manualshive.com logo in svg

SMC Networks 2888W-M, Owner'S Manual

Looking for the Owner's Manual for the SMC Networks 2888W-M? Look no further! Easily download the manual for free from our website. This comprehensive guide provides detailed instructions and useful tips to ensure you maximize the potential of your product. Perfect for troubleshooting and optimizing your user experience.

Share
Download
background image

38 Tesla
Irvine, CA 92618
Phone: (949) 679-8000

EliteConnect

 Universal

2.4GHz/5GHz Wireless Dual-Band 
Outdoor Access Point/Bridge

The easy way to make all your network connections

May 2005
Revision Number: R01 

F1.1.2.5

Summary of Contents for 2888W-M

Page 1: ...la Irvine CA 92618 Phone 949 679 8000 EliteConnect Universal 2 4GHz 5GHz Wireless Dual Band Outdoor Access Point Bridge The easy way to make all your network connections May 2005 Revision Number R01 F1 1 2 5 ...

Page 2: ...its use No license is granted by implication or otherwise under any patent or patent rights of SMC SMC reserves the right to change specifications at any time without notice Copyright 2005 by SMC Networks Inc 38 Tesla Irvine CA 92618 All rights reserved Trademarks SMC is a registered trademark and EliteConnect is a trademark of SMC Networks Inc Other product and company names are trademarks or reg...

Page 3: ...s discretion replace an older product in its product line with one that incorporates these newer technologies At that point the obsolete product is discontinued and is no longer an Active SMC product A list of discontinued products with their respective dates of discontinuance can be found at http www smc com index cfm action customer_service_warranty All products that are replaced become the prop...

Page 4: ...O REPAIR OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE OR BY ACCIDENT FIRE LIGHTNING OR OTHER HAZARD LIMITATION OF LIABILITY IN NO EVENT WHETHER BASED IN CONTRACT OR TORT INCLUDING NEGLIGENCE SHALL SMC BE LIABLE FOR INCIDENTAL CONSEQUENTIAL INDIRECT SPECIAL OR PUNITIVE DAMAGES OF ANY KIND OR FOR LOSS OF REVENUE LOSS OF BUSINESS OR OTHER FINANCIAL LOSS ARISING OUT OF OR IN CONNECTION WITH...

Page 5: ...hich the receiver is connected Consult the dealer or an experienced radio TV technician for help Warnings 1 Wear an anti static wrist strap or take other suitable measures to prevent electrostatic discharge when handling this equipment 2 When connecting this device to a power outlet connect the field ground lead on the tri pole power plug to a valid earth ground line to prevent electrical hazards ...

Page 6: ...dio equipment EN 301 489 1 EN 301 489 17 EMC requirements for radio equipment Countries of Operation Conditions of Use in the European Community This device is intended to be operated in all countries of the European Community Requirements for indoor vs outdoor operation license requirements and allowed channels of operation apply in some countries as described below Note The user must use the con...

Page 7: ... described in the user guide must always remain enabled to ensure that automatic 5 GHz channel selection complies with European requirements The current setting for this feature is found in the 5 GHz 802 11a Radio Settings Window as described in the user guide This device is restricted to indoor use when operated in the European Community using the 5 15 5 35 GHz band Channels 36 40 44 48 52 56 60 ...

Page 8: ... European Community Country Allowed Frequency Bands Allowed Channel Numbers Countries 5 15 5 25 GHz 36 40 44 48 Austria Belgium 5 15 5 35 GHz 36 40 44 48 52 56 60 64 France Switzerland Liechtenstein 5 15 5 35 5 470 5 725 GHz 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140 Denmark Finland Germany Iceland Ireland Italy Luxembourg Netherlands Norway Portugal Spain Sweden U K 5 GHz...

Page 9: ...device est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE Swedish Härmed intygar SMC Networks att denna Radio LAN device står I överensstämmelse med de väsentliga egenskapskrav och övriga relevanta bestämmelser som framgår av direktiv 1999 5 EG Danish Undertegnede SMC Networks erklærer herved at følgende udstyr Radio LAN device overholder de væ...

Page 10: ...Extra Low Voltage conditions according to IEC 60950 The conditions are only maintained if the equipment to which it is connected also operates under SELV conditions France and Peru only This unit cannot be powered from IT supplies If your supplies are of IT type this unit must be powered by 230 V 2P T via an isolation transformer ratio 1 1 with the secondary connection point labelled Neutral conne...

Page 11: ...least 10 A The attachment plug must be an earth grounding type with NEMA 5 15P 15 A 125 V or NEMA 6 15P 15 A 250 V configuration Denmark The supply plug must comply with Section 107 2 D1 Standard DK2 1a or DK2 5a Switzerland The supply plug must comply with SEV ASE 1011 U K The supply plug must comply with BS1363 3 pin 13 A and be fitted with a 5 A fuse which complies with BS1362 The mains cord mu...

Page 12: ... 60950 Ces conditions ne sont maintenues que si l équipement auquel il est raccordé fonctionne dans les mêmes conditions France et Pérou uniquement Ce groupe ne peut pas être alimenté par un dispositif à impédance à la terre Si vos alimentations sont du type impédance à la terre ce groupe doit être alimenté par une tension de 230 V 2 P T par le biais d un transformateur d isolement à rapport 1 1 a...

Page 13: ...einen gemäß EN 60320 IEC 320 konfigurierten Geräteeingang haben Die Netzsteckdose muß in der Nähe des Geräts und leicht zugänglich sein Die Stromversorgung des Geräts kann nur durch Herausziehen des Gerätenetzkabels aus der Netzsteckdose unterbrochen werden Der Betrieb dieses Geräts erfolgt unter den SELV Bedingungen Sicherheitskleinstspannung gemäß IEC 60950 Diese Bedingungen sind nur Suisse La p...

Page 14: ...Der typ SV oder SJ 3 Leiter Der Cord muß haben eine strombelastbarkeit aus wenigstens 10 A Dieser Stromstecker muß hat einer erdschluss mit der typ NEMA 5 15P 15A 125V oder NEMA 6 15P 15A 250V konfiguration Danemark Dieser Stromstecker muß die ebene 107 2 D1 der standard DK2 1a oder DK2 5a Bestimmungen einhalten Schweiz Dieser Stromstecker muß die SEV ASE 1011Bestimmungen einhalten Europe Das Netz...

Page 15: ... 2 1 Access Point Topologies 2 1 Ad Hoc Wireless LAN no Access Point or Bridge 2 2 Infrastructure Wireless LAN 2 3 Infrastructure Wireless LAN for Roaming Wireless PCs 2 4 Bridge Link Topologies 2 5 Point to Point Configuration 2 6 Point to Multipoint Configuration 2 6 3 Bridge Link Planning 3 1 Radio Path Planning 3 1 Antenna Height 3 3 Antenna Position and Orientation 3 5 Radio Interference 3 6 ...

Page 16: ...4 TCP IP Settings 6 7 Radius 6 10 PPPoE Settings 6 13 Authentication 6 16 Filter Control 6 26 SNMP 6 30 Administration 6 33 System Log 6 38 Wireless Distribution System WDS 6 43 Bridge 6 45 Spanning Tree Protocol STP 6 47 RSSI 6 54 Radio Interface 6 56 Radio Settings A 802 11a 6 57 Radio Settings G 802 11g 6 63 Security Bridge Mode 6 66 Security Access Point Mode 6 72 Status Information 6 87 AP St...

Page 17: ...tion Commands 7 7 Command Line Processing 7 8 Command Groups 7 9 General Commands 7 10 configure 7 10 end 7 11 exit 7 11 ping 7 12 reset 7 13 show history 7 14 show line 7 14 System Management Commands 7 15 country 7 16 prompt 7 18 system name 7 19 username 7 19 password 7 20 ip http port 7 20 ip http server 7 21 show system 7 22 show version 7 23 System Logging Commands 7 23 logging on 7 24 loggi...

Page 18: ...File Commands 7 39 bootfile 7 40 copy 7 41 delete 7 42 dir 7 43 RADIUS Client 7 45 radius server address 7 45 radius server port 7 46 radius server key 7 47 radius server retransmit 7 47 radius server timeout 7 48 show radius 7 48 Authentication 7 49 802 1x 7 51 802 1x broadcast key refresh rate 7 52 802 1x session key refresh rate 7 53 802 1x session timeout 7 54 802 1x supplicant 7 55 address fi...

Page 19: ... bridge stp port portfast 7 73 bridge stp port spanning disabled 7 74 show bridge 7 75 Filtering Commands 7 76 filter local bridge 7 76 filter ap manage 7 77 filter ethernet type enable 7 78 filter ethernet type protocol 7 79 show filters 7 80 PPPoE Commands 7 80 ip pppoe 7 81 pppoe ip allocation mode 7 82 pppoe ipcp dns 7 83 pppoe lcp echo interval 7 84 pppoe lcp echo failure 7 85 pppoe local ip ...

Page 20: ...o 7 103 beacon interval 7 104 dtim period 7 104 fragmentation length 7 105 rts threshold 7 106 transmit power 7 107 max association 7 108 authentication 7 109 encryption 7 110 key 7 112 transmit key 7 113 multicast cipher 7 114 wpa clients 7 116 wpa mode 7 117 wpa preshared key 7 118 wpa psk type 7 119 shutdown 7 120 show interface wireless 7 120 show station 7 121 IAPP Commands 7 122 iapp 7 122 V...

Page 21: ...ns B 1 Antenna Specifications B 4 17 dBi Integrated Panel B 4 C Cables and Pinouts C 1 Twisted Pair Cable Assignments C 1 10 100BASE TX Pin Assignments C 2 Straight Through Wiring C 3 Crossover Wiring C 3 8 Pin DIN Connector Pinout C 4 8 Pin DIN to RJ 45 Cable Wiring C 5 Glossary Index ...

Page 22: ...TABLE OF CONTENTS xx ...

Page 23: ...antenna options and is designed to operate as the Master bridge in point to multipoint configurations supporting wireless bridge connections to as many as 16 SMC2888W S Slave units Each model is housed in a weatherproof enclosure for mounting outdoors and includes its own brackets for attaching to a wall pole radio mast or tower structure The unit is powered through its Ethernet cable connection f...

Page 24: ...e 802 11g standard in the 2 4 GHz band IEEE 802 11g includes backward compatibility with the IEEE 802 11b standard IEEE 802 11b also operates at 2 4 GHz but uses Direct Sequence Spread Spectrum DSSS and Complementary Code Keying CCK modulation technology to achieve a communication rate of up to 11 Mbps The wireless bridge provides a 54 Mbps half duplex connection for each active channel up to 108 ...

Page 25: ...oor wall mounting bracket kit This User Guide Inform your dealer if there are any incorrect missing or damaged parts If possible retain the carton including the original packing materials Use them again to repack the product in case there is a need to return it ...

Page 26: ...Protective Cap Grounding Point Screw Integrated Antenna Bottom View Top View SMC2888W S N Type External Antenna Connector 2 4 GHz N Type External Antenna Connector 2 4 GHz Top View SMC2888W M N Type External Antenna Connector 2 4 GHz N Type External Antenna Connector 5 GHz ...

Page 27: ...ntennas connect to the N type RF connectors on the wireless bridge using the provided coaxial cables Ethernet Port The wireless bridge has one 10BASE T 100BASE TX 8 pin DIN port that connects to the power injector module using the included Ethernet cable The Ethernet port connection provides power to the wireless bridge as well as a data link to the local network The wireless bridge appears as an ...

Page 28: ...twisted pair cable to connect this port to most network interconnection devices such as a switch or router that provide MDI X ports However when connecting the access point to a workstation or other device that does not have MDI X ports you must use crossover twisted pair cable The wireless bridge does not have a power switch It is powered on when its Ethernet port is connected to the power inject...

Page 29: ... output voltage that is proportional to the received radio signal strength A DC voltmeter can be connected this port to assist in aligning the antennas at both ends of a wireless bridge link Grounding Point Even though the wireless bridge includes its own built in lightning protection it is important that the unit is properly connected to ground A grounding screw is provided for attaching a ground...

Page 30: ... must be connected to the local network using the power injector module The following figure illustrates the system component connections Indoor Outdoor LAN Switch AC Power Power Injector Wireless Bridge Unit Ground Wire Ethernet Cable Ethernet Cable External Antenna RF Coaxial Cable ...

Page 31: ...GHz radio Outdoor weatherproof design IEEE 802 11a and 802 11b g compliant Local network connection via 10 100 Mbps Ethernet port Powered through its Ethernet cable connection to the power injector module Includes wall and pole mount brackets Security through 64 128 152 bit Wired Equivalent Protection WEP or 128 bit Advanced Encryption Standard AES encryption and WiFi Protected Areas WPA Scans all...

Page 32: ...he Exec level prompt Feature Parameter Default Identification System Name Dual Band Outdoor AP Administration User Name admin Password smcadmin General HTTP Server Enabled HTTP Server Port 80 TCP IP IP Address DHCP Subnet Mask 255 255 255 0 Default Gateway 0 0 0 0 Primary DNS IP 0 0 0 0 Secondary DNS IP 0 0 0 0 VLANs Status Disabled Native VLAN ID 1 Filter Control Ethernet Type Disabled ...

Page 33: ...on IP Address null Trap Destination Community Name Public System Logging Syslog Disabled Logging Host Disabled Logging Console Disabled IP Address Host Name 0 0 0 0 Logging Level Informational Logging Facility Type 16 Spanning Tree Status Enabled Ethernet Interface Speed and Duplex Auto WDS Bridging Outdoor Bridge Band A 802 11a Feature Parameter Default ...

Page 34: ... Transmit Power Full Maximum Data Rate 54 Mbps Beacon Interval 100 TUs Data Beacon Rate DTIM Interval 2 beacons RTS Threshold 2347 bytes Wireless Security 802 11a Authentication Type Open System AES Encryption Disabled WEP Encryption Disabled WEP Key Length 128 bits WEP Key Type Hexadecimal WEP Transmit Key Number 1 WEP Keys null Feature Parameter Default ...

Page 35: ... Power Full Maximum Data Rate 54 Mbps Beacon Interval 100 TUs Data Beacon Rate DTIM Interval 2 beacons RTS Threshold 2347 bytes Wireless Security 802 11b g Authentication Type Open System AES Encryption Disabled WEP Encryption Disabled WEP Key Length 128 bits WEP Key Type Hexadecimal WEP Transmit Key Number 1 WEP Keys null Feature Parameter Default ...

Page 36: ...Introduction 1 14 ...

Page 37: ...ing remote LANs Alternatively you can employ both access point and bridging functions together offering a flexible and convenient wireless solution for many applications This chapter describes the role of wireless bridge in various wireless network configurations Access Point Topologies Wireless networks support a stand alone wireless configuration as well as an integrated configuration with 10 10...

Page 38: ...stance between neighboring access points Increase the channel separation of neighboring access points e g up to 3 channels of separation for 802 11b or up to 5 channels for 802 11g Ad Hoc Wireless LAN no Access Point or Bridge An ad hoc wireless LAN consists of a group of computers each equipped with a wireless adapter connected through radio signals as an independent wireless LAN Computers in a s...

Page 39: ...eless group or access other computers or network resources in the wired LAN infrastructure through the access point The infrastructure configuration not only extends the accessibility of wireless PCs to the wired LAN but also increases the effective wireless transmission range for wireless PCs by passing their signals through one or more access points A wireless infrastructure can be used for acce...

Page 40: ...Set Identifier SSID that identifies the service set provided by one or more access points The SSID can be manually configured by the clients can be detected in an access point s beacon or can be obtained by querying for the identity of the nearest access point For clients that do not need to roam set the SSID for the wireless card to that used by the access point to which you want to connect A wir...

Page 41: ...r in the wireless bridge network SMC2888W S Slave units support only one WDS link which must be to the network s master unit The SMC2888W M and SMC2888W S support WDS bridge links on either the 5 GHz 802 11a or 2 4 GHz 802 11b g bands and can be used with various external antennas to offer flexible deployment options Server Switch Desktop PC Access Point BSS2 Seamless Roaming for Wireless Clients ...

Page 42: ... a radio band set to access point mode Point to Point Configuration Two SMC2888W S bridges can form a wireless point to point link using their 5 GHz 802 11a integrated antennas Point to Multipoint Configuration A SMC2888W M wireless bridge can use an omnidirectional or sector antenna to connect to as many as 16 bridges in a point to multipoint configuration There can only be one SMC2888W M Master ...

Page 43: ...Bridge Link Topologies 2 7 Master with Omnidirectional Antenna Slave Slave Slave Slave Slave Slave Master with Sector Antenna Slave Slave Slave ...

Page 44: ...Network Configuration 2 8 ...

Page 45: ...fessional personnel that are trained in the installation of radio transmitting equipment The user is responsible for compliance with local regulations concerning items such as antenna power use of lightning arrestors grounding and radio mast or tower construction Therefore it is recommended to consult a professional contractor knowledgeable in local radio regulations prior to equipment installatio...

Page 46: ...adio link but the quality and strength of the signal will be affected Calculating the maximum clearance from objects on a path is important as it directly affects the decision on antenna placement and height It is especially critical for long distance links where the radio signal could easily be lost When planning the radio path for a wireless bridge link consider these factors Avoid any partial l...

Page 47: ...vement of cars trains or aircraft Antenna Height A reliable wireless link is usually best achieved by mounting the antennas at each end high enough for a clear radio line of sight between them The minimum height required depends on the distance of the link obstacles that may be in the path topology of the terrain and the curvature of the earth for links over 3 miles For long distance links a mast ...

Page 48: ... 0 5 mile 805 m 6 4 ft 1 95 m 0 6 4 ft 1 95 m 1 mile 1 6 km 9 ft 2 7 m 0 9 ft 2 7 m 2 miles 3 2 km 12 7 ft 3 9 m 0 12 7 ft 3 9 m 3 miles 4 8 km 15 6 ft 4 8 m 1 8 ft 0 5 m 17 4 ft 5 3 m 4 miles 6 4 km 18 ft 5 5 m 3 2 ft 1 0 m 21 2 ft 6 5 m 5 miles 8 km 20 ft 6 1 m 5 ft 1 5 m 25 ft 7 6 m 7 miles 11 3 km 24 ft 7 3 m 9 8 ft 3 0 m 33 8 ft 10 3 m 9 miles 14 5 km 27 ft 8 2 m 16 ft 4 9 m 43 ft 13 1 m 12 m...

Page 49: ...is 12 m 39 ft higher than bulding A To mount an anntena at the required height on building B a mast or pole of only 1 3 m 4 3 ft is needed Warning Never construct a radio mast pole or tower near overhead power lines Note Local regulations may limit or prevent construction of a high radio mast or tower If your wireless bridge link requires a high radio mast or tower consult a professional contracto...

Page 50: ...ation direction The antenna polarization is marked on the wireless bridge as indicated in the following figure Radio Interference The avoidance of radio interference is an important part of wireless link planning Interference is caused by other radio transmissions using the same or an adjacent channel frequency You should first scan your proposed site using a spectrum analyzer to determine if ther...

Page 51: ... bridge includes its own built in lightning protection However you should make sure that the unit any supporting structure and cables are all properly grounded Additional protection using lightning rods lightning arrestors or surge suppressors may also be employed Rain The wireless bridge is weatherproofed against rain Also prolonged heavy rain has no significant effect on the radio signal However...

Page 52: ... Determine if conduits bracing or other structures are required for safety or protection of the cable For lightning protection at the power injector end of the cable consider using a lightning arrestor immediately before the cable enters the building Grounding It is important that the wireless bridge cables and any supporting structures are properly grounded The wireless bridge unit includes a gro...

Page 53: ...includes its own bracket kit for mounting the unit to a 1 5 to 2 inch diameter steel pole or tube The pole mounting bracket allows the unit to be mounted to part of a radio mast or tower structure The unit also has a wall mounting bracket kit that enables it to be fixed to a building wall or roof when using external antennas Hardware installation of the wireless bridge involves these steps 1 Mount...

Page 54: ...operating correctly proceed to mount the units in their intended locations Mount the Unit Using the Pole Mounting Bracket Perform the following steps to mount the unit to a 1 5 to 2 inch diameter steel pole or tube using the mounting bracket 1 Always attach the bracket to a pole with the open end of the mounting grooves facing up 2 Place the U shaped part of the bracket around the pole and tighten...

Page 55: ...secure the wireless bridge to the bracket Be sure to take account of the antenna polarization direction both antennas in a link must be mounted with the same polarization Attach bracket to pole with mounting grooves facing up Antenna Polarization Direction ...

Page 56: ...ure it to a larger diameter pole without using the U shaped part of the bracket This method is illustrated in the following figure Using the Wall Mounting Bracket Perform the following steps to mount the unit to a wall using the wall mounting bracket Note The wall mounting bracket does not allow the wireless bridge s intrgrated antenna to be aligned It is intended for use with the unit using an ex...

Page 57: ... Connect External Antennas When deploying a SMC2888W M Master bridge unit for a bridge link or access point operation you need to mount external antennas and connect them to the bridge Typically a bridge link requires a 5 GHz antenna and access point operation a 2 4 GHz antenna SMC2888W S Slave units also require an external antenna for 2 4 GHz operation Perform these steps 1 Mount the external an...

Page 58: ...pe connector 3 Apply weatherproofing tape to the antenna connectors to help prevent water entering the connectors RF Coaxial Cable 2 4 GHz External Omnidirectional Antenna 2 4 GHz N type Connector 5 GHz N type Connector 5 GHz External High gain Panel Antenna SMC2888W M ...

Page 59: ... tape not included around the Ethernet connector 3 Be sure to ground the unit with an appropriate grounding wire not included by attaching it to the grounding screw on the unit Caution Be sure that grounding is available and that it meets local and national electrical codes For additional lightning protection use lightning rods lightning arrestors or surge suppressors Connect the Power Injector To...

Page 60: ...itch to the RJ 45 port labeled Input on the power injector Use Category 5 or better UTP cable for 10 100BASE TX connections Note The RJ 45 port on the power injector is an MDI port If connecting directly to a computer for testing the link use a crossover cable 3 Insert the power cable plug directly into the standard AC receptacle on the power injector 4 Plug the other end of the power cable into a...

Page 61: ...ment process requires two people at each end of the link The use of cell phones or two way radio communication may help with coordination To start you can just point the antennas at each other using binoculars or a compass to set the general direction For accurate alignment you must connect a DC voltmeter to the RSSI connector on the wireless bridge and monitor the voltage as the antenna moves hor...

Page 62: ...e following procedure on the other antenna Note The RSSI output can be configured through management interfaces to output a value for specific WDS ports See page 6 54 for more information 1 Remove the RSSI connector cover and connect a voltmeter using a cable with a male BNC connector not included Main Lobe Maximum Horizontal Scan Vertical Scan RSSI Voltage Side Lobe Maximum RSSI Voltage Remote An...

Page 63: ... in that position Note Sometimes there may not be a central lobe peak in the voltage because vertical alignment is too far off only two similar peaks for the side lobes are detected In this case fix the antenna so that it is halfway between the two peaks 4 Loosen the vertical adjustment on the mounting bracket and tilt the antenna slowly up and down while checking the RSSI voltage 5 Find the point...

Page 64: ...Hardware Installation 4 12 ...

Page 65: ...nfigured with a specific country code You must use the CLI to set the country code and enable wireless operation page 5 2 The wireless bridge requests an IP address via DHCP by default If no response is received from a DHCP server then the wireless bridge uses the default address 192 168 2 2 If this address is not compatible with your network you can first perform initial configuration using a PC ...

Page 66: ...tion of how to use the CLI see Using the Command Line Interface on page 7 1 For a list of all the CLI commands and detailed information on using the CLI refer to Command Groups on page 7 9 Initial Configuration Steps Setting the Country Code Regulations for wireless products differ from country to country Setting the country code restricts the wireless bridge to use only the radio channels and pow...

Page 67: ...n type interface ethernet to access the Ethernet interface configuration mode First type no ip dhcp to disable DHCP client mode Then type ip address ip address netmask gateway where ip address is the wireless bridge s IP address netmask is the network mask for the network and gateway is the default gateway router Check with your system administrator to obtain an IP address that is compatible with ...

Page 68: ...et up the wireless bridge for your network The Setup Wizard takes you through configuration procedures for the radio channel selection IP configuration and basic WEP encryption for wireless security The wireless bridge can be managed by any computer using a web browser Internet Explorer 5 0 or above or Netscape Navigator 6 2 or above Enter the IP configured for the unit or the default IP address h...

Page 69: ...nfiguration click Setup Wizard on the home page then click on the Next button to start the process 1 Service Set ID Enter the service set identifier in the SSID box which all wireless 802 11g clients must use to associate with the access point The SSID is case sensitive and can consist of up to 32 alphanumeric characters Default SMC ...

Page 70: ...Initial Configuration 5 6 2 Radio Channel You must enable radio communications for the 802 11a and 802 11g radios and set the operating channel 802 11a ...

Page 71: ... Normal mode supports 13 channels Turbo mode supports only 5 channels Default Disable 802 11a Radio Channel Set the operating radio channel number Default 56ch 5 280 GHz Auto Channel Select Select Enable to automatically select an unoccupied radio channel Default Enable 802 11b g 802 11g Radio Channel Set the operating radio channel number Range 1 11 Default 1 ...

Page 72: ...er network segment then you must enter the IP address for a gateway that can route traffic between these segments Then enter the IP address for the primary and secondary Domain Name Servers DNS servers to be used for host name to IP address resolution DHCP Client With DHCP Client enabled the IP address subnet mask and default gateway can be dynamically assigned to the access point by the network D...

Page 73: ...g table by specifying the Ethernet MAC address of the bridge to which you want to forward traffic For a Slave bridge unit you need to specify the MAC address of the wireless bridge unit at the opposite end of the link For a Master bridge unit you need to specify the MAC addresses of all the Slave bridge units in the network ...

Page 74: ...5 Authentication Type Use Open System to allow open access to all wireless clients without performing authentication or Shared Key to perform authentication based on a shared key that has been distributed to all stations Default Open System WEP Wired Equivalent Privacy is used to encrypt transmissions passing between wireless clients and the access point Default Disabled Shared Key Setup If you se...

Page 75: ...nual Entry The key can contain 10 hexadecimal digits or 5 alphanumeric characters 128 Bit Manual Entry The key can contain 26 hexadecimal digits or 13 alphanumeric characters 152 Bit Manual Entry The key can contain 32 hexadecimal digits or 16 alphanumeric characters Note All wireless devices must be configured with the same Key ID values to communicate with the access point 6 Click Finish 7 Click...

Page 76: ...Initial Configuration 5 12 ...

Page 77: ...hapter 5 to set up an IP address for the wireless bridge The wireless bridge can be managed by any computer using a web browser Internet Explorer 5 0 or above or Netscape Navigator 6 2 or above Enter the default IP address http 192 168 2 2 To log into the wireless bridge enter the default user name admin and password smcadmin then click LOGIN ...

Page 78: ...ill display The information in this chapter is organized to reflect the structure of the web screens for easy reference However it is recommended that you configure a user name and password as the first step under advanced configuration to control management access to the wireless bridge page 6 33 ...

Page 79: ...ss authentication 6 16 Filter Control Enables VLAN support and filters traffic matching specific Ethernet protocol types 6 26 SNMP Controls access to this wireless bridge from management stations using SNMP as well as the hosts that will receive trap messages 6 30 Administration Configures user name and password for management access upgrades software from local file FTP or TFTP server resets conf...

Page 80: ...s RSSI Controls the maximum RSSI voltage output for specific WDS ports 6 54 Radio Interface A Configures the IEEE 802 11a interface 6 56 Radio Settings Configures radio signal parameters such as radio channel transmission rate and beacon settings 6 57 Security Configures data encryption using Wired Equivalent Protection WEP or Wi Fi Protected Access WPA 6 66 Radio Interface G Configures the IEEE 8...

Page 81: ...d used for bridge links A Bridging is supported on the 802 11a 5 GHz band G Bridging is supported on the 802 11b g 2 4 GHz band None Bridging is not supported on either radio band Allows both bands to support access point operations for wireless clients Location A text string that describes the system location Maximum length 20 characters Contact A text string that describes the system contact Max...

Page 82: ...ommand to specify the bridge band AP configure 7 10 AP config system name R D 7 19 AP config snmp server location building 1 7 38 AP config snmp server contact Paul 7 35 AP config exit AP show system 7 22 System Information Serial Number 0000000005 System Up time 0 days 0 hours 35 minutes 56 seconds System Name R D System Location building 1 System Contact Paul System Country Code US UNITED STATES...

Page 83: ... network By default the wireless bridge will be automatically configured with IP settings from a Dynamic Host Configuration Protocol DHCP server However if you are not using a DHCP server to configure IP addressing use the CLI to manually configure the initial IP values page 5 2 After you have network access to the wireless bridge you can use the web browser interface to modify the initial IP conf...

Page 84: ...er DNS address are dynamically assigned to the wireless bridge by the network DHCP server Default Enabled DHCP Client Disable Select this option to manually configure a static address for the wireless bridge IP Address The IP address of the wireless bridge Valid IP addresses consist of four decimal numbers 0 to 255 separated by periods Subnet Mask The mask that identifies the host address bits use...

Page 85: ...d can be used to identify network hosts by familiar names instead of the IP addresses If you have one or more DNS servers located on the local network type the IP addresses in the text fields provided Otherwise leave the addresses as all zeros 0 0 0 0 CLI Commands for TCP IP Settings From the global configuration mode enter the interface configuration mode with the interface ethernet command Use t...

Page 86: ...naccessible Note This guide assumes that you have already configured RADIUS server s to support the access point Configuration of RADIUS server software is beyond the scope of this guide refer to the documentation provided with the RADIUS server software AP config interface ethernet 7 91 Enter Ethernet configuration commands one per line AP if ethernet no ip dhcp 7 94 AP if ethernet ip address 192...

Page 87: ...onfigure the following settings to use RADIUS authentication on the access point IP Address Specifies the IP address or host name of the RADIUS server Port The UDP port number used by the RADIUS server for authentication messages Range 1024 65535 Default 1812 ...

Page 88: ...ems connecting to the RADIUS server over the network Secondary Radius Server Setup Configure a secondary RADIUS server to provide a backup in case the primary server fails The access point uses the secondary server if the primary server fails or becomes inaccessible Once the access point switches over to the secondary server it periodically attempts to establish communication again with primary se...

Page 89: ...gement traffic that may initiated by the wireless bridge and carried over a PPPoE tunnel are RADIUS Syslog or DHCP traffic AP config radius server address 192 168 1 25 7 45 AP config radius server port 181 7 46 AP config radius server key green 7 47 AP config radius server timeout 10 7 48 AP config radius server retransmit 5 7 47 AP config exit AP show radius 7 48 Radius Server Information IP 192 ...

Page 90: ... assigned for the PPPoE tunnel Range 1 63 alphanumeric characters PPPoE Password The password assigned for the PPPoE tunnel Range 1 63 alphanumeric characters Confirm Password Use this field to confirm the PPPoE password PPPoE Service Name The service name assigned for the PPPoE tunnel The service name is normally optional but may be required by some service providers Range 1 63 alphanumeric chara...

Page 91: ...the service provider for both the local and remote IP addresses Local IP Address IP address of the local end of the PPPoE tunnel Must be entered for static IP allocation mode Remote IP Address IP address of the remote end of the PPPoE tunnel Must be entered for static IP allocation mode CLI Commands for PPPoE From the CLI configuration mode use the interface ethernet command to access interface co...

Page 92: ...ess points from gaining access to the network AP config interface ethernet 7 91 Enter Ethernet configuration commands one per line AP if ethernet ip pppoe 7 81 AP if ethernet pppoe username mike 7 87 AP if ethernet pppoe password 12345 7 88 AP if ethernet pppoe service name classA 7 89 AP if ethernet pppoe ip allocation mode static 7 82 AP if ethernet pppoe local ip 10 7 1 200 7 86 AP if ethernet ...

Page 93: ... 802 1X supplicant function Username Specifies the MD5 user name Range 1 22 characters Password Specifies the MD5 password Range 1 22 characters WDS Supplicant Setup Allows the access point to act as an 802 1X supplicant so it can be authenticated through a WDS wireless port with a RADIUS server on the remote network When enabled a unique MD5 user name and password needs to be configured for the W...

Page 94: ...a central RADIUS server Default Local MAC Local MAC The MAC address of the associating station is compared against the local database stored on the access point The Local MAC Authentication section enables the local database to be set up Radius MAC The MAC address of the associating station is sent to a configured RADIUS server for authentication When using a RADIUS authentication server for MAC a...

Page 95: ... user credentials for authentication The 802 1X standard uses the Extensible Authentication Protocol EAP to pass user credentials either digital certificates user names and passwords or other from the client to the RADIUS server Client authentication is then verified on the RADIUS server before the access point grants client access to the network The 802 1X EAP packets are also used to pass dynami...

Page 96: ...uccessfully authenticated with 802 1X are allowed to access the network When 802 1X is enabled the broadcast and session key rotation intervals can also be configured Broadcast Key Refresh Rate Sets the interval at which the broadcast keys are refreshed for stations using 802 1X dynamic keying Range 0 1440 minutes Default 0 means disabled Session Key Refresh Rate The interval at which the access p...

Page 97: ...a default action for all unknown MAC addresses that is those not listed in the local MAC database Deny Blocks access for all MAC addresses except those listed in the local database as Allow Allow Permits access for all MAC addresses except those listed in the local database as Deny MAC Authentication Settings Enters specified MAC addresses and permissions into the local MAC database MAC Address Ph...

Page 98: ...tion Use the mac authentication server command from the global configuration mode to enable local MAC authentication Set the default for MAC addresses not in the local table using the address filter default command then enter MAC addresses in the local table using the address filter entry command To remove an entry from the table use the address filter delete DUAL OUTDOOR config 802 1X supplicant ...

Page 99: ... config address filter entry 00 70 50 cc 99 1c allowed AP config address filter delete 00 70 50 cc 99 1c 7 58 AP config exit AP show authentication 7 60 Authentication Information MAC Authentication Server LOCAL MAC Auth Session Timeout Value 300 secs 802 1X DISABLED Broadcast Key Refresh Rate 5 min Session Key Refresh Rate 5 min 802 1X Session Timeout Value 300 secs Address Filtering DENIED Syste...

Page 100: ...urrent settings use the show authentication command from the Exec mode AP config mac authentication server remote 7 59 AP config mac authentication session timeout 300 7 60 AP config exit AP show authentication 7 60 Authentication Information MAC Authentication Server REMOTE MAC Auth Session Timeout Value 300 secs 802 1X DISABLED Broadcast Key Refresh Rate 5 min Session Key Refresh Rate 5 min 802 ...

Page 101: ...P config 802 1X broadcast key refresh rate 5 7 52 AP config 802 1X session key refresh rate 5 7 53 AP config 802 1X session timeout 300 7 54 AP config exit AP show authentication 7 60 Authentication Information MAC Authentication Server REMOTE MAC Auth Session Timeout Value 300 secs 802 1X SUPPORTED Broadcast Key Refresh Rate 5 min Session Key Refresh Rate 5 min 802 1X Session Timeout Value 300 se...

Page 102: ...d to a specific VLAN by RADIUS server configuration Range 1 64 VLAN Enables or disables VLAN tagging support on the wireless bridge changing the VLAN status forces a system reboot When VLAN support is enabled the wireless bridge tags traffic passing to the wired network with the assigned VLAN ID associated with each client on the RADIUS server or the configured native VLAN ID Traffic received from...

Page 103: ...ithin the same VLAN as they move around a campus site This feature can also be used to control access to network resources from wireless clients thereby improving security A VLAN ID 1 4094 is assigned to a client after successful authentication using IEEE 802 1X and a central RADIUS server The user VLAN IDs must be configured on the RADIUS server for each user authorized to access the network If a...

Page 104: ...ween clients through the access point However it does not affect communications between wireless clients and the wired network Disable Allows wireless to wireless communications between clients through the access point Enable Blocks wireless to wireless communications between clients through the access point AP Management Filter Controls management access to the access point from wireless clients ...

Page 105: ...le VLANs using the vlan enable command When you change the access point s VLAN support setting you must reboot the access point to implement the change To view the current VLAN settings use the show system command CLI Commands for Bridge Filtering Use the filter ap manage command to restrict management access from wireless clients To configure Ethernet protocol filtering use the filter ethernet ty...

Page 106: ...s should be configured Community names are used to control management access to SNMP stations as well as to authorize SNMP stations to receive trap messages from the wireless bridge To communicate with the wireless bridge a management station must first submit a valid community name for authentication You therefore need to assign community names to specified users or user groups and set the access...

Page 107: ...anagement stations are only able to retrieve MIB objects Maximum length 23 characters case sensitive Default public Community Name Read Write Defines the SNMP community access string that has read write access Authorized management stations are able to both retrieve and modify MIB objects Maximum length 23 characters case sensitive Default private Trap Destination IP Address Specifies the recipien...

Page 108: ...es use the snmp server community command The snmp server host command defines a trap receiver host To view the current SNMP settings use the show snmp command AP config snmp server enable server 7 36 AP config snmp server community alpha rw 7 34 AP config snmp server community beta ro AP config snmp server host 10 1 19 23 alpha 7 37 AP config exit AP show snmp 7 39 SNMP Information Service State E...

Page 109: ... the management interface you need to configure an Administrator s user name and password as soon as possible If the user name and password are not configured then anyone having access to the wireless bridge may be able to compromise wireless bridge and network security Username The name of the user The default name is admin Length 3 16 characters case sensitive New Password The password for manag...

Page 110: ...ge to implement the new code Until a reboot occurs the wireless bridge will continue to run the software it was using before the upgrade started Also note that rebooting the wireless bridge with new software will reset the configuration to the factory default settings Note Before upgrading your wireless bridge software it is recommended to save a copy of the current configuration file See copy on ...

Page 111: ...ress and subnet mask If you need to download from an FTP or TFTP server take the following additional steps Obtain the IP address of the FTP or TFTP server where the wireless bridge software is stored If upgrading from an FTP server be sure that you have an account configured on the server with a user name and password Current version Version number of runtime code ...

Page 112: ... click Start Upgrade to proceed New firmware file Specifies the name of the code file on the server The new firmware file name should not contain slashes or the leading letter of the file name should not be a period and the maximum length for file names on the FTP TFTP server is 255 characters or 32 characters for files on the wireless bridge Valid characters A Z a z 0 9 _ IP Address IP address or...

Page 113: ...ete the dir command can be used to check that the new file is present in the wireless bridge file system To run the new software use the reset board command to reboot the wireless bridge AP copy tftp file 7 41 1 Application image 2 Config file 3 Boot block image Select the type of download 1 2 3 1 1 TFTP Source file name bridge img bin TFTP Server IP 192 168 1 19 AP dir 7 43 File Name Type File Si...

Page 114: ...with the correct time and date Enabling System Logging The wireless bridge supports a logging process that can control error messages saved to memory or sent to a Syslog server The logged messages serve as a valuable tool for isolating wireless bridge and network problems System Log Setup Enables the logging of error messages Logging Host Enables the sending of log messages to a Syslog server host...

Page 115: ...log can be viewed using the Event Logs window in the Status section page 6 92 The Event Logs window displays the last 128 messages logged in chronological order from the newest to the oldest Log messages saved in the wireless bridge s memory are erased when the device is rebooted Error Level Description Emergency System unusable Alert Immediate action needed Critical Critical conditions e g memory...

Page 116: ...rk Time Protocol SNTP allows the wireless bridge to set its internal clock based on periodic updates from a time server SNTP or NTP Maintaining an accurate time on the wireless bridge enables the system log to record meaningful dates and times for event entries If the clock is not set the wireless bridge will only record the time from the factory default set at the last bootup AP config logging on...

Page 117: ...first attempts to update the time from the primary server if this fails it attempts an update from the secondary server Note The wireless bridge also allows you to disable SNTP and set the system clock manually using the CLI Set Time Zone SNTP uses Coordinated Universal Time or UTC formerly Greenwich Mean Time or GMT based on the time at the Earth s prime meridian zero degrees longitude To display...

Page 118: ...r support is disabled on the wireless bridge AP config sntp server ip 10 1 0 19 7 29 AP config sntp server enable 7 30 AP config sntp server timezone 8 7 32 AP config sntp server daylight saving 7 31 Enter Daylight saving from which month 1 12 3 and which day 1 31 31 Enter Daylight saving end to which month 1 12 10 and which day 1 31 31 AP config exit AP show sntp 7 33 SNTP Information Service Sta...

Page 119: ...s client cannot associate with the access point on the wireless bridge band To set up a wireless bridge link you must configure the WDS forwarding table by specifying the Ethernet MAC Address of the bridge to which you want to forward traffic For a Slave bridge unit you need to specify the MAC address of the wireless bridge unit at the opposite end of the link For a Master bridge unit you need to ...

Page 120: ...ddresses in the WDS forwarding table The MAC addresses of all other Slave bridge units in the network must be configured in the forwarding table Slave Mode A Slave wireless bridge provides support for only one MAC address in the WDS forwarding table A Slave bridge communicates with only one other wireless bridge either another Slave bridge in a point to point configuration or to the Master bridge ...

Page 121: ...e MAC addresses for all known devices in the connected networks All the addresses are learned by monitoring traffic received by the wireless bridge and are stored in a dynamic MAC address table This information is then used to forward traffic directly between the Ethernet port and the corresponding wireless interface The Bridging page allows the MAC address aging time to be set for both the Ethern...

Page 122: ...entries in the dynamic address table Ethernet The time after which a learned Ethernet port entry is discarded Range 60 1800 seconds Default 100 seconds Wireless 802 11a g The time after which a learned wireless entry is discarded Range 60 1800 seconds Default 1800 seconds ...

Page 123: ... which automatically take over when a primary link goes down STP uses a distributed algorithm to select a bridging device STP compliant switch bridge or router that serves as the root of the spanning tree network It selects a root port on each bridging AP config bridge timeout 0 300 7 66 AP config bridge timeout 2 1000 7 66 AP config exit AP show bridge 7 75 Bridge Information Media Type Age Time ...

Page 124: ...panning tree it enables all root ports and designated ports and disables all other ports Network packets are therefore only forwarded between root ports and designated ports eliminating any possible network loops Once a stable network topology has been established all bridges listen for Hello BPDUs Bridge Protocol Data Units transmitted from the root bridge If a bridge does not get a Hello BPDU af...

Page 125: ...earning to forwarding This delay is required because every device must receive information about topology changes before it starts to forward frames In addition each port needs time to listen for conflicting information that would make it return to a discarding state otherwise temporary data loops might result Range 4 30 seconds Default 15 Minimum The higher of 4 or Max Message Age 2 1 Maximum 30 ...

Page 126: ...tached LAN If it is a root port a new root port is selected from among the device ports attached to the network Range 6 40 seconds Default 20 Minimum The higher of 6 or 2 x Hello Time 1 Maximum The lower of 40 or 2 x Forward Delay 1 Bridge Priority Used in selecting the root device root port and designated port The device with the highest priority becomes the STP root device However if all devices...

Page 127: ...rotocol If the path cost for all ports on a switch are the same the port with the highest priority i e lowest value will be configured as an active link in the spanning tree This makes a port with higher priority less likely to be blocked if the Spanning Tree Protocol is detecting network loops Where more than one port is assigned the highest priority the port with lowest numeric identifier will b...

Page 128: ...cker convergence for devices such as workstations or servers retains the current forwarding database to reduce the amount of frame flooding required to rebuild address tables during reconfiguration events does not cause the spanning tree to initiate reconfiguration when the interface changes state and also overcomes other STP related timeout problems However remember that fast forwarding should on...

Page 129: ...led 5 7 74 AP config bridge stp port priority 5 0 7 72 AP config bridge stp port path cost 5 50 7 71 AP config no bridge stp port portfast 5 7 73 AP config end AP show bridge 7 75 Bridge Information Media Type Age Time sec EtherNet 300 WLAN_A 1000 Bridge Id 32768 037fbef192 Root Bridge Id 32768 01f47483e2 Root Path Cost 25 Root Port Id 0 Bridge Status Enabled Bridge Priority 40000 Bridge Hello Tim...

Page 130: ... page 4 9 and monitor the quality of the received signal for bridge links An RSSI value of about 30 or more indicates a strong enough signal to support the maximum data rate of 54 Mbps Below a value of 30 the supported data rate would drop to lower rates A value of 15 or less indicates that the signal is weak and the antennas may require realignment The RSSI controls allow the external connector t...

Page 131: ...ted WDS port A value of zero indicates that there is no received signal or that the WDS port is disabled Distance This value is used to adjust timeout values to take into account transmit delays due to link distances in the wireless bridge network For a point to point link specify the approximate distance between the two bridges For a point to multipoint network specify the distance of the Slave b...

Page 132: ... in access point mode 802 11a in access point mode and 802 11g in bridge mode 802 11a and 802 11g both in access point mode no bridging 802 11a only in bridge or access point mode 802 11g only in bridge or access point mode Note that 802 11g is backward compatible with 802 11b and can be configured to support both client types or restricted to 802 11g clients only Both wireless interfaces are conf...

Page 133: ...t Enabled Description Adds a comment or description to the wireless interface Range 1 80 characters Network Name SSID Access point mode only The name of the basic service set provided by the access point Clients that want to connect to the network through the access point must set their SSID to the same as that of the access point Default SMC Range 1 32 characters Note The SSID is not configurable...

Page 134: ...by local regulations e g 11 channels for the United States In Turbo Mode the channel bandwidth is increased to 40 MHz to support the increased data rate However this reduces the number of channels supported e g 5 channels for the United States Radio Channel The radio channel that the wireless bridge uses to communicate with wireless clients When multiple wireless bridges are deployed in the same a...

Page 135: ...ssion distance Options 54 48 36 24 18 12 9 6 Mbps Default 54 Mbps Beacon Interval The rate at which beacon signals are transmitted from the wireless bridge The beacon signals allow wireless clients to maintain contact with the wireless bridge They may also carry power management information Range 20 1000 TUs Default 100 TUs Data Beacon Rate The rate at which stations in sleep mode must wake up to ...

Page 136: ... interference is present because it requires overhead to send multiple frames Range 256 2346 bytes Default 2346 bytes RTS Threshold Sets the packet size threshold at which a Request to Send RTS signal must be sent to a receiving station prior to the sending station starting communications The wireless bridge sends RTS frames to a receiving station to negotiate the sending of a data frame After rec...

Page 137: ...ireless Interface From the global configuration mode enter the interface wireless a command to access the 802 11a radio interface If required configure a name for the interface using the description command Use the turbo command to enable this feature before setting the radio channel with the channel command Set any other parameters as required To view the current 802 11a radio settings use the sh...

Page 138: ... 7 105 AP if wireless a rts threshold 256 7 106 AP if wireless a exit AP show interface wireless a 7 120 Wireless Interface Information Identification Description RD AP 3 Service Type Access Point SSID r d Turbo Mode OFF Channel 44 Status Disable 802 11 Parameters Transmit Power FULL 15 dBm Max Station Data Rate 9Mbps Fragmentation Threshold 512 bytes RTS Threshold 256 bytes Beacon Interval 150 TU...

Page 139: ... it allows clients with 802 11b wireless network cards to associate to an 802 11g access point Enable Enables radio communications on the access point Default Enabled Radio Channel The radio channel that the access point uses to communicate with wireless clients When multiple access points are deployed in the same area set the channel on neighboring access points at least five channels apart to av...

Page 140: ... access point up to 54 Mbps b only Both 802 11b and 802 11g clients can communicate with the access point but 802 11g clients can only transfer data at 802 11b standard rates up to 11 Mbps Maximum Station Data Rate The maximum data rate at which the access point transmits unicast packets on the wireless interface The maximum transmission distance is affected by the data rate The lower the data rat...

Page 141: ...50 7 104 AP if wireless g dtim period 5 7 104 AP if wireless g fragmentation length 512 7 105 AP if wireless g rts threshold 256 7 106 AP if wireless g exit AP show interface wireless g 7 120 Wireless Interface Information Identification Description Enterprise 802 11g Wireless Outdoor Bridge AP Service Type Access Point SSID r d Channel 11 AUTO Status Enable 802 11 Parameters Transmit Power FULL 1...

Page 142: ...ata transmissions enable WEP or AES encryption for the bridge radio and set at least one encryption key Wired Equivalent Privacy WEP WEP provides a basic level of security preventing unauthorized access to the network and encrypting data transmitted between wireless bridge units WEP uses static shared keys fixed length hexadecimal or alphanumeric strings that are manually configured on all units i...

Page 143: ... Note that the same size of WEP encryption key must be set on all bridge units in the wireless network Default 128 Bit Key Type Select the preferred method of entering WEP encryption keys on the wireless bridge and enter up to four keys Hexadecimal Enter keys as 10 hexadecimal digits 0 to 9 and A to F for 64 bit keys 26 hexadecimal digits for 128 bit keys or 32 hexadecimal digits for 152 bit keys ...

Page 144: ...itive nonclassified information Because of its strength and resistance to attack AES is also being incorporated as part of the 802 11 security standard The bridge radio band uses 128 bit static AES keys hexadecimal or alphanumeric strings that are configured for each link pair in the wireless bridge network For a Slave bridge unit only one encryption key needs to be defined A Master bridge allows ...

Page 145: ...nly one wireless port link but a Master bridge supports up to 16 links Default Disable Key Type Select the preferred method of entering AES encryption keys on the wireless bridge and enter a key for each bridge link in the network Hexadecimal Enter keys as exactly 32 hexadecimal digits 0 to 9 and A to F Alphanumeric Enter keys as an alphanumeric string using between 8 and 31 characters Note For ea...

Page 146: ...reless a transmit key 1 7 113 AP if wireless a exit AP show interface wireless a 7 120 Wireless Interface Information Identification Description Enterprise 802 11a Wireless Outdoor Bridge AP Service Type WDS Bridge SSID DualBandOutdoor Turbo Mode OFF Channel 36 Status Disable 802 11 Parameters Transmit Power FULL 15 dBm Max Station Data Rate 54Mbps Fragmentation Threshold 2346 bytes RTS Threshold ...

Page 147: ...mands one per line AP if wireless a encryption wdsaes alphanumeric 7 110 AP if wireless a key wdsaes 1 agoodsecretkey 7 112 AP if wireless a exit AP show interface wireless a 7 120 Wireless Interface Information Identification Description Enterprise 802 11a Wireless Outdoor Bridge AP Service Type WDS Bridge SSID DualBandOutdoor Turbo Mode OFF Channel 36 Status Disable 802 11 Parameters Transmit Po...

Page 148: ...ntication It must be verified that clients attempting to connect to the network are authorized users Traffic Encryption Data passing between the access point and clients must be protected from interception and evesdropping For a more secure network the access point can implement one or a combination of the following security mechanisms Wired Equivalent Privacy WEP page 6 66 IEEE 802 1Xpage 6 19 Wi...

Page 149: ...ress Filtering Uses the MAC address of client network card Provides only weak user authentication Management of authorized MAC addresses Can be combined with other methods for improved security Optionally configured RADIUS server WPA over 802 1X Mode Requires WPA enabled system and network card driver native support provided in Windows XP Provides robust security in WPA only mode i e WPA clients o...

Page 150: ...ings that are manually distributed to all clients that want to use the network WEP is the security protocol initially specified in the IEEE 802 11 standard for wireless communications Unfortunately WEP has been found to be seriously flawed and cannot be recommended for a high level of network security For more robust wireless security the access point provides Wi Fi Protected Access WPA for improv...

Page 151: ...WEP shared keys If this option is selected you must configure at least one key on the access point and all clients Note To use 802 1X on wireless clients requires a network card driver and 802 1X client software that supports the EAP authentication type that you want to use Windows 2000 SP3 or later and Windows XP provide 802 1X client support Windows XP also provides native WPA support Other syst...

Page 152: ...four keys Hexadecimal Enter keys as 10 hexadecimal digits 0 to 9 and A to F for 64 bit keys 26 hexadecimal digits for 128 bit keys or 32 hexadecimal digits for 152 bit keys 802 11a radio only Alphanumeric Enter keys as 5 alphanumeric characters for 64 bit keys 13 alphanumeric characters for 128 bit keys or 16 alphanumeric characters for 152 bit keys 802 11a radio only Transmit Key Select Selects t...

Page 153: ...the key command and then set one key as the transmit key using the transmit key command Then disable 802 1X port authentication with the no 802 1X command To view the current security settings use the WEP only WEP over 802 1X Authentication Type Shared Key WEP encryption Enable WPA clients only Disable Multicast Cipher WEP Shared Key 64 128 152 Key Type Hex 10 26 32 characters ASCII 5 13 16 charac...

Page 154: ...AP config no 802 1X 7 51 AP config end AP show interface wireless g 7 120 Wireless Interface Information Identification Description Enterprise 802 11g WIreless Outdoor Bridge AP Service Type Access Point SSID DualBandOutdoor Channel 5 AUTO Status Disable 802 11 Parameters Transmit Power FULL 20 dBm Max Station Data Rate 54Mbps Fragmentation Threshold 2346 bytes RTS Threshold 2347 bytes Beacon Inte...

Page 155: ...mand and disable MAC authentication with the mac authentication command To view the current 802 11g security settings use the show interface wireless g command not shown in example AP config interface wireless g 7 99 Enter Wireless configuration commands one per line AP if wireless g authentication open 7 109 AP if wireless g encryption 128 7 110 AP if wireless g multicast cipher wep 7 114 AP if w...

Page 156: ...cation Protocol EAP WPA employs 802 1X as its basic framework for user authentication and dynamic key management The 802 1X client and RADIUS server should use an appropriate EAP type such as EAP TLS Transport Layer Security EAP TTLS Tunneled TLS or PEAP Protected EAP for strongest authentication Working together these protocols provide mutual authentication between a client the access point and a...

Page 157: ...mechanism which periodically changes the master key WPA Pre Shared Key PSK Mode For enterprise deployment WPA requires a RADIUS authentication server to be configured on the wired network However for small office networks that may not have the resources to configure and maintain a RADIUS server WPA provides a simple operating mode that uses just a pre shared password for network access The Pre Sha...

Page 158: ...mode configuration you can use either MAC authentication or 802 1X authentication Advanced Encryption Standard AES Support WPA specifies AES encryption as an optional alternative to TKIP and WEP AES provides very strong encryption using a completely different ciphering algorithm to TKIP and WEP The developing IEEE 802 11i wireless security standard has specified AES as an eventual replacement for ...

Page 159: ...er authentication For smaller networks WPA can be enabled using a common pre shared key for client authentication with the access point WPA authentication over 802 1X The WPA enterprise mode that uses IEEE 802 1X to authenticate users and to dynamically distribute encryption keys to clients WPA Pre shared Key The WPA mode for small networks that uses a common password string that is manually distr...

Page 160: ...rd DES encryption algorithm and will be used by the U S government for encrypting all sensitive nonclassified information Because of its strength and resistance to attack AES is also being incorporated as part of the 802 11 standard WPA Pre Shared Key Type If the WPA pre shared key mode is used all wireless clients must be configured with the same key to communicate with the access point Hexadecim...

Page 161: ... Open System WEP encryption Enable1 WPA clients only Enable WPA Mode Pre shared key Multicast Cipher WEP TKIP AES2 WPA PSK Type Hex 64 characters ASCII 8 63 characters Shared Key 64 128 152 802 1X Disabled3 MAC Authentication Disabled Local4 Authentication Type Open System WEP encryption Enable1 WPA clients only Enable WPA Mode WPA over 802 1X Multicast Cipher WEP TKIP AES2 Shared Key 64 128 152 8...

Page 162: ... 802 11g security settings use the show interface wireless g command not shown in example AP config interface wireless g 7 99 Enter Wireless configuration commands one per line AP if wireless g authentication open 7 109 AP if wireless g encryption 128 7 110 AP if wireless g wpa clients required 7 116 AP if wireless g wpa mode pre shared key 7 117 AP if wireless g wpa psk type alphanumeric 7 119 AP...

Page 163: ...ttings for the wireless interfaces AP System Configuration The AP System Configuration table displays the basic system configuration settings Menu Description Page AP Status Displays configuration settings for the basic system and the wireless interfaces 6 87 Station Status Shows wireless clients currently associated with the access point 6 90 Event Logs Shows log messages stored in memory 6 92 ...

Page 164: ...t exist on other network segments HTTP Server Shows if management access via HTTP is enabled HTTP Server Port Shows the TCP port used by the HTTP interface Version Shows the version number for the runtime code AP Wireless Configuration The AP Wireless Configuration table displays the wireless interface settings listed below Note that Radio A refers to the 802 11a interface and Radio G to the 802 1...

Page 165: ...tings use the show interface wireless a command see page 7 120 AP show system 7 22 System Information Serial Number System Up time 0 days 5 hours 2 minutes 4 seconds System Name Dual Band Outdoor AP System Location System Contact Contact System Country Code US UNITED STATES MAC Address 00 03 7F BE F8 99 IP Address 192 168 2 2 Subnet Mask 255 255 255 0 Default Gateway 0 0 0 0 VLAN State DISABLED Na...

Page 166: ...Address The MAC address of the remote wireless bridge Authenticated Shows if the station has been authenticated The two basic methods of authentication supported for 802 11 wireless networks are open system and shared key Open system authentication accepts any client attempting to connect to the access point without verifying its identity The shared key approach uses Wired Equivalent Privacy WEP t...

Page 167: ...802 1X authentication with dynamic keying Static The client is using static WEP keys for encryption CLI Commands for Displaying Station Information To view status of clients currently associated with the access point use the show station command from the Exec mode AP show station 7 121 Station Table Information 802 11a Channel 56 No 802 11a Channel Stations 802 11g Channel 11 802 11g Channel Stati...

Page 168: ...ng level associated with this message For a description of the various levels see logging level on page 6 38 Event Message The content of the log message CLI Commands for Displaying the Event Logs From the global configuration mode use the show logging command AP show loggging 7 27 Logging Information Syslog State Enabled Logging Host State Enabled Logging Console State Enabled Server Domain name ...

Page 169: ...Status Information 6 93 ...

Page 170: ...System Configuration 6 94 ...

Page 171: ...nsport protocol In this environment your management station and any network device you want to manage over the network must have a valid IP address Valid IP addresses consist of four decimal numbers 0 to 255 separated by periods Each address consists of a network portion and host portion For example if the wireless bridge cannot acquire an IP address from a DHCP server the default IP address used ...

Page 172: ...the prompt enter the user name and system password The CLI will display the AP prompt to show that you are using executive access mode i e Exec 3 Enter the necessary commands to complete your desired tasks 4 When finished exit the session with the quit or exit command After entering the Telnet command the login screen displays Note You can open up to four sessions to the device via Telnet AP confi...

Page 173: ...ord To enter commands that require parameters enter the required parameters after the command keyword For example to set a password for the administrator enter AP config username smith Minimum Abbreviation The CLI will accept a minimum number of characters that uniquely identify a command For example the command configure can be entered as con If an entry is ambiguous the system will prompt for fu...

Page 174: ...a specific command For example the command show displays a list of possible show commands Outdoor Bridge show authentication Show Authentication parameters bootfile Show bootfile name bridge Show bridge table filters Show filters hardware Show hardware version history Display the session history interface Show interface information line TTY line information logging Show the logging buffers memory ...

Page 175: ...the default value For example the logging command will log system messages to a host server To disable logging specify the no logging command This guide describes the negation effect for all applicable commands Using Command History The CLI maintains a history of commands that have been entered You can scroll back through the history of commands by pressing the up arrow key Any command displayed i...

Page 176: ...t the prompt to display a list of the commands available for the current mode The command classes and associated modes are displayed in the following table Exec Commands When you open a new console session on wireless bridge the system enters Exec command mode Only a limited number of the commands are available in this mode You can access all other commands only from the configuration mode To acce...

Page 177: ...ce Wireless Configuration These commands modify the wireless port configuration and include command such as channel and encryption To enter the Global Configuration mode enter the command configure in Exec mode The system prompt will change to AP config which gives you access privilege to all Global Configuration commands To enter Interface mode you must enter the interface ethernet or interface w...

Page 178: ...ommand line Ctrl B Shifts cursor to the left one character Ctrl C Terminates a task and displays the command prompt Ctrl E Shifts cursor to end of command line Ctrl F Shifts cursor to the right one character Ctrl K Deletes from cursor to the end of the command line Ctrl L Repeats current command line on a new line Ctrl N Enters the next command line in the history buffer Ctrl P Shows the last comm...

Page 179: ...code image or wireless bridge configuration files 7 39 RADIUS Configures the RADIUS client used with 802 1x authentication 7 45 Authentication Configures IEEE 802 1x port access control and address filtering 7 49 WDS Configures the Wireless Distribution System forwarding table 7 61 Bridge Configures MAC address table aging time settings and spanning tree parameters 7 65 Filtering Filters access to...

Page 180: ...nterface Configuration see Using the Command Line Interface on page 7 1 Default Setting None IAPP Enables roaming between multi vendor access points 7 122 VLANs Configures VLAN support 7 123 Command Function Mode Page configure Activates global configuration mode Exec 7 10 end Returns to the previous configuration mode GC IC 7 11 exit Returns to Exec mode or exits the CLI any 7 11 ping Sends ICMP ...

Page 181: ...lt Setting None Command Mode Global Configuration Interface Configuration Example This example shows how to return to the Configuration mode from the Interface Configuration mode exit This command returns to the Exec mode or exits the configuration program Default Setting None Command Mode Any AP configure AP config AP if ethernet end AP config ...

Page 182: ...tting None Command Mode Exec Command Usage Use the ping command to see if another site on the network can be reached The following are some results of the ping command Normal response The normal response occurs in one to ten seconds depending on network traffic Destination does not respond If the host does not respond a timeout appears in ten seconds Destination unreachable The gateway forthis des...

Page 183: ...tings Syntax reset board configuration board Reboots the system configuration Resets the configuration settings to the factory defaults and then reboots the system Default Setting None Command Mode Exec Command Usage When the system is restarted it will always run the Power On Self Test Example This example shows how to reset the system AP ping 10 1 0 19 192 168 1 19 is alive AP AP reset board Reb...

Page 184: ... history buffer size is fixed at 10 commands Use the up or down arrow keys to scroll through the commands in the history buffer Example In this example the show history command lists the contents of the command history buffer show line This command displays the console port s configuration settings Command Mode Exec AP show history config exit show history AP ...

Page 185: ...op bits 1 AP Command Function Mode Page Country Setting country Sets the wireless bridge country code for correct radio operation Exec 7 16 Device Designation prompt Customizes the command line prompt GC 7 18 system name Specifies the host name for the wireless bridge GC 7 19 snmp server contact Sets the system contact string GC 7 35 snmp server location Sets the system location string GC 7 38 Use...

Page 186: ...r GC 7 21 System Status show system Displays system information Exec 7 22 show version Displays version information for the system Exec 7 23 Country Code Country Code Country Code Country Code Albania AL Dominican Republic DO Kuwait KW Romania RO Algeria DZ Ecuador EC Latvia LV Russia RU Argentina AR Egypt EG Lebanon LB Saudi Arabia SA Armenia AM Estonia EE Liechtenstein LI Singapore SG Australia ...

Page 187: ...O Hungary HU Morocco MA Taiwan TW Brazil BR Iceland IS Netherlands NL Thailand TH Brunei Darussalam BN India IN New Zealand NZ Turkey TR Bulgaria BG Indonesia ID Norway NO Ukraine UA Canada CA Iran IR Oman OM United Arab Emirates AE Chile CL Ireland IE Pakistan PK United Kingdom GB China CN Israel IL Panama PA United States US Colombia CO Italy IT Peru PE Uruguay UY Costa Rica CR Japan JP Philippi...

Page 188: ...Use the no form to restore the default prompt Syntax prompt string no prompt string Any alphanumeric string to use for the CLI prompt Maximum length 255 characters Default Setting Dual Outdoor Command Mode Global Configuration Example AP country us AP AP config prompt RD2 RD2 config ...

Page 189: ...stem name name The name of this host Maximum length 32 characters Default Setting Outdoor Bridge Command Mode Global Configuration Example username This command configures the user name for management access Syntax username name name The name of the user Length 3 16 characters case sensitive Default Setting admin Command Mode Global Configuration AP config system name bridge link AP config ...

Page 190: ...or management access Length 3 16 characters case sensitive Default Setting smcadmin Command Mode Global Configuration Example ip http port This command specifies the TCP port number used by the web browser interface Use the no form to use the default port Syntax ip http port port number no ip http port port number The TCP port to be used by the browser inter face Range 1024 65535 AP config usernam...

Page 191: ... server This command allows this device to be monitored or configured from a browser Use the no form to disable this function Syntax ip http server no ip http server Default Setting Enabled Command Mode Global Configuration Example Related Commands ip http port page 7 20 AP config ip http port 1143 AP config AP config ip http server AP config ...

Page 192: ...me 0 days 0 hours 17 minutes 2 seconds System Name Dual Band Outdoor AP System Location System Contact Contact System Country Code TW TAIWAN MAC Address 00 03 7F E0 06 EA IP Address 192 168 2 2 Subnet Mask 255 255 255 0 Default Gateway 0 0 0 0 VLAN State DISABLED Native VLAN ID 1 IAPP State ENABLED DHCP Client ENABLED HTTP Server ENABLED HTTP Server Port 80 Slot Status Dual band a g Software Versi...

Page 193: ...2 1B05 AP Command Function Mode Page logging on Controls logging of error messages GC 7 24 logging host Adds a syslog server host IP address that will receive logging messages GC 7 24 logging console Initiates logging of error messages to the console GC 7 25 logging level Defines the minimum severity level for event logging GC 7 25 logging facility type Sets the facility type for remote logging of...

Page 194: ...ess controls error messages saved to memory You can use the logging level command to control the type of error messages that are stored in memory Example logging host This command specifies a syslog server host that will receive logging messages Use the no form to remove syslog server host Syntax logging host host_name host_ip_address no logging host host_name The name of a syslog server Range 1 2...

Page 195: ...rm to disable logging to the console Syntax logging console no logging console Default Setting Disabled Command Mode Global Configuration Example logging level This command sets the minimum severity level for event logging Syntax logging level Emergency Alert Critical Error Warning Notice Informational Debug AP config logging host 10 1 0 3 AP config AP config logging console AP config ...

Page 196: ...y used by the syslog server to dispatch log messages to an appropriate service Range 16 23 Level Argument Description Emergency System unusable Alert Immediate action needed Critical Critical conditions e g memory allocation or free memory error resource exhausted Error Error conditions e g invalid input default used Warning Warning conditions e g return false unexpected return Notice Normal but s...

Page 197: ...ssages See RFC 3164 This type has no effect on the kind of messages reported by the wireless bridge However it may be used by the syslog server to sort messages or to store messages in the corresponding database Example show logging This command displays the logging configuration Syntax show logging Command Mode Exec AP config logging facility 19 AP config ...

Page 198: ...el Error Logging Facility Type 16 AP Command Function Mode Page sntp server ip Specifies one or more time servers GC 7 29 sntp server enable Accepts time from the specified time servers GC 7 30 sntp server date time Manually sets the system date and time GC 7 31 sntp server daylight saving Sets the start and end dates for daylight savings time GC 7 31 sntp server timezone Sets the time zone for th...

Page 199: ...n time server NTP or SNTP Default Setting 137 92 140 80 192 43 244 18 Command Mode Global Configuration Command Usage When SNTP client mode is enabled using the sntp server enable command the sntp server ip command specifies the time servers from which the wireless bridge polls for time updates The wireless bridge will poll the time servers in the order specified until a response is received Examp...

Page 200: ...ver enable no sntp server enable Default Setting Disabled Command Mode Global Configuration Command Usage The time acquired from time servers is used to record accurate dates and times for log events Without SNTP the wireless bridge only records the time starting from the factory default set at the last bootup i e 00 14 00 January 1 1970 Example Related Commands sntp server ip page 7 29 show sntp ...

Page 201: ...ommands sntp server enable page 7 30 sntp server daylight saving This command sets the start and end dates for daylight savings time Use the no form to disable daylight savings time Syntax sntp server daylight saving no sntp server daylight saving Default Setting Disabled Command Mode Global Configuration AP sntp server date time Enter Year 1970 2100 2003 Enter Month 1 12 6 Enter Day 1 31 19 Enter...

Page 202: ... sntp server timezone hours hours Number of hours before after UTC Range 12 to 12 hours Default Setting None Command Mode Global Configuration Command Usage This command sets the local time zone relative to the Coordinated Universal Time UTC formerly Greenwich Mean Time or GMT based on the earth s prime meridian zero AP config sntp server daylight saving Enter Daylight saving from which month 1 12...

Page 203: ... Example show sntp This command displays the current time and configuration settings for the SNTP client Command Mode Exec Example AP config sntp server timezone 8 AP config AP show sntp SNTP Information Service State Enabled SNTP server 1 IP 137 92 140 80 SNTP server 2 IP 192 43 244 18 Current Time 08 04 Jun 20th 2003 Time Zone 8 TAIPEI BEIJING Daylight Saving Enabled from Jun 1st to Sep 1st AP ...

Page 204: ...the SNMP protocol Maximum length 23 characters case sensitive ro Specifies read only access Authorized management stations are only able to retrieve MIB objects rw Specifies read write access Authorized management stations are able to both retrieve and modify MIB objects Command Function Mode Page snmp server community Sets up the community access string to permit access to SNMP commands GC 7 34 s...

Page 205: ...ommand Usage If you enter a community string without the ro or rw option the default is read only Example snmp server contact This command sets the system contact string Use the no form to remove the system contact information Syntax snmp server contact string no snmp server contact string String that describes the system contact Maximum length 255 characters Default Setting Contact Command Mode G...

Page 206: ...essages Syntax snmp server enable server no snmp server enable server Default Setting Disabled Command Mode Global Configuration Command Usage This command enables both authentication failure notifications and link up down notifications The snmp server host command specifies the host device that will receive SNMP notifications Example Related Commands snmp server host page 7 37 AP config snmp serv...

Page 207: ...ity string Password like community string sent with the notification operation Although you can set this string using the snmp server host command by itself we recommend that you define this string using the snmp server community command prior to using the snmp server host command Maximum length 23 characters Default Setting Host Address None Community String public Command Mode Global Configurati...

Page 208: ...remove the location string Syntax snmp server location text no snmp server location text String that describes the system location Maximum length 20 characters Default Setting None Command Mode Global Configuration Example Related Commands snmp server contact page 7 35 AP config snmp server host 10 1 19 23 batman AP config AP config snmp server location building 1 AP config ...

Page 209: ...ation Service State Enable Community ro Community rw Location WC 19 Contact Paul Traps Enabled Host Name IP 10 1 19 23 Trap Community AP Command Function Mode Page bootfile Specifies the file or image used to start up the system Exec 7 40 copy Copies a code image or configuration between flash memory and a FTP TFTP server Exec 7 41 delete Deletes a file or code image Exec 7 42 dir Displays a list ...

Page 210: ...file Default Setting None Command Mode Exec Command Usage The file name should not contain slashes or the leading letter of the file name should not be a period and the maximum length for file names is 32 characters Valid characters A Z a z 0 9 _ If the file contains an error it cannot be set as the default file Example AP bootfile bridge img bin AP ...

Page 211: ...r and the quality of the network connection Syntax copy ftp tftp file copy config ftp tftp ftp Keyword that allows you to copy to from an FTP server tftp Keyword that allows you to copy to from a TFTP server file Keyword that allows you to copy to from a flash memory file config Keyword that allows you to upload the configuration file from flash memory Default Setting None Command Mode Exec Comman...

Page 212: ... system configuration file must be named syscfg in all copy commands Example The following example shows how to upload the configuration settings to a file on the TFTP server The following example shows how to download a configuration file delete This command deletes a file or image Syntax delete filename filename Name of the configuration file or image name AP copy config tftp TFTP Source file na...

Page 213: ...one used to boot the wireless bridge is deleted be sure you first use the bootfile command to update the application image file booted at startup before you reboot the wireless bridge Example This example shows how to delete the test cfg configuration file from flash memory Related Commands bootfile page 7 40 dir page 7 43 dir This command displays a list of files in flash memory Command Mode Exec...

Page 214: ...information Column Heading Description File Name The name of the file Type 2 Operation Code and 5 Configuration file File Size The length of the file in bytes AP dir apimg1 765652 zz img bin 1309756 dflt img bin 1177004 ap3xart sys 641540 syscfg_bak 26928 syscfg 26928 apcfg 2932 zz imgf bin 1177004 apcfg bak 2932 2502656 bytes free AP ...

Page 215: ... and secondary RADIUS servers Syntax radius server address secondary host_ip_address host_name secondary Secondary server host_ip_address IP address of server host_name Host name of server Range 1 20 characters Default Setting None Command Function Mode Page radius server address Specifies the RADIUS server GC 7 45 radius server port Sets the RADIUS server network port GC 7 46 radius server key Se...

Page 216: ...work port Syntax radius server secondary port port_number secondary Secondary server port_number RADIUS server UDP port used for authentication messages Range 1024 65535 Default Setting 1812 Command Mode Global Configuration Example AP config radius server address 192 168 1 25 AP config AP config radius server port 181 AP config ...

Page 217: ...Maximum length 20 characters Default Setting DEFAULT Command Mode Global Configuration Example radius server retransmit This command sets the number of retries Syntax radius server secondary retransmit number_of_retries secondary Secondary server number_of_retries Number of times the access point will try to authenticate logon access via the RADIUS server Range 1 30 Default Setting 3 Command Mode ...

Page 218: ...onds secondary Secondary server number_of_seconds Number of seconds the access point waits for a reply before resending a request Range 1 60 Default Setting 5 Command Mode Global Configuration Example show radius This command displays the current settings for the RADIUS server Default Setting None Command Mode Exec AP config radius server retransmit 5 AP config AP config radius server timeout 10 A...

Page 219: ...ent application to submit user credentials for authentication Client authentication is then verified via by a RADIUS server using EAP Extensible Authentication Protocol before the access point grants client access to the network AP show radius Radius Server Information IP 192 168 1 25 Port 181 Key Retransmit 5 Timeout 10 Radius Secondary Server Information IP 0 0 0 0 Port 1812 Key Retransmit 3 Tim...

Page 220: ...imary broadcast keys are refreshed for stations using 802 1x dynamic keying GC 7 52 802 1x session key refresh rate Sets the interval at which unicast session keys are refreshed for associated stations using dynamic keying GC 7 53 802 1x session timeout Sets the timeout after which a connected client must be re authenticated GC 7 54 802 1x supplicant Sets the supplicant user name and password for ...

Page 221: ...ication for all clients Default Setting Disabled Command Mode Global Configuration Command Usage When 802 1x is disabled the access point does not support 802 1x authentication for any station After successful 802 11 association each client is allowed to access the network mac authentication session timeout Sets the interval at which associated clients will be re authenticated with the RADIUS serv...

Page 222: ...rces 802 1x authentication for all 802 11 associated stations If 802 1x authentication is not initiated by the station the access point will initiate authentication Only those stations successfully authenticated with 802 1x are allowed to access the network 802 1x does not apply to the 10 100Base TX port Example 802 1x broadcast key refresh rate This command sets the interval at which the broadcas...

Page 223: ...e a random group key and periodically update all key management capable wireless clients Example 802 1x session key refresh rate This command sets the interval at which unicast session keys are refreshed for associated stations using dynamic keying Syntax 802 1x session key refresh rate rate rate The interval at which the access point refreshes a session key Range 0 1440 minutes Default Setting 0 ...

Page 224: ... authenticated Use the no form to disable 802 1x re authentication Syntax 802 1x session timeout seconds no 802 1x session timeout seconds The number of seconds Range 0 65535 Default 0 Disabled Command Mode Global Configuration Example AP config 802 1x session key refresh rate 5 AP config AP config 802 1x session timeout 300 AP config ...

Page 225: ...port eth_password Specifies a password for authentication using the Ethernet port Range 1 32 alphanumeric characters eth_user Specifies a username for authentication using the Ethernet port Range 1 32 alphanumeric characters wds_password Specifies a password for authentication using the specified WDS port Range 1 32 alphanumeric characters wds_user Specifies a username for authentication using the...

Page 226: ...le address filter default This command sets filtering to allow or deny listed MAC addresses Syntax address filter default allowed denied allowed Only MAC addresses entered as denied in the address filtering table are denied denied Only MAC addresses entered as allowed in the address filtering table are allowed Default allowed Command Mode Global Configuration AP config 802 1x supplicant wds_user 1...

Page 227: ...ress of client Enter six pairs of hexadecimal digits separated by hyphens e g 00 90 D1 12 AB 89 allowed Entry is allowed access denied Entry is denied access Default None Command Mode Global Configuration Command Mode The access point supports up to 1024 MAC addresses An entry in the address table may be allowed or denied access depending on the global setting configured for the address entry defa...

Page 228: ...e filter table Syntax address filter delete mac address mac address Physical address of client Enter six pairs of hexadecimal digits separated by hyphens Default None Command Mode Global Configuration Example Related Commands show authentication page 7 60 AP config address filter entry 00 70 50 cc 99 1a allowed AP config AP config address filter delete 00 70 50 cc 99 1b AP config ...

Page 229: ...henticate the MAC address of wireless clients with the local authentication database during 802 11 association remote Authenticate the MAC address of wireless clients with the RADIUS server during 802 1x authentication Default local Command Mode Global Configuration Example Related Commands address filter entry page 7 57 radius server address page 7 45 show authentication page 7 60 AP config mac a...

Page 230: ...ase Use the no form to disable reauthentication Syntax mac authentication session timeout seconds seconds Re authentication interval Range 0 65535 Default 0 disabled Command Mode Global Configuration Example show authentication This command shows all 802 1x authentication settings as well as the address filter table Command Mode Exec AP config mac authentication session timeout 1 AP config ...

Page 231: ...te 5 min 802 1x Session Timeout Value 300 secs Address Filtering DENIED System Default DENY addresses not found in filter table Filter Table MAC Address Status 00 70 50 cc 99 1a DENIED 00 70 50 cc 99 1b ALLOWED AP Command Function Mode Page wds channel Selects the radio band to be used for bridge links GC 7 62 wds mac address Configures MAC addresses of nodes in the wireless bridge network GC 7 62...

Page 232: ...ault 802 11a Command Mode Global Configuration Example wds mac address This command enters Ethernet MAC Addresses in the WDS forwarding table for each node in the wireless bridge network Syntax wds mac address port id mac address port id The wireless port number for the bridge link 1 for Slave units 1 16 for Master units mac address The Ethernet MAC Address of the remote bridge unit for this link ...

Page 233: ...e input the Ethernet MAC address Example wds enable This command enables WDS forwarding for a wireless port ID Use the no form to disable WDS forwarding for a wireless port ID Syntax no wds enable port id port id The wireless port number for the link 1 for Slave units 1 16 for Master units Default WDS forwarding disabled on all ports Command Mode Global Configuration Example AP config wds mac addr...

Page 234: ... ENABLE 00 1A 2B 3C 4D 5E 03 DISABLE 00 01 02 03 04 05 04 ENABLE 00 0E 87 3B 60 51 05 DISABLE 00 00 00 00 00 00 06 DISABLE 00 00 00 00 00 00 07 DISABLE 00 00 00 00 00 00 08 DISABLE 00 00 00 00 00 00 09 DISABLE 00 00 00 00 00 00 10 DISABLE 00 00 00 00 00 00 11 DISABLE 00 00 00 00 00 00 12 DISABLE 00 00 00 00 00 00 13 DISABLE 00 00 00 00 00 00 14 DISABLE 00 00 00 00 00 00 15 DISABLE 00 00 00 00 00 0...

Page 235: ...ge forward time GC 7 67 bridge stp bridge hello time Configures the spanning tree bridge hello time GC 7 68 bridge stp bridge max age Configures the spanning tree bridge maximum age GC 7 69 bridge stp bridge priority Configures the spanning tree bridge priority GC 7 70 bridge stp port path cost Configures the spanning tree path cost of a port GC 7 71 bridge stp port priority Configures the spannin...

Page 236: ...fault Ethernet 100 802 11a wireless 1800 Command Mode Global Configuration Command Usage If the MAC address of an entry in the address table is not seen on the associated interface for longer than the aging time the entry is discarded Example bridge stp bridge spanning tree Use this command to enable the Spanning Tree Protocol globally for the wireless bridge Use the no form to disable it Syntax b...

Page 237: ...exists between any two stations on the network and provide backup links which automatically take over when a primary link goes down Example This example shows how to enable the Spanning Tree Protocol for the wireless bridge bridge stp bridge forward time Use this command to configure the spanning tree bridge forward time globally for the wireless bridge Use the no form to restore the default Synta...

Page 238: ...ion each port needs time to listen for conflicting information that would make it return to the discarding state otherwise temporary data loops might result Example bridge stp bridge hello time Use this command to configure the spanning tree bridge hello time globally for the wireless bridge Use the no form to restore the default Syntax bridge stp bridge hello time time no bridge stp bridge hello ...

Page 239: ...spanning tree bridge maximum age globally for the wireless bridge Use the no form to restore the default Syntax bridge stp bridge max age seconds no bridge stp bridge max age seconds Time in seconds Range 6 40 seconds The minimum value is the higher of 6 or 2 x hello time 1 The maximum value is the lower of 40 or 2 x forward time 1 Default Setting 20 seconds Command Mode Global Configuration AP co...

Page 240: ...uration message becomes the designated port for the attached LAN If it is a root port a new root port is selected from among the device ports attached to the network Example bridge stp bridge priority Use this command to configure the spanning tree priority globally for the wireless bridge Use the no form to restore the default Syntax bridge stp bridge priority priority no bridge stp bridge priori...

Page 241: ...path cost Use this command to configure the spanning tree path cost for the specified port Use the no form to restore the default for the specified port Syntax bridge stp port path cost port cost no bridge stp port path cost port port Specifies the port number on the wireless bridge Range 0 Ethernet interface 1 16 wireless interface cost The path cost for the port Range 1 65535 Default Setting Eth...

Page 242: ...default for the specified port Syntax bridge stp port priority port priority no bridge stp port priority port port Specifies the port number on the wireless bridge Range 0 Ethernet interface 1 16 wireless interface priority The priority for a port Range 1 255 Default Setting 128 Command Mode Global Configuration Command Usage This command defines the priority for the use of a port in the Spanning ...

Page 243: ...able fast forwarding Syntax bridge stp port portfast port no bridge stp port portfast port port Specifies the port number on the wireless bridge Range 0 Ethernet interface 1 16 wireless interface Default Setting Disabled Command Mode Global Configuration Command Usage This command is used to enable disable the fast spanning tree mode for the selected port In this mode ports skip the Discarding and...

Page 244: ... an end node device Example bridge stp port spanning disabled This command disables the Spanning Tree Protocol for the specified interface Use the no form to reenable the Spanning Tree Protocol for the specified interface Syntax bridge stp port spanning disabled port no bridge stp port spanning disabled port port Specifies the port number on the wireless bridge Range 0 Ethernet interface 1 16 wire...

Page 245: ...e Bridge Information Media Type Age Time sec EtherNet 300 WLAN_A 1000 Bridge Id 32768 037fbef192 Root Bridge Id 32768 01f47483e2 Root Path Cost 25 Root Port Id 0 Bridge Status Enabled Bridge Priority 32768 Bridge Hello Time 2 Seconds Bridge Maximum Age 20 Seconds Bridge Forward Delay 15 Seconds Port Summary Id Priority Path Cost Fast Forward Status State 0 128 25 Enable Enabled Forwarding AP ...

Page 246: ...ocal bridge no filter local bridge Default Disabled Command Mode Global Configuration Command Function Mode Page filter local bridge Disables communication between wireless clients GC 7 76 filter ap manage Prevents access to the management interface over the wireless bridge link GC 7 77 filter ethernet type enable Checks the Ethernet type for all incoming and outgoing Ethernet packets against the ...

Page 247: ... the wired network Example Related Commands filter ethernet type enable page 7 78 filter ap manage This command prevents access to wireless bridge management from the wireless interface Use the no form to disable this filtering Syntax filter ap manage no filter ap manage Default Disabled Command Mode Global Configuration Example AP config filter local bridge AP config AP config filter ap manage AP...

Page 248: ...e this feature Syntax filter ethernet type enable no filter ethernet type enable Default Disabled Command Mode Global Configuration Command Usage This command is used in conjunction with the filter ethernet type protocol command to determine which Ethernet protocol types are to be filtered Example Related Commands filter ethernet type protocol page 7 79 AP config filter ethernet type enable AP con...

Page 249: ...25 Level 3 Banyan CDP DEC XNS DEC MOP Dump Load DEC MOP DEC LAT Ethertalk Appletalk ARP Novell IPX old Novell IPX new EAPOL Telxon TXP Aironet DDP Enet Config Test Default None Command Mode Global Configuration Command Usage Use the filter ethernet type enable command to enable filtering for Ethernet types specified in the filtering table or the no filter ethernet type enable command to disable al...

Page 250: ...show filters Protocol Filter Information AP Management ENABLED Ethernet Type Filter ENABLED Enabled Protocol Filters Protocol ARP ISO 0x0806 AP Command Function Mode Page ip pppoe Enables PPPoE on the Ethernet interface IC E 7 81 pppoe ip allocation mode Specifies how IP addresses for the PPPoE tunnel are configured on the interface IC E 7 82 pppoe ipcp dns Negotiates DNS for the PPPoE tunnel IC E...

Page 251: ...PPPoE tunnel IC E 7 85 pppoe local ip Sets local IP address for the PPPoE tunnel IC E 7 86 pppoe remote ip Sets remote IP address for the PPPoE tunnel IC E 7 86 pppoe username Sets the user name for the PPPoE tunnel IC E 7 87 pppoe password Sets the password for the PPPoE tunnel IC E 7 88 pppoe service name Sets the service name for the PPPoE tunnel IC E 7 89 pppoe restart Restarts the PPPoE conne...

Page 252: ... Syntax pppoe ip allocation mode automatic static automatic IP addresses are dynamically assigned by the ISP during PPPoE session initialization static Fixed addresses are assigned by the ISP for both the local and remote IP addresses Default Setting automatic Command Mode Interface Configuration Ethernet Command Usage The IP address allocation mode depends on the type of service provided by the I...

Page 253: ...t Setting Disabled Command Mode Interface Configuration Ethernet Command Usage DNS servers are used to translate host computer names into IP addresses PPPoE clients can request a primary and secondary DNS server from the network connection device at the remote end of the PPPoE tunnel This request is passed to the remote end during the IP Control Protocol IPCP negotiation phase during session initi...

Page 254: ... Usage Echo requests are used to verify the integrity of the link through the PPPoE tunnel Devices at either end of the link can issue an echo request Devices receiving an echo request must return an echo reply If a link is busy with large data transfers the echo reply may not be issued in a timely manner causing the link to timeout If you experience this kind of problem try extending the echo int...

Page 255: ...ests are used to verify the integrity of the link through the PPPoE tunnel Devices at either end of the link can issue an echo request Devices receiving an echo request must return an echo reply If a link is busy with large data transfers the echo reply may not be issued in a timely manner causing the link to timeout If you experience this kind of problem try extending the echo interval or timeout...

Page 256: ...f the pppoe ip allocation mode is set to static the local IP address must be entered with this command and the remote IP address must be entered with the pppoe remote ip command Example Related Commands pppoe ip allocation mode page 7 82 pppoe remote ip page 7 86 pppoe remote ip This command sets the remote IP address for the PPPoE tunnel Syntax pppoe remote ip ip address ip address IP address of ...

Page 257: ...must be entered with the pppoe local ip command Example Related Commands pppoe ip allocation mode page 7 82 pppoe local ip page 7 86 pppoe username This command sets the user name for the PPPoE tunnel Syntax pppoe username username username User name assigned by the service provider Range 1 63 alphanumeric characters Default Setting None Command Mode Interface Configuration Ethernet AP if ethernet...

Page 258: ...or the PPPoE tunnel Syntax pppoe password string string Password assigned by the service provider Range 1 63 alphanumeric characters Default Setting None Command Mode Interface Configuration Ethernet Command Usage You must enter a password with this command and a user name with the pppoe username command Example Related Commands pppoe username page 7 87 AP if ethernet pppoe username mike AP AP if ...

Page 259: ...ting None Command Mode Interface Configuration Ethernet Command Usage The service name is normally optional but may be required by some service providers Example pppoe restart This command restarts the PPPoE connection with updated parameters Command Mode Interface Configuration Ethernet Command Usage This command restarts PPPoE service using the most recently configured parameters AP if ethernet ...

Page 260: ...out the PPPoE configuration Command Mode Privileged Exec Example AP if ethernet pppoe restart AP AP show pppoe PPPoE Information State Link up Username mike Service Name classA IP Allocation Mode Static DNS Negotiation Enabled Local IP 10 7 1 200 Echo Interval 30 Echo Failure 5 AP ...

Page 261: ...al Configuration Command Function Mode Page interface ethernet Enters Ethernet interface configuration mode GC 7 91 dns primary server Specifies the primary name server IC E 7 92 dns secondary server Specifies the secondary name server IC E 7 92 ip address Sets the IP address for the Ethernet interface IC E 7 93 ip dhcp Submits a DHCP request for an IP address IC E 7 94 shutdown Disables the Ether...

Page 262: ...rver address primary server Primary server used for name resolution secondary server Secondary server used for name resolution server address IP address of domain name server Default Setting None Command Mode Global Configuration Command Usage The primary and secondary name servers are queried in sequence Example This example specifies two domain name servers AP config interface ethernet AP if eth...

Page 263: ...y no ip address ip address IP address netmask Network mask for the associated IP subnet This mask identifies the host address bits used for routing to specific subnets gateway IP address of the default gateway Default Setting IP address 192 168 2 2 Netmask 255 255 255 0 Command Mode Interface Configuration Ethernet Command Usage DHCP is enabled by default To manually configure a new IP address you...

Page 264: ...four numbers 0 to 255 separated by periods Anything outside this format will not be accepted by the configuration program Example Related Commands ip dhcp page 7 94 ip dhcp This command enables the access point to obtain an IP address from a DHCP server Use the no form to restore the default IP address Syntax ip dhcp no ip dhcp Default Setting Enabled Command Mode Interface Configuration Ethernet ...

Page 265: ...ent requests The current IP address i e default or manually configured address will continue to be effective until a DHCP reply is received Requests will be broadcast periodically by this device in an effort to learn its IP address DHCP values can include the IP address subnet mask and default gateway Example Related Commands ip address page 7 93 shutdown This command disables the Ethernet interfa...

Page 266: ...ions and reenable it after the problem has been resolved You may also want to disable the Ethernet port for security reasons Example The following example disables the Ethernet port show interface ethernet This command displays the status for the Ethernet interface Syntax show interface ethernet Default Setting Ethernet interface Command Mode Exec AP if ethernet shutdown AP if ethernet ...

Page 267: ...ace wireless Enters wireless interface configuration mode GC 7 99 description Adds a description to the wireless interface IC W 7 99 ssid Configures the service set identifier IC W 7 104 closed system Prohibits access to clients without a pre configured SSID IC W 7 101 speed Configures the maximum data rate for transmitting unicast packets on the wireless interface IC W 7 101 channel Configures th...

Page 268: ...t the same time IC W 7 108 authentication Defines the 802 11 authentication type allowed by the access point IC W 7 109 encryption Defines whether or not WEP or AES encryption is used to provide privacy for wireless communications IC W 7 110 key Sets the keys used for WEP or AES encryption IC W 7 112 transmit key Sets the index of the key to be used for WEP encryption IC W 7 113 multicast cipher D...

Page 269: ...nter the following command description This command adds a description to the wireless interface Use the no form to remove the description Syntax description string no description string Comment or a description for this interface Range 1 80 characters show interface wireless Shows the status for the wireless interface Exec 7 120 show station Shows the wireless clients associated with the access p...

Page 270: ...rvice set supported by the access point Range 1 32 characters Default Setting SMC Command Mode Interface Configuration Wireless Command Usage Clients that want to connect to the wireless network via an access point must set their SSIDs to the same as that of the access point Example AP config interface wireless a AP if wireless a description RD AP 3 AP if wireless a AP if wireless g ssid RD AP 3 A...

Page 271: ...sabled the access point will not include its SSID in beacon messages Nor will it respond to probe requests from clients that do not include a fixed SSID Example speed This command configures the maximum data rate for transmitting unicast packets on the wireless interface Syntax speed speed speed Maximum access speed allowed for remote bridges Options 802 11a 6 9 12 18 24 36 48 54 Mbps 802 11g 1 2 ...

Page 272: ...nnel Manually sets the radio channel used for communications with remote bridges Range 802 11a 36 40 44 48 52 56 60 64 149 153 157 161 165 for normal mode and 42 50 58 152 160 for turbo mode 802 1g 1 to 14 auto Automatically selects an unoccupied channel if available Otherwise the lowest channel is selected Default Setting Automatic channel selection Command Mode Interface Configuration Wireless C...

Page 273: ...E 802 11a that provides a higher data rate of up to 108 Mbps Enabling Turbo Mode allows the wireless bridge to provide connections up to 108 Mbps In normal mode the wireless bridge provides a channel bandwidth of 20 MHz and supports the maximum number of channels permitted by local regulations e g 11 channels for the United States In Turbo Mode the channel bandwidth is increased to 40 MHz to suppo...

Page 274: ... Wireless Command Usage The beacon signals allow remote bridges to maintain contact with the local wireless bridge They may also carry power management information Example dtim period This command configures the rate at which remote bridges in sleep mode must wake up to receive broadcast multicast transmissions Syntax dtim period interval interval Interval between the beacon frames that transmit b...

Page 275: ...cast frames for the Basic Service Set BSS and forward them after every second beacon Using smaller DTIM intervals delivers broadcast multicast frames in a more timely manner causing remote bridges in Power Save mode to wake up more often and drain power faster Using higher DTIM values reduces the power used by remote bridges in Power Save mode but delays the transmission of broadcast multicast fra...

Page 276: ... network utilization try setting the fragment size to send smaller fragments This will speed up the retransmission of smaller frames However it is more efficient to set the fragment size larger if very little or no interference is present because it requires overhead to send multiple frames Example rts threshold This command sets the packet size threshold at which a Request to Send RTS signal must...

Page 277: ... a receiving remote bridge to negotiate the sending of a data frame After receiving an RTS frame the remote bridge sends a CTS frame to notify the local bridge that it can start sending data Wireless bridges contending for the wireless medium may not be aware of each other The RTS CTS mechanism can solve this Hidden Node problem Example transmit power This command adjusts the power of the radio si...

Page 278: ...d maximum data rates You also have to ensure that high strength signals do not interfere with the operation of other radio devices in your area Example max association This command configures the maximum number of clients that can be associated with the access point at the same time Syntax max association count count Maximum number of associated stations Range 0 64 Default Setting 64 per radio Com...

Page 279: ...ll stations Default Setting open Command Mode Interface Configuration Wireless Command Usage Shared key authentication can only be used when WEP is enabled with the encryption command and at least one static WEP key has been defined with the key command When using WPA or 802 1x for authentication and dynamic keying the access point must be set to open Example Related Commands encryption page 7 110...

Page 280: ...2 bits wdsaes The keyword that enables 128 bit AES encryption alphanumeric Specifies an encryption key entered as an alphanumeric string hex Specifies an encryption key entered as hexadecimal digits Default Setting disabled Command Mode Interface Configuration Wireless Command Usage Wired Equivalent Privacy WEP and Advanced Encryption Standard AES are implemented in this device to prevent unauthor...

Page 281: ... The WEP settings must be the same on all bridges in your wireless network The WEP encryption length specified in the encryption command and the key command must match The AES keys must match for each wireless bridge link pair The AES key type value entered using the key command must be the same as the type specified in the encryption command Note that encryption protects data transmitted between ...

Page 282: ... alphanumeric characters for 64 128 152 bit keys For HEX input use 10 26 32 hexadecimal digits for 64 128 152 bit keys wdsaes The keyword that specifies an AES encryption key port id The ID for the wireless port on the bridge For Slave units the ID is 1 For Master units the ID can be from 1 to 16 aes value The AES key string For alphanumeric input use 8 to 31 characters For hexadecimal input use e...

Page 283: ... must match those configured on other wireless bridges If AES is enabled each wireless bridge link in the network must be configured to use the same AES key The AES key type value entered using the key command must be the same as the type specified in the encryption command Example Related Commands encryption page 7 110 transmit key This command sets the index of the WEP key to be used for encrypt...

Page 284: ...n be used for decryption of data from other nodes Example multicast cipher This command defines the cipher algorithm used for broadcasting and multicasting when using Wi Fi Protected Access WPA security Syntax multicast cipher AES TKIP WEP AES Advanced Encryption Standard TKIP Temporal Key Integrity Protocol WEP Wired Equivalent Privacy Default Setting WEP Command Mode Interface Configuration Wire...

Page 285: ...luding per packet key hashing i e changing the encryption key on each packet a message integrity check an extended initialization vector with sequencing rules and a re keying mechanism TKIP defends against attacks on WEP in which the unencrypted initialization vector in encrypted packets is used to calculate the WEP key TKIP changes the encryption key on each packet and rotates not just the unicas...

Page 286: ...Enhanced Data Encryption through TKIP WPA uses Temporal Key Integrity Protocol TKIP TKIP provides data encryption enhancements including per packet key hashing i e changing the encryption key on each packet a message integrity check an extended initialization vector with sequencing rules and a re keying mechanism Enterprise level User Authentication via 802 1x and EAP To strengthen user authentica...

Page 287: ...c clients are authenticated using 802 1x via a RADIUS server Each client has to be WPA enabled or support 802 1x client software A RADIUS server must also be configured and be available in the wired network In the dynamic mode keys are generated for each wireless client associating with the access point These keys are regenerated periodically and also each time the wireless client is re authentica...

Page 288: ... HEX input use 10 26 hexadecimal digits for 64 128 bit strings Command Mode Interface Configuration Wireless Command Usage To support Wi Fi Protected Access WPA for client authentication use the wpa clients command to specify the authentication type use the wpa mode command to specify pre shared key mode and use this command to configure one static key If WPA is used with pre shared key mode all w...

Page 289: ...Access WPA preshared key type Syntax wpa psk type type type Input format Options Alphanumeric HEX Default Setting HEX Command Mode Interface Configuration Wireless Example Related Commands wpa preshared key page 7 118 AP if wireless g wpa preshared key ASCII agoodsecret AP if wireless g AP if wireless a wpa preshared key ASCII agoodsecret AP if wireless a ...

Page 290: ...down no shutdown Default Setting Interface enabled Command Mode Interface Configuration Wireless Example show interface wireless This command displays the status for the wireless interface Syntax show interface wireless a g a 802 11a radio interface g 802 11g radio interface Command Mode Exec AP if wireless a shutdown AP if wireless a ...

Page 291: ...cription Enterprise 802 11a Wireless Outdoor Bridge AP Service Type WDS Bridge SSID DualBandOutdoor Turbo Mode OFF Channel 36 Status Enable 802 11 Parameters Transmit Power FULL 15 dBm Max Station Data Rate 54Mbps Fragmentation Threshold 2346 bytes RTS Threshold 2347 bytes Beacon Interval 100 TUs DTIM Interval 2 beacons Maximum Association 64 stations Security Encryption 128 BIT AES ENCRYPTION AES...

Page 292: ...app This command enables the protocol signaling required to hand over wireless clients roaming between different 802 11f compliant access points Use the no form to disable 802 11f signaling Syntax iapp no iapp AP show station Station Table Information 802 11a Channel 56 No 802 11a Channel Stations 802 11g Channel 11 802 11g Channel Station Table Station Address 00 04 E2 41 C2 9D VLAN ID 0 Authenti...

Page 293: ...ly in a multi vendor environment Example VLAN Commands The wireless bridge can enable the support of VLAN tagged traffic passing between the wireless interface and the wired network When VLAN support is enabled the wireless bridge tags traffic passing to the wired network with the assigned native VLAN ID a number between 1 and 64 Traffic received from the wired network must also be tagged with the...

Page 294: ...l traffic Use the no form to disable VLANs Syntax vlan enable no vlan Default Disabled Command Mode Global Configuration Command Description Changing the VLAN status of the wireless bridge forces a system reboot When VLANs are enabled the wireless bridge tags frames received from wireless interface with the configured native VLAN ID Traffic entering the Ethernet port must be tagged with a VLAN ID ...

Page 295: ...lan id vlan id Native VLAN ID Range 1 64 Default Setting 1 Command Mode Global Configuration Command Usage When VLANs are enabled the wireless bridge tags traffic passing to the wired network with the configured native VLAN ID a number between 1 and 64 Example Related Commands vlan page 7 124 AP config vlan enable Reboot system now y n y AP config native vlanid 3 AP config ...

Page 296: ...Command Line Interface 7 126 ...

Page 297: ...nsure that all bridge links are configured with the same encryption keys 2 If you experience poor performance high packet loss rate over the wireless bridge link Check that the range of the link is within the limits for the antennas used Be sure that antennas in the link are properly aligned Check that there is an unobstructed radio line of sight between the antennas Be sure there is no interferen...

Page 298: ...h the wired Ethernet interface check the network cabling between the management station and the wireless bridge If you cannot connect using Telnet you may have exceeded the maximum number of concurrent Telnet sessions permitted i e four sessions Try connecting again at a later time 4 If all other recovery measures fail and the wireless bridge is still not functioning properly take any of these ste...

Page 299: ... 4 turbo mode Taiwan 4 normal mode 1 turbo mode 802 11g FCC IC 1 11 ETSI 1 13 France 1 7 MKK 1 14 Taiwan 1 11 Data Rates 802 11a Normal Mode 6 9 12 18 24 36 48 54 Mbps per channel Turbo Mode 12 18 24 36 48 72 96 108 Mbps per channel 802 11g 6 9 11 12 18 24 36 48 54 Mbps per channel 802 11b 1 2 5 5 11 Mbps per channel Maximum Clients 64 for the radio interface set to access point mode ...

Page 300: ...25 GHz lower band US Canada 5 25 5 35 GHz middle band US Canada 5 725 5 825 GHz upper band US Canada 5 25 5 35 GHz middle band Taiwan 5 725 5 825 GHz high band Taiwan 802 11b g 2 4 2 4835 GHz US Canada ETSI 2 4 2 497 GHz Japan 2 400 2 4835 GHz Taiwan Power Injector Input 100 240 VAC 47 63 Hz 1 5 A Output 48 VDC 1 2 A Bridge Power DC Input voltage 48 volts 1 2 A 30 watts maximum Physical Size 19 8 ...

Page 301: ...95 non condensing EMC Compliance Class B FCC Class B US RTTED 1999 5 EC DGT Taiwan Radio Signal Certification FCC Part 15 15 407 b 5 GHz FCC Part 15 247 2 4 GHz EN 300 328 EN 302 893 EN 300 826 EN 301 489 1 EN 301 489 17 ETSI 300 328 ETS 300 826 802 11b Safety CSA NTRL CSA 22 2 No 950 UL 1950 Standards IEEE 802 3 10BASE T IEEE 802 3u 100BASE TX IEEE 802 11a b g ...

Page 302: ... 17 dBi Integrated Panel Frequency Range 5 150 5 850 GHz Gain 17 dBi VSWR 1 8 1 max Polarization Linear vertical horizontal HPBW Horizontal 20 Vertical 22 Front to Back Ratio 25 dB Power Handling 10 W cw Impedance 50 Ohms Connector SMA female ...

Page 303: ... 16 QAM 24 Mbps 20 81 11 1 16 QAM 36 Mbps 20 76 6 5 64 QAM 48 Mbps 18 71 2 9 64 QAM 54 Mbps 17 68 1 8 Turbo Mode BPSK 12 Mbps 20 85 13 4 BPSK 18 Mbps 20 84 12 8 QPSK 24 Mbps 20 83 12 2 QPSK 36 Mbps 20 81 11 1 16 QAM 48 Mbps 20 78 8 2 16 QAM 72 Mbps 20 73 4 6 64 QAM 96 Mbps 18 68 2 1 64 QAM 108 Mbps 17 65 1 3 The maximum range calculated with a 17 dBi panel antenna at the far end of the link The ma...

Page 304: ...Specifications B 6 ...

Page 305: ...45 connector must be attached to both ends of the cable Caution Each wire pair must be attached to the RJ 45 connectors in a specific orientation Caution DO NOT plug a phone jack connector into a power injector RJ 45 port Use only twisted pair cables with RJ 45 connectors that conform with FCC standards The following figure illustrates how the pins on the RJ 45 connector are numbered Be sure to ho...

Page 306: ...t you must use crossover cables for connections to PCs or servers and straight through cable for connections to switches or hubs However when connecting to devices that support automatic MDI MDI X pinout configuration you can use either straight through or crossover cable 10 100BASE TX MDI and MDI X Port Pinouts Pin MDI X Signal Name MDI Signal Name 1 Receive Data plus RD Transmit Data plus TD 2 R...

Page 307: ...rossover cable Crossover Wiring Because the 10 100 Mbps port on the power injector uses an MDI pin configuration you must use crossover cable for network connections to PCs servers or other end nodes that only have MDI ports However if the device to which you are connecting supports automatic MDI MDI X operation you can use either straight through or crossover cable White Orange Stripe Orange Whit...

Page 308: ... following figure and table 8 Pin DIN Ethernet Port Pinout Pin Signal Name 1 Transmit Data plus TD 2 Transmit Data minus TD 3 Receive Data plus RD 4 48 VDC power White Orange Stripe Orange White Green Stripe 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 EIA TIA 568B RJ 45 Wiring Standard 10 100BASE TX Crossover Cable End A End B Green Blue White Blue Stripe Brown White Brown Stripe 1 7 2 3 4 5 8 6 ...

Page 309: ...ire pairs Note To construct a reliable Ethernet cable always use the proper tools or ask a professional cable supplier to construct the cable 5 48 VDC power 6 Receive Data minus RD 7 Return power 8 Return power Note The and signs represent the polarity of the wires that make up each wire pair 8 Pin DIN Ethernet Port Pinout Pin Signal Name White Orange Stripe Orange White Green Stripe Green 1 2 3 4...

Page 310: ...Cables and Pinouts C 6 ...

Page 311: ... cells that enable roaming throughout a facility Advanced Encryption Standard AES An encryption algorithm that implements symmetric key cryptography AES provides very strong encryption using a completely different ciphering algorithm to TKIP and WEP Authentication The process to verify the identity of a client requesting network access IEEE 802 11 specifies two forms of authentication open system ...

Page 312: ...o the milliwatt i e 1 dBm 001 Watt The dBm is often used to describe absolute power level where the point of reference is 1 milliwatt Dynamic Host Configuration Protocol DHCP Provides a framework for passing configuration information to hosts on a TCP IP network DHCP is based on the Bootstrap Protocol BOOTP adding the capability of automatic allocation of reusable network addresses and additional ...

Page 313: ... wireless standard that supports high speed communications in the 5 GHz band using Orthogonal Frequency Division Multiplexing OFDM The standard supports data rates of 6 12 24 and 54 Mbps Local Area Network LAN A group of interconnected computer and support devices MAC Address The physical layer address used to uniquely identify network nodes Network Time Protocol NTP NTP provides the mechanisms to...

Page 314: ...t size is smaller than the preset RTS Threshold size the RTS CTS mechanism will NOT be enabled Service Set Identifier SSID An identifier that is attached to packets sent over the wireless LAN and functions as a password for joining a particular radio cell i e Basic Service Set BSS Session Key Session keys are unique to each client and are used to authenticate a client connection and correlate traf...

Page 315: ...an be requested from a specific NTP server or can be received via broadcasts sent by NTP servers Trivial File Transfer Protocol TFTP A TCP IP protocol commonly used for software downloads Wired Equivalent Privacy WEP WEP is based on the use of security keys and the popular RC4 encryption algorithm Wireless devices without a valid WEP key will be excluded from network traffic ...

Page 316: ...Glossary Glossary 6 ...

Page 317: ...ne interface See CLI community name configuring 6 30 7 34 community string 6 32 7 34 configuration settings saving or restoring 6 36 7 41 configuration initial setup 5 1 country code configuring 5 2 7 16 crossover cable C 3 CSMA CA 1 2 CTS 6 60 7 107 D data rate options B 1 default settings 1 10 device status displaying 6 87 7 22 DHCP 5 8 6 7 6 8 7 93 7 94 7 95 DNS 6 9 7 92 Domain Name Server See ...

Page 318: ...2 IEEE 802 11g 6 56 configuring interface 6 63 maximum data rate 6 64 7 101 radio channel 6 63 7 102 IEEE 802 1x 6 80 7 49 configuring 6 16 6 19 7 49 initial setup 5 1 installation hardware 4 1 IP address BOOTP DHCP 7 93 7 94 configuring 5 3 5 8 6 7 7 93 7 94 L log messages 6 39 6 92 7 24 server 6 38 7 24 login web 5 4 logon authentication RADIUS client 6 21 7 45 M MAC address authentication 6 18 ...

Page 319: ...6 7 112 Simple Network Management Protocol See SNMP Simple Network Time Protocol See SNTP SNMP 6 30 7 34 community name 6 30 7 34 community string 7 34 enabling traps 6 31 7 36 trap destination 6 31 7 37 trap manager 6 31 7 37 SNTP 6 40 6 41 7 29 enabling client 6 41 7 30 server 6 41 7 29 software displaying version 6 34 6 87 7 23 downloading 6 36 7 41 specifications B 1 SSID 7 100 configuring 5 6...

Page 320: ... upgrading software 6 34 7 41 user name manager 6 33 7 19 user password 6 33 7 19 7 20 V VLAN configuration 6 26 7 124 native ID 6 26 7 125 W WEP 6 66 6 74 7 110 configuring 6 66 6 74 7 110 shared key 6 67 6 76 7 112 Wi Fi Protected Access See WPA Wired Equivalent Protection See WEP WPA 6 80 7 117 authentication over 802 11x 6 83 7 116 pre shared key 6 83 6 84 7 118 7 119 WPA pre shared key See PS...

Page 321: ......

Page 322: ...SMC2888W S SMC2888W M ...

Reviews:

No comments

Related manuals for 2888W-M

ABB RELION REF615R Manual preview
RELION REF615R
Brand: ABB Pages: 66
Ubiquiti M900 Quick Start Manual preview
M900
Brand: Ubiquiti Pages: 24
3Com 486 Getting Started Manual preview
486
Brand: 3Com Pages: 20
D-Link DSL-2750U Setup preview
DSL-2750U
Brand: D-Link Pages: 14
NEC Univerge SV8100 System Configuration Manual preview
Univerge SV8100
Brand: NEC Pages: 44
Canon C50FSi - VB Network Camera Setup Manual preview
C50FSi - VB Network Camera
Brand: Canon Pages: 32
D-Link ShareCenter DNS-320L Datasheet preview
ShareCenter DNS-320L
Brand: D-Link Pages: 4
ABB i-bus KNX IPR/S 3.5.1 Product Manual preview
i-bus KNX IPR/S 3.5.1
Brand: ABB Pages: 44
PACOM Professional Series Quick Manual preview
Professional Series
Brand: PACOM Pages: 15
Barracuda Networks Network Quick Start Manual preview
Network
Brand: Barracuda Networks Pages: 2
Baracoda All in One Printer Communication Protocol Manual preview
All in One Printer
Brand: Baracoda Pages: 42
Canon Vb-C60 - Ptz Network Camera Setup Manual preview
Vb-C60 - Ptz Network Camera
Brand: Canon Pages: 30
D-Link PowerLine DHP-W611AV User Manual preview
PowerLine DHP-W611AV
Brand: D-Link Pages: 78
D-Link ShareCenter Quattro DNS-345 Datasheet preview
ShareCenter Quattro DNS-345
Brand: D-Link Pages: 4
D-Link DNS-722-4 Quick Install Manual preview
DNS-722-4
Brand: D-Link Pages: 16
D-Link MYDLINK DNR-322L Datasheet preview
MYDLINK DNR-322L
Brand: D-Link Pages: 4
D-Link mydlink DNR-312L Quick Install Manual preview
mydlink DNR-312L
Brand: D-Link Pages: 8
D-Link ShareCenter Quattro DNS-345 Quick Install Manual preview
ShareCenter Quattro DNS-345
Brand: D-Link Pages: 40

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

ABB AEG Acer Asus Beko Black & Decker Bosch Brother Candy Canon Cisco Craftsman D-Link DeWalt Dell Electrolux Emerson Epson Frigidaire Fujitsu GE HP Haier Hitachi Honeywell Huawei Husqvarna JVC Kenmore Kenwood KitchenAid LG Lenovo Makita Miele Mitsubishi Electric Motorola NEC Nikon Nokia Panasonic Philips Pioneer Samsung Sanyo Sharp Siemens Sony TP-Link Toshiba Whirlpool Xiaomi Yamaha Zanussi Load more brands