0 Maintaining the Access Point 258 Installation and User Guide: Airgo Access Point
A Using the Command Line Interface This appendix explains how to access and interact with the command line interface (CLI). For detailed information on specific commands, see the CLI Reference Manual. Using the Command Line Interface To connect to the AP for command line interface access using Secure Shell (SSH), do the following: 1 Launch your SSH client application. NOTE: SSH Communications provides an SSH client, http://www.ssh.com.
A Using the Command Line Interface 4 To see the list of available commands, type a question mark (?). For a list of hot keys (short cuts for console functions, press Ctrl-H. There are two important modes in console access, one is show mode and the other is config mode. In show mode, examine the AP’s configuration settings and status. Use config mode to change values. To go into either mode from the main command> prompt, type either show or config. Toggle between show and config modes by pressing Ctrl-P.
Using the Console Port for CLI Access 9 To see the list of available commands, type a question mark. For a list of hot keys (short cuts for console functions, press Ctrl-H. There are two important modes in console access, one is show mode and the other is config mode. In show mode, examine the AP’s configuration settings and status. Use config mode to change values. To go into either mode from the main command> prompt, type either show or config. Toggle between show and config modes by pressing Ctrl-P.
A Using the Command Line Interface 262 Installation and User Guide: Airgo Access Point
B Regulatory and License Information This appendix contains the regulatory and license information specific to the Airgo Access Point hardware and software. ID Access Point Requirement Details CERT1 Safety UL 1950 third edition TUV approval UL-2043 (Fire and Smoke) Compliance CERT2 EMC EMC Directive 89/336/EEC (CE Mark) CERT3 Radio Approvals FCC CFR47 Part 15, section 15.247 FCC (47CFR) Part 15B, Class B Emissions Canada IC RSS210 Japan MIC Radio Regulations Europe: ETS 300.
B Regulatory and License Information The Airgo AP is suitable for use in environmental air space in accordance with Section 300-22(c) of the National Electrical Code, and Sections 2-128, 12-010(3) and 12-100 of the Canadian Electrical Code, Part 1, CSA C22.1. This device complies with Part 15 of the FCC rules.
C External Landing Page API This appendix is a supplement to Chapter 8, “Configuring Guest Access,” which describes the process of authenticating and isolating guest user stations. Guest authentication is a web-based process that requires the user to open a web browser, which then automatically redirects the user to an authentication web page.
C External Landing Page API The station associates to the AP. The AP allows the station to obtain a DHCP based IP address and allows ARP and DNS queries. All other traffic is blocked. Web traffic is blocked and redirected to the ELPS. The ELPS provides web pages to authenticate users and subsequently signals the AP to allow the station access to a broader set of IP addresses (the Internet). The web server (ELPS) is also able to disconnect any of the previously connected stations.
Detailed Signaling Description and API Figure 189: User authentication using the External Landing Page Server (ELPS) (Captive Portal) The HTTP filter in the AP allows the station to obtain an IP address, but redirects any HTTP traffic to the web server. The URL used in the redirection provides the server with the MAC address of the station, the SSID used for the association, the IP address of the AP, and the original requested URL.
C External Landing Page API Once redirected to the web server, the user is able to browser only in the walled garden. This restricted set of web pages should provide a means to login into the network and optionally a means to obtain an account for first-time users. When a user is successfully authenticated, the ELPS returns a redirection URL that signals the AP to allow unrestricted access for the specific station (a Connection Request). Redirection URL generated by the ELPS: https://192.168.254.
Detailed Signaling Description and API Table 20: Fields in the STA-AP-to-ELPS Connection Response (continued) Field Description Xip Not used. Xssid The SSID. Xmac The MAC address of the station that has been authenticated. Xdata Should have a value of '3' for a successful connection. Xts A time stamp of the form yymmddhhMM, where yy=year, mm=month, dd=day, hh=hours, MM=minutes. To be valid, the time value (in UTC) must be within plus or minus 5 minutes of the AP's time.
C External Landing Page API The prefix portion of the URL was formed using the IP address originally passed to the web server as the gpm field (AP IP address). The URL is protected from modification, spoofing or reuse by the use of a timestamp and a cryptographic check value. The URL must always have the form: https:///Forms/ExtCmd_html_1? Note that the disconnect request will send the user to a “next page” that can put the user’s browser back into the web servers walled garden.
Check Value Algorithm Table 22: Fields in the STA-AP-to-ELPS Disconnect Response Field Description Xdata This should have a value of 8 for a successful disconnect. Xts A time stamp of the form yymmddhhMM, where yy=year, mm=month, dd=day, hh=hours, MM=minutes. To be valid, the time value (in UTC) must be within plus or minus 5 minutes of the AP's time. Xcv A SHA1 hash using the shared password. Station Forced Disconnect The web server can directly signal the AP to disconnect a station.
C External Landing Page API b The SSID that the station used to associate to the AP c The IP address of the AP 3 Have available the server key that is shared with the AP. This secret key authenticates the server to the AP. 4 Create the partial URL using the URL parameters of the form: Xcmd=&Xnp=&Xid=&Xip=&Xssid=&Xmac= &Xdata=&Xts= Any of the unused option parameters should be included, but the strings should be set to null.
D Alarms Alarms generated by the Airgo Access Point are stored persistently on the AP. The Airgo AP can store approximately 130 * 2 = 260 alarms in total. When the number of alarms exceeds this limit, the oldest alarm set is discarded. All alarms generated by the Airgo Access Point have the following parameters: • Event ID: The internal event number that uniquely identifies the event. • Log-level: The criticality of the event. All alarms are logged at the same criticality.
D Alarms • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • 274 “Policy: Policy Download Failed” on page 279 “Software Download: Image download succeeded” on page 280 “Software Download: Image download failed” on page 280 “Software Download: Software distribution succeeded” on page 281 “Wireless: Radio enabled (BSS enabled)” on page 282 “Wireless: Radio disabled (BSS disabled)” on page 283 “Wireless: BSS enabling failed” on page 283 “Wireless: Frequency changed” on page 2
Discovery: Discovered new node • • • • • “Security: EAPOL key exchange – message 2 timeout” on page 315 “Security: EAPOL key exchange – message 4 timeout” on page 316 “Security: EAPOL Group 2 key exchange timeout” on page 317 “L3 Mobility: Peer Mobility Agent Up” on page 318 “L3 Mobility: Peer Mobility Agent Down” on page 318 Discovery: Discovered new node Alarm generated when a new Airgo AP is discovered in the network Syntax DeviceId %s discovered node [deviceId=%s, IP=%s, Subnet=%s].
D Alarms Ip The IP address of the node being deleted Persona The persona of the node being deleted. Alarm Severity Severity Critical Description This alarm is generated when the discovered node is deleted from the system. When a node is deleted, all information about that node is erased from the Portal. If the node’s IP address falls within the discovery scope, then the node will be re-discovered and added back to the set of the discovered nodes on the next discovery sweep.
Enrollment: Node enrolled Usage Guidelines If this alarm occurs, the discovery server will not discover nor track any new nodes once this limit is reached. In such a case, delete unwanted nodes and manually add the nodes to the discovery database so they may be managed. Examples On Device AP_00-0A-F5-00-02-1F Node[Ip=192.168.74.245] managed node limit exceeded. Current managed nodes limit is 10.
D Alarms Enrollment: Node un-enrolled Alarm generated when the Airgo AP is rejected (un-enrolled) from the network Syntax NMPortal with DeviceId %s has successfully unenrolled the remote node having ApDeviceId=%s NodeIp=%s and Persona=%d Alarm Parameters DeviceId The device ID of the NMPortal ApDeviceId The device ID of the remote AP NodeIp The IP address of the remote AP Persona The persona of the remote AP 6 = Security Portal 2 = Normal AP Alarm Severity Severity Critical Description This al
Policy: Policy Download Failed from The device ID of the source of the policy time The time at which the policy was consumed Alarm Severity Severity Critical Description This alarm is generated when a policy is successfully downloaded to an AP. Usage Guidelines Informational log Examples For accesspoint Node AP_00-0A-F5-00-01-77 The policy [security.
D Alarms Examples For accesspoint Node AP_00-0A-F5-00-01-7D The policy [defaultpolicy.
Software Download: Software distribution succeeded Alarm Parameters Node The device ID of the remote AP image The image version from The device ID of the source of the image error The failure error code time The time at which the error occurred Alarm Severity Severity Critical Description This alarm indicates that an image is unsuccessfully downloaded and applied to an AP.
D Alarms Alarm Severity Severity Critical Description This alarm is when an image distribution is completed. Usage Guidelines Informational log Examples On DeviceId AP_00-0A-F5-00-01-77 , the Software image [0.7.0, build A.2286, AGN1dev, Airgo Networks Inc., ] distribution request from portal[AP_00-0A-F500-01-77 ] using the Distribution TaskId=000000 and with status=172.16.12.4, , 0, 947304168, 947304183, invalid image file.
Wireless: Radio disabled (BSS disabled) Examples Device ID AP_00-0A-F5-00-01-B6 radio 4 is enabled, its operational mode is 1 and operating on 64 See Also Wireless: Radio disabled (BSS disabled) Notification that an AP radio has been disabled Syntax "Device Id %s radio %d disabled" Alarm Parameters DeviceId The device ID of the Airgo AP Radio Identifies radio by interface ID on the access point Alarm Severity Severity Critical Description This notification indicates that an AP radio has been dis
D Alarms Alarm Parameters DeviceId The device ID of the Airgo AP Radio Radio interface on the AP Cause Code Reason for AP radio enabling failure Alarm Severity Severity Critical Description This notification indicates that AP rado enabling has failed.
Wireless: STA association failed Description This is a notification generated when operating frequency is changed for an AP radio due to either user triggers or events such as peridic DFS. The reason code can have a value of 0m, indicating that the reason is unspecified. The new channel ID is also provided.
D Alarms criteria 5 - Maximum station limit is reached based on the 'Max Stations' configuration for SSID 6 - SSID received in association request does not match SSID in AP configuration. This can occur more often when the AP is not broadcasting SSID in beacon (either due to SSID being surpressed or multiple SSIDs being configured) and station is associating with an AP with a different SSID.
Wireless: STA disassociated Description This is a notification generated when an association and authentication from an 802.11 station succeeds with the AP radio. In addition, count of current associated stations, type of association, and user ID is provided. User ID is user name if RADIUS authentication is used and MAC address otherwise.
D Alarms Reason Code 3 Description Disassociation triggered due to user action Usage Guidelines Informational log Examples Station disassociated for Device ID AP_00-0A-F5-00-01-B6 radio 4 00:0a:f5:00:3a:fe, CauseCode 0 station MAC See Also Wireless: WDS failed Notification that indicates a failure in formation of wireless backhaul Syntax "WDS trunk brought down for DeviceId %s radio %d remote MAC %s CauseCode %d" Alarm Parameters DeviceId The device ID of the Airgo AP Radio Radio interface ID on
Wireless: WDS up Examples WDS trunk brought down for Device ID AP_00-0A-F5-00-01-B6 radio 4 00:0a:f5:00:3a:fb, CauseCode 0 remote MAC See Also Wireless: WDS up Notification that indicates successful formation of wireless backhaul Syntax "WDS trunk established for DeviceId %s radio %d remote mac %s TrunkPort count %d CauseCode %d” Alarm Parameters DeviceId The device ID of the Airgo AP Radio Radio interface on the AP Remote MAC Address MAC address of remote end of backhaul link Backhaul Count Nu
D Alarms Wireless: WDS down Notification that indicates a wireless backhaul link has gone down Syntax "WDS trunk brought down for DeviceId %s radio %d remote MAC %s CauseCode %d" Alarm Parameters DeviceId The device ID of the Airgo AP Radio Radio interface on the AP Remote MAC Address MAC address of remote end of backhaul link Cause Code Indicates why backhaul link was bought down Alarm Severity Severity Critical Description This is a notification generated when a wireless backhaul has gone do
Security: Guest authentication succeeded Security: Guest authentication succeeded Notification that indicates a Guest Access Station has been successfully authenticated Syntax "For device-id %s , Guest authentication succeeded for STA %s on radio %d with SSID %s using captive portal %s and guest mode %d" Alarm Parameters DeviceId The device ID of the Airgo AP Station MAC address of the Guest STAtion Radio Radio interface on the AP SSID SSID on this AP with which the Guest has associated Captive P
D Alarms Alarm Parameters DeviceId The device ID of the AP Station MAC address of the Guest Station Radio Radio interface on the AP SSID SSID on the AP with which the guest has associated Captive Portal Landing page that has accomplished authentication of the Guest STA, either the internal landing page, or a URL identifying the external landing page that performed the authentication Guest Mode Currently, always set to 4.
Security: BP rejected by RADIUS server Port The port used to communicate with the RADIUS server Auth Zone The name of the Auth Zone on this AP of which this RADIUS server is a member Station MAC address of the Station Radio Radio interface on the AP User ID The Username SSID SSID on this AP with which the station has associated Alarm Severity Severity Critical Description This notification is generated when user authentication fails.
D Alarms Node The MAC address of the BP node Radio Radio interface on the AP Device ID The device ID of the BP node SSID SSID on the AP to which the station has associated Alarm Severity Severity Critical Description This notification is generated when a Bridge Portal (radio) authentication fails. The context of the BP radio and the RADIUS server that rejected the BP radio are also provided. A BP attempts authentication when a wireless backhaul is being established.
Security: Management user login success RADIUS timeout The current setting of the RADIUS timeout RADIUS retries The number of retries performed Station MAC address of the station Radio Radio interface on the AP User Supplicant user ID established during EAPOL Authentication exchange SSID SSID on the AP to which the station has associated Alarm Severity Severity Critical Description This notification is generated when the RADIUS server fails to respond within a certain timeout period.
D Alarms Management User Username of management user Privilege Level The privilege level of the management user (ignore in this release) Login access Type of access, console, or SSH (iognore in this release) Alarm Severity Severity Critical Description This notification is generated whenever a management user tries to log in to the local AP. Usage Guidelines This indicates that the AP has determined that a management user login has succeeded.
Security: STA failed EAPOL MIC check See Also Security: STA failed EAPOL MIC check Notification that indicates the AP has determined that a STA has failed a MIC check during the EAPOL authentication exchange Syntax "For device-id %s, the STA %s[%d] on radio %d with user-id %s and SSID %s failed an EAPOL-MIC check with auth-type %d during key exchange %d. (If using WPA-PSK, check the PSK on the STA.
D Alarms Security: STA attempting WPA PSK – no pre-shared key is set for SSID Notification that indicates the AP has determined that a STA is attempting WPA-PSK authentication, but no Pre-shared Key has been configured for the SSID Syntax "For device-id %s, the STA %s on radio %d attempted to do WPA-PSK based auth on the SSID %s but no pre-shared key is set.
Security: STA failed to send EAPOL-start Alarm Parameters DeviceId The device ID of the Airgo AP SSID SSID on the AP to which the station has associated Station The MAC address of the station Radio Radio interface on the AP RADIUS Usage The RADIUS server required for: Legacy 8021.
D Alarms SSID SSID on the AP to which the station has associated Authentication Type LEGACY 8021.x (2) or WPA EAP (4) Alarm Severity Severity Critical Description This notification is sent during authentication when the station fails to send an EAPOL-Start in order to begin the authentication using WPA-EAP or legacy 802.1X protocols. Usage Guidelines This indicates that the AP has determined that a STA has failed to send an EAPOL-Start. This might indicate a misconfiguration on the STA.
Security: RADIUS timeout too short Description This notification is sent during authentication, when the RADIUS server sends a bad response. The aniNotifCauseCode identifies the reason associated with this bad response. Usage Guidelines This indicates that the AP has determined that a RADIUS server has sent a bad or unexpected response. The response could be bad because the cryptographic signature check might have failed or because an attribute might be missing or badly encoded.
D Alarms Examples For device-id AP_00-0A-F5-00-01-89 , the RADIUS server 192.168.75.
Security: Upstream AP is using an untrusted auth server Examples For device-id AP_00-0A-F5-00-01-89 , the STA 00:0a:f5:00:05:f0 [0] on radio 0 with user paul and SSID NewYorkRm did not complete its auth sequence in time with auth-type 4 and enc-type 6 due to reason code 6 See Also EAP User-ID timeout, EAP Response Timeout Security: Upstream AP is using an untrusted auth server Notification that indicates the local BP has determined that the upstream AP is using an un-trusted auth server Syntax "For devic
D Alarms See Also Security: Upstream AP is using a non-portal node as its auth server Notification that indicates the local BP has determined that the upstream AP is using a non-portal node as an auth server Syntax "For device-id %s, the upstream AP %s with SSID %s authenticating via local BP radio %d is using a non portal node %s with certificate SHA-1 thumbprint %s as its auth server: YOUR ENROLLMENT DATABASE MIGHT BE OUT OF SYNC.
Security: Upstream AP failed MIC check during BP authentication Security: Upstream AP failed MIC check during BP authentication Notification that indicates the local BP has determined that the upstream AP has failed a MIC check on a received frame Syntax "For device-id %s, the upstream AP %s with SSID %s authenticating via local BP radio %d failed an EAPOL-MIC check with auth-type %d during key exchange %d" Alarm Parameters DeviceId The device ID of the AP AP The MAC address of the upstream AP SSID
D Alarms Security: Premature EAP-success received Notification that indicates the local BP has recevied an EAP-Success before authentication has completed Syntax "For device-id %s, the upstream AP %s with SSID %s authenticating via local BP radio %d sent EAP-Sucess before authentication completed : IT MIGHT BE A ROGUE AP" Alarm Parameters DeviceId The device ID of the Airgo AP AP The MAC address of the upstream AP SSID SSID on the AP to which the station has associated Radio Radio interface on the
Security: STA has failed security enforcement check Alarm Parameters DeviceId The device ID of the Airgo AP Station The MAC address of the station Radio Radio interface on the AP User User ID Group Group tag for this user (determined from RADIUS configuration) SSID SSID on the AP to which the station has associated Alarm Severity Severity Critical Description This notification is generated during Station authentication when no service profile has been configured for a given Group.
D Alarms User Supplicant User ID SSID SSID on the AP to which the station has associated.
Security: BP detected bad TKIP MIC on incoming unicast Radio Radio interface on the AP Alarm Severity Severity Critical Description This notification is generated when a bad TKIP MIC is detected on an incoming frame from a STA that is encrypted with the pairwise/unicast key. Usage Guidelines This indicates that the AP has detected an invalid TKIP MIC value on an incoming frame. All packets received by the AP are always encrypted with the pairwise/unicast key.
D Alarms Examples For device-id AP_00-0A-F5-00-01-89 , a bad TKIP MIC was detected by local BP radio 0 on an incoming unicast packet from the AP 00:0a:f5:00:06:22 See Also BP Detected Bad TKIP MIC on Incoming Multicast/Broadcast Security: BP detected bad TKIP MIC on incoming multicast/broadcast Notification that indicates the BP has detected a BAD TKIP MIC value in an incomng frame from the AP that is encrypted with the group/multicast/broadcast key Syntax "For device-id %s, a bad TKIP MIC was detected b
Security: STA detected bad TKIP MIC on incoming unicast Security: STA detected bad TKIP MIC on incoming unicast Notification that indicates a STA associated with this AP has detected a BAD TKIP MIC value in a frame it received from the AP encrypted with the pairwise/unicast key Syntax "For device-id %s, a bad TKIP MIC was detected by STA %s on radio %d on an incoming unicast packet from the AP" Alarm Parameters DeviceId The device ID of the AP Station The MAC address of the station Radio Radio inter
D Alarms Station The MAC address of the station Radio Radio interface on the AP Alarm Severity Severity Critical Description This notification is generated when a bad TKIP MIC is detected by an STA associated with a radio, identified by aniApRadioIndex, on an incoming multicast or broadcast packet from the AP where the packet is encrypted with the group/multicast/broadcast key. Usage Guidelines This indicates that the STA has detected an invalid TKIP MIC value on a received, multicast frame.
Security: EAP user-ID timeout interval. If this happens, the AP disassociates all STAs and prevents new STAs from associating for a period of 60 seconds. Examples For device-id AP_00-0A-F5-00-01-89 , the TKIP counter-measures lockout period has started for 60 seconds.
D Alarms Examples For device-id AP_00-0A-F5-00-01-89 , the STA 00:0a:f5:00:05:f0 [0] on radio 0 and SSID NewYorkRm did not send its user-id in time to complete its auth sequence with auth-type 4 and enc-type 6 See Also EAP Response Timeout, STA Authentication Timeout Security: EAP response timeout Notification that indicates the STA has failed to respond in a timely manner with an EAP response during the authentication exchange Syntax "For device-id %s, the STA %s[%d] on radio %d with user %s and SSID %s
Security: EAPOL key exchange – message 2 timeout sent from the RADIUS server – perhaps because it did not trust the RADIUS server’s credentials.
D Alarms Examples For device-id AP_00-0A-F5-00-01-89 , the STA 00:0a:f5:00:05:f0 [0] on radio 0 with user paul and SSID NewYorkRm did not send the WPA EAPOL-Key Pairwise Messg #2 in time where auth-type 4 and enc-type 6 See Also Security: EAPOL key exchange – message 4 timeout Notification that indicates the STA has failed to respond in a timely manner with EAPOL 4-way handshake message number 4 Syntax "For device-id %s, the STA %s[%d] on radio %d with user %s and SSID %s did not send the WPA EAPOL-Key P
Security: EAPOL Group 2 key exchange timeout Examples For device-id AP_00-0A-F5-00-01-89 , the STA 00:0a:f5:00:05:f0 [0] on radio 0 with user paul and SSID NewYorkRm did not send the WPA EAPOL-Key Pairwise Messg #4 in time where auth-type 4 and enc-type 6 See Also Security: EAPOL Group 2 key exchange timeout Notification that indicates the STA has failed to respond in a timely manner with EAPOL Group key exchange message number 2 Syntax “For device-id %s, the STA %s[%d] on radio %d with user %s and SSID
D Alarms L3 Mobility: Peer Mobility Agent Up Notification which indicates that the local Mobility Agent has established contact with a peer Mobility Agent Syntax Device %s detected Layer-3 Mobility Agent %s/%d is up Alarm Parameters DeviceId The device ID of the AP MA IP Address The IP Address of the peer Mobility Agent MA IP Maskbits The number of bits in the Mobility Agent’s subnet mask Alarm Severity Severity Critical Description This notification is generated when a peer Mobility Agent respo
L3 Mobility: Peer Mobility Agent Down Alarm Severity Severity Critical Description This notification is generated when a peer Mobility Agent fails to respond to keep-alives in a timely fashion. Usage Guidelines This indicates that the local Mobility Agent is no longer able to communicate with the peer Mobility Agent. Examples Device AP_00-0A-F5-00-01-89 detected Layer-3 Mobility Agent 192.168.75.
D Alarms 320 Installation and User Guide: Airgo Access Point
Glossary This glossary defines terms that apply to wireless and networking technology in general and Airgo Networks products in particular. 802.1x Standard for port-based authentication in LANs. Identifies each user and allows connectivity based on policies in a centrally managed server. 802.11 Refers to the set of WLAN standards developed by IEEE. The three commonly in use today are 802.11a, 802.11b, and 802.11g, sometimes referred to collectively as Dot11.
Glossary client utility This application executes on a station and provides management and diagnostics functionality for the 802.11 network interfaces. Differentiated Services Code Point (DSCP) A system of assigning Quality of Service “Class of Service” tags. Domain Name Service (DNS) A standard methodology for converting alphanumeric Internet domain names to IP addresses.
Glossary Hypertext Transfer Protocol over SSL (HTTPS) A variant of HTTP that uses Secure Sockets Layer (SSL) encryption to secure data transmissions. HTTPS uses port 443, while HTTP uses port 80. Independent Basic Service Set (IBSS) A set of clients communicating with each other or with a network via an access point. Internet Protocol (IP) The network layer protocol for routing packets through the Internet.
Glossary node Generic term for a network entity. Includes an access point, network adapter (wireless or wired), or network appliance (such as a print server or other non-computer device). Network Time Protocol (NTP) NTP servers are used to synchronize clocks on computers and other devices. Airgo APs have the capability to connect automatically to NTP servers to set their own clocks on a regular basis.
Glossary one or more wireless network adapters as “belonging” to a common group. Some access points can support multiple SSIDs, allowing for varying privileges and capabilities based on user roles. Secure Sockets Layer (SSL) A common protocol for message transmission security on the Internet.
Glossary True MIMO™ The Airgo Networks, Inc. implementation of the data multiplexing technique known as Multiple Input Multiple Output (MIMO). MIMO uses multiple spatially-separated antennas to increase wireless throughput, range, and spectral efficiency by simultaneously transmitting multiple data streams on the same frequency channel. Trunk In telecommunications, a communications channel between two switching systems.
Index Numerics 128-bit encryption 147 64-bit encryption 147 802.11 802.11a,802.11b,802.11g 7 definition 321 extensions 74 mode in 2.4 GHz band 74 policy configuration 74 802.11i 12 802.1p 8 802.1Q 8 802.
Index definition 321 details table 107 forwarding table 107 name prefix 107 statistics 108 bridging services 106 broadcast SSID in beacon 86 BSS.
Index implementing 181 to 184 manual 146 process 181 server options 146 status 205 enrollment portals description 4 flag 187 enrollment state 187 ESSID 322 eth0 interface 105 extended service set (ESS) 322 extensible authentication protocol (EAP) 147, 322 external landing page 56, 171 external RADIUS server 153 settings 157 F factory default portal flag 187 factory defaults AP configuration 249 resetting radio 66 fault management 210 field asterisk 33 filter alarm 219 statistics 128 table 126 filters 126
Index M MAC address association to AP 92 authentication 323 configuration 76 in topology window 186 MAC-ACL users 225 management interface options 8 VLAN 111 management information base (MIB) 130 management IP address 241 management portal description 4 system requirements 27 management VLAN 112 managing faults 210 users 221 maskbits 323 maximum number of leases 207 media access control (MAC) address 323 menu tree 39, 180 MIB.
Index rate adaptation 70, 73 real-time clock (RTC) 244, 245 rebooting AP 239 receiver rate adaptation 74 redundant security portal 204 regulatory and license information 263 Remote Authentication Dial-in User Service (RADIUS) advanced configuration 163 definition 324 servers, list of 153 use of 147 remote authentication dial-in user service (RADIUS) authentication zones 155 group attribute 163 server 155 server settings 157 with backhaul 133 remote MAC address 141 reporting AP 188 reports, configuration 24
Index statistics links 93 security 93 statistics, supplicant 159, 160 status of association 93 STP. see spanning tree protocol (STP) subnet 325 subnet mask 325 supplicant statistics 159, 160 supported standards and data rates 7 syslog configuration 241 viewing 220 system configuration, managing 240 requirements 27 system-determined band 69 T tagged VLAN 112 task roadmaps 14 TCID. see traffic class identifier (TCID) TCP/IP.
Index world mode country code 44, 62 influence on channels 69 multi domain support 44, 62 WPA security 151 WPA-AES 147 WPA-EAP 151 WPA-PSK 147, 151 WPA-PSK passphrase 37 WPA-TKIP 147 Z zone privacy 164 Installation and User Guide: NMS Pro 333
Index 334 Installation and User Guide: NMS Pro
