WavePoint 10e User Manual Part Number: LUM0063AA Revision: 05/05/2014
Warranty FreeWave Technologies, Inc. warrants your FreeWave® Wireless Data Transceiver against defects in materials and manufacturing for a period of one year from the date of shipment, depending on model number. In the event of a Product failure due to materials or workmanship, FreeWave will, at its discretion, repair or replace the Product. For evaluation of Warranty coverage, return the Product to FreeWave upon receiving a Return Material Authorization (RMA).
WavePoint 10e Restricted Rights Any product names mentioned in this manual may be trademarks or registered trademarks of their respective companies and are hereby acknowledged. This manual is for use by purchasers and other authorized users of FreeWave products. No part of this manual may be reproduced or transmitted in any form or by any means, electronic or mechanical, or for any purpose without the express written permission of FreeWave Technologies, Inc.
WavePoint™ Product Safety Screw Torque For all connections, use these tightening torque minimum and maximum: l Minimum: 0.22 Nm. l Maximum: 0.25 Nm. WavePoint™ Conditions of Safe Use l l l Provision shall be made to prevent the rated voltage from being exceeded by the transient disturbances of more than 140% of the peak rated voltage. The WavePoint™ shall be mounted in an ATEX certified enclosure with a minimum IP54 ingress protection rating (as defined in EN-60529).
WavePoint 10e Table of Contents WavePoint™ Product Safety 3 Power Supply Cable 3 Screw Torque 4 WavePoint™ Conditions of Safe Use 4 Standards and Editions 4 Preface 15 Chapter 1: Introduction 17 Key Features and Supported Protocols 18 Wireless Operating Modes 18 Available Network Services 18 Device Management 18 Network Security 19 Requirements 19 Installation Settings 19 Equipment and Configuration 20 Accessories 20 Product Variations 21 WavePoint 10e Labels 21 Sample:
WavePoint™ Product Safety Antenna Installation Warning 23 900MHz Antennas 24 2.4GHz Antennas 24 5GHz Antennas 25 Antenna Installation 26 Placement Considerations 26 Transmit Power Settings 27 RF Loss 27 WavePoint™ EIRP Limits 28 RF Considerations for 2.
WavePoint 10e Searching for Menus Chapter 2: Configuring Basic WavePoint™ Network Features Setting the Device IP Address and Subnet IPv4 Networks - Set the IP Address and Subnet Reserved Subnets Enabling and Configuring DHCP 35 37 38 38 38 39 IPv4 Addressing - Enable and Configure DHCP 39 Reserving IP Addresses 41 Reserve IP Addresses in an IPv4 Network 41 Delete a Specific LAN Reserved IP Address 41 Delete all Reserved IP Addresses 42 Using Multiple WANs or a Single WAN 42 Indicate the Numbe
WavePoint™ Product Safety Enable or Disable a Protocol Binding Configuration 54 Delete a Protocol Binding Configuration 54 Binding an IP Address to a MAC Address 54 Data Routing 55 Defining Static Routing Rules 55 Define a Static IPv4 Route 56 Delete an Existing Static Route 57 Defining Routing Internet Protocol Rules 57 Define RIP in IPv4 Networks 57 Virtual Local Area Networks (VLANs) 58 Enabling VLANs 59 Defining VLANs in the Network 59 Delete an Available VLAN 60 Mapping VLANs
WavePoint 10e Example 1: Point-to-Multipoint Setup Procedure Example 2: Point-to-Multipoint 80 80 81 Configuring Wireless Communication 82 Defining Advanced Radio Settings 85 Verify the Wireless Connection 88 Enabling Virtual Access Points 89 Change a Virtual Access Point's Settings Wireless Security 90 91 Authorizing Wireless Access 91 Restricting Access by MAC Address 92 Set the ACL Policy Type 93 Add or Edit MAC Addresses in the ACL List 93 Delete a Device from the List 94 Enabling
WavePoint™ Product Safety Default Outbound Policy Set the Outbound Traffic Policy Firewall Rules 99 100 100 Creating Firewall Rules for IPv4 100 Delete an IPv4 Firewall Rule 103 Disable an IPv4 Firewall Rule 103 Custom Services 103 Configure Custom Service Settings 104 Delete an Existing Custom Service 104 VPN Passthrough 105 Firewall Schedules 105 Configuring Firewall Schedules 105 Delete a Firewall Schedule 106 Application Rules 107 Configuring Application Rules 107 Delete an Ap
WavePoint 10e Configure Phase 2 Manual Policy Parameters Delete an IPsec VPN Policy Edit the Default DHCP Range Chapter 6: Management and Administration 117 118 119 121 Set Up Remote Access to the WAN Port 122 User Access Management 122 Users and Groups 123 Users 123 Groups 123 Factory Defined Users 123 admin 123 guest 123 Adding and Editing User Groups Default User Groups 124 124 Define and Assign User Group Login Policies 125 Define User Group Browser Policies 126 Define User Grou
WavePoint™ Product Safety Software Maintenance 130 Upgrade the WavePoint 10e Software 130 Back Up Configuration Settings 131 Restore Configuration Settings 132 Restoring Factory Default Settings 133 Rebooting 133 System Logging 134 Set Up System Event Logging 134 Logging Packet Traffic 135 Log Packet Traffic in an IPv4 Network 136 Sending Log Messages to Email Addresses 136 Sending Logs to Syslog Servers 138 Simple Network Management Protocol (SNMP) 139 Authentication Certificates
WavePoint 10e General Troubleshooting 147 Internet Connection and Browser Display 147 Cannot Access the Configuration Pages from a Computer on the LAN 147 Verifying the IP address of a Windows® Computer 148 Configuration Changes are not Saving 148 WavePoint 10e cannot Obtain an IP address from the ISP 148 WavePoint 10e can Obtain an IP address but the PC is Unable to Load Internet Pages 149 Date and Time 149 The Date Shown in the Log Files is January 1, 1970 149 The Time is off by One Hou
WavePoint™ Product Safety Index Page 14 of 171 167 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
Preface This document provides information to configure and setup the WavePoint 10e device and includes: l An introduction to the WavePoint 10e device and its key features. l Physical components of the device including its ports and LEDs. l Configuring a basic WavePoint 10e network. l Setting up wireless access. l Using a WavePoint 10e for local communication or as a Wi-Fi hotspot. l Performing general administrative tasks (e.g., setting up users, defining the system time).
Preface FreeWave provides technical support Monday through Friday, 7:30 AM to 5:30 PM Mountain Time (GMT -7). l Call toll-free at 1.866.923.6168. l In Colorado, call 303.381.9200. l Contact us through e-mail at moreinfo@freewave.com. Printing this Document This document is set to print double-sided with a front cover and a back cover. Viewing this document online with a PDF viewer, may show pages intentionally left blank to accommodate the double-sided printing.
Chapter 1: Introduction WavePoint 10e is a powerful, end-to-end wireless networking and communications platform. It comprises a product family of networking devices to solve network infrastructure and communications needs. The flexible WavePoint 10e platform delivers high-speed broadband data communications across an entire network and to any environment.
Chapter 1: Introduction l Key Features and Supported Protocols on page 18 l Requirements on page 19 l Accessories on page 20 l Product Variations on page 21 l Certified Antennas on page 23 Key Features and Supported Protocols The WavePoint 10e provides an industrial networking solution for a license-exempt market and includes these features and standard networking technology and protocols.
WavePoint 10e l Policy definition for when the WavePoint 10e is on and listening for network traffic. l Remote access and provisioning. l Logging services to monitor and track system performance using email logs, alerts, and external SYSLOG servers. l Network Time Protocol (NTP). l Unlimited users definition (subject to the network capacity). l Over the air firmware updates.
Chapter 1: Introduction Equipment and Configuration The equipment and configurations required prior to the initial WavePoint 10e setup and installation are: l A computer or laptop with: l Windows 7 operating system. l A web browser to access the web pages for configuration. l Supported browsers include: Microsoft Internet Explorer 9 and 10, Firefox 27, Google Chrome, Safari, and Opera. Note: Configuration pages are NOT optimized for browsers on mobile devices (e.g., tablets, smart phones, etc.
WavePoint 10e Contact a FreeWave reseller or FreeWave Technical Support if the package is missing parts or any parts were damaged during shipping. Note: Antennas are shipped separately. Product Variations WavePoint™ has a variety of configurations offering multiple feature sets. This manual describes these features and indicates the features that are only available on certain models. To identify the variation and model number of the WavePoint 10e, see the product label on the back panel.
Chapter 1: Introduction Note: The Port Assignment label designates which RF ports (the WavePoint™ TNC connectors) are used by which radio. WavePoint™ Components Data Connectors Quantity Connector 4 RJ-45 connector for 4 Ethernet ports RJ-45 connector for: 3 Page 22 of 171 l 2 - RS-232 l 1 - RS-485 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®.
WavePoint 10e Quantity Connector 1 Micro USB connector 1 Power connector used for DC power RF Connectors Module Maximum Connectors 900MHz RF modules 2 TNC connectors for spatial diversity* 2.4GHz RF modules 3 TNC connectors for 3x3 MIMO operation* 5.8GHz RF modules 3 TNC connectors for 3x3 MIMO operation* Cellular module 1 RF connector – TNC GPS module 1 RF connector – TNC *One active RF port is a typical configuration.
Chapter 1: Introduction c. The antennas used for the WavePoint™ must be fixed-mounted on outdoor permanent structures to provide the minimum separation distances described in this filing for satisfying RF exposure compliance requirements. d. When applicable, RF exposure compliance may need to be addressed at the time of licensing, as required by the responsible FCC Bureaus, including antenna co-location requirements of §1.1307(b)(3). 2.
WavePoint 10e 2.4GHz Antennas Type Antenna Model No of Channel Tx Streams Size Gain Minimum RF Safety Distance 40 MHz 20 MHz Omni ZDAQJ2400-12 12dBi 1 20cm 40 MHz 20 MHz Yagi YA240016 16dBi 1 20cm 40 MHz RadioWaves 20 MHz 60 degree sector 17.5dBi 2 SEC-25V-60-17HP Superpass Directional Panel* 20 MHz 20.5dBi 2 SPAPG20 25cm 40 MHz RadioWaves Dish* 20cm 40 MHz 20 MHz 27dBi 3 SPD4 - 2.
Chapter 1: Introduction 5GHz Antennas Type Antenna Model Gain No of Channel Tx Streams Size RadioWaves Directional Panel 20 MHz 28.2dBi 2 FP2-5-28 20 MHz 34.9dBi SPD4-5.2S 71cm 40 MHz RadioWaves Dish Minimum RF Safety Distance 3 154cm 40 MHz Antenna Installation Antennas must be professionally installed on a fixed, mounted, and permanent structure to satisfy RF exposure requirements. Warning! Any antenna placed outdoors must be properly grounded.
WavePoint 10e Transmit Power Settings The Transmit Power parameter is the output power of the transceiver. Important: The information in this section describes the FCC maximum Equivalent Isotropically Radiated Power (EIRP) regulations. The transceiver output power level must be set to satisfy the maximum requirements in the country the WavePoint 10e is installed in. The installer is responsible for ensuring that an installation is within EIRP emission limits.
Chapter 1: Introduction WavePoint™ EIRP Limits This table provides a summary of the FCC limits for the different frequencies available in WavePoint™. Note: See the www.fcc.gov site for the most up-to-date information. EIRP Limits Frequency Band PTP PTP PTMP PTMP Max EIRP (dBm) Max EIRP (watts) Max EIRP (dBm) Max EIRP (watts) 900 ISM (902-928 MHz) 36 4 36 4 2.4 ISM (2.4 - 2.483.5 GHz) 50 158 36 4 UNII - 1 (5.15 - 5.25 GHz) 22 0.16 22 0.16 UNII - 2a (5.25 - 5.35 GHz) 29 0.8 29 0.
WavePoint 10e Example: 2.4GHz with a 24 inch dish has a maximum output of 24dBm. 2.4GHz with a 27 inch dish has a maximum output of 23dBm. Point-to-Point Link Note: The FCC permits a maximum of 36dBm EIRP when using a transmitter set to 30dBm. However, for each 1dBm reduction in the transmitter power, the FCC permits an increase in antenna gain of 3dBi. Extrapolating this rule through different maximum power settings on the WavePoint™ provides these guidelines.
Chapter 1: Introduction RF Considerations for 900MHz ISM Band The 900MHz links requires these special considerations: l l A Path Study is needed to confirm the right RF characteristics of the link. The noise floor should be sampled at each site using similar antennas to the ones expected to be deployed. WavePoint™ GUI to Actual RF Power This table identifies the WavePoint™ GUI settings on the Advanced Radio window and their corresponding actual power out of the radio.
WavePoint 10e l Connect a CAT 5e Ethernet cable from an 802.3at (PoE+) source to one or both of the Ethernet PoE Connector ports on the left side of the connector panel. Note: Depending on the number of radios installed in the WavePoint 10e model, it may require power through both ports. Important: Power over Ethernet is only available on some models. l Connect a power supply to the green Standard Power port on the far right side of the connector panel. The WavePoint 10e requires power between 10.
Chapter 1: Introduction Wireless Access Multiple Repeaters WavePoint 10e provides wireless access by extending the distance of the network using back-toback Repeaters: Connecting and Logging In WavePoint 10e uses web pages for configuration. Setup and configure the WavePoint 10e while it is in an easily accessible location. Note: These instructions assume the computer has a static IP address assigned.
WavePoint 10e l Administrator - Can view and change all configuration settings. l Guest - Can view configuration settings but cannot save changes. Connect WavePoint 10e to a Computer Important: Initial setup requires a wired connection. 1. Verify the WavePoint 10e has power. 2. On the WavePoint 10e Connector Panel, connect a CAT 5e Ethernet cable from Ethernet port 3 or 4 to a computer that has a web browser installed. Note: Use a command line to ping 192.168.1.
Chapter 1: Introduction Configuration Pages Each WavePoint 10e is configured through a set of web pages visible after log in. Functionality and features are grouped in the menus across the top of the page. WavePoint™ menus Click a menu to view the menu and its sub-menus with links to individual Configuration pages. The pages are used to change each feature of the WavePoint™ configuration. This image is an example of the Status > Logs menu.
WavePoint 10e Searching for Menus Search for a menu by menu keyword using the Menu Search field located below the Logout button. WavePoint 10e searches and shows the menus that match the keywords entered in the field: Example: Menu Search field Note: The Auto Configure utility to configure the basic radio settings is not supported. LUM0063AA Rev 05/05/2014 Page 35 of 171 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®.
Page 36 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
Chapter 2: Configuring Basic WavePoint™ Network Features This chapter provides information about: l Setting an IP address that is unique in the network. l Defining the subnet. l Configuring the optional DHCP server. l Reserving IP addresses within an address pool. l Enabling, disabling, and configuring WAN ports and the wider network. l Setting the WavePoint 10e mode. LUM0063AARev 05/05/2014 Page 37 of 171 This document is the property of FreeWave Technologies, Inc.
Chapter 2: Configuring Basic WavePoint™ Network Features Setting the Device IP Address and Subnet For the WavePoint 10e to exist in the network, it must have a unique IP address and exist in the correct subnet. IPv4 Networks - Set the IP Address and Subnet Reserved Subnets Important: WavePoint™ has reserved subnets that cannot be used to administrate the WavePoint™ device. These subnets are reserved for (Virtual Access Points) VAPs. The subnets that CANNOT be used are: l 192.168.2.0/24 l 192.168.3.
WavePoint 10e Important: Write down the updated IP address to access this device through the LAN or over a wireless connection. 4. Click Save to save the changes or Cancel to clear any changes without saving. Note: When the IP address is changed and saved, the Configuration page no longer responds because the IP address is saved to the WavePoint 10e and the connection is lost. To reconnect, enter the new IP address in the web browser window, verifying the PC’s IP address is within the same subnet.
Chapter 2: Configuring Basic WavePoint™ Network Features l l l within the range specified in the Starting IP Address and Ending IP Address fields. additional TCP/IP settings to any LAN device that requests a DHCP address. DHCP Relay - If enabled, LAN devices that request a DHCP address receive IP address leases and corresponding information from a DHCP server on a different subnet within the network. l l WavePoint 10e routes the request to the Gateway IP address specified in the Relay Gateway field.
WavePoint 10e Reserving IP Addresses If a WavePoint 10e is used in the network as a DHCP server to assign IP addresses, reserve part of the IP address range for devices within the network for statically assigned IP addresses in the network. When the WavePoint 10e receives a request from an IP address from a device in the network, it compares the hardware address to the MAC addresses saved in the reserved IP addresses list.
Chapter 2: Configuring Basic WavePoint™ Network Features Delete all Reserved IP Addresses Right-click anywhere in the table and click Select All > Delete. Using Multiple WANs or a Single WAN WavePoint 10e supports a maximum of two WANs. Setting up both WANs allows redundancy in the WAN by setting up one WAN as a secondary to back up the first in case of a network failure. Using two WANs also allows balancing the data traffic load across multiple links.
WavePoint 10e Configuring the WAN in an IPv4 Network WavePoint 10e has two WAN ports that can be configured to have separate settings. Use the settings on the WAN IPv4 pages to define the properties for each WAN port. Defining WAN Connections Using Static IP Addresses Assign a static IP address to the WavePoint 10e for WAN traffic. Procedure 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2.
Chapter 2: Configuring Basic WavePoint™ Network Features l In the MAC Address field, enter a MAC address in this format: XX:XX:XX:XX:XX:XX where X is a number from 0 to 9 or an alphabetical letter between A and F. 8. Click Save to save the changes or Cancel to clear any changes without saving. Defining WAN Connections Using DHCP Using DHCP, the WavePoint 10e can obtain its IP settings automatically from the ISP or DHCP server. Procedure 1.
WavePoint 10e l Use this MAC - Select this option if the ISP assigned a MAC address to use. l In the MAC Address field, enter a MAC address in this format: XX:XX:XX:XX:XX:XX where X is a number from 0 to 9 or an alphabetical letter between A and F. 8. Click Save to save the changes or Cancel to clear any changes without saving. Defining WAN Connections Using PPPoE Select this Internet connection type if the ISP uses Point-to-Point Protocol over Ethernet (PPPoE) to establish its network connections.
Chapter 2: Configuring Basic WavePoint™ Network Features PAP l 9. Select a Reconnect Mode option: l l Always On - Select this option to leave the connection active. On Demand - Select this option to automatically end the connection if it is idle for a specified number of minutes. l Enter the number of minutes in the Maximum Idle Time field. This feature is useful if the ISP charges based on the amount of connection time. 10.
WavePoint 10e l Auto-Negotiate l CHAP l MS-CHAP l MS-CHAPv2 l PAP 9. Select a Reconnect Mode option: l l Always On - Select this option to leave the connection active. On Demand - Select this option to automatically end the connection if it is idle for a specified number of minutes. l Enter the number of minutes in the Maximum Idle Time field. This feature is useful if the ISP charges based on the amount of connection time. 10.
Chapter 2: Configuring Basic WavePoint™ Network Features l l l l Select NAT if the Internet Service Provider (ISP) has provided only one IP address. Assign any network device that connects through the WavePoint 10e an IP address in a private subnet (e.g., 192.168.1.99). Router - IP addresses on the LAN are not translated and are exposed on the Internet. l l l In a NAT setup, devices on the LAN use a private IP address range.
Chapter 3: Additional Data Networking Features Defining Physical WAN Port Settings For each of the two WAN ports, these settings can be controlled: l Whether the WavePoint 10e responds to accessibility requests. l The data transmission size through the port. l The control the port speed. Procedure 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3.
Chapter 3: Additional Data Networking Features l Default - 1500 bytes. l Custom - Enter the maximum transmission in bytes in the Custom MTU field 6. In the Port Speed field, select an option: l l l Auto Sense - The optimal settings for the port are configured automatically based on the device and the network. 10, 100 or 1000 Base T Half Duplex - Data traffic is only allowed in one direction at a time at the indicated speed (10 Mbps, 100 Mbps, and 1000 Mbps).
WavePoint 10e 5. In the WAN Failure Detection Method section, complete the information that indicates when WAN traffic is rolled over to the selected WAN port: a. Select a Method option: l None - There is no check for detecting WAN failures. l l l DNS Lookup Using WAN DNS Servers - Detects failure of a WAN link using the DNS servers configured in the Network > WAN1 or WAN2 IPv4 Setup pages. DNS Lookup Using DNS Servers - Uses a specific DNS server for detecting WAN failure.
Chapter 3: Additional Data Networking Features Example: If one WAN has a more robust link than the other, direct the lowlatency information over that link and direct back ground information to the WAN with the less robust link. l Spill Over - Have the WAN 1 act as the primary link until a defined threshold set in Step 3 is reached. When the WAN reaches the defined threshold, the additional data is directed to WAN 2. 5.
WavePoint 10e Configure a Traffic Restriction (Protocol Binding) for a WAN Port 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Network menu, select WAN > Protocol Bindings. The current list of protocol settings is shown. 4.
Chapter 3: Additional Data Networking Features Enable or Disable a Protocol Binding Configuration 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Network menu, click WAN > Protocol Bindings. In the Status field, the list of protocol settings are shown with the status of each setting. 4.
WavePoint 10e 4. Do one of the following: l l Edit an existing binding rule - Right-click the address in the table and select Edit. Add an IP-MAC binding rule - Click Add New IP-MAC Binding below the table. 5. In the Name field, enter a unique name. Note: The name is shown in drop-down lists and other areas of the Configuration pages that reference bindings 6. In the MAC Address field, enter the physical hardware address for the device associated with this binding rule. 7.
Chapter 3: Additional Data Networking Features Define a Static IPv4 Route 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Network menu, click Routing > Static Route. 4. Do one of the following: l l Edit an existing Static Route - Right-click an existing Static Route and click Edit.
WavePoint 10e For more information about defining RIP settings, see Defining Routing Internet Protocol Rules. 13. Click Save to save the changes and send them to the WavePoint 10e or click the X in the upper right corner to clear any changes without saving. Delete an Existing Static Route 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3.
Chapter 3: Additional Data Networking Features 3. On the Network menu, click Routing > RIP. 4. In the IPv4 RIP Configuration section, set the Enabled option to On. 5. In the RIP Version field, select either RIPv1 or RIPv2. 6. Select an Authentication method: l None - No authentication is used when sending routing table information. l l l l This is the default setting for both RIP versions. It is the only option available if RIPv1 is selected. RIPv1 does not support authentication.
WavePoint 10e Enabling VLANs By default, VLANs are disabled in the WavePoint 10e. VLANs must be enabled before configuring the VLANs through the WavePoint 10e. Procedure 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Network menu, click VLANs > Multi-VLANs Subnets. 4. Set the Enable VLAN field to On. 5.
Chapter 3: Additional Data Networking Features Note: After defining a VLAN configuration, only the Inter-VLAN Routing setting can be changed. To change the Name or ID, delete the VLAN configuration and add a new one with the correct parameters. 8. Click Save to save the changes or Cancel to clear any changes without saving. Delete an Available VLAN 1. On the Network menu, click VLAN > Available VLANs. The list of defined VLANs is shown. 2. Right-click the VLAN to remove and click Delete.
WavePoint 10e l DHCP Server - The DHCP server is enabled for the VLAN. It assigns an IP address within the range specified in the Starting IP Address and Ending IP Address fields to any network device that requests a DHCP address through the VLAN. l l Continue with Step 7. DHCP Relay - If enabled, devices in the VLAN that request a DHCP address can also receive IP address leases and corresponding information from a DHCP server on a different subnet.
Chapter 3: Additional Data Networking Features Associating Port Traffic to a VLAN Associate a physical port on the WavePoint 10e to a specific VLAN to tag the traffic that flows out of a port to a specific VLAN ID. Note: The Enable VLAN option in the Network > VLAN > Multi-VLAN Subnets page must be set to On to associate a port to a VLAN. Procedure 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2.
WavePoint 10e The available VLAN membership options are determined by the list of available VLANs that have the Inter-VLAN Routing Enable option set to On. For more information, see Defining VLANs in the Network on page 59. 8. Click Save to save the changes and send them to the WavePoint 10e or click the X in the upper right corner to clear any changes without saving. LUM0063AA Rev 05/05/2014 Page 63 of 171 This document is the property of FreeWave Technologies, Inc.
Chapter 3: Additional Data Networking Features WaveMesh Using WavePoint™ to create a WaveMesh provides: l A machine to machine (M2M) solution. l A self-healing environment. l Multiple paths for quicker response. l Redundancy support for the network. l Fault tolerance. Important: Only the non-root devices can be changed. The WavePoint™ configured in Client mode must be the endpoint of the network for M2M.
WavePoint 10e Example: WaveMesh Routing Diagram This diagram provides a basic example of how the WaveMesh network functions. Important: The WaveMesh routing is a multi-route network. This diagram provides only two possible solutions. Example: WaveMesh Routing Diagram LUM0063AA Rev 05/05/2014 Page 65 of 171 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®.
Chapter 3: Additional Data Networking Features WaveMesh using Auto Selection Method This procedure defines the WavePoint™ WaveMesh using the default Auto Selection Method to allow the non-root device to locate the optimal route to the root device. 1. On the Wireless LAN menu, click Parent Configuration. Wireless LAN > Parent Configuration menu The Parent Selection Profile window opens. Parent Selection Profile window 2. Right-click the device to configure. 3. On the right-click menu, click Edit.
WavePoint 10e Right-click >Edit menu The Parent Selection Profile Configuration dialog opens. Parent Selection Profile Configuration dialog 4. Click the Selection Method list box arrow and select an option. In this procedure, accept the Auto default. l l Auto - Accept this default to allow the non-root device to locate the optimal route to the root device. Using Auto, the device can connect to any of the parents it sees in the network.
Chapter 3: Additional Data Networking Features Important: If the Branch is not configured correctly, it could cause a network failure if one device fails. Plan the paths carefully! l List – Select this option to use the MAC Addresses of the Repeaters to define a path to the root device. The MAC Addresses are listed in the preferred order. 5. Click Save to accept the change and close the dialog. The Parent Selection Profile window returns showing the accepted Selection Method assigned to the device.
WavePoint 10e WaveMesh using Branch Selection Method This procedure establishes the WavePoint™ WaveMesh using a defined number of hops the nonroot device is required to use to locate the root device. 1. On the Wireless LAN menu, click Parent Configuration. Wireless LAN > Parent Configuration menu The Parent Selection Profile window opens. Parent Selection Profile window 2. Right-click the device to configure. 3. On the right-click menu, click Edit.
Chapter 3: Additional Data Networking Features Right-click >Edit menu The Parent Selection Profile Configuration dialog opens. 4. Click the Selection Method list box arrow and select Branch. The Parent Selection Profile Configuration dialog refreshes. Parent Selection Profile Configuration dialog with Branch Selection Method 5. In the Branch Length text box, enter the maximum number of hops the non-root device is required to use to locate the root device. The maximum is 10 hops.
WavePoint 10e 6. Click Save to accept the change and close the dialog. The Parent Selection Profile window returns showing the accepted Selection Method assigned to the device. Parent Selection Profile window with a successful Branch WaveMesh LUM0063AA Rev 05/05/2014 Page 71 of 171 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®.
Chapter 3: Additional Data Networking Features WaveMesh using a List Selection Method This procedure defines the WavePoint™ WaveMesh using the MAC Addresses of the Repeaters to define a path to the root device Note: The MAC Addresses are listed in the preferred order. 1. On the Administration menu, click Diagnostics > System Statistics. Administration > Diagnostics > System Statistics menu The System Statistics window opens. 2. Click the Interface Statistics Display button.
WavePoint 10e Interface Statistics dialog 3. Scroll down the dialog to locate the vap10 (upstream) and vap11 (downstream) information. 4. Highlight the VAP address to use in the WaveMesh. Note: The Interface Statistics dialog box shown here is only for the WavePoint™ model WP10e-S100-100-100. Other WavePoint 10e devices will use different VAP number. Interface Statistics dialog box with highlighted VAP11 address. 3. Press to copy the address to the clipboard. This address is used in Step 10. 4.
Chapter 3: Additional Data Networking Features Wireless LAN > Parent Configuration menu The Parent Selection Profile window opens. Parent Selection Profile window 5. Right-click the device to configure. 6. On the right-click menu, click Edit. Page 74 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®.
WavePoint 10e Right-click >Edit menu The Parent Selection Profile Configuration dialog opens. 7. Click the Selection Method list box arrow and select List. The Parent Selection Profile Configuration dialog refreshes with the MAC ID Addresses listed in the preferred order. 8. Click the Preferred List list box arrow and select an option: l Best in List - Select this option to have the WavePoint™ WaveMesh pick the best parent MAC IDs out of the ones defined in that list.
Chapter 3: Additional Data Networking Features Parent Selection Profile Configuration dialog with the Preferred List menu. 9. In the designated MAC ID text box, highlight the default address. 10. Press to paste the copied VAP address (from Step 3) in the text box. Parent Selection Profile Configuration dialog with the changed MAC address. 11. Click Save to accept the change and close the dialog.
WavePoint 10e Parent Selection Profile window with a successful Best in List WaveMesh Parent Selection Profile window with a successful Follow List Priority WaveMesh LUM0063AA Rev 05/05/2014 Page 77 of 171 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
Page 78 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
Chapter 4: Configuring Wireless Access WavePoint 10e can provide connectivity between wired Ethernet networks and radio-equipped wireless devices using Orthogonal Frequency Division Multiplexing (OFDM). WavePoint 10e supports Point-to-Point (one-to-one communication link) wireless network types. WavePoint 10e will support the following additional functionality in the next release: l Point-to-Multipoint - One-to-many communication link.
Chapter 4: Configuring Wireless Access Configuring a Point-to-Point Network Note: Both components communicate using a 2.4 GHz radio. 1. On the Wireless LAN > Radios > Basic page, set the AP to an Access Point. 2. Configure the wireless security settings described in Configuring Wireless Communication on page 82. 3. On the Wireless LAN > Radios > Basic page, set the Client to Client mode. 4. Configure the wireless security settings to match the AP described in Configuring Wireless Communication on page 82.
WavePoint 10e 1. On the Wireless LAN > Radios > Basic page, set the Access Point. 2. Configure the wireless security settings described in Configuring Wireless Communication on page 82. 3. On the Wireless LAN > Radios > Basic page, set Repeater 1 and Repeater 2 to Repeater mode. 4. Configure the wireless security settings to match the AP described in Configuring Wireless Communication on page 82. 5.
Chapter 4: Configuring Wireless Access 1. On the Wireless LAN > Radios > Basic page, set the Access Point. 2. Configure the wireless security settings described in Configuring Wireless Communication on page 82. 3. On the Wireless LAN > Radios > Basic page, set Repeater 1 and Repeater 2 to Repeater mode. 4. Configure the wireless security settings to match the AP described in Configuring Wireless Communication on page 82. 5.
WavePoint 10e FreeWave Recommends: For security, and to avoid duplication of neighboring network names, it is highly recommended that either the SSID or the Security Key be changed to a unique ID. For information about defining and enabling virtual APs, see Enabling Virtual Access Points on page 89. Procedure 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages.
Chapter 4: Configuring Wireless Access c. By default, the device is set to broadcast the wireless network name. Broadcasting the name allows other wireless devices to see the device automatically. Set the Hide SSID option to Off to disable the broadcast. Note: Other wireless devices can still connect; however, they do not automatically see this device in their access lists. 7.
WavePoint 10e 9. Optional: In the Follow Schedules field, select a schedule from the list if schedules were defined. 10. Click Save to save the changes or Cancel to clear any changes without saving. 11. On the Wireless LAN menu, click Radios > Advanced. The Advanced Radio table lists the radios available in the device. 12. Right-click the radio to configure and click Edit. 13. Complete these fields described in Defining Advanced Radio Settings on page 85: a. Mode (Modulation Scheme) b. Channel c.
Chapter 4: Configuring Wireless Access 5. In the Mode field, select the 802.11 Modulation Scheme to transmit packets from this radio. 6. Complete these radio settings using the fields provided: 7. Select the frequency Channel the radio is set to broadcast and receive data on. Select Auto to let the system determine the best channel within the frequency band to use based on the environmental noise levels for the available channels. 8. Select the Channel Width (spacing) setting for the radio.
WavePoint 10e l If the Tx Antenna field is set to 3, the 802.11n MCS index values in the drop-down menu range from 0 to 23. 12. Select the maximum Parent Rate to use when connecting to the upstream device (Repeater or Access Point). This parameter is applicable to the WavePoint 10e set as either a Repeater or Client. Note: The available Parent Rate parameters are the same as in those available in the Rate field. 13. Select the radio's Transmit Power in dBm, based on the radio's intrinsic power range.
Chapter 4: Configuring Wireless Access upstream from the Repeater to the Access Point are reduced to 10 dBm. This parameter is applicable only for radios set Access Point and Repeater mode. 17. Enter the DTIM Interval that determines how often the Access Point sends notification of the buffered data. Note: A delivery traffic indication message (DTIM) is a map that informs Repeaters and Clients about the presence of buffered multicast/broadcast data on the Access Point waiting to be sent. 18.
WavePoint 10e 5. After the connection is established, open a web browser and enter the IP address in the browser navigation bar. The IP address was entered in the LAN Setup page. The Login page is shown when a successful wireless connection has been made. If there is no connection, see the Internet Connection and Browser Display on page 147 Enabling Virtual Access Points A Virtual Access Point (VAP) is similar to a VLAN, but in a wireless environment.
Chapter 4: Configuring Wireless Access Change a Virtual Access Point's Settings 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Wireless LAN menu, click Virtual APs. The table lists the available VAPs for each radio and their status. 4. Right-click a VAP in the list and click Edit. 5. Enter a unique AP Name to identify the VAP.
WavePoint 10e l WPA2-Enterprise - This method is a type of WPA2 security, WPA2-Enterprise uses an external RADIUS server to authenticate users. Note: For more information about defining RADIUS settings, see Defining EAP Authentication and External RADIUS Servers on page 95. 8. Optional: Set the AP Isolation field to Off to allow devices that connect to this VAP to be able to connect with one another.
Chapter 4: Configuring Wireless Access 6. In the Security field, select a security method for the wireless network: l Open - This method requires no authentication to connect to the wireless device and provides no data encryption. Note: This is the least secure option and is NOT recommended. l WPA - This method uses the Temporal Key Integrity Protocol (TKIP) to connect to the wireless device. l l This security method generates a new 128-bit key for each packet the device transmits.
WavePoint 10e (ACL) of MAC addresses allows access to the network and adds security against devices that have not been granted access to the network. Important: The ACL does NOT secure the data that travels across the network.. Important: If configuring the WavePoint 10e through a wireless connection whose MAC address is NOT in the ACL, the connection is lost when the changes are saved. This does include the laptop used to configure the WavePoint™ device.
Chapter 4: Configuring Wireless Access 5. In the MAC Address field, enter the MAC address of the device to grant network access to. Note: MAC addresses are typically printed on a device's physical label. 6. Click Save to save the changes or Cancel to clear any changes without saving. Delete a Device from the List l Right-click an address in the table and click Delete. l Right-click anywhere in the table and click Select All > Delete.
WavePoint 10e 2. Use a web browser to access the Configuration pages. 3. On the Wireless LAN menu, click Rogue AP List. The Rogue AP List at the bottom of the page identifies the: l SSID and MAC address of the unauthorized devices that attempted to access the wireless network. l Security mode set on the rogue device. l Time that has passed since the access attempt.
Chapter 4: Configuring Wireless Access establish authentication and a connection. A Client may respond with only enough information so the RADIUS server can process the request. d. Enter the unique Password a requester must send in an authentication request. Note: The password can contain alphanumeric characters, underscores (_), and dashes (-). e. Select the Inner Authentication method to establish a second layer of authorizing a client after the initial tunnel is established. f.
WavePoint 10e Scheduling When Wireless Connections are Available The WavePoint 10e deployment may not require a wireless network connection to be available 24 hours a day. If the wireless access is only required during certain portions of the day, define the hours in the day the wireless network is available for use. This also helps to conserve power. Note: The defined schedules apply to every day of the week. Schedules for individual days cannot be defined.
Chapter 4: Configuring Wireless Access Disable a Schedule 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Wireless LAN menu, click Wireless LAN Schedules. The SSIDs, including Virtual APs, are shown in the table as Enabled. 4. In the schedule, right-click the SSID to disable. 5. Set the Active option to Off. 6.
Chapter 5: Security This chapter discusses these options for securing the traffic in the network: l Firewall setup including policies, rules, and scheduling. l RADIUS server setup. Firewall Overview Inbound rules govern access from the WAN to the LAN. Using firewall rules allows only specified local resources to be accessed from the Internet. By default, all access from the Internet is blocked from accessing the secure LAN, except in response to requests from the LAN.
Chapter 5: Security Set the Outbound Traffic Policy 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Security menu, click Firewall > Basic Policies. The Basic Policies screen opens. 4. Select an option: l l Allow Always permits any outbound traffic to pass through the firewall and reach the WAN. Block Always closely manages the outbound traffic.
WavePoint 10e l Insecure (WAN) - Select this option if the traffic is coming from a non-secure location (from the WAN). 6. In the To Zone, enter the destination of the traffic this firewall rule controls. Note: Traffic can only be sent to a secure location. 7. Select a Service option from the drop down list or add an additional service on Firewall > Custom Services. The name usually indicates the type of traffic the rule covers (e.g., FTP, SSH, telnet, ping, etc.). 8.
Chapter 5: Security Note: The priorities are defined by Type of Service (TOS) in the Internet Protocol Suite standards, RFC 1349. Service Type ToS Description Normal Service 0 (zero) No special priority is given to the traffic. Minimize Cost 2 Transfer of data over a link that has a lower cost. Maximize Reliability 4 Transfer of data over a more reliable link with little or no transmission.
WavePoint 10e Note: If Other is selected, enter the IP address in the Other IP address field. 18. Click Save to save the changes or Cancel to clear any changes without saving. Delete an IPv4 Firewall Rule 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Security menu, click Firewall > IPv4 Firewall Rules.
Chapter 5: Security Configure Custom Service Settings 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Security menu, click Firewall > Custom Services. The list of defined custom services is shown. 4. Do one of the following: l l Edit an existing Custom Service - Right-click an existing Custom Service and click Edit.
WavePoint 10e 3. On the Security menu, click Firewall > Custom Services. The defined custom services are listed in the table. 4. Right click the custom service to remove and click Delete. Note: Right-click anywhere in the table and click Select All > Delete to delete all the custom services. 5. Click Save to save the changes or Cancel to clear any changes without saving.
Chapter 5: Security 4. Do one of the following: l l Edit an existing Firewall Schedule - Right-click an existing Firewall Schedule and click Edit. Add a new Firewall Schedule - Click Add New Schedule below the Available Firewall Schedules table. 5. Enter a Name to identify the schedule. The name is shown on the Firewall Rules Configuration page. 6. Set one or more of the Days to On to apply the schedule to the selected days. 7.
WavePoint 10e Application Rules Application rules are commonly referred to as port triggering rules. Port triggering allows computers on the LAN to request one or more ports to be forwarded to them. Port triggering waits for an outbound request from the private network on one of the defined outgoing ports. It automatically sets up forwarding to the IP address the request was made from.
Chapter 5: Security l l This is the port number or port number range the remote system uses to respond to the request it receives. If the outgoing connection uses only one port, then: l both the Start Port and End Port fields are the same port number. l specify the same port number in both fields. 10. In the Incoming (Response) Port Range Start and To fields, enter the port number or range of port numbers that trigger this rule when a connection request from incoming traffic is made.
WavePoint 10e l Time Remaining (sec): The remaining time in seconds the open ports allows external traffic. This time is reset whenever traffic is sent from the LAN out on the trigger ports. VPN Tunnels and IPsec VPNs allow the exchange of data across the Internet through a tunnel including the security and policies defined in a private network.
Chapter 5: Security 7. Select a Remote Gateway Type to identify the remote Gateway by IP address or FQDN (Fully Qualified Domain Name). 8. In the Remote WAN IP Address / FQDN field, enter the IP address or the Internet name of the Gateway selected in the Remote Gateway Type field. Note: The Internet name is defined as the FQDN, such as vpn.FreeWave.com. 9. Use the Local Gateway Type field to select how to identify the local Gateway. 10.
WavePoint 10e Configuring an IPsec VPN Policy 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Security menu, click VPN > IPsec Policies. The IPsec VPN Policies table is shown. 4. Do one of the following: l l Edit an existing IPsec VPN Policy - Right-click an existing IPsec VPN Policy and click Edit.
Chapter 5: Security 10. If two WAN ports are configured to connect to an ISP, use the Select Local Gateway to select the Gateway used as the local Endpoint for this IPsec tunnel. 11. Select one option to identify the Remote Endpoint (IP) Gateway: l l IP Address – Enter the IP Address of the Gateway in the IP Address/FQDN field. FQDN (Fully Qualified Domain Name) – Enter the IP Address of the FQDN in the IP Address/FQDN field. 12.
WavePoint 10e l Single - Limits the policy to one host. l Range - Allows computers within an IP range to connect to the VPN. l Subnet - Allows an entire subnet to connect to the VPN. Note: Avoid using overlapping subnets for remote or local traffic selectors. Using these subnets would require adding static routes on the router and the hosts. Example: Voice using Local Traffic Selector - 192.168.75.0/24 and Remote Traffic Selector - 192.168.0.0./16. 18.
Chapter 5: Security 26. Set the Enable Keepalive option to On to periodically send ping packets to the host on the peer side of the network to keep the Tunnel open. This field is visible when Auto Policy is selected in the Policy Type field. 27. Enter the Source IP Address the ping packet is sent from. This field is visible when Enable Keepalive is set to On. 28. Enter the Destination IP Address the ping packet is sent to. 29. Enter the Detection Period frequency, in minutes, the ping packets are sent. 30.
WavePoint 10e Note: If the Local Identifier Type is NOT an IP address, then negotiation is only possible in Aggressive mode. If FQDN, User FQDN, or DER ASN1 DN is selected, the device disables Main mode and sets the default to Aggressive mode. 36. If applicable, enter the Local Identifier value for the option selected in the Local Identifier Type. 37. In the Remote Identifier Type field, select an Internet Security Association and Key Management Protocol (ISAKMP) identifier for the remote device.
Chapter 5: Security Note: Verify the DH Group is configured identically on both sides of the VPN. 46. Enter the SA - Lifetime interval, in seconds, after which the Security Association (SA) becomes invalid. The default is 28,800 seconds (or 8 hours). 47. Set the Enable Dead Peer Detection option to On to activate detection of whether the connected peer device is alive or not. 48. Enter the Detection Period interval between consecutive DPD R-U-THERE messages.
WavePoint 10e 54. Enter the SA Lifetime time or amount of data value, and select which measure to use. This defines the amount of time, in seconds, or the amount of data allowed to pass, in Kbytes, for which the Security Association remains effective. Note: When configuring a Lifetime in kilobytes (also known as lifebytes), be aware that two SAs are created for each policy. One SA applies to inbound traffic, and one SA applies to outbound traffic.
Chapter 5: Security 63. Enter a Key Length as a multiple of 8 between 40 and 448 for the Blowfish encryption method. Enter a Key Length as a multiple of 8 between 40 and 128 for the CAST128 encryption method. This field is visible when Blowfish or CAST128 is selected in the Encryption Algorithm field. 64. Enter the Key - In encryption key of the inbound policy. This field is visible when any value except None, Blowfish, or CAST128 is selected in the Encryption Algorithm field.
WavePoint 10e Note: Right-click anywhere in the table and click Select All > Delete to delete all the IPsec VPN policies. 5. Click Save to save the changes or Cancel to clear any changes without saving. Edit the Default DHCP Range Edit the default DHCP range to set the IP range assigned to Clients connecting using DHCP over IPSec. Note: By default the range is in the 192.168.12.0 subnet. 1.
Page 120 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
Chapter 6: Management and Administration The Administration tab in the Configuration pages contain functions for general device management, access management and diagnostic tools for setting up and maintaining each WavePoint 10e. This chapter contains information about: l Upgrade the WavePoint 10e Software on page 130. l Adding and Editing User Groups on page 124. l Define User Group IP Policies on page 127. l Adding and Editing Users on page 129. l Back Up Configuration Settings on page 131.
Chapter 6: Management and Administration Click Administration > Summary to view a high-level summary of administration settings, including a list of users currently logged into the device. Set Up Remote Access to the WAN Port Set up the WavePoint 10e to allow: l Remote access in to the WAN port. l Remote connection for management. l Configuration from another network location. Note: Verify the WAN port is also configured. Procedure 1.
WavePoint 10e Users can access the Configuration pages on a computer connected directly to the WavePoint 10e or through a wireless connection by navigating to the WavePoint 10e IP address. If the WAN port is setup for remote management, it can be connected using the WAN IP address. Users and Groups The Users and Groups functionality is used to: l Control who has access to the Configuration settings. l Determine how users are allowed to access the WavePoint 10e.
Chapter 6: Management and Administration l The User Name is guest. l The Password is freewave. l The guest user is l l assigned to the Guest Group. allowed viewing and user privileges to all Configuration pages but has limited editing privileges. Note: The guest cannot save changes made in the Configuration pages . These sections detail: l creating and changing groups. l adding users to those groups.
WavePoint 10e 4. Do one of the following: l l Edit an existing group - Right-click the user name in the Group Lists table and click Edit. Add a group - Click Add New Group in the Group Lists section. 5. In the Group Name field, enter the name of the group. This name appears in drop-down lists and other areas of the Configuration pages that reference user groups. Note: Group names can contain only lower case letters, numbers, periods, and hyphens. Uppercase letters and other symbols are not allowed. 6.
Chapter 6: Management and Administration l admin - Log in is allowed from any browser or IP address. l guest - By default, login capability is disabled. Procedure 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Administration menu, click Users > Groups. The list of User Groups is shown. 4.
WavePoint 10e l l Select Deny Login from Defined Browsers to deny access to a particular browser type. Select Allow Login from Defined Browsers to allow access to a particular browser. 8. In the Client Browser field, select the browser to deny or allow access to, depending on the selection in Step 7. 9. Click Save to save the changes or Cancel to clear any changes without saving.
Chapter 6: Management and Administration 9. In the Network Address / IP Address field, enter the IP address to allow or deny access to. 10. Click Save to save the changes or Cancel to clear any changes without saving. Deleting User Groups Policies A policy assigned to a User Group can be removed at any time, even if the Group has active users. Delete a Single User Group Policy 1.
WavePoint 10e 3. On the Administration menu, click Users > Groups. The list of user groups is shown. 4. In the Groups List, right-click the group to delete and click Delete. Delete all User Groups Note: All user groups except the factory defaults are deleted. 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3.
Chapter 6: Management and Administration 8. Enter the Password and enter it again in the Confirm Password field. 9. Click Save to save the changes or Cancel to clear any changes without saving. Deleting Users For security purposes, delete Users that no longer require access to the WavePoint 10e. Note: The factory default Administrator and Guest users cannot be deleted. Procedure 1.
WavePoint 10e 3. Locate the WavePoint 10e upgrade file. 4. Save the WavePoint 10e upgrade file to an accessible location on the network or to an external drive. 5. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 6. Use a web browser to access the Configuration pages. 7. On the Administration menu, click Maintenance > Upgrade Via Network.
Chapter 6: Management and Administration Important: The backup file includes sensitive information (e.g., Passwords) that are NOT encrypted in the file. Take the appropriate actions to secure the file after it is saved. Procedure 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Administration menu, click Maintenance > Backup / Restore. 4.
WavePoint 10e Important: During a restore operation, do NOT do anything else to the WavePoint 10e until the operation is complete. A restoration can take several minutes to complete. 6. After the LEDs are turned off, wait a few more seconds before doing anything with the WavePoint 10e. When the restoration process is complete, the WavePoint 10e reboots automatically with the restored settings.
Chapter 6: Management and Administration 2. Use a web browser to access the Configuration pages. 3. On the Administration menu, click Maintenance > Backup / Restore. 4. Click Reboot and OK at the prompt. 5. Refresh the browser’s window. 6. Log back in after the reboot. System Logging The WavePoint 10e logs information about the packets received and transmitted as well as system errors. The available logging options are : l Logging Packet Traffic on page 135. l Set Up System Event Logging on page 134.
WavePoint 10e l l l Warning - Conditions in the system that can cause an error if they are not resolved. Notice - Unusual events but are not errors or warnings about potential errors in the future. No immediate action is required. Information - Messages about normal, typical operation. l l l These messages can be useful for gathering data for reports or tracking system performance. No action is required. Debug - System information that is useful when debugging the network.
Chapter 6: Management and Administration Log Packet Traffic in an IPv4 Network 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Administration menu, click Logs > Log Setup. 4. In the Routing Logs Accepted Packets section, select whether to log accepted packets sent from the LAN to the WAN, from the WAN to the LAN, or both.
WavePoint 10e Sending alert messages about logging activities to an email address helps monitor the state of the network from a remote location. Procedure 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3. On the Administration menu, click Logs > Email Logs. 4. Set the Enable Email Log option to On. 5.
Chapter 6: Management and Administration 11. In the Send Email Logs by Schedule section, select how often the system should compile and send the log file to the provided email addresses. Note: Selecting Never in this field disables log emails but preserves the email server settings. 12. Click Save to save the changes or Cancel to clear any changes without saving. Sending Logs to Syslog Servers Use Logging servers or Syslog servers to collect and store logs from the WavePoint 10e in an external location.
WavePoint 10e Simple Network Management Protocol (SNMP) This is an Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF).
Chapter 6: Management and Administration 1. Save the certificate file to a location on a computer or an accessible network location. 2. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 3. Use a web browser to access the Configuration pages. 4. On the Administration menu, click Certificates. The list of Trusted Certificates is shown in the table at the top of the page. 5. Click Add New CA Certificate. 6.
WavePoint 10e l CN= (Example: CN=router1) l OU= l O= l L= l ST= l C= 7. Select either Hash Algorithm: l MD5 to produce a 128-bit hash value. l SHA-1 to produce a 160-bit hash value. Note: The network and the installation environment determines the hash algorithm needed. 8. Select the Signature Key Length in bits. Larger key sizes may improve security, but they can also decrease network performance. 9.
Chapter 6: Management and Administration Procedure 1. Save the certificate file to a location on a computer or an accessible network location. 2. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 3. Use a web browser to access the Configuration pages. 4. On the Administration menu, click Certificates. The Active Self Certificates table in the middle of the page lists the loaded self certificates. 5.
WavePoint 10e Setting the Date and Time An accurate date and time setting is critical for: l firewall schedules. l Wi-Fi power saving support to disable access points at certain times of day. l accurate event tracking in the logs. A time zone is selected to: l adjust the time zone for Daylight Savings Time (DST). l use a Network Time Protocol (NTP) server to synchronize the date and time.
Chapter 6: Management and Administration 10. In the Re-synchronize field, enter the interval, in minutes, WavePoint 10e resynchronizes its clock. The default setting is every 120 minutes. 11. Click Save to save the changes or Cancel to clear any changes without saving. Manually Set the Date and Time 1. Connect to the WavePoint 10e either through an Ethernet cable connected to Ethernet port 3 or 4 or through the computer's wireless options. 2. Use a web browser to access the Configuration pages. 3.
WavePoint 10e 2. Use a web browser to access the Configuration pages. 3. On the Administration menu, click Diagnostics > System Statistics. The WavePoint 10e System Statistics page opens. 4. Click Display next to the statistics to view. The output opens in a new window. 5. Click the X in the upper right corner of the window to return to the System Statistics page. LUM0063AA Rev 05/05/2014 Page 145 of 171 This document is the property of FreeWave Technologies, Inc.
Page 146 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
Chapter 7: Diagnostics and Troubleshooting General Troubleshooting Internet Connection and Browser Display Cannot Access the Configuration Pages from a Computer on the LAN Verify these items: l l l The Ethernet cable is connected between the computer and the WavePoint 10e. The computer is connected to the WavePoint 10e and the WavePoint 10e IP addresses are on the same subnet. The computer's IP address.
Chapter 7: Diagnostics and Troubleshooting l l Close and reopen the browser. l Try using an alternate browser (e.g., Firefox, Chrome, etc.) The correct login information is used. l The factory default User Name is admin and the Password is freewave. Both are case sensitive. Verifying the IP address of a Windows® Computer 1. Open a Windows Command Prompt. 2. Issue the command ipconfig. 3. Check the Local Area Connection for: l IPv4 Address. l Subnet Mask.
WavePoint 10e 4. When the modem LEDs indicate that it has re-synchronized with the ISP, turn on the power to the WavePoint 10e. 5. If the router still cannot obtain an ISP address, verify if the ISP requires PPP over Ethernet (PPPoE) or some other type of login. 6. If Yes, verify that the configured User Name and Password are correct. 7. Ask the ISP if it checks for the computer's hostname. 8. If Yes, select and set the account name to the PC hostname of the ISP account. 9.
Chapter 7: Diagnostics and Troubleshooting 2. In the Daylight Saving field, click Enable. 3. Click Save to save the changes or Cancel to clear any changes without saving. Page 150 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
Appendix A: Factory Default Settings These are the factory default settings of the WavePoint 10e device. l The firewall blocks all outside access. l The DHCP server on LAN is disabled. l The WAN port configuration is completed with a DHCP configuration. l WavePoint 10e is set in Repeater mode. l The WavePoint 10e has only one active antenna port on Port 1. l The LAN IP address = 192.168.1.1. l The User Name = admin. l The Password = freewave.
Page 152 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
Chapter B: Installation Instructions The mounting holes on the bottom panel of each WavePoint 10e provide a variety of ways to mount the WavePoint 10e using either the mounting flanges or the DIN rail bracket provided in the mounting kit. Mounting kits provide the hardware necessary to attach the flanges or the DIN rail bracket to the WavePoint 10e, but do NOT contain items such as a the DIN rail or screws to mount the flanges to an external surface. Note: Mounting kits must be purchased separately.
Chapter B: Installation Instructions Attach the DIN Rail Bracket 1. Determine the orientation that is best for the installation. 2. Using the screws provided, securely attach the bracket to the WavePoint 10e using the supplied screw holes. Attach the Mounting Flanges 1. Determine which set of mounting holes on the mounting flanges is best for the installation. 2. Align the brackets with the screw holes on the bottom panel of the WavePoint 10e. 3. Securely attach the brackets using the provided screws.
WavePoint 10e Appendix C: WavePoint™ Configurations These are the configurations for the WavePoint 10e.
Appendix C: WavePoint™ Configurations WP10e-T100-100-100 Model Radio 1 Radio 2 Radio 3 Radio 4 Radio 5 WP10e-T100-100-100 Not Installed Not Installed 5GHz Port 1 -- Y1 Port 2 -- Y2 Port 3 -- Y3 Not Installed GPS (option) Port 1 -- Y4 Power Ethernet RS-232 RS-485 USB Enclosure 4 2 1 1 Standard Base Ethernet RS-232 RS-485 USB Enclosure 4 2 1 1 Standard Base 10.
WavePoint 10e Appendix D: Bench Test Verification of WavePoint™ Configuration Important: For successful replication of this test for a 2.4GHz WavePoint™, the Required Materials are needed. Where noted, these materials can be ordered from FreeWave. Required Materials Qty Description 1 1 foot RF SMA cable 2 20dB SMA attenuators 2 TNC > SMA couplers (FreeWave Part Number: ECN0313TS) 2.
Appendix D: Bench Test Verification of WavePoint™ Configuration 10. Click the Mode list box arrow and select ng. 11. Click the Transmit Power list box arrow and select 5. 12. In the Power Constraint text box, enter 5. 13. Click Save to save the changes and close the dialog box. 14. Log out of the WavePoint 10e Configuration window. 15. Repeat Steps 1 to 14 for all WavePoint 10e devices. 16. On the laptop, open either a web browser or a Command prompt. 17.
WavePoint 10e l l In the web browser, enter 192.168.1.1 (or the designated WavePoint™ IP address. In the Command prompt, use a Ping command. Successful connection is verified when the WavePoint™ Login window opens when navigating from a web browser to a WavePoint 10e IP address or successful ping responses are received. LUM0063AA Rev 05/05/2014 Page 159 of 171 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®.
Page 160 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
WavePoint 10e Appendix E: WavePoint 10e Technical Specifications Specifications may change at any time without notice. For the most up-to-date specifications information, see the product's data sheet available at www.freewave.com. WavePoint™ Technical Specifications Specification Description Wireless Interfaces Network Configurations PTP, PtMP, Fixed Point Mesh, Mobile Mesh 902 to 928 MHz UHF (ITU Region 2) 2.41 to 2.47 GHz (ITU ISM band) RF Frequency Support 5.15 to 5.
Appendix E: WavePoint 10e Technical Specifications WavePoint™ Technical Specifications Specification Description 1 RS-485, RJ-45 USB Interface Micro USB, Type B for configuration 802.3 and 802.3u, IPv4, TCP, UDP, ICMP LAN / WAN DHCP Server and Client, NAT VLAN Up to 4 VLAN pass-through RADIUS, X.509 Certificates, LAN Security MAC Filtering with ACL IPsec, AES-128, AES-256, SSH, SSH-2 SNMP v2 and v3, WebGUI, HTTP/HTTPS Management RIP v1/v2, STP,* RSTP,* DNS, NAT, NTP QoS 802.
WavePoint 10e WavePoint™ Technical Specifications Specification Description Shock and Vibration ETSI EN 300 019-2-4, 4M3 Transportation ISTA 3A Compliance RoHS, WEEE, DFS Wireless Approvals FCC Part 15.247, IC RSS-210 Warranty 1 Year Product Safety Standards EN 60079-0:2012 + A11:2013 and EN 60079-15:2010 II 3 G Labeling Information LUM0063AA Rev 05/05/2014 Ex nA IIC T4 Gc DEMKO 14 ATEX 1306X Page 163 of 171 This document is the property of FreeWave Technologies, Inc.
Page 164 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
WavePoint 10e Networked devices use this protocol to send error messages. Glossary ISP A Internet Service Provider. AP Access Point. A device, such as a wireless router, that allows other wireless devices to connect to a network or the Internet. Also referred to as a Gateway if the device is the point to the wireless network. M MIMO Multiple input, multiple output. Use of multiple transmitters and receiver antennas to increase data throughput. MMPE Encryption D Microsoft Point-to-Point Encryption.
Glossary (PPP) is wrapped inside the TCP/IP protocol, allowing for a secure connection. PVID Port VLAN ID. W WPA Wi-Fi Protected Access. An authentication protocol used to protect wireless networks from unauthorized access. R Rogue AP Any access point that is installed in a network that is not authorized for operation within that network. RSTP Rapid Spanning Tree Protocol. S STP Spanning Tree Protocol. A link management protocol for access control bridges.
WavePoint 10e Index troubleshooting 149 device mode 47 DHCP server, enabling 39 A accessories 20 F antennas, FCC certified 23 factory default settings 123, 133, 151 authentication certificates firmware about 139 upgrading 130 self certificates 141 trusted 139 I IC notifications 3 B installation 153 binding IP addresses 54 Internet connections DHCP 44 C PPPoE 45 certificates, authentication static IP 43 about 139 self certificates 140-141 troubleshooting 147 introduction 17 trusted 139 c
Index legal notifications power IC 3 load balancing, WAN 51 logging in 32 login policies 125 logs connecting 30 protocol bindings, setting 52 R radios emailing 136 advanced settings 85 external servers, sending to 138 rebooting 133 overview 134 requirements 19 packet traffic 135 RIPv1 and RIPv2 57 SysLog Server, sending to 138 routing system events 134 RIP 57 static routes 55 M Routing Information Protocol 57 MAC address filtering 91 management features 18 model numbers identifying 21 r
WavePoint 10e VPN tunnels T configuring 109 template files, creating 131 time and date NTP server setup 143 setting 143 troubleshooting date and time 149 Internet connection 147 W WAN setup DHCP 44 failover 50 load balancing 51 MTU size 49 multiple WANs 42, 50-51 U physical settings 49 user groups deleting 128 policies 128 browser 126 IP 127 login 125 users adding 129 deleting 130 editing 129 port binding 52 port speed 49 port traffic 52 PPPoE 45 PPTP 46 responding to Ping 49 static 43 warranty 2 web
Index security authorized access list 91 EAP authentication 95 MAC address restrictions 92 RADIUS servers 95 rogue access point detection 94 virtual APs 89 Page 170 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.
Page 171 of 171 LUM0063AA Rev 05/05/2014 This document is the property of FreeWave Technologies, Inc. and contains proprietary information owned by FreeWave®. This document cannot be reproduced in whole or in part by any means without written permission from FreeWave Technologies, Inc.