EXTRICOM WLAN SYSTEM USER GUIDE EXSW-400/800 EXSW-1200/2400 MULTI SERIES 1000 EXRP-20/40/30N EXRP-20E/40E/40EN For System Firmware Release 4.2 Document Version 4.
Copyright No part of this publication may be reproduced, stored in a retrieval system or transmitted, in any form or by any means, photocopying, recording or otherwise, without prior written consent of Extricom Ltd. No patent liability is assumed with respect to the use of the information contained herein. While every precaution has been taken in the preparation of this publication, Extricom Ltd. assumes no responsibility for errors or omissions.
! This equipment has been approved for mobile applications where the equipment is to be used at distances greater than 20cm from the human body (with the exception of hands, wrists, feet and ankles). Operation at distances of less than 20 cm is strictly prohibited. Changes or modification to equipment not expressly approved by Extricom Ltd. is strictly prohibited and could void the user's license to operate the equipment. • • • ! Extricom access points are for indoor use only.
Federal Communication Commission and Industry Canada Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC and IC rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Fixed point-to-point devices for this band are permitted up to 200 W e.i.r.p. by employing higher gain antennas, but not higher transmitter output powers. Point-to-multipoint systems, omnidirectional applications and multiple co-located transmitters transmitting the same information are prohibited under this high e.i.r.p. category. However, remote stations of point-to-multipoint systems shall be permitted to operate at the point-to-point e.i.r.p. limit provided that the higher e.i.r.p.
Table of Contents About This Guide .............................................................................................. 1 Audience .....................................................................................................................1 Conventions ................................................................................................................1 Safety Precautions .......................................................................................................
Configuring WLAN Parameters................................................................................. 36 Configuring ESSIDs ............................................................................................... 36 Configuring WLAN Radios .................................................................................... 49 WLAN Wizard ......................................................... Error! Bookmark not defined. ESSID Assignment ...................................................
About This Guide This guide provides detailed instructions for installing, configuring, and troubleshooting the Extricom EXSW-400/800/1200/2400 and Multi Series 1000 WLAN switches and Extricom EXRP20/40/30n and 20E/40E/40En UltraThin™ Access Points (APs). This version of the user guide has been updated to include product changes up to and including switch version 4.2.43.04.
! 2 The switch and AP enclosure must not be opened by anyone other than an authorized service representative. To comply with FCC RF exposure compliance requirements, maintain a minimal separation distance of at least 20 cm/8 inches between the AP and all persons. The power cable included should not be used with any other electrical equipments other than Extricom switches. The switch contains an internal battery.
Chapter 1 Introduction to the Extricom Wireless LAN System A Wireless Local Area Network (WLAN) based on the IEEE 802.11 standard enables laptops, PDAs, phones, and other “Wi-Fi” equipped devices to wirelessly connect to the enterprise network.
The Extricom solution is based on a fully centralized WLAN architecture, in which the switch makes all of the decisions for packet delivery on the wireless network. In this configuration, the access points (APs) simply function as radios, with no software, storage capability, or IP address. Even the basics of connecting are different: clients associate directly with the switch, not with the AP. The AP acts as an “RF conduit” to rapidly funnel traffic between the clients and the switch.
Same band operation The Extricom WLAN system enables WLAN channels, in the same band (e.g. Channel 1, 6, and 11 in 2.4 GHz), to be simultaneously used within the same AP, to form overlapping Channel Blankets using the same physical set of APs. It is possible to configure up to four channels of same band when using EXRP-40/40E/40En APs. TrueReuse bandwidth TrueReuse technology multiplies the bandwidth of a standard 802.11 channel by dynamically optimizing the reuse of each frequency.
6 Centralized configuration New switches are added to the network via a single Web interface either manually by the user, or automatically using an Extricom protocol. System redundancy Extricom enables full redundancy by connecting two switches in a cascade or hot-standby topology.
Overview of the Extricom Switches The Extricom WLAN switches are connected to Extricom APs to form an Extricom WLAN. The Extricom EXSW-400, EXSW-800, EXSW-1200, and the EXSW-2400 switches are FastEthernet capable; the EXSW-1600 and EXSW-800G are GbE-capable switches based on the Extricom Multi Series 1000 platform. The EXSW-400 and EXSW-800 can connect to EXRP-20/40 or EXRP-20E/40E APs to provide legacy 802.11a/b/g service with up to 4 or 8 APs respectively.
Figure 2: Extricom EXSW-2400 Switch Figure 3: Extricom EXSW-1200 Switch - The Extricom EXSW-1200 is derived from the EXSW-2400, with the same hardware and firmware. The only difference between the two models is the number of WLAN ports supported. Figure 4: Extricom EXSW800 Switch 8 The EXSW800 switch only supports two channels, so when it is connected to EXRP40, only two radios will operate.
Figure 5: Extricom EXSW-400 Switch The EXSW400 switch only supports two channels, so when it is connected to EXRP40, only two radios will operate. Overview of the Multi Series 1000 Appliance Platform Figure 6: Extricom Multi Series 1000 The Extricom Multi Series 1000 is a high-performance hardware platform, and is softwareconfigurable to support a range of wireless and networking functions in an Extricom WLAN System.
10 SFP modules are not shipped with the Multi Series 1000. To use the SFP ports, you must use Class 1 laser certified SFP modules according to IEC/EN 60825-1 and /or CDRH.
Overview of the Extricom Access Points Access Points with Internal Integrated Antennas Extricom’s EXRP-20, EXRP-40 and EXRP-30n UltraThin APs are high-bandwidth devices. The EXRP-20 contains two 802.11a/b/g radios, the EXRP-40 contains four 802.11a/b/g radios, and the EXRP-30n contains two 802.11a/b/g/n and one 802.11a/b/g radio. The EXRP-20 and EXRP-40 APs have internal diversity antennas – one diversity antenna for each radio. The EXRP-30n possesses three (3) antennas per 802.
Access Points with Connectors for External Antennas Some applications may require an access point capable of connecting to external antenna(s). The EXRP-20E/EXRP-40E, and EXRP-40En accommodate this requirement. The EXRP-20E/EXRP40E have the same electronics as the EXRP-20/40 (respectively), but with a metal, plenum-rated casing, and connectors for attaching external antennas. The EXRP-20E contains two 802.11a/b/g radios and has four external antenna connectors. The EXRP-40E contains four 802.
A Typical Extricom Wireless Network Topology An Extricom WLAN switch is connected to the wired LAN, and the APs distributed throughout the enterprise. Figure 10 shows a typical Extricom enterprise topology, consisting of an Extricom switch and eight APs. Figure 10: Typical Extricom Typology Extricom uses standard WLAN protocols (IEEE 802.11). As a result, any 802.11a/b/g/n standard wireless device can work seamlessly with the Extricom system.
Switch Cascade (Multi Series 1000 Platform Only) Switch Cascade is a new Extricom topology in which two Multi Series 1000 switches are interconnected together to create one larger logical switch with enhanced redundancy. One Multi Series 1000 switch serves as the primary, and the other Multi Series 1000 switch serves as the secondary.
Figure 12: Switch Cascade With AP Redundancy It is also possible to deploy the APs in a semi-mesh, according to the degree of service required in the event of a failover. In a semi-mesh deployment, most APs are configured as in Figure 12, but one or more APs from the Primary are placed in the coverage area of the secondary, or vice versa. In a switch cascade, the secondary switch routes all of the traffic from its APs to the primary switch over the interconnect cable.
Brief Overview of 802.11n The following section describes at a high level the main features and terms of 802.11n. It also outlines which features of the standard are supported by Extricom products at this time. This section is provided to give customers using Extricom's 802.11n products an overview of 802.11n technology, and to help them understand what parameters need to be to configured on the Extricom switch in order to support 802.11n. 802.11n is a member of the 802.
Frame Aggregation Definition: With MAC-layer aggregation, a station with a number of frames to send can combine them into an aggregate frame (MAC MPDU). The resulting frame contains fewer headers in overhead than would be the case without aggregating, and because fewer, larger frames are sent, the contention time on the wireless medium is reduced. Extricom 802.11n: Extricom supports frame aggregation.
SM Power Save Definition: The basic 802.11n power save mode is based on the earlier 802.11 power save function. Power save in 802.11n is enhanced for MIMO operation with SM power save mode. Since MIMO requires maintaining several powered-up receiver chains, standby power draw for MIMO devices is likely to be considerably higher than for earlier 802.11 equipment. A new provision in 802.11n allows a MIMO client to power-down all but one RF chain when in power save mode.
Chapter 2 Installing the Extricom WLAN System This chapter provides instructions for unpacking and installing the Extricom WLAN system. Unpacking the Extricom WLAN System The Extricom WLAN system is shipped with the following: One Extricom switch. CD which contains The Extricom WLAN System User Guide, Release Notes and EULA APs (the number of APs is based on customer order and provided in separate boxes) are shipped as part of the overall order. One power cable.
Determining the Location of the Extricom Access Points Before installing the switch and access points, plan the placement of the APs. Before permanently mounting the APs, Extricom recommends testing the network (using a laptop client) to identify potential coverage holes. If such a problem exists, relocate an AP or add additional APs to resolve the coverage hole. To find the best location for the required coverage, the Extricom Deployment Tool may be used.
Figure 15: Extricom EXSW- 1200 Switch Figure 16: Extricom EXSW-2400 Switch GbE Combo ports 2 Copper/SFP RJ45 console 16 GbE/PoE copper ports Figure 17: Extricom Multi Series 1000 Table 1 below describes the front panel and connectors of Extricom EXSW400/800/1200/2400/Multi Series 1000 switches. Connectors Description Console Serial connector – only to be used by, or as instructed by, Extricom personnel for troubleshooting, support, or maintenance. Can be accessed using a Null modem cable.
Connectors Description (EXSW-400/800) LAN1, LAN2 (EXSW- 1200/2400) LAN. LAN1,LAN2 (Multi Series 1000) 2 GbE RJ-45, 2 GbE SFP combo ports – used to connect the switch to the wired LAN. Use only GbE or SPF. WLAN (AP) Ports Only LAN1 is used for connection to the wired LAN. LAN2 on EXSW-1200/2400 is currently not in use. Only LAN1 is used for connection to the wired LAN. LAN2 is used for Switch Cascade interconnect only. RJ-45 connectors – used to connect Extricom APs to the switch.
LED Color Description (1000) (Multi Series 1000 only) Orange Status (SFP links) (Multi Series 1000 only) Green Not in use. Only a 1000 Mbps LAN connection is supported. In v4.2, Orange LED is not used.
Figure 19: Extricom External Connector Antenna AP (EXRP-20E shown) Table 3 below describes the Extricom Access Point connectors. Connectors Description Power External power is not required for most applications. Power is supplied via the Ethernet cable (PoE). In case of an external power requirement (e.g. when media converters are used and POE is blocked), use a UL Listed LPS (Limited Power Source) or NEC Class II power adapter. Rating – Input: 90-240VAC, 0.8A max. Output: 48VDC, 0.56A max.
LEDs Color Description Radio 1 Green 1st Radio is active Red 1st Radio is malfunctioning Off 1st Radio is off Green 2nd Radio is active Red 2nd Radio is malfunctioning Off 2nd Radio is off Green (flashing) Connection to Extricom switch is active Off Not active Green On/Off Radio 2 LAN Power Table 4: Extricom EXRP-20/EXRP-20E AP LEDs LEDs Color Description Radio 1 Green 1st Radio is active Red 1st Radio is enabled with no assigned ESSID, or malfunctioning Off 1st Radio is of
LEDs Color Description Radio 1 Green 1st Radio is active Red 1st Radio is malfunctioning Off 1st Radio is off Green 2nd Radio is active Red 2nd Radio is malfunctioning Off 2nd Radio is off Green 2nd Radio is active Red 2nd Radio is malfunctioning Off 2nd Radio is off Green (flashing) Connection to Extricom switch is active Off Not active Radio 2 Radio 3 LAN Table 6: Extricom EXRP-30n LEDs Connecting the Switch and Access Points The Extricom switch is connected to the wired LAN
Mixing AP types in the same deployment is not permitted, except for EXRP-20 and 20E APs, or EXRP-40 and 40E APs. When using the EXSW400/800 with EXRP-30n/40E/40En APs, only two radios will operate.
The maximum length of the primary to secondary switch interconnect is computed according to the following tables: (all distances in meters) Interconnect Using CAT-5e/6 100/1000Mbps Cable: Distance Between Secondary Switch and Its Farthest AP 50 100 150 175 190 Max. Switch Interconnect Distance (Copper Interconnect Cable) 150 100 50 25 10 Interconnect Using Fiber Media Cable: Distance Between Secondary Switch and Its Farthest AP 50 100 150 175 Max.
Position the EXRP-20/40 AP so that the connectors are on the bottom left corner of the AP. The EXRP-20 and EXRP-40 are similar in appearance. Please double-check the LED titles or label on the underside of the unit to make sure you have the right type of AP for your deployment. The EXRP-20E, EXRP-40E, and EXRP-40En resemble each other but have a different number of external antenna connectors.
Chapter 3 Configuring the Extricom WLAN System Accessing the Extricom Switch GUI After connecting the switch and AP, configure the Extricom WLAN system through Extricom’s web configuration GUI using a terminal or PC connected to the same LAN as the switch. To access the Extricom web configuration pages: 1.
Figure 20: Login Page 4. Enter your user name and password (as provided by your system installer) and click OK. The Summary page appears. If you did not receive a user name and password with your switch, use the following factory default user name and password: user name: admin password: Switch1 The user name and password are case-sensitive. When System Pop-up Windows Appear In Explorer 8 1. You will receive a notice in the pop-up window that there is a problem with the website’s security certificate.
Configuration display, and editable work area (for some screens) Event and alarm area Configuration Display, Work Area (for some screens). Navigation Tree Event and Alarm Area Figure 21: Typical Web Configuration Page The navigation tree provides access to the following Extricom Web configuration pages: 32 LAN Settings – used for configuring LAN parameters. WLAN Settings – used for configuring WLAN parameters including ESSID-related configuration and Radio configuration.
The work area displays the information selected in the navigation tree. Use this area to configure Extricom system parameters, where applicable. Web configuration pages may include a Save button; when this is selected, the configuration changes are applied to the offline configuration file. If you wish to apply these parameters, select the Apply option in the System Tool web page; this will start the reconfiguration process.
Configuring LAN Parameters In the LAN Configuration page, you can configure the following: The LAN ports’ IP address and network mask, as well as a backup address and mask. The LAN interface and management VLAN tag IDs. The default gateway. Wireless subnet tab – Configures all wireless subnets (SSID subnets) controlled by the IT manager. This may be required when Captive Portal is enabled. To configure LAN parameters: 1. Click LAN Configuration in the navigation tree.
Field Description LAN IP Address Enter LAN IP address used for the switch management. You can add an alternate IP address if you wish to manage the switch from a different network; enter the value in the alternate field. Network Mask Enter the network mask for the LAN 1 IP address and you can also add an alternate network mask for the alternate IP address defined, enter the value in the alternate field. Edge’s Subnet Subnet of a redundant pair (Primary - Secondary or Main - Standby).
Configuring WLAN Parameters The WLAN Configuration page contains three sub-menu pages: ESSID definition Radios Assignments Configuring ESSIDs An ESSID (Extended Service Set Identifier) is the name of the network. Wireless devices must connect to a specific ESSID which determines the pre-defined set of privileges, settings, and limitations (such as security definitions, access privileges, VLAN assignments, etc.) of the network.
Access Point Channel ESSID VLAN tag Network17 17 Network18 18 … … … … Network31 31 Table 8: ESSID per channel Example In the ESSID web page, it is possible to Add a new ESSID, and to Rename or Delete an existing ESSID. For a selected ESSID it is possible to configure the following features: Allow Default ESSID Display ESSID in Beacon Allow Store & Forward Allow Inter-Ess Store & Forward Enable Multicast Enable ARP Caching Enable MAC ACL Enable 802.
Figure 23: WLAN Configuration Page When configuring ESSID parameters, refer to the following table for a description of the available parameters: Field Description ESSID Select ESSID Select an ESSID from the dropdown list. To Add/Delete/Rename ESSIDs from this list, use the Add/Delete/Rename field in the web page. ESSID option 38 Allow Default ESSID If this option is enabled, a wireless device will be allowed to connect to the Extricom WLAN without requesting a specific ESSID (i.e.
Field Description Allow Store & Forward If this option is enabled, two wireless devices connected to the Extricom WLAN with the same ESSID can communicate and transfer data to each other. Traffic between wireless devices will not be forwarded to the LAN switch. If this option is disabled, all traffic goes through the LAN switch. This could be used by IT managers to apply security settings or various policies in the LAN network.
40 Field Description 802.11d Support Enables support of the 802.11d standard .The purpose of this standard is to provide regulation domains for each country in a predefined list. The regulation domains and country information are provided as part of Beacons & Probe response. Enable AeroScout Enable location based services based on the Aeroscout platform. Requires Aeroscout hardware. VLAN Enter a VLAN tag to assign to the ESSID.
Field Description Disassociation Timeout Enter the amount of time (in seconds) a wireless device can remain inactive (no data sent to or from the wireless device) before automatically disconnecting from the network. DTIM Period The period of time after which broadcast and multicast packets are transmitted to mobile clients in the Active Power Management mode. Select the DTIM period for the selected ESSID. This is relevant for clients that want to utilize the power management capability.
The following table shows the hearing % of each AP in the diagram above: AP Receiving APs Hearing % 1 1 20 2 2,5 40 3 3,5 40 4 4,5 40 5 2,3,4,5 80 Table 10: Hearing % Beacon transmission prior to switch s/w v3.4 would have followed the legacy pattern below: Bundle/Interval BC1 1 AP1 2 BC2 BC3 BC4 BC5 AP2 3 AP3 4 AP4 5 AP5 Table 11: Legacy Pattern However, from v3.
Configuring Security Definitions In the ESSID page Encryption section the following security definitions can be configured: Type of encryption. Type of authentication. With some configurations, you can use encryption without authentication. For a higher level of security, however, it is recommended to use both encryption and authentication. The Extricom WLAN makes configuration of ESSID security parameters easier by listing available combinations of Encryption and Authentication protocols.
Field Description Encryption & Authentication Choose method Define the method of encryption and authentication. A combination of encryption and authentication methods may be selected from the options detailed in the drop-down list. Encryption cipher There are three types of encryption ciphers available: WEP64 – Wired Equivalent Privacy (802.11 encryption protocol). This is a very basic encryption level. (AKA WEP40) WEP128 – This encryption is similar to WEP64, but the WEP keys are longer.
Field Description WEP Keys The WEP Keys area is only enabled if the cipher selected in the Choose Method field is WEP or WEP104. In the WEP Keys area, you define the WEP Key that is used for encrypting or decrypting. You can define all four WEP keys. For each key you define, select the input format (ASCII or HEX) and enter the key according to the following table: Cipher ASCII HEX WEP64 (or WEP64+802.1x) 5 characters 10 digits WEP128 (or WEP128+802.
Encryption and Authentication methods. The Choose Method dropdown list in Encryption & Authentication displays the following options: None WEP64 (Open) WEP128 (Open) WEP64 & 802.1x Authentication WEP128 & 802.1x Authentication WPA/WPA2 personal ( TKIP/AES & Pre Shared Key Authentication) WPA/WPA2 Enterprise (TKIP/AES & 802.1x Authentication) When the “WPA2 Only” is checked, only Clients with WPA2 support are allowed to access the WLAN.
Configuring MAC ACL To configure a per-ESSID MAC ACL, select the MAC ACL tab. In this sub-page, select the ESSID you wish to set MAC ACL for. Figure 25: MAC ACL configuration Tab To configure MAC ACL per ESSID 1. Select an ESSID from a list of configured ESSIDs by selecting it from the dropdown list. 2. Select a MAC address from the All MACs list. 3. Use the Right Arrow/Left Arrow to insert/remove this MAC to/from the selected ESSID. 4.
Configuring RADIUS RADIUS is a common authentication protocol utilized under the 802.1x security standard (often used in wireless networks). Although RADIUS was not initially intended to be a wireless security authentication method, it improves the WEP encryption key standard, when used in conjunction with other security methods such as EAP-PEAP. In an enterprise environment, several RADIUS servers may be used for backup and also for serving different geographical locations.
Field Description Server Port Enter the RADIUS server port. Server Password Enter the RADIUS server password. Server Timeout Enter the time which the Extricom switch will wait for the RADIUS server response. Table 14: Radius Configuration Parameters Configuring WLAN Radios To configure the WLAN radios, use the Radios web page. The Radios web page provides the options available for configuring the radios. When the Radios page is initially displayed, it appears in abridged form.
Configuring Radio Parameters To configure specific radio parameters, select the appropriate Radio tab (Radio1-Radio4) on the Radios web page. Field Description Channel Options Disable Use the WLAN Mode dropdown checkbox to disable the radio. WLAN Mode Select the WLAN mode. Possible options are: Disable - choose this option to disable the radio 802.11a 802.11b 802.11g 802.11b/g 802.11n/a 802.11n/g 802.
The Extricom WLAN System User Guide 51
