manualshive.com logo in svg

Draytek VigorAP 903, User Manual

Share
Download
Draytek VigorAP 903 User Manual Download Page 119

 

 

113

Item Description 
Enable RADIUS Server  Check it to enable the internal RADIUS server. 

Authentication Type 

Let the user to choose the authentication method for RADIUS server. 

Radius EAP Type – There are two types, PEAP and EAP TLS, offered for 
selection. If EAP TLS is selected, a certificate must be installed or must be 
ensured to be trusted.   

Users Profile   

Username – Type a new name for the user profile. 
Password – Type a new password for such new user profile. 
Confirm Password – Retype the password to confirm it. 
Configure  

 

Add – Make a new user profile with the name and password specified 
on the left boxes.   

 

Cancel – Clear current settings for user profile. 

Delete Selected – Delete the selected user profile (s).   
Delete All – Delete all of the user profiles. 

Authentication Client 

This internal RADIUS server of VigorAP 903 can be treated as the external 
RADIUS server for other users. Specify the client IP and secret key to make 
the wireless client choosing VigorAP 903 as its external RADUIS server.   
Client IP – Type the IP address for the user to be authenticated by 
VigorAP 903 when the user tries to use VigorAP 903 as the external 
RADIUS server. 
Secret Key – Type the password for the user to be authenticated by 
VigorAP 903 while the user tries to use VigorAP 903 as the external 
RADIUS server. 
Confirm Secret Key – Type the password again for confirmation.   
Configure  

 

Add – Make a new client with IP and secret key specified on the left 
boxes.  

 

Cancel – Clear current settings for the client. 

Delete Selected – Delete the selected client(s).   

Delete All – Delete all of the clients. 

Backup  

Click it to store the settings (RADIUS configuration) on this page as a file.

Restore 

Click it to restore the settings (RADIUS configuration) from an existed file.

After finishing this web page configuration, please click OK to save the settings. 

IV-1-2 Certificate Management 

When the local client and remote server are required to make certificate authentication (e.g., Radius 
EAP-TLS authentication) for wireless connection and avoiding the attack of MITM, a trusted root certificate 
authority (Root CA) will be used to authenticate the digital certificates offered by both ends. 

However, the procedure of applying digital certificate from a trusted root certificate authority is 
complicated and time-consuming. Therefore, Vigor AP offers a mechanism which allows you to generate 
root CA to save time and provide convenience for general user. Later, such root CA generated by DrayTek 
server can perform the issuing of local certificate. 

Root CA can be deleted but not edited. If you want to modify the settings for a Root CA, please delete the 
one and create another one by clicking Create Root CA. 

Summary of Contents for VigorAP 903

Page 1: ...I ...

Page 2: ...II VigorAP 903 802 11ac Access Point User s Guide Version 1 0 Firmware Version V1 3 1 Date January 22 2019 ...

Page 3: ...nvironment Warranty We warrant to the original end user purchaser that the modem will be free from any defects in workmanship or materials for a period of one 1 year from the date of purchase from the dealer Please keep your purchase receipt in a safe place as it serves as proof of date of purchase During the warranty period and upon proof of purchase should the product have indications of failure...

Page 4: ...s for Mesh Node 29 I 7 4 Settings for Range Extender 30 Chapter II Connectivity 35 II 1 Operation Mode 36 II 2 General Concepts for Wireless LAN 2 4GHz 5GHz 37 II 3 Wireless LAN 2 4GHz 5GHz Settings for AP Mode 40 II 3 1 General Setup 41 II 3 2 Security 44 II 3 3 Access Control 47 II 3 4 WPS 48 II 3 5 Advanced Setting 49 II 3 6 AP Discovery 52 II 3 7 WDS AP Status 53 II 3 8 Bandwidth Management 53...

Page 5: ...chedule 116 IV 2 2 Apple iOS Keep Alive 118 IV 2 3 Wi Fi Auto On Off 119 IV 2 4 Temperature Sensor 120 Chapter V Troubleshooting 123 V 1 Diagnostics 124 V 1 1 System Log 125 V 1 2 Speed Test 125 V 1 3 Traffic Graph 126 V 1 4 Data Flow Monitor 126 V 1 5 WLAN 2 4GHz Statistics 127 V 1 6 WLAN 5GHz Statistics 128 V 1 7 Station Statistics 129 V 1 8 Interference Monitor 131 V 1 9 Station Airtime 133 V 1...

Page 6: ...Chapter I Installation ...

Page 7: ...ch adopts the technology of PoE for offering power supply and transmitting data through the Ethernet cable AP Management The VigorAP 903 can operate in standalone mode for your office network or a classroom or a waiting room of some transportation terminals e g ferry terminal bus station train station or a clinic s waiting room connected to your LAN and offering you with wireless access If your ne...

Page 8: ...t the best route automatically Besides if any one of the mesh AP devices disconnects due to unknown reason the mesh system will determine another accessible AP and transfer the packets to that AP Maintain a certain degree of normal operation for it is not easily affected by connection interference or terrain blocking of walls or floors For the mesh network system adopts the mesh topology each node...

Page 9: ...on is ready Off Wireless function is not ready 2 4G Blinking Data is transmitting sending receiving On Wireless function is ready Off Wireless function is not ready 5G Blinking Data is transmitting sending receiving On A normal connection rate with 100M 1000M is through its corresponding port Off LAN is disconnected LAN A1 A4 Blinking Data is transmitting sending receiving On A normal connection r...

Page 10: ...The router will wait for any wireless client connecting to it through WPS Restore the default settings Usage Turn on the router Press the button and keep for more than 10 seconds Then the router will restart with the factory default configuration LAN B Connecter for xDSL Cable modem Giga level or router LAN A4 A3 A2 A1 PoE Connecter for xDSL Cable modem Giga level computer or router LAN A1 is used...

Page 11: ...the LAN A port of the access point by Ethernet cable 2 Connect a computer to other available LAN A port Make sure the subnet IP address of the PC is the same as VigorAP 903 management IP e g 192 168 1 X 3 Connect the A C power adapter to the wall socket and then connect it to the PWR connector of the access point 4 Power on VigorAP 903 5 Check all LEDs on the front panel ACT LED should blink LAN L...

Page 12: ...e 2 Connect the A C power adapter to the wall socket and then connect it to the PWR connector of the access point 3 Power on VigorAP 903 4 Check all LEDs on the front panel ACT LED should be steadily on LAN LEDs should be on if the access point is correctly connected to the ADSL modem or router For the detailed information of LED status please refer to section I 1 1 ...

Page 13: ...n 1 Connect the A C power adapter to the wall socket and then connect it to the PWR connector of the access point 2 Power on VigorAP 903 3 Check all LEDs on the front panel ACT LED should be steadily on 4 Connect VigorAP 903 to ADSL modem or router via wireless network For the detailed information of LED status please refer to section I 1 1 ...

Page 14: ...witch in your network through the LAN A4 PoE port of the access point by Ethernet cable 2 Connect a computer to VigorSwitch P2260 Make sure the subnet IP address of the PC is the same as VigorAP 903 management IP e g 192 168 1 X 3 Power on VigorAP 903 4 Check all LEDs on the front panel ACT LED should be steadily on LAN LEDs should be on if the access point is correctly connected to the ADSL modem...

Page 15: ...ill two holes on the wall The distance between the holes shall be 80mm The recommended drill diameter shall be 6 5mm 1 4 2 Fit screws into the wall using the appropriate type of wall plug 3 Hang the VigorAP directly onto the screws Wall ...

Page 16: ...ult IP address of this AP is set 192 168 1 2 we recommend you to use 192 168 1 X except 2 in the field of IP address on this section for your computer If the operating system of your computer is Windows 7 please go to section I 3 1 Windows 2000 please go to section I 3 2 Windows XP please go to section I 3 3 Windows Vista please go to section I 3 4 I 3 1 Windows 7 IP Address Setup Click Start butt...

Page 17: ...11 Under the General tab click Use the following IP address Then input the following settings in respective field and click OK when finish IP address 192 168 1 9 Subnet Mask 255 255 255 0 ...

Page 18: ...click Network and Dial up Connections icon double click Local Area Connection and Local Area Connection Properties window will appear Select Internet Protocol TCP IP then click Properties Select Use the following IP address then input the following settings in respective field and click OK when finish IP address 192 168 1 9 Subnet Mask 255 255 255 0 ...

Page 19: ...lick Network and Internet Connections icon click Network Connections and then double click Local Area Connection Local Area Connection Status window will appear and then click Properties Select Use the following IP address then input the following settings in respective field and click OK when finish IP address 192 168 1 9 Subnet Mask 255 255 255 0 ...

Page 20: ...s then click Manage Network Connections Right click Local Area Netwrok then select Properties Local Area Connection Properties window will appear select Internet Protocol Version 4 TCP IPv4 and then click Properties Select Use the following IP address then input the following settings in respective field and click OK when finish IP address 192 168 1 9 Subnet Mask 255 255 255 0 ...

Page 21: ...ype admin admin on Username Password and click OK Note You may either simply set up your computer to get IP dynamically from the router or set up the IP address of the computer to be in the same subnet as the IP address of VigorAP 903 If there is no DHCP server on the network then VigorAP 903 will have an IP address of 192 168 1 2 If there is DHCP available on the network then VigorAP 903 will rec...

Page 22: ...rAP the Quick Start Wizard for configuring wireless settings will appear as follows Refer to Section I 7 Quick Start Wizard for detailed information 4 If VigorAP has been configured previously the Dashboard of VigorAP will appear as follows ...

Page 23: ...ns the web configuration system will logout after 5 minutes without any operation Change the setting of auto logout if you want Note If you fail to access the web configuration please go to the section Trouble Shooting for detecting and solving your problem For using the device properly it is necessary for you to change the password of web configuration for security and adjust primary basic settin...

Page 24: ...ty of the modem 2 Go to System Maintenance page and choose Administration Password 3 Enter the new login password on the field of Password Then click OK to continue 4 Now the password has been changed Next time use the new password to access the Web User Interface for this modem ...

Page 25: ...including the number of client connected throughput gateway physical connection status radio 2 4GHz 5GHz status backhaul network recent activities wireless network usage and so on Click Dashboard from the main menu on the left side of the main page ...

Page 26: ...wireless setting 5G wireless setting and other corresponding settings for Vigor Access Point step by step Available operation mode includes Access Point Mesh Root Mesh Node Range Extender In this page the advanced settings pages will vary according to the operation mode specified ...

Page 27: ...2 In the following page configure the settings for wireless LAN for both 2 4GHz and 5GHz and click Next Step Available settings are explained as follows Item Description WiFi Name Set a name for VigorAP 903 to be identified WiFi Password Type 8 63 ASCII characters such as 012345678 or 64 Hexadecimal ...

Page 28: ...ich will be used for the guest connecting to Vigor device with the same SSID Upload Limit Scroll the radio button to choose the value you want Download Limit Scroll the radio button to choose the value you want Enable Station Control Check the box to set the duration for the guest connecting reconnecting to Vigor device Connection Time Scroll the radio button to choose the value you want Reconnect...

Page 29: ...23 ...

Page 30: ... both 2 4GHz and 5GHz and click Next Step Available settings are explained as follows Item Description WiFi Name Set a name for VigorAP 903 to be identified WiFi Password Type 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by 0x such as 0x321253abcde Enable Guest Check the box to enable the guest wireless setting ...

Page 31: ... to Vigor device with the same SSID Upload Limit Scroll the radio button to choose the value you want Download Limit Scroll the radio button to choose the value you want Enable Station Control Check the box to set the duration for the guest connecting reconnecting to Vigor device Connection Time Scroll the radio button to choose the value you want Reconnection Time Scroll the radio button to choos...

Page 32: ...26 5 After clicking Finish the following web page appears VigorAP will search for mesh node around the network ...

Page 33: ...7 6 Available VigorAP devices will be shown on the screen Select the device as a mesh node for grouping under such mesh group and enter a device name for identification 7 Click Apply and wait for a while ...

Page 34: ...28 8 Later a summary page of mesh root with mesh node will be shown on the screen ...

Page 35: ...29 I 7 3 Settings for Mesh Node 1 Choose Mesh Node as the operation mode and click Next Step 2 A summary of settings configuration will be shown on screen Click Finish ...

Page 36: ...d as follows Item Description WiFi Name Set a name for VigorAP 903 to be identified WiFi Password Type 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by 0x such as 0x321253abcde Enable Guest Wireless Check the box to enable the guest wireless setting Such feature is especially useful for free Wi Fi service For example a coffee shop offers free Wi Fi service for its guests...

Page 37: ...Station Control Check the box to set the duration for the guest connecting reconnecting to Vigor device Connection Time Scroll the radio button to choose the value you want Reconnection Time Scroll the radio button to choose the value you want 3 Change the default password for such device with new value Then click Next Step Available settings are explained as follows Item Description Admin Passwor...

Page 38: ...choose WEP Four keys can be entered here but only one key can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and When Shared is selected WEP Keys To enable WEP...

Page 39: ...33 Type 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by 0x such as 0x321253abcde 5 A summary of settings configuration will be shown on screen Click Finish ...

Page 40: ...34 This page is left blank ...

Page 41: ...35 Chapter II Connectivity ...

Page 42: ...e VigorAP can connect to other mesh root via wireless connection A mesh network creates one set of links automatically and calculates the most optimal wireless path through the wireless network back to a wired mesh root Range Extender VigorAP can act as a wireless repeater which will help you to extend the networking wirelessly The access point can act as Station and AP at the same time It can use...

Page 43: ...s point will preset a set of four keys and it will communicate with each station using only one out of the four keys WPA Wi Fi Protected Access the most dominating security mechanism in industry is separated into two categories WPA personal or called WPA Pre Share Key WPA PSK and WPA Enterprise or called WPA 802 1x In WPA Personal a pre defined key is used for encryption during data transmission W...

Page 44: ... station with WPS supported There are two methods to do network connection through WPS between AP and Stations pressing the Start PBC button or using PIN Code On the side of VigorAP 903 series which served as an AP press WPS button once on the front panel of VigorAP 903 or click Start PBC on web configuration interface On the side of a station with network card installed press Start PBC button of ...

Page 45: ...39 ...

Page 46: ...neral Setup Security Access Control WPS Advanced Setting AP Discovery Bandwidth Management Airtime Fairness Station Control Roaming Band Steering and Station List Note Available settings for Wireless LAN 2 4GHz and Wireless LAN 5Ghz are almost the same except for Band Steering The following figure shows how VigorAP runs as AP Access Point ...

Page 47: ...er to the following figure for more information Available settings are explained as follows Item Description Enable Wireless LAN Check the box to enable wireless function Enable Client Limit Check the box to set the maximum number of wireless stations which try to connect Internet through Vigor device The number you can set is from 3 Available for 5GHz Access Point Mode ...

Page 48: ...domain You could only connect one router no matter connecting to LAN A or LAN B in this environment Hide SSID Check it to prevent from wireless sniffing and make it harder for unauthorized clients or STAs to join your wireless LAN Depending on the wireless utility the user may only see the information except SSID or just cannot see any thing about VigorAP 903 while site surveying The system allows...

Page 49: ...t WEP TKIP or AES as the encryption algorithm Type 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by 0x such as 0x321253abcde Peer MAC Address Type the peer MAC address for the access point that VigorAP 902 connects to After finishing this web page configuration please click OK to save the settings ...

Page 50: ... and the encryption key should be entered in WEP Key WPA PSK or WPA2 PSK or Mixed WPA WPA2 PSK Accepts only WPA clients and the encryption key should be entered in PSK The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication WEP 802 1x The built in RADIUS client fe...

Page 51: ...fferent encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key Such feature is available for WPA2 802 1 WPA 802 1x WPA PSK or WPA2 PSK or Mixed WPA WPA2 PSK mode EAPOL Key Retry EAPOL mean...

Page 52: ... Address Enter the IP address of external RADIUS server Port The UDP port number that the external RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The external RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service...

Page 53: ...esses to control their access rights deny or allow Available settings are explained as follows Item Description Policy Select to enable any one of the following policy or disable the policy Choose Activate MAC address filter to type in the MAC addresses for other clients in the network manually Choose Blocked MAC address filter so that all of the devices with the MAC addresses listed on the MAC Ad...

Page 54: ...S setting WPS Configured Display related system information for WPS If the wireless security encryption function of VigorAP 903 is properly configured you can see Yes message here WPS SSID Display current selected SSID WPS Auth Mode Display current authentication mode of the VigorAP 903 Only WPA2 PSK and WPA PSK support WPS WPS Encrypt Type Display encryption mode None WEP TKIP AES etc of VigorAP ...

Page 55: ... for nearby wireless AP and then use 20MHz if the number of AP is more than 10 or use 40MHz if it s not 40 MHz the device will use 40MHz for data transmission and receiving between the AP and the stations Packet OVERDRIVE This feature can enhance the performance in data transmission about 40 more by checking Tx Burst It is active only when both sides of Access Point and Station in wireless client ...

Page 56: ...on Therefore changing the country code to ensure successful network connection will be necessary for some clients Auto Channel Filtered Out List The selected wireless channels will be discarded if AutoSelect is selected as Channel selection mode in Wireless LAN General Setup IGMP Snooping Click Enable to enable IGMP Snooping Multicast traffic will be forwarded to ports that have members of that gr...

Page 57: ...pply WMM parameters for wireless data transmission please click the Enable radio button MAC Clone Click Enable and manually enter the MAC address of the device with SSID 1 The MAC address of other SSIDs will change based on this MAC address After finishing this web page configuration please click OK to save the settings ...

Page 58: ...ows Item Description SSID Display the SSID of the AP scanned by VigorAP 903 BSSID Display the MAC address of the AP scanned by VigorAP 903 RSSI Display the signal strength of the access point RSSI is the abbreviation of Received Signal Strength Indication Channel Display the wireless channel used for the AP that is scanned by VigorAP 903 Encryption Display the encryption mode for the scanned AP Au...

Page 59: ...will occupy large of bandwidth and affect the applications for other programs Please use Bandwidth Management to make the bandwidth usage more efficient Available settings are explained as follows Item Description SSID Display the specific SSID name Enable Check this box to enable the bandwidth management for clients Upload Limit Define the maximum speed of the data uploading which will be used fo...

Page 60: ...etwork Without airtime fairness offices using mixed mode networks risk having legacy clients slow down the entire network or letting the fastest client s crowd out other users With airtime fairness every client at a given quality of service level has equal access to the network s airtime The wireless channel can be accessed by only one wireless station at the same time The principle behind the IEE...

Page 61: ... the overall wireless performance Suitable environment 1 Many wireless stations 2 All stations mainly use download traffic 3 The performance bottleneck is wireless connection Available settings are explained as follows Item Description Enable Airtime Fairness Try to assign similar airtime to each wireless station by controlling TX traffic Airtime Fairness Click the link to display the following sc...

Page 62: ...56 Note Airtime Fairness function and Bandwidth Limit function should be mutually exclusive So their webs have extra actions to ensure these two functions are not enabled simultaneously ...

Page 63: ...wireless network for a long time Note Up to 300 Wireless Station records are supported by VigorAP Available settings are explained as follows Item Description SSID Display the SSID that the wireless station will use it to connect with Vigor router Enable Check the box to enable the station control function Connection Time Reconnection Time Use the drop down list to choose the duration for the wire...

Page 64: ...t to connect another Wireless AP to get better signal Minimum Basic Rate Check the box to use the drop down list to specify a basic rate Mbps When the link rate of the wireless station is below such value VigorAP 903 will terminate the network connection for that wireless station Disable RSSI Requirement If it is selected VigorAP will not terminate the network connection based on RSSI Strictly Min...

Page 65: ...ture is available for WPA2 802 1 mode Pre Authentication Enables a station to authenticate to multiple APs for roaming securer and faster With the pre authentication procedure defined in IEEE 802 11i specification the pre four way handshake can reduce handoff delay perceivable by a mobile node It makes roaming faster and more secure Only valid in WPA2 Enable Enable IEEE 802 1X Pre Authentication D...

Page 66: ... 4GHz band available for legacy clients and improves users experience by reducing channel utilization If dual band is detected the AP will let the wireless client connect to less congested wireless LAN such as 5GHz to prevent from network congestion Note To make Band Steering work successfully SSID and security on 2 4GHz also MUST be broadcasted on 5GHz ...

Page 67: ...system shall wait and check for several seconds 15 seconds in default to make the 2 4GHz network connection Specify the time limit for VigorAP to detect the wireless client 5GHz Minimum RSSI The wireless station has the capability of 5GHz network connection yet the signal performance might not be satisfied Therefore when the signal strength is below the value set here while the wireless station co...

Page 68: ...62 Below shows how Band Steering works ...

Page 69: ...able Band Steering and use the default value 15 for check time setting 3 Click OK to save the settings 4 Open Wireless LAN 2 4GHz General Setup and Wireless LAN 5GHz General Setup Configure SSID as ap903 BandSteering for both pages Click OK to save the settings Same value for 2 4GHz and 5GHz ...

Page 70: ... 5GHz Security Configure Security as 12345678 for both pages Click OK to save the settings 6 Now VigorAP 903 will let the wireless clients connect to less congested wireless LAN such as 5GHz to prevent from network congestion Same value for 2 4GHz and 5GHz ...

Page 71: ... the connecting client SSID Display the SSID that the wireless client connects to Auth Display the authentication that the wireless client uses for connection with such AP Encrypt Display the encryption mode used by the wireless client Tx Rate Rx Rate Display the transmission receiving rate for packets Refresh Click this button to refresh the status of station list Add to Access Control Client s M...

Page 72: ...66 Control Display connection and reconnection time of the wireless stations Neighbor Display more information for the neighboring wireless stations ...

Page 73: ...nodes is 8 including the mesh root the maximum number of hop is 3 Refer to the following figure For the mesh group set within VigorMesh network It must be composed by 1 Mesh Root and 0 7 mesh nodes Roaming Normally members in a mesh group use the same Wireless SSID security Add Only the mesh root can add a new mesh node into the mesh group Recover A disconnected mesh node will automatically try to...

Page 74: ...th Ethernet cable first to have an internet connection As a Mesh Node VigorAP can connect to the mesh root or mesh node within the same mesh group via wireless network or physical connection with an Ethernet cable The following figure shows how VigorAP runs as MESH ROOT The following figure shows how VigorAP runs as MESH NODE ...

Page 75: ...h a physical Ethernet cable it can be set as mesh root to deliver the wireless signals to a mesh node AP Mesh Node As a mesh node such VigorAP can pass the wireless connection signal to other mesh node or a remote device PC CPE mobile phone In addition VigorAP can be searched by mesh root AP and join the mesh group of the root AP The configuration set for mesh root can be applied to mesh node When...

Page 76: ...AP will be shown in this area Up to 8 entries one mesh root and seven mesh nodes will be shown on this field Reset Click it to clear the Mesh Group information Add Mesh Node Click Search to find out available mesh node on the network Check the one you want and click Apply The selected AP will be added onto current mesh root Backup Mesh Config Backup Click the button to save the configuration as a ...

Page 77: ...setup a Mesh Group with mesh root and mesh node from Mesh Mesh Setup 1 Open Mesh Mesh Setup Click Mesh Root and click OK for the VigorAP connected to PC with Ethernet cable At first a Mesh Group is with only Mesh Root 2 Click the Search button in the field of Add Mesh Node ...

Page 78: ...ait until the searching result appears 4 Choose the device s you want to add to the Mesh Group as mesh node s and define the Device Name for each node In this example five devices are specified as mesh nodes ...

Page 79: ... 5 Click the Apply button and wait for it to finish the procedure 6 After finishing the mesh network configuration refer to Mesh Mesh Status for viewing the result A mesh root with 5 mesh nodes is online ...

Page 80: ...the number of the device within a mesh group Status Display the role of the device within a mesh group Device Name Display the name of the device for identification IP Address Display the IP address of the device MAC Address Display the MAC address of the device Hop Display the level of the devices within a mesh group 0 means the access point is connected to a device by using Ethernet cable wired ...

Page 81: ...he device status from Mesh Root This page can help to discover all Mesh devices around and offer the Link Status and Operation Mode of each Mesh device For obtaining the list of devices around this VigorAP click Scan Later surrounding VigorAP device s will be displayed on this page ...

Page 82: ...n a mesh group the Mesh Root will send the basic configuration to the device This page could help you to change the Mesh Root settings and deliver the new configuration of the Mesh Root to all connected Mesh Nodes Available settings are explained as follows ...

Page 83: ...different hops mesh node Internet Download Speed for root and hop1 hop3 iPad connects to Root 80Mbps iPad connects to hop1 Node 49Mbps Uplink RSSI 55dBm iPad connects to hop2 Node 41Mbps Uplink RSSI hop2 64dBm hop1 55dBm iPad connects to hop3 Node 26Mbps Uplink RSSI hop3 62dBm hop2 68dBm hop1 55dBm It is not suggested to use a wireless Mesh Node with Ethernet cable connected to a Mesh Root If rese...

Page 84: ...AP mode Check the country code and channels For example it is impossible for connecting a VigorAP 903 Mesh Root with 5G channel 36 to VigorAP920R Wireless Mesh Node in EU country code Check the channel load Make sure it is not over 70 Collect some Mesh logs and send the result to DrayTek for analyzing ...

Page 85: ...ime Fairness Station Control Roaming Band Steering and Station List This section will introduce settings for Universal Repeater only For other wireless setting items e g General Setup Security WPS and etc please refer to II 3 The following figure shows how VigorAP runs as Range Extender The access point can act as a wireless repeater it can be Station and AP at the same time It can use Station fun...

Page 86: ...nder operation mode in Quick Start Wizard Change the name of SSID whenever you want MAC Address Optional Type the MAC address of access point that VigorAP 903 wants to connect to Channel Means the channel of frequency of the wireless LAN You may switch channel if the selected channel is under serious interference If you have no idea of choosing the frequency please select AutoSelect to let system ...

Page 87: ...such as 0x321253abcde Connection Type Choose DHCP or Static IP as the connection mode DHCP The wireless station will be assigned with an IP from VigorAP Static IP The wireless station shall specify a static IP for connecting to Internet via VigorAP Device Name This setting is available when DHCP is selected as Connection Type Type a name for the VigorAP as identification Simply use the default nam...

Page 88: ...y modem II 6 1 General Setup Click LAN to open the LAN settings page and choose General Setup Note Such page will be changed according to the Operation Mode selected The following screen is obtained by choosing AP as the operation mode Available settings are explained as follows ...

Page 89: ...AP 903 VLAN ID Type the number as VLAN ID tagged on the transmitted packet 0 means no VALN tag DHCP Server Configuration DHCP stands for Dynamic Host Configuration Protocol DHCP server can automatically dispatch related IP settings to any local user configured as a DHCP client Enable Server Enable Server lets the modem assign IP address to every host in the LAN Start IP Address Enter a value of th...

Page 90: ...CP server in such field All the IP addresses of the devices on LAN of VigorAP will be assigned via such specified server It is used to avoid IP assignment interference due to multiple DHCP servers in one LAN DNS Server IP Address Primary DNS Server You must specify a DNS server IP address here because your ISP should provide you with usually more than one DNS Server If your ISP does not provide it...

Page 91: ...uration Available settings are explained as follows Item Description Enable Port Control Check it to enable the port control If it is enabled you are allowed to disable the function of physical LAN port by checking the corresponding check box Disable Port Choose and check the LAN port After finishing this web page configuration please click OK to save the settings ...

Page 92: ...86 This page is left blank ...

Page 93: ...87 Chapter III Management ...

Page 94: ... are several items that you have to know the way of configuration Status TR 069 Administrator Password Configuration Backup Syslog Mail Alert Time and Date SNMP Management Reboot System and Firmware Upgrade Below shows the menu items for System Maintenance ...

Page 95: ...e current firmware build System Uptime Display the period that such device connects to Internet Operation Mode Display the operation mode that the device used System Memory total Display the total memory of your system Memory left Display the remaining memory of your system LAN A LAN B MAC Address Display the MAC address of the LAN Interface IP Address Display the IP address of the LAN interface I...

Page 96: ... TR 069 device Vigor router AP and etc through VigorACS Auto Configuration Server Available settings are explained as follows Item Description ACS Settings Wizard Click it to enter the IP address of VigorACS server host port number and the handler URL Username Password Such data must be typed according to the ...

Page 97: ...r for CPE Username Password Type the username and password that VigorACS can use to access into such CPE Periodic Inform Settings The default setting is Enable Please set interval time or schedule time for the AP to send notification to VigorACS server Interval Time Type the value for the interval time setting The unit is second STUN Settings The default is Disable If you click Enable please type ...

Page 98: ...Password Enter the old password for accessing into the web user interface New Password Enter in new password in this filed Confirm Password Enter the new password again for confirmation Password Strength The system will display the password strength represented with the word of weak medium or strong of the password specified above When you click OK the login window will appear Please use the new p...

Page 99: ...mple web configuration The settings on simple web user interface will be different with full web user interface accessed by using the administrator password Account Enter a user name Password Enter in new password in this field The length of the password is limited to 31 characters Confirm Password Enter the new password again Click OK to save the settings Settings to be configured in User Mode wi...

Page 100: ... the configuration backup of this device Protect with password For the sake of security the configuration file for the access point can be encrypted Password Type several characters as the password for encrypting the configuration file Confirm Password Type the password again for confirmation Backup Click it to backup the configuration file Follow the steps below to backup your configuration 1 Go ...

Page 101: ...ear different windows but the backup function is still available Note Backup for Certification must be done independently The Configuration Backup does not include information of Certificate Follow the steps below to restore your configuration 1 Go to System Maintenance Configuration Backup 2 Click Upload to choose the correct configuration file for uploading to the AP 3 Click Restore and wait for...

Page 102: ...he default setting is 514 Log Level Specify which level of the severity of the event will be recorded by Syslog Mail Alert Setup Enable Check Enable to activate function of mail alert SMTP Server The IP address of the SMTP server Mail To Assign a mail address for sending mails out Mail From Assign a path for receiving the mail from outside User Name Type the user name for authentication Password T...

Page 103: ... are explained as follows Item Description Current System Time Click Inquire Time to get the current time Use Browser Time Select this option to use the browser time from the remote administrator PC host as router s system time Use NTP Client Select to inquire time information from Time Server on the Internet using assigned protocol Time Zone Select a time protocol NTP Server Type the IP address o...

Page 104: ...Check it to enable this function Enable SNMPV3 Agent Check it to enable this function USM User USM means user based security mode Type a username which will be used for authentication The maximum length of the text is limited to 23 characters Auth Algorithm Choose one of the encryption methods listed below as the authentication algorithm Auth Password Type a password for authentication The maximum...

Page 105: ...rator can only login from a specific host or network defined in the list A maximum of five IPs subnet masks is allowed Port Setup HTTP port HTTPS port Specify user defined port numbers for the HTTP and HTTPS servers Panel Control Disable WLAN button The default function of WLAN button is enabled To disable the ability of the Wireless button to control WLAN and WPS functions check this box Disablin...

Page 106: ...nto Quick Start Wizard whenever clicking the DrayTek logo on the top of the web user interface Such function will be disabled if you have configured Operation Mode WLAN General Setup WLAN Bandwidth Management WLAN Station Control or System Maintenance Administration Password Click OK to save these settings ...

Page 107: ...ion check Using current configuration and click OK To reset the modem settings to default values check Using factory default configuration and click OK The modem will take 5 seconds to reboot the system Note When the system pops up Reboot System web page after configuring the web settings please click OK to reboot your device for ensuring normal operation and preventing unexpected errors of the mo...

Page 108: ... by using an example Note that this example is running over Windows OS Operating System Download the newest firmware from DrayTek s web site or FTP site The DrayTek web site is www draytek com or local DrayTek s web site and FTP site is ftp draytek com Click System Maintenance Firmware Upgrade to launch the Firmware Upgrade Utility Click Download to locate the newest firmware from your hard disk a...

Page 109: ...the function of AP Management APM Enable Auto Provision VigorAP 903 can be controlled under Central AP Management in Vigor2860 series When both Vigor2860 series and VigorAP 903 have such feature enabled once VigorAP 903 is registered to Vigor2860 series the WLAN profile pre configured on Vigor2860 series will be applied to VigorAP 903 immediately Thus it is not necessary to configure VigorAP 903 s...

Page 110: ...g information related to wireless stations connected to VigorAP 903 and central AP management Such information also will be delivered to Vigor router e g Vigor2860 or Vigor2925 series and be shown on Central AP Management Event Log of Vigor router ...

Page 111: ...will be disassociated to solve the problem of traffic overload The following web page is used to configure white list and black list for wireless stations Available settings are explained as follows Item Description White List Black List Display the information such as index number MAC address and comment for all of the members in White List Black List Wireless stations listed in Black List will b...

Page 112: ...ribute the traffic for all of the access points e g VigorAP 903s registered to Vigor 2860 or Vigor2925 series This web page displays the settings related to Load Balance for VigorAP 903 In which By Station Number By Traffic and Force Overload Disassociation indicate settings configured in Vigor 2860 or Vigor2925 series X means the function is not enabled or VigorAP 903 has not registered to any Vi...

Page 113: ...s PC users MAC users or other users according to the policy selected Below shows the menu items for Mobile Device Management MDM III 3 1 Detection Such page displays mobile device s detected by VigorAP Detected device s with Policy Pass can access into the wireless LAN offered by VigorAP Detected device s with Policy Block are not allowed to access into Internet via VigorAP s WLAN ...

Page 114: ...item is explained as follows Item Description Block Mobile Connections All of mobile devices will be blocked and not allowed to access into Internet via VigorAP Block PC Connections All of network connections based on PC MAC or Linux platform will be blocked and terminated Block Unknown Connections Only the unknown network connections unable to be recognized by Vigor router will be blocked and ter...

Page 115: ...109 III 3 3 Statistics The number of detected devices and the number of device s passed blocked according to the policy specified in Mobile Device Management Policy can be illustrated as doughnut chart ...

Page 116: ...110 This page is left blank ...

Page 117: ...111 Chapter IV Others ...

Page 118: ...VigorAP 903 offers a built in RADIUS server to authenticate the wireless client that tries to connect to VigorAP 903 The AP can accept the wireless connection authentication requested by wireless clients Available settings are explained as follows ...

Page 119: ... user tries to use VigorAP 903 as the external RADIUS server Confirm Secret Key Type the password again for confirmation Configure Add Make a new client with IP and secret key specified on the left boxes Cancel Clear current settings for the client Delete Selected Delete the selected client s Delete All Delete all of the clients Backup Click it to store the settings RADIUS configuration on this pa...

Page 120: ...ating a root CA Country C Type the country code two characters in this box State S Location L Organization O Organization Unit OU Common Name CN Type the name or information for the root CA with length less than 32 characters Email E Type the email address for the root CA with length less than 32 characters Key Type At present only RSA an encryption algorithm is supported by such device Key Size T...

Page 121: ...S Check this box to use the user defined root CA certificate which will substitute for the original certificate applied by web HTTPS Note Common Name must be configured with rotuer s WAN IP or domain name After finishing this web page configuration please click OK to save the settings A new root CA will be generated ...

Page 122: ...nu press Inquire Time button to set the VigorAP s clock to current time of your PC The clock will reset once if you power down or reset the AP There is another way to set up time You can inquiry an NTP server a time server on the Internet to synchronize the AP s clock This method can only be applied when the WAN connection has been built up Available settings are explained as follows Available set...

Page 123: ...ting time of the schedule Duration Time Specify the duration or period for the schedule End Time Specify the ending time of the schedule Action Specify which action should apply the schedule WiFi 2 4GHz WiFi 5GHz When Wi Fi UP or Wi Fi DOWN is selected as Action you can check the Radio or SSID 2 4 boxes 2 4GHz and 5GHz respectively to setup the network based on the schedule profile Note When Radio...

Page 124: ...Keep Alive To keep the wireless connection via Wi Fi on iOS device in alive VigorAP 903 will send the UDP packets with 5353 port to the specific IP every five seconds Available settings are explained as follows Item Description Enable Apple iOS Keep Alive Check to enable the function Index Display the setting link Click the index link to open the configuration page for setting the IP address Apple...

Page 125: ...ction is to avoid wireless station roaming to an AP which is unable to access Internet Available settings are explained as follows Item Description Enable Auto Switch On Off Wi Fi Check the box to enable such function Ping Host Type an IP address e g 8 8 8 8 or a domain name e g google com for testing if the access point is stable or not Click OK to save the settings ...

Page 126: ... is important to ensure that your server or data communications equipment are not overheating due to cooling system failures The inclusion of a USB thermometer in compatible VigorAP will continuously monitor the temperature of its environment When a pre determined threshold is reached you will be alerted via Syslog Temperature Sensor Settings Available settings are explained as follows Item Descri...

Page 127: ... log containing the alarm message will be recorded on Syslog if it is enabled Mail Alert The temperature log containing the alarm message will be sent by mail Temperature High Alarm Temperature Low Alarm Type the upper limit and lower limit for the system to send out temperature alert Temperature Sensor Graph Below shows an example of temperature graph ...

Page 128: ...122 This page is left blank ...

Page 129: ...123 Chapter V Troubleshooting ...

Page 130: ...ing if the hardware status is OK or not Checking if the network connection settings on your computer are OK or not Pinging the router from your computer Checking if the ISP settings are OK or not Backing to factory default setting if necessary If all above stages are done and the router still cannot run normally it is the time for you to contact your dealer or DrayTek technical support for advance...

Page 131: ...25 V 1 1 System Log At present only System Log is offered V 1 2 Speed Test Click the Start button on the page to test the speed Such feature can help you to find the best installation place for Vigor AP ...

Page 132: ...ess Points LAN A or LAN B daily or weekly for viewing data transmission chart Click Refresh to renew the graph at any time The horizontal axis represents time the vertical axis represents the transmission rate in kbps V 1 4 Data Flow Monitor This page displays general information for the client connecting to VigorAP 903 ...

Page 133: ...low MAC Address Display the MAC address of the monitored device Station Display the IP address host name of the wireless client TX rate kbps Display the transmission speed of the monitored device RX rate kbps Display the receiving speed of the monitored device 2 4G 5G Display what wireless band 2 4G or 5G used by the wireless client Action DeAuth Deauthenticate a wireless station V 1 5 WLAN 2 4GHz...

Page 134: ...VigorAP 903 User s Guide 128 V 1 6 WLAN 5GHz Statistics Such page is used for debug by RD only ...

Page 135: ...age is used for debug or for the user to observe network traffic and network quality Available parameters are explained as follows Item Description Show Chart Choose one of the items to display the statistics chart for wireless stations ...

Page 136: ... VigorAP 903 Visiting Time Choose it to have the statistics of the wireless stations which is visiting VigorAP 903 Daily Connected Number Analysis Daily Visiting Number Analysis Click this button to get analysis pie chart for daily connected wireless stations daily visiting wireless station Weekly Connected Number Analysis Weekly Visiting Number Analysis Click this button to get analysis pie chart...

Page 137: ...channel used or for all of the wireless channels Current Channel The analysis page with information about wireless band channel transmission power bandwidth wireless mode and country code chosen will be displayed on this page completely based on the wireless band 2 4G or 5G selected Also channel status can be seen easily from this page ...

Page 138: ...VigorAP 903 User s Guide 132 All Channels This page displays the utilization and energy result for all channels based on 2 4G 5G Click Refresh to get the newly update interference situation ...

Page 139: ...133 V 1 9 Station Airtime This page displays the operation status for 2 4GHz wireless stations within 30 minutes ...

Page 140: ...VigorAP 903 User s Guide 134 V 1 10 Station Traffic Graph This page displays the data traffic receiving transmitting status for 2 4GHz wireless stations within 30 minutes with a run chart ...

Page 141: ... page displays the link rate status for 2 4GHz 5GHz wireless stations within one hour with a run chart V 1 12 Support Area When you click Support Area you will be guided to visit www draytek com and open the corresponding pages directly ...

Page 142: ...ower line and cable connections Refer to I 2 Hardware Installation for details 2 Power on the modem Make sure the POWER LED ACT LED and LAN LED are bright 3 If not it means that there is something wrong with the hardware status Simply back to I 2 Hardware Installation to execute the hardware installation again And then try again ...

Page 143: ...eps listed below to make sure the network connection settings is OK V 3 1 For Windows Note The example is based on Windows 7 Professional Edition As to the examples for other operation systems please refer to the similar steps or find support notes in www draytek com 1 Open All Programs Getting Started Control Panel Click Network and Sharing Center 2 In the following window click Change adapter se...

Page 144: ...ill be shown on the window Right click on Local Area Connection and click on Properties 4 Select Internet Protocol Version 4 TCP IP and then click Properties 5 Select Obtain an IP address automatically and Obtain DNS server address automatically Finally click OK ...

Page 145: ... 3 2 For Mac Os 1 Double click on the current used Mac Os on the desktop 2 Open the Application folder and get into Network 3 On the Network screen select Using DHCP from the drop down list of Configure IPv4 ...

Page 146: ...ows 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP Vista 7 The DOS command dialog will appear 3 Type ping 192 168 1 2 and press Enter If the link is OK the line of Reply from 192 168 1 2 bytes 32 time 1ms TTL 255 will appear 4 If the line does not appear please check the IP address setting of your computer V 4 2 For Mac Os Ter...

Page 147: ...141 ...

Page 148: ...factory default is null V 5 1 Software Reset You can reset the modem to factory default via Web page Go to System Maintenance and choose Reboot System on the web page The following screen will appear Choose Using factory default configuration and click OK After few seconds the modem will return all the settings to the factory settings V 5 2 Hardware Reset While the modem is running press the Facto...

Page 149: ...143 After restore the factory default setting you can configure the settings for the modem again to fit your personal request ...

Page 150: ...de 144 V 6 Contacting DrayTek If the modem still cannot work correctly after trying many efforts please contact your dealer for further help right away For any questions please feel free to send e mail to support draytek com ...

Page 151: ...gement 53 Black List 105 Browser Time 97 C Central AP Management 103 Certificate Management 113 Changing Password 18 Channel 42 80 Channel Width 49 Client IP 113 Client PinCode 48 Client s MAC Address 105 Configuration Backup 93 94 Connection Time 57 Connection Type 81 Country Code 50 D Data Flow Monitor 126 Daylight Saving 97 Default Gateway 81 Detection 107 DHCP Client 83 DHCP server 15 Download...

Page 152: ...Mode 42 44 N NTP 116 NTP Client 97 NTP Server 97 NTP synchronization 97 O Once 117 Open Shared 32 81 Operation Mode 36 Overload Management 105 P Packet OVERDRIVE 49 Pass Phrase 45 81 Password 18 Password Strength 92 Periodic Inform Settings 91 PIN Code 38 PMK Cache Period 59 PoE Connection 8 Policy 47 108 Port 46 Port Control 85 Pre Authentication 59 Primary DNS Server 83 PSK 37 Push Button 48 Q Q...

Page 153: ...e 88 System Status 89 T Temperature Calibration Offset 120 Temperature High Alarm 121 Temperature Low Alarm 121 Temperature Sensor 119 120 Temperature Sensor Graph 121 Time and Date 97 Time Zone 97 TKIP 32 37 Total Download Limit 54 Total Upload Limit 54 TR 069 90 Traffic Graph 126 traffic overload 105 Triggering Client Number 55 Trust DHCP Server 83 Tx Power 50 U Upload Limit 53 Users Profile 113...

Reviews:

No comments

Brands by name

Popular brands

Load more brands