User's Manual
Table Of Contents
- Cambium
- PMP 450 Operations Guide
- Safety and regulatory information
- Contents
- List of Figures
- List of Tables
- PMP support website: http://www.cambiumnetworks.com/support
- Cambium main website: http://www.cambiumnetworks.com/
- Sales enquiries: solutions@cambiumnetworks.com
- Email support: support@cambiumnetworks.com
- Cambium Networks
- 3800 Golf Road, Suite 360
- Rolling Meadows, IL 60008
- Growing Your Network
- Managing Bandwidth and Authentication
- Configuring quality of service
- Maximum Information Rate (MIR) Parameters
- Token Bucket Algorithm
- Maximum Information Rate Data Entry Checking
- Bandwidth from the SM Perspective
- Interaction of Burst Allocation and Sustained Data Rate Settings
- High-priority Bandwidth
- Traffic Scheduling
- Setting the Configuration Source
- Quality of Service (QoS) Tab of the AP
- DiffServ Tab of the AP
- Quality of Service (QoS) Tab of the SM
- DiffServ Tab of the SM
- Configuring a RADIUS server
- Understanding RADIUS for PMP 450
- Choosing Authentication Mode and Configuring for Authentication Servers - AP
- SM Authentication Mode – Require RADIUS or Follow AP
- Handling Certificates
- Configuring your RADIUS servers for SM authentication
- Configuring your RADIUS server for SM configuration
- Using RADIUS for centralized AP and SM user name and password management
- RADIUS Device Data Accounting
- RADIUS Device Re-Authentication
- RADIUS Attribute Framed-IP-Address
- Configuring quality of service
- Managing the network from a Network Management Station (NMS)
- Using Informational Tabs in the GUI
- Viewing General Status (AP)
- Viewing General Status (SM)
- Viewing Session Status (AP)
- Viewing Remote Subscribers (AP)
- Interpreting messages in the Event Log
- Viewing the Network Interface Tab (All)
- Viewing the Layer 2 Neighbors Tab (AP and SM)
- Viewing the Scheduler Tab (AP and SM)
- List of Registration Failures (AP)
- Interpreting Data in the Bridging Table (All)
- Translation Table (SM)
- Interpreting Data in the Ethernet Tab (All)
- Interpreting RF Control Block Statistics in the Radio Tab (All)
- Interpreting Data in the VLAN Tab (ALL)
- Viewing Data VC Statistics (All)
- Viewing Summary Information in the Overload Tab (All)
- Viewing Filter Statistics (SM)
- Viewing ARP Statistics (SM)
- Viewing NAT Statistics (SM)
- Viewing NAT DHCP Statistics (SM)
- Interpreting Data in the GPS Status Page (AP)
- Accessing PPPoE Statistics About Customer Activities (SM)
- Viewing Bridge Control Block Statistics (All)
- Using Tools in the GUI
- Using the Spectrum Analyzer Tool
- Graphical spectrum analyzer display
- Using the AP as a Spectrum Analyzer
- Using the Remote Spectrum Analyzer Tool (AP)
- Using the Alignment Tool (SM)
- Using the Link Capacity Test Tool (AP or SM)
- Using the AP Evaluation Tool (SM)
- Using the OFDM Frame Calculator Tool for Collocation (AP or SM)
- Using the Subscriber Configuration Tool (AP)
- Reviewing the Link Status Tool Results (AP)
- Using the BER Results Tool (SM)
- Using the Throughput Monitoring Tool (AP)
- Using the Sessions Tool (AP)
- Maintaining Your Software
- Troubleshooting
- General planning for troubleshooting
- General fault isolation process
- Secondary Steps
- Procedures for Troubleshooting
- Module Has lost or does not establish connectivity
- NAT/DHCP-configured SM has lost or does not establish connectivity
- SM Does Not Register to an AP
- Module has lost or does not gain sync
- Module does not establish Ethernet connectivity
- Module does not power on
- Power supply does not produce power
- CMM does not pass proper GPS sync to connected modules
- Module Software Cannot be Upgraded
- Module Functions Properly, Except Web Interface Became Inaccessible
- Reference information
PMP 450 Operations Guide
Configuring a RADIUS server
pmp-0049 (September 2012)
2-25
Using RADIUS for centralized AP and SM user name and
password management
AP – Technician/Installer/Administrator
Authentication
To control technician, installer, and administrator access to the AP from a centralized
RADIUS
server:
1
Set Authentication Mode on the AP‘s Configuration > Security tab to RADIUS AAA
2
Set User Authentication Mode on the AP‘s Account > User Authentication
tab
(the tab only
appears after the AP is set to RADIUS authentication) to
Remote
or Remote then
Local
.
•
Local: The local SM is checked for accounts. No centralized
RADIUS
accounting (access control)
is
performed.
•
Remote: Authentication by the centralized RADIUS server
is
required to gain access to
the SM if the SM is registered to an
AP
that has RADIUS AAA Authentication Mode
selected. For up to
2
minutes a test pattern will be displayed until the server responds
or
times
out.
•
Remote then Local: Authentication using the centralized
RADIUS
server is attempted. If
the server sends a reject message, then
the
setting of Allow Local Login after Reject from
AAA determines
if
the local user database is checked or not. If the configured
servers
do
not
respond within 2 minutes, then the local user database
is
used. The successful login method is
displayed in the
navigation
column of the SM.
Either the same RADIUS server used for SM authentication can be
used
for user authentication and
accounting (access control), or a separate RADIUS
accounting
server can be used. Indicate your
network design under Authentication
Server Settings
in the AP‘s
Security
tab.
If separate accounting server(s) are used, configure the IP address(es) and Shared
Secret
(s)
in the
Accounting Server fields. The default Shared Secret is ―CanopyAcctSecret‖. Up to
3
servers can be
used for redundancy. Servers 2 and 3 are meant for backup and reliability,
not
splitting the database. If Server 1 doesn‘t respond, Server 2 is tried, and then server 3.
If
Server
1
rejects authentication, Server 2 is not
tried.