User's Manual
Table Of Contents
- Cambium
- PMP 450 Operations Guide
- Safety and regulatory information
- Contents
- List of Figures
- List of Tables
- PMP support website: http://www.cambiumnetworks.com/support
- Cambium main website: http://www.cambiumnetworks.com/
- Sales enquiries: solutions@cambiumnetworks.com
- Email support: support@cambiumnetworks.com
- Cambium Networks
- 3800 Golf Road, Suite 360
- Rolling Meadows, IL 60008
- Growing Your Network
- Managing Bandwidth and Authentication
- Configuring quality of service
- Maximum Information Rate (MIR) Parameters
- Token Bucket Algorithm
- Maximum Information Rate Data Entry Checking
- Bandwidth from the SM Perspective
- Interaction of Burst Allocation and Sustained Data Rate Settings
- High-priority Bandwidth
- Traffic Scheduling
- Setting the Configuration Source
- Quality of Service (QoS) Tab of the AP
- DiffServ Tab of the AP
- Quality of Service (QoS) Tab of the SM
- DiffServ Tab of the SM
- Configuring a RADIUS server
- Understanding RADIUS for PMP 450
- Choosing Authentication Mode and Configuring for Authentication Servers - AP
- SM Authentication Mode – Require RADIUS or Follow AP
- Handling Certificates
- Configuring your RADIUS servers for SM authentication
- Configuring your RADIUS server for SM configuration
- Using RADIUS for centralized AP and SM user name and password management
- RADIUS Device Data Accounting
- RADIUS Device Re-Authentication
- RADIUS Attribute Framed-IP-Address
- Configuring quality of service
- Managing the network from a Network Management Station (NMS)
- Using Informational Tabs in the GUI
- Viewing General Status (AP)
- Viewing General Status (SM)
- Viewing Session Status (AP)
- Viewing Remote Subscribers (AP)
- Interpreting messages in the Event Log
- Viewing the Network Interface Tab (All)
- Viewing the Layer 2 Neighbors Tab (AP and SM)
- Viewing the Scheduler Tab (AP and SM)
- List of Registration Failures (AP)
- Interpreting Data in the Bridging Table (All)
- Translation Table (SM)
- Interpreting Data in the Ethernet Tab (All)
- Interpreting RF Control Block Statistics in the Radio Tab (All)
- Interpreting Data in the VLAN Tab (ALL)
- Viewing Data VC Statistics (All)
- Viewing Summary Information in the Overload Tab (All)
- Viewing Filter Statistics (SM)
- Viewing ARP Statistics (SM)
- Viewing NAT Statistics (SM)
- Viewing NAT DHCP Statistics (SM)
- Interpreting Data in the GPS Status Page (AP)
- Accessing PPPoE Statistics About Customer Activities (SM)
- Viewing Bridge Control Block Statistics (All)
- Using Tools in the GUI
- Using the Spectrum Analyzer Tool
- Graphical spectrum analyzer display
- Using the AP as a Spectrum Analyzer
- Using the Remote Spectrum Analyzer Tool (AP)
- Using the Alignment Tool (SM)
- Using the Link Capacity Test Tool (AP or SM)
- Using the AP Evaluation Tool (SM)
- Using the OFDM Frame Calculator Tool for Collocation (AP or SM)
- Using the Subscriber Configuration Tool (AP)
- Reviewing the Link Status Tool Results (AP)
- Using the BER Results Tool (SM)
- Using the Throughput Monitoring Tool (AP)
- Using the Sessions Tool (AP)
- Maintaining Your Software
- Troubleshooting
- General planning for troubleshooting
- General fault isolation process
- Secondary Steps
- Procedures for Troubleshooting
- Module Has lost or does not establish connectivity
- NAT/DHCP-configured SM has lost or does not establish connectivity
- SM Does Not Register to an AP
- Module has lost or does not gain sync
- Module does not establish Ethernet connectivity
- Module does not power on
- Power supply does not produce power
- CMM does not pass proper GPS sync to connected modules
- Module Software Cannot be Upgraded
- Module Functions Properly, Except Web Interface Became Inaccessible
- Reference information
Configuring a RADIUS server
PMP 450 Operations Guide
2-22
pmp-0049 (September 2012)
Configuring your RADIUS servers for SM authentication
Your RADIUS server will need to be configured to use the
following:
EAPTTLS or MSCHAPv2 as the Phase 1/Outer Identity
protocol.
If Enable Realm is selected on the SM‘s Configuration > Security tab, then the
same
Realm as appears there (or access to it).
The same Phase 2 (Inner Identity) protocol as configured on the SM‘s
Configuration
> Security
tab under Phase 2 options.
The username and password for each SM configured on each SM‘s
Configuration
> Security
tab.
An IP address and NAS shared secret that is the same as the IP address and Shared Secret
configured on the AP‘s Configuration > Security tab for
that
RADIUS server.
A server private certificate, server key, and CA certificate that complement
the
public
certificates distributed to the SMs, as well as the Canopy dictionary file
that
defines Vendor
Specific Attributes (VSAa). Default certificate files and
the
dictionary
file are available from the
software
site:
www.cambiumnetworks.com/support/pmp/software/ after entering your
name,
email address, and either Customer Contract Number or the MAC address of
a
module covered
under the 12 month
warranty.
Optionally, operators may configure the RADIUS server response messages (Accept or Reject) so that
the user has information as to why they have been rejected. The AP displays the RADIUS
Authentication Reply message strings in the Session Status list as part of each SM‘s information. The
SM will show this string (listed as Authentication Response on the SM GUI )on the main Status page in
the Subscriber Module Stats section.
(Note: Aradial AAA servers only support operator-configurable Authentication Accept responses, not
Authentication Reject responses).
Configuring your RADIUS server for SM configuration
Table 10 lists Canopy Vendor Specific Attributes (VSAs) along with VSA numbers and
other
details.
The associated SM GUI page, tab, and parameter is listed to aid
cross-referencing
and understanding
of the
VSAs.
A RADIUS dictionary file is available from the software
site:
www.cambiumnetworks.com/support/pmp/software/
The RADIUS dictionary file
defines
the VSAs and their values and is usually imported into the
RADIUS server as part of
server
and database
setup.