IEEE 802.11g Wireless Access Point/Bridge Pro/Advanced User’s Guide Version: 1.
Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiated radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
R&TTE Compliance Statement This equipment complies with all the requirements of DIRECTIVE 1999/5/CE OF THE EUROPEAN PARLIAMENT AND THE COUNCIL OF 9 March 1999 on radio equipment and telecommunication terminal equipment and the mutual recognition of their conformity (R&TTE). The R&TTE Directive repeals and replaces in the directive 98/13/EEC (Telecommunications Terminal Equipment and Satellite Earth Station Equipment) as of April 8,2000.
Table of Contents 1. Introduction ......................................................................................................................... 1 1.1. Overview................................................................................................................... 1 1.2. Features.................................................................................................................... 1 1.3. Feature Comparison ...................................................................
3.5.1.3. Association Control ............................................................................ 30 3.5.1.4. AP Load Balancing............................................................................. 30 3.5.1.5. Wireless Distribution System.............................................................. 30 3.5.2. Security......................................................................................................... 34 3.5.2.1. Basic.......................................................
1. Introduction 1.1. Overview The IEEE 802.11g wireless access point (AP) enables IEEE 802.11g or IEEE 802.11b client computers to access the resources on the Ethernet network. There are 2 different model variations, Pro and Advanced, which are classified in terms of features. The Pro edition provides basic features while the Advanced edition provides more advanced features. With the sleek Web-based user interface, a network administrator can easily and clearly manage the AP.
Wi-Fi Alliance (http://www.wi-fi.org). Both WPA-PSK (Pre-Shared Key) mode and full WPA mode are supported. WPA is composed of TKIP (Temporal Key Integrity Protocol) and IEEE 802.1x and serves as a successor to WEP for better WLAN security. Repeater. When the AP is in AP/Bridge mode, it can communicate with other APs or wireless bridges via WDS (Wireless Distribution System).
Firmware Tools Firmware upgrade. The firmware of the AP can be upgraded in the following methods: Xmodem-based. Upgrading firmware over RS232. TFTP-based. Upgrading firmware by TFTP (Trivial File Transfer Protocol). HTTP-based. Upgrading firmware by HTTP (HeperText Transfer Protocol). Configuration backup. The configuration settings of the AP can be backed up to a file via TFTP or HTTP for later restoring. Configuration reset. Resetting the configuration settings to factory-default values.
PoE is optional. 1.4. LED Definitions There are several LED indicators on the housing of the AP. They are defined as follows: ALV: Alive. Blinks when the AP is working normally. RF: IEEE 802.
2. First-Time Installation and Configuration 2.1. Selecting a Power Supply Method Optionally, the AP can be powered by the supplied power adapter or PoE (Power over Ethernet). The AP automatically selects the suitable one depending on your decision. To power the AP by the supplied power adapter: 1. Plug the power adapter to an AC socket. 2. Plug the connector of the power adapter to the power jack of the AP.
Fig. 1. Mounting the AP on a wall. 2.3. Preparing for Configuration For you to configure an AP, a managing computer with a Web browser is needed. For first-time configuration of an AP, an Ethernet network interface card (NIC) should have been installed in the managing computer. For maintenance-configuration of a deployed AP, either a wireless computer or a wired computer can be employed as the managing computer.
Cross-over Ethernet cable Normal Ethernet cable Managing Computer Normal Ethernet cable Ethernet Hub/Switch Managed AP Fig. 2. Connecting a managing computer and an AP via Ethernet. You can use either a cross-over Ethernet cable (included in the package) or a switch/hub with 2 normal Ethernet cables. NOTE: One connector of the Ethernet cable must be plugged into the LAN/CONFIG Ethernet jack of the AP for configuration. 2.3.2.
right to access the Web-based Network Manager. For first-time configuration, use the default user name “root” and default password “root”, respectively. Fig. 3. Entering the user name and password. NOTE: It is strongly recommended that the password be changed to other value for security reasons. On the start page, click the General, Password link to change the value of the password (see Section 3.3.1 for more information).
Fig. 4. The Start page. 2.4.2. Step 1: Selecting an Operational Mode Fig. 5. Operational modes settings. Go to the General, Operational Mode section, select an operational mode and click Save at the bottom of this page, and then you are brought back to the start page. The AP supports 2 operational modes: AP/Bridge. This mode provides both Access Point and Static LAN-to-LAN Bridging functionality. The static LAN-to-LAN bridging function is supported through Wireless Distribution System (WDS).
AP Client. This mode is for Dynamic LAN-to-LAN Bridging. The AP Client automatically establishes bridge links with APs from any vendors. In either mode, the AP forwards packets between its Ethernet interface and wireless interface for wired hosts on the Ethernet side and wireless host(s) on the wireless side. There are 2 types of wireless links as specified by the IEEE 802.11 standard. STA-AP. This type of wireless link is established between an IEEE 802.11 Station (STA) and an IEEE 802.
Table 1. Operational modes vs. wireless link types. AP/Bridge AP Client AP/Bridge WDS STA-AP AP Client STA-AP To establish a static bridge link based on WDS, the AP/bridges at both end of the WDS link must be manually configured with each other’s MAC addresses (see Section 3.5.1.5 for more information). To establish a dynamic bridge link between an AP and an AP Client, both devices have to be configured with the same SSID and WEP settings.
2.4.4. Step 3: Configuring IEEE 802.11 Settings Fig. 7. IEEE 802.11g communication settings. Go to the IEEE 802.11, Communication section to configure IEEE 802.11g-related communication settings, including Regulatory domain, Channel number, and Network name (SSID). The number of available RF channels depends on local regulations; therefore you have to choose an appropriate regulatory domain to comply with local regulations.
2.4.5. Step 4: Reviewing and Applying Settings Fig. 8. Settings changes are highlighted in red. On the start page, you can review all the settings you have made. Changes are highlighted in red. If they are OK, click Restart to restart the AP for the new settings to take effect. NOTE: About 7 seconds are needed for the AP to complete its restart process. 2.5. Deploying the AP After the settings have been configured, deploy the AP to the field application environment.
3. Fix the alignment of the antenna on one side. 4. Adjust the alignment of the antenna on other side by using response time information obtained from PINGing (run PING.exe) the “fixed-side” computer. 5. Fine-tune the alignment of the antenna until you get a best response time. 6. Increase the data rate of each bridge simultaneously until a maximal workable data rate is reached. You may not be able to use the highest data rate, 54Mbps, because of the distance and the gain of the antennas. Fig.
of the antenna of Bridge 1 until the Link quality indicator shows a relatively maximal value. Finally, click Stop to stop monitoring WDS link quality. TIP: If you are doing dynamic bridging, you can use the Link Monitor feature on the AP Client side to help you align the directional antennas. Refer to Section 3.2.4 for more information. Fig. 11. Link monitor. 2.6. Setting up Client Computers The TCP/IP and IEEE 802.11g-related settings of wireless client computers must match those of the AP. 2.6.1.
NOTE: For some versions of Windows, the computer needs to be restarted for the changes of TCP/IP settings to take effect. 2.7. Confirming the Settings of the AP and Client Computers After you have completed deploying the AP and setting up client computers, you have to make sure the settings you have made are correct. 2.7.1. Checking if the IEEE 802.11g-Related Settings Work To check if a wireless client computer can associate with the AP: 1.
3. Using Web-Based Network Manager In this chapter, we’ll explain each Web management page of the Web-based Network Manager. 3.1. Overview Fig. 12. The Start page. 3.1.1. Menu Structure The left side of the start page contains a menu for you to carry out commands. Here is a brief description of the hyperlinks on the menu: Home. For going back to the start page. Status. Status information. Wireless Clients. The status of the wireless clients currently associated with the AP. DHCP Mappings.
Link Monitor. When the AP is in AP Client mode, this page shows the signal strength and link quality of the wireless link to its associated access point. General. Global operations. Operational Mode. Operational mode of the AP—AP/Bridge or AP Client. Password. For gaining rights to change the settings of the AP. Firmware Tools. For upgrading the firmware of the AP, backing up and restoring configuration, and configuration reset settings of the AP. TCP/IP. TCP/IP-related settings. Addressing.
Fig. 14. Settings have been changed. 3.1.3. Home and Refresh Commands Fig. 15. Home and Refresh. At the bottom of each status page that shows read-only information, there are two buttons—Home and Refresh. Clicking Home brings you back to the start page. Clicking Refresh updates the shown status information. 3.2. Viewing Status 3.2.1. Associated Wireless Clients Fig. 16. Status of associated wireless clients.
user name (if the client has been IEEE 802.1x authenticated), number of bytes it has send, number of bytes it has received, and the time of its last activity, is shown. 3.2.2. Current DHCP Mappings Fig. 17. Current DHCP mappings. On this page, all the current static or dynamic DHCP mappings are shown. A DHCP mapping is a correspondence relationship between an IP address assigned by the DHCP server and a computer or device that obtains the IP address.
When the AP is in AP Client mode, you can use the Link Monitor status page to monitor the link quality and signal strength sensed by its RF module. Larger values means better wireless connectivity to its associated Access Point. This feature is especially useful when you are aligning a pair of directional antennas for bridging applications. Refer to Section 2.5 for more information about antenna alignment. NOTE: The values are updated every 20 seconds. 3.3. General Operations 3.3.1.
AP/Bridge WDS AP Client STA-AP STA-AP To establish a static bridge link based on WDS, the AP/bridges at both end of the WDS link must be manually configured with each other’s MAC addresses (see Section 3.5.1.5 for more information). To establish a dynamic bridge link between an AP and an AP Client, both devices have to be configured with the same SSID and WEP settings. The AP Client automatically scans for any AP that is using the matched SSID and establishes a bridge link with the scanned AP.
3.3.3.1. Upgrading Firmware by HTTP Fig. 23. Firmware upgrade by HTTP. To upgrade firmware of the AP by HTTP: 1. Click Browse and then select a correct firmware .bin file. The firmware file path will be shown in the Firmware file name text box. 2. Click Upgrade to begin the upgrade process. 3.3.3.2. Backing up and Restoring Configuration Settings by HTTP Fig. 24. Firmware backup by HTTP. To back up configuration of the AP by HTTP: 1. Click Back Up. 2.
3.3.3.3. Upgrading Firmware by TFTP Fig. 26. TFTP server settings. When use TFTP as the firmware management protocol, you can configure settings for the AP’s TFTP client to communicate with a TFTP server. If the TFTP client does not get a response from the TFTP server within a period specified by the Timeout setting, it will resend the previous request. The Max number of retries setting specifies the maximal number of resend before the TFTP client stops communicating with the TFTP server.
Fig. 28. TFTP Server. NOTE: After the dialog box of the TFTP server program appears, be sure to specify the working folder within which the downloaded firmware files reside. NOTE: Make sure the Accept read requests check box of TFTP Server is selected. NOTE: The LAN IP address of the AP and the IP address of the TFTP server must be in the same IP subnet for TFTP to work.
To back up configuration of the AP by TFTP: 1. Get a computer that will be used as a TFTP server and as a managing computer to trigger the backup process. 2. Connect the computer and one of the LAN Ethernet switch port with a normal Ethernet cable. 3. Configure the IP address of the computer so that the computer and the AP are in the same IP subnet. 4. On the computer, run the TFTP Server utility.
TIP: If you want to remotely back up or restore configuration from the Internet, adjust the Timeout and Max no. of retries settings of TFTP Server for remote TFTP configuration backup/restore to succeed. 3.3.3.5. Resetting Configuration to Factory Defaults Fig. 30. Configuration reset. Clicking the Reset button resets the device configuration to factory defaults. WARNING: Think twice before clicking the Reset button. You’ll lose all your current configuration settings. 3.4.
3.4.2. DHCP Server 3.4.2.1. Basic Fig. 32. Basic DHCP server settings. The AP can automatically assign IP addresses to client computers by DHCP. In this section of the management page, you can specify the Default gateway, Subnet mask, Primary DNS server, and Secondary DNS server settings that will be sent to a client at its request. Additionally, you can specify the first IP address that will be assigned to the clients and the number of allocateable IP addresses.
To always assign a static IP address to a specific DHCP client: 1. Specify the MAC address of the DHCP client and the IP address to be assigned to it. Then, give a description for this mapping. 2. Select the corresponding Enabled check box. 3.5. Configuring IEEE 802.11g-Related Settings 3.5.1. Communication 3.5.1.1. Basic Basic IEEE 802.11g-related communication settings include AP functionality, RF type, Regulatory domain, Channel number, Network name (SSID), Data rate, and Transmit power. Fig. 34.
When the Ethernet LAN interface is detected to be disconnected from the wired network, all currently associated wireless clients are disassociated by the AP and no wireless client can associate with the AP. The detection mechanism is based on pinging the IP address specified in Reference host. 3.5.1.3. Association Control Fig. 36. Association control settings.
Traditionally, access points are connected by Ethernet. By Wireless Distribution System (WDS), APs can communicate with one another wirelessly. For example, in Fig. 38, AP 2 acts as an access point for the notebook computers and it forwards packets sent from the notebook computers to AP 1 through WDS. Then, AP 1 forwards the packets to the Ethernet LAN. Packets destined for the notebook computers follow a reverse path from the Ethernet LAN through the APs to the notebook computers.
Fig. 41. Sample wireless bridge network topology. WARNING: Don’t let your network topology consisting of wireless bridges, Ethernet switches, Ethernet links, and WDS links contain loops. If any loops exist, packets will circle around the loops and network performance will be seriously degraded. Fig. 42. Network topology containing a loop. TIP: You can check whether the WDS links of the AP are functioning by using Wireless Network Manager.
Fig. 43. Link health monitoring. Run Wireless Network Manager on a computer and locate the AP you want to manage. Go to the WDS tab, and then click Test. The test results (OK or Broken) will be shown in the Link Status column of the WDS links table. If external high-gain directional antennas are used, it’s difficult to align the antennas when the distance between the bridges is long. To adjust the alignments of a pair of bridges’ directional antennas: 7. Connect each bridge to a computer via Ethernet. 8.
Adjust antenna alignment WDS Link Bridge 2 Bridge 1 PING (ICMP Echo Request) ICMP Echo Reply Computer 1 Computer 2 Fig. 44. Adjusting alignments of external directional antennas. TIP: You can make use of the Antenna Alignment Assistance feature to help you align the directional antennas. Fig. 45. Antenna alignment assistance. Instead of using PING.exe, you can run Wireless Network Manager on Computer 1, and go to the Antenna Alignment tab. Click Start to begin monitoring the WDS link quality.
3.5.2.1. Basic Fig. 46. Basic IEEE 802.11g security settings. For security reasons, it’s highly recommended that the security mode be set to options other than Open System. When the security mode is set to Open System, no authentication and data encryption will be performed. Additionally, you can disable the SSID broadcasts functionality so that a wireless client computer with an “any” SSID cannot associate with the AP.
STA 1 STA 3 STA 2 AP 1 AP 2 WCI: All APs in This Subnet WCI: All APs in This Subnet Switch Wireless Link Ethernet Link Fig. 48. Behavior of the “All APs on This Subnet” wireless client isolation option. As illustrated in Fig. 47 when AP 1 and AP 2 are using the “This AP Only” option, wireless traffic between STA 1 and STA 2 is blocked by AP 1, while wireless traffic between STA 2 and STA 3, which are associated with different APs, is still allowed.
In the above security modes, a back-end RADIUS (Remote Authentication Dial-In User Service) server is needed if IEEE 802.1x functionality is enabled. See Section 3.5.3 for more information about IEEE 802.1x and RADIUS. According to the IEEE 802.11 standard, WEP can be used for authentication and data encryption. Normally, Shared Key authentication is used if WEP data encryption is enabled. In rare cases, Open System authentication may be used when WEP data encryption is enabled.
3. Specify the MAC address of a wireless client to be denied access, and then click Add. 4. Repeat Steps 3 for other wireless clients. To delete an entry in the access control table: Click Delete next to the entry. NOTE: The size of the access control table is 64. Fig. 50. MAC ACL download settings.
IEEE 802.1x, a user has to issue his or her user name and password or digital certificate to the backend RADIUS server by EAPOL (Extensible Authentication Protocol Over LAN). The RADIUS server can record accounting information such as when a user logs on to the wireless LAN and logs off from the wireless LAN for monitoring or billing purposes. The IEEE 802.1x functionality of the access point is controlled by the security mode (see Section 3.5.2.1).
Fig. 53. IEEE 802.1x/RADIUS settings. TIP: Refer to the IEEE 802.1x-related white papers on the companion CD-ROM for more information about deploying secure WLANs with IEEE 802.1x support. 3.6. Configuring Advanced Settings 3.6.1. Packet Filters The AP provides layer 2 (Ethernet Type Filters), layer 3 (IP Protocol Filters), and layer 4 (TCP/UDP Port Filters) filtering capabilities. The configuration processes for the filters are similar.
3.6.1.2. IP Protocol Filters Fig. 55. IP protocol filters settings. The protocol, source address, and destination address fields of a packet incoming from the WLAN or Ethernet interface is inspected for filtering. In a rule, specify the hex-decimal protocol number, source IP address range (Source IP Address AND Source Subnet Mask), and destination IP address range (Destination IP Address AND Destination Subnet Mask).
3.6.2. Management 3.6.2.1. UPnP Fig. 57. UPnP settings. UPnP (Universal Plug and Play) enables a Windows XP user to automatically discover peripheral devices by HTTP. When the UPnP functionality is enabled, you can see the AP in My Network Places of Windows XP. The AP can be given a friend name that will be shown in My Network Places. Double-clicking the icon in My Network Places that stands for the AP will launch the default Web browser for you to configure the AP. 3.6.2.2. System Log Fig. 58.
3.6.2.3. SNMP Fig. 59. SNMP settings. The SNMP (Simple Network Management Protocol) functionality can be disabled, and you can specify the name (used as a password) of the read-only and read-write community. In addition, up to 5 SNMP trap targets can be set in the SNMP Trap Table. To specify a trap target: 1. Type the IP address of the target host. 2. Type the Community for the host. 3. Select the corresponding check box next to the IP address text box.
Appendix A: Default Settings TIP: Press the Default (SF-Reset, or Soft-Reset) switch on the housing of a powered-on AP to reset the configuration settings to factory-default values. Setting Name Global User Name Password IEEE 802.11g Regulatory Domain Channel Number SSID SSID Broadcasts Transmission Rate Transmit Power MAC Address Default Value root root FCC (U.S.) 11 wireless Enabled Auto High See the label on the accompanying PCMCIA card or the label on the housing of the AP.
Appendix B: Troubleshooting Check the following first: Make sure that the power of the AP is on and the Ethernet cables are connected firmly to the RJ-45 jacks of the AP. Make sure that the LED ALV of the AP is blinking to indicate the AP is working. Make sure the types of the Ethernet cables are correct. Recall that there are two types—normal and crossover. B-1: Wireless Settings Problems The wireless client computer cannot associate with an AP.
B-2: TCP/IP Settings Problems Correspondent Host IEEE 802.11g Internet Ethernet LAN Stage A Client Computer State B AP Stage D Default Gateway of Client Computer DNS Server of Client Computer Fig. 60. Communication stages for a client to reach its correspondent host. For a wireless client computer to communicate with a correspondent host on the Internet by the host’s domain name (e.g. http://www.wi-fi.com), it first sends a DNS request to a DNS server on the Internet.
Make sure the wireless settings of the wireless client computer and of the AP match. Are the IP address of the client computer and the IP address of the AP in the same IP subnet? Use WinIPCfg.exe or IPConfig.exe to see the current IP address of the client computer. Make sure the IP address of the client computer and the IP address of the AP are in the same IP subnet. TIP: If you forget the current IP address of the AP, use Wireless Router/AP Browser to get the information (see Appendix B-3).
Fig. 61. Wireless Router/AP Browser. The AP stops working and does not respond to Web management requests. The firmware of the AP may be stuck in an incorrect state. Unplug the power connector from the power jack, and then re-plug the connector to restart the AP. Contact our technical support representatives to report this problem, so that the bugs can be static in future firmware versions. If the AP still does not work after restarting, there may be hardware component failures in the AP.
Appendix C: Additional Information C-1: Firmware Upgrade Using Xmodem Upgrade Fig. 62. Xmodem Upgrade. To upgrade the firmware of AP using Xmodem Upgrade over RS232: 1. Power off the AP whose firmware will be upgraded. 2. Connect the managing PC and the AP with an RS232 Null Modem cable. 3. Select the serial port (COM1 or COM2) you use for connecting the device from the Serial port drop-down list and click Connect. 4. Chose the folder in which the firmware files reside by click Browse. 5.