User's Manual
Table Of Contents
- Cambium
- PMP 450 Operations Guide
- Safety and regulatory information
- Contents
- List of Figures
- List of Tables
- PMP support website: http://www.cambiumnetworks.com/support
- Cambium main website: http://www.cambiumnetworks.com/
- Sales enquiries: solutions@cambiumnetworks.com
- Email support: support@cambiumnetworks.com
- Cambium Networks
- 3800 Golf Road, Suite 360
- Rolling Meadows, IL 60008
- Growing Your Network
- Managing Bandwidth and Authentication
- Configuring quality of service
- Maximum Information Rate (MIR) Parameters
- Token Bucket Algorithm
- Maximum Information Rate Data Entry Checking
- Bandwidth from the SM Perspective
- Interaction of Burst Allocation and Sustained Data Rate Settings
- High-priority Bandwidth
- Traffic Scheduling
- Setting the Configuration Source
- Quality of Service (QoS) Tab of the AP
- DiffServ Tab of the AP
- Quality of Service (QoS) Tab of the SM
- DiffServ Tab of the SM
- Configuring a RADIUS server
- Understanding RADIUS for PMP 450
- Choosing Authentication Mode and Configuring for Authentication Servers - AP
- SM Authentication Mode – Require RADIUS or Follow AP
- Handling Certificates
- Configuring your RADIUS servers for SM authentication
- Configuring your RADIUS server for SM configuration
- Using RADIUS for centralized AP and SM user name and password management
- RADIUS Device Data Accounting
- RADIUS Device Re-Authentication
- RADIUS Attribute Framed-IP-Address
- Configuring quality of service
- Managing the network from a Network Management Station (NMS)
- Using Informational Tabs in the GUI
- Viewing General Status (AP)
- Viewing General Status (SM)
- Viewing Session Status (AP)
- Viewing Remote Subscribers (AP)
- Interpreting messages in the Event Log
- Viewing the Network Interface Tab (All)
- Viewing the Layer 2 Neighbors Tab (AP and SM)
- Viewing the Scheduler Tab (AP and SM)
- List of Registration Failures (AP)
- Interpreting Data in the Bridging Table (All)
- Translation Table (SM)
- Interpreting Data in the Ethernet Tab (All)
- Interpreting RF Control Block Statistics in the Radio Tab (All)
- Interpreting Data in the VLAN Tab (ALL)
- Viewing Data VC Statistics (All)
- Viewing Summary Information in the Overload Tab (All)
- Viewing Filter Statistics (SM)
- Viewing ARP Statistics (SM)
- Viewing NAT Statistics (SM)
- Viewing NAT DHCP Statistics (SM)
- Interpreting Data in the GPS Status Page (AP)
- Accessing PPPoE Statistics About Customer Activities (SM)
- Viewing Bridge Control Block Statistics (All)
- Using Tools in the GUI
- Using the Spectrum Analyzer Tool
- Graphical spectrum analyzer display
- Using the AP as a Spectrum Analyzer
- Using the Remote Spectrum Analyzer Tool (AP)
- Using the Alignment Tool (SM)
- Using the Link Capacity Test Tool (AP or SM)
- Using the AP Evaluation Tool (SM)
- Using the OFDM Frame Calculator Tool for Collocation (AP or SM)
- Using the Subscriber Configuration Tool (AP)
- Reviewing the Link Status Tool Results (AP)
- Using the BER Results Tool (SM)
- Using the Throughput Monitoring Tool (AP)
- Using the Sessions Tool (AP)
- Maintaining Your Software
- Troubleshooting
- General planning for troubleshooting
- General fault isolation process
- Secondary Steps
- Procedures for Troubleshooting
- Module Has lost or does not establish connectivity
- NAT/DHCP-configured SM has lost or does not establish connectivity
- SM Does Not Register to an AP
- Module has lost or does not gain sync
- Module does not establish Ethernet connectivity
- Module does not power on
- Power supply does not produce power
- CMM does not pass proper GPS sync to connected modules
- Module Software Cannot be Upgraded
- Module Functions Properly, Except Web Interface Became Inaccessible
- Reference information
Configuring a RADIUS server
PMP 450 Operations Guide
2-16
pmp-0049 (September 2012)
Note, Aradial 5.3 has a bug that prevents ―remote device login‖, preventing usage of the user name
and password management
features.
Choosing Authentication Mode and Configuring for
Authentication
Servers - AP
On the AP‘s Configuration > Security tab, select the RADIUS AAA Authentication Mode. The
following describes the
other
Authentication Mode options for reference, and then the RADIUS AAA
option.
Disabled
: Requires no authentication. Any SM (except an SM that itself has been configured to
require RADIUS authentication by enabling Enforce Authentication as described below) will be
allowed to
register
to the
AP.
Authentication Server: Authentication Server in this instance refers to Wireless Manager in BAM-
only mode. Authentication will be
required
for an SM to register to the AP. Only SMs listed by
MAC address in the Wireless Manager database will
be
allowed to register to the
AP.
AP Pre-Shared
Key
: Canopy offers a pre-shared key authentication option. In this case, an
identical key
must
be entered in the Authentication Key field on the AP‘s Configuration >
Security tab and in the Authentication Key field on each desired SM‘s Configuration > Security
tab.
RADIUS
AAA
: To support RADIUS authentication of SMs, on the AP‘s Configuration >
Security tab
select
RADIUS AAA. Only properly configured SMs with a valid certificate will be
allowed to
register
to the
AP.
When RADIUS AAA is selected, up to 3 Authentication Server (RADIUS Server)
IP
addresses
and
Shared Secrets can be configured. The IP address(es) configured here
must
match the IP address(es)
of the RADIUS server(s). The shared secret(s) configured here
must
match the shared secret(s)
configured in the RADIUS server(s). Servers 2 and 3 are meant
for
backup and reliability, not
splitting the database. If Server 1 doesn‘t respond, Server 2 is
tried,
and then
server
3. If Server 1
rejects authentication, the SM is denied entry to the network, and does
not
progress trying the other
servers.
The default IP address is 0.0.0.0.
The
default Shared Secret is ―CanopySharedSecret‖. The Shared
Secret can be up to 32
ASCII
characters (no diacritical marks or ligatures, for
example).