background image

11

Ubiquiti Networks, Inc.

Chapter 3: AirOS™  

AirRouter User Guide

Channel Spectrum width, the maximum data rate is MCS7 
(65Mbps). If you select 40 MHz Channel Spectrum width 
the maximum data rate is MCS7 (150 Mbps).

Automatic 

When selected, the rate algorithm will select 

the best data rate, depending on link quality conditions. 
It is recommended that you use this option, especially if 
you are having trouble getting connected or losing data 
at a higher rate. Refer to the Advanced section for detailed 
information about rate algorithms.

Wireless Security

In Access Point and Access Point WDS mode, this is where 
you configure the wireless security settings that will be 
used by the devices on your wireless network. 
In Station or Station WDS mode, you will need to match 
the security settings of the Access Point that the AirRouter 
is associated with.  

Security 

The AirRouter supports the following wireless 

security methods:
• 

WEP 

WEP (Wired Equivalent Privacy) is the oldest and 

least secure security algorithm. WPA™/WPA2™ security 
methods should be used when possible.

• 

WPA 

WPA™ or Wi-Fi Protected Access was developed as 

a stronger encryption method over WEP.

• 

WPA-TKIP 

WPA™ (Wi-Fi Protected Access) security 

mode with TKIP support only. TKIP (Temporal Key 
Integrity Protocol) uses the RC4 encryption algorithm.

• 

WPA-AES 

WPA™ (Wi-Fi Protected Access) security 

mode with AES support only. AES (also known as CCMP) 
- Counter Mode with Cipher Block Chaining Message 
Authentication Code Protocol which uses the Advanced 
Encryption Standard (AES) algorithm.

• 

WPA2 

WPA2™ was developed to strengthen wireless 

encryption security and is stronger than WEP and 
WPA™.

• 

WPA2-TKIP 

WPA2™ (Wi-Fi Protected Access) security 

mode with TKIP support only. Temporal Key Integrity 
Protocol which uses RC4 encryption algorithm.

• 

WPA2-AES 

WPA2™ (Wi-Fi Protected Access) security 

mode with AES support only. AES (also known as 
CCMP) - Counter Mode with Cipher Block Chaining 
Message Authentication Code Protocol which uses the 
Advanced Encryption Standard (AES) algorithm. This 
is the strongest security option available. If all of the 
wireless devices on your network support this option, it 
is recommended that you select it.

If you want an open network without wireless security, 
select None. 

WEP

Authentication Type 

One of the following authentication 

methods should be selected if WEP security is used:
• 

Open 

The station is authenticated automatically by the 

AP (selected by default).

• 

Shared Key 

Station is authenticated after the 

challenge, generated by the AP.

WEP Key Length 

This determines the length of the WEP 

security key. Select one of the two key length options:
• 

64-bit 

This option is selected by default. A 64-bit key is 

10 HEX or 5 ASCII characters in length.

• 

128-bit 

The 128-bit option provides a little more 

security and is 26 HEX or 13 ASCII characters in length.

Key Type 

Specifies the character format for the WEP key:

• 

HEX 

Selected by default, this option uses hexadecimal 

characters. 0-9, A-F or a-f are valid characters.

• 

ASCII 

ASCII uses the standard English alphabet and 

numeric characters. 

WEP Key 

Enter the WEP encryption key adhering to the 

selections you made for key length and key type:

Type

HEX

ASCII

64-bit

10 Hexadecimal Characters  
(0-9, A-F or a-f) Example: 

00112233AA

5 ASCII Characters
Example:  

ubnt1

128-bit

26 Hexadecimal Characters  
(0-9, A-F or a-f) Example: 
00112233445566778899AABBCC

13 ASCI characters
Example:
ubntproducts1

Key Index 

Specifies the Index of the WEP Key used. 4 

different WEP keys can be configured at the same time, 
but only one is used. The effective key is set by choosing 1, 
2, 3 or 4.

WPA™/WPA2™

The configuration options are the same for all of the 
WPA™ and WPA2™ options. WPA2-AES is the strongest 
security method. If all of the wireless devices on your 
network support this option, it is recommended that you 
select it.

WPA Authentication 

One of the following WPA™ key 

selection methods should be specified if WPA™ or WPA2™ 
security method is used:
• 

PSK 

Pre-shared Key method (selected by default).

Summary of Contents for AirRouter

Page 1: ......

Page 2: ...View 1 Rear View 1 Chapter 2 Installation 2 Hardware Installation 2 Connecting a Wireless Client to the AirRouter 3 Chapter 3 AirOS 4 Navigation 4 Main 4 Wireless 8 Network 13 Advanced 25 Services 27...

Page 3: ...when the AirRouter is connected to the Internet Flashes to indicate Internet activity Wireless LAN LED Displays solid green when the wireless LAN is enabled It will flash to indicate wireless activit...

Page 4: ...he other end of the Ethernet cable to your computer 4 Launch your Web browser and type http 192 168 1 1 in the address field and press enter PC or return Mac Note Your computer needs to be on the 192...

Page 5: ...ongratulations Basic router installation is complete Proceed to Connecting a Wireless Client to the AirRouter for information on connecting wireless clients Connecting a Wireless Client to the AirRout...

Page 6: ...n be configured in this tab The Advanced tab also includes advanced Ethernet and traffic shaping settings Services The Services tab covers the configuration of system management services like SNMP NTP...

Page 7: ...Every TX RX chain requires a separate antenna WLAN MAC Displays the MAC address of the AirRouter as seen on the wireless network LAN MAC Displays the MAC address of the AirRouter as seen on the LAN L...

Page 8: ...days hours minutes and seconds Signal Strength Value represents in dBm the last received wireless signal level Noise Floor Displays the current value of the noise level in dBm Noise Floor is taken in...

Page 9: ...dresses that the AirRouter uses for translation DHCP Server Displays the IP address of the DHCP Server assigning the WAN IP Address to the AirRouter Domain Displays the domain name Total Lease Time Sh...

Page 10: ...long the leased IP address will be valid and reserved for particular DHCP client Hostname Displays the device name hostname of the client receiving an IP lease Interface Name Displays the interface to...

Page 11: ...none or the WEP security method However this may compromise the security of your network When connecting STA WDS clients to an AP WDS device all security methods are available and work properly WDS Pe...

Page 12: ...oducts The benefits of this are private networking and inherent security Using channel shifting networks instantly become invisible to the millions of Wi Fi devices in the world Frequency MHz Only app...

Page 13: ...with Cipher Block Chaining Message Authentication Code Protocol which uses the Advanced Encryption Standard AES algorithm This is the strongest security option available If all of the wireless devices...

Page 14: ...UDP port The most commonly used port is 1812 but that depends on the RADIUS Server you are using Radius Server Secret Specifies the password A shared secret is a case sensitive text string used to va...

Page 15: ...for Layer 3 packet filtering and access control in Router mode SOHO Router SOHO Small Office Home Office Router is basically a derivation from Router mode In SOHO Router mode the Main Ethernet port la...

Page 16: ...If enabled the AirRouter Bridge will communicate with other network devices by sending and receiving Bridge Protocol Data Units BPDU STP should be turned off selected by default when the AirRouter is...

Page 17: ...ss interface and all connected wireless clients are considered as part of the internal LAN and the Ethernet interface is dedicated for the connection to the external network while the AirRouter is ope...

Page 18: ...AirRouter is in operating in Router mode A valid Primary DNS Server IP needs to be specified for DNS Proxy functionality The internal network interface IP of the AirRouter should be specified as the D...

Page 19: ...will be used for the host device if the DMZ Management Port option is enabled DMZ IP Enter the IP address of the internal network device and the device will be completely exposed to the external netwo...

Page 20: ...lity as an alternative to Port Forwarding but DMZ opens all ports of the host network device to the external network DMZ Management Port Web Management Port for the AirRouter TCP IP port 80 by default...

Page 21: ...Auto IP Aliasing Automatically generates an IP Address for the corresponding WLAN LAN interface if enabled The generated IP address is a unique Class B IP address from the 169 254 X Y range Netmask 2...

Page 22: ...ditional security DMZ is commonly used with NAT functionality as an alternative to Port Forwarding but DMZ opens all ports of the host network device to the external network DMZ Management Port Web Ma...

Page 23: ...ected message will be displayed A PPPoE tunnel reconnection routine can be initiated using the Reconnect button which is located in the Main tab next to the PPP interface statistics Enable DMZ The Dem...

Page 24: ...as an alternative to Port Forwarding but DMZ opens all ports of the host network device to the external network DMZ Management Port Web Management Port for the AirRouter TCP IP port 80 by default wil...

Page 25: ...onnect to the LAN interface while the AirRouter is operating in Station or Station WDS mode Range Start End This range determines the IP addresses given out by the DHCP server to client devices on the...

Page 26: ...dentifier for the particular IP Alias Comments Field used for a brief description of the purpose of the alias Enabled Enables or disables the particular IP Alias All added IP Aliases are saved in the...

Page 27: ...outer mode Click Change to save the changes made on the Network tab Static Routes In this section you can manually add static routing rules to the System Routing Table this allows you to specify that...

Page 28: ...re If enabled ACK Timeout value will be derived dynamically using an algorithm similar to the Conservative Rate Algorithm used in AirOS v3 4 It is very recommended to use the Auto Adjust option for 80...

Page 29: ...fined constraints the AirRouter will automatically reboot This option creates a kind of fail proof mechanism Ping Watchdog is dedicated for continuous monitoring of the particular connection to remote...

Page 30: ...d password SSH Server The following SSH Server parameters can be set Enable SSH Server This option enables SSH access to the AirRouter Server Port SSH service TCP IP port setting Enable Password Authe...

Page 31: ...tings Timezone Specifies the timezone according to GMT Greenwich Mean Time Enable Startup Date When enabled you are able to modify the device s startup date Startup Date Specifies the device s startup...

Page 32: ...Update The Update button should be activated in order to proceed with firmware upgrade routine new firmware image should be uploaded into the system first Please be patient as the firmware upgrade rou...

Page 33: ...remote system IP can be selected from the list which is generated automatically Select destination IP or may be specified manually Remote system access credentials administrator username User and Pass...

Page 34: ...you can modify AirView Settings such as enabling or disabling charts or specifying the frequency interval Preferences Charts Enable Top Chart Select the chart to be displayed in the top chart on the m...

Page 35: ...is the green area on the Real time chart which represents the average received power level and considers data for as long as AirView has been running You can disable this graph by unchecking the Enabl...

Page 36: ...ght 221 g Ports 5 10 100 Ethernet Ports 1 USB Port 1 Power Port Buttons 1 Reset Button LEDs 4 LAN 1 Main WAN by default 1 Internet 1 WLAN Wireless LAN 1 Power Wireless Security WEP WPA and WPA2 Bands...

Page 37: ...paid No Products will be accepted for replacement or repair without obtaining a Return Materials Authorization RMA number from UBIQUITI NETWORKS Products returned without an RMA number will not be pro...

Page 38: ...rdware compatibility or field issues as quickly as possible We strive to respond to support inquiries within a 24 hour period Email support ubnt com Phone 408 942 1153 9 a m 5 p m PST Skype Ubiquiti_S...

Reviews: