Access / One® Network Action Status Results The following table defines the messages you will see in the Status column. Status Definition Running There are no pending commands for this module and it is communicating with the network server. Link Lost Manager/One has lost contact with this module for more than one minute. Command Started Manager/One is attempting to execute the command. Command Sent Successfully The command was received by the module.
Access / One® Network Commands Clicking on Commands in Manager/One’s toolbar generates a pull-down menu containing all the commands that are available within the Manage function. Load Firmware on Network This command allows you to load a new firmware image to each of the modules contained in all network nodes within your Access/One Network. However, before you can load a new image, your FTP server parameters must be established correctly to let Manager/One know where to locate the new image (BIN) file.
Access / One® Network Update Network Membership This command must be executed at the subnet level. Go to “Update Network Membership” on page 69. Transfer System Files This command allows you to transfer network (cloud) or device (module) configuration files between the network and your assigned FTP server. This is a useful tool if you want to backup or restore configuration files. However, before executing this command your FTP server parameters must be set up correctly using the Firmware Updates command.
Access / One® Network Remote Network Server This command allows to you include or exclude remote network servers. Include Choose this command to include a remote network server within your Access/One Network—a static network server must be specified in Network Topology before executing this command. When prompted, enter the IP address of the server you want to include then click on the OK button. Figure 53.
Access / One® Network The Configure Function This function provides you with the tools you need to configure your Access/One Network at the network level and includes the following commands: ◗ System • User Login • Network Management – General – SNMP – Trusted IP Addresses • TCP/IP Settings • Network Topology • Priority/One - Class of Service 5 • Radius Accounting • Syslog • Date and Time • Operating Environment • Firmware Updates ◗ Wi-Fi • Radio Parameters • Client Connect • Network Connect • Rogue Scan
Access / One® Network User Login This command displays the User Management window, allowing you to change the login password for users and enable/disable password encryption. 5 Figure 55. Managing User Logins The following options are available with this command: ◗ User Name Choose a user name from the pull-down list. A valid user name is required to access the Web server interface within the network server module.
Access / One® Network After inputting data (or making selections), click on the Update button to update this page, then click on the Apply Configuration tab to propagate your changes across the network. If necessary, you can click on the factory default (FD) button in the toolbar to reset all data on this page to its factory default state.
Access / One® Network If you are allowing access via Telnet or SSH, enter a value—in seconds—in the Shell Timeout field to define how long the connection will remain open during idle periods. Setting the shell timeout value to 0 (zero) will disable the timer and keep the session open, even when idle. ◗ Web Choose Clear & Secure to allow network management from your Web browser via HTTP (clear) and HTTPS (secure), or choose Secure Only to restrict management via a secure HTTPS connection only.
Access / One® Network SNMP This command allows you to define the SNMP Communities, the SNMP System, and any specific SNMP Trap Managers. With SNMP enabled and the settings on this page defined, your Access/One Network will support most common SNMP management consoles. The system also supports Syslog (System Logging) via an SNMP manager (in parallel with basic Syslog services) where Syslog text information is encoded in an SNMP trap message and presented to the operator.
Access / One® Network The following options are available with this command: ◗ SNMP Communities Enter your GET Community (read), SET Community (write) and TRAP Community in the corresponding fields. The defaults for these fields are: • GET Community: public • SET Community: netman • TRAP Community: public ◗ SNMP System Enter the Contact and Location information for the person managing your Access/One Network. ◗ SNMP Trap Managers Enter a valid IP address for any SNMP Trap Manager you intend to use.
Access / One® Network Trusted IP Addresses This command allows you to enable or disable the Trusted Mode and assign specific trusted IP addresses. When this mode is enabled, only addresses assigned here will be trusted by the network for management at any network module. Figure 59. Assigning Trusted IP Addresses The following options are available with this command: ◗ Trusted Mode You can only enable this option if you have added at least one trusted IP address.
Access / One® Network TCP/IP Settings This command allows you to specify whether Access/One will obtain the Default Gateway and DNS IP addresses automatically, or use pre-configured static IP addresses. 5 Figure 60. TCP/IP Settings The following options are available with this command: ◗ Default Gateway The system is set up to use DHCP (Dynamic Host Configuration Protocol) to obtain the default gateway IP address automatically (default).
Access / One® Network ◗ DNS Server Choose whether you want the system to use DHCP to obtain the DNS IP address automatically (default), or use a pre-configured static IP address. If you choose the latter option, enter IP addresses for the primary and secondary (if any) DNS server. DNS is used by your Access/One Network modules to lookup the names of various servers (for example, the RADIUS and FTP servers). You must specify a Domain Name when static IP addresses are used.
Access / One® Network The following options are available with this command: ◗ Master Network Server Configuration Establishing a master/slave relationship between network servers facilitates efficient Wide Area Network management by reducing the amount of traffic between two subnets on the same network, as well as providing a single network server responsible for all Strix devices within its subnet.
Access / One® Network After inputting data (or making selections), click on the Update button to update this page, then click on the Apply Configuration tab to propagate your changes across the network. If necessary, you can click on the factory default (FD) button in the toolbar to reset all data on this page to its factory default state. Priority/One - Class of Service This command allows you enable and define Class of Service (CoS) filters to prioritize traffic throughout your Access/One Network.
Access / One® Network ◗ Spectralink Voice Support Check the SpectraLink Radio Protocol box to enable the SpectraLink Voice Support feature across the network. This feature gives a controlled preference to voice packets over data packets, ensuring that all voice packets are transmitted efficiently. Access/One Network prioritizes SpectraLink voice traffic over user data traffic.
Access / One® Network To edit or delete an assigned filter that appears in the list, click on the filter to generate the COS Filter Priority Settings window. From here you can edit or delete filters. To delete a filter, click on the X icon next to the filter in this window. 5 Click here to delete Figure 64.
Access / One® Network Radius Accounting Through a wireless interface, your Access/One Network supports RFC 2866 standard RADIUS (Remote Authentication Dial-In User Service) accounting, allowing customers with existing RAS Radius-parsing scripts/tools to leverage their investment as well as customize their tools to extract all available statistical information. This command allows you to configure up to two RADIUS accounting servers, set up an authorization port, and establish a secret key. 5 Figure 65.
Access / One® Network ◗ Secret Enter a secret key in this field for the primary RADIUS server. During the authentication process, the server and client exchange secret keys. The secret keys must match for communication between the server and the client to continue. The secret key is a valuable and necessary security measure. ◗ Secret Confirm Confirm your secret key in this field. ◗ Checkpoint Interval Check this box to enable a checkpoint interval, or uncheck this box to disable this feature.
Access / One® Network To access the Syslog window, choose Syslog from the System pull-down menu in the Configure function. 5 Server IP Address added here Reporting Levels Figure 66. Configuring Access/One Network for Syslog The following options are available with this command: ◗ Syslog Configuration This category allows you to define the Maximum Message Length, where the character length of Syslog messages will be restricted to the number you define here.
Access / One® Network ◗ Syslog Management Enter a valid IP address for the Syslog server, then click on the Add button to add this server to the list of available Syslog destinations. You can add additional servers, but assigning multiple servers may degrade the system’s performance. Once you’ve assigned the server(s), choose the destination for your event logging (CLI, SNMP Syslog MIB, and/or the Syslog server you assigned).
Access / One® Network Date and Time This command allows you to set the time zone, define daylight saving parameters, and choose between automatic time and manual time. 5 Figure 67. Establishing the Correct Date and Time for Your Environment The following options are available with this command: ◗ Time Zone Select the time zone from the pull-down list that applies to the geographic location where your Access/One Network is operating. The default time zone is Greenwich Mean Time (GMT). Figure 68.
Access / One® Network ◗ Daylight Saving Time This option allows you to configure the Daylight Saving Time for your chosen time zone. Click on the Set Daylight Saving Time button to reveal the configuration window. Figure 69. Configuring Daylight Saving Time Choose the month, week, day and year from the available pull-down menus for both the Starting Time and Ending Time to establish your daylight saving time.
Access / One® Network With the Automatic Time (SNTP) option selected, the master network server transmits time/date synchronization packets periodically to Strix devices using the Strix Time Distribution (STD) protocol. Stack controllers use STD to adjust their own time and date. Time and date information is distributed in Greenwich Mean Time (GMT), allowing each device to adjust for its own time zone. This allows Access/One Network to span large geographic areas while maintaining time coherence.
Access / One® Network Operating Environment This command is applicable to the IWS only. It displays the Fan Setting window and allows you to choose between a Low, Normal (Indoor) and Outdoor speed setting for the node’s cooling fan. Choose Normal if the affected node is to be installed in an environment with a regulated temperature, otherwise choose High if the operating environment is uncontrolled and prone to fluctuating temperatures and/or humidity.
Access / One® Network Wi-Fi This area of Manager/One contains the primary configuration commands for your Access/One Network in the Wi-Fi environment. Any commands executed here are applied to all wireless modules, so make sure the changes you initiate are changes that you want to apply to the entire network, otherwise go to “Managing Subnets and Nodes” on page 125 or “Managing Modules” on page 131. Radio Parameters This command allows you to define your Access/One Network’s general radio parameters.
Access / One® Network The following options are available with this command: ◗ 802.11g Radio Wireless Mode This option allows you to select the 802.11g wireless mode from the options available in the corresponding pull-down list, including: • 802.11g: This is the default standard 802.11g wireless mode. • 802.11g Only (No 802.11b): This mode restricts the radio to the 802.11g wireless mode only and does not allow 802.11b compatibility. • 802.
Access / One® Network ◗ Allow Association Over Long Distances This option allows you to set a distance (up to 25 miles) for wireless associations over long distances (the default is 3 miles). Be aware that changing the distance here will affect all wireless modules. We recommend setting this value at the module level. For example, if you have a single 10 mile link and many shorter links setting this value to 10 miles will affect all links and slow down the network. ◗ Maximum 802.
Access / One® Network ◗ 802.11a Channel Selector These options extend the range of 802.11a wireless capability by allowing you to select 802.11a wireless channels. Check the corresponding box to enable an 802.11a channel of your choice. ◗ 802.11g Channel Selector These options extend the range of 802.11g wireless capability by allowing you to select 802.11g wireless channels. Check the corresponding box to enable an 802.11g channel of your choice. ◗ 802.
Access / One® Network – Auto This is the default mode and will enable protection for 802.11g stations if your Access/One Network finds an 802.11b client. In this mode, if the 802.11b client leaves the network the protection mode will revert to None automatically. • Protection Rate Sets the data rate at which the RTS-CTS (Request-to-Send and Clear-toSend) packets are sent (either 1 Mbps, 2 Mbps, 5.5 Mbps, or 11 Mbps). The 11 Mbps data rate is the default.
Access / One® Network ◗ Advanced Settings These advanced settings are preconfigured with the optimum settings for your Access/One Network. Changing any of these settings may negatively affect the network’s performance. For best results, leave these settings at their default values. • Beacon Interval The beacon is a uniframe system packet broadcast by the AP to keep the network synchronized. Enter a value in this field between 20 and 1000 (milliseconds) that specifies the beacon interval.
Access / One® Network Client Connect Client Connect (Virtual/Strix) is the system topology that enables your Access/One Network to support and provide access to client devices using most wireless technologies, including 802.11a or 802.11g. With Client Connect you can customize each network node to support the wireless technologies you need in the locations you need them. Any mix of these technologies can be supported within a single node or across the entire Access/One Network.
Access / One® Network The following options are available with this command: ◗ SSID An SSID (Service Set Identifier) is a unique name shared among all devices in a wireless network. Choose the network (SSID) or choose Add /Remove SSIDs from the pull-down list. If you add an SSID, the new SSID can be up to 32 alphanumeric characters and the characters are case-sensitive. In addition to adding and/or deleting SSIDs, this option allows you to edit an existing SSID name.
Access / One® Network Choose whether the new SSID should be tagged or untagged. However, there can be only one untagged SSID in the SSID table (the default SSID is always untagged). From this window you also have the option of assigning VLAN Security to the new SSID. When you have completed all data input for the creation of your new SSID, click on the Add SSID button. The new SSID is added to the list and will appear in the pulldown list in the main Client Connect window.
Access / One® Network ◗ Client Connect Security Mode This option allows you to establish the authentication and encryption security modes for Client Connects. These include: • Authentication – Open: Used for local authentication. – Shared Key: This option is not currently supported. – Dynamic Key (802.1X): With this option, the RADIUS server gives a key to each user for unicast traffic. Multicast traffic uses the default key.
Access / One® Network Select the desired Authentication and Encryption modes from the available options. If you choose Dynamic (802.1x) or WPA authentication, you must configure the RADIUS server(s) on this page (these fields only appear when Dynamic or WPA is selected as the authentication type). See also, “Radius Accounting” on page 84. Figure 76.
Access / One® Network When you add a new Client Connect security key, the system encrypts the key and the encrypted key appears in the list. You can add up to 4 Client Connect security keys. After adding security keys, select one of the keys to act as the default shared key. Default Shared Key Encrypted Key Figure 79. Encrypted Security Key To delete a Client Connect security key, click on the Enter Key 1 (through 4) button that applies to the key you want to delete.
Access / One® Network Choose the preferred access level from the pull-down list. Your options include: • Disable: All stations/clients can request association with an SSID in your Access/One Network. This means that the ACL will not be checked when a new station attempts to authenticate. • Enable: All stations/clients are assigned a permission status based on their MAC address. If the MAC address of the station attempting to gain access is set to Deny, it will not be allowed to associate with the network.
Access / One® Network Enter the MAC address of the new station/client, then choose the ACL type from the pull-down list. These options include: • Allow • Deny • Default Shared Key • 64 bit (enter 10 digits) • 128 bit (enter 26 digits) • 152 bit (enter 32 digits) If you choose any of the encryption types, enter the key in the Unique Key field. Alternatively, you can choose the Default Shared Key and the system will use the key you assigned as the default in Client Connect Security Keys.
Access / One® Network ◗ SSID Shutdown When enabled, this option shuts down all SSID functionality when network connectivity is lost. With this feature enabled, if connectivity to the gateway is lost, the access point will disassociate all attached wireless clients—the client will know there is a problem and will need to find another access point to reestablish connectivity with the network. The default is disabled. ◗ Discovery Protocols This option enables the Strix Discovery Protocol (browser plug-in).
Access / One® Network When nodes in your Access/One Network are configured for wireless Network Connect, the system provides several distinct advantages over a typical wireless network that uses wired connections. These advantages include: ◗ Secure networking ◗ Self tuning, rapid self-healing, and rogue device detection ◗ Scalability ◗ Simple installation ◗ Lowest cost of deployment This command allows you to define your Network Connect parameters.
Access / One® Network ◗ Auto-Mode Radio Priority (Dual Wi-Fi Radio Only) This option allows you to establish a priority for which radio on the dual band wireless module will operate as a Network Connect in the Auto mode. The available choices are: • 802.11a Only • 802.11a Priority, 802.11g Backup • 802.11g Priority, 802.11a Backup • 802.11g Only ◗ Self-Tuning This feature allows you to enable or disable Background Scanning and configure the Self-Tuning Policy.
Access / One® Network ◗ Self-Tuning Policy You can instruct the system to Never Switch during its self-tuning process, or establish a Switching Frequency (with 5 possible frequency states between stable and aggressive). When background scanning is completed, the selftuning system determines the best potential client, based on RTD/RSSI scores and threshold values obtained during the scanning process. Threshold values become more critical when two Client Connects are very close with their scores.
Access / One® Network To assign a security key, click on the Enter Key button. In the pop-up window, select the key entry method (hexadecimal or ASCII text), then enter the key that will serve as the default key to encrypt packets to be transmitted on a wireless uplink between nodes. The key length is fixed at 152 bits. After entering the key, click on the Update button to assign the key and return to the Network Connect window. Figure 83.
Access / One® Network Rogue Scan This option allows you to define which channels are scanned for rogue devices by the defined country code. From the configuration window, you can enable or disable channels. 5 Figure 84.
Access / One® Network In addition to defining channels, the Rogue Scan configuration window allows you to define a refresh period—the elapsed time after which the network server refreshes the rogue device list. The default is 1 day. Making this refresh period too frequent will adversely impact the performance of the network. Define the Refresh Period 5 Figure 85.