryption keys for enhanced security. RoamAbout AP Manager Software used to manage and configure one or more APs.
Glossary SSH Secure Shell. SSH is a protocol used by the RoamAbout R2 for a secure remote login via Telnet. When enabled, SSH disables the standard Telnet sessions. The clients must be configured with an SSH application that supports SSH V2 or later. supplicant Another name for wireless client. See wireless client. TLS Transport Layer Security. TLS is a protocol based on SSL 3.0, and used for a secure web session with the RoamAbout R2.
Glossary wireless network A collection of end-user systems connected together using a medium such as radio frequency or infrared technology. The RoamAbout products use radio frequencies. wireless relay (Access Point 2000 only.) When enabled, the multipoint AP relays messages from one AP to another. When disabled, each of the APs in the LAN-to-LAN multipoint configuration can only communicate with the multipoint AP and its wired LAN.
Index Numerics 802.11 standard 802.11b 2-2 802.1X 2-2 definition 2-2 802.1X activation key description 6-12 entering 6-19 802.1X authentication overview 2-17 parameters 6-12 802.1X Rapid Rekeying See Rapid Rekeying 802.
Index Apple Classic network protocol 2-24 Apple computer 2-24 Apple Open Transport protocol 2-24 AppleTalk filter 5-30 ASCII character encryption key 6-5 ASCII to HEX conversion C-1 authentication configuring 6-9–6-15 overview 2-16 authentication trap 8-26 auto rate 2-8 B B*.
Index Client Utility card diagnostics 7-9 description link test 7-3 Site Monitor 7-5 site monitor 7-5 starting 7-3 test history 7-5 version 7-15 coldstart trap 8-26 Comma Separated Value (CSV) file 7-8 communications quality description 2-9 testing 7-2–7-3 community name See read/write community name See read-only community name community views accessibility 4-5 description 6-8 computer name 8-22 configuration file (*.
Index distances ad-hoc network 3-8 infrastructure network 3-3 LAN-to-LAN 3-7 DS (Direct Sequence) 1-4 DSA key 2-21 DTIM description 2-13 infrastructure network 5-3 modifying 5-22 dynamic address learning 1-3 dynamic VLAN 2-30 E EAP with RADIUS 2-17 with UPN 2-3 EAP-MD5 with Rapid Rekeying 2-18 EAP-TLS with Rapid Rekeying 2-18 encryption ASCII to HEX conversion C-1 configuring 6-5 counter 8-13, 8-16 description 2-15 endpoint AP choosing bridge mode 5-13 description 1-10 endpoint bridge mode See point-to-poin
Index I I/O base address 8-23–8-24 IEEE definition 2-2 IGMP 5-3 image file 7-16 infrastructure network required information 5-2 wireless parameters 5-2–5-3 ingress filtering 2-30 Integrity tests 5-33 IntraBSS infrastructure network 5-3 modifying 5-23 IP address AP 4-5 assigning AP 2000 5-20 R2 5-19, 5-20 using AP Manager 5-18 infrastructure network 5-2 methods to configure 5-18 point-to-multipoint network 5-12 point-to-point network 5-7 IP Address Initialization setting 5-18 IP Address Mode setting infrastr
Index Low AP Density setting 2-10 M MAC address description 2-5 filtering 5-31 R2 internal 2-5 R2 Spanning Tree 2-5 used with authentication 6-11 wired 5-2, 5-7, 5-12 wireless 5-7, 5-12 MAC address authentication accounting 2-23 overview 2-16 Managed List field 4-4 MD5 2-22, 6-23 Medium AP Density setting 2-10 Medium Density Distribution infrastructure network 5-3 modifying 5-23 point-to-multipoint network 5-13 point-to-point network 5-8 with wireless client 2-10 Message Digest 5 (MD5) 2-17 Mezzanine option
Index O omni-directional antenna 1-18 operating system support 1-5 OSI 1-2 outdoor antenna description 1-18 placement 7-7 with infrastructure network 3-6 with LAN-to-LAN 3-7 P Parameters integrity test 5-33 password for NOS 2-14 PC Card 11 Mbit/s 2-8 2 Mbit/s 2-8 description 1-4 diagnostics 7-9 in an AP 1-4 LEDs 8-19 replacing 7-19 unable to detect 8-21 version numbers 7-15 PC Card firmware version 7-15 PCI adapter card description 1-4 PCIC - 16 bit 8-24 PEAP with Rapid Rekeying 2-18 peer-to-peer network 1-
Index RADIUS Management Authenticator changing password 6-10 description 6-9 RADIUS server client statistics 7-11 description 2-16 parameters 6-11 with 802.
Index S S1 button 7-18 Secure Access configuring 6-4 description 2-14 infrastructure network 5-3 integrity test 5-33 modifying 5-22 with wireless network name 2-4 secure HTTP 2-22 security description 2-14 determining for ad-hoc network 6-2 determining for infrastructure network 6-2 determining for LAN-to-LAN network 6-2 for AP 2000 console port 2-21 managing APs 6-3 semi-open environment A-2 Set Exclude SNMP setting 6-7, 6-25 Set Exclude Unencrypted setting 6-7 Setup/Add New AP button infrastructure networ
Index Spanning Tree protocol 2-27, 5-27 SSH description 2-21 SSID 2-4 SSL 2-22 static VLAN 2-30 Station Firmware 7-15 station name infrastructure network 5-3 integrity test 5-33 point-to-multipoint network 5-13 point-to-point network 5-8 subnet mask assigning AP 2000 5-20 R2 5-19, 5-20 using AP Manager 5-18 infrastructure network 5-2 point-to-multipoint network 5-12 point-to-point network 5-7 supplicant See client System Status LED 8-3 T Tagged (VLAN) description 2-28 port configuration 5-24 TCP/IP protocol
Index users supported by AP 3-4 V V*.
