® VA2410 802.11b/g Outdoor Microcell User Guide Manual P/N: 770-01376-01 Release 3.0 August 29, 2005 1 Copyright © 2005, Vivato, Inc.
Copyright © 2005, Vivato, Inc. All rights reserved. No part of this document may be reproduced in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from Vivato, Inc. “Vivato” is a U.S. registered trademark of Vivato, Inc. The content of this manual is furnished for informational use only, and is subject to change without notice. Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide VIVATO, INC. END USER LIMITED WARRANTY AND LICENSE TERMS Limited Warranty Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Vivato does not warrant or accept any responsibility for Product or Software, which has been repaired or altered by anyone other than Vivato, or a Vivato authorized service center. In the event of any such unauthorized repairs or alterations, this warranty shall become void. No agent, distributor, Reseller or representative is authorized to make any warranties or to assume any liabilities on behalf of Vivato.
VA2410 802.11b/g Outdoor Microcell User Guide THIS END USER LICENSE ("EULA") IS A LEGAL AGREEMENT BETWEEN YOU AS "END USER" (AS EITHER AN INDIVIDUAL OR A SINGLE ENTITY) AND VIVATO, INC. ("VIVATO") REGARDING VIVATO PRODUCT ("PRODUCT") AND SOFTWARE ("SOFTWARE"). SOFTWARE INCLUDES ALL SOFTWARE, ASSOCIATED MEDIA, ANY PRINTED MATERIALS, AND ANY "ONLINE" OR ELECTRONIC DOCUMENTS. BY INSTALLING, USING OR DOWNLOADING VIVATO SUPPLIED PRODUCT OR SOFTWARE, YOU ARE CONSENTING TO BE BOUND BY THIS LICENSE.
VA2410 802.11b/g Outdoor Microcell User Guide may be specifically authorized by Vivato in writing. End User shall take reasonable steps to protect Confidential Information, including, without limitation, by restricting disclosure of such Confidential Information only to those persons with a “need to know” and who are subject to confidentiality undertakings.
VA2410 802.11b/g Outdoor Microcell User Guide courts of San Francisco County, California USA or the United States District Court for the Northern District of California shall have exclusive personal jurisdiction over Buyer and proper venue with regard to any claims arising in connection with the purchase, sale, license or performance of any Product or Software, and any objection to the jurisdiction or venue of any such court is hereby waived.
VA2410 802.11b/g Outdoor Microcell User Guide Contents Documentation Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 About This Document. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 User and Developer Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
VA2410 802.11b/g Outdoor Microcell User Guide Viewing User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Adding a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Editing a User Account. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
VA2410 802.11b/g Outdoor Microcell User Guide Navigating to Current SSID Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 Creating and Editing SSIDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 Updating Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
VA2410 802.11b/g Outdoor Microcell User Guide Measuring Interfering Signal Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 11 Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Safety Information You must heed any and all safety precautions and warnings in this document or indicated on the Vivato VA2410 802.11b/g Outdoor Microcell whenever you are operating or servicing this product. Failure to comply with all precautions and warnings found in this document violates the design, manufacture, and intended use requirements of the product. Vivato, Inc. assumes no liability for the operator’s failure to obey these warnings and cautions.
VA2410 802.11b/g Outdoor Microcell User Guide FCC Declaration of Conformity Responsible Party Manufactured by Vivato, Inc. 12610 E Mirabeau Parkway, Suite 900 Spokane, WA, USA Phone: (509) 343-6001, Fax (509) 343-6020 Product: VA2410 802.11b/g Outdoor Microcell This product is certified for home or office use. The Vivato VA2410 802.11b/g Outdoor Microcell has been evaluated under FCC Bulletin OET 65C and found to be compliant to the requirements set forth in CFR 47 15.
VA2410 802.11b/g Outdoor Microcell User Guide Contact Information For customer support: For technical support, contact your Vivato reseller or visit the Vivato Customer Support website. Go to www.vivato.com and select the Customer Support link. Enter the required information for setting up a user account. A support password is e-mailed to you after validating the information (usually within 1 business day).
VA2410 802.11b/g Outdoor Microcell User Guide About This Document This User Guide describes setup, configuration, administration and maintenance of a Vivato 802.11b/g Outdoor Microcell on a wireless network. User and Developer Audience This information is intended for the person responsible for installing, configuring, monitoring, and maintaining the Vivato 802.11b/g Outdoor Microcell. Online Help Features Online Help for the Vivato 802.
VA2410 802.11b/g Outdoor Microcell User Guide Typographical Conventions This guide uses the following typographical conventions: Microcell Unless otherwise specified, refers to the Vivato 802.11b/g Outdoor Microcell.
VA2410 802.11b/g Outdoor Microcell User Guide Introduction Overview of the Vivato 802.11b/g Outdoor Microcell The Vivato 802.11b/g Outdoor Microcell provides continuous, high-speed access between IEEE 802.11 b/ g wireless clients and wired Ethernet networks in an outdoor environment. It is an advanced, standardsbased solution for wireless networking in indoor areas. The Vivato 802.
VA2410 802.11b/g Outdoor Microcell User Guide Basic Service Set Operation The VA2410 supports infrastructure basic service set (BSS) operation, providing all network communications between Wi-Fi clients and the wired network within the area of coverage. Web Page Interface Configuration An easy to use VivatoVision™ web interface is used to configure all settings in the VA2410 Microcell. Features and Benefits IEEE Standards Support • Support for IEEE 802.11b and IEEE 802.11g wireless networking standards.
VA2410 802.11b/g Outdoor Microcell User Guide • User-based access control with local authentication server. • Local user database and user life-cycle management. • MAC address filtering • Hardware watchdog Networking • Dynamic Host Configuration Protocol (DHCP) client support for dynamically assigning network configuration information to systems on the LAN. • Virtual Local Area Network (VLAN) support • Automatic assignment of VLANs from an external RADIUS server.
VA2410 802.11b/g Outdoor Microcell User Guide Indicators and Connectors Figure 1 Internal Indicators and Connections Link Activity Power Activity Ethernet port link activity LED is on when this port connected to a network, and blinks with network activity. Status LEDs LAN wlan0 wlan1 DC IN Radio LEDs blink when radios are enabled. RS232 RESET • DC IN: DC power from the pre-installed AC/DC power adapter. • LAN: 10/100 Ethernet, RJ-45.
VA2410 802.11b/g Outdoor Microcell User Guide • • Installer Connections: • Internal: One RJ-45 jack for a 10/100 Ethernet connection; one DB-9 (m) serial connector; AC power connections. Cables must be routed through chassis knockouts for 1” conduit. Refer to the VA2210/2410 Installation Supplement for details on powering the VA2410. • External: Two RP-TNC (f) jacks for antenna connections. Power Requirements: • Input Voltage: 100 – 120 VAC, 50/60 Hz • Current: 1.
VA2410 802.11b/g Outdoor Microcell User Guide Installation Hardware Description NOTE: Refer to the printed VA2210/2410 802.11 Outdoor Microcell Installation Supplement included with the Microcell for instructions on how to mount and provide power and data connections to the VA2410. The VA2410 consists of a Vivato Wi-Fi Microcell enclosed in a NEMA-4X rated case.
VA2410 802.11b/g Outdoor Microcell User Guide AC Surge Suppression AC power surge suppression is not included with the VA2410, and must be provided by the installer in order to protect the product from damaging AC power surges. Damage to the VA2410 due to power surges is not covered by the product warranty. It is the installer’s responsibility to determine the proper level of surge protection required at the place where the VA2410 is to be installed.
VA2410 802.11b/g Outdoor Microcell User Guide PreLaunch Checklist: Default Settings and Supported User/Client Platforms Before you power-up a new Microcell, review the following sections for a quick check of required hardware components, software, client configurations, and compatibility issues. Make sure you have everything you need ready to go for a successful launch and test of your new (or extended) wireless network. • Vivato 802.11b/g Outdoor Microcell › Default Settings for the Vivato 802.
VA2410 802.11b/g Outdoor Microcell User Guide Default Settings for the Vivato 802.11b/g Outdoor Microcell Option Default Settings System Name VA2410 User Name admin Related Information The user name is read-only. It cannot be modified. Password vivato “Specify a New User Password and the Wireless Network Name” on page 37 in “Configuring Basic Settings” on page 35 “Setting the User Password” on page 71.
VA2410 802.11b/g Outdoor Microcell User Guide Option Default Settings Related Information Transmit Power 100 percent “Configuring Radio Settings” on page 48 Supported Rates (Mbps) • IEEE 802.11b/g: 54, 48, 36, 24, 18, 12, 11, 9, 6, 5.5, 2, 1 “Configuring Radio Settings” on page 48 Basic Rate (Mbps) • IEEE 802.11b/g: 11.0, 5.5, 2.0, 1.
VA2410 802.11b/g Outdoor Microcell User Guide Required Software or Component Description Wireless Connection to the Network After initial configuration and launch of the first Microcell on your new wireless network, you can make subsequent configuration changes through the VivatoVision Web pages using a wireless connection to the "Internal" network.
VA2410 802.11b/g Outdoor Microcell User Guide Wireless Client Computers The Vivato 802.11b/g Outdoor Microcell provides wireless access to any client with a properly configured Wi-Fi client adapter for the 802.11 mode in which the Microcell is running. Multiple client operating systems are supported. Clients can be laptops or desktops, personal digital assistants (PDAs), or any other hand-held, portable or stationary device equipped with a Wi-Fi adapter and supporting drivers.
VA2410 802.11b/g Outdoor Microcell User Guide Quick Steps for Setup and Launch of Your Wireless Network Setting up and deploying one or more Vivato 802.11b/g Outdoor Microcells creates a wireless network. The Basic Settings VivatoVision Web page simplifies this process. Here is a step-by-step guide to setting up your Vivato 802.11b/g Outdoor Microcell and the resulting wireless network. The following topics are discussed: Step 1. Install the Microcell Step 2.
VA2410 802.11b/g Outdoor Microcell User Guide Step 3. Log in to the VivatoVision Web Pages 1. Connect the Microcell to the PC’s NIC through a CAT-5 RJ-45 cable. If connecting directly to the Microcell, use a CAT-5 crossover cable. If connecting through a network device (hub, switch, router) use a standard CAT-5 cable. 2. Power on the Microcell and wait at least 30 seconds for it to fully initialize. 3.
VA2410 802.11b/g Outdoor Microcell User Guide Step 4. Configure the Basic Settings Provide a minimal set of configuration information by defining the basic settings for your wireless network. These settings are available on the Basic Settings page, and are organized as steps 1-3 on the web page. Review Description of this Microcell: › › › › IP Address: Shows the current IP address, but cannot be changed from this screen. MAC Addresses: Shows the MAC addresses of Ethernet port, and cannot be changed.
VA2410 802.11b/g Outdoor Microcell User Guide Default Configuration If you follow the steps above and accept all the defaults, the Microcell will have the default configuration described in “Default Settings” on page 25. Step 5. Specify the IP Address and Security Settings for the Primary Wireless Network The IP address of the Microcell can be configured statically or dynamically to work on your wired network.
VA2410 802.11b/g Outdoor Microcell User Guide 5. Select the STATUS>SSID Table tab, and select the Configure link for the primary network name that you entered. This causes the SSID Configuration page for that network to be displayed. 6. Select the type of security to use on the Primary Wireless Network to secure wireless connections, or leave the setting at "Open" to provide an unsecured network. Be sure to also configure your clients to work with that type of security.
VA2410 802.11b/g Outdoor Microcell User Guide nameserver fields. The Default Gateway and DNS Nameservers can be filled out automatically by a DHCP server that is configured to provide that information when these functions are set to Dynamic. When set to Manual, the user must enter the IP address of the device. See “Global Network Settings” on page 39. Select Update to save these settings. Next Steps 1. Connect the Microcell directly to your wired network. 2.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring Basic Settings The basic configuration tasks are described in the following sections: • Navigating to Basic Settings • Review Description of the Microcell • Specify a New User Password and the Wireless Network Name • Update Basic Settings • At initial startup, no security is in place on the Microcell. An important next step is to configure security, as described in “Configuring Security” on page 90.
VA2410 802.11b/g Outdoor Microcell User Guide number of wireless client users that have been configured on the internal RADIUS server. Review Description of the Microcell Field Description IP Address Shows IP address assigned to this Microcell. The address is not editable here, but can be changed on the Interface Network Settings screen. See “Setting Interface IP Addresses” on page 41.
VA2410 802.11b/g Outdoor Microcell User Guide Specify a New User Password and the Wireless Network Name Field Description Administrator Password Enter a new administrator password. The characters you enter will be displayed as "*" characters to prevent others from seeing your password as you type. The password must be an alphanumeric strings of up to 32 characters. Do not use special characters or spaces.
VA2410 802.11b/g Outdoor Microcell User Guide Update Basic Settings When you have reviewed the new configuration, click Update to apply the settings and deploy the Microcell as a wireless network. At initial startup, no security is in place on the Microcell. An important next step is to configure security, as described in “Configuring Security” on page 89. Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Global Network Settings Global Network Settings specify the IP addresses for the default gateway and domain name server(s) (DNS) on your Ethernet local area network (LAN).
VA2410 802.11b/g Outdoor Microcell User Guide Specifying the DNS Nameservers The DNS Nameserver associates domain names (like "vivato.net") with their IP addresses. This allows you to enter the domain name directly rather than having to know the actual IP address. Up to two IP addresses can be specified to provide for redundant nameserver operation.
VA2410 802.11b/g Outdoor Microcell User Guide Setting Interface IP Addresses Each network within the VA2410 can have its own IP Address assigned to it. At least one interface must have an IP address assigned to it in order to provide access to the VivatoVision web user interlace. By default, a wireless network called "Internal Vivato Network" is configured on the VA2410 with an IP address of 169.254.20.1. To view or change IP addresses, navigate to the INTERFACE MANAGEMENT > Interface Network Settings.
VA2410 802.11b/g Outdoor Microcell User Guide Managing User Accounts The Vivato 802.11b/g Outdoor Microcell includes a built-in remote authentication dial-in user service (RADIUS) server that is used to configure user accounts to provide secured wireless network access. User management and authentication must always be used in conjunction with the following two security modes which require the use of a RADIUS server for user authentication and management. • IEEE 802.1x mode (see “IEEE 802.
VA2410 802.11b/g Outdoor Microcell User Guide Navigating to User Management To set up or modify user accounts, click the SYSTEM MANAGEMENT>User Management tab. Viewing User Accounts User accounts are shown at the top of the screen under "User Accounts". User name, real name, and status (enabled or disabled) are shown. You make modifications to an existing user account by first selecting the checkbox next to a user name and then choosing an action. (See “Editing a User Account” on page 44.
VA2410 802.11b/g Outdoor Microcell User Guide Field Description Real Name For information purposes, provide the user’s full name. There is a 256 character limit on real names. Password Specify the password for this user. Enter the same password again for safety. Passwords are alphanumeric strings of up to 256 characters. Do not use special characters or spaces. 2. When you have filled in the fields, click Add Account to add the account. The new user is then displayed in the "User Accounts".
VA2410 802.11b/g Outdoor Microcell User Guide network access for 3 months at a time, then be off for 3 months, and back on for another assignment. You can enable and disable these user accounts as needed, and control access as appropriate. Enabling a User Account To enable a user account, click the checkbox next to the user name and click Enable. A user with an account that is enabled can log on to the wireless Microcells in your network as a client.
VA2410 802.11b/g Outdoor Microcell User Guide Enabling the Network Time Protocol Server The Network Time Protocol (NTP) is an Internet standard protocol that synchronizes computer clock times on your network. NTP servers transmit Coordinated Universal Time (UTC, also known as Greenwich Mean Time) to their client systems. NTP sends periodic time requests to servers, using the returned time stamp to adjust its clock. The timestamp will be used to indicate the date and time of each event in log messages.
VA2410 802.11b/g Outdoor Microcell User Guide Enabling or Disabling a Network Time Protocol (NTP) Server To configure your Microcell to use a network time protocol (NTP) server, first enable the use of NTP, and then select the NTP server you want to use. (To shut down NTP service on the network, disable NTP on the Microcell.) Field Description Network Time Protocol NTP provides a way for the Microcell to obtain and maintain its time from a server on the network.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring Radio Settings The following sections describe how to configure Radio Settings on the Vivato 802.11b/g Outdoor Microcell: • Understanding Radio Settings • Configuring Radio Settings • Updating Settings Understanding Radio Settings Radio settings on the Wireless Configuration (Radio) screen directly control the behavior of the two radio devices in the Microcell.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring Radio Settings To change an existing setting, de-select the corresponding "Use Current Settings" checkbox for that setting first, then change the setting. Be sure to leave the checkbox unchecked when you check Update button, otherwise the previous setting will continue to be used. Field Description Radio Interfaces The Vivato 802.11b/g Outdoor Microcell contains two radios.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Radio Interface Specify whether you want one or both radios on or off by selecting Enable or Disable. CTS Protection Channel CTS Protection is used to prevent data collisions when both 802.11b and 802.11g clients are present. When enabled, CTS Protection transmits a clear to send (CTS) message to itself at an 802.11b rate. This lets the 802.11b clients know that an 802.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) RTS Threshold Specify an RTS Threshold value, in bytes, between 0 and 2347. The RTS threshold specifies the frame size before a request to send (RTS) transmission is performed. This helps control traffic flow through the Microcell, especially one with a lot of clients. If you specify a low threshold value, RTS packets will be sent more frequently.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Rate Sets Check the transmission rate sets you want the Microcell to support and the basic rate sets you want the Microcell to use when setting up communications. Rates are expressed in megabits per second. • Supported Rate Sets indicate rates that the Microcell supports for data traffic to/from the client. These rates are advertised in the radio’s beacons to let clients know what rates they can use.
VA2410 802.11b/g Outdoor Microcell User Guide Viewing the Wireless Interface Settings The Wireless Settings screen lists all of the wireless interfaces on the Microcell and their current configuration. Selecting "Configure" for any of the wireless interfaces displays the Radio screen. See “Configuring Radio Settings” on page 48 for a description of what each parameter means and how to alter its current value.
VA2410 802.11b/g Outdoor Microcell User Guide Controlling Access by MAC Address Filtering A Media Access Control (MAC) address is a hardware address that uniquely identifies each node of a network. All IEEE 802 network devices share a common 48-bit MAC address format, usually displayed as a string of 12 hexadecimal digits separated by colons, for example 00:DC:BA:09:87:65. Each wireless network interface card (NIC) used by a wireless client has a unique MAC address.
VA2410 802.11b/g Outdoor Microcell User Guide 55 Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Using MAC Filtering This page allows you to control access to Vivato 802.11b/g Outdoor Microcell based on Media Access Control (MAC) addresses. Based on how you set the filter, you can allow only client stations with a listed MAC address or prevent access to the stations listed. MAC Filtering settings apply to all radios. Field Description Filter To set the MAC Address Filter, click one of the following radio buttons: • Allow only stations in the list.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring Queues for Quality of Service (QoS) Quality of Service (QoS) provides you with the ability to specify parameters on multiple queues for increased throughput and better performance of differentiated wireless traffic like Voice-over-IP (VoIP), video, and streaming media as well as traditional IP data over the Vivato 802.11b/g Outdoor Microcell. The following sections describe how to configure Quality of Service queues on the Vivato 802.
VA2410 802.11b/g Outdoor Microcell User Guide The VivatoVision UI provides a way for you to configure parameters on the queues. QoS Queues and Type of Service (ToS) on Packets QoS on the Vivato 802.11b/g Outdoor Microcell leverages existing information in the IP packet header related to Type of Service (ToS). Every IP packet sent over the network includes a ToS field in the header that indicates how the data should be prioritized and transmitted over the network.
VA2410 802.11b/g Outdoor Microcell User Guide Note A Frame is similar in concept to a Packet, the difference being that a packet operates on the Network layer (layer 3 in the OSI model) whereas a frame operates on the Data-Link layer (layer 2 in the OSI model). Each frame includes a source and destination MAC address, a control field with protocol version, frame type, frame sequence number, frame body (with the actual information to be transmitted) and frame check sequence for error detection. The 802.
VA2410 802.11b/g Outdoor Microcell User Guide • If the first random backoff time ends before successful transmission of the data frame, the Microcell increments a retry counter, and doubles the value of the random backoff window. The value specified in the Maximum Contention Window is the upper limit for this doubling of the random backoff. This doubling continues until either the data frame is sent or the Maximum Contention Window size is reached.
VA2410 802.11b/g Outdoor Microcell User Guide Field Description Queue Queues are defined for different types of data transmitted from VA2410-to-station: Data 0 (bulk) Lowest priority queue, high throughput. Bulk data that requires maximum throughput and is not time-sensitive is sent to this queue (FTP data, for example).
VA2410 802.11b/g Outdoor Microcell User Guide Field Description Min. Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time ("window") for retry of a transmission. The value specified here in the Minimum Contention Window is the upper limit (in milliseconds) of a range from which the initial random backoff wait time is determined. The first random number generated will be a number between 0 and the number specified here.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring the Wireless Distribution System (WDS) The Vivato 802.11b/g Outdoor Microcell lets you connect multiple Microcells and base stations together using a Wireless Distribution System (WDS). WDS allows Microcells and base stations to communicate with one another wirelessly in a standardized way. This capability is critical in providing an uninterrupted experience for roaming clients and for managing multiple wireless networks.
VA2410 802.11b/g Outdoor Microcell User Guide them to create a single network in both areas. Client Station Client Station Client Station WDS Bridge "Main Floor" VP2200 Client Station LAN segment "A" LAN segment "B" Using WDS to Extend the Network Beyond the Wired Coverage Area An ESS can extend the reach of the network into areas where cabling would be difficult, costly, or inefficient.
VA2410 802.11b/g Outdoor Microcell User Guide For more information, see the "Do not create loops" note under “Configuring WDS Settings” on page 67. Security Considerations Related to WDS Bridges Static Wired Equivalent Privacy (WEP) is a data encryption protocol for 802.11 wireless networks. Both devices in a WDS link must be configured with the same security settings.
VA2410 802.11b/g Outdoor Microcell User Guide Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring WDS Settings The following notes summarize some critical guidelines regarding WDS configuration. Please read all the notes before proceeding with WDS configuration. Notes • The only security mode available on the WDS link is Static WEP, which is not particularly secure. Do not use WDS to bridge Microcells on the Internal network unless you are not concerned about the security risk for data traffic on that network.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Mode Select 802.11b or 802.11g. Be sure to use the same mode on the device at the other end of the WDS link. WEP Specify whether you want Wired Equivalent Privacy (WEP) encryption enabled for the WDS link. • Enabled • Disabled Wired Equivalent Privacy (WEP) is a data encryption protocol for 802.11 wireless networks. Both Microcells on the WDS link must be configured with the same security settings.
VA2410 802.11b/g Outdoor Microcell User Guide Address" at the top of the page. 3. Configure a WDS interface for data exchange with MyVBS2. Start by entering the Local Address of the radio used for the WDS link on MyVBS2 as the "Remote Address". Fill in the rest of the fields to specify the security of the link and save the settings (click Update). Remember that if you choose to use WEP security on the WDS link you must use the identical settings on MyVBS2. 4.
VA2410 802.11b/g Outdoor Microcell User Guide › Configure a WDS interface for data exchange with MyVBS1, starting with the Local Address of the radio used for the WDS link on MyVBS1. › Navigate to the radio settings for MyVBS2 to verify that it is using the same mode and broadcasting on the same channel as MyVBS1. (For our example Mode is 802.11b and the channel is 6.) › Bind the WDS interface to the SSID used to pass traffic on this Microcell (as shown in step 5).
VA2410 802.11b/g Outdoor Microcell User Guide Configuring The User Password The administrator password controls access to the VivatoVision Web pages for the Vivato 802.11b/g Outdoor Microcell. The password can be set on this screen and also on the Network > Basic Settings page. The new password is updated when you enter it in either place and apply the change. The following sections describe how to configure the Administrator password on the Vivato 802.
VA2410 802.11b/g Outdoor Microcell User Guide unattended. Field Description Existing Password Enter the existing password. New Password Enter a new administrator password. The text you enter will be displayed as "*" characters to prevent others from seeing your password as you type. The User password must be an alphanumeric strings of up to 32 characters. Do not use special characters or spaces. Re-enter the new administrator password to confirm that you typed it as intended.
VA2410 802.11b/g Outdoor Microcell User Guide Maintenance and Monitoring The following maintenance and monitoring topics are covered. • Interfaces • Event Log • Transmit/Receive Statistics • Associated Wireless Clients • Resetting the Configuration • Upgrading the Firmware • Rogue Access Points Interfaces To view wired (Ethernet) and wireless (WLAN) settings, navigate to STATUS > Interfaces. This page displays the Wired Settings and the Wireless Settings for the Microcell.
VA2410 802.11b/g Outdoor Microcell User Guide Wireless Settings The current Wireless Interface settings include the MAC addresses (read-only), the Mode (802.11b or 802.11g) and the channel number, and the beacon Interval. See “Configuring Radio Settings” on page 48 for more information.) Event Log To view a list of the Microcell’s system operating message, navigate to STATUS > Events on the VivatoVision Web pages. Event logging is enabled/disabled on the SYSTEM MANAGEMENT> System Logging screen.
VA2410 802.11b/g Outdoor Microcell User Guide Transmit/Receive Statistics To view transmit/receive statistics for a particular SSID, navigate to STATUS > Transmit/Receive Statistics on the VivatoVision Web pages and select the SSID that you want to monitor. This page provides some basic information about the SSID and a real-time display of the transmit and receive statistics for this Microcell as described in the following table.
VA2410 802.11b/g Outdoor Microcell User Guide Associated Wireless Clients To view the client stations associated with the Microcell, navigate to STATUS > Client Association Table on the VivatoVision Web pages.. Field Description RADIO This is the wireless interface that the client is associating through. NETWORK This is the SSID to which the client is associated. VLAN The is the VLAN ID number used for this network. IP ADDRESS The associated client’s IP address.
VA2410 802.11b/g Outdoor Microcell User Guide Click the SYSTEM MANAGEMENT > Reboot tab. 8. Click the Reboot button. The VA2410 reboots. See also “Resetting the Configuration”. Resetting the Configuration Resetting the Configuration If you are experiencing extreme problems with the Vivato 802.11b/g Outdoor Microcell and have tried all other troubleshooting measures, use the Reset Configuration function.
VA2410 802.11b/g Outdoor Microcell User Guide 1. Click the SYSTEM MANAGEMENT > Reset Configuration tab. 2. Click the Reset button. Factory defaults are restored. Upgrading the Firmware As new versions of the Vivato 802.11b/g Outdoor Microcell firmware become available, you can upgrade the firmware on your devices to take advantages of new features and enhancements. 1. Set Up a User Account on the Vivato Customer Support Website The latest firmware is available from the Vivato Customer Support site at www.
VA2410 802.11b/g Outdoor Microcell User Guide 2. Search the Knowledge Base For the Latest Firmware Search the Customer Support Knowledge Base for the keyword "firmware", and select the latest entry for the VA2410 Outdoor Microcell. 3. Click on the firmware file listed under "File Attachments", and select to "Save" the file to your local PC. Note The firmware upgrade file must be in the format VA2400.bin 4. Navigate to SYSTEM MANAGEMENT > Upgrade Firmware on the VivatoVision Web pages.
VA2410 802.11b/g Outdoor Microcell User Guide Verifying the Firmware Upgrade To verify that the firmware upgrade completed successfully, check the firmware version shown on the SYSTEM MANAGEMENT > Upgrade tab (and also on the Basic Settings tab). If the upgrade was successful, the updated version name or number will be indicated. Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Rogue Access Points The status page for rogue access points provides real-time statistics for all Microcells, Wi-Fi base stations, and access points within range of the Microcell on which you are viewing the VivatoVision Web pages. This information can be extremely helpful in identifying possible sources of interference from devices that are sharing the 802.11 frequency bands..
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Beacon Interval Shows the Beacon interval being used by this device. Beacon frames are transmitted by a Microcell at regular intervals to announce the existence of the wireless network. The default behavior is to send a beacon frame once every 100 milliseconds (or 10 per second). The Beacon Interval is set on the INTERFACE MANAGEMENT > Wireless Configuration Radio screen. (See “Configuring Radio Settings” on page 48.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Last Beacon Shows the date and time of the most recent beacon was transmitted from the device. Rates Shows supported and basic (advertised) rate sets for the neighboring device. Rates are shown in megabits per second (Mbps). All Supported Rates are listed, with Basic Rates shown in bold. Rate sets are configured on the INTERFACE MANAGEMENT > Wireless Configuration (Radio) screen.
VA2410 802.11b/g Outdoor Microcell User Guide Creating and Managing Multiple Networks (SSIDs) Each time an SSID is created, the Microcell creates a new bridge that connects all of the selected interfaces. The Microcell comes with a default bridge (SSID) that cannot be deleted, which is referred to as the "Primary Wireless Network" on the Basic Settings page. The IP address on that bridge is used to access the VivatoVision web interfaces.
VA2410 802.11b/g Outdoor Microcell User Guide Navigating to Current SSID Settings To view the status of existing SSIDs, navigate to the STATUS > SSID Table tab. Field* Description SSID NAME The name assigned to this network. The first entry is always the name entered for the "Primary Wireless Network Name (SSID)" entered on the BASIC SETTINGS screen during initial configuration. This is the default wireless network and cannot be deleted.
VA2410 802.11b/g Outdoor Microcell User Guide Creating and Editing SSIDs To create or edit SSIDs, navigate to the INTERFACE MANAGEMENT > SSID Configuration tab. Table 2 SSID Configuration Settings Field Description SSID Name Enter a name of up to 32 characters in length to identify this network. Radio Interfaces Select which radios to use in this network. Ethernet Interface Select which Ethernet interface(s) (if any) to use with this network.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Beacon Select whether or not to send beacons for this network. Beacons identify this network to other devices with several types of information, such as the BSSID (MAC address) of the wireless radio sending the beacon and the SSID name (Broadcast SSID) that clients see in there list of available wireless networks.
VA2410 802.11b/g Outdoor Microcell User Guide Automatic VLAN Assignment When a new SSID interface is created, it is assigned a VLAN ID number. This number is used to create an IEEE 802.1Q tag that is appended to packets sent out of the Ethernet or WDS interface used by that SSID for a backhaul connection. VLANs can also be created dynamically on the Microcell when an external RADIUS server is used for client authentication (using 802.1x or WPA security).
VA2410 802.11b/g Outdoor Microcell User Guide Configuring Security Each SSID network that you configure on the Microcell has its own Security Mode associated with it. Each client that associates through that SSID must be configured to use those security settings in order to access the network. For information on creating and editing SSIDs, see “Creating and Editing SSIDs” on page 86.
VA2410 802.11b/g Outdoor Microcell User Guide See also the related topic, “Appendix A. Configuring Security Settings on Wireless Clients” on page 124. How Do I Know Which Security Mode to Use? It is recommended you use the most robust security mode that is feasible in your environment. When configuring security on the Microcell, you first must choose the security mode, then enter specific settings for that type of security, such as the authentication algorithm to use.
VA2410 802.11b/g Outdoor Microcell User Guide Recommendations Plain text mode is not recommended for regular use on the Internal network because it is not secure. Therefore, only use plain text mode for a guest network or when performing the initial Microcell setup, or during testing or problem solving. See Also For information on how to configure plain text mode, see “Plain-text” on page 96 under “” on page 95.
VA2410 802.11b/g Outdoor Microcell User Guide Key Management Encryption Algorithm User Authentication IEEE 802.1x provides dynamicallygenerated keys that are periodically refreshed. An RC4 stream cipher is used to encrypt the frame body and cyclic redundancy checking (CRC) of each 802.11 frame. IEEE 802.1x mode supports a variety of authentication methods, like certificates, Kerberos, and public key authentication with a RADIUS server. There are different Unicast keys for each station.
VA2410 802.11b/g Outdoor Microcell User Guide used with WPA modes are far superior to the RC4 algorithm used for Static WEP or IEEE 802.1x modes. Therefore, CCMP (AES) or TKIP should be used whenever possible. All WPA modes allow you to use these encryption schemes, so WPA security modes are recommended above the others when using WPA is an option. Additionally, this mode (WPA with RADIUS) incorporates a RADIUS server for user authentication which is more effective than WPA-PSK.
VA2410 802.11b/g Outdoor Microcell User Guide Recommendations WPA w/PSK is not recommended for use with the Vivato VA2410 when WPA with RADIUS is an option. We recommend that you use WPA with RADIUS mode instead, unless you have interoperability issues that prevent you from using this mode. For example, some devices on your network may not support WPA with EAP talking to a RADIUS server.
VA2410 802.11b/g Outdoor Microcell User Guide “Creating and Managing Multiple Networks (SSIDs)” on page 84 . Configuring Security Settings The following configuration information explains how to configure security modes on the Microcell. Keep in mind that each wireless client that wants to exchange data with the Microcell must be configured with the proper security settings as well. Field Description Security Mode Select the Security Mode.
VA2410 802.11b/g Outdoor Microcell User Guide Plain-text Plain Text means any data transferred to and from the Vivato 802.11b/g Outdoor Microcell is not encrypted. There are no further options for "Plain-text" mode. Plain text mode can be useful during initial network configuration or for problem solving, but it is not recommended for regular use on the Internal network because it is not secure. Static WEP Wired Equivalent Privacy (WEP) is a data encryption protocol for 802.11 wireless networks.
VA2410 802.11b/g Outdoor Microcell User Guide . Field Description Transfer Key Index Select a key index from the drop-down menu. Key indexes 1 through 4 are available. The default is 1. The Transfer Key Index indicates which WEP key the Microcell will use to encrypt the data it transmits.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Authentication Algorithm The authentication algorithm defines the method used to determine whether a client station is allowed to associate with a Microcell when static WEP is the security mode.
VA2410 802.11b/g Outdoor Microcell User Guide Example of Using Static WEP For a simple example, suppose you configure three WEP keys on the Microcell. In our example, the Transfer Key Index for the VA2410 is set to"3". This means that the WEP key in slot "3" is the key the Microcell will use to encrypt the data it sends. Figure 3 Setting the Transfer Key on the Microcell You must then set all client stations to use WEP and provide each client with one of the slot/key combinations you defined on the VA2410.
VA2410 802.11b/g Outdoor Microcell User Guide Static WEP with Transfer Key Indexes on Client Stations Some Wireless client software (like Funk Odyssey) lets you configure multiple WEP keys and set a transfer index on the client station, then you can specify different keys to be used for station-to-VA2410 transmissions. (The standard Windows wireless client software does not allow you to do this.
VA2410 802.11b/g Outdoor Microcell User Guide MAC filtering can also be used in conjunction with an external RADIUS authentication server to provide a two-tiered approach to authenticating wireless clients. When selected, MAC filtering is performed on the incoming client packets to explicitly allow or deny specific clients. If the filter allows passage of the packet, its authentication request is forwarded to the RADIUS server.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Radius MAC Filtering When unchecked, client (station) authentication requests are passed directly to the specified RADIUS server(s). Checking this box causes the VA2410 to first use the MAC Filtering settings on the VA2410 to filter clients that are specifically allowed or denied authentication. See “Navigating to MAC Filtering Settings” on page 54.
VA2410 802.11b/g Outdoor Microcell User Guide Alliance subset of IEEE 802.11i, which includes Temporal Key Integrity Protocol (TKIP), Counter mode/ CBC-MAC Protocol (CCMP), and Advanced Encryption Standard (AES) mechanisms. This mode requires the use of a RADIUS server to authenticate users, and configuration of user accounts via the Network > User Management tab.
VA2410 802.11b/g Outdoor Microcell User Guide Field Description Cipher Suites Select the cipher you want to use from the drop-down menu: • TKIP • CCMP (AES) • Both Temporal Key Integrity Protocol (TKIP) is the default. TKIP provides a more secure encryption solution than WEP keys. The TKIP process more frequently changes the encryption key used and better ensures that the same key will not be re-used to encrypt data (a weakness of WEP).
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Authentication Server Select one of the following from the drop-down menu: • Built-in - To use the authentication server provided with the Vivato 802.11b/g Outdoor Microcell. If you choose this option, you do not have to provide the Radius IP and Radius Key; they are automatically provided. • External - To use an external authentication server.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) Radius Key Enter the Radius Key in the text box. The Radius Key is the shared secret key for the RADIUS server. The text you enter will be displayed as "*" characters to prevent others from seeing the RADIUS key as you type. (The Vivato 802.11b/g Outdoor Microcell internal authentication server key is secret.) This value is never sent over the network. Radius Key Confirmation Re-enter the same Radius Key.
VA2410 802.11b/g Outdoor Microcell User Guide WPA-PSK Wi-Fi Protected Access (WPA) with Pre-Shared Key (PSK) is a Wi-Fi Alliance subset of IEEE 802.11i, which includes Temporal Key Integrity Protocol (TKIP), Advanced Encryption Algorithm (AES), and Counter mode/CBC-MAC Protocol (CCMP) mechanisms. PSK employs a pre-shared key. This is used for an initial check of credentials only.
VA2410 802.11b/g Outdoor Microcell User Guide Field Description Key The Pre-shared Key is the shared secret key for WPA-PSK. Enter the proper number and type of characters for the selected Key Type. Key Confirmation Re-enter the same pre-shared key. Updating Settings To apply your changes, click Update. Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Specifying the Management Interface(s) Access to the VivatoVision configuration web pages can be restricted to one or more interfaces. This is typically done to prevent unauthorized access to the VA2410’s configuration. Navigating to the Management Interfaces Settings To access the Management Interfaces settings, navigate to the INTERFACE MANAGEMENT > Management Interfaces tab.
VA2410 802.11b/g Outdoor Microcell User Guide Simple Network Management Protocol (SNMP) Simple Network Management Protocol (SNMP) is a network management and monitoring system that can be used to change2 and monitor settings within the Microcell. The Microcell contains program routines called "agents" that monitor the state of settings and network conditions and send that information to management information bases (MIBs).
VA2410 802.11b/g Outdoor Microcell User Guide Field Description SNMP Enable or Disable SNMP operation. System Name What you call this Microcell in your network. System Location Enter the physical location of this Microcell. This may be used to distinguish it from another Microcell located in the same area. System Contact Enter the name of the person who is responsible for maintaining the configuration of the Microcell.
VA2410 802.11b/g Outdoor Microcell User Guide Enabling Logging System messages can be displayed on the VivatoVision Events page, and can also be sent to a remote system logging (syslog) server to maintain a record of system conditions.
VA2410 802.11b/g Outdoor Microcell User Guide Field Description Log Select Enable or Disable to turn logging on or off, respectively. This control effects logging to both the Events VivatoVision web page and to a remote syslog server (if configured). Server Enter the IP address of the remote syslog server. A host name can be entered if a DNS nameserver is on the network with an entry for that host. Port Enter the UDP port number for syslog operation on the remote host.
VA2410 802.11b/g Outdoor Microcell User Guide Mesh Network Operation A mesh network consists of two or more wireless devices (such as Microcells and Wi-Fi base stations) that work together to provide a network backhaul connection to clients. It is similar in many ways to using WDS links, but includes the ability to dynamically create data links between Microcells and base stations as new ones are added or when one of them is shut down.
VA2410 802.11b/g Outdoor Microcell User Guide In the example illustrated above, two parent/root nodes (labeled A and B) are used to provide a path to the same wired network. The figure shows that Parent/Root A is currently providing a backhaul connection to Child 1 through a single hop. It is also providing the backhaul to Child 2 through a single hop, which in turn uses its second radio to provide the backhaul to Child 3 (resulting in two hops to that child).
VA2410 802.11b/g Outdoor Microcell User Guide Rebooting After Changing Mesh Settings and After Firmware Upgrades Mesh setting changes do not take effect until after the base station has been rebooted. Therefore whenever you change your mesh configuration, you must reboot the product.
VA2410 802.11b/g Outdoor Microcell User Guide Field Description Mesh Functionality Select Enable or Disable to turn mesh operation on or off, respectively. Mesh Maximum Hops Enter the maximum number of hops that can be used by a client node to reach a root node. This setting is only used for wireless interfaces that are configured to operate as mesh uplink (child) nodes. Mesh Root Node Root node operation can be used when a wired backhaul connection is provided to the Microcell.
VA2410 802.11b/g Outdoor Microcell User Guide Field (Continued) Description (Continued) ESSID Enter the mesh network name used by all devices configured in the network. The name must be in the range of 1 to 32 characters. A mesh node will only associate with another node configured with the same mesh ESSID. The mesh ESSID is only seen by other mesh nodes, and is not displayed on a client’s list of available wireless networks.
VA2410 802.11b/g Outdoor Microcell User Guide Navigating to Wireless Interface Mesh Settings The following sections describe how to configure wireless interface mesh settings: To access the wireless interface mesh network configuration settings, navigate to the INTERFACE MANAGEMENT > Mesh Interfaces tab. De-select the appropriate Use Current settings box to be able to change a setting. 119 Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Field Description Radio Interfaces Select the interfaces to configure by selecting the appropriate check boxes, or choose Select All to configure all wireless interfaces at the same time. Mode Select if this wireless interface should be used for mesh operation: • Uplink: Use this interface to connect to a downlink radio from a root node or a parent node. When configured as a child, this interface cannot be used to provide wireless client access.
VA2410 802.11b/g Outdoor Microcell User Guide Navigating to the Mesh Status Screen To view an overview of mesh operation on the Microcell, navigate to STATUS > Mesh Status. Field Description INTERFACE The wireless interfaces on the Microcell. MAC The MAC address of the wireless interface on the Microcell. MODE This is the type of mesh operation configured on this interface. Downlink is the only mesh operation supported; disable is selected when an interface is not used in a mesh network.
VA2410 802.11b/g Outdoor Microcell User Guide System Recovery The VA2410 uses the Linux operating system. Whenever a setting on the VA2410 is changed using the web interface and "Update" is selected, a file called "apconfig.xml" is automatically updated to include the changes. This includes changes to the administrator password and IP address used to access the VivatoVision web interface along with any other configuration changes.
VA2410 802.11b/g Outdoor Microcell User Guide 7. After full reboot (~30 seconds), use the default IP address of 169.254.20.1 and the default user name and password of "admin" and "vivato" (respectively) to access the web interface and reconfigure the VA2410. 123 Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Appendix A. Configuring Security Settings on Wireless Clients Often, users will configure security on their wireless clients for access to many different networks. The list of "Available Networks" will change depending on the location of the client and which VA2410s are online and detectable in that location.
VA2410 802.11b/g Outdoor Microcell User Guide • Obtaining a TLS-EAP Certificate for a Client Network Infrastructure and Choosing Between Built-in or External Authentication Server Network security configurations including Public Key Infrastructures (PKI), Remote Authentication Dial-in User Server (RADIUS) servers, and Certificate Authority (CA) can vary a great deal from one organization to the next in terms of how they provide Authentication, Authorization, and Accounting (AAA).
VA2410 802.11b/g Outdoor Microcell User Guide latest drivers. Accessing the Microsoft Windows Wireless Client Security Settings Generally, on Windows XP™ there are two ways to get to the security properties for a wireless client: 1. From the wireless connection icon on the Windows task bar: › Right-click on the Wireless connection icon in your Windows task bar and select View available wireless networks.
VA2410 802.11b/g Outdoor Microcell User Guide List of available networks will change depending on client location. Each network (or Microcell) that that is detected by the client shows up in this list. ("Refresh" updates the list with current information.) For each network you want to connect to, configure security settings on the client to match the security mode being used by that network.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring a Client to Access an Unsecure Network (Plain Text mode) If the Microcell or wireless network to which you want to connect is configured as "Plain Text" security mode (no security), you need to configure the client accordingly. A client using no security to connect is configured with Network Authentication "Open" to that network and Data Encryption "Disabled" as described below.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring Static WEP Security on a Client Static Wired Equivalent Privacy (WEP) encrypts data moving across a wireless network based on a static (non-changing) key. The encryption algorithm is a "stream" cipher called RC4. The Microcell uses a key to transmit data to the client stations. Each client must use that same key to decrypt data it receives from the Microcell. Different clients can use different keys to transmit data to the Microcell.
VA2410 802.11b/g Outdoor Microcell User Guide Association Tab Network Authentication "Open" or "Shared", depending on how you configured this option on the Microcell. Note: When the Authentication Algorithm on the Microcell is set to "Both", clients set to either Shared or Open can associate with the VA2410. Clients configured to use WEP in Shared mode must have a valid WEP key in order to associate with the VA2410.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring IEEE 802.1x Security on a Client IEEE 802.1x is the standard defining port-based authentication and infrastructure for doing key management. Extensible Authentication Protocol (EAP) messages sent over an IEEE 802.11 wireless network using a protocol called EAP Encapsulation Over LANs (EAPOL). IEEE 802.1x provides dynamically-generated keys that are periodically refreshed.
VA2410 802.11b/g Outdoor Microcell User Guide Choose Open Choose WEP Data Encryption mode Enable (click to check) IEEE 8021x authentication . . . then, click Choose Protected EAP (PEAP) "Properties" Enable auto key option 1 Disable (click to un-check) "Validate server certificate" 2 Choose "secured password (EAP-MSCHAP v2)" . . . then click "Configure" Disable (click to un-check) option to automatically use Windows logon name and password 3 Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide 1. Configure the following settings on the Association tab on the Network Properties dialog. Association Tab Network Authentication Open Data Encryption WEP Note: An RC4 stream cipher is used to encrypt the frame body and cyclic redundancy checking (CRC) of each IEEE 802.11 frame. This is the same encryption algorithm as is used for Static WEP; therefore, the data encryption method configured on the client for this mode is WEP.
VA2410 802.11b/g Outdoor Microcell User Guide IEEE 802.1x Client Using EAP/TLS Certificate Extensible Authentication Protocol (EAP) Transport Layer Security (TLS), or EAP-TLS, is an authentication protocol that supports the use of smart cards and certificates. You have the option of using EAP-TLS with both WPA with RADIUS and IEEE 802.1x modes if you have an external RADIUS server on the network to support it. Note If you want to use IEEE 802.
VA2410 802.11b/g Outdoor Microcell User Guide Choose Open Choose WEP Data Encryption mode Enable (click to check) IEEE 8021x authentication Choose Smart Card/Certificate . . . then, click "Properties" Enable auto key option 1 2 Enable (click to check) "Validate server certificate" Select (check) the name of certificate on this client (downloaded from RADIUS server in a prerequisite procedure) 3 135 Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide 1. Configure the following settings on the Association tab on the Network Properties dialog. Association Tab Network Authentication Open Data Encryption WEP Note: An RC4 stream cipher is used to encrypt the frame body and cyclic redundancy checking (CRC) of each IEEE 802.11 frame. This is the same encryption algorithm as is used for Static WEP; therefore, the data encryption method configured on the client for this mode is WEP.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring WPA with RADIUS Security on a Client Wi-Fi Protected Access (WPA) with Remote Authentication Dial-In User Service (RADIUS) is a Wi-Fi Alliance subset of IEEE 802.11i, which includes Temporal Key Integrity Protocol (TKIP), and Counter mode/ CBC-MAC Protocol IEEE. This mode requires the use of a RADIUS server to authenticate users, and configuration of user accounts on the Microcell.
VA2410 802.11b/g Outdoor Microcell User Guide If you configured the Vivato 802.11b/g Outdoor Microcell to use WPA with RADIUS security mode and to use either the Built-in Authentication Server or an external RADIUS server that uses EAP/PEAP . . . First set up user accounts on the Microcell (User Management). . . . . . . then configure WPA security with PEAP authentication on each client as follows. Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Choose WPA Choose either TKIP or AES for the Data Encryption mode 1 Disable (click to un-check) "Validate server certificate" Choose Protected EAP (PEAP) . . . then, click "Properties" 2 Choose "secured password (EAP-MSCHAP v2)" . . . then click "Configure" Disable (click to un-check) this option 3 139 4 Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide 1. Configure the following settings on the Association and Authentication tabs on the Network Properties dialog. Association Tab Network Authentication WPA Data Encryption TKIP or AES depending on how this option is configured on the Microcell. Note: When the Cipher Suite on the Microcell is set to "Both", then TKIP clients with a valid TKIP key and AES clients with a valid CCMP (AES) key can associate with the Microcell.
VA2410 802.11b/g Outdoor Microcell User Guide work to support it. Note If you want to use IEEE 802.1x mode with EAP-TLS certificates for authentication and authorization of clients, you must have an external RADIUS server and a Public Key Authority Infrastructure (PKI) server, including a Certificate Authority (CA), configured on your network. It is beyond the scope of this document to describe these configuration of the RADIUS server, PKI, and CA server. Consult the documentation for those products.
VA2410 802.11b/g Outdoor Microcell User Guide Choose WPA Choose Smart Card or other Choose either TKIP or AES for the certificate and enable "Authenticate Data Encryption mode as computer when info is available" 1 . . . then, click "Properties" 2 Enable (click to check) "Validate server certificate" Select (check) the name of certificate on this client (downloaded from RADIUS server in a prerequisite procedure) 3 1.
VA2410 802.11b/g Outdoor Microcell User Guide Data Encryption TKIP or AES depending on how this option is configured on the Microcell. Note: When the Cipher Suite on the Microcell is set to "Both", then TKIP clients with a valid TKIP key and AES clients with a valid CCMP (AES) key can associate with the Microcell. For more information, see Users Guide and Online Help on the Microcell. 2. Configure these settings on the Authentication tab. Authentication Tab Enable IEEE 802.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring WPA-PSK Security on a Client Wi-Fi Protected Access (WPA) with Pre-Shared Key (PSK) is a Wi-Fi Alliance subset of IEEE 802.11i, which includes Temporal Key Integrity Protocol (TKIP), Advanced Encryption Algorithm (AES), and Counter mode/CBC-MAC Protocol (CCMP) mechanisms. PSK employs a pre-shared key for an initial check of client credentials. If you configured the Vivato 802.11b/g Outdoor Microcell to use WPA-PSK security mode . . . . . .
VA2410 802.11b/g Outdoor Microcell User Guide Network Key Provide the key you entered on the Microcell Security settings for the cipher suite you are using. For example, if the key on the Microcell is set to use a TKIP key of "012345678", then a TKIP client specify this same string as the network key. Authentication Tab The key is provided for me automatically This box should be disabled automatically based on other settings. Enable IEEE 802.1x authentication for this network Make sure that IEEE 802.
VA2410 802.11b/g Outdoor Microcell User Guide Configuring an External RADIUS Server to Recognize the Vivato 802.11b/g Outdoor Microcell An external Remote Authentication Dial-in User Server (RADIUS) server running on the network can support EAP-TLS smart card/certificate distribution to clients in a Public Key Infrastructure (PKI) as well as EAP-PEAP user account setup and authentication. By external RADIUS server, we mean an authentication server external to the Microcell itself.
VA2410 802.11b/g Outdoor Microcell User Guide 1. Log on to the system hosting your RADIUS server and bring up the Internet Authentication Service. 2. In the left panel, right click on "RADIUS Clients" node and choose New > Radius Client from the popup menu. 3. On the first screen of the New RADIUS Client wizard provide information about the Vivato 802.11b/g Outdoor Microcell to which you want your clients to connect: 147 › A logical (friendly) name for the Microcell.
VA2410 802.11b/g Outdoor Microcell User Guide Click Next. 4. For the "Shared secret" enter the RADIUS Key you provided to the Microcell (on the INTERFACE MANAGEMENT > SSID Configuration page). Re-type the key to confirm. 5. Click Finish. The Microcell is now displayed as a client of the Authentication Server. Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Obtaining a TLS-EAP Certificate for a Client Note If you want to use IEEE 802.1x mode with EAP-TLS certificates for authentication and authorization of clients, you must have an external RADIUS server and a Public Key Authority Infrastructure (PKI) server, including a Certificate Authority (CA), configured on your network. It is beyond the scope of this document to describe these configuration of the RADIUS server, PKI, and CA server.
VA2410 802.11b/g Outdoor Microcell User Guide The Welcome screen for the Certificate Server is displayed in the browser. 3. Click "Request a certificate" to get the login prompt for the RADIUS server. 4. Provide a valid user name and password to access the RADIUS server. Note The user name and password you need to provide here is for access to the RADIUS server, for which you will already have user accounts configured at this point.
VA2410 802.11b/g Outdoor Microcell User Guide 6. Click "Yes" on the dialog displayed to install the certificate. 7. Click "Submit" to complete and click "Yes" to confirm the submittal on the popup dialog. 8. Click "Install this certificate" to install the newly issued certificate on your client station. (Also, click 151 Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide "Yes" on the popup windows to confirm the install and to add the certificate to the Root Store.) A success message is displayed indicating the certificate is now installed on the client. Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide Appendix B: Assessing Traffic and Interference The Vivato Microcell operates in the industrial, scientific, and medical (ISM) frequency band, which is used by a growing number of consumer and commercial devices. ANY device that creates a signal of sufficient power level within this frequency band will reduce data rate on one or more 802.11b/g channels.
VA2410 802.11b/g Outdoor Microcell User Guide Note: The following table lists channels that may be used in many countries. However, it is the responsibility of the person configuring the Vivato Microcell or W-Fi Base Station to configure the product in accordance with the laws governing the deployment location. Table 3 802.11 ISM Band DSSS Channel Assignments Channel Number Center Frequency (GHz) 1 2.412 2 2.417 3 2.422 4 2.427 5 2.432 6 2.437 7 2.442 8 2.447 9 2.452 10 2.457 11 2.
VA2410 802.11b/g Outdoor Microcell User Guide guarantee any level of service unless the channel assignments of all of the 802.11 devices within the coverage area can be coordinated. The carrier sense function also applies to non-802.11b/g signals. If ANY received signal is of sufficient level, the carrier sense function will still block Wi-Fi transmission on that channel. In-Channel 802.11b Signals As previously stated, other 802.11b devices on the same channel must use CSMA/CA to share the channel.
VA2410 802.11b/g Outdoor Microcell User Guide Important Do not try to use an overlapping channel to try to “squeeze in” between the non-overlapping channels. The result will be interference on two of the non-overlapping channels and poor or no operation on the overlapping channel that you selected. Non-802.11b Signals Because the ISM band is used by non-licensed devices, many types of interfering signals can be present in the same RF spectrum used by 802.11b/g devices.
VA2410 802.11b/g Outdoor Microcell User Guide explained in the Vivato Outdoor Wi-Fi System Deployment document on the Vivato Customer Support Knowledge Base. Rogue Access Points is a feature in the Vivato Microcell that displays the received signal level and channel number on each of the 6 pointing directions. Neighboring Microcells can provide very useful results by letting you know which channels are being used, their signal strengths at the Microcell, and the direction of the origin of these signals.
VA2410 802.11b/g Outdoor Microcell User Guide Glossary 802 IEEE 802 (IEEE Std. 802-2001) is a family of standards for peer-to-peer communication over a LAN. These technologies use a shared-medium, with information broadcast for all stations to receive. The basic communications capabilities provided are packet-based. The basic unit of transmission is a sequence of data octets (8-bits), which can be of any length within a range that is dependent on the type of LAN.
VA2410 802.11b/g Outdoor Microcell User Guide 802.11e IEEE 802.11e is a developing IEEE standard for MAC enhancements to support QoS. It provides a mechanism to prioritize traffic within 802.11. It defines allowed changes in the Arbitration Interframe Space, a minimum and maximum Contention Window size, and the maximum length (in kµsec) of a burst of data. IEEE 802.11e is still a draft IEEE standard (most recent version is D5.0, July 2003). A currently available subset of 802.
VA2410 802.11b/g Outdoor Microcell User Guide AES The Advanced Encryption Standard (AES) is a symmetric 128-bit block data encryption technique developed to replace DES encryption. AES works at multiple network layers simultaneously. Further information is available on the NIST Web site. Basic Rate Set The basic rate set defines the transmission rates that are mandatory for any station wanting to join this wireless network. All stations must be able to receive data at the rates listed in this set.
VA2410 802.11b/g Outdoor Microcell User Guide Broadcast Address See IP Address. BSS A basic service set (BSS) is an Infrastructure Mode Wireless Networking Framework with a single Microcell. Also see extended service set (ESS) and independent basic service set (IBSS). BSSID In Infrastructure Mode, the Basic Service Set Identifier (BSSID) is the 48-bit MAC address of the wireless interface of the Microcell. CCMP Counter mode/CBC-MAC Protocol (CCMP) is an encryption method for 802.11i that uses AES.
VA2410 802.11b/g Outdoor Microcell User Guide The CSMA/CA protocol used by 802.11 networks is a variation on CSMA/CD (used by Ethernet networks). In CSMA/CD the emphasis is on collision detection whereas with CSMA/CA the emphasis is on collision avoidance. CTS A clear to send (CTS) message is a signal sent by an IEEE 802.11 client station in response to an request to send (RTS) message. The CTS message indicates that the channel is clear for the sender of the RTS message to begin data transfer.
VA2410 802.11b/g Outdoor Microcell User Guide educational institutions, .net for network operators, and .org for other organizations as well as .gov for the U. S. government and .mil for its armed services. DOM The Document Object Model (DOM) is an interface that allows programs and scripts to dynamically access and update the content, structure, and style of documents.
VA2410 802.11b/g Outdoor Microcell User Guide into ERP and the IEEE 802.11g standard is a scheme for effective interoperability of IEEE 802.11g stations with IEEE 802.11b nodes on the same channel. Legacy IEEE 802.11b devices cannot detect the ERP-OFDM signals used by IEEE 802.11g stations, and this can result in collisions between data frames from IEEE 802.11b and IEEE 802.11g stations. If there is a mix of 802.11b and 802.11g nodes on the same channel, the IEEE 802.
VA2410 802.11b/g Outdoor Microcell User Guide IBSS An independent basic service set (IBSS) is an Ad hoc Mode Wireless Networking Framework in which stations communicate directly with each other. IEEE The Institute of Electrical and Electronic Engineers (IEEE) is an international standards body that develops and establishes industry standards for a broad range of technologies, including the 802 family of networking and wireless standards. (See 802, 802.1x, 802.11, 802.11b, 802.11b, 802.11e, 802.11f, 802.
VA2410 802.11b/g Outdoor Microcell User Guide 10.0.0.0 to 10.255.255.255 172.16.0.0 to 172.31.255.255 192.168.0.0 to 192.168.255.255 A Dynamic IP Address is an IP address that is automatically assigned to a host by a DHCP server or similar mechanism. It is called dynamic because you may be assigned a different IP address each time you establish a connection. A Static IP Address is an IP address that is hard-wired for a specific host.
VA2410 802.11b/g Outdoor Microcell User Guide is used to provide an authentication mechanism. It is based on the X.500 standard, but less complex. Lease Time The Lease Time specifies the period of time the DHCP Server gives its clients an IP Address and other required information. When the lease expires, the client must request a new lease. If the lease is set to a short span, you can update your network information and propagate the information provided to the clients in a timely manner.
VA2410 802.11b/g Outdoor Microcell User Guide organizations, and it allows the use of a single Internet connection. Network Address See IP Address. NIC A Network Interface Card is an adapter or expansion board inserted into a computer to provide a physical connection to a network. Most NICs are designed for a particular type of network, protocol, and media, for example, Ethernet or wireless. NTP The Network Time Protocol assures accurate synchronization of the system clocks in a network of computers.
VA2410 802.11b/g Outdoor Microcell User Guide content is divided up and packaged into packets. A packet includes a small chunk of the content to be sent along with its destination address and sender address. Packets are pushed out onto the network and inspected by each node. The node to which it is addressed is the ultimate recipient. Packet Loss Packet Loss describes the percentage of packets transmitted over the network that did not reach their intended destination.
VA2410 802.11b/g Outdoor Microcell User Guide PSK Pre-Shared Key (PSK), see Shared Key. Public Key A public key is used in public key cryptography to encrypt a message which can only be decrypted with the recipient's private or secret key. Public key encryption is also called asymmetric encryption, because it uses two keys, or Diffie-Hellman encryption. Also see Shared Key.
VA2410 802.11b/g Outdoor Microcell User Guide RTS Threshold The RTS threshold specifies the packet size of a request to send (RTS) transmission. This helps control traffic flow through the Microcell, and is especially useful for performance tuning on a Microcell with a many clients. Shared Key A shared key is used in conventional encryption where one key is used both for encryption and decryption. It is also called secret-key or symmetric-key encryption. Also see Public Key.
VA2410 802.11b/g Outdoor Microcell User Guide Subnet Mask A Subnet Mask is a number that defines which part of an IP address is the network address and which part is a host address on the network. It is shown in dotted-decimal notation (for example, a 24-bit mask is shown as 255.255.255.0) or as a number appended to the IP address (for example, 192.168.2.0/24).
VA2410 802.11b/g Outdoor Microcell User Guide transmitted from the VA2410 to client stations. UDP The User Datagram Protocol (UDP) is a transport layer protocol providing simple but unreliable datagram services. It adds port address information and a checksum to an IP packet. UDP neither guarantees delivery nor does it require a connection. It is lightweight and efficient. All error processing and retransmission must be performed by the application program.
VA2410 802.11b/g Outdoor Microcell User Guide WDS A Wireless Distribution System (WDS) allows the creation of a completely wireless infrastructure. Typically, an Microcell is connected to a wired LAN. WDS allows Microcells to be connected wirelessly. The Microcells can function as wireless repeaters or bridges. WEP Wired Equivalent Privacy (WEP) is a data encryption protocol for 802.11 wireless networks.
VA2410 802.11b/g Outdoor Microcell User Guide another encryption mode (OCB) for encryption and integrity. XML The Extensible Markup Language (XML) is a specification developed by the W3C. XML is a simple, flexible text format derived from Standard Generalized Markup Language (SGML), which is defined in ISO 8879:1986, designed especially for electronic publishing. 175 Copyright © 2005, Vivato, Inc.
VA2410 802.11b/g Outdoor Microcell User Guide A access point monitoring 73 administrator platform 26 administrator password 71 on Network > Basic Settings 37 antenna connectors 20 associated wireless clients 76 authentication in different security modes 90 authentication server for IEEE 802.
VA2410 802.11b/g Outdoor Microcell User Guide DNS servers, specifying 40 documentation feedback 14 DTIM period configuring 49 E EAP-PEAP configuring on IEEE 802.
VA2410 802.11b/g Outdoor Microcell User Guide IEEE 802.
VA2410 802.11b/g Outdoor Microcell User Guide password recovery 122 PEAP configuring on IEEE 802.
VA2410 802.11b/g Outdoor Microcell User Guide SNMP Network Management 110 spanning tree protocol (STP) 64 Spectrallink Voice Priority (SVP) 57 starting the network 38 static WEP security mode configuring 96 on WDS bridge 65 when to use 91 stations configuring maximum allowed 49 See also client Support Contacts 14 support contacts 14 support, customer 14 supported platforms administrator 26 client 28 System Recovery 122 T time configuring an AP/Bridge to use NTP server 47 TLS-EAP configuring on IEEE 802.
VA2410 802.