manualshive.com logo in svg

Cisco Small Business WAP551, Administration Manual

The Cisco Small Business WAP551 offers blazing fast wireless connectivity for your small business. With its comprehensive Brochure & Specs manual available for download, setting up and optimizing your network has never been easier. Access the user manual for free at manualshive.com, ensuring seamless integration and maximum performance.

Share
Download
background image

Administration

Packet Capture

Cisco Small Business WAP551 and WAP561 Wireless-N Access Point

59

3

802.11 traffic

-- rpcap://[192.168.1.220]:2002/radio1

At WAP321561, VAP1 ~ VAP7 traffic

-- rpcap://[ 192.168.1.220]:2002/wlan0vap1 ~ wlan0vap7

At WAP321561, VAP1 ~ VAP3 traffic

-- rpcap://[ 192.168.1.220]:2002/wlan0vap1 ~ wlan0vap3

You can trace up to four interfaces on the WAP device at the same time. However, you must 
start a separate Wireshark session for each interface. To initiate additional remote capture 
sessions, repeat the Wireshark configuration steps; no configuration needs to be done on the 
WAP device.

NOTE

The system uses four consecutive port numbers, starting with the configured port for the remote 
packet capture sessions. Verify that you have four consecutive port numbers available. We 
recommend that if you do not use the default port, use a port number greater than 1024. 

When you are capturing traffic on the radio interface, you can disable beacon capture, but 
other 802.11 control frames are still sent to Wireshark. You can set up a display filter to show 
only:

Data frames in the trace

Traffic on specific Basic Service Set IDs (BSSIDs)

Traffic between two clients

Some examples of useful display filters are:

Exclude beacons and ACK/RTS/CTS frames:

!(wlan.fc.type_subtype  ==  8 | | wlan.fc.type == 1)

Data frames only: 

wlan.fc.type == 2

Traffic on a specific BSSID:

wlan.bssid ==  00:02:bc:00:17:d0

All traffic to and from a specific client:

wlan.addr == 00:00:e8:4e:5f:8e

In remote capture mode, traffic is sent to the computer running Wireshark through one of the 
network interfaces. Depending on the location of the Wireshark tool, the traffic can be sent on 
an Ethernet interface or one of the radios. To avoid a traffic flood caused by tracing the 
packets, the WAP device automatically installs a capture filter to filter out all packets destined 
to the Wireshark application. For example, if the Wireshark IP port is configured to be 58000, 
then this capture filter is automatically installed on the WAP device: 

Summary of Contents for Small Business WAP551

Page 1: ...Cisco Small Business WAP551 Wireless N Access Point with PoE and WAP561 Wireless N Selectable Band Access Point with PoE ADMINISTRATION GUIDE ...

Page 2: ... Network Interfaces 14 Traffic Statistics 15 WorkGroup Bridge Transmit Receive 16 Associated Clients 16 TSPEC Client Associations 18 TSPEC Status and Statistics 20 TSPEC AP Statistics 22 Radio Statistics 22 Email Alert Status 24 Log 24 Chapter 3 Administration 25 System Settings 26 User Accounts 26 Time Settings 28 Log Settings 30 Email Alert 32 HTTP HTTPS Service 35 Management Access Control 37 M...

Page 3: ...Port Settings 52 VLAN and IPv4 Address Settings 53 IPv6 Addresses 54 IPv6 Tunnel 56 Chapter 5 Wireless 58 Radio 58 Rogue AP Detection 66 Networks 69 Scheduler 81 Scheduler Association 83 Bandwidth Utilization 83 MAC Filtering 84 WDS Bridge 85 WorkGroup Bridge 89 Quality of Service 92 Chapter 6 System Security 105 RADIUS Server 105 802 1X Supplicant 107 Password Complexity 109 WPA PSK Complexity 11...

Page 4: ...twork Management Protocol 129 General SNMP Settings 129 Views 132 Groups 133 Users 135 Targets 136 Chapter 9 Captive Portal 138 Captive Portal Global Configuration 139 Instance Configuration 140 Instance Association 143 Web Portal Customization 143 Local Groups 147 Local Users 148 Authenticated Clients 149 Failed Authentication Clients 150 Chapter 10 Single Point Setup 152 Single Point Setup Overv...

Page 5: ...ess WAP121 and WAP321 Wireless N Access Point with PoE 4 Contents Wireless Neighborhood 165 Chapter A Deauthentication Message Reason Codes 168 Deauthentication Reason Code Table 168 Appendix B Where to Go From Here 170 ...

Page 6: ...plorer 7 0 or later Chrome 5 0 or later Firefox 3 0 or later Safari 3 0 or later Browser Restrictions If you are using Internet Explorer 6 you cannot directly use an IPv6 address to access the WAP device You can however use the Domain Name System DNS server to create a domain name that contains the IPv6 address and then use that domain name in the address bar in place of the IPv6 address When usin...

Page 7: ...s the WAP device from your browser Launching the Web Based Configuration Utility To open the web based AP configuration utility STEP 1 Open a web browser Enter the IP address of the WAP device that you are configuring in the address bar on the browser and then press Enter The Login page opens Login To find your IP address you can use the Cisco FindIT Network Discovery Utility This tool enables you...

Page 8: ...fault password is cisco STEP 3 Click Log In The Access Point Setup Wizard page opens If this is the first time that you logged on with the default user name cisco and the default password cisco or your password has expired the Change Admin Password page opens Enter the new password and confirm it click Apply and then click Close The new password is saved Then enter the user name cisco and the new ...

Page 9: ...r of the web based AP configuration utility Using the Access Point Setup Wizard The first time that you log into the WAP device or after it has been reset to the factory default settings the Access Point Setup Wizard appears to help you perform initial configurations Follow these steps to complete the wizard NOTE If you click Cancel to bypass the Wizard the Change Password page appears You can the...

Page 10: ...pears Access Point Setup Wizard IP Address STEP 2 Click Dynamic IP Address DHCP if you want the WAP device to receive an IP address from a DHCP server Or select Static IP Address to configure IP Address manually For a description of these fields see VLAN and IPv4 Address Settings STEP 3 Click Next The Single Point Setup Set a Cluster window appears For a description of Single Point Setup see Singl...

Page 11: ...ices they automatically join the group If you already have a cluster on your network you can add this device to it by clicking Join an Existing Cluster and then entering the Existing Cluster Name If you do not want this device to participate in a Single Point Setup at this time click Do not Enable Single Point Setup Optional You can enter text in the AP Location field to note the physical location...

Page 12: ...Access Point 11 1 Access Point Setup Wizard Time Settings STEP 6 Select your time zone and then set the system time manually or set up the WAP device to get its time from an NTP server For a description of these options see Time Settings STEP 7 Click Next The Enable Security Set Password window appears ...

Page 13: ...an uncheck the Password Complexity box if you wish to disable the password security rules However we strongly recommend keeping the password security rules enabled STEP 9 Click Next The Enable Security Name Your Wireless Network window appears for the Radio 1 interface NOTE For this window and the following two windows Wireless Security and VLAN ID you configure these settings for the Radio 1 inte...

Page 14: ...usiness WAP551 and WAP561 Wireless N Access Point 13 1 Access Point Setup Wizard Network Name STEP 10 Enter a Network Name This name serves as the SSID for the default wireless network STEP 11 Click Next The Enable Security Secure Your Wireless Network window appears ...

Page 15: ...ss N Access Point 14 1 Access Point Setup Wizard Wireless Security STEP 12 Choose a security encryption type and enter a security key For a description of these options see System Security STEP 13 Click Next The Wizard displays the Enable Security Assign the VLAN ID For Your Wireless Network window ...

Page 16: ...or traffic received on the wireless network It is suggested that you assign a different VLAN ID from the default 1 to wireless traffic in order to segregate it from management traffic on VLAN 1 STEP 15 Click Next STEP 16 For the WAP561 device the Network Name Wireless Security and VLAN ID pages show to enable configuring Radio 2 When finished with configuring Radio 2 click Next ...

Page 17: ...for guests on your network WAP321 only and click Next If you click No skip to STEP 25 If you click Yes the Wizard displays the Enable Captive Portal Name Your Guest Network window STEP 18 Specify a Guest Network Name for Radio 1 For the WAP561 device select whether the guest network uses Radio 1 or Radio 2 STEP 19 Click Next The Wizard displays the Enable Captive Portal Secure Your Guest Network w...

Page 18: ...cify a fully qualified domain name or IP address in the Redirect URL field including http If specified guest network users are redirected to the specified URL after authenticating STEP 25 Click Next The Wizard displays the Summary Confirm Your Settings window Access Point Setup Wizard Summary STEP 26 Review the settings that you configured Click Back to reconfigure one or more settings If you clic...

Page 19: ...ting Started Using the Access Point Setup Wizard Cisco Small Business WAP551 and WAP561 Wireless N Access Point 18 1 Access Point Setup Wizard Finish STEP 28 Click Finish The Getting Started window appears ...

Page 20: ...the default window every time you log into the web based AP configuration utility Getting Started Links on the Getting Started Page Category Link Name on the Page Linked Page Initial Setup Run Setup Wizard Using the Access Point Setup Wizard Configure Radio Settings Radio Configure Wireless Network Settings Networks Configure LAN Settings LAN Configure Single Point Setup Single Point Setup Device ...

Page 21: ...ccess Change Account Password User Accounts Upgrade Device Firmware Manage Firmware Backup Restore Configuration Download Backup Configuration File Other Resources Support A link to the Cisco WAP support site Forums A link to the Cisco Support Community site Wireless Planning Tool A link to Fluke networks AirMagnet Planner for Cisco Small Business Links on the Getting Started Page Continued Catego...

Page 22: ... select to expand and display the submenu of each group You can then select on the desired submenu item to open the associated page Navigation Pane Log Out Click to log out of the web based AP configuration utility About Click to show the WAP device type and version number Help Click to show the online help The online help is designed to be viewed with browsers using UTF 8 encoding If the online h...

Page 23: ...uttons Button Name Description Add Adds a new entry to the table or database Cancel Cancels the changes made to the page Clear All Clears all entries in the log table Delete Deletes an entry in a table Select an entry first Edit Edits or modifies an existing entry Select an entry first Refresh Redisplays the current page with the latest data Save Saves the settings or configuration Update Updates ...

Page 24: ...apter describes how to display status and statistics and contains these topics System Summary Network Interfaces Traffic Statistics WorkGroup Bridge Transmit Receive Associated Clients TSPEC Client Associations TSPEC Status and Statistics TSPEC AP Statistics Radio Statistics Email Alert Status Log ...

Page 25: ...ummary page shows basic information such as the hardware model description software version and the time that has elapsed since the last reboot To view system information select Status and Statistics System Summary in the navigation pane Or select System Summary under Device Status on the Getting Started page System Summary 121 321 ...

Page 26: ... Access Point 14 2 551 561 The System Summary page shows this information PID VID The WAP hardware model and version Serial Number The serial number of the Cisco WAP device Base MAC Address The WAP MAC address Firmware Version Active Image The firmware version number of the active image ...

Page 27: ...o this service on the WAP device All indicates that any IP address on the device can use this service Local Port The port number for the service Remote IP Address The IP address of a remote host if any that is using this service All indicates that the service is available to all remote hosts that access the system Remote Port The port number of any remote device communicating with this service Con...

Page 28: ...and status information about the wired and wireless interfaces To show the Network Interfaces page select Status and Statistics Network Interface in the navigation pane Network Interfaces The Network Interfaces page shows this information LAN Status These settings apply to the internal interface For the WAP321 the information indicates whether or not Green Ethernet mode is enabled ...

Page 29: ...devices WLAN0 or WLAN1 precedes the VAP interface ID to indicate the associated radio interface WLAN0 represents radio 1 and WLAN1 represents radio 2 If the VAP has been configured the table lists the SSID the administrative status up or down the MAC address of the radio interface the VLAN ID the name of any associated scheduler profile and the current state active or inactive The state indicates ...

Page 30: ...1 321 5xx The Traffic Statistics page shows summary data and statistics for traffic in each direction Network Interface Name of the Ethernet interface and each VAP and WDS interface On WAP561 devices WLAN0 and WLAN1 precede the VAP interface name to indicate the radio interface WLAN0 represents radio 1 and WLAN1 represents radio 2 ...

Page 31: ...ding and receiving data on this WAP device You can click Refresh to refresh the screen and show the most current information WorkGroup Bridge Transmit Receive The WorkGroup Bridge Transmit Receive page shows packet and byte counts for traffic between stations on a WorkGroup Bridge For information on configuring WorkGroup Bridges see WorkGroup Bridge To show the WorkGroup Bridge Transmit Receive pa...

Page 32: ...rk Total Bytes The total number of bytes bridged between the wired clients in the WorkGroup Bridge and the wireless network You can click Refresh to refresh the screen and show the most current information Associated Clients You can use the Associated Clients page to view the client stations associated with a particular access point To show the Associated Clients page select Status and Statistics ...

Page 33: ...ough the second layer of security From Station To Station For the From Station the counters indicate the packets or bytes received by the wireless client For the To Station the counters indicate the number of packets and bytes transmitted from the WAP device to the wireless client Packets Number of packets received transmitted from the wireless client Bytes Number of bytes received transmitted fro...

Page 34: ...er priority An example of a voice traffic stream is a Wi Fi CERTIFIED telephone handset that marks its codec generated data packets as voice priority traffic An example of a video traffic stream is a video player application on a wireless laptop that prioritizes a video conference feed from a corporate server To view TSPEC client association statistics select Status and Statistics TSPEC Client Ass...

Page 35: ...cess Point MAC address Statistics Network Interface Radio interface used by the client Station Client station MAC address TS Identifier TSPEC Traffic Session Identifier range 0 to 7 Access Category TS Access Category voice or video Direction The traffic direction for this TS Direction can be one of these options uplink From client to device downlink From device to client bidirectional From Station...

Page 36: ...nd Statistics The TSPEC Status and Statistics page provides this information Summary information about TSPEC sessions by radio Summary information about TSPEC sessions by VAP Real time transmit and receive statistics for the radio interface and the network interface s All of the transmit and receive statistics shown are totals since the WAP device was last started If you reboot the WAP device thes...

Page 37: ...o and VAP interfaces Network Interface Name of the Radio or VAP interface On WAP561 devices WLAN0 represents radio 1 and WLAN1 represents radio 2 Access Category Current Access Category associated with this Traffic Stream voice or video Status Whether the TSPEC session is enabled up or not down for the corresponding Access Category NOTE Status is a configuration status it does not necessarily repr...

Page 38: ...this Radio for the specified Access Category Total Bytes Total number of bytes received in the specified access category These statistics appear separately for the transmit and receive paths on the network interfaces VAPs Total Voice Packets Total number of TS voice packets sent in Transmit table or received in Received table by this WAP device for this VAP Total Voice Bytes Total TS voice bytes s...

Page 39: ...istics Summary for Video ACM The total number of accepted and the total number of rejected video traffic streams You can click Refresh to refresh the screen and show the most current information Radio Statistics You can use the Radio Statistics page to show packet level and byte level statistics for theeach wireless radio interface To view the Radio Statistics page select Status and Statistics Rad...

Page 40: ...WAP device that were dropped Packets Transmit Dropped Number of packets transmitted by the WAP device that were dropped Bytes Receive Dropped Number of bytes received by the WAP device that were dropped Bytes Transmit Dropped Number of bytes transmitted by the WAP device that were dropped Fragments Received Number of fragmented frames received by the WAP device Fragments Transmitted Number of frag...

Page 41: ...eceived in response to an RTS frame WEP Undecryptable Count Number of frames discarded because they could not be decrypted by the radio Frames can be discarded because the frame was not encrypted or it was encrypted with a privacy option not supported by the WAP device RTS Success Count Count of CTS frames received in response to an RTS frame Multiple Retry Count Number of times an MSDU is success...

Page 42: ...lures The range is an unsigned integer of 32 bits The default is 0 Time Last Email Sent The day date and time when the last email was sent You can click Refresh to show the most current information Log The Log page shows a list of system events that generated a log entry such as login attempts and configuration changes The log is cleared upon a reboot and can be cleared by an administrator Up to 5...

Page 43: ...he event occurred Severity Whether the event is due to an error err or is informational info Service The software component associated with the event Description A description of the event You can click Refresh to refresh the screen and show the most current information You can click Clear All to clear all entries from the log ...

Page 44: ...diagnostics It contains these topics System Settings User Accounts Time Settings Log Settings Email Alert HTTP HTTPS Service Telnet SSH Service Management Access Control UpgradeManage Firmware Firmware Recovery Download Backup Configuration File Configuration Files Properties Copy Save Configuration Reboot Discovery Bonjour Packet Capture Support Information ...

Page 45: ...igits of the MAC address of the WAP device Host Name labels can contain only letters digits and hyphens Host Name labels cannot begin or end with a hyphen No other symbols punctuation characters or blank spaces are permitted The Host Name can be 1 to 63 characters long System Contact A contact person for the WAP device The System Contact can be 0 to 255 characters long and can include spaces and s...

Page 46: ...lick Add A new row of text boxes appears STEP 3 Check the box for the new user and select Edit STEP 4 Enter a User Name between 1 to 32 alphanumeric characters Only numbers 0 to 9 and letters a to z upper or lower are allowed for user names STEP 5 Enter a New Password between 1 and 64 characters and then enter the same password in the Confirm New Password text box As you enter a password the numbe...

Page 47: ...em to have Read Write privileges The password for the user cisco can be changed STEP 2 Select the user to configure and click Edit STEP 3 Enter a New Password between 1 and 64 characters and then enter the same password in the Confirm New Password text box As you enter a password the number and color of vertical bars changes to indicate the password strength as follows Red The password fails to me...

Page 48: ...s The current system time appears at the top of the page along with the System Clock Source option To use NTP to have the WAP device automatically acquire its time settings STEP 1 For the System Clock Source field select Network Time Protocol NTP STEP 2 Configure these parameters NTP Server IPv4 IPv6 Address Name Specify the IPv4 address IPv6 address or hostname of an NTP server A default NTP serv...

Page 49: ...ion To manually configure the time settings STEP 1 For the System Clock Source field select Manually STEP 2 Configure these parameters System Date Select the current month day and year date from the drop down lists System Time Select the current hour and minutes in 24 hour clock format such as 22 00 00 for 10 p m Time Zone Select the time zone for your location STEP 3 Select Adjust Time for Daylig...

Page 50: ... saved in permanent memory You can also send logs to a remote host Configuring the Persistent Log Configuring the Persistent Log If the system unexpectedly reboots log messages can be useful to diagnose the cause However log messages are erased when the system reboots unless you enable persistent logging CAUTION Enabling persistent logging can wear out the flash nonvolatile memory and degrade netw...

Page 51: ...t an event must have for it to be written to the log in nonvolatile memory For example if you specify 2 critical then critical alert and emergency events are logged to nonvolatile memory Error messages with a severity level of 3 to 7 are written to volatile memory Depth The maximum number of messages up to 512 that can be stored in volatile memory When the number you configure in this field is rea...

Page 52: ...stname can consist of one or more labels which are sets of up to 63 alphanumeric characters If a hostname includes multiple labels each is separated by a period The entire series of labels and periods can be up to 253 characters long UDP Port The logical port number for the syslog process on the remote host The range is from 1 to 65535 The default port is 514 Using the default port is recommended ...

Page 53: ... not use your personal email address which would unnecessarily expose your personal email login credentials Use a separate email account instead Also be aware that many email accounts keep a copy of all sent messages by default Anyone with access to this email account has access to the sent messages Review your email settings to ensure that they are appropriate for the privacy policy of your busin...

Page 54: ... Name Enter the IP address or hostname of the outgoing SMTP server You can check with your email provider for the hostname The server address must be a valid IPv4 address or hostname The IPv4 address should be in a form similar to xxx xxx xxx xxx 192 0 2 10 A hostname can consist of one or more labels which are sets of up to 63 alphanumeric characters If a hostname includes multiple labels each is...

Page 55: ...ption TLSv1 Port 465 Username Your full email address you can use to login to your email account associated with the above server Password xxxxxxxx is a valid password of your valid email account To Email Address 1 myemail gmail com Windows Live Hotmail Windows Live Hotmail recommends the following settings Data Encryption TLSv1 SMTP Server smtp live com SMTP Port 587 Username Your full email addr...

Page 56: ... login 1457 root login on ttyp0 Sep 8 03 48 26 info mini_http ssl 1175 Max concurrent connections of 20 reached HTTP HTTPS Service Use the HTTP HTTPS Service page to enable and configure web based management connections If HTTPS is used for secure management sessions you also use the HTTP HTTPS Service page to manage the required SSL certificates Configuring HTTP and HTTPS Services Configuring HTT...

Page 57: ...r of web sessions including both HTTP and HTTPS that can be in use at the same time When a user logs on to the WAP device configuration utility a session is created This session is maintained until the user logs off or the Session Timeout expires The range is from 1 to 10 sessions The default is 5 If the maximum number of sessions is reached the next user who attempts to log on to the configuratio...

Page 58: ...ons from 1025 to 65535 The default port number for HTTP connections is the well known IANA port number 443 Redirect HTTP to HTTPS Redirects management HTTP access attempts on the HTTP port to the HTTPS port This field is available only when HTTP access is disabled STEP 4 Click Save The changes are saved to the Startup Configuration Managing SSL Certificates Managing SSL Certificates To use HTTPS s...

Page 59: ...upload a certificate file with a pem extension from your computer to the WAP device In the Upload SSL Certificate From PC to Device area select HTTP or TFTP for the Upload Method For HTTP browse to the network location select the file and click Upload For TFTP enter the File Name as it exists on the TFTP server and the TFTP Server IPv4 Address then click Upload The filename cannot contain the foll...

Page 60: ...ion utility If this feature is disabled anyone can access the configuration utility from any network client by supplying the correct WAP device username and password If the management ACL is enabled access through the web and SNMP is restricted to the specified IP hosts CAUTION Verify any IP address that you enter If you enter an IP address that does not match your Administrative computer you will...

Page 61: ...ware images One image is active and the other is inactive If the active image fails to load during bootup the inactive image is loaded and becomes the active image You can also swap the primary and secondary images As new versions of the WAP device firmware become available you can upgrade the firmware on your devices to take advantage of new features and enhancements The WAP device uses a TFTP or...

Page 62: ...rmware image switch and subsequent reboot STEP 3 Click OK to proceed The process may take several minutes during which time the access point is unavailable Do not power down the access point while the image switch is in process When the image switch is complete the access point restarts The AP resumes normal operation with the same configuration settings it had before the upgrade TFTP Upgrade TFTP...

Page 63: ...be a tar file Do not attempt to use bin files or files of other formats for the upgrade these types of files do not work The filename cannot contain the following items spaces and two or more successive periods STEP 4 Enter the TFTP Server IPv4 Address and click Upgrade Uploading the new software may take several minutes Do not refresh the page or navigate to another page while uploading the new s...

Page 64: ...view the active firmware version Firmware Recovery The WAP device has a firmware recovery feature that enables the restoration of a valid image on the WAP device after a failed download If the power goes down during an image download the WAP device might not be able to boot In this event although the image is not usable the boot loader file that loads the firmware image from flash memory to RAM sh...

Page 65: ...and later versions Internet Explorer 6 and later versions A Firmware Recovery page appears No authentication is required The web page shows the PIC VID product ID and vendor ID serial number and MAC address of the WAP device STEP 4 Select Browse and select a valid firmware image to download A progress bar appears while the file is downloading The following message appears upon a successful downloa...

Page 66: ... host or TFTP server to manually edit the content or create backups After you edit a backed up configuration file you can download it to the access point to modify the configuration The WAP device maintains these configuration files Startup Configuration The configuration file saved to flash memory Backup Configuration An additional configuration file saved on the WAP device for use as a backup Mi...

Page 67: ...S as the Transfer Method STEP 3 Select Backup AP to PC as the Save Action STEP 4 For a TFTP backup only enter the Destination File Name with an xml extension Also include the path where the file is to be placed on the server and then enter the TFTP Server IPv4 Address The filename cannot contain the following characters spaces and two or more successive periods STEP 5 For a TFTP backup only enter ...

Page 68: ...u can download a file to the WAP device to update the configuration or to restore the WAP device to a previously backed up configuration To download a configuration file to the WAP device STEP 1 Select Administration Download Backup Configuration File in the navigation pane STEP 2 Select Via TFTP or Via HTTP HTTPS as the Transfer Method STEP 3 Select Download PC to AP as the Save Action STEP 4 For...

Page 69: ...tup Configuration file the Backup Configuration file becomes active the next time that you reboot the WAP device To delete the Startup Configuration or Backup Configuration file STEP 1 Select Administration Configuration Files Properties in the navigation pane Configuration Files Properties STEP 2 Select the Startup Configuration or Backup Configuration file type STEP 3 Click Clear Files Copy Save...

Page 70: ...file type saved on the WAP device Mirror Configuration If the Startup Configuration is not modified for at least 24 hours it is automatically saved to a Mirror Configuration file The Mirror Configuration file is a snapshot of a past Startup Configuration The Mirror Configuration is preserved across factory resets so it can be used to recover a system configuration after a factory reset by copying ...

Page 71: ... reboot The current management session might be terminated STEP 3 Click OK to reboot Discovery Bonjour Bonjour enables the WAP device and its services to be discovered by using multicast DNS mDNS Bonjour advertises services to the network and answers queries for the service types that it supports simplifying network configuration in small business environments The WAP device advertises these servi...

Page 72: ...hanges are saved to the Startup Configuration Packet Capture The wireless packet capture feature enables capturing and storing packets received and transmitted by the WAP device The captured packets can then be analyzed by a network protocol analyzer for troubleshooting or performance optimization There are two methods of packet capture Local capture method Captured packets are stored in a file on...

Page 73: ...ck Administration Packet Capture to show the Packet Capture page From the Packet Capture page you can Configure packet capture parameters Start a local or remote packet capture View the current packet capture status Download a packet capture file Packet Capture Configuration Packet Capture Configuration The Packet Capture Configuration area enables you to configure parameters and initiate a packet...

Page 74: ...n the capture is active In promiscuous mode the radio receives all traffic on the channel including traffic that is not destined to this WAP device While the radio is operating in promiscuous mode it continues serving associated clients Packets not destined to the WAP device are not forwarded As soon as the capture is completed the radio reverts to nonpromiscuous mode operation Radio Client Filter...

Page 75: ...the parameters while the packet capture is running does not affect the current packet capture session To begin using new parameter values an existing packet capture session must be stopped and restarted Local Packet Capture Local Packet Capture To initiate a local packet capture STEP 1 Ensure that Local File is selected for the Packet Capture Method STEP 2 Configure these parameters Capture Interf...

Page 76: ...acket capture if one is active on the WAP device Current Capture Status Whether packet capture is running or stopped Packet Capture Time Elapsed capture time Packet Capture File Size The current capture file size Click Refresh to show the latest data from the WAP device NOTE To stop a packet file capture click Stop Capture Remote Packet Capture Remote Packet Capture The Remote Packet Capture featu...

Page 77: ...AP device The port range is from 1025 to 65530 STEP 5 If you want to save the settings for use at another time click Save STEP 6 Click Start Capture To initiate the Wireshark network analyzer tool for Microsoft Windows STEP 1 On the same computer initiate the Wireshark tool STEP 2 In the menu select Capture Options A popup window appears STEP 3 At Interface select Remote A popup window appears STE...

Page 78: ...ffic on the radio interface you can disable beacon capture but other 802 11 control frames are still sent to Wireshark You can set up a display filter to show only Data frames in the trace Traffic on specific Basic Service Set IDs BSSIDs Traffic between two clients Some examples of useful display filters are Exclude beacons and ACK RTS CTS frames wlan fc type_subtype 8 wlan fc type 1 Data frames o...

Page 79: ...ion of the captured frames tends to be beacons typically sent every 100 ms by all APs Although Wireshark supports a display filter for beacon frames it does not support a capture filter to prevent the WAP device from forwarding captured beacon packets to the Wireshark tool To reduce the performance impact of capturing the 802 11 beacons disable the capture beacons mode Packet Capture File Download...

Page 80: ...ailed configuration information about the AP The file includes software and hardware version information MAC and IP addresses the administrative and operational status of features user configured settings traffic statistics and more You can provide the text file to technical support personnel to assist them in troubleshooting problems To show the Support Information page select Administration Supp...

Page 81: ...k and clock settings of the WAP devices It includes these topics Port Settings VLAN and IPv4 Address Settings IPv6 Addresses IPv6 Tunnel Port Settings The Port Settings page enables you to view and configure settings for the port that physically connects the WAP device to a local area network To view and configure LAN settings ...

Page 82: ...tonegotiation is disabled select a Port Speed 10 100 Mb s for the WAP121 and 10 100 1000 Mb s for the WAP321 and the duplex mode Half or Full duplex STEP 4 Enable or disable the Green Ethernet Mode When enabled the WAP device automatically enters a low power mode when energy on the line is lost and it resumes normal operation when energy is detected STEP 5 Enable or disable Green Ethernet Mode WAP...

Page 83: ...s the MAC address of the LAN interface port This field is read only STEP 2 Configure these Global Settings Untagged VLAN Enables or disables VLAN tagging When enabled the default all traffic is tagged with a VLAN ID By default all traffic on the access point uses VLAN 1 the default untagged VLAN This means that all traffic is untagged until you disable the untagged VLAN change the untagged traffic...

Page 84: ...t disable the DHCP client and manually configure the IP address and other network information Select one of these values from the list DHCP The WAP device acquires its IP address from a DHCP server on the LAN Static IP You manually configure the IPv4 address The IPv4 address should be in a form similar to xxx xxx xxx xxx 192 0 2 10 Static IP Address Subnet Mask and Default Gateway If you elected t...

Page 85: ...he IPv6 address should be in a form similar to xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx 2001 DB8 CAD5 7D91 IPv6 Administration Mode Enables IPv6 management access IPv6 Auto Configuration Administration Mode Enables IPv6 automatic address configuration on the WAP device When enabled the WAP device learns its IPv6 addresses and gateway by processing the Router Advertisements received on the LAN port ...

Page 86: ...6 Link Local Address The IPv6 address used by the local physical link The link local address is not configurable and is assigned by using the IPv6 Neighbor Discovery process Default IPv6 Gateway The statically configured default IPv6 gateway IPv6 DNS Nameservers Select one of the following values Dynamic The DNS name servers are learned dynamically through DHCPv6 Manual You specify up to two IPv6 ...

Page 87: ...the ISATAP router the IPv6 packets are encapsulated into IPv4 packets by the ISATAP router To configure an IPv6 tunnel using ISATAP STEP 1 Select LAN IPv6 Tunnel in the navigation area IPv6 Tunnel STEP 2 Configure the following parameters ISATAP Status Enables or disables the administrative mode of ISATAP on the WAP device ISATAP Capable Host The IP address or DNS name of the ISATAP router The def...

Page 88: ...Access Point 59 4 STEP 3 Click Save The settings are saved to the Startup Configuration When the tunnel is established the ISATAP IPv6 Link Local Address and ISATAP IPv6 Global Address show on the page These are the virtual IPv6 interface addresses to the IPv4 network ...

Page 89: ...these topics Radio Rogue AP Detection Networks Scheduler Scheduler Association Bandwidth Utilization MAC Filtering WDS Bridge WorkGroup Bridge Quality of Service Radio Radio settings directly control the behavior of the radio in the WAP device and its interaction with the physical medium that is how and what type of signal the WAP device emits To configure radio settings ...

Page 90: ...e reporting occurs through the system log and SNMP traps Enter a time from 0 to 900 seconds The default is 300 seconds STEP 3 In the Basic Settings area configure these settings NOTE Local regulations may prohibit the use of certain radio modes Not all modes are available in all countries Radio Turns on or off the radio interface By default the radio is off MAC Address The Media Access Control MAC...

Page 91: ...n the radio mode includes 802 11n the channel bandwidth is set to 20 40 MHz to enable both channel widths Set the field to 20 MHz to restrict the use of the channel bandwidth to a 20 MHz channel Primary Channel 802 11n modes with 20 40 MHz bandwidth only A 40 MHz channel can be considered to consist of two 20 MHz channels that are contiguous in the frequency domain These two 20 MHz channels are of...

Page 92: ...o support the short guard interval Yes is the default selection No The WAP device transmits data using an 800 nanosecond guard interval Protection The protection feature contains rules to guarantee that 802 11 transmissions do not cause interference with legacy stations or applications By default protection is enabled Auto With protection enabled protection is invoked if legacy devices are within ...

Page 93: ...h is the default effectively disables fragmentation Fragmentation involves more overhead both because of the extra work of dividing up and reassembling of frames it requires and because it increases message traffic on the network However fragmentation can help improve network performance and reliability if properly configured Sending smaller frames by using lower fragmentation threshold might help...

Page 94: ...minimum transmit power requirements Frame burst Support Generally enabling Frame burst support improves the radio performance in the downstream direction Fixed Multicast Rate The transmission rate in Mbps for broadcast and multicast packets This setting can be useful in an environment where wireless multicast video streaming occurs provided the wireless clients are capable of handling the configur...

Page 95: ...e limit setting is 50 packets per second Rate Limit Burst An amount of traffic measured in bytes which is allowed to pass as a temporary burst even if it is above the defined maximum rate The default and maximum rate limit burst setting is 75 packets per second TSPEC Mode Regulates the overall TSPEC mode on the WAP device By default TSPEC mode is off The options are On The WAP device handles TSPEC...

Page 96: ...it on the amount of traffic that the WAP device attempts to transmit on the wireless medium using a video AC to gain access The default limit is 15 percent of total traffic TSPEC AP Inactivity Timeout The amount of time for a WAP device to detect a downlink traffic specification as idle before deleting it The valid integer range is from 0 to 120 seconds and the default is 30 seconds TSPEC Station ...

Page 97: ...ies to access the network The WAP device performs an RF scan on all channels to detect all APs in the vicinity of the network If rogue APs are detected they are shown on the Rogue AP Detection page If an AP listed as a rogue is legitimate you can add it to the Known AP List NOTE The Detected Rogue AP List and Trusted AP List provide information that you can use to take further action The AP does n...

Page 98: ...out detected and trusted rogue access points appears You can click Refresh to refresh the screen and show the most current information Action If the AP is in the Detected Rogue AP List you can click Trust to move the AP to the Trusted AP List If the AP is in the Trusted AP list you can click Untrust to move the AP to the Detected Rogue AP List NOTE The Detected Rogue AP List and Trusted AP List pr...

Page 99: ... alphanumeric string of up to 32 characters that uniquely identifies a wireless local area network It is also referred to as the Network Name Privacy Indicates whether there is any security on the rogue device Off indicates that the Security mode on the rogue device is set to None no security On indicates that the rogue device has some security in place NOTE You can use the Networks page to config...

Page 100: ...nfigured on the Radio page Creating and Saving a Trusted AP List Creating and Saving a Trusted AP List To create a Trusted AP List and save it to a file STEP 1 In the Detected Rogue AP List click Trust for APs that are known to you The Trusted APs move to the Trusted AP List STEP 2 In the Download Backup Trusted AP List area select Backup AP to PC STEP 3 Click Save The list contains the MAC addres...

Page 101: ...shown in the Known AP List STEP 4 Click Save When the import is complete the screen refreshes and the MAC addresses of the APs in the imported file appear in the Known AP List Networks Virtual Access Points VAPs segment the wireless LAN into multiple broadcast domains that are the wireless equivalent of Ethernet VLANs VAPs simulate multiple access points in one physical WAP device Each VAP can be ...

Page 102: ...are not permitted NOTE This means that spaces are allowed within the SSID but not as the first or last character and the period ASCII 0x2E is also allowed VLAN IDs VLAN IDs Each VAP is associated with a VLAN which is identified by a VLAN ID VID A VID can be any value from 1 to 4094 inclusive The support active VLANs for WLAN plus one management VLAN By default the VID assigned to the configuration...

Page 103: ...associates wireless clients with an improperly configured VLAN When a wireless client connects to the WAP device by using this VAP the WAP device tags all traffic from the wireless client with the VLAN ID you enter in this field unless you enter the port VLAN ID or use a RADIUS server to assign a wireless client to a VLAN The range for the VLAN ID is from 1 to 4094 NOTE If you change the VLAN ID t...

Page 104: ...nencrypted traffic Suppressing the SSID broadcast offers a very minimal level of protection on an otherwise exposed network such as a guest network where the priority is to make it easy for clients to get a connection and where no sensitive information is available Security The type of authentication required for access to the VAP None Static WEP Dynamic WEP WPA Personal WPA Enterprise If you sele...

Page 105: ...n CAUTION After new settings are saved the corresponding processes may be stopped and restarted When this happens the WAP device may lose connectivity We recommend that you change WAP device settings when a loss of connectivity will least affect your wireless clients NOTE To delete a VAP select the VAP and click Delete To save your deletion permanently click Save when complete Configuring Security...

Page 106: ...alled RC4 These parameters configure Static WEP Transfer Key Index A key index list Key indexes 1 through 4 are available The default is 1 The Transfer Key Index indicates which WEP key the WAP device uses to encrypt the data it transmits Key Length The length of the key Select one 64 bits 128 bits Key Type The key type Select one ASCII Hex WEP Keys You can specify up to four WEP keys In each text...

Page 107: ...o associate does not ensure it can exchange traffic with an WAP device A station must have the correct WEP key to be able to successfully access and decrypt data from the WAP device and to transmit readable data to the WAP device Shared Key authentication requires the client station to have the correct WEP key in order to associate with the WAP device When the authentication algorithm is set to Sh...

Page 108: ...ver an IEEE 802 11 wireless network using a protocol called EAP Encapsulation Over LANs EAPOL IEEE 802 1X provides dynamically generated keys that are periodically refreshed An RC4 stream cipher is used to encrypt the frame body and cyclic redundancy checking CRC of each 802 11 frame This mode requires the use of an external RADIUS server to authenticate users The WAP device requires a RADIUS serv...

Page 109: ... CAD5 7D91 Server IP Address 2 to 4 or Server IPv6 Address 2 to 4 Up to three IPv4 or IPv6 backup RADIUS server addresses If authentication fails with the primary server each configured backup server is tried in sequence Key The shared secret key that the WAP device uses to authenticate to the primary RADIUS server You can use up to 63 standard alphanumeric and special characters The key is case s...

Page 110: ...is security mode is backwards compatible for wireless clients that support the original WPA These parameters configure WPA Personal WPA Versions The types of client stations to be supported WP TKIP The network has some client stations that only support original WPA and TKIP security protocol Note that selecting only WPA TKIP for the access point is not allowed as per the latest WiFi Alliance requi...

Page 111: ...86400 seconds A value of 0 indicates that the broadcast key is not refreshed WPA Enterprise WPA Enterprise WPA Enterprise with RADIUS is an implementation of the Wi Fi Alliance IEEE 802 11i standard which includes CCMP AES and TKIP encryption The Enterprise mode requires the use of a RADIUS server to authenticate users This security mode is backwards compatible with wireless clients that support t...

Page 112: ...x and enter the RADIUS server IP address and key in these fields Server IP Address Type The IP version that the RADIUS server uses You can toggle between the address types to configure IPv4 and IPv6 global RADIUS address settings but the WAP device contacts only the RADIUS server or servers for the address type that you select in this field Server IP Address 1 or Server IPv6 Address 1 The address ...

Page 113: ... VAP The default is 300 seconds The valid range is from 0 to 86400 seconds A value of 0 indicates that the broadcast key is not refreshed Session Key Refresh Rate The interval at which the WAP device refreshes session unicast keys for each client associated with the VAP The valid range is from 0 to 86400 seconds A value of 0 indicates that the session key is not refreshed Scheduler The Radio and V...

Page 114: ... default it is disabled The Scheduler Operational Status area indicates the current operation status of the Scheduler Status The operational status of the Scheduler The range is Up or Down The default is Down Reason The reason for the scheduler operational status Possible values are IsActive The scheduler is administratively enabled Administrative Mode is disabled Operational status is down becaus...

Page 115: ... a Profile Name list STEP 2 Click Add Rule The new rule shows in the rule table STEP 3 Check the box next to the Profile Name and click Edit STEP 4 From the Day of the Week menu select the recurring schedule for the rule You can configure the rule to occur daily each weekday each weekend day Saturday and Sunday or any single day of the week STEP 5 Set the start and end times Start Time The time wh...

Page 116: ...terface to be effective By default there are no Scheduler profiles created and no profile is associated with any radio or VAP Only one Scheduler profile can be associated with the WLAN interface or each VAP A single profile can be associated with multiple VAPs If the Scheduler profile associated with a VAP or the WLAN interface is deleted then the association is removed Scheduler Association 121 3...

Page 117: ...the WLAN interface or a VAP select the profile from the Profile Name list The Interface Operational Status column shows whether the interface is currently enabled or disabled STEP 3 Click Save The changes are saved to the Startup Configuration Bandwidth Utilization Use the Bandwidth Utilization page to configure how much of the radio bandwidth can be used before the WAP device stops allowing new c...

Page 118: ...nt When set to 0 all new associations are allowed regardless of the utilization rate STEP 4 Click Save The changes are saved to the Startup Configuration NOTE After new settings are saved the corresponding processes may be stopped and restarted When this happens the WAP device may lose connectivity We recommend that you change WAP device settings when a loss of connectivity will least affect your ...

Page 119: ... Filtering STEP 2 Select how the WAP device uses the filter list Allow only stations in the list Any station that is not in the Stations List is denied access to the network through the WAP device Block all stations in list Only the stations that appear in the list are denied access to the network through the WAP device All other stations are permitted access NOTE The filter setting also applies t...

Page 120: ...structure by reducing the amount of cabling required You can configure the WAP device in point to point or point to multipoint bridge mode based on the number of links to connect In the point to point mode the WAP device accepts client associations and communicates with wireless clients and other repeaters The WAP device forwards all traffic meant for the other network over the tunnel that is esta...

Page 121: ...se guidelines All Cisco WAP devices participating in a WDS link must have the following identical settings Radio IEEE 802 11 Mode Channel Bandwidth Channel Auto is not recommended NOTE When operating bridging in the 802 11n 2 4 GHz band set the Channel Bandwidth to 20 MHz rather than the default 20 40 MHz In the 2 4 GHz 20 40 MHz band the operating bandwidth can change from 40 MHz to 20 MHz if any...

Page 122: ...Wireless WDS Bridge Cisco Small Business WAP551 and WAP561 Wireless N Access Point 91 5 STEP 1 Select Wireless WDS Bridge in the navigation pane WDS Bridge 121 321 ...

Page 123: ...ess on the Status and Statistics Network Interface page Encryption The type of encryption to use on the WDS link it does not have to match the VAP you are bridging The WDS Encryption settings are unique to the WDS bridge The options are none WEP and WPA Personal If you are unconcerned about security issues on the WDS link you may decide not to set any type of encryption Alternatively if you have s...

Page 124: ...e encryption type Key Length If WEP is enabled specify the length of the WEP key as 64 bits or 128 bits Key Type If WEP is enabled specify the WEP key type ASCII or Hex WEP Key If you selected ASCII enter any combination of 0 to 9 a to z and A to Z If you selected Hex enter hexadecimal digits any combination of 0 to 9 and a to f or A to F These are the RC4 encryption keys shared with the stations ...

Page 125: ...Bridge mode is enabled the WAP device supports only one BSS for wireless clients that associate with it and another BSS with which the WAP device associates as a wireless client It is recommended that WorkGroup Bridge mode be used only when the WDS bridge feature cannot be operational with a peer WAP device WDS is a better solution and is preferred over the WorkGroup Bridge solution When the WorkG...

Page 126: ...note these guidelines All WAP devices participating in WorkGroup Bridge must have the following identical settings Radio IEEE 802 11 Mode Channel Bandwidth Channel Auto is not recommended See Radio Basic Settings for information on configuring these settings WorkGroup Bridge mode currently supports only IPv4 traffic WorkGroup Bridge mode is not supported across a Single Point Setup It is not recom...

Page 127: ...Wireless WorkGroup Bridge Cisco Small Business WAP551 and WAP561 Wireless N Access Point 96 5 STEP 1 Select Wireless WorkGroup Bridge in the navigation pane WorkGroup Bridge 121 321 551 561 ...

Page 128: ...rastructure Client Interface will be associated with the upstream WAP device with the configured credentials The WAP device may obtain its IP address from a DHCP server on the upstream link Alternatively you can assign a static IP address The Connection Status field indicates whether the WAP is connected to the upstream WAP device You can click the Refresh button at the top of the page to view the...

Page 129: ... changes are saved to the Startup Configuration The associated downstream clients now have connectivity to the upstream network Quality of Service The quality of service QoS settings provide you with the ability to configure transmission queues for optimized throughput and better performance when handling differentiated wireless traffic such as Voice over IP VoIP other types of audio video streami...

Page 130: ...Wireless Quality of Service Cisco Small Business WAP551 and WAP561 Wireless N Access Point 99 5 Select Wireless QoS in the navigation pane QoS 121 321 ...

Page 131: ...evice and Station EDCA parameters with values that are best for voice traffic Custom Enables you to choose custom EDCA parameters These four queues are defined for different types of data transmitted from WAP to station If you choose a Custom template the parameters that define the queues are configurable otherwise they are set to predefined values appropriate to your selection The four queues are...

Page 132: ...ackoff wait time is determined The first random number generated is a number between 0 and the number specified here If the first random backoff wait time expires before the data frame is sent a retry counter is incremented and the random backoff value window is doubled Doubling continues until the size of the random backoff value reaches the number defined in the Maximum Contention Window Valid v...

Page 133: ...t some parameters on the downstream traffic flowing from the WAP device to the client station AP EDCA parameters TXOP Limit Station only The TXOP Limit is a station EDCA parameter and only applies to traffic flowing from the client station to the WAP device The Transmission Opportunity TXOP is an interval of time in milliseconds when a WME client station has the right to initiate transmissions ont...

Page 134: ...Wireless Quality of Service Cisco Small Business WAP551 and WAP561 Wireless N Access Point 103 5 ...

Page 135: ...Wireless Quality of Service Cisco Small Business WAP551 and WAP561 Wireless N Access Point 104 5 ...

Page 136: ... server to authenticate clients The MAC address filtering feature where client access is restricted to a list may also be configured to use a RADIUS server to control access The Captive Portal feature also uses RADIUS to authenticate clients You can use the Radius Server page to configure the RADIUS servers that are used by these features You can configure up to four globally available IPv4 or IPv...

Page 137: ...6 Address 1 The addresses for the primary global RADIUS server When the first wireless client tries to authenticate with the WAP device the device sends an authentication request to the primary server If the primary server responds to the authentication request the WAP device continues to use this RADIUS server as the primary server and authentication requests are sent to the address specified Ser...

Page 138: ...tted and received and so on If you enable RADIUS accounting it is enabled for the primary RADIUS server and all backup servers STEP 3 Click Save The changes are saved to the Startup Configuration 802 1X Supplicant IEEE 802 1X authentication enables the access point to gain access to a secured wired network You can enable the access point as an 802 1X supplicant client on the wired network A user n...

Page 139: ...1X Supplicant in the navigation pane STEP 2 Click Refresh to update the Certificate file status STEP 3 Enter the parameters Administrative Mode Enables the 802 1X supplicant functionality EAP Method The algorithm to be used for encrypting authentication user names and passwords MD5 A hash function defined in RFC 3748 that provides basic security PEAP Protected Extensible Authentication Protocol wh...

Page 140: ...tarted When this happens the WAP device may lose connectivity We recommend that you change WAP device settings when a loss of connectivity will least affect your wireless clients The Certificate File Status area shows whether a current certificate exists Certificate File Present Indicates whether the HTTP SSL Certificate file is present The field shows Yes if it is present The default setting is N...

Page 141: ...racter Class The minimum number of character classes that must be represented in the password string The four possible character classes are uppercase letters lowercase letters numbers and special characters available on a standard keyboard Password Different From Current Select to have users enter a different password when their current password expires If not selected users can reenter the same ...

Page 142: ...cess More complex keys provide increased security To configure WPA PSK complexity STEP 1 Select System Security WPA PSK Complexity in the navigation pane WPA PSK Complexity STEP 2 Click Enable for the WPA PSK Complexity setting to enable the WAP device to check WPA PSK keys against the criteria you configure If you uncheck the box none of these settings are used WPA PSK Complexity is disabled by d...

Page 143: ...rent key expires Maximum WPA PSK Length The maximum key length in number of characters is from 32 to 63 The default is 63 Minimum WPA PSK Length The minimum key length in number of characters is from 8 to 16 The default is 8 Check the box to make the field editable and to activate this requirement STEP 4 Click Save The changes are saved to the Startup Configuration ...

Page 144: ... such as HTTP traffic or traffic from a specific subnet you can configure ACLs and assign them to one or more VAPs In addition to controlling general traffic categories Client QoS allows you to configure per client conditioning of various micro flows through Differentiated Services DiffServ DiffServ policies are a useful tool for establishing general micro flow definition and treatment characteris...

Page 145: ...ter the parameters Client QoS Mode Enables or disables QoS operation on the VAP QoS must be enabled globally and on the VAP for the client QoS settings to be applied to wireless clients Bandwidth Limit Down The maximum allowed transmission rate from the AP to the wireless client in bits per second The valid range is 0 4294967295 bps A non zero configured value is rounded down to the nearest 64 Kbp...

Page 146: ...are checked for a match The packet or frame is transmitted if it is permitted and discarded if it is denied ACL Type Up The type of ACL to apply to traffic in the inbound up direction which can be one of the following IPv4 The ACL examines IPv4 packets for matches to ACL rules IPv6 The ACL examines IPv6 packets for matches to ACL rules MAC The ACL examines Layer 2 frames for matches to ACL rules A...

Page 147: ...nauthorized users and allowing authorized users to access specific resources ACLs can block any unwarranted attempts to reach network resources The WAP device supports up to 50 IPv4 IPv6 and MAC ACLs IPv4 and IPv6 ACLs IPv4 and IPv6 ACLs IP ACLs classify traffic for Layers 3 and 4 Each ACL is a set of up to 10 rules applied to traffic sent or received by the WAP device Each rule specifies whether ...

Page 148: ... content of the frame If any of the rules match the content a permit or deny action is taken on the frame Configuring ACLs Configuring ACLs Configure ACLs and rules on the ACL Configuration page and then apply the rules to a specified VAP These steps give a general description of how to configure ACLs STEP 1 Select Client QoS ACL in the navigation pane STEP 2 Specify a name for the ACL STEP 3 Sele...

Page 149: ...L Name A name to identify the ACL The ACL name can include from 1 to 31 alphanumeric characters and the following special characters hyphen underscore backslash and colon Spaces are not allowed ACL Type The type of ACL to configure IPv4 IPv6 MAC IPv4 and IPv6 ACLs control access to network resources based on Layer 3 and Layer 4 criteria MAC ACLs control access based on Layer 2 criteria STEP 3 Clic...

Page 150: ...r the selected ACL If rules already exist even if created for use with other ACLs you can select the rule number to add the rule to the selected ACL or to modify the rule When an ACL has multiple rules the rules are applied to the packet or frame in the order in which you add them to the ACL There is an implicit deny all rule as the final rule Action Whether the ACL rule permits or denies an actio...

Page 151: ...ese options Select From List Select one of these protocols IP ICMP IGMP TCP or UDP Match to Value Enter a standard IANA assigned protocol ID from 0 to 255 Choose this method to identify a protocol not listed by name in the Select From List Source IP Address Requires a packet s source IP address to match the address listed here Enter an IP address in the appropriate field to apply this criteria Wil...

Page 152: ...ource IP Address is selected A wildcard mask is basically the inverse of a subnet mask For example to match the criteria to a single host address use a wildcard mask of 0 0 0 0 To match the criteria to a 24 bit subnet for example 192 168 10 0 24 use a wildcard mask of 0 0 0 255 Destination Port Includes a destination port in the match condition for the rule The destination port is identified in th...

Page 153: ...ued bits in the IP TOS Mask denote the bit positions in the IP TOS Bits value that are used for comparison against the IP TOS field of a packet For example to check for an IP TOS value having bits 7 and 5 set and bit 1 clear where bit 7 is most significant use an IP TOS Bits value of 0 and an IP TOS Mask of 00 For IPv6 ACLs configure these parameters Protocol Select the Protocol field to use a Lay...

Page 154: ...et frame Select an EtherType keyword or enter an EtherType value to specify the match criteria Select from List Select one of these protocol types appletalk arp ipv4 ipv6 ipx netbios pppoe Match to Value Enter a custom protocol identifier to which packets are matched The value is a four digit hexadecimal number in the range of 0600 to FFFF Class of Service Select this field and enter an 802 1p use...

Page 155: ...Map The Client QoS feature contains Differentiated Services DiffServ support that allows traffic to be classified into streams and given a certain QoS treatment in accordance with defined per hop behaviors Standard IP based networks are designed to provide best effort data delivery service Best effort service implies that the network delivers the data in a timely fashion although there is no guara...

Page 156: ...e navigation pane Class Map STEP 2 Enter a Class Map Name The name can include from 1 to 31 alphanumeric characters and the following special characters hyphen underscore backslash and colon Spaces are not allowed STEP 3 Select a value from the Match Layer 3 Protocol list IPv4 The class map applies only to IPv4 traffic on the WAP device IPv6 The class map applies only to IPv6 traffic on the WAP de...

Page 157: ...Use the fields in the Match Criteria Configuration area to match packets to a class Select the check box for each field to be used as a criterion for a class and enter data in the related field You can have multiple match criteria in a class The match criteria fields that are available depend on whether the class map is an IPv4 or IPv6 class map Defining a Class Map Defining a Class Map To configu...

Page 158: ...ress to match the address listed here Check the box and enter an IP address Source IP Mask IPv4 only The source IP address mask The mask for DiffServ is a network style bit mask in IP dotted decimal format indicating which part s of the destination IP address to use for matching against packet content A DiffServ mask of 255 255 255 255 indicates that all bits are important and a mask of 0 0 0 0 in...

Page 159: ... port name or enter the port number Select From List Matches a keyword associated with the source port ftp ftpdata http smtp snmp telnet tftp www Each of these keywords translates into its equivalent port number Match to Port Matches the source port number in the datagram header to an IANA port number that you specify The port range is from 0 to 65535 and includes three different types of ports 0 ...

Page 160: ...mpare against an Ethernet frame For each bit position in the MAC mask a 0 indicates that the corresponding address bit is significant and a 1 indicates that the address bit is ignored For example to check only the first four octets of a MAC address a MAC mask of 00 00 00 00 ff ff is used A MAC mask of 00 00 00 00 00 00 checks all address bits and is used to match a single MAC address Destination M...

Page 161: ...t the IP Precedence value The high order six bits represent the IP Differentiated Services Code Point DSCP value STEP 3 Click Save The changes are saved to the Startup Configuration NOTE To delete a class map select it in the Class Map Name list and click Delete The class map cannot be deleted if it is already attached to a policy Policy Map Packets are classified and processed based on defined cr...

Page 162: ...icy Class Definition area ensure that the newly created policy map shows in the Policy Map Name list STEP 5 In the Class Map Name list select the class map to apply this policy STEP 6 Configure the parameters Police Simple Establishes the traffic policing style for the class The simple form of the policing style uses a single data rate and burst size resulting in two outcomes conform and nonconfor...

Page 163: ...he value is an integer between 0 to 63 Mark IP Precedence Marks all packets for the associated traffic stream with the specified IP precedence value The IP precedence value is an integer from 0 to 7 Disassociate Class Map Removes the class selected in the Class Map Name list from the policy selected in the Policy Map Name list Member Classes Lists all DiffServ classes currently defined as members ...

Page 164: ...f various micro flows through Differentiated Services DiffServ DiffServ policies are a useful tool for establishing general micro flow definition and treatment characteristics that can be applied to each wireless client both inbound and outbound when it is authenticated on the network To configure client QoS association parameters STEP 1 Select Client QoS Client QoS Association in the navigation p...

Page 165: ...ionality on the selected VAP Bandwidth Limit Down The maximum allowed transmission rate from the WAP device to the client in bits per second bps The valid range is from 0 to 300 Mbps Bandwidth Limit Up The maximum allowed transmission rate from the client to the WAP device in bits per second bps The valid range is from 0 to 300 Mbps ACL Type Down The type of ACL to apply to traffic in the outbound...

Page 166: ... of the ACL applied to traffic entering the WAP device in the inbound direction When a packet or frame is received by the WAP device the ACL s rules are checked for a match The packet or frame is processed if it is permitted and discarded if it is denied DiffServ Policy Down The name of the DiffServ policy applied to traffic from the WAP device in the outbound WAP to client direction DiffServ Poli...

Page 167: ...bits per second bps The valid range is from 0 to 4294967295 bps Bandwidth Limit Up The maximum allowed transmission rate from the client to the WAP device in bits per second bps The valid range is from 0 to 4294967295 bps ACL Type Up The type of ACL that is applied to traffic in the inbound client to WAP direction which can be one of these options IPv4 The ACL examines IPv4 packets for matches to ...

Page 168: ...he name of the ACL applied to traffic in the outbound direction After switching the packet or frame to the outbound interface the ACL rules are checked for a match The packet or frame is transmitted if it is permitted and discarded if it is denied DiffServ Policy Up The name of the DiffServ policy applied to traffic sent to the WAP device in the inbound client to WAP direction DiffServ Policy Down...

Page 169: ...ilitates network management troubleshooting and maintenance The WAP device supports SNMP versions 1 2 and 3 Unless specifically noted all configuration parameters apply to SNMPv1 and SNMPv2c only Key components of any SNMP managed network are managed devices SNMP agents and a management system The agents store data about their devices in Management Information Bases MIBs and return this data to th...

Page 170: ...for SNMP traffic By default an SNMP agent listens only to requests from port 161 However you can configure this so that the agent listens to requests on a different port The valid range is from 1025 to 65535 STEP 4 Configure the SNMPv2 settings Read only Community A read only community name for SNMPv2 access The valid range is 1 to 256 alphanumeric and special characters The community name acts as...

Page 171: ...ommunity names this setting provides a level of security on SNMP settings The SNMP agent only accepts requests from the IP address hostname or subnet specified here To specify a subnet enter one or more subnetwork address ranges in the form address mask_length where address is an IP address and mask_length is the number of mask bits Both formats address mask and address mask_length are supported F...

Page 172: ...ddress Type IPv4 or IPv6 before adding the Hostname IP Address An example of a DNS hostname is snmptraps foo com Because SNMP traps are sent randomly from the SNMP agent it makes sense to specify where exactly the traps should be sent You can have a maximum of three DNS hostnames Ensure that you select the Enabled check box and select the appropriate Host IP Address Type Also see the note about ho...

Page 173: ...ame that identifies the MIB view View names can contain up to 32 alphanumeric characters Type Choose whether to include or exclude the view subtree or family of subtrees from the MIB view OID Enter an OID string for the subtree to include or exclude from the view For example the system subtree is specified by the OID string 1 3 6 1 2 1 1 Mask Enter an OID mask The mask is 47 characters in length T...

Page 174: ... view to a group for read or write access separately By default the WAP device has two groups RO A read only group using authentication and data encryption Users in this group use an MD5 key password for authentication and a DES key password for encryption Both the MD5 and DES key passwords must be defined By default users of this group have read access to the default all MIB view RW A read write ...

Page 175: ...oPrivacy No authentication and no data encryption no security Authentication noPrivacy Authentication but no data encryption With this security level users send SNMP messages that use an MD5 key password for authentication but not a DES key password for encryption Authentication Privacy Authentication and data encryption With this security level users send an MD5 key password for authentication an...

Page 176: ...p either from the predefined or user defined groups and optionally is configured for authentication and encryption For authentication only the MD5 type is supported For encryption only the DES type is supported There are no default SNMPv3 users on the WAP device and you can add up to eight users SNMP Users To add SNMP users STEP 1 Select SNMP Users in the navigation pane STEP 2 Click Add to create...

Page 177: ...S Use DES encryption on SNMPv3 requests from the user None SNMPv3 requests from this user require no privacy Encryption Pass Phrase If you specify DES as the privacy type A pass phrase to use to encrypt the SNMP requests The pass phrase must be between 8 and 32 characters in length STEP 5 Click Save The user is added to the SNMPv3 Users list and your changes are saved to the Startup Configuration ...

Page 178: ...lick Edit STEP 4 Configure the parameters IP Address Enter the IPv4 address of the remote SNMP manager to receive the target UDP Port Enter the UDP port to use for sending SNMPv3 targets Users Enter the name of the SNMP user to associate with the target To configure SNMP users see the Users page STEP 5 Click Save The user is added to the SNMPv3 Targets list and your changes are saved to the Startu...

Page 179: ...alidated against a database of authorized Captive Portal groups or users before access is granted The database can be stored locally on the WAP device or on a RADIUS server Captive Portal consists of two CP instances Each instance can be configured independently with different verification methods for each VAP or SSID Cisco WAP321 WAP551 and WAP561 devices operate concurrently with some VAPs confi...

Page 180: ...tion on an authentication web page This field specifies the number of seconds the WAP device keeps an authentication session open with the associated wireless client If the client fails to enter authentication credentials within the timeout period allowed the client may need to refresh the web authentication page The default authentication timeout is 300 seconds The range is from 60 to 600 seconds...

Page 181: ...rtal instances each CP instance is a defined set of instance parameters Instances can be associated with one or more VAPs Different instances can be configured to respond differently to users as they attempt to access the associated VAP NOTE Before you create an instance review these bullets first Do you need to add a new VAP If yes go to Networks to add a VAP Do you need to add a new group If yes...

Page 182: ...rable Administrative Mode Enables and disables the CP instance Protocol Specifies HTTP or HTTPs as the protocol for the CP instance to use during the verification process HTTP Does not use encryption during verification HTTPS Uses the Secure Sockets Layer SSL which requires a certificate to provide encryption The certificate is presented to the user at connection time Verification The authenticati...

Page 183: ...he value configured here unless the value is set to 0 the default A value of 0 indicates to use the instance timeout value Session Timeout The time remaining in seconds for the CP session to be valid After the time reaches zero the client is deauthenticated The range is from 0 to 1440 minutes The default value is 0 Maximum Bandwidth Upstream The maximum upload speed in megabits per second that a c...

Page 184: ... primary server responds to the authentication request the WAP device continues to use this RADIUS server as the primary server and authentication requests are sent to the address you specify The IPv4 address should be in a form similar to xxx xxx xxx xxx 192 0 2 10 The IPv6 address should be in a form similar to xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx 2001 DB8 CAD5 7D91 Server IP Address 2 to 4 o...

Page 185: ...e you create an instance you can use the Instance Association page to associate a CP instance to a VAP The associated CP instance settings applies to users who attempt to authenticate on the VAP To associate an instance to a VAP STEP 1 Select Captive Portal Instance Association in the navigation pane Instance Association 121 321 ...

Page 186: ...e Your change are saved to the Startup Configuration Web Portal Customization Once your CP instance is associated with a VAP you need to create a locale an authentication web page and map it to the CP instance When a user accesses a VAP that is associated with a captive portal instance the user sees an authentication page You use the Web Portal Customization page to create unique pages for differe...

Page 187: ...e page The name can include from 1 to 32 alphanumeric characters and the underscore STEP 4 From the Captive Portal Instances list select the CP instance that this locale is associated with You can associate multiple locales with an instance When a user attempts to access a particular VAP that is associated with a CP instance the locales that are associated with that instance show as links on the a...

Page 188: ...on Cisco Small Business WAP551 and WAP561 Wireless N Access Point 147 9 The page shows additional fields for modifying the locale The Locale ID and Instance Name fields cannot be edited The editable fields are populated with default values ...

Page 189: ...WAP551 and WAP561 Wireless N Access Point 148 9 STEP 7 Configure the parameters Background Image Name The image to show as the page background You can click Upload Delete Custom Image to upload images for Captive Portal instances See Uploading and Deleting Images ...

Page 190: ...h Locale An abbreviation for the locale from 1 to 32 characters The default is en Account Image The image file to show above the login field to depict an authenticated login Account Label The text that instructs the user to enter a user name The range is from 1 to 32 characters User Label The label for the user name text box The range is from 1 to 32 characters Password Label The label for the use...

Page 191: ...he range is from 1 to 128 characters The default is Error You must acknowledge the Acceptance Use Policy before connecting Work In Progress Text The text that shows during authentication The range is from 1 to 128 characters The default is Connecting please be patient Denied Text The text that shows when a user fails authentication The range is from 1 to 128 characters The default is Error Invalid...

Page 192: ... are resized to fit the specified dimensions For best results your logo and account images should be similar in proportion to the default images as follows To upload binary graphic files to the WAP device STEP 1 On the Web Portal Customization page click Upload Delete Custom Image next to the Background Image Name Logo Image Name or Account Image fields The Web Portal Custom Image page appears Web...

Page 193: ...on Image list and click Delete You cannot delete the default images Local Groups Each local user is assigned to a user group Each group is assigned to a CP instance The group facilitates managing the assignment of users to CP instances The user group named Default is built in and cannot be deleted You can create up to two additional user groups To add local user groups STEP 1 Select Captive Portal...

Page 194: ...d users provide a valid user name and password that must first be validated against a local database or RADIUS server Authorized users are typically assigned to a CP instance that is associated with a different VAP than guest users You can use the Local Users page to configure up to 128 authorized users in the local database To add and configure a local user STEP 1 Select Captive Portal Local User...

Page 195: ...es from the AP If the time specified in this field expires before the client attempts to reauthenticate the client entry is removed from the authenticated client list The range is from 0 to 1440 minutes The default value is 60 The timeout value configured here has precedence over the value configured for the captive portal instance unless the user value is set to 0 When set to 0 the timeout value ...

Page 196: ...have authenticated on any Captive Portal instance To view the list of authenticated clients select Captive Portal Authenticated Clients in the navigation pane Authenticated Clients MAC Address The MAC address of the client IP Address The IP address of the client User Name The Captive Portal user name of the client Protocol The protocol the user used to establish the connection HTTP or HTTPS Verifi...

Page 197: ... starts when the client dissociates from the CP After the time reaches zero the client is deauthenticated Received Packets The number of IP packets received by the WAP device from the user station Transmitted Packets The number of IP packets transmitted from the WAP device to the user station Received Bytes The number of bytes received by the WAP device from the user station Transmitted Bytes The ...

Page 198: ...ocal database to authenticated users RADIUS The WAP device uses a database on a remote RADIUS server to authenticate users VAP ID The VAP that the user is associated with Radio ID The ID of the radio Because the WAP321 has a single radio this field shows Radio1 For the single radio WAP551 device this field shows Radio 1 For the dual radio WAP561 device this field shows Radio 1 or Radio 2 Captive P...

Page 199: ...ss multiple devices You use Single Point Setup to create a single group or cluster of wireless devices After the WAP devices are clustered you can view deploy configure and secure the wireless network as a single entity After a wireless cluster is created Single Point Setup also facilitates channel planning across your wireless services to reduce radio interference and maximize bandwidth on the wi...

Page 200: ...n your Single Point Setup cluster Be sure the two or more WAP devices you want to cluster are compatible with each other For example Cisco WAP551 devices can only cluster with other Cisco WAP551 or WAP561 devices NOTE It is strongly recommended to run the latest firmware version on all clustered WAP devices Firmware upgrades are not propagated to all WAP devices in a cluster you must upgrade each ...

Page 201: ...ter and configuration changes were made in the during the lost connectivity period the changes are propagated to the device when it rejoins If there are configuration changes in both the disconnected device and the cluster then the device with the greatest number of changes and secondarily the most recent change will be selected to propagate its configuration to the cluster That is if WAP1 has mor...

Page 202: ...tered WAP devices Configuration Parameters Propagated and Not Propagated to Single Point Setup Access Points Common Configuration Settings and Parameters that are Propagated in Single Point Setup Captive Portal Password Complexity Client QoS User Accounts Email Alert QoS HTTP HTTPs Service Except SSL Certificate Configuration Radio Settings Including TSpec Settings Some exceptions Log Settings Rog...

Page 203: ...ration Settings and Parameters that are Propagated in Single Point Setup Radio Configuration Settings and Parameters that are Not Propagated in Single Point Setup Channel Beacon Interval DTIM Period Maximum Stations Transmit Power Other Configuration Settings and Parameters That Are Not Propagated in Single Point Setup Bandwidth Utilization Port Settings Bonjour VLAN and IPv4 IPv6 Address WDS Brid...

Page 204: ...ints in the navigation pane Access Points Single Point Setup is disabled by default on the WAP device When disabled the Enable Single Point Setup button is visible If Single Point Setup is enabled the Disable Single Point Setup button is visible You can edit Single Point Setup options only when Single Point Setup is disabled Icons on the right side of the page indicate whether Single Point Setup i...

Page 205: ...f tie lowest MAC address becomes dominant Range 0 to 255 Default value is 0 Clustering IP Version Specify the IP version that the WAP devices in the cluster use to communicate with other members of the cluster The default is IPv4 If you choose IPv6 Single Point Setup can use the link local address autoconfigured IPv6 global address and statically configured IPv6 global address Ensure that when usi...

Page 206: ...rmation When Single Point Setup is enabled the WAP device automatically forms a cluster with other WAP devices with the same configuration On the Access Points page the WAP devices detected are listed in a table and the following information is shown Location Description of where the access point is physically located MAC Address Media Access Control MAC address of the access point The address is ...

Page 207: ...he Priority field enter a value between 0 to 255 STEP 6 Click Enable Single Point Setup The access point automatically joins the Single Point Setup Removing an Access Point from a Single Point Setup Cluster Removing an Access Point from a Single Point Setup To remove an access point from the Single Point Setup cluster STEP 1 In the table showing the detected devices click the IP address for the cl...

Page 208: ...ce by entering the IP address for that access point as a URL directly into a web browser address bar in the following form http IPAddressOfAccessPoint if using HTTP https IPAddressofAccessPoint if using HTTPS Removing an Access Point from a Single Point Setup Cluster Removing an Access Point from a Single Point Setup To configure the cluster management address of an individual Single Point Setup c...

Page 209: ... session in this context is the period of time in which a user on a client device station with a unique MAC address maintains a connection with the wireless network The session begins when the WLAN client logs on to the network and the session ends when the WLAN client either logs off intentionally or loses the connection for some other reason NOTE A session is not the same as an association which...

Page 210: ...ng the current session Tx Total The number of total packets transmitted to the WLAN client during this session Error Rate The percentage of time frames are dropped during transmission on this access point To sort the information shown in the tables by a particular indicator click the column label you want to sort by For example if you want to see the table rows ordered by signal strength click the...

Page 211: ...then the reassignment information is sent to all members of the cluster A syslog message is generated as well indicating the sender device and the new and old channel assignments To configure and view the channel assignments for the Single Point Setup members STEP 1 Select the Single Point Setup Channel Management in the navigation pane Channel Management From the Channel Management page you can v...

Page 212: ...information on the current and proposed channel assignments STEP 3 To stop automatic channel assignment click Stop No channel usage maps or channel reassignments are made Only manual updates affect the channel assignment Viewing Channel Assignments and Setting Locks Viewing Channel Assignments and Setting Locks When channel management is enabled the page shows the Current Channel Assignations tabl...

Page 213: ...ir current channels WAP devices that are not locked may be assigned to different channels than they were previously using depending on the results of the plan For each WAP device in the Single Point Setup the Proposed Channel Assignments table shows the location IP Address and Wireless Radio as in the Current Channel Assignations table It also shows the Proposed Channel which is the radio channel ...

Page 214: ...e these settings click Save The changes are saved to the active configuration and the Startup Configuration Wireless Neighborhood The Wireless Neighborhood page shows up to 20 devices within range of each wireless radio in the cluster For example if a WAP device has two wireless radios 40 devices would be displayed for that device The Wireless Neighborhood page also distinguishes between cluster m...

Page 215: ...ces that are not cluster members Both Shows all neighbor WAP devices cluster members and nonmembers NOTE For a detected AP that is also a cluster member only the SSIDs of the default VAP VAP0 display as In cluster Non default VAPs on the AP display as Not in cluster Cluster The list at the top of the table shows IP addresses for all WAP devices that are clustered together This list is the same as ...

Page 216: ...r lower indicates medium or weak signal strength from the neighbor as seen by the device whose IP address is listed above that column White Bar A white bar and the number 0 indicates that a neighboring device that was detected by one of the cluster members cannot be detected by the device whose IP address is listed above that column Light Gray Bar A light gray bar and no signal strength number ind...

Page 217: ...re upgrade page the WAP devices detected are listed in a table and the following information is shown Location Description of where the access point is physically located IP Address The IP address for the access point MAC Address Media Access Control MAC address of the access point The address is the MAC address for the bridge br0 and is the address by which the WAP device is known externally to o...

Page 218: ...se types of files do not work The filename cannot contain the following items spaces and two or more successive periods STEP 3 Enter the TFTP Server IPv4 Address and click Start Upgrade To upgrade using HTTP STEP 1 Select HTTP for Transfer Method STEP 2 If you know the name and path to the new file enter it in the New Firmware Image field Otherwise click the Browse button and locate the firmware i...

Page 219: ...Single Point Setup Cluster Firmware Upgrade Cisco Small Business WAP551 and WAP561 Wireless N Access Point 172 10 STEP 1 Click Stop Upgrade ...

Page 220: ...Single Point Setup Cluster Firmware Upgrade Cisco Small Business WAP551 and WAP561 Wireless N Access Point 173 10 ...

Page 221: ...when you click Status and Statistics Log For more information see Deauthentication Reason Code Table Deauthentication Reason Code Table The following table describes the deauthentication reason codes Reason code Meaning 0 Reserved 1 Unspecified reason 2 Previous authentication no longer valid 3 Deauthenticated because sending station STA is leaving or has left Independent Basic Service Set IBSS or...

Page 222: ...sassociated because the information in the Supported Channels element is unacceptable 12 Disassociated due to BSS Transition Management 13 Invalid element i e an element defined in this standard for which the content does not meet the specifications in Clause 8 14 Message integrity code MIC failure 15 4 Way Handshake timeout 16 Group Key Handshake timeout 17 Element in 4 Way Handshake different fr...

Page 223: ...zfirmware Select a link to download firmware for Cisco Small Business Products No login is required Downloads for all other Cisco Small Business products including Network Storage Systems are available in the Download area on Cisco com at www cisco com go software registration login required Cisco Small Business Open Source Requests www cisco com go smallbiz_opensource_request Product Documentatio...

Page 224: ...Where to Go From Here Cisco Small Business WAP551 and WAP561 Wireless N Access Point 171 B ...

Page 225: ...Cisco and or its affiliates in the U S and other countries To view a list of Cisco trademarks go to this URL www cisco com go trademarks Third party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnership relationship between Cisco and any other company 1110R ...

Reviews:

No comments

Related manuals for Small Business WAP551

Global Telecom MiFi 8000 Reference Manual preview
MiFi 8000
Brand: Global Telecom Pages: 5
M Box D446559XA Operating Manual preview
D446559XA
Brand: M Box Pages: 60
P1 dx-825 Setup Manual preview
dx-825
Brand: P1 Pages: 10
Linksys EA6350 V2 User Manual preview
EA6350 V2
Brand: Linksys Pages: 17
Zte Unite User Manual preview
Unite
Brand: Zte Pages: 29
Pakedge Device & Software W7 SERIES User Manual preview
W7 SERIES
Brand: Pakedge Device & Software Pages: 57
Sanoxy WR-M3GU12 Quick Installation Manual preview
WR-M3GU12
Brand: Sanoxy Pages: 12
Allnet ALL02860ND Quick Installation Manual preview
ALL02860ND
Brand: Allnet Pages: 14
Ubiquiti PowerBeam ac ISO Quick Start Manual preview
PowerBeam ac ISO
Brand: Ubiquiti Pages: 28
Novatel 4G LTE User Manual preview
4G LTE
Brand: Novatel Pages: 96
Teltonica RUT900 User Manual preview
RUT900
Brand: Teltonica Pages: 141
GL Technologies GL-AR300MD User Manual preview
GL-AR300MD
Brand: GL Technologies Pages: 2
Sapido AU-4612 Range Plus User Manual preview
AU-4612 Range Plus
Brand: Sapido Pages: 36
Zte OX253P User Manual preview
OX253P
Brand: Zte Pages: 279
LEGRAND Luxul Apex XAP-1610 Quick Start Manual preview
Luxul Apex XAP-1610
Brand: LEGRAND Pages: 8
LEGRAND DA2131-V1A Owner'S Manual preview
DA2131-V1A
Brand: LEGRAND Pages: 69
LEGRAND DA2131-V1 Owner'S Manual preview
DA2131-V1
Brand: LEGRAND Pages: 69
Zte Falcon Z-917 Start Manual preview
Falcon Z-917
Brand: Zte Pages: 24

Brands by name

Popular brands

Load more brands