Grandstream Networks, Inc. GWN7602 Mid-Tier 802.
COPYRIGHT ©2020 Grandstream Networks, Inc. http://www.grandstream.com All rights reserved. Information in this document is subject to change without notice. Reproduction or transmittal of the entire or any part, in any form or by any means, electronic or print, for any purpose without the express written permission of Grandstream Networks, Inc. is not permitted. The latest electronic version of this guide is available for download here: http://www.grandstream.
FCC Caution Any changes or modifications to this unit not expressly approved by the party responsible for compliance could void the user’s authority to operate the equipment. This device complies with 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.
Le présent appareil est conforme aux CNR d’Innovation, Sciences et Développement économique Canada applicables aux appareils radio exempts de licence. L’exploitation est autorisée aux deux conditions suivantes : (1) l’appareil ne doit pas produire de brouillage, et (2) l’utilisateur de l’appareil doit accepter tout brouillage radio électrique subi, même si le brouillage est susceptible d’en compromettre le fonctionnement.
GNU GPL INFORMATION GWN7602 firmware contains third-party software licensed under the GNU General Public License (GPL). Grandstream uses software under the specific terms of the GPL. Please see the GNU General Public License (GPL) for the exact terms and conditions of the license. Grandstream GNU GPL related source code can be downloaded from Grandstream web site: http://www.grandstream.com/support/faq/gnu-general-public-license GWN7602 User Manual Version 1.0.3.
Table of Contents DOCUMENT PURPOSE .............................................................................................. 11 CHANGE LOG ............................................................................................................. 12 Firmware Version 0.12.25.1 ....................................................................................................................12 WELCOME ....................................................................................................
Guest ...........................................................................................................................................32 Policy List .....................................................................................................................................32 Internal Splash Page ...................................................................................................................34 External Splash Page ........................................................
UPGRADING AND PROVISIONING ........................................................................... 66 Upgrading Firmware ...........................................................................................................................66 Upgrading via the Master GWN76XX Web GUI ..........................................................................66 Provisioning ..................................................................................................................................
Table of Tables Table 1: GWN7602 Technical Specifications ............................................................................................ 14 Table 2: GWN7602 AP Ports Description .................................................................................................. 16 Table 3: LED Patterns ............................................................................................................................... 18 Table 4: Wi-Fi ..................................................
Figure 13: Adding Client Access List ......................................................................................................... 29 Figure 14: Adding New Access List ........................................................................................................... 29 Figure 15: Blacklist Access List ................................................................................................................. 30 Figure 16: Ban/Unban Client ...........................................
DOCUMENT PURPOSE This document describes how to configure the GWN7602 in standalone mode, Or as a slave with Master GWN76XX Access points. The intended audiences of this document are network administrators. Please visit http://www.grandstream.com/support to download the latest “GWN7602 User Manual”.
CHANGE LOG This section documents significant changes from previous versions. Only major new features or major document updates are listed here. Minor updates for corrections or editing are not documented here. Firmware Version 0.12.25.1 • This is the initial version of GWN7602. GWN7602 User Manual Version 1.0.3.
WELCOME Thank you for purchasing Grandstream GWN7602 Mid-Tier 802.11ac Wi-Fi Access Point. The GWN7602 is an 802.11ac wireless access point. It offers dual-band 2x2:2 technology and a sophisticated antenna design for ideal network throughput and Wi-Fi coverage range. Three 100M Ports provide IP Phones, IPTV, PC and etc. with Ethernet, and an uplink Gigabit network port with PoE/PoE+.
PRODUCT OVERVIEW Technical Specifications Table 1: GWN7602 Technical Specifications Wi-Fi Standards IEEE 802.11 a/b/g/n/ac 2 dual band internal antennas. Antennas Antenna 1 - 2.4GHz: gain 3.0dBi, 5GHz: gain 3.5dBi Antenna 2 - 2.4GHz: gain 3.5dBi, 5GHz: gain 3.0dBi IEEE 802.11ac: 6.5 Mbps to 867Mbps IEEE 802.11a: 6, 9, 12, 18, 24, 36, 48, 54 Mbps IEEE 802.11n: 6.5Mbps to 300Mbps Wi-Fi Data Rates IEEE 802.11b: 1, 2, 5.5, 11Mbps IEEE 802.
5G 802.11a: -91dBm@6Mbps, -73.5dBm@54Mbps; 802.11ac:VHT20: 89.5dbm@MCS0, -71.5dBm@ MCS7, -64dBm@MCS8; VHT40: 87.5dBm@MCS0; -69.5dBm@MCS7, -62dBm@MCS9, VHT80: 83.5dBm@MCS0, -65.5dBm@MCS7, -58.5dBm@MCS9 * Receiver sensitivity varies by frequency band, channel width and MCS rate SSIDs 4 SSIDs Concurrent Clients Up to 80.
INSTALLATION Before deploying and configuring the GWN7602, the device needs to be properly powered up and connected to the network. This section describes detailed information on installation, connection and warranty policy of the GWN7602. Equipment Packaging Figure 1: GWN7602 Equipment Packaging Table 2: GWN7602 AP Ports Description Port Description DC12V Power adapter connector (12V, 2A) PoE Ethernet RJ45 port (10/100/1000Mbps) supporting PoE/PoE+. LAN1 1x 10/100M Ethernet port.
Figure 2: Connecting GWN7602 Warranty If the GWN7602 Wireless Access Point was purchased from a reseller, please contact the company where the device was purchased for replacement, repair or refund. If the device was purchased directly from Grandstream, contact our Technical Support Team for an RMA (Return Materials Authorization) number before the product is returned. Grandstream reserves the right to remedy warranty policy without prior notification.
GETTING STARTED The GWN7602 Wi-Fi Access Could only be managed via another GWN76XX Master AP (Except GWN7602), Or through the GWN.Cloud platform for easy management and deployment. This section provides step-by-step instructions on how to read LED patterns, and discover the GWN7602.
Discovering the GWN7602 Once the GWN7602 is powered up and connected to the Network correctly, users can discover the GWN7602 using GWN Discovery Tool as described in below steps: 1. Download and install GWN Discovery Tool from the following link: http://www.grandstream.com/support/tools 2. Open the GWNDiscoveryTool, click on Select to define the network interface, then click on Scan. 3.
USING GWN7602 AS STANDALONE ACCESS POINT The GWN76XX can be used in Standalone mode, or in Slave mode where managed by another GWN76XX Master, Or GWN Cloud platform. This section will describe how to use the GWN7602 in standalone mode. Connect to GWN7602 Default Wi-Fi Network GWN76XX can be used as standalone access point out of box, or after factory reset with Wi-Fi enabled by default.
MANAGING GWN7602 FROM A MASTER GWN76XX SSID When using GWN7602 as Slave Access Point, users can create different SSIDs from the GWN76XX Master and assign GWN7602 Slave Access Points to them. Log in as Master to the GWN76XX WebGUI and go to SSIDs. Figure 6: SSID GWN7602 can support up to 4 SSIDs, click on to add a new SSID.
Table 4: Wi-Fi Field Description Enable SSID Check to enable Wi-Fi for the SSID. SSID Set or modify the SSID name. Select the Wi-Fi band the GWN will use, three options are available: SSID Band • Dual-Band • 2.4GHz • 5Ghz Select to hide SSID. SSID will not be visible when scanning for Wi-Fi, to SSID Hidden connect a device to hidden SSID, users need to specify SSID name and authentication password manually. VLAN Enter the VLAN ID corresponding to the SSID.
Enter the password key for WEP protection mode. WEP Key This field is available only when “Security Mode” is set to “WEP 64-bit” or “WEP 128-bit”. Two modes are available: WPA Key Mode • PSK: Use a pre-shared key to authenticate to the Wi-Fi. • 802.1X: Use a RADIUS server to authenticate to the Wi-Fi. This field is available only when “Security Mode” is set to “WPA/WPA2” or “WPA2”.
RADIUS NAS ID Enter the RADIUS NAS ID. This field is available only when “WPA Key Mode” is set to “802.1x”. Configures the client bridge support to allow the access point to be configured as a client for bridging wired only clients wirelessly to the network. Client Bridge Support When an access point is configured in this way, it will share the Wi-Fi connection to the LAN ports transparently.
This field is required when using Client Isolation, so users will not lose access to the Network (usually Internet). Type in the default LAN Gateway MAC Address Gateway’s MAC address (router’s MAC address for instance) in hexadecimal separated by “:”. Example: 00:0B:82:8B:4D:D8 RSSI Enabled Check to enable RSSI function, this will lead the AP to disconnect users below the configured threshold in Minimum RSSI (dBm). Enter the minimum RSSI value in dBm.
Configures the frequency of DTIM (Delivery Traffic Indication Message) transmission per each beacon broadcast. Clients will check the AP for buffered data at every configured DTIM Period. You may set a high value DTIM Period for power saving consideration. Default value is 1, meaning that AP will have DTIM broadcast every beacon. If set to 10, AP will have DTIM broadcast every 10 beacons. Valid range: 1 – 10.
• Device Membership: Used to add or remove paired access points to the SSID. Figure 8: Device Membership Click on to add the GWN76XX to the SSID or click on to remove it. Clients Configuration Users can configure clients’ parameters, time policy and also check the list of the clients that has been banned after time disconnect policy has been enabled.
• Click on • Click on Users can press to block a client’s MAC address from connecting to the zone’s SSID. to release Wi-Fi offline client IP lease. button to customize items to display on the page. Following items are supported: Figure 10: Clients - Select Items Clients Access From this menu, users can manage in global way the blacklist of clients that will be blocked from accessing the Wi-Fi network, click on to add or remove MAC addresses of client from global blacklist.
Figure 11: Global Blacklist Figure 12: Managing the Global Blacklist A second option is to add custom access lists that will be used as matching mechanism for MAC address filtering option under SSIDs to allow (whitelist) or disallow (blacklist) clients access to the Wi-Fi network. Click on in order to create new access list, then fill it with all MAC addresses to be matched.
Once this is done, this access list can be used under SSID Wi-Fi settings to filter clients either using whitelist or blacklist mode. Figure 15: Blacklist Access List Time Policy The timed client disconnect feature allows the system administrator to set a fixed time for which clients should be allowed to connect to the access point, after which the client will no longer be allowed to connect for a user configurable cool-down period.
Client Reconnect Timeout Day of the Week Hour of the Day • Reset Daily. • Reset Weekly. • Reset Hourly. • Timed Reset. If “Timed Reset” is selected, this is the period for which the client will have to wait before reconnecting. If “Reset Weekly” is selected, this is the day when the reset will be applied. If “Reset Weekly” or “Reset Daily” is selected, this is the hour and day when the reset will be applied.
Captive Portal Captive Portal feature on GWN7602 AP helps to define a Landing Page (Web page) that will be displayed on Wi-Fi clients’ browsers when attempting to access Internet. Once connected to a GWN7602 AP, Wi-Fi clients will be forced to view and interact with that landing page before Internet access is granted. The Captive Portal feature can be configured from the Master GWN76XX Web page under “Captive Portal”. The page contains following sub-menus: Guest, Policy List, Splash Page and Vouchers.
Figure 19: Captive Portal - Policy List • Click on to edit the policy. • Click on to delete the policy. • Click on to add a policy. The policy configuration page allows adding multiple captive portal policies which will be applied to SSIDs and contains options for different authentication types a splash page that can be easily configured as shown on the next section. Administrator can use an internal or external splash page. GWN7602 User Manual Version 1.0.3.
Figure 20: Add a New Policy Internal Splash Page Below table lists the items policy add page configures Table 6: Captive Portal – Policy List – Splash Page is “Internal” Field Description Name Enter the name of the Captive Portal policy Splash Page Select Splash Page type, Internal or External.
• RADIUS Server: Choosing this option will allow users to set a RADIUS server to authenticate connecting clients. • Social Login Authentication: Choosing this option will allow users to enable authentication Facebook or Twitter. • Vouchers: Choose this page when using authentication via Vouchers. • Login with Password: Choose this page when using authentication via a password. Expiration Configures the period of validity, after the valid period, the client will be reauthenticated again.
• /password_auth.html • /portal_default.html • /portal_pass.html • /portal_tip.html • /social_auth.html • /status.html • /twitter.html • /twitter_website.html • /vouchers_auth.html Choose the landing page, 2 options are available: Landing Page • Redirect to the Original URL. • Redirect to External Page. Once the landing page is set to redirect to external page, user should set the Redirect External Page URL address for redirecting.
External Splash Page Table 7: Captive Portal – Policy List – Splash Page is “External” Field Description Name Enter the name of the Captive Portal policy Splash Page Select to either use Internal or External Splash Page. External Splash Page URL RADIUS Server Address Enter the External Splash Page URL, and make sure to enter the preauthentication rules request by the external portal platform in the preauthentication configuration option. Fill in the IP address of the RADIUS server.
Figure 21: Authentication rules Pre-Authentication Rules Using this option, users can set rules to match traffic that will be allowed for connected Wi-Fi users before authentication process. This can be needed for example to setup Facebook authentication where some traffic should be allowed to Facebook server(s) to process the user’s authentication. Or simply to be used to allow some type of traffic for unauthenticated users.
Figure 22: Captive Portal – Splash Page User can add folder in corresponding folder by selecting the folder and click on . • Click on • Click on • Click on to edit the corresponding file, in another word, to replace the file with a new one. • Click on to delete the file. to upload a file from local device. to download the files in Captive Portal folder.
Note that multiple users can use a single voucher for connection with expiration duration of the voucher that starts counting after first successful connection from one of the users that are allowed. Another interesting feature is that the admin can set data bandwidth limitation on each created voucher depending on the current load on the network, users’ profile (VIP customers get more speed than regular ones...etc.) and the internet connection available (fiber, DSL or cable…etc.
Figure 23: Add Voucher Sample The below figure shows the status of the vouchers after GWN randomly generates the code for each one. Figure 24: Vouchers List Users can click on buttons click and to delete and print multiple vouchers or button to print all vouchers at once. GWN7602 User Manual Version 1.0.3.
Also, users can use the drop-down list filter created at specific date-time. to filter the vouchers that where The following table summarizes description for voucher configuration parameters: Table 8: Voucher Parameters Field Description Specify how many vouchers to generate which will have same Create Number One Time profile/settings (duration, bandwidth and number of users). Valid range: 1 – 1000. Max Devices Specify how many users can use same voucher. Valid range: 1 – 5.
3. Set the following parameters as shown on the screenshot for basic setup then save and apply. Figure 25: Captive Portal with Voucher authentication Then go under your SSID configuration page and enable the generated captive portal under Wi-Fi settings tab. Mesh Network In Mesh Network, wireless connection is established between multiple Aps, which is used to pass-through data traffic rather than client association.
Note: If there are other GWN APs broadcasting in the same field with different subnet, RE may be wirelessly connected to those networks and cannot be discovered and paired by your Master. Therefore, it is recommended to use the first method of wired pairing and then deploy those REs. 3. After that, all slave access points have been deployed and paired to the master, you can directly manage them to operate the mesh network. Mesh service configuration is the same as transitional GWN WLAN. 4.
Figure 27: Mesh settings for GWN7602 For more detailed information about GWN Mesh network feature, you may refer to the following technical document: Mesh Network Guide. Bandwidth Rules The bandwidth rule is a GWN7602 feature that allows users to limit bandwidth utilization per SSID or client (MAC address or IP address). This option can be configured from the Master GWN76XX WebGUI under “Bandwidth Rules”.
Choose the type of rule to be applied on bandwidth utilization from the dropdown list, three options are available: Range Constraint MAC IP address • Per-SSID: Set a bandwidth limitation on the SSID level. • Per-User: Set a bandwidth limitation per Client. • MAC: Set a bandwidth limitation per MAC address. • IP Address: Set a bandwidth limitation per IP address. Enter the MAC address of the device to which the limitation will be applied, this option appears only when MAC type is selected.
Figure 29: Bandwidth Rules Note: The same settings for bandwidth management are available from the following menus: Per-Client Navigate on the web GUI under “Clients→Edit→Bandwidth Rules” where you can set the Upstream and Downstream rate in Mbps. System Settings Maintenance Users can access Maintenance page from the master GWN76XX Web GUI under System Settings→ Maintenance. Basic Basic page allows Country and Time configuration. Table 11: Basic Field Description Anti-domain name hijacking protection.
NTP Server Date Display Format Reboot Schedule Configure the IP address or URL of the NTP server. The device will obtain the date and time from the configured server. Change the Date Display Format, three options are possible YYYY/MM/DD, MM/DD/YYYY and DD/MM/YYYY. Select the time schedule when AP will be rebooted. Refer to [Schedule] to define time. Upgrade The Upgrade Web page allows upgrade related configuration.
This field is available when select “Check at Hour of Day” and “Check at Day of Week” in “Automatic Upgrade” Defines the day of the week to check the HTTP/TFTP server for Day of Week firmware upgrade or configuration file changes. This field is available when select “Check at Day of Week” in “Automatic Upgrade” Click on Upgrade Now Download Configuration button to begin the upgrade. Note that the device will reboot after downloading the firmware.
New User Password Confirm New User Password Configure the password for user-level Web GUI access. This field is case sensitive with a maximum length of 32 characters. Enter the new User password again to confirm. Syslog The syslog Web page provides configuration settings for syslog. Table 14: Syslog Parameters Field Syslog Server Syslog Level Log DNS Queries Description Enter the IP address or URL of Syslog server.
Minutes Enter the number of Minutes period after which trigger file rotation. Hour of the day Enter the hour of day at which trigger file rotation. Day of the week Enter Day of the week + hour of day, at which trigger file rotation. Devices Select the path (a USB partition) to store collected logs. Required. Enable Logserver Enables the Logserver. After setting up the Logserver and saving the settings, users need to connect an USB external storage and press Start button to start collecting logs.
Figure 30: Capture Page The below table will show different fields used on debug page: Table 16: Debug Required Options File Name Enter the name of the capture file that will be generated. Interface Choose a SSID as Interface on which the traffic will be captured. Device Choose a device plugged to USB port to save the capture once started. Advanced Options File Size Set a File size that the capture will not exceed. Rotate Count Set a value for rotating captures.
Filtering Options Custom Filter Check this option when adding custom filtering rule. When selected, the default filtering options will be hidden (Source Port, Destination Port...etc). Custom Filtering Configures a filter expression in which traffic should be captured,for example: Rule icmp and host 8.8.8.8. Once configured, then you need to click on Validate. Source Port Set the Source Port to filter capture traffic coming from the defined source port.
Figure 31: Capture Files Core Files The Core Files Web page displays core dumps generated when the GWN7602 crashes. This is helpful for troubleshooting purposes. Ping/Traceroute Ping and Traceroute are useful debugging tools to verify reachability with other clients across the network. The master GWN76XX offers both Ping and Traceroute tools for IPv4 protocol. To use these tools, go to Master GWN76XX Web GUI System Settings → Debug → Ping/Traceroute. GWN7602 User Manual Version 1.0.3.
Figure 32: IP Ping • Next to Tool choose from the dropdown menu: - IPv4 Ping for an IPv4 Ping test to Target - IPv4 Traceroute for an IPv4 Traceroute to Target • Type in the destination’s IP address in Target field. • Click on Run. Figure 33: IP Traceroute Syslog The syslog Web page displays logs generated by the GWN7602 for troubleshooting purpose as shown in figure below. Syslog messages are also displayed in real time under Web GUI→System Settings→Debug→Syslog. GWN7602 User Manual Version 1.
Figure 34: Syslog One Key Debug This feature is useful when AP is paired, as users can still login to the paired AP using “admin” username and “SSH” password (System → Settings →SSH Password). User will have access to the usual Capture, Ping/Traceroute and Syslog and to One Key Debug feature that allows collecting more information that can be share with support for troubleshooting purposes directly from the Access Points web interface. GWN7602 User Manual Version 1.0.3.
Figure 35: One Key Debug After selecting the features to debug (Wireless: clients connections, SSIDs.., Captive portal debugging or Mesh network) then you should press the One Key Debug button, and after 30 min the debug file will be available under Core file. Email/Notification The Email/Notification page allows the administrator to select a predefined set of system events and to send notifications upon the change of the set events. Figure 36: Email GWN7602 User Manual Version 1.0.3.
Table 17: Email Setting Filed Description Once enabled, AP will send related notification email to the receivers. Enable Email Notification Note: if no event is specified in the Notification page, server will send an empty mail. General From Email Address Specify the email address of the notification sender. If the address is not specified, AP will use the SMTP username as a sender. From Name Specifies the name of the notification sender.
Figure 37: Notification The following table describes the notifications configuration settings. Table 18: Email Events Filed Description Enabled Enable/disable the notification. By default, it is disabled Memory Usage Memory Usage Threshold (%) CPU Usage CPU Usage Threshold (%) Configures whether to send notification if memory usage is greater than the configured threshold. By default, it is disabled. Specifies the Memory Usage Threshold (%). Must be integer between 1 and 100.
Administrator Configures whether to send notification on admin password change. Default is Password Change disabled. AP Offline Configures whether to send notification when AP going offline. Default is disabled.
Static DHCP Users can use the feature in order to set static DHCP binding to certain clients, to whom you do not want the IP address to change. To configure Static DHCP, please follow below steps: 1. Go under the menu “System Settings ➔ DHCP Server ➔ Static DHCP”. 2. Click button to create a new entry. 3. Enter the name of the device, along with its MAC address and IP address Figure 38: DHCP Binding 4. Press Save and Apply to submit the changes. GWN7602 User Manual Version 1.0.3.
Figure 39: Static DHCP Devices List Schedule Users can use the schedule configuration menu to set specific schedule for GWN features while giving the flexibility to specify the date and time to turn ON/OFF the selected feature. The Schedule can be used for settings up specific time for Wi-Fi where the service will be active or for LED schedule or bandwidth rules …etc. To configure a new schedule, follow below steps: 1. Go under “Schedule” and click on Create New Schedule. GWN7602 User Manual Version 1.0.
Figure 40: Create New Schedule 2. Select the periods on each day that will be included on the schedule and enter a name for the schedule (ex: office hours). 3. Users can choose to set weekly schedule or absolute schedule (for specific days for example), and if both weekly schedule and absolute schedules are configured on the same day then the absolute schedule will take effect and the weekly program will be cancelled for that specific date. 4.
Figure 41: Schedules List LED Schedule GWN7602 Access Points series also support the LED schedule feature. This feature is used to set the timing when the LEDs are ON and when they will go OFF at customer’s convenience. This can be useful for example when the LEDs become disturbing during some periods of the day, this way with the LED scheduler, you can set the timing so that the LEDs are off at night after specific hours and maintain the Wi-Fi service for other clients without shutting down the AP.
Figure 42: LED Scheduling Sample GWN7602 User Manual Version 1.0.3.
UPGRADING AND PROVISIONING Upgrading Firmware The GWN7602 can be upgraded to a new firmware version remotely. This section describes how to upgrade your GWN7602 via the Master GWN76XX. Upgrading via the Master GWN76XX Web GUI The GWN7602 can be upgraded via TFTP/HTTP/HTTPS by configuring the URL/IP Address for the TFTP/HTTP/HTTPS server and selecting a download method. Configure a valid URL for TFTP, HTTP or HTTPS; the server name can be FQDN or IP address. Examples of valid URLs: firmware.grandstream.
Automatic Upgrade Set automatic upgrade every intervals/day/week. The device will request to upgrade automatically according to the setup time. The default setting is Disabled X Hours Select the time period to check for firmware upgrade. This field is available when select “Check every X Hours” in “Automatic Upgrade” Hour of Day (0-23) Defines the hour of the day (0-23) to check the HTTP/TFTP server for firmware upgrade or configuration file changes.
Figure 43: Upgrading GWN7602 Make sure that firmware server path is set correctly under Maintenance, check the desired APs to upgrade, and click on to upgrade the selected paired access points.
MANAGING GWN7602 FROM GWN CLOUD The GWN7602 can be managed by your GWN.Cloud account, GWN Cloud web interface now can be accessed at: https://www.gwn.cloud. Figure 45: GWN Cloud Web GUI . For Further information, please refer to the GWN Cloud user guide in below link: http://www.grandstream.com/sites/default/files/Resources/GWN_Cloud_User_Guide.pdf GWN7602 User Manual Version 1.0.3.
EXPERIENCING THE GWN7602 Wi-Fi ACCESS POINTS Please visit our website: http://www.grandstream.com to receive the most up- to-date updates on firmware releases, additional features, FAQs, documentation and news on new products. We encourage you to browse our product related documentation, FAQs and User and Developer Forum for answers to your general questions. If you have purchased our products through a Grandstream Certified Partner or Reseller, please contact them directly for immediate support.