Chapter 2 Installing the Extricom WLAN System This chapter provides instructions for unpacking and installing the Extricom WLAN system. Unpacking the Extricom WLAN System The Extricom WLAN system is shipped with the following: One Extricom switch. CD which contains The Extricom WLAN System User Guide and Release Notes. APs (the number of APs is based on customer order and provided in separate boxes) are shipped as part of the overall order. One power cable.
Determining the Location of the Extricom Access Points Before installing the switch and access points, plan the placement of the APs. Before permanently mounting the APs, it is recommended to test the network (using a laptop client) to identify potential coverage holes. If such a problem exists, relocate an AP or add additional APs to resolve the coverage hole. The APs should be placed in a stable, secure location, such as on top of a closet or bookshelf, or mounted on a wall.
Figure 12. Extricom EXSW-2400 Switch Table 1 describes the front panel and connectors of Extricom EXSW800/1200/2400 switches.
Table 1. Extricom EXSW800/1200/2400/8000/1600 Switch Connectors Connectors Description Console Serial connector – only to be used by, or as instructed by, Extricom personnel for troubleshooting, support, or maintenance. Can be accessed using a Null modem cable. (RJ45 in case EXSW-1600) EXSW800 LAN EXSW1200/2400 LAN1, LAN2 RJ-45 connectors – used to connect the switch to the wired LANs. On EXSW-1200/2400 these connectors provide redundancy and load sharing between them.
Extricom EXRP-20/40 EXRP-20/40 Access Points Extricom APs have two connectors located on the side of the device and four LEDs located on the top of the device. LEDs WLAN Connector Power Connection Figure 15. Extricom EXRP-20/40 AP Table 3 describes the Extricom Access Point connectors.
WLAN Power connector External Antenna Connector Leds Table 3. Extricom AP Connectors Connectors Description Power External power is not required for most applications. Power is supplied through the Ethernet (PoE). In case of an external power requirement by the application, use a UL Listed LPS (Limited Power Source) or NEC Class II adapter. Rating – Input: 90-240VAC 0.8A max. Output: 48VDC 0.56A max.
Table 4.
Connecting the Switch and Access Points Extricom’s switch is connected to the wired LAN and the APs that are located throughout the enterprise. To connect the switch and access points: 1. Using a CAT-5e/6 100/1000Mbps cable, connect the switch RJ-45 LAN connector (located on the front panel of the switch, (refer to Figure 12) to the LAN switch. 2. Using a CAT-5e/6 cable, connect each AP (refer to Figure 12) to one of the switch’s RJ-45 WLAN connectors.
Chapter 3 Configuring the Extricom WLAN System After connecting the switch and AP, configure the Extricom WLAN system through Extricom’s web configuration GUI using a terminal or PC connected to the same LAN as the switch. To access the Extricom web configuration pages: 1. In your Web browser, enter the following: https:// where is the IP address of the switch provided with your purchase (for example, the URL should be https://1.2.3.
If you did not receive a user name and password with your switch, use the following factory default user name and password: user name: admin password: Switch1 The user name and password are case-sensitive. Using the Extricom Web Configuration Pages The Extricom Web configuration pages have three main areas: The navigation tree The menu bar The work area Menu Bar Navigation Tree Work area Figure 17.
The navigation tree provides access to the following Extricom Web configuration pages: LAN Configuration – used for configuring LAN parameters as well as Events and Statistics. WLAN Configuration – used for configuring WLAN parameters . SSID & Security – used for configuring SSID and security parameters and/or passwords and external RADIUS servers and their timeouts for redundancy. Advanced Features– used for configuring redundancy, TrueReuse, 802.
Configuring the LAN Parameters In the LAN Configuration page, you can configure the following: The LAN IP address and network mask, as well as a backup address and mask. The LAN interface and management VLAN tag IDs. The default gateway. The address of the System Log and how often (if at all) the log is written to. The address of the Monitor Log and how often (if at all) the log is written to. . To configure LAN parameters: 1. Click LAN Configuration in the navigation tree.
2. Configure the LAN parameters. Refer to Table 6 for a description of the LAN parameters. Table 6. LAN Configuration Parameters Field Description IP Address Enter the main IP address of the Extricom Switch. Network Mask Enter the network mask address. VLAN Management VLAN tag ID for VLAN access to manage the switch. 2nd IP Address Enter the backup IP address of the Extricom Switch. nd Enter the backup network mask address. nd 2 VLAN 2nd Management VLAN tag ID.
Field Description Syslog Interval (sec) Specify how often information is sent to the System Log. 3600 seconds is the recommend default interval. If you detect a problem, you can decrease the Syslog Interval to receive updates more frequently. 3. Click Update to save the configuration. The new configuration only takes effect after rebooting or reconfiguring the switch (refer to Rebooting the Extricom Switch on page 56).
Figure 21. WLAN Configuration Page - EXRP-40 - Radio 3 and 4 currently are not supported and do not appear in the Web Configuration GUI.
Table 7. WLAN Configuration Parameters Field Description Channel Options Enable Check this box if you want to enable the radio. WLAN Mode Select the WLAN mode. Possible options are: 802.11a 802.11b 802.11g for pure mode 802.11b/g for mixed mode Since the Extricom solution can support two simultaneous channels in the same frequency band, selecting the WLAN mode enables the Extricom solution to offer same band capability. This means that both radios can be set to: 1. 2. 3. 4. 5. 802.
Field Description Rate Configuration For each of the data rates listed, select whether the rate is Basic, Optional, or Disabled. When configuring the data rates, you should consider the data rate capabilities of the wireless devices in your enterprise. Basic – The Basic data rates are usually the data rates that the vast majority of your wireless devices can support. Only wireless devices that support all the Basic data rates will be connected to the WLAN system.
Field Description Other SSIDs Displays the list of SSIDs configured but not assigned to the channel. Add to Channel To add an unassigned SSID to the channel, select an SSID from the Other SSIDs list and check the Add to Channel option. The selected SSID is removed from the Other SSIDs list and added to the Assigned SSIDs list after clicking Update. New SSID To create a new SSID and assign it to the selected channel, enter a unique SSID name and check the Create and Assign option.
The following is the data structure used by the Extricom system: Each radio is assigned one channel. Each channel can support up to 16 different SSIDs. Each SSID can be associated with a VLAN tag. The same SSID name cannot be repeated for different channels. Table 8 shows this data structure with an example of possible channel, SSID and VLAN tag assignments. Table 8.
To configure SSID parameters: 1. Click SSID & Security in the navigation tree. The SSID & Security page appears (refer to Figure 22). Figure 22. SSID & Security Page 2. Configure the SSID parameters. Refer to Table 9 for a description of the SSID parameters.
Table 9. SSID Parameters Field Description SSID Choose SSID Select an SSID from the Choose SSID dropdown list. To add/remove SSIDs from this list, click WLAN Configuration (refer to Table 7). SSID Options Allow Default SSID If this option is enabled, a wireless device will be allowed to connect even without requesting a specific SSID (i.e., “default” or “any” SSID) to the Extricom WLAN. If this option is disabled, then a wireless device needs to connect to a specific SSID in the Extricom WLAN.
Field Description Allow Inter-Ess Forward If this option is enabled, two wireless devices connected to the Extricom WLAN with different SSIDs will be able to communicate with each other without going through a router. Traffic between wireless devices will not be forwarded to the LAN switch. This option must be enabled on both SSIDs. In order for wireless devices, associated to different SSIDs, to be able to communicate with each other, the SSIDs must be defined on the same VLAN (or no VLAN at all).
Field Description DTIM Period The period of time after which broadcast and multicast packets are transmitted to mobile clients in the Active Power Management mode. Select the DTIM period for the selected SSID. This is relevant for clients that want to utilize the power management capability. The possible values are 1-5. The default is 3. A high DTIM value may cause these clients to lose connection with the network.
3. Configure the security definitions for the selected SSID. Refer to Table 10 for a description of the Security parameters. Table 10. Security Definition Parameters Field Description Encryption & Authentication Choose method Define the method of encryption and authentication. A combination of encryption and authentication methods may be selected from the options detailed in the drop-down list.
Field WEP Keys Description Any security combination (Encryption and Authentication) can be selected by the user as a combination of the list and the check boxes. The WEP Keys area is only enabled if the cipher selected in the Choose Method field is WEP or WEP104. In the WEP Keys area, you define the WEP Key that is used for encrypting or decrypting. You can define all four WEP keys.
Encryption and Authentication methods. The “Choose Method” drop down list in “Encryption & Authentication” displays the following items for user selection: None WEP64 (Open) WEP128 (Open) WEP64 & 802.1x Authentication WEP128 & 802.1x Authentication WPA/WPA2 TKIP/AES & Pre Shared Key Authentication WPA/WPA2 TKIP/AES & 802.1x Authentication When the “WPA2 Only” is checked, only Clients with WPA2 support are allowed access to the WLAN.
Advanced Configuration of the Extricom WLAN Architecture The advanced configuration page of Extricom WLAN includes the following tabs: TrueReuse Advanced Rogue IDS Advanced Tab The Advanced tab includes the capability to configure the following: Redundancy parameters. SNMP parameters. 802.1d parameters In redundancy mode, two identical switches (H/W and configuration) are installed with the same number of connected APs.
To configure the Advanced Features parameters: 1. Click Advanced Features in the navigation tree. The Advanced configuration page appears (refer to Figure 24 ). 2. Select Advanced tab for configuring redundancy, TrueReuse and/or SNMP and/or 802.11d parameters 3. Configure the redundancy, and SNMP parameters. Refer to Table 11 for a description of the Advanced Features configuration information. 4. Select Rogue tab for configuring Rogue AP detection and parameters (refer to Figure 25). 5.
Figure 26 Advanced Features The Extricom WLAN System User Guide 43
Table 12. Advanced Configuration Tab Field Description True Reuse Select True Reuse in the appropriate Radio checkbox if you wish to use this mechanism. TrueReuse technology multiplies the bandwidth of a standard 802.11 channel by dynamically optimizing the reuse of each frequency.
6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. trap includes the AP’s BSSID, the switch port which detected the Rogue AP, the channel of the Rogue AP and the Rogue AP signal level (RSSI). Rogue Removed - This trap is sent when a new Rogue AP is detected. The trap includes the AP’s BSSID, the switch port which detected the Rogue AP, the channel of the Rogue AP and the Rogue AP signal level (RSSI).
Table 13: Rogue AP Tab Field Description Enable Enables Rogue AP detection function When Rogue AP detection is enabled the 2nd radio is not used for service. Allowed BSSIDs Displays a list of authorized APs (White List) Remove Removes checked BSSIDs from the white list. Edit Provides capability of editing the white list Add BSSID Add Adds the BSSID in the text box to the white list. BSSIDs may be added from events log. Figure 27: Rogue AP configuration.
IDS Tab Intrusion detection system (IDS): Malicious WLAN clients can cause a denial of service by flooding the WLAN network. Denial of services is identified through attack signatures or other factors, most of which are well-known. The IDS tab allows the user to enable this mechanism, set thresholds for identifying an attack and choose type of attack to be detected. The IDS mechanism detects 802.11 duration attack and 802.11 management messages flooding attacks.
Table 14: IDS Tab Field Description Enable Enables Intrusion detection Duration Attack Enable Enable - tick duration attack check box Duration Attack WLAN devices reserve the channel for a particular period of time and then start using the radio channel. This reservation of channel is for a particular period of time. This time period is the Network Allocation Vector (NAV) in the 802.11 .By using high NAV values an attacker can prevent other WLAN devices to utilize the wireless network.
Centralized Configuration Settings Centralized Configuration allows managing a group of identical Extricom switches (slaves) from one single master switch. The user should decide which switch will act as master. Extricom Switches have a built-in mechanism to discover the presence of other switches. In addition, the user is given the ability to manually configure the entries in the table of switches. Configuration changes on the master switch are propagated to the slave switches via a secured mechanism.
To configure Centralized Configuration parameters: Initial Setup 1. Configure the LAN settings on the Master switch 2. Generate an SSH key pair on the Master switch. This is done by clicking on the Update button next to the generate New SSH Keys. 3. Retrieve the SSH public key from the Master switch and save it in a file on your PC. 4. Manually configure each of the Slave switches’ LAN settings, and continue by uploading the previously saved master's public key on every Slave you wish to manage.
Access Point Powering The only configuration required for APs in the Extricom WLAN architecture is activation or deactivation of specified AP ports.. To access the Access Points page: Click on the Access Points in the navigation tree. The APs configuration page appears (refer to Figure 32). Figure 32. APs Configuration Page To configure APs: Configure the APs and click Update. Refer to Table 15 for a description of the APs configuration information.
Table 15. AP Configuration Page 52 Field Description Active APs Checked boxes indicate ports with attached and configured APs. If a port is “powered” but not “active”, the AP is malfunctioning. This field is read-only. Powered APs Checked boxes indicate ports with attached and powered-on APs. Un-checking a box will turn off the power on the AP. The box must be re-checked to enable the port. You do not need to reboot the switch for changes in AP configuration to take effect.
Configuration of the Extricom WLAN Architecture Utilities The utilities page includes two tabs and serves the following function: Viewing the System Configuration File. Uploading a new Configuration File (replace existing). Upgrading Extricom Firmware. Reconfiguring the Extricom system Rebooting the Extricom switch. Setting the Time and Date (separate tab). To access the Utilities configuration pages: Click Utilities in the navigation tree.
Figure 33. Utilities Configuration Page Viewing the System Configuration File The system configuration file contains all of the parameters that are configurable through the configuration utility. To view the system configuration: 1. In the Configuration section of the Utilities configuration page, click Configuration file. The system configuration file appears in your Web browser. 2. Review the configuration in the XML file.
To back up a configuration file: 1. In the Show Configuration section of the Utilities page, right-click Configuration file and select Save Target As. The File Download dialog box opens, and then the Save As dialog box opens. 2. Select the location in which to save the configuration file and click Save. The configuration file will be saved to the selected location. Uploading a New Configuration File A previously saved configuration file can be uploaded (e.g., a file saved for backup purposes).
4. Click Update to upgrade the firmware. 5. Reboot the switch (refer to Rebooting the Extricom Switch on page 56). The firmware upgrade file is GNU zipped (gzip). Some Internet browsers are configured to automatically unzip files when downloading. Verify that this option is disabled so that the upgrade file remains zipped after downloading. Rebooting the Extricom Switch You must reboot the switch to activate any changes you make to the switch configuration. To reboot the Extricom switch: 1.
Figure 35.
Setting Passwords in the Extricom Switch Passwords are set according to user levels. Refer to Table 16 for a description of the user access levels and their default passwords. Table 16. Default Passwords User Access Level Privileges Default Password admin Accessing the Web configuration. Switch1 The “operator” and “root” passwords are used when accessing the switch for maintenance and service purposes. Changing these passwords should be performed only by an Engineer authorized by Extricom.
Viewing a Summary of the Updated Configuration The Summary page provides a summary of the current configuration. To view a summary of the updated configuration: 1. Click Summary in the navigation tree. or Click Summary in the menu bar. The Summary page appears (refer to Figure 36). Figure 36. Summary Page Refer to Table 17 for a description of the summary information. Table 17.
Field Description Date Displays the date and time the summary was created. Uptime Displays the amount of time the switch has been active. LAN Configuration IP Address Displays the IP address of the switch. MAC address Displays the base MAC address of the switch near the MAC address. Regulatory Domain Displays the regulatory domain name currently in use by the switch. Network Mask Displays the network mask. Default Gateway Displays the default gateway IP address.
Viewing Extricom Information Information about firmware versions currently installed in the Extricom Wireless LAN system can be viewed in the About page. To view Extricom information: Click About in the navigation tree. or Click About in the menu bar. The About page appears.
Chapter 4 Troubleshooting Table 18 lists possible problems you may encounter with your WLAN and provides possible solutions. If after trying the solutions you are still experiencing difficulties, contact Extricom Customer Support. Table 18. Troubleshooting Problem Solution The AP Power LED is not lit.
Problem Solution Wireless devices disconnect in a specific location Cannot access the switch’s Web configuration GUI 64 Verify that there is no additional cause of interference (e.g., an additional WLAN network in the same proximity using the same frequencies as the Extricom WLAN, or that there are no cordless phones using the same frequencies, or microwave oven interference). Add an additional AP to cover the area. Plug another AP into the switch, or relocate an existing Access Point.
Appendix A Specifications Extricom Switch Specifications Standards WLAN IEEE 802.11a, 5GHz IEEE 802.11b, 2.4GHz (short/long preamble support) IEEE 802.11g, 2.4GHz (pure mode) IEEE 802.11b/g, 2.4GHz (mixed mode) IEEE 802.11d Ethernet IEEE 802.3x, full/half duplex IEEE 802.1q, VLAN tagging Interfaces APs Wired LAN EXSW-2400 – 24x 100BaseT Ethernet with IEEE 802.3af PoE (out of band) EXSW-1200 – 12x 100BaseT Ethernet with IEEE 802.
Wireless Performance Channels Up to 2 simultaneous WLAN channels Capacity Up to 108Mbps Aggregate WLAN connection-rate (2 channel blankets, each with 54 Mbps) Inter-AP handoff 0 ms intra-switch Management User Interface Secure Web-based Graphical User Interface (GUI) SNMP Traps, using SNMP Version 2c Logging Remote and local SYSLOG Upgrades Firmware upgrade through Web from anywhere in the LAN.
LEDs Power LAN Activity WLAN Port Activity Power EXSW800: 100-240VAC ,50-60Hz, 2A max EXSW-1200/2400: 100-240VAC ,50-60Hz, 5A max EXSW-8000: 100-240VAC ,50-60Hz, 3A max PoE (IEEE 802.3af) to WLAN ports: 15W for each port Environmental Operational Temperature: 0°C to 45°C (32°F to 122°F) Humidity: 0% to 90%, non-condensing Storage Temperature: - 20°C to +70°C (-49°F to 185°F) Humidity: 0% to 90%, non-condensing Extricom Access Point Specifications WLAN Standards IEEE 802.11a, 5GHz IEEE 802.11b, 2.
802.11g Max: 15 dBm Supported Rates 802.11a 6, 9, 12, 18, 24, 36, 48 and 54 Mbps 802.11g 6, 9, 12, 18, 24, 36, 48 and 54 Mbps 802.11b 1, 2, 5.5, and 11 Mbps Receive Sensitivity 802.11a: 6 Mbps: -88 dBm 9 Mbps: -87 dBm 12 Mbps: -86 dBm 18 Mbps: -84 dBm 24 Mbps: -81 dBm 36 Mbps: -77 dBm 48 Mbps: -73 dBm 54 Mbps: -69 dBm 802.11b/g 1 Mbps: -91 dBm 2 Mbps: -88 dBm 5.
Access (including modular approval) FCC Part 15 C FCC Part 15 E EN 300 328 EN 301 893 EN 300 489 Japan Type Certificate: Article 2, clause 1, Items 19, 19-2, 19-3, 19-13 Physical Properties Dimensions (W x H x D) 195mm x 150mm x 50mm (7.67" x 5.9" x 2") Weight 400gr (0.8 lb.) Installation options Horizontal (desktop) Vertical (wall mount) LEDs Power LAN Activity 2 x WLAN Activity (2 colors) Power PoE (IEEE 802.
Appendix Access Point Mounting Template 4.25 inches 10.7 cm. Important Note: Due to variations in printers, when printing this page, printer Page Scaling should be set to “None” or diagram may be automatically reduced in size. As a double-check, make sure distance between drill points is as indicated above. Figure 37.
The Extricom WLAN System User Guide 71