background image

 

User’s Manual 

  OWL800 / OWL2000 / HSG800

 

ENGLISH 

 

 

© 2008 4IPNET, INC. 

 

86

4.6.3 Antennas 

Antenna Diversity is an important feature of the 802.11 specification. The two radio modules (CM9) inside the 

system support the feature of Antenna Diversity. Each of them comes with two antenna connectors for connecting 

up to two antennas. When the feature of antenna diversity is turned on, the module uses two receiving antennas to 

eliminate mulitpath signal distortion. That is, the signal from the antenna with the least noise (best SNR) is chosen, 

and the other antenna is ignored. For more explanation please refer to the wiki page on 

Antenna Diversity

 

To support the Antenna Diversity, each radio module (CM9) inside has two antenna connectors - one “Main” 

connector and the other as “Auxiliary” connector. The “Main” connector must be connected with an antenna. The 

“Auxiliary” is optionally connected to an antenna.   

 

 

The above picture represents ANT 1 ~ ANT 4 connectors from right to left when OWL800 chassis (with Mylar) is 

faced up.   

 

ANT1: The “Main” connector of 1

st

 radio module. Antenna at this connector is required. 

ANT2: The “Main” connector of 2

nd

 radio module. Antenna at this connector is required. 

ANT3: The “Auxiliary” connector of 1

st

 radio module. Antenna at this connector is optional. 

ANT4: The “Auxiliary” connector of 2

nd

 radio module. Antenna at this connector is optional. 

 

Each of the two radio module (CM9) inside has two antenna connectors for antenna diversity. 

The required 

antenna is antenna ANT1 and antenna ANT3.

 ANT1 is connected to the “Main” contact point of the first radio 

module. ANT3 is connected to the “Main” contact of the second module.   

 

 

 

 

 

 

 

Summary of Contents for HSG800

Page 1: ...IEEE 802 11 b g Outdoor AP Bridge Support IEEE802 11a Client Backhaul Models OWL800 V1 00 OWL2000 V1 00 HSG800 V1 00 ...

Page 2: ...ithout the prior written permission of 4IPNET INC Disclaimer 4IPNET INC does not assume any liability arising out the application or use of any products or software described herein Neither does it convey any license under its parent rights not the parent rights of others 4IPNET further reserves the right to make changes in any products described herein without notice The publication is subject to...

Page 3: ...rst Safety Information All models of OWL800 OWL2000 and HSG800 have been evaluated to and conforms to the product safety specifications of EN 60950 2001 A11 2004 Caution This product was qualified under test conditions that included the use of the power supplying equipment To ensure regulatory and safety compliance use only the provided power supplying equipment and install them properly To preven...

Page 4: ... all persons This device and its antennas must not be co located or operating in conjunction with any other antenna or transmitter Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment FCC Class B Statement This equipment has been tested and found to comply with the limits for a Class B digital device p...

Page 5: ...B EN 55024 1998 A1 2001 A2 2003 including the followings EN 61000 3 2 EN 61000 3 3 EN 61000 4 2 EN 61000 4 3 EN 61000 4 4 EN 61000 4 5 EN 61000 4 6 EN 61000 4 11 Safety EN 60950 1 2001 A11 2004 Caution This declaration is only valid for configurations combinations of software firmware and hardware provided and supported by 4ipnet Inc The use of software or firmware not provided and supported by 4i...

Page 6: ...之干擾 NCC 其他注意項目 NCC Caution 一 本產品 OWL800 HSG800 OWL2000 及外接天線僅限於專業安裝 並限於固定式 點對點之操作 本產品是設 計為專業用 防水 防風 防銹 堅固之工業級產品 其銷售對象限於有發射器專業安裝技術之工程單位或無線系統 之專業整合商 二 本產品 OWL800 HSG800 OWL2000 內建兩個無線模組 型號CM9 其最高輸出功率為19dBm 設定介面所提 供的功率變更只能用於調降發射功率 也就是說 設定在最高時 Highest 只會達19 dBm 設定的改變不會加大無 線模組之發射功率 三 本產品 OWL800 HSG800 OWL2000 雖然有介面可改設內建無線模組的發射頻道 以避免與其它鄰近無線設備 衝突 但介面上所可選之頻道 是根據販售當地法令有所限制 例如 在台灣市場及在北美市場的產品 2 4G範圍只 有11個頻道在...

Page 7: ...are Installation 4 3 1 1 Package Contents 4 3 1 2 Panel Function Descriptions 5 3 1 3 Hardware Installation 6 3 2 Software Configuration 7 3 2 1 Instruction of Web Management Interface 7 3 2 2 User Login Portal Page 10 3 2 3 Basic Configuration 12 3 2 4 Common Settings 16 4 Menu Configuration AP Gateway Mode 20 4 1 System 24 4 1 1 General 24 4 1 2 Network Interface 27 4 1 3 Management 32 4 1 4 VLA...

Page 8: ... Firewall 71 4 4 6 Route 73 4 4 7 802 1X 74 4 5 Utilities 75 4 5 1 Change Password 75 4 5 2 Import Export 76 4 5 3 Backup Restore 77 4 5 4 System Upgrade 78 4 5 5 Reboot 79 4 5 6 Scan 80 4 5 7 Upload Certificate 81 4 6 Status 82 4 6 1 Overview 82 4 6 2 WDS List 85 4 6 3 Antennas 86 4 6 4 Associated Clients 87 4 6 5 Event Log 88 4 6 6 Online Users 89 4 6 7 User Log 90 Appendix A Session Limit and S...

Page 9: ...o the optional feature lists provided separately In this manual all the optional featured are covered In the following manual we will refer the device as OWL800 or the system for the convenience Model Description OWL800 This is the base model Its firmware can be upgraded to be HSG800 or OWL2000 when optional software feature is purchase The base firmware support AP Bridge and Gateway operation mod...

Page 10: ...tions and not to activate them Clear settings entered by clicking this button The red asterisk indicates information in this field is compulsory Note Screen captures and pictures used in this manual may be displayed in part or in whole or similar products and may vary or differ slightly from the actual product depending on versioning and menu accessed ...

Page 11: ...ee die cast Aluminum housing is IP68 compliant and high wind load resilient All the components are designed to operate in a wide range of temperature The on board surge protection provides the device up to 15KV surge immunity The OWL800 delivers an excellent outdoor WLAN solution 2 2 System Concept The System contains two radio modules Two 100mW modules are WNC s CM9 which are tested to be modular...

Page 12: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 3 Multi mode in Operation ...

Page 13: ...G x 1 y CD ROM x 1 y RJ45 RS232 Console Cable x 1 y PSE x 1 y Power cord x 1 y Mounting Kit x 1 y Waterproof Connector Pack x 2 y Rubber antenna x 4 Note It is recommended to keep the original packing materials in case of product service requirements Any returned product should be packed according to its original package content together with its relevant packing materials used for protecting the ...

Page 14: ...t when OWL800 chassis with Mylar is faced up Each of the two radio module CM9 inside has two antenna connectors for antenna diversity The required antenna is antenna ANT1 and antenna ANT2 ANT1 is connected to the Main contact point of the first radio module ANT2 is connected to the Main contact of the second module The other two antennas are optional for antenna diversity The antenna ANT3 is conne...

Page 15: ...uter 5 Connect the power cord to the PSE 6 Power on the PSE in order to supply power to OWL800 7 Note You must be professional to use a different replacement antenna and you must following the code regulation of your region country for the installation Now the Hardware Installation has been completed and ready for configuration It is easier to following the Quick Installation Guild for the first t...

Page 16: ...e of this system After completing hardware installation the administrator can configure the OWL800 via web browsers The default IP address and Subnet Mask of different modes are as follows Mode AP Relay Gateway IP Address 192 168 2 1 192 168 1 1 Subnet Mask 255 255 255 0 255 255 255 0 Default Gateway 192 168 2 254 192 168 1 254 Enter admin as the default Username and admin as the default Password ...

Page 17: ...WL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 8 Main Menu provides detailed configuration pages for administrators to configure the system manually Please refer to Section 4 Main Menu for more information Gateway Mode ...

Page 18: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 9 AP Mode ...

Page 19: ...ice will get an IP address automatically via DHCP Next open a web browser and access any URL and then the default User Login Page will appear Enter the username and password of the local user account generated by Setup Wizard previously e g test local as the Username and test as the Password then click Login Note 1 OWL800 supports both local built in user database and external authentication datab...

Page 20: ...G800 ENGLISH 2008 4IPNET INC 11 Step 3 The Login Success Page will appear after a client is authenticated by the system and logs in successfully In the meantime successful login means OWL800 has been installed and configured properly ...

Page 21: ...00 s to the administrator s PC is needed in order to get Administrator Login Page The following IP address is listed as an example IP Address 192 168 2 10 Subnet Mask 255 255 255 0 Default Gateway 192 168 2 254 Once OWL800 has been connected the Administrator Login Page will appear Enter admin for both the default user name and password in the Username and Password fields and then click the OK but...

Page 22: ...con on the upper right corner of the web management interface to return to the Administrator Login Page Note By default the system is in AP Relay mode Therefore the administrator must login to the system in AP Relay mode at the first time and then be able to switch the system to the desired mode afterwards ...

Page 23: ... is needed The following IP address is listed as an example IP Address 192 168 1 10 Subnet Mask 255 255 255 0 Default Gateway 192 168 1 254 Once OWL800 has been connected the Administrator Login Page will appear Enter admin for both the default user name and password in the User name and Password fields and then click the OK button to log in User name admin Password admin After successfully loggin...

Page 24: ... Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 15 Gateway Mode To logout simply click the Logout icon on the upper right corner of the web management interface to return to the Administrator Login Page ...

Page 25: ...et in AP Relay mode it is a layer2 IP device like a normal AP No IP sharing NAT and routing feature are support When OWL is set in Gateway mode it is a layer3 IP device Like an AP router OWL800 in the gateway mode support IP sharing NAT Its POE1 port is treated as the uplink Gateway Mode Change Password 1 Change administrator s password by clicking on the Utilities menu item 2 Select Change Passwo...

Page 26: ...elect VAP Configuration from submenu item 3 Administrator can enable or disable specific VAP from the drop down list of Profile Name 4 Set desired ESSID 5 Disable VLAN ID means untagged when this VAP is enabled Set a VLAN ID if this VAP is tagged Note To configure the rest of the profiles please follow the same steps as illustrated for VAP 1 ...

Page 27: ...Settings 1 Click on the WDS menu item Select General submenu 2 WDS is used as bridge backhaul By default a mode is used for WDS You must select a channel to Select preferred Channel for the wireless connection For example select channel code 149 Note Depending on your country the list of allowed channels is different For example the OWL800 shipped to US market allow one to select the 5 channels fo...

Page 28: ...sabled First choose the WDS Profile enable WDS supply peer s MAC address and security type Gateway AP Mode Note WDS profiles are able to be configured even when the respective Radio module is disabled which can be done in General submenu item of WDS menu Now the system has been installed and configured successfully Note It is strongly recommended to make a copy of configuration backup Local user d...

Page 29: ...AP AP Gateway AP WDS Gateway AP User AP Utilities Gateway AP and Status Gateway AP OPTION FUNCTION General AP Gateway Network Interface AP Gateway Management AP Gateway VLAN Overview Gateway VLAN Configuration Gateway Walled Garden Gateway System Mode AP Gateway Overview AP Gateway General AP Gateway VAP Configuration AP Gateway Security AP Gateway Advanced AP Gateway AP Access Control AP Gateway ...

Page 30: ...start Introduction OWL800 has equipped a friendly Web graphical user interface for users and system administrators to configure parameters easily and remotely The recommended web browsers are IE 6 0 TM Firefox 2 0 TM and the above OWL800 provides the web management interface for easier configuration After completing hardware installation the administrator can configure the OWL800 through web brows...

Page 31: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 22 AP Mode ...

Page 32: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 23 Gateway Mode ...

Page 33: ...2008 4IPNET INC 24 4 1 System This section guides you through the following functions System Information Network Interface Management Service VLAN Overview VLAN Configuration Walled Garden List and Gateway AP Mode Selection 4 1 1 General AP Mode ...

Page 34: ...r mnemonic purpose It is recommended to have different values for each AP Time settings allow you to set OWL800 s system time manually or have it synchronized automatically with NTP server When NTP server is used NTP server1 must be filled If FQDN full qualified domain name is used the DNS server setting must also be activated Name System name used to identify this box Description Give further inf...

Page 35: ...ally While this method is selected at least one NTP server s IP address should be provided It is recommended to give both NTP servers IP addresses to prevent occasionally NTP service unavailable Gateway AP Mode 2 Set Date Time manually Manually set the system time by giving date time in this page underneath If this method is chosen the NTP server 1 2 settings will be closed Note unless Internet co...

Page 36: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 27 4 1 2 Network Interface There are 3 connection types supported on OWL800 s WAN port Static DHCP or PPPoE AP Mode ...

Page 37: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 28 Gateway Mode ...

Page 38: ... by DHCP or Static o Static setting Static setting is to set these parameters manually Basic parameters such as IP address subnet mask and gateway are needed AP Mode Gateway Mode o DHCP client This option is provided when the users have a DHCP in the wired network and make sure the network connection is correct ...

Page 39: ...PPPOE When selecting PPPoE to connect to the network please set the Username Password MTU and CLAMP MSS There is a Dial on demand function under PPPoE If this function is enabled a Maximum Idle Time can be set When the idle time is reached the system will automatically disconnect itself ...

Page 40: ... is correct Layer 2 STP It depends on the configuration of the OWL800 including wired and wireless settings When it is configured to bridge several networks STP needs to be enabled Dynamic DNS DDNS OWL800 provides a convenient DNS function to translate a domain name to the IP address of WAN port that helps the administrator memorize and connect to WAN port If the DHCP is activated at WAN port this...

Page 41: ...ENGLISH 2008 4IPNET INC 32 4 1 3 Management For easier maintenance SNMP Simple Network Management Protocol and remote Syslog services are provided in OWL800 The OWL800 will be managed remotely in a centralized manner AP Mode Gateway Mode ...

Page 42: ...s for the SNMP managers to set the MIB information to the system The example here indicates that the SNMP managers can write the MIB information to the system when the SNMP mangers use the community Private o Trap Enable or Disable the feature When enabled its reported event will be sent to assigned management station with specified Server IP Address Syslog Configuration By enabling this service s...

Page 43: ... The VLAN tag for the respective VLAN The hyperlink connects to VLAN s Configuration Zone Interface IP The hyperlink connects to VLAN s Configuration Zone DHCP Enable or Disable DHCP state shown here The hyperlink connects to VLAN s Configuration Zone Start IP Show the Start IP Address here The hyperlink connects to VLAN s Configuration Zone End IP Show the End IP Address here The hyperlink connec...

Page 44: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 35 Gateway Mode VLAN Configuration ...

Page 45: ...VLAN Configuration Gateway Mode VLAN This section is where to configure each VLAN There are 9 VLANs VLAN0 8 Remark Text remark about this VLAN VLAN Tag each VLAN is identified by different tags carried within message frames The number that is mapped to the selected VLAN ...

Page 46: ...ble DHCP Make OWL800 your DHCP server o Domain Name Domain Name looks like domain com that is a better memorable term to IP address Client looks up a website by entering its domain name or its IP address o WINS Server WINS is short for windows internet name WINS server translates Windows computer names to IP addresses To see the full computer name right click My Computer icon and scroll down to Pr...

Page 47: ...ss list Reserved IP Address is a static IP address reserved for a special client by his MAC address Allowed Authentication Method and Applied Policy o Local Select a policy and apply to local authentication o External RADIUS server Select a policy and apply to RADIUS authentication ...

Page 48: ...bsites before login and authentication An example may be seen in hotels where guests without network access right are allowed to utilize the network service free of charge such as accessing the Hotel s homepage Up to 20 addresses or domain names of the websites can be defined in this list Users without the network access right can make use of the actual network service free of charge Gateway Mode ...

Page 49: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 40 ...

Page 50: ...de is to create WDS link with other wireless devices o Gateway Mode Selecting Gateway Mode enhances OWL800 a new feature user authentication gateway Please see Users for configuration instruction Radio module Mode o AP mode RF1 acts like a regular Access Point Radio module for other wireless clients to associate o WDS mode WDS mode is for Radio modules to create WDS link with other wireless device...

Page 51: ... have its own settings including ESSID VLAN ID security settings and etc Therefore these VAPs can bring different service level to clients depending on the ESSID connected to Please click on the menu item AP to configure VAPs 4 2 1 Overview The overall status is collected in this page including enable disable state security type MAC state and advanced settings OWL800 has 8 VAPs each has its own se...

Page 52: ...tion Gateway AP Mode Security Type The hyperlink showing security type connects to the screen of Security Settings Gateway AP Mode MAC ACL The hyperlink showing status of MAC ACL connects to the screen of Access Control Settings Gateway AP Mode Advanced Settings The hyperlink of advanced settings connects to the screen of Advanced Wireless Settings ...

Page 53: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 44 Gateway AP Mode ...

Page 54: ...m transmit rate can be set as auto or specific available rate Transmit Power Choose from Lowest Power to Highest Power level or auto Note The factory default setting is Highest 19 dBm Each level steps down around 3 dBm That is even the transmit power is adjustable it can only be adjusted down from the radio card s limit There is no power buster inside the product Note Depending on the region US EU...

Page 55: ... its profile VAP Enable or disabled virtual AP settings Profile Name Give the profile an identity for management purpose ESSID Extended Service Setting ID indicate the SSID which the clients used to connect to the VAP ESSID will determine the service type of a client which assigned to the specified VAP VLAN ID Virtual LAN the OWL800 supports tagged VLAN To enable VLAN function each VAP needs a uni...

Page 56: ...ators can depend on the need to provide different service levels to clients The security type includes the items on the drop down menu of security type None No authentication required This is the default setting as shown in the figure Gateway AP Mode WEP Supports key length of 64 128 152 bits o WEP Key Format Different format will affect the number of inputs to WEP keys Gateway AP Mode ...

Page 57: ...ser s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 48 802 1x Provides RADIUS authentication and enhanced WEP Gateway Mode AP Mode WPA PSK Provides shared key authentication in WPA data encryption ...

Page 58: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 49 Gateway AP Mode WPA RADIUS Authenticate user by RADIUS in WPA data encryption Gateway Mode ...

Page 59: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 50 AP Mode ...

Page 60: ...and is default to 2346 Fragmentation Threshold A unicast frame larger than this threshold will be fragmented before the transmission If significant numbers of collisions are occurring we can try to take a smaller value of the fragmentation threshold to see if it helps Broadcast SSID Disable this item will prevent the OWL800 from broadcasting its SSID publicly Wireless Station Isolation By enabling...

Page 61: ...f stations to a desired number For example while the number of station is set to 20 only 20 stations are allowed to connect to this VAP For MAC ACL control the supported methods include Disable Access Control No MAC address check required MAC ACL Allow List Deny all except allowed ones in the list MAC ACL Deny List Allow all except denied ones in the list The one selected in the Access Control Typ...

Page 62: ...or can still enable or disabled the rule applied to the specified one For example 11 22 33 44 55 66 is in the allow list to temporarily deny its access we can disable the rule on it Gateway AP Mode MAC ACL Deny List When the policy is set to Deny List all wireless connection to the VAP will be allowed except those denied MAC addresses listed When the users want to allow one listed MAC address temp...

Page 63: ...apply to all Virtual Access Point in this device 4 3 1 Overview WDS links are used as backhaul or bridges The figure provides an overall status of all WDS links Turn the WDS link by giving signal quality in the table Gateway AP Mode Link No corresponding profiles of each WDS interface State Enabled or Disabled the plan MAC Address remote peer s MAC address Security Choose between Disable security ...

Page 64: ...The second radio in the system is designed for building WDS links WDS links are used as backhaul or point to point bridges WDS links do not service AP clients 11a 5 725 5 85GHz is used by the 2nd radio module typically in order to avoid the channels of 11b g 2 4GHz used by the first radio module for serving clients However 11b and 11g are still available to the 2nd radio WDS in case the administra...

Page 65: ...sable the specified WDS link MAC Address of Remote AP For each link type the MAC address of the remote peer here The MAC address may also get by WDS Discovery Please refer to WDS discovery in the following section for detail Path Cost of STP An assigned weighted metric here will determine the best path for data flow Security Type Set the encryption WEP or None of WDS link here o None No authentica...

Page 66: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 57 o TKIP Gateway AP Mode ...

Page 67: ... secret Please refer to WDS RF settings for the shared secret The remote peer must also have the same Scan feature equipped To start WDS discovery select WDS interface and then click on the Discover Now button If the local WDS is in remote peer s coverage area the information of remote peer will be listed Click on the Connect button the MAC address of remote peer will be retrieved locally for WDS ...

Page 68: ...evice Settings 4 4 1 Local Local user database is built locally in OWL800 To add new user accounts enter specific information User Name Password MAC Address and Remark and click Add All created accounts are displayed in the User List Gateway Mode Postfix It is a string used by the system to distinguish which database server will be used for authentication when a user enters the user name to log in...

Page 69: ...nabled Local user database functions as an external RADIUS server for another gateway Therefore a user can roam out to the network under anther gateway by using the same Local account For more information please see Appendix B 802 1X Support The button Roaming Out 802 1X Client Device Settings connects to the screen of 802 1X Gateway Mode Add Roaming Out and 802 1X list Import Export Local User Th...

Page 70: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 61 Gateway Mode Search User List Gateway Mode Edit User List ...

Page 71: ... external RADIUS servers It functions as a RADIUS authenticator for external RADIUS servers To enable the RADIUS authentication enter the related information for the primary RADIUS server and or the secondary RADIUS server not required These settings will be effective immediately after clicking the Apply button Gateway Mode ...

Page 72: ...802 1X Client Device Settings page to further set up the 802 1X capable devices that are allowed to authenticate against the Local user database Username Format to RADIUS Server When ID Only is selected only the username will be sent to the external RADIUS server for authentication On the other hand when Complete option is selected both the username and the postfix will be sent to the RADIUS serve...

Page 73: ...nd is designed as the authentication option for this type of deployment scenarios Gateway Mode Postfix It is a string used by the system to distinguish which database server will be used for authentication when a user enters the user name to log in For example when the Postfix is configured as ondemand xrf6 ondemand will tell the system to use this authentication database A meaningful string will ...

Page 74: ...r guest users o Wireless Key The administrator can enter the defined wireless key such as WEP or WPA in the field The Wireless Key will be printed on the receipt for the guest users reference when accessing the Internet via wireless LAN service o Remark The administrator can enter extra information in this field for remark o Receipt Footer The entered content will be printed on the receipt This fo...

Page 75: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 66 Billing Plans Administrators can configure several billing plans Gateway Mode ...

Page 76: ...C 67 On demand Account Creation When at least one plan is enabled the administrator can generate On demand user accounts here Gateway Mode On demand Account List All created On demand accounts are listed and related information on is also provided Gateway Mode ...

Page 77: ...perform the search All usernames matching the keyword will be listed Username The login name of the instant account Password The login password of the instant account Remaining Quota The total time that the user can use currently Status The status of the account Delete All This will delete all the users at once Delete This will delete the users individually ...

Page 78: ...ing Firewall Rules Specific Routes Profile which will be applied to all users unless the user has been regulated and applied to another policy Gateway Mode Global Policy Firewall Profile Global policy and each policy have a firewall service list and a set of firewall profile which is composed of firewall rules Specific Route Profile The default gateway of WAN1 WAN2 or a desired IP address can be d...

Page 79: ...ts applied this policy will access the Internet through this default gateway Schedule Profile The Schedule table in a 7x24 format is used to control the clients login time When Schedule is enabled clients applied policies are only allowed to login the system at the time which is checked in the applied policy Total Uplink Bandwidth Defines the maximum uplink bandwidth allowed to be shared by all cl...

Page 80: ... the list can be deleted Delete button from the list or edited Edit button Source IP Subnet Mask The combination of these two fields specifies either the IP address of a source host or the source network segment For example 192 168 1 101 with 255 255 255 255 32 stands for a single host 192 168 1 101 while 192 168 1 0 with 255 255 255 0 24 indicates this is a Class C subnet 192 168 1 xxx Destinatio...

Page 81: ...SG800 ENGLISH 2008 4IPNET INC 72 subnet 192 168 2 xxx Protocol The specific service protocol for the filtering rule ALL TCP UDP TCP UDP ICMP and IP Action Pass is to allow the packet to pass Block is to block the packet from passing ...

Page 82: ...ough the system s default gateway WAN interface Gateway Mode To add a rule to the Specific Route list specify the values of following fields and click the Add button A rule in the list can be deleted Delete button from the list or edited Edit button Destination Subnet Mask The combination of these two fields specifies the IP address of a destination host or the destination network segment Gateway ...

Page 83: ... from the IP address or network segment of 802 1 X enabled client devices or the remote gateway is not allowed 802 1X The client device is 802 1X enabled such as AP and switch Roaming Out The device is the remote gateway to send authentication request of Roaming Out User To add to the Device Setting List configure Type IP Address Subnet Mask and Secret Key in the Add column click Add Gateway Mode ...

Page 84: ...d access it is strongly recommended to change the default administrator s password to your own one Only alpha numeric characters pattern is allowed and it is strongly recommended to take a combination of both numeric and alphabetic characters Gateway Mode AP Mode The administrator manager operator can change the passwords of the system The login account for the administrator is admin The admin pas...

Page 85: ... Gateway Mode Import Local User Click Browser button to select the file for uploaded user account and then click Import to execute the process Export Local User Click Export button to create all build in user account information and click Open or Save to view or save the user s file ...

Page 86: ... system configurations to a backup file on a local disk of the management console A backup file for OWL800 keeps the current system settings as well as the local user accounts Before any configuration changed it is recommended to backup the system before you proceed with any changes thus it can be recovered soon if occasionally something wrong happened Restore System Settings Click on the Browse b...

Page 87: ...sage appearing to notify the administrator to restart the system after successful firmware upgrade Gateway AP Mode Although the system will check the firmware s contents to ensure its integrity it is still recommended to check the version number before action proceeded Please note that firmware upgrade may sometime result in loss of some data Please ensure that you read the release notes to unders...

Page 88: ...00 safely The process should take about three minutes Click Reboot button to restart the system Please wait for the blinking timer to finish before accessing the system web management interface again Occasionally it is necessary to reboot OWL800 to ensure parameter changes being submitted Take this page for the purpose Gateway AP Mode ...

Page 89: ...ettings it can avoid unexpected conflict in settings and tune the corresponding parameters Gateway AP Mode Scan Enable or Disable scan settings Scan Interval The time interval used to trigger the scanning it takes 86400 seconds as the default setting The result table records the latest AP scanning result Still the user could click the Scan Now button again to renew the result immediately Take the ...

Page 90: ...omer certification external certificate issued by public or private authority Click the first Browse button to select the Private Key or Certificate Click the second Browse button to select the file for the certificate upload Next click Save to complete the upload process Click Use Default Certificate button to restore the default certificate automatically ...

Page 91: ... following functions System Overview WDS List Antennas Associated Clients Event Log Online Users and User Log 4 6 1 Overview The section provides an overview of the system status for the administrator System s overall status for individual setting and status please check them in each configuration page Gateway Mode ...

Page 92: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 83 AP Mode ...

Page 93: ...ime is shown as the local time MAC Address The MAC address of Network Interface Network Interface IP Address The IP address of the Network Interface MAC Address The MAC address of LAN Interface IP Address The IP address of the LAN Interface LAN Interface Subnet Mask The Subnet Mask of the LAN Interface MAC Address The MAC address of Radio module Band The RF band a b g used Channel The channel spec...

Page 94: ... s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 85 4 6 2 WDS List WDS lists indicate the link status of each RF interface including status of Mac Address SNR dB rate count and errors Gateway AP Mode ...

Page 95: ...enna connectors one Main connector and the other as Auxiliary connector The Main connector must be connected with an antenna The Auxiliary is optionally connected to an antenna The above picture represents ANT 1 ANT 4 connectors from right to left when OWL800 chassis with Mylar is faced up ANT1 The Main connector of 1st radio module Antenna at this connector is required ANT2 The Main connector of ...

Page 96: ... OWL2000 HSG800 ENGLISH 2008 4IPNET INC 87 4 6 4 Associated Clients List all associated clients from all the VAPs Please take this table to manage the clients and take the signal strength for debug purpose Gateway AP Mode ...

Page 97: ...Date Time Name or Status Date Time The time date when the event happened Hostname Indicate which host records this event Note that all events in this page are local event so events of this field are all the same However in remote syslog service this field will help us to identify which event are from this OWL800 Process name with square brackets Indicate the event generated by this running instanc...

Page 98: ...ne users information can be obtained by using this function These include User name IP Address MAC Address Idle Time and Action The administrator can use this function to force a specific online user to log out or terminate any user session by clicking the hyperlink of Action Gateway AP Mode ...

Page 99: ...d on the volatile memory and will be lost if the system is powered off Gateway AP Mode Users Log The Users Log provides information of all users login and logout activities except guest users RADIUS roaming in out users and SIP clients Session Log Log each connection created by clients and tracking the source IP and destination IP Session Log can be sent to the SYSLOG server or via email automatic...

Page 100: ...nes When the number of a user s sessions reaches the session limit a choice of Unlimited 10 25 50 100 200 350 and 500 the user will be implicitly suspended upon receipt of any new connection request In this case a record will be logged to the SYSLOG server specified in the Policy Configuration Since this basic protection mechanism may not be able to protect the system from all malicious DoS attack...

Page 101: ...ss of the client SPort The source port number of the client DIP The destination IP address of the client DPort The destination port number of the client The following table shows an example of the session log data Aug 30 12 35 05 2007 New user1 local TCP MAC 00 09 6b cd 83 8c SIP 10 1 1 37 SPort 1626 DIP 203 125 164 132 DPort 80 Aug 30 12 35 05 2007 New user1 local TCP MAC 00 09 6b cd 83 8c SIP 10...

Page 102: ...teristics of IEEE 802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point to point connection characteristics and of preventing access to that port in cases which the authentication and authorization fails A port in this context is a single point of attachment to the LAN infrastructure 802 1X 2001 page 1 802 1X Authenticat...

Page 103: ...e 802 1X Client Device Authenticator The system will only allow this 802 1X enabled client device AP to send 802 1X authentication request to internal or external RADIUS server Click the Roaming Out 802 1X Client Device Settings button above or the 802 1X tab to go to the configuration page Set the Type to 802 1X and enter the IP address of the authenticator Step 3 Configure the RADIUS server sett...

Page 104: ...Example 2 OWL800 is configured to use external RADIUS server for 802 1X authentication Internal RADIUS Local Database Supplicant 192 168 1 64 Authenticator hq user1 hq radius 192 168 1 254 Gateway Mode External RADIUS 802 1X Authentication EAP Request 192 168 1 130 ...

Page 105: ...RADIUS server in the RADIUS page Step 2 Specify the 802 1X Client Device Authenticator The system will only allow this 802 1X enabled client device AP to send 802 1X authentication request to internal or external RADIUS server Click the Roaming Out 802 1X Client Device Settings button above or the 802 1X tab to go to the configuration page Set the Type to 802 1X and enter the IP address of the aut...

Page 106: ...n external RADIUS server for remote gateway to service Roaming Out users Note In this example the AP is not enabled as 802 1X Authenticator therefore the Roaming Out User will be authenticated via web based login page instead of 802 1X client window Internal RADIUS Local Database Remote Gateway 61 12 2 16 CHAP PAP hq user1 hq radius Roaming Out User Gateway Mode 61 121 22 11 ...

Page 107: ... Specify the remote gateway Authenticator The system will only allow this 802 1X enabled client device remote gateway to send 802 1X authentication request to internal or external RADIUS server Click the Roaming Out 802 1X Client Device Settings button above or the 802 1X tab to go to the configuration page Set the Type to Roaming Out and enter the IP address of the remote gateway Step 3 Configure...

Page 108: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 99 P N 100200904071 ...

Reviews: