User Manual

Manuals Brands PLANET Manuals Routers MAP-3100

802.11a/b/g Indoor Wireless Mesh Network

Access Point

MAP-3100 / MAP-3120

Web Management

Configuration Manual

Page 1 of 102

Summary of content (102 pages)

PAGE 1

802.
PAGE 2

Copyright Copyright © 2008 by PLANET Technology Corp. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic, mechanical, magnetic, optical, chemical, manual or otherwise, without the prior written permission of PLANET.
PAGE 3

Federal Communication Commission (FCC) Radiation Exposure Statement This equipment complies with FCC radiation exposure set forth for an uncontrolled environment. In order to avoid the possibility of exceeding the FCC radio frequency exposure limits, human proximity to the antenna shall not be less than 20 cm (8 inches) during normal operation.
PAGE 4

wheeled bin symbol. Do not dispose of WEEE as unsorted municipal waste and have to collect such WEEE separately. Revision Web Interface User’s Manual for PLANET Wireless Mesh Access Point Model: MAP-3100 / MAP-3120 Rev: 3.0 (November, 2008) Part No. EM-MAP3K_webv3.
PAGE 5

Table of Content Table of Content 1 Overview 1.1 1.2 1.3 1.4 1.5 2 Hardware Installation 7 7 7 7 8 9 11 Procedures Startup the MAP-3100 Startup the MAP-3120 11 12 13 Web Based Management 15 2.1 2.2 2.3 3 MAP-3100 Variants Package Content Features Network Topology Wireless Performance 5 3.1 3.2 3.2.1 3.2.2 3.2.3 3.2.4 3.3 3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.3.8 3.3.9 3.4 3.4.1 3.4.2 3.4.3 3.4.4 3.4.5 3.4.6 3.4.7 3.4.8 3.4.9 3.4.10 3.4.
PAGE 6

4 3.4.12 Service > Zero Config (MAP-3100 only) 3.4.13 Service > Mobile IP (Future Feature for MAP-3100 only) 3.4.14 Service > Route Watchdog (MAP-3100 only) 3.4.15 Service > System Watchdog 3.5 Management 3.5.1 Management > HTTPD 3.5.2 Management > Configuration 3.5.3 Management > SNMPD 3.5.4 Management > Firmware 3.5.5 Management > Trap 3.5.6 Management > User Group (MAP-3100 only) 3.5.7 Management > Database (MAP-3100 only) 3.5.8 Management > Webspace (MAP-3100 only) 3.5.
PAGE 7

Overview 1 Thank you for choosing the PLANET MAP-3100 / MAP-3120 Wireless Mesh Access Point. The MAP-3100 / MAP-3120 allows a wireless mesh network to be rapidly deployed with minimal configuration required by the end user. This user’s guide describes the detailed web interface configuration options. 1.1 MAP-3100 Variants Currently, there are two MAP-3100 variants available: MAP-3100: supports both Layer 2 and Layer 3 operations. MAP-3120: support Layer 2 operation only.
PAGE 8

1.4 Network Topology MAP-3100s can be used to create two network topologies: a closed network or an Internet access network that attaches to a network with connectivity to the Internet. In a closed network infrastructure, as shown in figure below, all devices are configured to operate in the same mode (Relay mode).
PAGE 9

An Internet access network, as shown in figure below, is typically used to provide Internet availability to a number of clients that connect to the mesh network. Alternatively, this configuration can be used to provide access for client devices to remote resources on a private network. There must be one or more gateway devices in such infrastructure that provides access from the mesh network to an external network. 1. The MAP-3100 supports 5 operating modes. Three for Layer 3, two for Layer 2. Note 2.
PAGE 10

operating in the two bands that the MAP-3100 uses. To detect the presence of other 802.11 devices, a tool such as Network Stumbler (http://www.netstumbler.com/downloads/) can be used. 2. Environmental factors The wireless network is easily affected by many environmental factors. Every environment is unique with different obstacles, construction materials, weather, etc. It is hard to determine the exact operating range of MAP-3100 in a specific location without testing. 3.
PAGE 11

2 Hardware Installation 2.1 Procedures Before you proceed with the installation, it is necessary that you have enough information about the MAP-3100. 1. Locate an optimum location for the MAP-3100. Plan for the output frequency of the MAP-3100, 2.4GHz or 5GHz. 2. Assemble the antennas to MAP-3100 follow the frequency band plan. Try to place them to a position that can best cover your wireless network. The antenna’s position will enhance the receiving sensitivity.
PAGE 12

2.2 Startup the MAP-3100 To get the initial management of the MAP-3100, please follow the steps. 1. Connect the MAP-3100’s LAN port to an active network. 2. Connect the PC to the network as well. This PC must be configured as a DHCP client. 3. Open PC Command Prompt and type “ipconfig /all” to check DHCP Server’s IP as shown in figure below. In this case, DHCP Server’s IP is 172.16.211.1. 4. Launch web browser and enter MAP private IP (DHCP Server’s IP), for example, https://172.16.211.1 into URL field.
PAGE 13

6. Enter default username “admin” and password “admin”, then press “OK” button. 7. Now, the MAP-3100 is ready for services. 2.3 Startup the MAP-3120 To get the initial management of the MAP-3100, please follow the steps. 1. Connect the MAP-3120’s LAN port to an active network. 2. Connect the PC to the network as well. This PC must be configured with a fixed IP in 192.168.0.x/255.255.255.0. 3. Launch web browser and enter MAP-3120 default IP , https://192.168.0.1 into URL field.
PAGE 14

5. Enter default username “admin” and password “admin”, then press “OK” button. 6. Now, the MAP-3120 is ready for services.
PAGE 15

Web Based Management 3 3.1 Configuration Menu Overview MAP-3100 has six main menus: System, Network, Services, Management, Tools and Status. Each main menu also will have its submenu.
PAGE 16

Route Watchdog (MAP-3100 only) System Watchdog Management HTTPD Configuration SNMPD Firmware Trap User Group (MAP-3100 only) Database (MAP-3100 only) Webspace (MAP-3100 only) Customize Login (MAP-3100 only) NMS Addresses Reboot Tools Ping TFTP Remove Clients (MAP-3100 only) Status Status Interfaces Services Ifconfig Route Users (MAP-3100 only) System Log Topology (MAP-3100 only) Mobile IP (MAP-3100 only) DHCP Client Info (MAP-3100 only) Neighbor Help Page 16 of 102
PAGE 17

3.2 System 3.2.1 System > System System Information page is shown in Figure 3.2.1.1. Figure 3.2.1.1: System Information page To configure System Information: a. Enter the name of device. b. Enter the location name that device located. c. Enter the contact person name for consulting about the device. d. Enter the contact person Email address. e. Enter the contact person phone number. f. Enter the description of the device. g. Object ID displays SNMP MIB object identification (OID) of system.
PAGE 18

WAN port is active and will be used for Internet Connection. Three types of Internet connection will be available, please refer to section 3.3.2 for more. Relay Layer 3 Relay Mode. Relay mode can help to route between mesh (MAP-3100 only) backhaul and local WiFi/LAN network. Also, a Relay mode Mesh AP can help to route the packets from other Relay node to the destination IP subnet or Gateway. WAN port is disabled at this mode. At the same time no WAN setting is required.
PAGE 19

Figure 3.2.2.1: Syslog configuration page To use Syslog: a. Click on “Active” drop down menu to enable or disable System Logging service. b. Click on “Klog” drop down menu to enable or disable Kernel Logging service. c. Select the logging level. There are 8 levels. If “Debug” is selected, all messages will be recorded. d. Click on “Remote Syslog” drop down menu to enable or disable remote syslog server. e. Enter the remote syslog server address. f.
PAGE 20

3.2.3 System > Advance Advance configuration page is shown in Figure 3.2.3.1. Figure 3.2.3.1: Advance configuration page The parameters in “Networking-CONNTRACK” field are for performance fine-tuning. They are not suggested to be altered unless you have fully understood the meaning and effect of every parameter. Maximum session Maximum allowable IP connection tracking session.
PAGE 21

Generic Timeout Timeout value in seconds (s) for generic connection track entry. Range: 50 ~ 1200; Default: 600 seconds. ICMP Timeout Timeout value in seconds (s) for ICMP entry. Range: 10 ~ 60; Default: 30 seconds. TCP Close Timeout Timeout value in seconds (s) for TCP close. Range: 5 ~ 30; Default: 10 seconds. TCP Close Wait Timeout Timeout value in seconds (s) for TCP close wait. Range: 10 ~ 120; Default: 60 seconds. TCP Established Timeout Timeout value in seconds (s) for established TCP.
PAGE 22

Bandwidth Mode Setup the bandwidth for Wireless Transmission, Normal 20 MHz and Turbo 40MHz Bandwidth Default: 20MHz Mesh Minimum Signal Mesh Backhaul Filter. With this numerical value, the Mesh Strength system will filter the weak connection accorginly. Range from 0 to 60.. Default: 0 (disable) 3.2.4 System > Profile Profile settings page is shown in Figure 3.2.4.1. Figure 3.2.4.1: Profile settings page There are 4 pre-defined profiles in mesh AP.
PAGE 23

OutdoorSR Outdoor Short Range Mode For distance above 400 meters and below 1 kilometers. 3.3 Network 3.3.1 Network > DNS Setting Network configuration page is shown in Figure 3.3.1.1. Figure 3.3.1.1: Network configuration page Primary DNS Primary Domain Name Server is used to translate domain names to IP addresses. Edit this field to match your ISP DNS address. It is suggested to fill in this field no matter in gateway or relay mode.
PAGE 24

3.3.2 Network > WAN (MAP-3100 only) WAN (Wide Area Network) are used to connect local area networks (LANs) to other networks through your ISP (Internet Service Provider). WAN configuration page is shown in Figure 3.3.2.1. Figure 3.3.2.1: WAN configuration page To configure WAN: 1. Choose option either for Static, DHCP or PPPoE. 2. Click on “Apply” button. 3. If you choose for Static option, Static IP configuration page will display as shown in Figure 3.3.2.2. Figure 3.3.2.
PAGE 25

different device on a computer network utilizing the Internet Protocol standard. Specify the Static IP address. • • Netmask – Specify subnet mask for this IP. “Apply” button – Click on “Apply” button if you have made any changes. New settings are active after the device reboot. 4. If ISP or network assigns the IP address dynamically using a DHCP server, select “DHCP” radio button and press Apply. Using this option, all the network related configuration will be provided by ISP or network. Figure 3.3.2.
PAGE 26

PPPoE configuration page contain the following parameter: • “Active” - Click on “Active” drop down menu to select enable or disable PPPoE service. • Authentication type- Choose the “PAP/CHAP” PPP control protocols. • Username – Specify PPPoE service username. • Password – Specify PPPoE service password. • Reconfirm password – Re-enter PPPoE service password to confirm it. • “Apply” button - Click on “Apply” button if you have made any changes. New settings are active after the device reboot. 1.
PAGE 27

3.3.3 Network > VLAN Virtual LAN is a method of creating independent networks within a physical network. Several VLANs can co-exist within such a network. This VLAN implementation is based on the IEEE 802.1Q tagging protocol. VLAN configuration page is shown in Figure 3.3.3.1. The default VLAN IP of every layer 3 node is different. However, when the device is in layer 2 mode, its default VLAN IP is always 192.168.0.1. Figure 3.3.3.
PAGE 28

Figure 3.3.3.2: VLAN0 – edit page VLAN0 - edit page contain the following parameter: ¾ Type – Click on “Type” drop down menu to select “Static” or “DHCP”. ¾ IP – Specify the VLAN IP address. ¾ Netmask – Specify the network mask for this IP. ¾ Routed – Click on “Routed” drop down menu to select “Routable address” or “NAT address”. A routeable network is visible to other Mesh Node. ¾ Comments – Specify VLAN comments. ¾ Active – Click on “Active” drop down menu to select enable or disable VLAN.
PAGE 29

Figure 3.3.3.3: VLAN1 – edit page VLAN1 - edit page contain the following parameter: a. Type – Click on “Type” drop down menu to select “Static” or “DHCP”. b. Routed – Click on “Routed” drop down menu to select “Routable address” or “NAT address”. c. Comments – Specify the VLAN1 comments. d. Active – Click on “Active” drop down menu to enable or disable VLAN1. e. “Apply” button – Click on “Apply” button if you have made any changes. New settings are active after the device reboot. 1.
PAGE 30

3.3.4 Network > Mesh Only when device is in layer 3 mode, the Mesh interface requires an Note isolated IP address. When device is in layer 2 mode, its Mesh interface uses the same IP address as its default VLAN. The layer 3 device will form a wireless mesh network with other device provided the correct configuration. Each of the mesh will have its own IP address. If two layer 3 devices have the same IP, one is not visible to each other in the mesh routing table.
PAGE 31

To configure Mesh: ¾ Specify the Mesh IP address. ¾ Specify the Network mask for this IP. ¾ Specify the Mesh comments. ¾ Click on “Active” drop down menu to enable or disable Mesh. ¾ Click on “Apply” button if you have made any changes. New settings are active after the device reboot. ¾ Click on “Wireless settings” button to edit Mesh – wireless. Mesh – wireless configuration page will display as shown in Figure 3.3.4.2. Figure 3.3.4.
PAGE 32

¾ Band – Click on “Band” drop down menu to select “802.11a”, “802.11b” or “802.11g” operating band. Choose 802.11a if you want to operates mesh network under the 5GHz spectrum and up to 54Mbps. However, make sure your hardware is supported for this kind of operation. Choose 802.11b for operation under 2.4GHz spectrum for rates up to 11Mbps. Choose 802.11g for operation under 2.4GHz that are backward compatible with 802.11b band. It can support rates up to 54Mbps.
PAGE 33

¾ Datarate – Click on “Datarate” drop down menu to select wireless network datarate. For example, 1 Mbps, 2 Mps, 5.5 Mbps…… ¾ Tx antenna – Click on “Tx antenna” drop down button to select “Diversity”, “Card Default”, “Port 1”, or “Port 2”. ¾ Rx antenna - Click on “Rx antenna” drop down button to select “Diversity”, “Card Default”, “Port 1”, or “Port 2”. ¾ Security – Add security features to the wireless network. Click on “Security” drop down button to select “Open”, “WEP” or “AES”.
PAGE 34

3.3.5 Network > Wireless AP configuration page is shown in Figure 3.3.5.1. Figure 3.3.5.1: AP configuration page To configure wireless AP interface: A. Mac address displays the MAC address of interface. B. Mode displays the operating mode: AP. C. Click on “Band” drop down menu to select “802.11a”, “802.11b” or “802.11g” operating band. D. Click on “Frequency” drop down menu to select operating frequency of the wireless network in Mhz. E.
PAGE 35

G. Current Tx Power shows current transmit power of the wireless card due to regulatory limitation H. Select Tx Power of the AP wireless card. I. Click on “Apply” button if you have made any changes. New settings are active after the device reboot. J. Click on “Edit” button to edit Active Virtual AP. AP configuration – edit page is shown in Figure 3.3.5.2. Figure 3.3.5.
PAGE 36

¾ Security - Click on “Security” drop down menu to select “Open”, “WEP”, “WPA”, or “AES”. o Open: no encrytion or security is applied. o WEP: Wired Equivalent Privacy. A encryption using either 64-bit or 128-bit to encrypt the network packets. o WPA: Wi-fi Protected Access is a class of systems to secure wireless networks. o AES: Advanced Encryption Standard. A encryption scheme that uses 128-bit to encrypt the network packets. ¾ Wireless Separation-Prevent the Wireless users to access each other.
PAGE 37

3.3.6 Network > Route Routing refers to selecting paths in a network along which to send data. Route configuration page is shown in Figure 3.3.6.1. Figure 3.3.6.1: Route configuration page To configure Route: a. To modify or remove specified route, click the button from “Configure” field. b. If you want to add new route, click “New Entry” button. Routes – add page will display as shown in Figure 3.3.6.2. Figure 3.3.6.
PAGE 38

Routes – add page contain the following parameter: ¾ Subnet – Enter the IP address of destination subnet. ¾ Netmask – Enter the IP address of destination subnet network mask. ¾ Direct – Click on “Direct” drop down menu to select “Direct” or “Indirect” route. ¾ Device – Click on “Device” drop down menu to select device. For example, WAN, VLAN0, VLAN1…… ¾ Comments – Enter the interface comments. ¾ Active – Click on “Active” drop down menu to enable to disable this interface.
PAGE 39

3.3.7 Network > IPSEC (MAP-3100 only) IP security (IPsec) is a suite of protocols for securing Internet Protocol communications by encrypting and/or authenticating each IP packet in a data stream. It provides an extra level of securing the data in the network. IPSEC configuration page is shown in Figure 3.3.7.1. Figure 3.3.7.1: IPSEC configuration page To configure IPSEC: a. Click on “Active” drop down menu to enable or disable IPSEC service. b.
PAGE 40

3.3.8 Network > L2TPC (MAP-3100 only) Layer 2 Tunneling Protocol ( L2TP ) is a tunneling protocol used to support virtual private networks (VPNs). L2TPC serves as a L2TP client that creates a tunnel through existing network to the designated peer computer or network. L2TCP configuration page is shown in Figure 3.3.8.1. Figure 3.3.8.1: L2TPC configuration page To configure L2TPC: ¾ Click on “Active” drop down menu to enable or disable L2TPC service. ¾ Enter the L2TP LNS address. ¾ Enter L2TP username.
PAGE 41

3.3.9 Network > OLSR (MAP-3100 only) Optimized Link State Routing protocol is a protocol to connect mobile ad-hoc networks. It is a link-state routing protocol that collects data about available network and then calculates an optimized routing table. OLSR configuration page is shown in Figure 3.3.9.1. Figure 3.3.9.1: OLSR configuration page To configure OLSR: a. Click on “Active” drop down menu to enable or disable OLSR service. b. Enter the value of TOS. Type Of Service (TOS ).
PAGE 42

16 : minimize delay. (Default) c. Click on “Willingness” drop down menu to enable or disable Willingness. Willingness will be calculated dynamically if disabled d. Enter the Willingness level. e. Hysteresis adds more robustness to the link sensing but delays neighbor registration. Click on “Hysteresis” drop down menu to enable or disable Hysteresis. f. Enter the Hysteresis Scaling. g. Enter the Hysteresis THR High value. h. Enter the Hysteresis THR Low value. i. Enter the Link Quality Type. j.
PAGE 43

3.4 Service 3.4.1 Service > DHCPD (MAP-3100 only) DHCP is a protocol used by networked computers (clients) to obtain unique IP addresses, and other parameters such as default router, subnet mask, and IP addresses for DNS server from a DHCP server. DHCPD configuration page is shown in Figure 3.4.1.1. Figure 3.4.1.1: DHCPD configuration page To configure DHCPD: a. To modify or remove specified DHCPD entry, click the button from “Configure” field. b.
PAGE 44

Figure 3.4.1.2: DHCPD – add page DHCPD – add page contain the following parameter: a. Interface – Click on “Interface” drop down menu to select interface. b. Subnet – Enter the interface network address. c. IP Start – Enter the IP address of IP start. d. IP End – Enter the IP address of IP end. e. Netmask – Enter the network mask for this network address. f. Max Lease – Enter the value of Max Lease. g. Lease – Enter the value of Lease. h. Domain – Enter the name of Domain. i.
PAGE 45

n. If you select to edit existing DHCPD, a page similar to Figure 3.4.1.2 with configured settings will be displayed. 3.4.2 Service > Firewall (MAP-3100 only) Firewall is used to allow or deny data either in or out. Firewall configuration page is shown in Figure 3.4.2.1. Figure 3.4.2.1: Firewall configuration page To configure Firewall: a. Click on “Active” drop down menu to enable or disable Firewall service. b. Click on top “Apply” button to confirm enable or disable Firewall service.
PAGE 46

Figure 3.4.2.1: Firewall – add page Firewall - add page contain the following parameter: ¾ Target – Click on “Target” drop down menu to allow or deny target. ¾ Source Interface – Click on “Source Interface” drop down menu to select source interface. For example, WAN, MESH, VLAN0…… ¾ Destination Interface – Click on “Destination Interface” drop down menu to select destination interface. For example, WAN, MESH, VLAN0…… ¾ Source IP – Enter the source IP address.
PAGE 47

¾ Comments – Enter the Firewall comments. ¾ Active – Click on “Active” drop down menu to enable or disable this Firewall service. ¾ “Apply” button – Click on “Apply” button to confirm add Firewall. New settings are active after the device reboot. e. If you select to edit existing Firewall, a page similar to Figure 3.4.2.1 with configured settings will be displayed. 3.4.3 Service > MAC Access MAC Access provides another level of security by filtering the packets coming into the device.
PAGE 48

d. From “Configure” field, you can “Modify” or “Remove” MAC Access. e. If you select to add new MAC Access entry, MAC Access – add page will display as shown in Figure 3.4.3.2. Figure 3.4.3.2: MAC Access – add page MAC Access - add page contain the following parameter: ¾ MAC – Enter the MAC address. ¾ Comments – Enter MAC Access comments. ¾ Active – Click on “Active” drop down menu to enable or disable MAC Access. ¾ “Apply” button – Click on “Apply” button to confirm add MAC Access.
PAGE 49

1. Turn on the MAC Filter with Type “Deny”, it will block all the accessing Note from WiFi or LAN. Be sure to key in, at least the manager’s MAC address or one known MAC address from “MAC Access List” with Type “Allow” before your reboot to make this feature active. 2. If you would like to BLOCK some certain backhaul route, you can Turn on MAC filter with “Allow”. Yet, in the “MAC Access List”, key in the desired Mesh node’s MAC address (that can be found in Neighbor in section 3.7.10) with Type “Deny”.
PAGE 50

d. If you select to add new entry, Virtual Server – add page will display as shown in Figure 3.4.4.2. Figure 3.4.4.2: Virtual server – add page Virtual server - add page contain the following parameter: ¾ Protocol – Click on “Protocol” drop down menu to select protocol. ¾ Port – Enter the Port number. ¾ IP – Enter the virtual server IP address. ¾ Comments – Enter proper comments. ¾ Active – Click on “Active” drop down menu to enable or disable this virtual server.
PAGE 51

Figure 3.4.5.1: NTP configuration page To configure NTP: a. Click on “Active” drop down menu to enable or disable NTP service. b. Click on “Time Zone” drop down menu to select suitable time zone. c. Click on top “Apply” button if you have made any changes. New settings are active after the device reboot. d. From “Configuration” field, you can select “Modify” or “Remove” NTP server. e. If you select to add new NTP server entry, NTP server – add page will display as shown in Figure 3.4.5.2.
PAGE 52

Figure 3.4.5.2: NTP – add page NTP server - add page contain the following parameter: ¾ Server – Enter the NTP server name. ¾ Comments - Enter NTP server comments. ¾ Active – Click on “Active” drop down menu to enable or disable this NTP server. ¾ “Apply” button – Click on “Apply” button to confirm add NTP server. New settings are active after the device reboot. f. If you select to edit existing NTP server, a page similar to Figure 3.4.5.2 with configured settings will be displayed. 3.4.
PAGE 53

Figure 3.4.6.1: Traffic Shaping configuration page To configure Traffic Shaping: a. Click on “Active” drop down menu to enable or disable traffic shaping. b. Enter the WAN Uplink Speed in Mbps. c. Enter the WAN Downlink Speed in Mbps. d. Enter the User Uplink Speed in kbps. e. Enter the User Downlink Speed in kbps. f. Click on top “Apply” button if you have made any changes. g. From “Configuration” field, you can select “Modify” or “Remove” Traffic Shaping rule. h.
PAGE 54

Figure 3.4.6.2: Traffic Shaping – add page Traffic Shaping - add page contain the following parameter: ¾ Protocol – Click on “Protocol” drop down menu to select “tcp”, “udp”, or “both” protocol of Traffic Shaping. ¾ Port – Enter the Traffic Shaping port number. ¾ Min Size – Enter the minimum packet size of Traffic Shaping. ¾ Max Size – Enter the maximum packet size of Traffic Shaping. ¾ Priority – Click on “Priority” drop down menu to select priority “Background”, “Video”, “Voice” or “Best effort”.
PAGE 55

Figure 3.4.7.1: PPTP Server configuration page To configure PPTP Server: a. Click on “Active” drop down menu to enable or disable PPTP Server service. b. Enter the PPTP Server IP address. c. Enter Client Start address. d. Enter Client End address. e. Click on top “Apply” button if you have made any changes. New settings are active after the device reboot. f. From “Configuration” field, you can select “Modify” or “Remove” PPTP user. g.
PAGE 56

Figure 3.4.7.2: PPTP User – add page PPTP User - add page contain the following parameter: ¾ Username – Enter the PPTP username. ¾ Password – Enter the PPTP password. ¾ Reconfirm Password - Re-enter PPTP password to confirm it. ¾ IP – Enter the IP address assigned to this user. ¾ Comments – Enter the PPTP comments. ¾ Active – Click on “Active” drop down menu to enable or disable this PPTP. ¾ “Apply” button – Click on “Apply” button to confirm add new PPTP User.
PAGE 57

Figure 3.4.8.1 To configure AutoIP, • Click on Active drop down menu to enable or disable autoIP. • Assign a Mesh IP Prefix to it. Default is 10. • Assign a VLAN0 IP Prefix to it. Default is 172. • Click “Apply” to save any changes made. New settings will be active after reboot.
PAGE 58

3.4.9 Service > Captive Portal (MAP-3100 only) Captive portal forces an HTTP client on a network to see a special authentication web page before surfing the Internet normally. Captive Portal configuration page is shown in Figure 3.4.9.1. Figure 3.4.9.1: Captive Portal configuration page To configure Captive Portal: ¾ Click on “Webbased Authentication” drop down menu to enable or disable Web based Authentication. ¾ Enter the URL to redirect users to this URL on success.
PAGE 59

¾ Enter the External Server URL. ¾ Enter the Default Idle Timeout. ¾ Enter the Default Session Timeout. ¾ Click on “Login using HTTP” drop down menu to enable or disable login with HTTP. ¾ Enter the HTTP port number used in captive login. ¾ Click on “Login using HTTPS” drop down menu to enable or disable login with HTTPS. ¾ Enter the HTTPS port number used in captive login. ¾ Click on “Internal Web Space” drop down menu to enable or disable internal web space.
PAGE 60

3.4.10 Service > RADIUS Remote Authentication Dial In User Service ( RADIUS ) is an AAA ( authentication , authorization and accounting ) protocol for applications such as network access or IP mobility. RADIUS client will verify authentication push by RADIUS server. RADIUS client configuration page is shown in Figure 3.4.10.1. Figure 3.4.10.1: RADIUS client configuration page To configure RADIUS client: a. Click on “Active” drop down menu to enable or disable RADIUS client. b. Enter the NAS ID. c.
PAGE 61

h. From “Configure” field, you can select “Modify” or “Remove” RADIUS server. i. If you select to add new RADIUS server entry, RADIUS server – add page will display as shown in Figure 3.4.10.2. Figure 3.4.10.2: RADIUS server – add page RADIUS server - add page contain the following parameter: a. Server Name – Enter the RADIUS server name. b. Server Type – Click on “Server Type” drop down menu to select “Authenticate” or “Accounting” server type. c. Server Port – Enter the number of Server Port. d.
PAGE 62

3.4.11 Service > Dynamic DNS Dynamic DNS allows an Internet domain name to be assigned with a dynamic IP address. Dynamic DNS configuration page is shown in Figure 3.4.11.1. Figure 3.4.11.1: Dynamic DNS configuration page To configure Dynamic DNS: a. Click on “Active” drop down menu to enable or disable Dynamic DNS. b. Click on “Server” drop down menu to select “dyndns”, “easydns”, “zoneedit”, or “tzo” dynamic DNS provider. c. Enter the Hostname that associated with the service provide. d.
PAGE 63

3.4.12 Service > Zero Config (MAP-3100 only) Zero Config configuration page is shown in Figure 3.4.12.1. Figure 3.4.12.1: Zero Config configuration page To configure Zero Config: a. Click on “Active” drop down menu enable or disable Zero Config service. b. Click on “Handle Client Proxy” drop down menu to enable or disable it. c. Enter the port number used in Proxy Login. d. Click on “Handle Static IP Client” drop down menu to enable or disable it. e.
PAGE 64

3.4.13 Service > Mobile IP (Future Feature for MAP-3100 only) Mobile IP configuration page is shown in Figure 3.4.13.1. Figure 3.4.13.1: Mobile IP configuration page To configure Mobile IP: a. Click on “Active” drop down menu to enable or disable Mobile IP service. b. Enter the Mobile IP network name. c. Enter the IP address of the Mobile Location Register server. d. Click on “Apply” button if you have made any changes. New settings are active after the device reboot.
PAGE 65

3.4.14 Service > Route Watchdog (MAP-3100 only) Route watchdog will probe for default route periodically. If default route is missing, it’ll change the SSID of active wireless radio to a desired value such as “ServiceDown”. If the default route still cannot be restored after specified number of interval, the system will be rebooted. Figure 3.4.14.1: Route watchdog configuration page To configure Route watchdog service: • Click on “Active” drop down menu to enable or disable route watchdog service.
PAGE 66

3.4.15 Service > System Watchdog System watchdog will constantly monitor the integrity of the system. During system locked up, kernel watchdog will trigger a system reboot to recover the system from failure. Figure 3.4.15.1: System watchdog configuration page To configure System watchdog service: • Click on “Active” drop down menu to enable or disable this service • Specify the interval watchdog will pull for system status. • Click on “Apply” button to save settings.
PAGE 67

3.5 Management 3.5.1 Management > HTTPD Webbased configuration management is done through the secure HTTP. HTTPD server configuration page is shown in Figure 3.5.1.1. Figure 3.5.1.1: HTTPD server configuration page To configure HTTPD server: ¾ Click on “Active” drop down menu to enable or disable HTTPD. ¾ Enter the HTTPD port number. ¾ Enter the HTTPD username. ¾ Enter the HTTPD password. ¾ Re-enter password to confirm it. ¾ Enter the certificate password.
PAGE 68

¾ Click on “Access Control” drop down menu to enable or disable access control. ¾ Click on top “Apply” button if you have made any changes. New settings are active after the device reboot. ¾ From “Configure” field, you can select “Modify” or “Remove” HTTPD. ¾ Add new HTTPD Access control page is as shown in Figure 3.5.1.2. Figure 3.5.1.2: HTTPD Access Control – add page HTTPD Access Control page contains the following parameters: a. Device – Click on “Device” drop down menu to select device.
PAGE 69

3.5.2 Management > Configuration Under this configuration menu, you can perform the following action. Configuration page is shown in Figure 3.5.2.1. Figure 3.5.2.1: Configuration page To use Configuration: a. Click on Restore Factory Settings “Default” button to restore factory default settings.
PAGE 70

b. Click on Backup configuration settings “Backup” button to save configuration settings file (config.cfg). c. Click on Restore configuration “Browse…” button to browse and select configuration file (config.cfg) to restore. After selected configuration file, click on Restore configuration “Upload” button to upload this file. d. Click on Upload New Webserver Certificate “Browse…” button to browse and select certificate file (*.pem).
PAGE 71

Figure 3.5.2.3: IPSEC Management – x509 page IPSEC Management – x509 page contain the following parameter: a. Local Certificate – Display existing local certificate and existing root certificate authority. Click on “Browse…” button to browse and select certificate as PKCS 12 file. Then, click on “Upload” button to upload selected certificate. b. Remote Certificate - Display existing certificate. Click on “Browse…” button to browse and select remote certificate as PEM file.
PAGE 72

3.5.3 Management > SNMPD Simple Network Management Protocol ( SNMP ) used to monitor devices for conditions that warrant administrative attention. SNMP configuration page is shown in Figure 3.5.3.1. Figure 3.5.3.1: SNMP configuration page To configure SNMP: ¾ Click on “Active” drop down menu to enable or disable SNMP management. ¾ Click on “Version” drop down menu to select “v1 or v2c”, “v3”, or “all” SNMP version. ¾ Enter the SNMP port number.
PAGE 73

¾ Enter the v2 Read Community” public ” . ¾ Re-enter v2 Read Community to confirm it. ¾ Enter the v2 Read-write Community” private ” . ¾ Re-enter v2 Read-write Community to confirm it. ¾ Enter the v3 Read Username “ snmpv3rouser ”. ¾ Enter the v3 Read-write Username” snmpv3rwuser ”. ¾ Enter the v3 Password“ snmpv3password ”. ¾ Re-enter v3 Password to confirm it. ¾ Enter the v3 Passphrase” snmpv3passphrase ”. ¾ Re-enter v3 Passphrase to confirm it” snmpv3passphrase ”.
PAGE 74

b. Using - Click on “Using” drop down menu to select “Device” or “Network”. c. Comments - Enter comments for this entry. d. Active - Click on “Active” drop down menu to enable or disable this entry. e. “Apply” button - Click on “Apply” button to confirm add new SNMP. New settings are active after the device reboot. c. If you select to edit existing SNMP, a page similar to Figure 3.5.3.2 with configured settings will be displayed.
PAGE 75

3.5.4 Management > Firmware On firmware upgrade management page, you can view the current firmware release version, update latest firmware. Please note that do not power off the device while upgrading the firmware. Otherwise you'll render this device unrecoverable. The firmware process will take around 6 minutes to complete. Firmware Upgrade page is shown in Figure 3.5.4.1. Figure 3.5.4.1: Firmware Upgrade page To use Firmware Upgrade: ¾ Click on “Browse…” button to browse and select firmware to upgrade.
PAGE 76

3.5.5 Management > Trap Trap used to report an alert or other asynchronous event about managed system. Trap configuration page is shown in Figure 3.5.5.1. Figure 3.5.5.1: Trap configuration page To configure Trap: a. Click on “Active” drop down menu to enable or disable Trap. b. Click on “Configuration” drop down menu to enable or disable configuration. c. Click on “Security” drop down menu to enable or disable security. d. Click on “Wireless” drop down menu to enable or disable wireless. e.
PAGE 77

j. Click on top “Apply” button if you have made any changes. New settings are active after the device reboot. k. From “Configure” field, you can select “Modify” or “Remove” Trap l. If you select to add new Trap, Trap server – add page will display as shown in Figure 3.5.5.2. Figure 3.5.5.2: Trap server – add page Trap server – add page contain the following parameter: a. IP – Enter destination IP to send trap. b. Community – Enter community of trap. c.
PAGE 78

3.5.6 Management > User Group (MAP-3100 only) Figure 3.5.6.1: User group page User group page pre-defines user bandwidth profiles. Upload Speed Limit upload speed limit. Default: 256 kbps. Download Speed Limit download speed limit. Default: 256 kbps. Idle Timeout idle timeout. Default: 300 seconds. Session Timeout session timeout. Default: 65000 seconds. Redirect to URL Redirect to URL after login success. Default: Empty.
PAGE 79

3.5.7 Management > Database (MAP-3100 only) Database contains list of local users that are currently configured to the database. Database Users page is shown in Figure 3.5.7.1. Figure 3.5.7.1: Database - Users page To configure Database – Users: a. User name display list of users. b. Click on “Remove” button to delete user. c. Click on “Modify” to edit user data. d. Click on Add new user “Add user” button to add new device user. Database - Add Users page will display as shown in Figure 3.5.7.2.
PAGE 80

3.5.8 Management > Webspace (MAP-3100 only) PLANET Mesh AP’s Captive portal is capable to store local web content. Webspace management is used to manage local web content. Figure 3.5.8.
PAGE 81

3.5.9 Management > Customize Login (MAP-3100 only) Customize login page is used to modify look and feel for the captive portal login page of PLANET Mesh AP. Figure 3.5.9.
PAGE 82

z add new language tamplate 3.5.10 Management > NMS Addresses NMS address is used for the system to report back to Network Management System located outside of the network. Figure 3.5.10.1 shows the list of active NMS server address. Figure 3.5.10.1 NMS Address List To configure the NMS address:• Select action of “Modify” or “New Entry” to call out the details configuration as shown in figure 3.5.10.2. Figure 3.5.10.2 NMS address parameter page.
PAGE 83

• Interval – specify the interval of report to NMS server • Comments – additional comments for the entry • Active – Enable or Disable this entry. • Press “Save changes“ to save the configuration • Reboot to enable new settings 1. At Layer 2 mode, the NMS Server IP address is required. Otherwise, Note the NMS server can never poll the device information once this Mesh node existed in the network. 2. At Layer 3 mode, the NMS Server IP address is not required.
PAGE 84

3.5.11 Management > Reboot You can perform system reboot from this page.
PAGE 85

3.6 Tools 3.6.1 Tools > Ping Ping page is shown in Figure 3.6.1.1. Figure 3.6.1.1: Ping page To use Ping: a. Enter the IP address to Ping. b. Enter the number of pings to send. c. Click on “Ping” button to display output of Ping command.
PAGE 86

3.6.2 Tools > TFTP TFTP page is shown in Figure 3.6.2.1. Figure 3.6.2.1: TFTP page To use TFTP: a. Enter the destination IP address of remote TFTP server. b. Click on “Operation” drop down menu to select “put”, “get” or “get and reboot” file to remote TFTP server. c. Enter the File Name to put or get. d. Click on “Type of File” drop down menu to select “config”, “firmware”, “ipsec x509 local”, “ipsec x509 remte”, or “ipsec rsa” file. e. Click on “Execute” button to confirm operation.
PAGE 87

3.7 Status 3.7.1 Status > Status System Status page is shown in Figure 3.7.1.1. Figure 3.7.1.1: System Status page 3.7.2 Status > Interfaces Interface page is shown in Figure 3.7.2.1. Figure 3.7.2.
PAGE 88

Interface page only display activated interface. So the page content will always change depend on activated interface. To use Interface: a. Click on Interface MESH “Get Details” button to obtain Interface MESH information. The page will display as shown in Figure 3.7.2.2. Figure 3.7.2.
PAGE 89

Interface ixp1 page contain the following parameter: ¾ Hardware Address: Display the hardware address of interface. ¾ IP Type: Display the IP type of this interface. ¾ IP Address: Display the IP address of interface. ¾ Broadcast Address: Display the broadcast address of interface. ¾ Netmask: Display the network mask of this IP. ¾ MTU: Display MTU value of interface. ¾ Rx bytes: Display Rx bytes value of interface. ¾ Tx bytes: Display Tx bytes value of interface.
PAGE 90

3.7.3 Status > Services Services page is shown in Figure 3.7.3.1. Figure 3.7.3.1: Services page Services page display status of each service.
PAGE 91

¾ Traffic shaping ¾ PPTP Server ¾ Remote Syslog ¾ SNMP Server ¾ Webbased Configuration ¾ Webservers In layer 2 mode, Services page contain the following parameter: ¾ Dynamic DNS ¾ NTP Client ¾ SSHD ¾ SNMP Server ¾ Syslog Server ¾ Webservers Page 91 of 102
PAGE 92

3.7.4 Tools > Ifconfig Ifconfig page is used to collect verbose information about device network interfaces. Figure 3.7.4.1: Ifconfig page To use Ifconfig: a. Click on “Ifconfig” button to display output of ifconfig command.
PAGE 93

3.7.5 Tools > Route Route page is used to collect information about device’s routing table. Figure 3.7.5.1: Route page To use Route: a. Click on “Route” button to display output of route command.
PAGE 94

3.7.6 Status > Users (MAP-3100 only) Figure 3.7.6.1: Users –Online Database page This page displays list of logged in users. 3.7.7 Status > System Log Figure 3.7.7.1: System Log page To use System Log: a. Click on “Get log” button to display output of system log command.
PAGE 95

3.7.8 Status > Topology (MAP-3100 only) Figure 3.7.8.1: Simple Topology page To view Topology: ¾ Click on “Reload” button to reload output content of topology command. 3.7.9 Status > Mobile IP (MAP-3100 only) Figure 3.7.9.
PAGE 96

3.7.10 Status > Neighbor Neighbor status page will show the mesh node status as in figure 3.7.10.1. It show neighbor with details such as Rate, RSSI, timeout. A click on the “view” under the Mac Table column will bring out the details of the specific node. The client’s MAC address that’s behind the node. The Mac Table page is shown in figure 3.7.10.2. Figure 3.7.10.1 Neighbor Status page Figure 3.7.10.2 MAC table of the specific nodes.
PAGE 97

4 Technical Support For Technical Support and other related feedback and information request, kindly please send your request to the following email: Email: support_wireless@planet.com.
PAGE 98

Appendix A Using the External Login Server MESH AP provides an option that allows administrator to redirect users to a remote server to log in to the public access interface instead of using the internal login page. The advantages of using the external login server are listed as follow: • The login page is completely customizable and centralized located at the web server. • Users can login to the public access interface without exposing their web browsers to the SSL certificate on the MESH AP.
PAGE 99

There are several macros available in order to retrieve information from the access point. Macro Description ##CLIENT_IP## The IP address of the login client ##REQUESTED_URL## Original URL on which the client is requesting. ##GATEWAY_LOGIN## The Access Point’s external login gateway. (https://:/X_Login.cgi) Where is the Common Name (CN) found in the Webserver Certificates.
PAGE 100

A-5 Login Success
PAGE 101
PAGE 102

--> ERROR Original Requested URL Access Point Hostname login name radius reply message --> LOGIN DENIED A-8 Certificates and hostname The Access Point will use the subject CN field in the installed certificates as its default hostname (provided the CN field contains a valid hostname, only [.-a-zA-Z] character is allowed).