HotPoint Installation & Setup Guide HotPoint 4000/5000 AP FWC2050 WLAN Controller HotPoint 5200 MIMO Outdoor Access Point HotPoint 5100 MIMO Indoor Access Point FWC2050 Controller HotPoint 4200 MIMO Outdoor Access Point Manual Revision 2.0 2011-02-14 The contents of this Installation Guide are subject to change without notice. Please refer to the Firetide partners web site, partners.firetide.com, for current versions.
Safety Instructions Firetide 5200 units must be installed by a qualified professional. Failure to install this equipment properly may result in equipment damage, personal injury, or death. Explanation of Graphic Symbols Do not open the cover This symbol alerts the user to the presence of non-insulated dangerous voltage that • Dangerous voltages inside. may be of sufficient magnitude to constitute a risk of lethal electric shock to persons. • No serviceable parts inside.
Table of Contents The MIMO HotPoint Family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Setting Up Your FWC2050 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Setting Up Your Access Points. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter 1 The MIMO HotPoint Family The Firetide MIMO HotPoint Wireless Access Point System delivers a complete solution for indoor and outdoor wireless mesh networks. Firetide’s MIMO HotPoint family consists of five components: The FWC2050 Wireless LAN Controller: Each FWC2050 can control and manage up to 50 Firetide MIMO Access Points. The HotPoint 5100 Indoor Access Point: A dual-radio system supporting 802.11a, b, g, and n modes. One radio operates on the 2.4 GHz band and the other on the 5 GHz band.
Figure 1. FWC2050 Controller Setting Up Your Access Points The HotPoint 4100 and 5100 can be installed in any indoor location. The location should be selected based on antenna and coverage plans - best RF performance is obtained with antennas connected directly to the HotPoint AP, or with short, good-quality cables. The HotPoint 4200 and 5200 can be installed in any outdoor location. Again, location should be determined by antenna and coverage needs, not by Ethernet or power availability.
Chapter 2 Getting Started System Requirements The FWC2050 Controller, if used, must have layer 2 or layer 3 connectivity to all Firetide 4000 Series and 5000 Series Access Points. The system requires a DHCP server. If your network has one, it can be used. If desired, you can use the DHCP server built into the FWC2050. HotPoint 5000 versus HotPoint 4000 There are few operation or configuration differences between systems based on the 5000 Series and the 4000 Series.
Chapter 3 Access Point Tab Discovery Firetide HotPoint 5000 Access Points can operate as stand-alone devices, or be associated with Firetide Wireless Controllers. Controllerbased operation, called Managed Mode, offers many additional features, including roaming.
Configuration and Image Upgrade on the AP After each reboot of an access point AP, the AP will look for its Controller, using multicast. Upon reconnecting, the AP and Controller will re-synchronize on firmware levels and AP settings. As part of this state machine, the AP will load any new firmware image posted to the controller. It will also synchronize to any configuration changes that were done on the controller while the AP was offline.
Discovery Wizard If all APs were not discovered, run the Discovery Wizard. Manual Additions You will be asked to choose between two options: Option 1 - Add new factory-defaulted APs: Add new factory defaulted AP. This option should be chosen during staging the process. Here the controller and APs are going to be taken out of the box and configured for deployment. Option 2 - Add existing installed APs: Add existing installed APs.
Chapter 4 Configuration Tab System Menu General Settings Name: This is the FWC2050 name. By default, the name is FWC2050. Firetide recommends changing the name as soon as possible after setting up. The name must contain only alphabets, numbers, and hyphens, and must be 31 characters or less. Country/Region: This field displays the region of operation for the FWC2050 and the Access Points managed by the FWC2050. You must select a country or region.
IP Settings This page lets you to configure the Management IP address setting of the FWC2050. It has the following options: IP Address: This is the IP address of the FWC2050. The default IP address is 192.168.224.250. To change it, enter an available IP address from the address range used on your LAN. IP Subnet Mask: Enter the subnet mask value used on your LAN. The default value is 255.255.255.0. Default Gateway: Enter the IP address of the gateway for your LAN.
DHCP Server List Displays a list of DHCP Servers configured on the FWC2050. 12 Use VLAN Interface: Enable this option to provide IP addresses to clients in a specified VLAN. DHCP Server VLAN ID: Enter DHCP server VLAN ID. The VLAN ID range is between 1 and 4094. IP Network: This option is enabled only when “Use VLAN Interface” is enabled. This provides the IP address for the FWC2050 in specified VLAN; when VLAN is not selected the FWC2050 management IP/VLAN is used.
Certificates This option lets you add security certificates to your system. There are three elements: Password: Encrypts the Controller Key. Controller Key: The private key used by the Controller to decrypt messages. Controller Certificate: The public key of the Controller. The default key is signed by Firetide. CA Certificate: The signed certificate of the Certificate Authority. All keys and certificates are in PEM format.
Alerts Syslog Configuration This page lets you configure the settings to connect to a Syslog server. Enable Syslog: Enable the Syslog settings, if you have a Syslog server on your network. Syslog Server IP Address: Enter the IP address to which the FWC2050 and managed Access Points will send all SysLogs, if SysLog option is enabled. Port: Enter the port number at which your Syslog server is configured to listen to requests.
Wireless Wireless - Basic and Advanced Wireless Settings for Basic and Advanced are similar; except that Advanced allows you to configure settings per Group. Wireless Mode: This option is enabled when Channel Allocation is disabled. In addition to the default 802.11ng mode, you can also choose 802.11b or 802.11bg. In 802.11bg mode, both 802.11n and 802.11g compliant devices can be used with the AP.
Channel Allocation Automatic Channel Allocation (ACA), when run, tries to optimize the channel allocation for access points based on clients, user data traffic load and observed nearby RF environment of access points in order to reduce interference. The algorithm takes into consideration interference, traffic load on the AP and neighborhood maps to come up with the best channel for an Access Point.
RF Management Basic and Advanced RF Management settings are similar, but Advanced allows you to configure settings per Group. Automatic WLAN Healing increases the transmit power of nearby Access Points to cover for an AP losing connection to the controller, or other loss. It works by periodically looking at the radio neighborhood maps and detecting any changes happening in the maps.
Advanced - QoS Settings QoS settings on the access point control downstream traffic flowing from the AP to client (AP EDCA parameters) and the upstream traffic flowing from the client to the AP (station EDCA parameters). 18 Data 3 (Voice): The highest priority queue, minimum delay; ideal for VOIP and streaming media. Data 2 (Video): The second highest priority queue, low delay. Video applications are routed to this queue. Data 1 (Background): Low priority queue with high throughput.
Security Basic Rogue AP Detection Unidentified access points that use the SSID of a legitimate network can present a serious security threat. Detecting rogue access points involves scanning the wireless environment on all available channels, looking for unidentified access points. These settings are applied to all managed APs. An AP is defined as rogue if all of the following are true: 1. AP’s Radio BSSID is observed by any of the managed APs, 2.
This is a sample rogue and neighbor screen: 20 HotPoint FWC 2050 & Access Point User Guide February 2011
MAC Address Access Control Lists MAC ACL Restrictions can be applied to the unit, or per Group. Import MAC List from file: Allows you to import a list of MAC addresses. Treat ACL as: Lets you specify whether the imported list is allow or deny. Selected Wireless Stations: This table lists the stations that have been allowed access to the network through this Access Point. Click Delete to delete a wireless station from the Selected wireless clients table list.
Configuring a RADIUS Authentication Server Primary Authentication Server: The Primary Authentication Server is the main Radius server used for authentication. The IP Address, Port, and Shared Secret information is required to communicate with Radius Server. The Shared Secret is shared between the Wireless Access Point and the Radius Server while authenticating the Wireless client.
Configuring RADIUS per Group RADIUS server parameters can also be configured per Group. Settings are the same as for a system-wide RADIUS server. Configuring an LDAP Authentication Server Server IP: Enter the LDAP Server IP address. Server Port: Enter the server’s port number. User Base DN: Enter the DN for the base of users. Admin Domain: Defines the administrative domain. Domain Admin User: User name for administering domain. Domain Admin Password: Password for Domain Admin User.