User's Manual
Table Of Contents
- Cambium
- PMP 450 Operations Guide
- Safety and regulatory information
- Contents
- List of Figures
- List of Tables
- PMP support website: http://www.cambiumnetworks.com/support
- Cambium main website: http://www.cambiumnetworks.com/
- Sales enquiries: solutions@cambiumnetworks.com
- Email support: support@cambiumnetworks.com
- Cambium Networks
- 3800 Golf Road, Suite 360
- Rolling Meadows, IL 60008
- Growing Your Network
- Managing Bandwidth and Authentication
- Configuring quality of service
- Maximum Information Rate (MIR) Parameters
- Token Bucket Algorithm
- Maximum Information Rate Data Entry Checking
- Bandwidth from the SM Perspective
- Interaction of Burst Allocation and Sustained Data Rate Settings
- High-priority Bandwidth
- Traffic Scheduling
- Setting the Configuration Source
- Quality of Service (QoS) Tab of the AP
- DiffServ Tab of the AP
- Quality of Service (QoS) Tab of the SM
- DiffServ Tab of the SM
- Configuring a RADIUS server
- Understanding RADIUS for PMP 450
- Choosing Authentication Mode and Configuring for Authentication Servers - AP
- SM Authentication Mode – Require RADIUS or Follow AP
- Handling Certificates
- Configuring your RADIUS servers for SM authentication
- Configuring your RADIUS server for SM configuration
- Using RADIUS for centralized AP and SM user name and password management
- RADIUS Device Data Accounting
- RADIUS Device Re-Authentication
- RADIUS Attribute Framed-IP-Address
- Configuring quality of service
- Managing the network from a Network Management Station (NMS)
- Using Informational Tabs in the GUI
- Viewing General Status (AP)
- Viewing General Status (SM)
- Viewing Session Status (AP)
- Viewing Remote Subscribers (AP)
- Interpreting messages in the Event Log
- Viewing the Network Interface Tab (All)
- Viewing the Layer 2 Neighbors Tab (AP and SM)
- Viewing the Scheduler Tab (AP and SM)
- List of Registration Failures (AP)
- Interpreting Data in the Bridging Table (All)
- Translation Table (SM)
- Interpreting Data in the Ethernet Tab (All)
- Interpreting RF Control Block Statistics in the Radio Tab (All)
- Interpreting Data in the VLAN Tab (ALL)
- Viewing Data VC Statistics (All)
- Viewing Summary Information in the Overload Tab (All)
- Viewing Filter Statistics (SM)
- Viewing ARP Statistics (SM)
- Viewing NAT Statistics (SM)
- Viewing NAT DHCP Statistics (SM)
- Interpreting Data in the GPS Status Page (AP)
- Accessing PPPoE Statistics About Customer Activities (SM)
- Viewing Bridge Control Block Statistics (All)
- Using Tools in the GUI
- Using the Spectrum Analyzer Tool
- Graphical spectrum analyzer display
- Using the AP as a Spectrum Analyzer
- Using the Remote Spectrum Analyzer Tool (AP)
- Using the Alignment Tool (SM)
- Using the Link Capacity Test Tool (AP or SM)
- Using the AP Evaluation Tool (SM)
- Using the OFDM Frame Calculator Tool for Collocation (AP or SM)
- Using the Subscriber Configuration Tool (AP)
- Reviewing the Link Status Tool Results (AP)
- Using the BER Results Tool (SM)
- Using the Throughput Monitoring Tool (AP)
- Using the Sessions Tool (AP)
- Maintaining Your Software
- Troubleshooting
- General planning for troubleshooting
- General fault isolation process
- Secondary Steps
- Procedures for Troubleshooting
- Module Has lost or does not establish connectivity
- NAT/DHCP-configured SM has lost or does not establish connectivity
- SM Does Not Register to an AP
- Module has lost or does not gain sync
- Module does not establish Ethernet connectivity
- Module does not power on
- Power supply does not produce power
- CMM does not pass proper GPS sync to connected modules
- Module Software Cannot be Upgraded
- Module Functions Properly, Except Web Interface Became Inaccessible
- Reference information
Configuring a RADIUS server
PMP 450 Operations Guide
2-20
pmp-0049 (September 2012)
SM - Phase 1 (Outside Identity) parameters and
settings
The protocols supported for the Phase 1 (Outside Identity) phase of authentication
are
eapttls (Extensible Authentication Protocol Tunneled Transport Layer
Security) and
eapMSChapV2
(Extensible Authentication Protocol – Microsoft Challenge-Handshake Authentication Protocol).
Configure an outer Identity in the Username field. This must match the Phase
1/Outer
Identity
username configured in the RADIUS server. The default Phase 1/Outer
Identity
Username is
―anonymous‖. The Username can be up to 128 non-special (no
diacritical
markings) alphanumeric
characters.
If Realms are being used in the RADIUS system (eapttls only), select Enable Realm and
configure an outer identity in the Identity field and a Realm in the Realm field. These must match the
Phase 1/Outer Identity and Realm configured in the RADIUS server. The default Identity is
―anonymous‖. The Identity can be up to 128 non-special (no diacritical markings) alphanumeric
characters. The default Realm is ―canopy.net‖. The Realm can also be up to 128 non-special
alphanumeric characters.
SM - Phase 2 (Inside Identity) parameters and
settings
If using eapttls for Phase 1 authentication, select the desired Phase 2 (Inside Identity) authentication
protocol from the Phase 2 options of PAP (Password Authentication Protocol), CHAP (Challenge
Handshake
Authentication
Protocol), and MSCHAPv2 (Microsoft‘s version of CHAP). The protocol
must
be
consistent with the authentication protocol configured on the RADIUS
server.
Enter a
Username for the SM. This must match the username configured for the SM on
the
RADIUS server.
The default Username is the SM‘s MAC address. The Username can be up
to
128 non-special (no
diacritical markings) alphanumeric
characters.
Enter the desired password for the SM in the Password and Confirm Password fields..
The
Password
must match the password configured for the SM on the RADIUS server.
The
default Password is
―password‖. The Password can be up to 128 non-special (no
diacritical
markings) alphanumeric
characters.
Handling Certificates
Managing SM Certificates via the SM GUI
The default public Canopy certificates are loaded into SMs upon factory software installation. The
default certificates are not secure and are intended for
use
during lab and field trials as part of
gaining experience with the RADIUS functionalities or as
an
option during debug. For secure
operation, an operator will want to create or procure their
own
certificates.