User's Manual
Table Of Contents
- Chapter 1 Introduction
- Chapter 2 Mesh Point CLI and Administrative Access
- Chapter 3 Networking and Radio Configuration
- 3.1 Network Interfaces
- 3.2 Network Bridging
- 3.2.1 Bridging Configuration
- 3.2.2 FastPath Mesh Bridging
- 3.2.3 Fine-tuning FastPath Mesh Network Performance
- 3.2.3.1 Selecting the FastPath Mesh Multicast Transmit Mode
- 3.2.3.2 Setting the FastPath Mesh Packet Interval
- 3.2.3.3 Setting the FastPath Mesh Transmit Control Level
- 3.2.3.4 Setting Multicast Video Clamping Thresholds
- 3.2.3.5 Setting Mesh Routing Reactivity
- 3.2.3.6 Setting Mesh Packet Time To Live
- 3.2.3.7 Viewing Current Mesh Performance Parameters
- 3.2.3.8 Frame Processor Parameters
- 3.2.4 STP Bridging
- 3.3 Global Radio Settings
- 3.4 Individual Radio Settings
- 3.4.1 Radio Band, Short Preamble, Guard Interval
- 3.4.2 Channel Selection
- 3.4.3 Distance, Beacon Interval, Noise Immunity
- 3.4.4 Network Type, Antenna Gain, Tx Power
- 3.4.5 MIMO
- 3.4.6 STBC
- 3.4.7 Channel Lock and Other Channel Selection Features
- 3.4.8 DFS, TDWR, and Channel Exclusion
- 3.4.9 Radio BSS Settings
- 3.4.9.1 BSS Radio, BSS Name and SSID
- 3.4.9.2 WDS Bridging or AP Infrastructure Configuration
- 3.4.9.3 BSS State, SSID Advertising and Drop Probe Requests
- 3.4.9.4 BSS STA Idle Timeout and 802.11g-Only Settings
- 3.4.9.5 BSS Unicast Transmission Rate Settings
- 3.4.9.6 BSS WMM QoS Setting
- 3.4.9.7 BSS Fragmentation and RTS Thresholds
- 3.4.9.8 BSS DTIM Beacon Countdown
- 3.4.9.9 BSS VLANs Settings
- 3.4.9.10 BSS Fortress Security Zone
- 3.4.9.11 FastPath Mesh BSS Cost Offset
- 3.4.9.12 BSS Multicast Settings
- 3.4.9.13 Bridging MTU and Beacon Encryption
- 3.4.9.14 BSS Description
- 3.4.9.15 BSS Wi-Fi Security Configuration
- 3.4.10 Antenna Tracking / Rate Monitoring
- 3.4.11 ES210 Mesh Point STA Settings and Operation
- 3.4.11.1 STA Radio, Name, SSID and SSID Roaming
- 3.4.11.2 STA State
- 3.4.11.3 STA Unicast Transmission Rate Settings
- 3.4.11.4 STA Background Scanning
- 3.4.11.5 STA WMM QoS Setting
- 3.4.11.6 STA Fragmentation and RTS Thresholds
- 3.4.11.7 STA Multicast Rate
- 3.4.11.8 STA Description
- 3.4.11.9 STA Wi-Fi Security Configuration
- 3.4.11.10 Editing or Deleting a STA Interface Connection
- 3.4.11.11 Establishing a STA Interface Connection
- 3.4.11.12 ES210 Station Access Control Lists
- 3.5 Local Area Network Configuration
- 3.6 Time and Location Configuration
- 3.7 GPS and Location Configuration
- 3.8 DHCP and DNS Services
- 3.9 Ethernet Interfaces
- 3.10 Quality of Service
- 3.11 VLANs Implementation
- 3.12 ES210 Mesh Point Serial Port Settings
- 3.13 Mesh Viewer Protocol Settings
- Chapter 4 Network Security, Authentication and Auditing
- 4.1 Fortress Security Settings
- 4.1.1 Operating Mode
- 4.1.2 FIPS Settings
- 4.1.3 MSP Encryption Algorithm
- 4.1.4 Encrypted Data Compression
- 4.1.5 MSP Key Establishment
- 4.1.6 MSP Re-Key Interval
- 4.1.7 Key Beacon Interval
- 4.1.8 Fortress Legacy Devices
- 4.1.9 Encrypted Zone Cleartext Traffic
- 4.1.10 Encrypted Zone Management Settings
- 4.1.11 Authorized Wireless Client Management Settings
- 4.1.12 Turning Mesh Point GUI Access Off and On
- 4.1.13 SSH Access to the Mesh Point CLI
- 4.1.14 Blackout Mode
- 4.1.15 Allow Cached Credentials
- 4.1.16 Fortress Access ID
- 4.2 Digital Certificates
- 4.3 Access Control Entries
- 4.4 Internet Protocol Security
- 4.5 Authentication and Timeouts
- 4.5.1 Authentication Servers
- 4.5.2 Internal Authentication Server
- 4.5.2.1 Basic Internal Authentication Server Settings
- 4.5.2.2 Certificate Authority Settings
- 4.5.2.3 Global User and Device Authentication Settings
- 4.5.2.4 Local 802.1X Authentication Settings
- 4.5.2.5 OCSP Authentication Server Settings
- 4.5.2.6 OCSP Cache Settings and Management
- 4.5.2.7 Internal Authentication Server Access Control Lists
- 4.5.3 User Authentication
- 4.5.4 Client Device Authentication
- 4.5.5 Session Idle Timeouts
- 4.6 ACLs and Cleartext Devices
- 4.7 Remote Audit Logging
- 4.8 Wireless Schedules
- 4.1 Fortress Security Settings
- Chapter 5 System Options, Maintenance and Licensing
- Chapter 6 System and Network Monitoring
- Index
- Glossary
Fortress ES-Series CLI Guide: Networking and Radio Configuration
94
NOTE: The ES2440
supports a port
speed of 1000 Mbps
when
AutoNegotia-
tion
is enabled (y), but
you cannot specify that
value for Speed.
AutoNegotiation
is enabled (
y
) by default on all ports. If you
disable
AutoNegotiation, specify the Duplex mode and
negotiation
Speed. Duplex determines whether the port will
allow only
Full
duplex communication or only
Half
duplex
communication.
Speed determines the speed at which the port
will transmit and receive data
10
Mbps or
100
Mbps.
When QoS is disabled (
EnableQoS:
n
), the port passes packets
tagged with IEEE 802.1p Quality of Service information, as
tagged, according to the Mesh Point’s four-class 802.1p QoS
implementation (Section 3.10). This is the default setting on all
ports. Enabling QoS on a given port (
EnableQoS:
y
) configures
the port to apply its assigned Quality of Service class to all
packets received on the port, overriding any IEEE 802.1p tag
already present. When you enable QoS on a port, you can then
assign the port to—and therefore apply to all traffic passed on
the port—one of the four available service classes:
TrafficClass
low
,
medium
,
high
or
critical
.
Alternatively, you can use the
set interface command with
valid switches and arguments to configure any of the above
settings on an individual Ethernet port:
# set interface -name
<InterfaceName>
-adminstate enable|disable -zone clear|encrypted
-meshif core|access -ucost 0–4294967295 -meshencap Y|N -vlanID 1-4094
-switchingmode trunk|access -8021x y|n -radiusperiod 0—2147483647 -reauthperiod 0—2147483647
-pse enable|disable -autoneg y|n -duplex half|full
-speed 10|100 -QoSAdmin y|n -priority low|medium|high|critical
3.10 Quality of Service
The Mesh Point supports Quality of Service (QoS) traffic
expediting standards, including IEEE 802.1p (Traffic Class
Expediting), the WMM® (Wi-Fi Multimedia) subset of IEEE
802.11e (QoS for Wireless LAN), and the more recent
Differentiated Services (DiffServ) model described in RFC
2474 (Definition of the Differentiated Services Field [DS Field]
in the IPv4 and IPv6 Headers) and RFC 2475 (An Architecture
for Differentiated Services).
Incoming network traffic is sorted for expediting into one of four
QoS
TrafficClass priority queues:
critical - packets in the critical queue are delivered
ahead of packets at all other QoS levels.
high - packets in the high queue are delivered after
critical packets and ahead of packets in lower-level
queues.
medium - packets in the medium queue are delivered on a
Best Effort basis: after those in higher-level queues, but
ahead of
low priority traffic.