Wi-Fi HiaB “Hot-Spot in a Box”Access Point P-360 User's Guide Revision 0 December 25, 2002
Copyright © 2002 Gemtek Systems Holding BV www.gemtek-systems.
Revision History Revision Date Description Author 0 November 6, 2002 Initial version of the document.
Copyright © 2002 Gemtek Systems Holding BV. This user’s guide and the software described in it are copyrighted with all rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form by any means without the written permission of Gemtek Systems Holding BV. Notice Gemtek Systems reserves the right to change specifications without prior notice.
Contents Contents Copyright..............................................................................................................................................5 Notice ...................................................................................................................................................5 Trademarks..........................................................................................................................................5 Limited Warranty, Disclaimer......
Contents 802.1x Settings...............................................................................................................................34 PPPoE Settings..............................................................................................................................36 PPTP 36 QoS 37 Redirect Settings ............................................................................................................................37 Load Balance ..........................................
About this Guide Purpose This document provides information and procedures on hardware installation, setup, configuration, and management of the Gemtek Systems Wi-Fi ‘Hot-Spot in the Box’ Access Point model P-360. Prerequisite Skills and Knowledge To use this document effectively, you should have a working knowledge of Local Area Networking (LAN) concepts and wireless Internet access infrastructures.
Help Us to Improve this Document! If you should encounter mistakes in this document or want to provide comments to improve the manual please send e-mail directly to: manuals@gemtek-systems.com. Gemtek Systems Technical Support If you encounter problems when installing or using this product, please consult the Gemtek Systems website at http://www.gemtek-systems.com for: • • • The latest software, user documentation and product updates. Frequently Asked Questions (FAQ).
Chapter 1 – Introduction Thank you for choosing the Gemtek Systems Wi-Fi ‘Hot-Spot in the Box’ Access Point model P-360. With this product the Gemtek Systems want to deliver a carrier class 11Mb WLAN Access Point specially designed for single-cell hot-spot applications with an integrated Public Access Controllers (model G-6000/G-4000). Product Description The P-360 “Hot-Spot in a Box” Access Point (HiaB) is a stand-alone network device designed to provide user-friendly wireless public access services.
The P-360 HiaB Access Point can work in different operation modes: • • Access point mode (AP) Access Point-Router mode (AP-Router) Difference to P-320 The P-360 WLAN AP is designed to cooperate with G-6000/G-4000 hot-spot gateways. As opposed to P-320 (Wi-Fi Operator Access Point) the P-360 does incorporate routing and the Universal Access. However, P-360 can be configured as a 802.1x authenticator. In this setup the G-6000/G-4000 gateway will act as a RADIUS-Proxy and controls the traffic flow.
LED’s The HiaB Access Point has a several LED’s located at the front side. 1. Wireless activity LED Off: no activity Blinking: sending and receiving data 2. LAN link LED Off: No LAN connection available On: LAN connection OK 3.
Chapter 2 – Installation This chapter describes how to install Wi-Fi “Hot-Spot in a Box” Access Point. The hardware and software installation instructions are provided here. Hardware Installation Before you connect the Access Point, decide where to place it. Determinate the best location of the Wi-Fi Access Point, keeping in mind the following considerations: • • • • • The length of the Ethernet cable that connects the Access Point to the network must not exceed 100 meters.
Removing the Access Point from the Wall 1. Open the housing of the Access Point by pressing the spring latches on the upper rear side of the access point using the disassembling tool delivered with your P-360. Figure 3 -- Removing the P-360 housing using the disassembling tool 2.
Test: Calling P-360 with Ping To test the accessibility of your P-360 from your PC, just type the following from a command prompt: ping 192.168.2.2 If ping replays, you can access the P-360 from this PC. Otherwise there is a problem accessing the P360 in default status from this PC. You should either change the IP address of your PC or of the P360.
Chapter 3 - Configuration The configuration manager provides the user interface to configure and manage HiaB Access Point (P-360). When the Access Point is installed, access the user interface using the standard Web browser such as Internet Explorer 6 or Netscape Navigator 6 (Java and JavaScript enabled). This chapter includes the following subsections: • • • • • Authentication System Status Setup Wizard Advanced Settings System Tools Accessing the Web Manager Interface 3.
After successful authentication the Web Manager user interface is displayed as following: Figure 5 – Main Web Manager Page The device status headline is displayed in the upper part of the screen. Some general information of this device is provided here: Figure 6 -- Status Headline SSID of the device Uptime since last reboot Average Load of processor Number of Clients currently connected to this device. In the next subsections different configuration Web Manager parts are described.
Device Status The device status page shows some information about the HiaB P-360 itself, its loaded services, its operating mode and position in your network and the data traffic on the wireless interface. System Status Figure 7 – Device Status (1) Version is the current version of the firmware. This is important information for support requests and for preparing firmware uploads. Uptime is the time in days since last system reboot. Average Load shows the average load of the P-360 processor.
Figure 8 – Device Status (2) Network Status Figure 9 – Device Status (3) Device Mode shows the P-360 operating mode (AP or AP Router). Hostname shows the name of the P-360 in the network used for statistic routines. Ethernet Interface IP shows IP address of the Ethernet interface of the P-360. Wireless Interface IP is the IP address of the wireless interface of the P-360.
Tx Errors are errors while transmitting data. Rx Data are data volume received successfully. Rx Errors are errors while transmitting data. Collisions are number of data packet collisions.
Setup Wizard On the first page of the Setup Wizard available ‘Hot-Spot in a Box’ device modes are listed: Figure 11 – Device Operating Modes Select AP – Router mode, if you want to allow mobile stations to access your wired network and you need to build up a wireless connection to a different IP subnet. Select AP mode, if you want to allow mobile stations to access your wired network.
DNS Server Address is the IP address of a domain name server. This IP address, provided by your ISP, will be assigned to all PCs requesting address information through DHCP from the P-360. Available in AP-Router mode only! If you are not sure about the IP address of the DNS server currently responsible for your local network, please get your IP configuration with “ipconfig” (Win 2000, Win NT and Win XP) or “winipcfg” (Win 9x and Win Me) from the command prompt.
WAN Interface Settings: Interface: Use this option to switch the WAN interface of P-360 on (Enable) or off (Disable). Available in AP-Router mode only! In AP-Router mode you disable the wired interface to the Ethernet using this radio button. When the interface is disabled, there are no connections possible between Ethernet devices and the P-360. IP Address assigned by ISP is the device’s IP address on the WAN interface.
Wireless Configuration Settings Access Point SSID Depending on the device mode selection, parameters available in the Wireless Configuration Settings page will vary. Because of the complexity and quantity the wireless parameters are spitted into the simple units. Figure 14 -- Wireless Configuration Settings (1) Access Point SSID is a unique name for your wireless network. It is case sensitive and must not exceed 32 characters.
Encryption Algorithm Figure 16 -- Wireless Configuration Settings (3) Select No, 64-Bit or 128-Bit Encryption. Key 0 to 3: The WEP keys are entered as a series of colon-separated HEX pairs: 5 pairs for 64-Bit (e.g. 00:AC:01:35:FF) 13 pairs for 128-Bit (e.g. 00:11:22:33:44:55:66:77:88:99:AA:BB:CC). Also select the active key radio button next to appropriate key. The encryption key must also be entered into the WLAN card configuration of the mobile clients.
Advanced Settings Setting up the P-360 advanced settings requires advanced knowledge of the TCP/IP network structure and functionalities. It is recommended that only skilled network administrators should use these settings. ACL Settings In the ACL Settings page you can specify default access policy for wireless or Ethernet network devices.
Figure 188 – Add New ACL Rule • • Specify the MAC address of the device you want to add to the ACL. The format is a list of colon separated hexadecimal numbers (for example: 00:00:78:0A:CD:FF). Select the Target of the rule, whether the specified network device should be allowed or denied as an Access Points client. Firewall Settings The firewall settings allow to specify IP packet filters to enhance the data security.
Figure 19 – Firewall Settings On the main firewall settings page you will find one table for input, output or prerouting rules and a switch to enable or disable the firewall. Within the tables you can insert new rules, modify existing ones, delete rules and change their position by moving up or down. The position of a rule within the list is very important, because the list is worked through from top to down.
Figure 190 – Add New Firewall Rule Target – this implementation of firewall control supports two types of rules – Accept and Drop. The appropriate policy defines what to do if the data packet received matches the rule. Source IP Address – source IP address. Source Netmask – source netmask IP address. Source Port(s) – can be specified in two ways: “All” or a given port range. Destination IP Address – specified the same as Source IP. Destination Netmask – specified the same as source netmask.
Isolation Settings Figure 201 -- Layer 2 Isolation Routing Settings Routing Settings is available when the access point is in AP-Router operation mode. Opening the page you will find a list of all present routes, each consisting of the related interface, the destination IP address, the gateway and the subnet mask. The default values in this list are generated from your current IP settings in the Network Configuration Settings menu.
Figure 212 – Static Routing Settings To create a new static route please click Add New Route and select the related interface (Ethernet/wireless), specify destination, netmask and gateway IP, and metric values. Click the Save Route to add new static route in the Routing table. Figure 223 -- Add Static Route Destination, Netmask and Gateway are required parameters to specify. DHCP Settings The DHCP server settings specify, which IP addresses are assigned to the DHCP clients in the LAN.
Figure 234 – DHCP Settings Port Forwarding Settings Port Forwarding Settings is available when the access point is in AP-Router operation mode. Port forwarding service provides access to computers in the LAN with dedicated services by overriding the NAT (Network Address Translation) feature. Example of such services could be a web server on a computer in the LAN, which should be open to public access for testing purposes.
Figure 256 – Add Port Forwarding Rule In this example, all requests to the P-360 on port 25 will be redirected to the IP address 192.168.2.28 on port 1445. Port forwarding is a kind of reverse function to IP masquerading. Hence this function can take effect only when NAT is enabled! Please refer to your firewall settings to check if the port forwarding settings are suitable. Administrator’s Settings You can change the Administrator’s password using this Administrator Settings menu.
802.1x Settings Figure 278 – 802.
Figure 29 – 802.
PPPoE Settings Figure 280 -- PPPoE Settings PPTP Gemtek Systems Page 36
Figure 291 – PPTP Settings QoS Figure 302 – QOS Settings Redirect Settings Figure 313 – Redirection Settings Gemtek Systems Page 37
Load Balance Figure 324 – Load Balance Settings Gemtek Systems Page 38
System Tools Using this menu you can perform system tests, configure SNMP settings, upgrade firmware, restart or reset HiaB Access Point into factory defaults. Clients All clients currently connected to the P-360 Access Point is listed in the Connected Clients table. The clients are listed by its MAC address. Figure 335 – Connected Clients Click the Refresh button if you want to renew the connected clients statistic. Loopback Test The loopback test is used for wireless link diagnostics.
Figure 346 – Loopback Test To start the loopback test, do the following: Endpoint IP – specify the device’s IP address, whose transfer rate needs to be measured. Start – click to start measuring the specified wireless link. The status line will show the last measured data transfer rate and the time when this data was received from the wireless network device. To stop loopback test simply click the Stop button.
Figure 357 – SNMP Settings (1) The following parameters should be entered to create new SNMP community: Figure 368 – Add New SNMP Community Community String – community name for (read-only/read-write) access. Allow Community Access from IP – IP address/netmask for (read-only/read-write) community. Allow Mib-view – specify MIB ??? IP address and netmask combination of 0.0.0.0/32 means “ANY” IP address can connect. Access can be controlled for one specified IP (for example 192.168.2.
Figure 39 – SNMP Settings (2) xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Figure 370 – Add SNMP Rule Management Server IP ??? Community String ??? Gemtek Systems Page 42
SNMP Trap Port ??? Site Survey The site survey test shows overview information for wireless networks in a local geography. Using this test, users can scan for working access points, check their operating channels and see signal/noise levels. To start the scan simply select the Site Survey menu. Figure 381 – Site Survey The available access points are listed in the table by MAC address and SSID. To refresh the statistics click the Rescan button.
Figure 392 – Monitoring Test RX – Received Kbytes per selected interval. TX – Transmitted Kbytes per selected interval. Upgrade This function is used to update the current firmware version to a new one. If there is need to change the firmware, a valid firmware file must be selected first by clicking the Browse button.
Figure 403 – Upgrade Firmware After selecting a valid firmware version file, click the Upgrade button to proceed. The upgrade process begins. Do not switch off and do not disconnect P-360 from power supply during firmware update process because the device could be damaged. Best use Ethernet connection (not wireless) for firmware update process. After a successful upgrade process, the device firmware is upgraded, the Main Menu page is displayed, and the previous device configuration set is maintained.
Reset Device Figure 425 -- Reset Device to Defaults Keep in mind that resetting the device is an irreversible process. The confirmation message appears before starting the reset process. Read it carefully and confirm as described. You must enter the administrator password to perform the reset function. Please note that even the password will be set back to the factory default! The device is restarted. All previous device configuration settings will be erased and the factory default values applied.
Command Line Interface Shell Introduction CLISH (Command Line Interface Shell) software is a configuration shell for Wi-Fi “Hot-Spot in a Box” Access Point device (P360). Using the CLISH interface the operator can: configure all essential Wi-Fi “Hot-Spot in a Box” configuration settings; show system and network statistics; use system tools, such as Site Survey. This manual describes the CLISH software command line interface and the command set available from the shell.
Reference Guide [Overview of all configuration interfaces, such as: CLI SMTP HTTP SSH Description of all parameter/command of the configuration menu should be provided in this section.
Gemtek Systems Page 49
Troubleshooting [General hints, common problems, FAQ, technical support goes here.
Appendix Factory Default for P360 Access Point The following settings and parameters are the factory default for “Hot-Spot in a Box” Access Point model P360. Default Device General Configuration Settings: Operating Mode Operation Mode AP (Access Point) General Configuration Settings Host Name P-360 DNS Server Address 0.0.0.
Isolation Isolation Disable DHCP Server DHCP Server/Relay Disable DHCP Server Address 0.0.0.0 IP Address Pool Range 192.168.2.3-254 802.1x Settings 802.1x Service Disable Radius Port 1812 Radius Account Port 1813 Radius Entries 3 Radius Timeout 10 NAS Identifier ???? Client Roaming Service Disable PPPoE PPPoE Disable PPTP PPTP Disable VPN Server IP Address 0.0.0.
Glossary [Glossary of the document is used to define terminology specific to the problem domain, explaining terms, which may be unfamiliar to the reader.
Index [Index of the document.
Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
