manualshive.com logo in svg

HP ProCurve 520wl, User Manual

Share
Download
HP ProCurve 520wl User Manual Download Page 69

Advanced Configuration 

Advanced 

You can configure the following advanced filtering options: 

 

Enable Proxy ARP:

 Place a check mark in the box provided to allow the Access Point to respond to Address 

Resolution Protocol (ARP) requests for wireless clients. When enabled, the AP answers ARP requests for wireless 
stations without actually forwarding them to the wireless network. If disabled, the Access Point will bridge ARP 
requests for wireless clients to the wireless LAN. 

 

Enable IP/ARP Filtering: 

Place a check mark in the box provided to allow IP/ARP filtering based on the IP/ARP 

Filtering Address and IP Mask. Leave the box unchecked to prevent filtering. If enabled, you should also configure 
the IP/ARP Filtering Address and IP/ARP IP Mask. 
– 

IP/ARP Filtering Address: 

Enter the Network filtering IP Address. 

– 

IP/ARP IP Mask: 

Enter the Network Mask IP Address. 

The following protocols are listed in the Advanced Filter Table: 
• 

Deny IPX RIP 

• 

Deny IPX SAP 

• 

Deny IPX LSP 

• 

Deny IP Broadcasts 

• 

Deny IP Multicasts 

The AP can filter these protocols in the wireless-to-Ethernet direction, the Ethernet-to-wireless direction, or in both 
directions. Click 

Edit

 and use the 

Status

 field to Enable or Disable the filter. 

TCP/UDP Port 

Port-based filtering enables you to control wireless user access to network services by selectively blocking TCP/UDP 
protocols through the AP. A user specifies a Protocol Name, Port Number, Port Type (TCP, UDP, or TCP/UDP), and 
filtering interfaces (Wireless only, Ethernet only, all interfaces, or no interfaces) in order to block access to services, 
such as Telnet and FTP, and traffic, such as NETBIOS and HTTP. 
For example, an AP with the following configuration would discard frames received on its Ethernet interface with a 
UDP destination port number of 137, effectively blocking NETBIOS Name Service packets. 

Protocol Type 
(TCP/UDP) 

Destination 
Port Number 

Protocol Name 

Interface 

Status 
(Enable/Disable) 

UDP 

137 

NETBIOS Name Service 

Ethernet 

Enable 

Adding TCP/UDP Port Filters 

1.  Place a check mark in the box labeled 

Enable TCP/UDP Port Filtering

2.  Click 

Add

 under the 

TCP/UDP Port Filter Table 

heading. 

3.  In the 

TCP/UDP Port Filter Table

,

 enter the Protocol Names to filter. 

4.

 

Set the destination Port Number (a value between 0 and 65535) to filter. See the IANA Web site at 

http://www.iana.org/assignments/port-numbers

 for a list of assigned port numbers and their descriptions. 

5.  Set the Port Type for the protocol: 

TCP

UDP

, or both (

TCP/UDP

). 

6.  Set the 

Interface

 to filter: 

• 

Wireless 

• 

Ethernet 

• 

All interfaces 

• 

No interfaces 

7.  Click 

OK

Editing TCP/UDP Port Filters 

1.  Click 

Edit

 under the

 TCP/UDP Port Filter Table 

heading. 

2.  Make any changes to the Protocol Name or Port Number for a specific entry, if necessary. 
3.  In the row that defines the port, set the 

Status

 to 

Enable

Disable

, or 

Delete

, as appropriate. 

4.  Select 

OK

4-27 

Summary of Contents for ProCurve 520wl

Page 1: ...HP ProCurve Wireless Access Point 520wl User Guide For Software Version 2 4 5 ...

Page 2: ...th the furnishing performance or use of this material The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services Nothing herein should be construed as constituting an additional warranty HP shall not be liable for technical or editorial errors or omissions contained herein Hewlett Packard assumes no responsibility for t...

Page 3: ... Notice for Canada xv Notice for European Union xvi Notice for Japan xvii Notice for Korea xvii 1 Introducing the 520wl Wireless Networking Concepts 1 1 Management and Monitoring Capabilities 1 2 HTTP HTTPS Interface 1 2 Command Line Interface 1 2 SNMP Management 1 2 SNMPv3 Secure Management 1 3 802 11b g compared to 802 11a Networks 1 4 Feature List 1 4 Cell Size and Coverage Area 1 7 Installatio...

Page 4: ...s Information System Status 3 1 4 Advanced Configuration Configuring the AP Using the HTTP HTTPS Interface 4 1 System 4 3 Dynamic DNS Support 4 3 Network 4 4 IP Configuration 4 4 DHCP Server 4 5 Link Integrity 4 6 Interfaces 4 7 Operational Mode 4 8 Wireless 802 11a 4 9 Wireless 802 11b 4 10 Wireless 802 11b g 4 14 Wireless Distribution System WDS 4 15 Ethernet 4 16 Management 4 17 Passwords 4 17 ...

Page 5: ... Authentication with 802 1x 4 44 RADIUS Accounting 4 46 VLAN SSID 4 47 VLAN Overview 4 47 VLAN Workgroups and Traffic Management 4 49 Typical User VLAN Configurations 4 49 Typical VLAN Management Configurations 4 50 5 Monitor Information Accessing Monitor Features 5 1 Version 5 2 ICMP 5 3 IP ARP Table 5 3 Learn Table 5 4 IAPP 5 4 RADIUS 5 5 Interfaces 5 6 Link Test 5 7 Station Statistics 5 9 Enabl...

Page 6: ...toms and Solutions 7 2 Connectivity Issues 7 2 Basic Software Setup and Configuration Problems 7 2 Client Connection Problems 7 4 VLAN Operation Issues 7 4 Active Ethernet AE 7 5 Recovery Procedures 7 5 Reset to Factory Default Procedure 7 6 Forced Reload Procedure 7 6 Setting IP Address using Serial Port 7 9 Related Applications 7 11 RADIUS Authentication Server 7 11 TFTP Server 7 11 A Specificat...

Page 7: ...cial Keys C 2 CLI Error Messages C 2 Command Line Interface CLI Variations C 2 Bootloader CLI C 3 CLI Command Types C 4 Operational CLI Commands C 4 Parameter Control Commands C 8 Using Tables User Strings C 11 Working with Tables C 11 Using Strings C 12 Configuring the AP using CLI commands C 12 Log into the AP using HyperTerminal C 12 Log into the AP using Telnet C 12 Set Basic Configuration Par...

Page 8: ...Security Parameters C 41 RADIUS Parameters C 42 Rogue Access Point Detection RAD Parameters C 44 VLAN SSID Parameters C 44 Other Parameters C 45 viii ...

Page 9: ... until the ground has been restored For LAN cable grounding Q If your LAN covers an area served by more than one power distribution system be sure their safety grounds are securely interconnected Q LAN cables may occasionally be subject to hazardous transient voltages such as lightning or disturbances in the electrical utilities power grid Handle exposed metal components of the network with cautio...

Page 10: ...d alimentation ou le cordon de raccordement fourni avec le produit Lorsque cette protection semble avoir été endommagée débrancher le cordon d alimentation jusqu à ce que la mise à la terre ait été réparée Mise à la terre du câble de réseau local Q si votre réseau local s étend sur une zone desservie par plus d un système de distribution de puissance assurez vous que les prises de terre de sécurit...

Page 11: ...erminals den Netzkabeln oder dem mit Strom belieferten Netzkabelsatz voraus Sobald Grund zur Annahme besteht daß der Schutz beeinträchtigt worden ist das Netzkabel aus der Wandsteckdose herausziehen bis die Erdung wiederhergestellt ist Für LAN Kabelerdung Q Wenn Ihr LAN ein Gebiet umfaßt das von mehr als einem Stromverteilungssystem beliefert wird müssen Sie sich vergewissern daß die Sicherheitser...

Page 12: ...ne oppure al set cavo d alimentazione fornito con il prodotto Ogniqualvolta vi sia probabilità di danneggiamento della protezione disinserite il cavo d alimentazione fino a quando il collegaento a terra non sia stato ripristinato Per la messa a terra dei cavi LAN Q se la vostra LAN copre un area servita da più di un sistema di distribuzione elettrica accertatevi che i collegamenti a terra di sicur...

Page 13: ...rato el cable de alimentación o el juego de cable de alimentación suministrado Si existe la probabilidad de que la protección a tierra haya sufrido desperfectos desenchufar el cable de alimentación hasta haberse subsanado el problema Puesta a tierra del cable de la red local LAN Q Si la LAN abarca un área cuyo suministro eléctrico proviene de más de una red de distribución de electricidad cerciora...

Page 14: ...Safety Information Japan xiv ...

Page 15: ...Safety Information China xv ...

Page 16: ...nstalled and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interferenc...

Page 17: ...A3 A4 EN 60950 1992 A1 A2 A3 A4 EMC EN 55022 1998 CISPR 22 1997 Class B 1 EN 55024 1998 CISPR 24 1997 EN 61000 3 2 1995 A1 A2 IEC 61000 3 2 1995 A2 EN 61000 3 3 1995 Class B IEC 61000 3 3 1994 Supplementary Information The product herewith complies with the requirements of the Low Voltage Directive 73 23 EEC and the EMC Directive 89 336 EEC and carries the CE marking accordingly 1 The Product was ...

Page 18: ...umber For regulatory identification purposes this product has been assigned a Regulatory Model Number RMN The RMN for your product is WA1010 The RMN should not be confused with the marketing name Wireless Enterprise Access Point 520wl or the Product Number J8133A xviii ...

Page 19: ...networking requirements it must first be initialized Initialization consists of setting a static IP address and the appropriate IP mask for the 520wl so that you can recognize it once it is located in your network Figure 1 1 Standalone wireless network access infrastructure The network administrator can configure each unit according to the requirements for the network The HP ProCurve Wireless Acce...

Page 20: ...20wl Users enter Command Statements composed of CLI Commands and their associated parameters Statements may be issued from the keyboard for real time control or from scripts that automate configuration For example when downloading a file administrators enter the download CLI Command along with IP Address file name and file type parameters Q If necessary use the CLI with your computer serial port t...

Page 21: ...tionless transport protocol There is a threat that SNMP messages could be reordered delayed or replayed duplicated to effect unauthorized management operations For example a message to reboot a device could be copied and replayed later Q Disclosure An entity could observe exchanges between a manager and an agent and thereby learns the values of managed objects and learn of notifiable events For ex...

Page 22: ...ares the software features supported for each type of card in the 520wl Feature 2 4 GHz 802 11b 2 4 GHz 802 11g 5 GHz 802 11a Comments Number of stations per AP up to 250 up to 128 up to 128 This information corresponds to a cas where no encryption is enabled For more information about the number of stations supported when using different types of encryption please see the table Number of Stations...

Page 23: ...yes yes yes Dynamic Frequency Selection N A N A yes A user cannot manually select a channel for products sold in Europe these products require automatic channel selection using Dynamic Frequency Selection DFS Per User Per Session Encryption no yes yes In conjunction with 802 1x or WPA2 Syslog Messaging yes no yes Turbo Mode no no yes Turbo mode provides twice the data rate of standard 802 11a mode...

Page 24: ...utomatic channel selection using DFS See Dynamic Frequency Selection DFS Frequency Channel 1 2 412 GHz 2 2 417 GHz 3 2 422 GHz default FCC ETSI Japan 4 2 427 GHz 5 2 432 GHz 6 2 437 GHz 7 2 442 GHz 8 2 447 GHz 9 2 452 GHz 10 2 457 GHz 11 2 462 GHz 12 2 467 GHz ETSI countries only 13 2 472 GHz 14 2 484 GHz Japan only For France channels 10 13 only 1 2 412 GHz 2 2 417 GHz 3 2 422 GHz 4 2 427 GHz 5 2...

Page 25: ... Mbps 2 Mbps default 5 5 Mbps 11 Mbps Available options depend on Distance Between APs setting N A N A Interference Robustness Enable default Disable N A Closed System Enable Disable default Enable Disable default Enable Disable default Load Balancing Enable default Disable N A Medium Density Distribution Enable default Disable N A Cell Size and Coverage Area The coverage area achieved with the 2 ...

Page 26: ...nt card 150wl 802 11b or 170wl 802 11g Caution Exposure to Radio Frequency Radiation To comply with the FCC RF exposure compliance requirements the following antenna installation and device operating configurations must be satisfied a For configurations using the integral antenna the separation distance between the antenna s and any person s body including hands wrists feet and ankles must be at l...

Page 27: ...blic SNMP Read Write Password Each Access Point requires a password to allow get and set requests from an SNMP manager The default password is public SNMPv3 Authentication Password If Secure Management is enabled each Access Point requires a password for sending authenticated SNMPv3 messages The default password is public SNMPv3 Privacy Password If Secure Management is enabled each Access Point re...

Page 28: ... Requirements To begin using an AP you must have the following minimum requirements A 10Base T Ethernet or 100Base TX Fast Ethernet switch or hub At least one radio card designed for the AP an HP ProCurve Wireless 802 11a Access Point Kit 160wl 802 11b Access Point card 150wl or 802 11g Access Point card 170wl At least one of the following IEEE 802 11 compliant devices An 802 11a client device if ...

Page 29: ...he AC power cord into the power supply Figure 2 1 Install the power supply 3 Slide the AP module onto the mounting bracket Ensure it is properly seated It mounts over the power supply 4 Plug the DC connector from the power supply into the top of the AP module Figure 2 2 Insert module in mounting bracket and attach power connector 2 3 ...

Page 30: ...utlet 7 Wait for the power LED to turn green before proceeding Figure 2 4 Power LED turns green when the unit is operational 8 Conduct a Site Survey to determine the best location for your device 9 Once you have chosen a final location for your unit mount the bracket and the processor module and place the cover onto the unit as shown Figure 2 5 Final Installation with Cover 2 4 ...

Page 31: ...through Ethernet cable to connect the AP to a hub switch or patch panel Use a cross over Ethernet cable to connect to a single computer 11 Configure and test the unit See Initialization for details 12 Download the latest software to the unit if necessary HP provides access point software updates through the HP ProCurve website at http www hp com go hpprocurve See Download the Latest Software for d...

Page 32: ...ically from a network Dynamic Host Configuration Protocol DHCP server during boot up If your network contains a DHCP server you can run ScanTool to find out what IP address the AP has been assigned If your network does not contain a DHCP server the Access Point s IP address defaults to 10 0 0 1 In this case you can use ScanTool to assign the AP a static IP address that is valid on your network Sca...

Page 33: ...k the Rescan button to update the display If the unit still does not appear in the list see Troubleshooting for suggestions After rebooting an Access Point it may take up to five minutes for the unit to appear in the Scan List 8 Do one of the following If the AP has been assigned an IP address by a DHCP server on the network write down the IP address and click Cancel to close ScanTool Proceed to S...

Page 34: ...AP has a valid IP Address and an Ethernet connection you may use your web browser to monitor network statistics The Command Line Interface CLI also provides a method for viewing network statistics using Telnet or a serial connection This section covers only use of the HTTP interface For more information about viewing network statistics with the CLI refer to Command Line Interface CLI Follow these ...

Page 35: ...AP HTTP interface the Setup Wizard launches Follow these steps to access the Access Point s HTTP interface and launch the Setup Wizard Figure 2 9 Setup Wizard 5 Click Setup Wizard to begin If you want to configure the AP without using the Setup Wizard click Exit and see Advanced Configuration The Setup Wizard supports the following navigation options Save Next Button Each Setup Wizard screen has a...

Page 36: ... Dynamic Frequency Selection DFS for details Frequency Channel When Auto Channel Select is enabled this field is read only and displays the Access Point s current operating channel When Auto Channel Select is disabled you can specify the Access Point s channel If you decide to manually set the unit s channel ensure that nearby devices do not use the same frequency Available Channels vary based on ...

Page 37: ...that nearby devices do not use the same frequency unless you are setting up a WDS Available Channels vary based on regulatory domain See 802 11b Channel Frequencies Distance Between APs Set to Large Medium Small Microcell or Minicell depending on the site survey for your system The distance value is related to the Multicast Rate described next In general a larger distance between APs means that yo...

Page 38: ...ion channel either a free channel if available or the channel with the least amount of interference Remove the check mark to disable this option Frequency Channel When Auto Channel Select is enabled this field is read only and displays the Access Point s current operating channel When Auto Channel Select is disabled you can specify the Access Point s channel If you decide to manually set the unit ...

Page 39: ...ge Make sure you have the proper TFTP server IP address the proper AP Image file name and that the TFTP server is operational Make sure the TFTP server is configured to both Transmit and Receive files with no automatic shutdown or time out Download Updates from your TFTP Server using the Web Interface 1 Download the latest software from http www hp com go hpprocurve 2 Copy the latest software upda...

Page 40: ...ed in accordance with UL 2043 for use in a plenum The Access Point using a power supply should not be plenum mounted Use Active Ethernet to power the units mounted in a plenum environment Installing Removing the Metal Faceplate When using only one card in the AP mounted in a plenum environment remove the plastic cover Place the top edge of the faceplate under the front ridge of the metal enclosure...

Page 41: ...detail See Advanced Configuration for information on configuration options that are available within the Access Point s HTTP interface See Monitor Information for information on the statistics displayed within the Access Point s HTTP interface See Commands for information on the commands supported by the Access Point s HTTP interface See Troubleshooting for troubleshooting suggestions See Command ...

Page 42: ... Each section of the System Status screen provides the following information System Status This area provides system level information including the unit s IP address and contact information See System for information on these settings System Alarms System traps if any appear in this area Each trap identifies a specific severity level Critical Major Minor and Informational See Alarms for a list of...

Page 43: ...ontrol WPA WEP Encryption and 802 1x Configure Rogue Access Point Detection RAD and define the Scan Interval RADIUS Configure RADIUS features such as RADIUS Access Control and Accounting VLAN SSID Configure VLAN IDs and SSIDs Configuring the AP Using the HTTP HTTPS Interface Follow these steps to configure an Access Point s operating settings using the HTTP HTTPS interface 1 Open a Web browser on ...

Page 44: ...s to the parameter you want to configure For example click Network to configure the Access Point s TCP IP settings The parameters contained in each of the configuration categories are described later in this chapter 7 Configure the Access Point s parameters as necessary After changing a configuration value click OK to save the change 8 Reboot the Access Point for all of the changes to take effect ...

Page 45: ...NS is usually used in conjunction with DHCP for assigning meaningful names to host systems whose IP addresses change dynamically Access Points provide DDNS support by adding the host name option 12 in DHCP Client messages which is used by the DHCP server to dynamically update the DNS server Access Point System Naming Convention The Access Point s system name is used as its host name In order to pr...

Page 46: ...ly and reports the IP address of the unit s gateway The gateway IP address will default to 10 0 0 2 if the unit cannot obtain an address from a DHCP server DNS Client If you prefer to use host names to identify network servers rather than IP addresses you can configure the AP to act as a Domain Name Service DNS client When this feature is enabled the Access Point contacts the network s DNS server ...

Page 47: ...DHCP servers on the network and do not enable the DHCP server without checking with your network administrator first as it could bring down the whole network Also the AP must be configured with a static IP address before enabling this feature When the DHCP Server functionality is enabled you can create one or more IP address pools from which to assign addresses to network devices Figure 4 3 DHCP S...

Page 48: ...seconds The default is 86400 seconds Comment optional Status IP Pools are enabled upon entry in the table You can also disable or delete entries by changing this field s value NOTE You must reboot the Access Point before changes to any of these DHCP server parameters take effect Link Integrity The Link Integrity feature checks the link between the AP and the nodes on the Ethernet backbone These no...

Page 49: ...settings wireless interface settings and Ethernet settings You may also configure a Wireless Distribution System for AP to AP communications For the wireless interface configuration refer to the wireless parameters below that correspond to your radio type Operational Mode Wireless 802 11a Wireless 802 11b Wireless 802 11b g Wireless Distribution System WDS Ethernet 4 7 ...

Page 50: ... feature lets the user configure the transmit power level of the card in the AP at one of four levels 100 of the maximum transmit power level of the card 50 25 12 5 NOTE TX Power Control is only supported on the HP ProCurve Wireless 802 11g AP Card 170wl Configuring TX Power Control 1 Click Configure Interfaces Operational Mode 2 Select Enable Transmit Power Control 3 Select the transmit power lev...

Page 51: ... Available Channels vary based on regulatory domain See 802 11a Channel Frequencies Note that you cannot manually set the channel for 802 11a products in Europe see Dynamic Frequency Selection DFS for details Transmit Rate Use the drop down menu to select a specific transmit rate for the AP Choose between 6 9 12 18 24 36 48 54 Mbits s and Auto Fallback Auto Fallback is the default setting it allow...

Page 52: ...s that are the specified size or greater You should not need to enable this parameter for most networks unless you suspect that the wireless cell contains hidden nodes Wireless 802 11b You can configure and view the following parameters within the Wireless Interface Configuration screen for an 802 11b AP NOTE You must reboot the Access Point before any changes to these parameters take effect Physi...

Page 53: ... fragments have been received This option is disabled by default Closed System Check this box to allow only clients configured with the Access Point s specific Network Name to associate with the Access Point When enabled a client configured with the Network Name ANY cannot connect to the AP This option is disabled by default Load Balancing Enable this option so clients can evaluate which Access Po...

Page 54: ...t up and clients are tested throughout the area to determine signal strength and coverage and local limits such as physical interference are investigated From these measurements the appropriate cell size and density is determined and the optimum distance between APs is calculated to suit your particular business requirements Contact your reseller for information on how to conduct a Site Survey Mul...

Page 55: ...ce Between APs is presented in the following table 1 0 Mbit s 2 0 Mbits s 5 5 Mbits s 11 Mbits s Large yes yes Medium yes yes yes Small yes yes yes yes Minicell yes yes yes yes Microcell yes yes yes yes The Distance Between APs must be set before the Multicast Rate because when you select the Distance Between APs the appropriate range of Multicast values automatically populates the drop down menu ...

Page 56: ...ico and Australia ETSI Europe including the United Kingdom China and South Korea MKK Japan IL Israel Network Name SSID Enter a Network Name between 2 and 31 characters long for the wireless network You must configure each wireless client to use this name as well Auto Channel Select The AP scans the area for other Access Points and selects a free or relatively unused communication channel This help...

Page 57: ...mple Bridging WDS Each WDS link is mapped to a logical WDS port on the AP WDS ports behave like Ethernet ports rather than like standard wireless interfaces on a BSS port an Access Point learns by association and from frames on a WDS or Ethernet port an Access Point learns from frames only When setting up a WDS keep in mind the following The WDS link shares the communication bandwidth with the cli...

Page 58: ...ion System WDS Table 6 Enter the MAC Address that you wrote down in Step 2 in one of the Partner MAC Address field of the Wireless Distribution Setup window 7 Set the Status of the device to Enable 8 Click OK 9 Reboot the AP Figure 4 8 WDS Configuration NOTE To set up a Wireless Distribution System WDS with 802 1x set each Access Point s 802 1x Security Mode to Mixed and assign each unit in the WD...

Page 59: ...Web browser HTTP interface Enter a password in both the Password field and the Confirm field The default password is public NOTE For security purposes HP recommends changing ALL PASSWORDS from the default public immediately to restrict access to your network devices to authorized personnel If you lose or forget your password settings you can always perform the Reset to Factory Default Procedure IP...

Page 60: ...by way of SNMP You can also select Disabled to prevent a user from accessing the AP by way of SNMP HTTP Access HTTP Interface Bitmap Configure the interface or interfaces Ethernet Wireless All Interfaces from which you will manage the AP by way of the Web interface For example to allow Web configuration by way of the Ethernet network only set HTTP Interface Bitmask to Ethernet You can also select ...

Page 61: ...eter is the SSL passphrase If you decide to upload a new certificate and private key using TFTP or HTTP File Transfer you need to change the SSL Certificate Passphrase for the new SSL files Enable HTTPS Secure Web Check this box to enable SSL on the AP NOTE You need to reboot the AP after enabling or disabling SSL for the changes to take effect SSL Certificate Passphrase Specifies the SSL Passphra...

Page 62: ...nfiguration Settings The serial port interface on the AP is enabled at all times See Setting IP Address using Serial Port for information on how to access the CLI interface by way of the serial port You can configure and view following parameters Baud Rate Select the serial port speed bits per second Choose between 2400 4800 9600 19200 38400 or 57600 the default Baud Rate is 9600 Flow Control Sele...

Page 63: ...figuration information and must reboot one additional time If Syslog is configured a Syslog message will appear indicating the success or failure of the Automatic Configuration Set up Automatic Configuration for Static IP Perform the following procedure to enable and set up Automatic Configuration when you have a static IP address for the TFTP server 1 Click Configure Management AutoConfig The Aut...

Page 64: ...he AP to send Auto Configuration success and failure messages to a Syslog server NOTE The configuration filename and TFTP server IP address are configured only when the AP is configured for Static IP If the AP is configured for Dynamic IP these parameters are not used and obtained from DHCP 1 Click Configure Management AutoConfig The Automatic Configuration Screen appears 2 Check Enable Auto Confi...

Page 65: ...Options Setting the Bootfile Name 6 Set the value of the Bootfile Name parameter to the Configuration filename For example AP Config 7 If using Syslog set the Log server IP address option 7 Log Servers 8 Reboot the AP When the AP reboots it receives the new configuration information and must reboot one additional time If a Syslog server was configured the following messages can be observed on the ...

Page 66: ...www iana org assignments ethernet numbers for a list of protocol numbers Protocol Name Enter related information typically the protocol name To edit or delete an entry click Edit and change the information or select Enable Disable or Delete from the Status drop down menu An entry s status must be enabled in order for the protocol to be subject to the filter Static MAC The Static MAC Address filter...

Page 67: ...l traffic from a specific wired MAC address from being forwarded to the wireless network configure only the Wired MAC Address and Wired Mask leave the Wireless MAC Address and Wireless Mask set to all zeros To prevent all traffic from a specific wireless MAC address from being forwarded to the wired network configure only the Wireless MAC address and Wireless Mask leave the Wired MAC Address and W...

Page 68: ...all three Wireless Clients from communicating with Wired Server 1 Wired MAC Address 00 40 F4 1C DB 6A Wired Mask FF FF FF FF FF FF Wireless MAC Address 00 00 00 00 00 00 Wireless Mask 00 00 00 00 00 00 Result The Access Point blocks all traffic between Wired Server 1 and all wireless clients Prevent A Wireless Device From Communicating With the Wired Network Configure the following settings to pre...

Page 69: ...ely blocking TCP UDP protocols through the AP A user specifies a Protocol Name Port Number Port Type TCP UDP or TCP UDP and filtering interfaces Wireless only Ethernet only all interfaces or no interfaces in order to block access to services such as Telnet and FTP and traffic such as NETBIOS and HTTP For example an AP with the following configuration would discard frames received on its Ethernet i...

Page 70: ...el Major Wireless Alarms Trap Name Description oriTrapWLCNotPresent When you start the AP this trap is generated when a wireless interface card is not present in the AP Severity Level Informational oriTrapWLCFailure This trap is generated when a general failure occurs with the wireless interface card Severity Level Critical oriTrapWLCRemoval This trap is generated when the wireless interface card ...

Page 71: ...t reverts to its static IP configuration and you will need to set reset configuration options Trap Severity Level Major oriTrapDHCPFailed In operational mode this trap is generated when the AP does not receive a response from the DHCP server The result is that the Access Point reverts to its static IP configuration and you will need to set reset configuration options Trap Severity Level Major FLAS...

Page 72: ... Trap Name Description newRoot This trap indicates that the AP has become the new root in the Spanning Tree network Trap Severity Level Informational topologyChange This trap is sent by the AP when any of its configured ports transitions from the Learning state to the Forwarding state or from the Forwarding state to the Blocking state This trap is not sent if a newRoot trap is sent for the same tr...

Page 73: ...messages to a central server for monitoring and troubleshooting The AP can send messages to one Syslog server it cannot send messages to more than one Syslog server The access point logs Session Start Log in and Session Stop Log out events for each wireless client as an alternative to RADIUS accounting See RFC 3164 at http www rfc editor org for more information on the Syslog standard Figure 4 14 ...

Page 74: ...n also disable or delete entries by changing this field s value Bridge The AP is a bridge between your wired and wireless networking devices As a bridge the functions performed by the AP include MAC address learning Forward and filtering decision making Spanning Tree protocol used for loop avoidance Once the AP is connected to your network it learns which devices are connected to it and records th...

Page 75: ...s environments Enterprise LAN administrators use it to conserve wireless bandwidth by limiting communication between wireless clients For example this feature prevents peer to peer file sharing or gaming over the wireless network To block Intra BSS traffic set Intra BSS Traffic Operation to Block To allow Intra BSS traffic set Intra BSS Traffic Operation to Passthru Packet Forwarding The Packet Fo...

Page 76: ...xadecimal characters 0 9 and A F or 5 ASCII characters see ASCII Character Chart For 128 bit encryption an encryption key is 26 hexadecimal characters or 13 ASCII characters For 152 bit encryption an encryption key is 32 hexadecimal characters or 16 ASCII characters NOTE 64 bit encryption is sometimes referred to as 40 bit encryption 128 bit encryption is sometimes referred to as 104 bit encryptio...

Page 77: ...AP 2 and the client 1 exchange 802 1x messages using an EAPOL EAP Over LAN protocol A Messages sent from the client station are encapsulated by the AP and transmitted to the RADIUS 3 server using EAP extensions B Upon receiving a reply EAP packet from the RADIUS the message is typically forwarded to the client after translating it back to the EAPOL format Negotiations take place between the client...

Page 78: ...y to remember phrase rather than a string of characters Configuring Security Settings You can configure each wireless interface to operate in one of the following Security modes 1 No Security This is the default setting for an AP 2 Enable WEP Encryption The AP and clients use the same static WEP keys to encrypt data 3 Enable 802 1x Security The AP uses the 802 1x standard to communicate with a RAD...

Page 79: ... to be the same Key Size 64 128 or 152 bit You can enter the Encryption Keys in either hexadecimal or ASCII format You need to configure your wireless clients to use the same Keys in order for the clients and the AP to communicate 6 Select the Key that the AP will use to encryption outgoing data from the Encrypt Data Transmissions Using drop down menu By default this parameter is set to Key 1 7 Cl...

Page 80: ... that Key 1 is selected in the Encrypt Data Transmissions Using drop down menu 9 Click OK 10 If you have not already done so configure the RADIUS authentication settings see RADIUS Authentication with 802 1x for details 11 Reboot the Access Point 802 1x Security and Wireless Distribution Systems WDS Wireless Distribution Systems WDS are configured using specific ports on an 802 11a 802 11b or 802 ...

Page 81: ...ou to build a list of stations identified by their MAC addresses authorized to access the network through the AP The list is stored inside each AP within your network Note that you must reboot the AP for any changes to the MAC Access Control Table to take effect Enable MAC Access Control Check this box to enable the Control Table Operation Type Choose between Passthru and Block This determines how...

Page 82: ...Advanced Configuration Figure 4 16 MAC Access Configuration Screen 4 40 ...

Page 83: ...ll the channels in this channel list using 802 11 MAC scanning functions It will either actively scan the network by sending probe requests or passively scan by only listening for beacons The access point information is then gathered from the probe responses and beacons To minimize traffic disruption and maximize the scanning efficiency the RAD feature employs an enhanced background scanning algor...

Page 84: ...nd the number of new access points detected in the last scan 1 Enable the Security Alarm Group Select the Security Alarm Group link from the RAD screen Configure a Trap Host to receive the list of access points detected during the scan 2 Click Configure Security RAD 3 Enable RAD by checking Enable Rogue AP Detection 4 Enter the Scan Interval The Scan Interval specifies the time period in minutes b...

Page 85: ...ics for each of the configured RADIUS servers MAC Access Control by way of RADIUS Authentication If you want to control wireless access to the network and if your network includes a RADIUS Server you can store the list of MAC addresses on the RADIUS server rather than configure each AP individually From the RADIUS Authentication tab you can define the IP Address of the server that contains a centr...

Page 86: ...ld Range is 1 10 seconds default is 3 seconds 11 Enter the maximum number of times an authentication request may be retransmitted in the Maximum Retransmissions field Range is 1 4 default is 3 12 If you are configuring a back up server repeat Steps 6 through 11 for the back up server 13 Click OK to save your changes 14 Reboot the AP for these changes to take effect Figure 4 19 RADIUS MAC Based Acc...

Page 87: ... Secret in the Shared Secret and Confirm Shared Secret field This is a password shared by the RADIUS server and the AP The same password must also be configured on the RADIUS server 9 Enter the maximum time in seconds that the AP should wait for the RADIUS server to respond to a request in the Response Time field Range is 1 10 seconds default is 3 seconds 10 Enter the maximum number of times an au...

Page 88: ...ccounting Server 3 If you want to configure a back up RADIUS server place a check mark in the box labeled Enable Back up RADIUS Accounting Server 4 Enter the session timeout interval in minutes within the Accounting Inactivity Timer field An accounting session automatically ends for a client that is idle for the period of time specified Range is 1 60 minutes default is 5 minutes 5 Select a Server ...

Page 89: ...e After initial setup the AP can be configured to support up to 16 SSIDs per wireless interface to segment wireless networks based on VLAN membership NOTE 16 VLAN SSID pairs are available for APs with an HP ProCurve Wireless 802 11g AP Card 170wl only VLAN Overview Virtual Local Area Networks VLANs are logical groupings of network hosts Defined by software settings other VLAN members or resources ...

Page 90: ... and reduce latency Increase security Secure network restricts members to resources on their own VLAN Clients roam without compromising security VLAN tagged data is collected and distributed through an AP s wireless interface s based on Network Name SSID An Ethernet port on the access point connects a wireless cell or network to a wired backbone The access points communicate across a VLAN capable ...

Page 91: ... which wireless NIC received it The AP would insert VLAN headers or tags with identifiers into the packets transmitted on the wired backbone to a network switch Finally the switch would be configured to route packets from the EMPLOYEE workgroup to the appropriate corporate resources such as printers and servers Packets from the GUEST workgroup could be restricted to a gateway that allowed access t...

Page 92: ...or untagged if you do not want clients that are using a specific SSID to be members of a VLAN workgroup 4 Click OK 5 Click the back arrow button to return to the previous screen 5 Click Edit if you want to modify an existing entry You can also disable or delete an entry from the Edit screen 6 Click the tab for the second wireless interface if applicable and create modify SSID VLAN entries as neces...

Page 93: ...timate access to the AP 1 Click Configure VLAN 2 Set the VLAN Management ID to use the same VLAN ID as one of the configured SSID VLAN pairs See Typical User VLAN Configurations for details 3 Place a check mark in the Enable VLAN Protocol box Disable VLAN Management 1 Click Configure VLAN 2 Remove the check mark from the Enable VLAN Protocol box to disable all VLAN functionality or set the VLAN Ma...

Page 94: ...rovides statistics for the configured primary and backup RADIUS server s Interfaces Displays the Access Point s interface statistics Wireless and Ethernet Link Test Evaluates the link with a wireless client Station Statistics Displays statistics for stations and Wireless Distribution System links Accessing Monitor Features 1 Click the Monitor button located on the left hand side of the screen Figu...

Page 95: ... following information for each Access Point component Serial Number The component s serial number if applicable Component Name ID The AP identifies a system component based on its ID Each component has a unique identifier Variant Several variants may exist of the same component for example a hardware component may have two variants one with more memory than the other Version Specifies the compone...

Page 96: ...rected to the AP Not all ICMP traffic on the network is counted in the ICMP Internet Control Message Protocol statistics Figure 5 3 ICMP Monitoring Screen IP ARP Table This tab provides information based on the Address Resolution Protocol ARP which relates MAC Address and IP Addresses Figure 5 4 IP ARP Table 5 3 ...

Page 97: ...ess for each node that the device has learned is on the network and the interface on which the node was detected There can be up 10 000 entries in the Learn Table Figure 5 5 Learn Table IAPP This tab displays statistics relating to client handovers and communications between Access Points Figure 5 6 IAPP Screen 5 4 ...

Page 98: ...IUS authentication EAP 802 1x authentication and accounting information for both the Primary and Backup RADIUS servers NOTE RADIUS authentication and accounting must be enabled for this information to be valid Figure 5 7 RADIUS Monitoring Screen 5 5 ...

Page 99: ...Monitor Information Interfaces This tab displays statistics for the Ethernet and wireless interfaces The Operational Status can be up down or testing Figure 5 8 Wireless Interface Monitoring 5 6 ...

Page 100: ...t to start the test Result A new Link Test window opens and displays the following information for the Access Point referred to as the Initiator Station and the wireless client referred to as the Remote Station Station Name The Access Point s System Name or the client s Windows Networking name MAC Address The station s MAC address SNR dB The Signal to Noise ratio for the received signal The displa...

Page 101: ...rable than a longer bar 11 Mbps pkts The number of packets received at the 11 Mbits sec transmit rate since the start of the Link Test In general most packets will be received at the 11 Mbits sec rate if the devices have a strong link 5 5 Mbps pkts The number of packets received at the 5 5 Mbits sec transmit rate since the start of the Link Test 2 Mbps pkts The number of packets received at the 2 ...

Page 102: ...tatistics will now be shown on the screen Refreshing Station Statistics Click on the Refresh button in the browser window to view the latest statistics If any new clients associate to the AP you can see the statistics of the new clients after you click the refresh button Figure 5 11 Station Statistics Screen Description of Station Statistics The following stations statistics are displayed MAC Addr...

Page 103: ...layed in the Graphical User Interface but can be viewed from a MIB browser Octets Received The number of octets received from the associated wireless station or WDS link partner by the AP Unicast Frames Received The number of Unicast frames received from the associated wireless station or WDS link partner by the AP Non Unicast Frames Received The number of Non Unicast frames received i e broadcast...

Page 104: ... or a serial connection This section covers only use of the HTTP Interface For more information about issuing commands with the CLI refer to Command Line Interface CLI Follow these steps to view the available commands supported by the AP s HTTP interface 1 Open a Web browser on a network computer NOTE The HTTP interface supports the following Web browser Microsoft Internet Explorer 6 with Service ...

Page 105: ... Password Screen 5 Click the Commands button located on the left hand side of the screen Figure 6 2 Commands Main Screen 6 Click the tab that corresponds to the command you want to issue For example click Reboot to restart the unit 6 2 ...

Page 106: ...t and Secure Socket Layer HTTP transfers that use SSL may take additional time NOTE SSL requires Internet Explorer version 6 128 bit encryption Service Pack 1 and patch Q323308 Image Error Checking during File Transfer The Access Point performs checks to verify that an image downloaded through HTTP or TFTP is valid The following checks are performed on the downloaded image Zero Image size Large im...

Page 107: ...te the IP address assigned to the TFTP server Note This is the IP address that will be used to point the Access Point to the AP Image file File Name Enter the name of the file to be downloaded including the file extension Copy the updated AP Image file to the TFTP server s root folder The default AP Image is located at c Program Files HP AP_520wl File Type Select the proper file type Choices inclu...

Page 108: ... such as System Name Contact Name and so on Image for the AP Image executable program Bsp Bl for the Bootloader software Certificate the digital certificate for authentication in SSL communications Private Key the private key for encryption in SSL communications Use the Browse button or manually type in the name of the file to be downloaded including the file extension in the File Name field If ty...

Page 109: ...TE An HTTP file transfer using SSL may take extra time If the operation completes successfully the following screen appears Figure 6 6 Update AP Successful If the operation did not complete successfully the following screen appears and the reason for the failure is displayed Figure 6 7 Update AP Unsuccessful 6 6 ...

Page 110: ...d allows you to enter TFTP information as described below Server IP Address Enter the TFTP server IP Address Double click the TFTP server icon on your desktop and locate the IP address assigned to the TFTP server File Name Enter the name of the file to be uploaded NOTE Use the following procedure to retrieve a Configuration file from an AP to a file 1 Configure all the required parameters in their...

Page 111: ...e Config File button to initiate this operation Figure 6 9 Retrieve File via HTTP Command Screen A confirmation message gets displayed that asks if the user wants to proceed with retrieving the configuration file Click OK to continue with the operation or Cancel to abort the operation Figure 6 10 Retrieve File Confirmation Dialog 6 8 ...

Page 112: ...Save button the following Save As window displays where the user is prompted to choose the filename and location where the Configuration file is to be downloaded Select an appropriate filename and location and click OK Figure 6 12 Retrieve File Save As Dialog 6 9 ...

Page 113: ...onds causes an immediate reboot Note that Reset described below does not save configuration changes CAUTION Rebooting the AP will cause all users who are currently connected to lose their connection to the network until the AP has completed the restart process and resumed operation Figure 6 13 Reboot Command Screen 6 10 ...

Page 114: ...set the Access Point s current IP address a new IP address must be assigned Refer to Recovery Procedures for more information CAUTION Resetting the AP to its factory default configuration will permanently overwrite all changes that have made to the unit The AP will reboot automatically after this command has been issued Figure 6 14 Reset to Factory Defaults Command Screen 6 11 ...

Page 115: ...than the backslash character when configuring the Help Link location NOTE Add the AP s management IP address into the Internet Explorer list of Trusted Sites The AP Help information is available in English The Help files are copied to your computer in one language only If you want to place these files on a shared drive copy the Help Folder to the new location and then specify the new path in the H...

Page 116: ...have a DHCP server If you connect the AP to a network with an active DHCP server then use ScanTool to locate the IP address of your unit If a DHCP server is not active on your subnet then use ScanTool to assign a static IP address to the unit The Trivial File Transfer Protocol TFTP provides a means to download and upload files These files include the AP Image executable program and configuration f...

Page 117: ...figure the Access Point s Ethernet settings For example if your switch operates at 100 Mbits sec Full Duplex manually configure the Access Point to use these settings see Ethernet If you cannot access the unit over Ethernet then use the CLI interface over the serial port to configure the Ethernet port see Command Line Interface CLI and Set Ethernet Speed and Transmission Mode 3 Perform network inf...

Page 118: ...he Password field The default HTTP password is public 3 Use the CLI over the serial port to check the IP Access Table which can be restricting access to Telnet and HTTP HTML Help Files Do Not Appear 1 Verify that the HTML Help files are installed in the default directory C Program Files HP AP_520wl Help English Index htm 2 If the Help files are not located in this folder contact your network admin...

Page 119: ...work support staff 4 If using Active Ethernet make sure you are not using a crossover Ethernet cable between the AP and the hub VLAN Operation Issues Verifying Proper Operation of the VLAN Feature The correct VLAN configuration can be verified by pinging both wired and wireless hosts from both sides of the AP device and the network switch Traffic can be sniffed on both the wired Ethernet and wirel...

Page 120: ...imately 325 feet in length from the Ethernet source to the AP 4 Try to connect a different device to the same port on the AE hub if it works and a link is established there is probably a faulty data link in the AP 5 Try to re connect the AP to a different output port remember to move the input port accordingly if it works there is probably a faulty output or input port in the AE hub or a bad RJ 45...

Page 121: ... ScanTool or CLI over a serial connection to set the IP address subnet mask and other IP parameters See Command Line Interface CLI for CLI information Figure 7 1 RELOAD and RESET Buttons Forced Reload Procedure Use this procedure to erase the current AP Image and download a new AP Image In some cases specifically when a missing or corrupted AP Image prevents successful booting you may need to use ...

Page 122: ...can download a new image to the unit These fields are grayed out if ScanTool does not detect a software image problem Preparing to Download the AP Image Before starting you need to know the Access Point s IP address subnet mask the TFTP Server IP Address and the AP Image file name Make sure the TFTP server is running and configured to point to the folder containing the image to be downloaded Downl...

Page 123: ...he TFTP Server IP Address and the AP Image file name Make sure the TFTP server is running and configured to point to the folder containing the image to be downloaded Download Procedure 1 Download the latest software from http www hp com go hpprocurve 2 Copy the latest software updates to your TFTP server s default directory 3 Use a straight through serial cable to connect the Access Point s serial...

Page 124: ...vanced Configuration Setting IP Address using Serial Port Use the following procedure to set an IP address over the serial port using the CLI The network administrator typically provides the AP IP address Hardware and Software Requirements Standard straight through serial data RS 232 cable with a one male DB 9 connector and one female DB 9 connector The AP comes with a female 9 pin serial port ASC...

Page 125: ...r Figure 7 2 Result of show ip CLI Command 6 Change the IP address and other network values using set and reboot CLI commands similar to the example below use your own IP address and subnet mask Note that IP Address Type is set to Dynamic by default If you have a DHCP server on your network you should not need to manually configure the Access Point s IP address the Access Point will obtain an IP a...

Page 126: ... allows you to transfer files across a network You can upload configuration files from the AP for backup or copying and you can download configuration files or new software images The TFTP software is located on the AP Installation CD ROM If a TFTP server is not configured and running you will not be able to download and upload images and configuration files to from the AP Remember that the TFTP s...

Page 127: ...ryption up to 250 up to 255 up to 63 With WEP encryption up to 250 up to 60 up to 63 With 802 1x Authentication up to 250 up to 50 up to 63 With WPA N A N A up to 63 Management Functions Feature 802 11b 802 11a 802 11b g Web User Interface yes yes yes Telnet CLI yes yes yes SNMP Agent yes yes yes TFTP yes yes yes Advanced Bridging Functions Feature 802 11b 802 11a 802 11b g IEEE 802 1d Bridging ye...

Page 128: ...le with 5 GHz Upgrade Kit yes Note 1 Key lengths supported by 802 11a 64 bit 128 bit and 152 bit Key lengths supported by 802 11b 64 bit and 128 bit Key lengths supported by 802 11b g 64 bit 128 bit and 152 bit Note 2 EAP MD5 EAP TLS EAP TTLS and PEAP client supplicant supported Note 3 Use in conjunction with WPA or 802 1x Authentication Note 4 Support is provided for a primary and backup RADIUS a...

Page 129: ...ht 1 75 Kg 3 5 lb 802 11a Antenna Adapter Dimensions H x W x L 11 3 x 2 10 x 26 2 cm 4 5 x 0 83 x 10 3in Weight 0 18kg 0 4lb Electrical Specifications Without Active Ethernet Module Voltage 100 to 240 VAC 50 60 Hz Current 0 2 amp Power Consumption 20 Watts With Active Ethernet Module Input Voltage 42 to 60 VDC Output Current 200mA at 48V Power Consumption 9 10 Watts Environmental Specifications HP...

Page 130: ...tory information 802 11a Channel Frequencies The available 802 11a Channels varies by regulatory domain and or country 802 11a radio certification is available in the following regions FCC U S Canada and Australia ETSI Europe and the United Kingdom MKK Japan SG Singapore ASIA China Hong Kong and South Korea TW Taiwan There are five sets of frequency bands that determine the available channels depe...

Page 131: ...e Band 52 default 52 5 260 5 260 5 260 56 5 280 5 280 5 280 58 5 300 5 300 5 300 60 5 320 5 320 5 320 H Band 100 5 500 104 5 520 108 5 540 112 5 560 116 5 580 120 5 600 124 5 620 128 5 640 132 5 660 136 5 680 140 5 700 Upper Band 149 default 149 5 745 5 745 5 745 5 745 153 5 675 5 675 5 675 5 675 157 5 785 5 785 5 785 5 785 161 5 805 5 805 5 805 5 805 ISM Band 165 5 825 5 825 5 825 Note 1 Channel ...

Page 132: ...02 11b operation to specific frequency bands The web interface will always display the available channels depending in the cards regulatory domain In the CLI any channels that are not available are labeled Not Supported Channel ID FCC GHz ETSI GHz MKK GHz IL GHz 2 412 2 412 2 412 2 417 2 417 2 417 2 422 2 422 2 422 2 427 2 427 2 427 2 427 2 432 2 432 2 432 2 432 2 437 2 437 2 437 2 437 2 442 2 442...

Page 133: ...nge of the wireless signal is related to the composition of objects in the radio wave path and the transmit rate of the wireless communication Communications at a lower transmit range may travel longer distances The range values listed in the Communications Range Chart are typical distances as calculated by Proxim s development team for FCC certified products These values provide a rule of thumb a...

Page 134: ...sed Office 9 m 30 ft 16 m 52 ft 26 m 85 ft 35 m 115 ft 43 m 141 ft 50 m 164 ft 58 m 190 ft 62 m 203 ft Tx Power dBm 7 11 14 14 14 14 14 14 Receiver Sensitivity dBm 65 69 73 77 80 82 84 85 Antenna Gain 3 5 dBi integrated diversity antennas 5 15 5 35 GHz Table A 2 802 11a 5 GHz Upgrade Kit Wireless communication ranges 802 11a 11a Upgrade Kit Range 54 Mbits s 48 Mbits s 36 Mbits s 24 Mbits s 18 Mbit...

Page 135: ...38 m 125 ft 48 m 157 ft 73 m 239 ft 113 m 371 ft 151 m 495 ft 187 m 614 ft 201 m 659 ft 216 m 709 ft 140 m 459 ft 162 m 531 ft 174 m 571 ft 232 m 761 ft Closed Office 26 m 85 ft 33 m 108 ft 51 m 167 ft 78 m 256 ft 104 m 341 ft 129 m 423 ft 138 m 453 ft 149 m 489 ft 97 m 318 ft 111 m 364 ft 120 m 394 ft 160 m 525 ft Tx Power dBm 12 13 14 15 15 15 15 15 15 15 15 15 Receiver Sensitivity dBm 68 70 75 ...

Page 136: ...s the Hexadecimal equivalent for each ASCII character ASCII Character Hex Equivalent ASCII Character Hex Equivalent ASCII Character Hex Equivalent ASCII Character Hex Equivalent 21 9 39 Q 51 i 69 22 3A R 52 j 6A 23 3B S 53 k 6B 24 3C T 54 l 6C 25 3D U 55 m 6D 26 3E V 56 n 6E 27 3F W 57 o 6F 28 40 X 58 p 70 29 A 41 Y 59 q 71 2A B 42 Z 5A r 72 2B C 43 5B s 73 2C D 44 5C t 74 2D E 45 5D u 75 2E F 46 ...

Page 137: ...or typical network operating systems and servers Notation Conventions Computer prompts are shown as constant width type For example Device Name Information that you input as shown is displayed in bold constant width type For example Device name set ipaddr 10 0 0 12 The names of keyboard keys software buttons and field names are displayed in bold type For example Click the Configure button Screen n...

Page 138: ...ibes the error messages associated with improper command inputs Error Message Description Syntax Error Invalid syntax entered at the command prompt Invalid Command A non existent command has been entered at the command prompt Invalid Parameter Name An invalid parameter name has been entered at the command prompt Invalid Parameter Value An invalid parameter value has been entered at the command pro...

Page 139: ... device parameters using the set command show command to view the device s configuration parameters help command to provide additional information on all commands supported by the Bootloader CLI reboot command to reboot the device The parameters supported by the Bootloader CLI for viewing and modifying are System Name IP Address Assignment Type IP Address IP Mask Gateway IP Address TFTP Server IP ...

Page 140: ...s the Access Point in the specified time search Lists the parameters in a specified Table upload Uses TFTP server to upload config files from Access Point to TFTP default directory or specified path List Commands This command can be used in a number of ways to display available commands and parameters The following table lists each operation and provides a basic example Following the table are det...

Page 141: ...l parameter letters Example 3a Display every parameter that can be changed Device Name set Figure C 5 Result of set CLI command Example 3b Display parameters based on letter sequence This example shows entries for parameters that start with the letter i The more letters you enter the fewer the results returned Notice that there is no space between the letters and the question mark Device Name show...

Page 142: ...ge file type config img bootloader Device Name download 192 168 0 101 apimage img CR done exit quit Each of the following commands ends a CLI session Device Name done Device Name exit Device Name quit download Downloads the specified file from a TFTP server to the Access Point Executing download in combination with the asterisks character will make use of the previously set TFTP parameters Executi...

Page 143: ...desired statement reappears press the Enter key to execute or you may edit the statement before executing it Device Name history passwd Changes the CLI Password Device Name passwd oldpassword newpassword newpassword reboot Reboots Access Point after specified number of seconds Specify a value of 0 zero for immediate reboot Device Name reboot 0 Device Name reboot 30 search Lists the parameters supp...

Page 144: ...et Use this CLI Command to change parameter values You can use a single CLI statement to modify Tables or you can modify each parameter separately show CLI Command Displays the value of the specified parameter or displays all parameter values of a specified group parameter table Groups contain Parameters and Tables Tables contain parameters for a series of similar entities To see a definition and ...

Page 145: ...done CR Modifications have been made to parameters that require the device to be rebooted These changes will only take effect after the next reboot set and show Command Examples In general you will use the CLI show Command to view current parameter values and use the CLI set Command to change parameter values As shown in the following examples parameters may be set individually or all parameters f...

Page 146: ...ow The following example illustrates how to manage the second entry in a table Syntax Device Name set Table index status enable disable delete Device Name set Table index status 1 enable 2 disable 3 delete Example Device Name set mgmtipaccesstbl 2 status enable Device Name set mgmtipaccesstbl 2 status disable Device Name set mgmtipaccesstbl 2 status delete Device Name set mgmtipaccesstbl 2 status ...

Page 147: ...zero 0 The order in which the table arguments or objects are entered in not important Parameters that are not required can be omitted in which case they will be assigned the default value Modification The table name is required The table index is required to modify the table index must be the index of the entry to be modified Only the table objects that are to be modified need to be specified Not ...

Page 148: ...then the string delimiters single or double quotes mentioned in this section are not required Configuring the AP using CLI commands Log into the AP using HyperTerminal 1 Open your terminal emulation program like HyperTerminal and set the following connection properties Com Port COM1 COM2 and so forth depending on your computer Baud rate 9600 Data Bits 8 Stop bits 1 Flow Control None Parity None 2 ...

Page 149: ...Contact Information Device Name set sysname system name sysloc Unit Location Device Name set sysctname Contact Name person responsible for system Device Name set sysctphone Contact Phone Number sysctemail Contact E mail address Device Name show system Figure C 12 Result of show system CLI Command Set Static IP Address for the AP NOTE The IP Subnet Mask of the AP must match your network s Subnet Ma...

Page 150: ...rict access to your network devices to authorized personnel If you lose or forget your password settings you can always perform the Reset to Factory Default Procedure Set Network Names for the Wireless Interface Device Name set wif index 3 Slot A or 4 Slot B netname Network Name SSID for wireless interface Device Name show wif Figure C 13 Results of show wif CLI command for an AP C 14 ...

Page 151: ...e Wireless Interface CAUTION Wireless clients must be configured with the same encryption key to be able to communicate with the AP The AP can only support one Key Length so each of the configured keys must have the same length The available key sizes vary based on the Access Point s model See Security Encryption Key Length Table for more information You can set up to four encryption keys This exa...

Page 152: ...ilename file type and the IP address are correct After setting the TFTP parameters you can backup your current file so long as all the other parameters are the same with the following command Device Name upload Set up Auto Configuration The Auto Configuration feature which allows an AP to be automatically configured by downloading a specific configuration file from a TFTP server during the boot up...

Page 153: ...ble Device Name set dhcpstatus disable Device Name set dhcpippooltbl 0 startipaddr start ip address endipaddr end ip address Device Name set dhcpgw gateway ip address Device Name set dhcppridnsipaddr primary dns ip address Device Name set dhcpsecdnsipaddr secondary dns ip address Device Name set dhcpstatus enable Device Name reboot 0 CAUTION Before enabling this feature confirm that the IP address...

Page 154: ...information on the parameters listed below Dual radio APs use index 3 for Slot A and index 4 for Slot B Operational Mode Device Name set wif index mode see table mode Operational Mode 1 dot11b only 2 dot11g only 3 dot11bg 4 dot11a only 5 dot11g wifi Autochannel Select ACS ACS is enabled by default Reboot after disabling or enabling ACS Device Name set wif index autochannel enable disable Device Na...

Page 155: ...rspeed value see below Device Name reboot 0 Ethernet Speed and Transmission Mode Value 10 Mbits sec half duplex 10 Mbits sec full duplex 10 Mbits sec auto duplex 100 Mbits sec half duplex 100 Mbits sec full duplex Auto Speed half duplex Auto Speed auto duplex 10halfduplex 10fullduplex 10autoduplex 100halfduplex 100fullduplex autohalfduplex autoautoduplex default Set Interface Management Services E...

Page 156: ...luding SSL HTTP Group Parameters httpifbitmask 15 httppasswd httpport 80 httphelplink c Program Files HP AP_520wl Help English Index htm httpsetupwiz disable sslstatus enable sslpassphrase Set Telnet Session Timeouts Device Name set tellogintout time in seconds between 1 and 300 default is 30 Device Name set telsessiontout time in seconds between 1 and 36000 default is 900 Configure Serial Port In...

Page 157: ...for Slot A and index 4 for Slot B Device Name set secconfigtbl index authmode none 802 1x mixed wpa wpa psk Device Name set secconfigtbl index enckeylen 64bits 128bits Device Name set secconfigtbl index rekeyint 60 65535 seconds default is 900 sec Device Name show secconfigtbl to review your settings Device Name reboot 0 NOTE If you set Authentication Mode to 802 1x WPA or Mixed you also need to c...

Page 158: ...esults of show radiustbl CLI command Enable RADIUS MAC Access Control Device Name set radmacaccctrl enable Device Name reboot 0 Set MAC Address Format Type Device Name set radmacaddrformat dashdelimited colondelimited singledashdelimited nodelimiter Set Authorization Lifetime MAC based authentication only Device Name set radauthlifetm 900 43200 seconds default is 900 Enable RADIUS Accounting Devic...

Page 159: ...nts by utilizing the coverage of the trusted Access Point deployment The Rogue AP Scan employs background scanning using low level 802 11 scanning functions for effective wireless detection of Access Points in its coverage area with minimal impact on the normal operation of the Access Point The set radstatus command enables Rogue Access Point Detection The scan repetition duration radscanint is al...

Page 160: ...tication Statistics statif Displays information and statistics about the Ethernet and wireless interfaces stat802 11 Displays additional statistics for the wireless interfaces statethernet Displays additional statistics for the Ethernet interface statmss Displays station statistics and Wireless Distribution System links Parameter Tables Objects contain groups that contain both parameters and param...

Page 161: ...e proxy ARP for wireless clients IP ARP Filtering Parameters Control which ARP messages are sent to wireless clients based on IP settings Broadcast Filtering Table Control the type of broadcast packets forwarded to the wireless network TCP UDP Port Filtering Filter IP packets based on TCP UDP port Alarms Parameters SNMP Table Host Table Parameters Enter the list of IP addresses that will receive a...

Page 162: ... Defined max 254 characters RW sysctphone FLASH Backup Interval Integer 0 65535 seconds RW sysflashbckint Flash Update 0 1 RW sysflashupdate System OID DisplayString N A R sysoid Descriptor DisplayString System Name flash version S N bootloader version R sysdescr Up Time Integer dd hh mm ss dd days hh hours mm minutes ss seconds R sysuptime Emergency Restore to defaults Resets all parameters to de...

Page 163: ... the same information IP Address IpAddress User Defined RW ipaddr IP Mask IpAddress User Defined RW ipmask Default Router IP Address IpAddress User Defined RW ipgw Default TTL Integer User Defined seconds 64 default RW ipttl Address Type Integer static dynamic default RW ipaddrtype NOTE The IP Address Assignment Type ipaddrtype must be set to static before the IP Address ipaddr IP Mask ipmask or D...

Page 164: ...a DHCP IP Pool table entry has been created DHCP Server table for IP pools Name Type Values Access CLI Parameter DHCP Server IP Address Pool Table Table N A R dhcpippooltbl Table Index Integer User Defined N A index Start IP Address IpAddress User Defined RW startipaddr End IP Address IpAddress User Defined RW endipaddr Width Integer User Defined RW width Default Lease Time optional Integer32 0 86...

Page 165: ...00ms 500 ms default RW linkintpollint Link Integrity Poll Retransmissions Integer 0 255 5 default RW linkintpollretx Link Integrity IP Target Table Name Type Values Access CLI Parameter Link Integrity IP Target Table Table N A R linkinttbl Table Index Integer 1 5 N A index Target IP Address IpAddress User Defined RW ipaddr Comment optional DisplayString User Defined up to 254 characters RW cmt Sta...

Page 166: ...dress PhyAddress 12 hex digits R macaddr Closed System Integer enable disable default RW closedsys Supported Frequency Channels Octet String Depends on Regulatory Domain R suppchannels Load Balancing Integer enable default disable RW ldbalance Note 1 For 802 11a APs in Europe Auto Channel Select is a read only parameter it is always enabled 802 11a Only Parameters Name Type Values Access CLI Param...

Page 167: ...x digits R macaddr Supported Data Rates Octet String 1 Mbits sec 2 Mbits sec 5 5 Mbits sec 11 Mbits sec R suppdatarates Transmit Rate Integer32 0 auto fallback default 1 Mbits sec 2 Mbits sec 5 5 Mbits sec 11 Mbits sec RW txrate Supported Frequency Channels Octet String Depends on Regulatory Domain R suppchannels Physical Layer Type Integer dsss direct sequence spread spectrum for 802 11b R phytyp...

Page 168: ...its sec For 802 11g only mode 0 auto fallback default 6 Mbits sec 9 Mbits sec 12 Mbits sec 18 Mbits sec 24 Mbits sec 36 Mbits sec 48 Mbits sec 54 Mbits sec For 802 11g wifi and 802 11bg modes 0 auto fallback default 1 Mbits sec 2 Mbits sec 5 5 Mbits sec 11 Mbits sec 6 Mbits sec 9 Mbits sec 12 Mbits sec 18 Mbits sec 24 Mbits sec 36 Mbits sec 48 Mbits sec 54 Mbits sec RW txrate Physical Layer Type I...

Page 169: ...eters Name Type Values Access CLI Parameter SNMP Group N A R snmp SNMP Management Interface Bitmask Interface Bitmask 0 or 2 no interfaces disable 1 or 3 Ethernet 4 or 6 Wireless A 8 or 10 Wireless B 12 Wireless A B 13 or 15 all interfaces default is 15 RW snmpifbitmask Read Password DisplayString User Defined public default max 63 characters W snmprpasswd Read Write Password DisplayString User De...

Page 170: ...ther than the backslash character when configuring the Help Link location The AP Help information is available in English Telnet Parameters Name Type Values Access CLI Parameter Telnet Group N A R telnet Telnet Management Interface Bitmask Interface Bitmask 0 or 2 no interfaces disable 1 or 3 Ethernet 4 or 6 Wireless A 8 or 10 Wireless B 12 Wireless A B 13 or 15 all interfaces default is 15 RW tel...

Page 171: ...and or download commands the stored arguments are used Name Type Values Access CLI Parameter TFTP Group N A R tftp TFTP Server IP Address IpAddress User Defined RW tftpipaddr TFTP File Name DisplayString User Defined RW tftpfilename TFTP File Type Integer img config bootloader RW tftpfiletype IP Access Table Parameters When creating table entries you may either specify the argument name followed b...

Page 172: ...W protonumber Protocol Name optional DisplayString RW protoname Status optional Integer enable 1 disable 2 delete 3 RW status NOTE The filter Operation Type passthru or block applies only to the protocol filters that are enabled in this table Static MAC Address Filter Table Name Type Values Access CLI Parameter Static MAC Address Filter Table Table N A R staticmactbl Table Index N A N A R index St...

Page 173: ...eger 1 5 N A index Protocol Name DisplayString N A R protoname Direction Integer ethertowireless wirelesstoether both default RW direction Status Integer enable disable default RW status TCP UDP Port Filtering The following parameters are used to enable disable the Port filter feature Name Type Values Access CLI Port Filtering Group N A R portflt Port Filter Status Integer enable default disable R...

Page 174: ...Host Table Parameters When creating table entries you may either specifying the argument name followed by argument value CLI applies default values to the omitted arguments Due to the nature of the information the only argument that can be omitted is the comment argument Name Type Values Access CLI Parameter SNMP Trap Host Table Table N A R snmptraphosttbl Table Index Integer User Defined N A inde...

Page 175: ...en Syslog hosts Name Type Values Access CLI Parameter Syslog Host Table Table N A R sysloghosttbl Table Index Integer 1 10 N A index IP Address IpAddress User Defined RW ipaddr Comment optional DisplayString User Defined RW cmt Status optional Integer enable disable delete RW status Bridge Parameters Spanning Tree Parameters Name Type Values Access CLI Parameter Spanning Tree Group N A R stp Spann...

Page 176: ...cast Multicast Threshold Integer 0 255 packets sec default is 0 RW mcast Intra BSS Subscriber Blocking The following parameters control the Intra BSS traffic feature which prevent wireless clients that are associated with the same AP from communicating with each other Name Type Values Access CLI Intra BSS Traffic Group N A R intrabss Intra BSS Traffic Operation Integer passthru default block RW in...

Page 177: ...th to create a pre shared key for WPA PSK mode Setting Pre Shared Key will override a previous PSK Pass Phrase setting Similarly setting PSK Pass Phrase will override a previous Pre Shared Key setting Note 2 We recommend using a PSK Pass Phrase of at least 13 characters to ensure that the generated key cannot be easily deciphered by network infiltrators Wireless Interface Security Parameters The f...

Page 178: ...fined max 254 characters RW cmt Status optional Integer enable default disable delete RW status RADIUS Parameters Primary and Backup RADIUS Server Table Parameters The HP ProCurve Wireless Access Point uses RADIUS authentication and or accounting support a primary and backup RADIUS server for MAC based authentication and a primary and backup RADIUS server for EAP 802 1x authentication The configur...

Page 179: ...Status Integer enable disable default RW status Server Addressing Format see note Integer ipaddr default name RW seraddrfmt Server IP Address or Name IpAddress DisplayString User Defined enter an IP address if seraddrfmt is ipaddr or a name if set to name up to 254 characters if using a name RW ipaddr Port optional Integer User Defined 1812 default RW port Shared Secret DisplayString User Defined ...

Page 180: ...face Bitmask Interface Bitmask 4 WiF A 8 WiF B or 12 both RW radifbitmask VLAN SSID Parameters Name Type Values Access CLI Parameter VLAN Group N A R vlan Status Integer enable disable default RW vlanstatus Management ID VlanId 1 untagged or 1 4094 RW vlanmgmtid VLAN ID Table NOTE 16 VLAN SSID pairs are available for APs with an HP ProCurve Wireless 802 11g AP Card 170wl only Name Type Values Acce...

Page 181: ... ms 717 ms 819 ms RW iapphandtout Max Handover Retransmissions Integer 1 4 default 4 RW iapphandretx Send Announce Request on Startup Integer enable default disable RW iappannreqstart NOTE These parameters configure the Inter Access Point Protocol IAPP for roaming Leave these settings at their default value unless a technical representative asks you to change them SpectraLink VoIP Parameters 802 1...

Page 182: ...le Name parameter 4 22 4 23 Bootloader CLI 7 8 C 2 C 3 Bootloader files 6 4 6 5 Bridge MIB alarms 4 30 Bridge screen 4 32 Broadcast Filtering Table C 37 Broadcast Storms 4 32 C CLI See Command Line Interface Closed Wireless System parameter C 31 Command History Buffer C 7 Command Line Interface CLI changing IP addresses with 7 10 command types described C 4 displaying subset of parameters C 5 endi...

Page 183: ...oCurve Wireless Access Point 520wl assigning IP addresses to 2 6 2 7 7 10 backing up configurations for C 16 changing interface settings for C 18 configuring 4 1 C 12 C 13 C 16 features listed 1 4 A 1 getting information about 5 2 5 3 C 27 initializing 1 1 2 6 installation prerequisites 2 1 installing hardware for 2 3 locating device 1 1 4 11 C 19 C 31 logging into C 12 monitoring system status fo...

Page 184: ...rs C 40 Intra BSS Traffic Operation parameter 4 33 Intra BSS configurations C 21 Invalid Command message C 2 Invalid Parameter Name message C 2 Invalid Parameter Value message C 2 Invalid Table Index message C 2 Invalid Table Parameter Value message C 2 Invalid Table Parameter message C 2 Inventory Management Information Table C 27 L LAN networks See networks LED indicators 2 14 Learn Table 4 32 5...

Page 185: ...by way of HTTP screen 6 8 Retrieve File by way of TFTP screen 6 7 Rogue Access Point Detection 4 41 4 42 C 23 C 44 Rogue Access Point Detection screen 4 42 S SNMP Interface Bitmask parameter 4 18 SNMP Read Password parameter 4 17 SNMP Read Write Password parameter 4 17 SNMP Trap Host Table parameters C 38 SNMP configurations 1 2 1 3 4 18 4 41 SNMP management parameters C 33 SNMP manager programs 1...

Page 186: ...ate AP by way of TFTP screen 6 4 Upgrade Kits A 4 A 8 Upload Unsuccessful message C 2 V VLAN defined 4 47 VLAN ID Table C 24 C 44 VLAN Management IDs 4 50 4 51 VLAN Management parameters C 24 VLAN User IDs 4 50 4 51 VLAN assignments 4 48 VLAN configurations 4 47 4 51 7 4 C 24 VLAN SSID pairs 4 49 4 50 VLAN SSID parameters C 24 C 44 Version Information screen 5 2 W WDS ports 4 15 WEP encryption 4 3...

Page 187: ...for 4 46 closed systems 4 9 C 18 coldStart trap 4 30 collisions 4 10 command list C 4 command reference C 4 C 11 command statements adding parameters to C 9 C 11 adding strings to C 12 entering C 1 C 7 moving through C 2 C 6 overview 1 2 comments C 9 communication ports C 20 communication requirements 2 1 communications information 5 4 configuration alarm 4 28 configuration files IP addresses and ...

Page 188: ...tion 1 2 4 18 4 19 C 15 encryption certificates 4 19 encryption keys 2 10 4 34 4 37 B 1 C 15 encryption modes 4 34 encryption parameters C 41 environmental specifications A 3 error messages CLI C 2 event logs 4 31 event messages 4 31 event notifications 4 31 4 32 exit command C 6 C 9 factory defaults 6 11 7 1 7 6 file names 6 7 file sharing 4 33 file transfer 2 13 6 3 C 1 file types 6 4 6 5 files ...

Page 189: ...12 4 12 4 13 C 19 multiple frame copies 4 32 naming conventions 4 3 naming host systems 4 3 navigation keys C 2 C 6 network adapters 2 7 network administrators 1 1 network bridging 4 32 5 4 C 39 network objects C 24 networking concepts 1 1 networks accessing 1 1 4 39 4 43 assigning IP addresses to 4 5 assigning host names to 4 4 caution for enabling DHCP servers and 4 5 configuration options for 4...

Page 190: ...A 7 A 9 reboot command C 3 C 7 reboots 6 10 C 7 C 9 recording MAC addresses 4 32 recovery procedures 7 5 redirecting traffic 4 33 registering host names 4 3 regulatory domains 4 9 removing table entries C 10 C 11 resets 6 10 resetting factory defaults 6 11 7 1 7 6 network configurations 7 6 resources 4 49 roaming 1 1 1 2 4 46 C 45 router C 27 safety 1 ii 2 14 saving configurations 4 2 6 9 6 10 C 9...

Page 191: ...information 5 2 6 7 viewing CLI commands 6 1 C 4 CLI parameters C 4 C 5 C 8 C 11 HTTP configuration information C 20 IP addresses C 11 MAC addresses 5 4 on line help 6 12 7 3 operating statistics 5 1 C 24 station statistics 5 9 system information 3 1 C 13 version information 5 2 6 7 virtual LAN See VLAN warranty 1 ii wireless LANs WLANs 4 34 See also networks wireless access point units See HP Pro...

Reviews:

No comments

Brands by name

Popular brands

Load more brands