background image

 

User’s Manual 

  OWL800 / OWL2000 / HSG800

 

ENGLISH 

 

 

© 2008 4IPNET, INC. 

 

49

 

Gateway & AP Mode 

ƒ

 

WPA-RADIUS

: Authenticate user by RADIUS in WPA data encryption.   

 

Gateway Mode 

Содержание OWL800

Страница 1: ...IEEE 802 11 b g Outdoor AP Bridge Support IEEE802 11a Client Backhaul Models OWL800 V1 00 OWL2000 V1 00 HSG800 V1 00...

Страница 2: ...thout the prior written permission of 4IPNET INC Disclaimer 4IPNET INC does not assume any liability arising out the application or use of any products or software described herein Neither does it con...

Страница 3: ...st Safety Information All models of OWL800 OWL2000 and HSG800 have been evaluated to and conforms to the product safety specifications of EN 60950 2001 A11 2004 Caution This product was qualified unde...

Страница 4: ...all persons This device and its antennas must not be co located or operating in conjunction with any other antenna or transmitter Any changes or modifications not expressly approved by the party respo...

Страница 5: ...EN 55024 1998 A1 2001 A2 2003 including the followings EN 61000 3 2 EN 61000 3 3 EN 61000 4 2 EN 61000 4 3 EN 61000 4 4 EN 61000 4 5 EN 61000 4 6 EN 61000 4 11 Safety EN 60950 1 2001 A11 2004 Caution...

Страница 6: ...port IEEE802 11a Client Backhaul OWL800 OWL2000 HSG800 ENGLISH NCC Regulatory Information for Taiwan NCC NCC NCC NCC Caution OWL800 HSG800 OWL2000 OWL800 HSG800 OWL2000 CM9 19dBm Highest 19 dBm OWL800...

Страница 7: ...re Installation 4 3 1 1 Package Contents 4 3 1 2 Panel Function Descriptions 5 3 1 3 Hardware Installation 6 3 2 Software Configuration 7 3 2 1 Instruction of Web Management Interface 7 3 2 2 User Log...

Страница 8: ...Firewall 71 4 4 6 Route 73 4 4 7 802 1X 74 4 5 Utilities 75 4 5 1 Change Password 75 4 5 2 Import Export 76 4 5 3 Backup Restore 77 4 5 4 System Upgrade 78 4 5 5 Reboot 79 4 5 6 Scan 80 4 5 7 Upload C...

Страница 9: ...the optional feature lists provided separately In this manual all the optional featured are covered In the following manual we will refer the device as OWL800 or the system for the convenience Model...

Страница 10: ...ions and not to activate them Clear settings entered by clicking this button The red asterisk indicates information in this field is compulsory Note Screen captures and pictures used in this manual ma...

Страница 11: ...e die cast Aluminum housing is IP68 compliant and high wind load resilient All the components are designed to operate in a wide range of temperature The on board surge protection provides the device u...

Страница 12: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 3 Multi mode in Operation...

Страница 13: ...x 1 y CD ROM x 1 y RJ45 RS232 Console Cable x 1 y PSE x 1 y Power cord x 1 y Mounting Kit x 1 y Waterproof Connector Pack x 2 y Rubber antenna x 4 Note It is recommended to keep the original packing...

Страница 14: ...when OWL800 chassis with Mylar is faced up Each of the two radio module CM9 inside has two antenna connectors for antenna diversity The required antenna is antenna ANT1 and antenna ANT2 ANT1 is conne...

Страница 15: ...ter 5 Connect the power cord to the PSE 6 Power on the PSE in order to supply power to OWL800 7 Note You must be professional to use a different replacement antenna and you must following the code reg...

Страница 16: ...of this system After completing hardware installation the administrator can configure the OWL800 via web browsers The default IP address and Subnet Mask of different modes are as follows Mode AP Rela...

Страница 17: ...L800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 8 Main Menu provides detailed configuration pages for administrators to configure the system manually Please refer to Section 4 Main Menu for more informati...

Страница 18: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 9 AP Mode...

Страница 19: ...ce will get an IP address automatically via DHCP Next open a web browser and access any URL and then the default User Login Page will appear Enter the username and password of the local user account g...

Страница 20: ...800 ENGLISH 2008 4IPNET INC 11 Step 3 The Login Success Page will appear after a client is authenticated by the system and logs in successfully In the meantime successful login means OWL800 has been i...

Страница 21: ...0 s to the administrator s PC is needed in order to get Administrator Login Page The following IP address is listed as an example IP Address 192 168 2 10 Subnet Mask 255 255 255 0 Default Gateway 192...

Страница 22: ...on on the upper right corner of the web management interface to return to the Administrator Login Page Note By default the system is in AP Relay mode Therefore the administrator must login to the syst...

Страница 23: ...is needed The following IP address is listed as an example IP Address 192 168 1 10 Subnet Mask 255 255 255 0 Default Gateway 192 168 1 254 Once OWL800 has been connected the Administrator Login Page w...

Страница 24: ...Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 15 Gateway Mode To logout simply click the Logout icon on the upper right corner of the web management interface to return to the Administrator Log...

Страница 25: ...t in AP Relay mode it is a layer2 IP device like a normal AP No IP sharing NAT and routing feature are support When OWL is set in Gateway mode it is a layer3 IP device Like an AP router OWL800 in the...

Страница 26: ...lect VAP Configuration from submenu item 3 Administrator can enable or disable specific VAP from the drop down list of Profile Name 4 Set desired ESSID 5 Disable VLAN ID means untagged when this VAP i...

Страница 27: ...ettings 1 Click on the WDS menu item Select General submenu 2 WDS is used as bridge backhaul By default a mode is used for WDS You must select a channel to Select preferred Channel for the wireless co...

Страница 28: ...abled First choose the WDS Profile enable WDS supply peer s MAC address and security type Gateway AP Mode Note WDS profiles are able to be configured even when the respective Radio module is disabled...

Страница 29: ...P AP Gateway AP WDS Gateway AP User AP Utilities Gateway AP and Status Gateway AP OPTION FUNCTION General AP Gateway Network Interface AP Gateway Management AP Gateway VLAN Overview Gateway VLAN Confi...

Страница 30: ...tart Introduction OWL800 has equipped a friendly Web graphical user interface for users and system administrators to configure parameters easily and remotely The recommended web browsers are IE 6 0 TM...

Страница 31: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 22 AP Mode...

Страница 32: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 23 Gateway Mode...

Страница 33: ...008 4IPNET INC 24 4 1 System This section guides you through the following functions System Information Network Interface Management Service VLAN Overview VLAN Configuration Walled Garden List and Gat...

Страница 34: ...mnemonic purpose It is recommended to have different values for each AP Time settings allow you to set OWL800 s system time manually or have it synchronized automatically with NTP server When NTP ser...

Страница 35: ...lly While this method is selected at least one NTP server s IP address should be provided It is recommended to give both NTP servers IP addresses to prevent occasionally NTP service unavailable Gatewa...

Страница 36: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 27 4 1 2 Network Interface There are 3 connection types supported on OWL800 s WAN port Static DHCP or PPPoE AP Mode...

Страница 37: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 28 Gateway Mode...

Страница 38: ...by DHCP or Static o Static setting Static setting is to set these parameters manually Basic parameters such as IP address subnet mask and gateway are needed AP Mode Gateway Mode o DHCP client This opt...

Страница 39: ...PPOE When selecting PPPoE to connect to the network please set the Username Password MTU and CLAMP MSS There is a Dial on demand function under PPPoE If this function is enabled a Maximum Idle Time ca...

Страница 40: ...is correct Layer 2 STP It depends on the configuration of the OWL800 including wired and wireless settings When it is configured to bridge several networks STP needs to be enabled Dynamic DNS DDNS OWL...

Страница 41: ...NGLISH 2008 4IPNET INC 32 4 1 3 Management For easier maintenance SNMP Simple Network Management Protocol and remote Syslog services are provided in OWL800 The OWL800 will be managed remotely in a cen...

Страница 42: ...for the SNMP managers to set the MIB information to the system The example here indicates that the SNMP managers can write the MIB information to the system when the SNMP mangers use the community Pr...

Страница 43: ...The VLAN tag for the respective VLAN The hyperlink connects to VLAN s Configuration Zone Interface IP The hyperlink connects to VLAN s Configuration Zone DHCP Enable or Disable DHCP state shown here T...

Страница 44: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 35 Gateway Mode VLAN Configuration...

Страница 45: ...LAN Configuration Gateway Mode VLAN This section is where to configure each VLAN There are 9 VLANs VLAN0 8 Remark Text remark about this VLAN VLAN Tag each VLAN is identified by different tags carried...

Страница 46: ...le DHCP Make OWL800 your DHCP server o Domain Name Domain Name looks like domain com that is a better memorable term to IP address Client looks up a website by entering its domain name or its IP addre...

Страница 47: ...s list Reserved IP Address is a static IP address reserved for a special client by his MAC address Allowed Authentication Method and Applied Policy o Local Select a policy and apply to local authentic...

Страница 48: ...sites before login and authentication An example may be seen in hotels where guests without network access right are allowed to utilize the network service free of charge such as accessing the Hotel s...

Страница 49: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 40...

Страница 50: ...e is to create WDS link with other wireless devices o Gateway Mode Selecting Gateway Mode enhances OWL800 a new feature user authentication gateway Please see Users for configuration instruction Radio...

Страница 51: ...have its own settings including ESSID VLAN ID security settings and etc Therefore these VAPs can bring different service level to clients depending on the ESSID connected to Please click on the menu i...

Страница 52: ...ion Gateway AP Mode Security Type The hyperlink showing security type connects to the screen of Security Settings Gateway AP Mode MAC ACL The hyperlink showing status of MAC ACL connects to the screen...

Страница 53: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 44 Gateway AP Mode...

Страница 54: ...transmit rate can be set as auto or specific available rate Transmit Power Choose from Lowest Power to Highest Power level or auto Note The factory default setting is Highest 19 dBm Each level steps...

Страница 55: ...its profile VAP Enable or disabled virtual AP settings Profile Name Give the profile an identity for management purpose ESSID Extended Service Setting ID indicate the SSID which the clients used to co...

Страница 56: ...tors can depend on the need to provide different service levels to clients The security type includes the items on the drop down menu of security type None No authentication required This is the defau...

Страница 57: ...er s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 48 802 1x Provides RADIUS authentication and enhanced WEP Gateway Mode AP Mode WPA PSK Provides shared key authentication in WPA data encrypti...

Страница 58: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 49 Gateway AP Mode WPA RADIUS Authenticate user by RADIUS in WPA data encryption Gateway Mode...

Страница 59: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 50 AP Mode...

Страница 60: ...nd is default to 2346 Fragmentation Threshold A unicast frame larger than this threshold will be fragmented before the transmission If significant numbers of collisions are occurring we can try to tak...

Страница 61: ...stations to a desired number For example while the number of station is set to 20 only 20 stations are allowed to connect to this VAP For MAC ACL control the supported methods include Disable Access...

Страница 62: ...r can still enable or disabled the rule applied to the specified one For example 11 22 33 44 55 66 is in the allow list to temporarily deny its access we can disable the rule on it Gateway AP Mode MAC...

Страница 63: ...pply to all Virtual Access Point in this device 4 3 1 Overview WDS links are used as backhaul or bridges The figure provides an overall status of all WDS links Turn the WDS link by giving signal quali...

Страница 64: ...he second radio in the system is designed for building WDS links WDS links are used as backhaul or point to point bridges WDS links do not service AP clients 11a 5 725 5 85GHz is used by the 2nd radio...

Страница 65: ...able the specified WDS link MAC Address of Remote AP For each link type the MAC address of the remote peer here The MAC address may also get by WDS Discovery Please refer to WDS discovery in the follo...

Страница 66: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 57 o TKIP Gateway AP Mode...

Страница 67: ...secret Please refer to WDS RF settings for the shared secret The remote peer must also have the same Scan feature equipped To start WDS discovery select WDS interface and then click on the Discover No...

Страница 68: ...vice Settings 4 4 1 Local Local user database is built locally in OWL800 To add new user accounts enter specific information User Name Password MAC Address and Remark and click Add All created account...

Страница 69: ...abled Local user database functions as an external RADIUS server for another gateway Therefore a user can roam out to the network under anther gateway by using the same Local account For more informat...

Страница 70: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 61 Gateway Mode Search User List Gateway Mode Edit User List...

Страница 71: ...external RADIUS servers It functions as a RADIUS authenticator for external RADIUS servers To enable the RADIUS authentication enter the related information for the primary RADIUS server and or the se...

Страница 72: ...02 1X Client Device Settings page to further set up the 802 1X capable devices that are allowed to authenticate against the Local user database Username Format to RADIUS Server When ID Only is selecte...

Страница 73: ...d is designed as the authentication option for this type of deployment scenarios Gateway Mode Postfix It is a string used by the system to distinguish which database server will be used for authentica...

Страница 74: ...guest users o Wireless Key The administrator can enter the defined wireless key such as WEP or WPA in the field The Wireless Key will be printed on the receipt for the guest users reference when acce...

Страница 75: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 66 Billing Plans Administrators can configure several billing plans Gateway Mode...

Страница 76: ...67 On demand Account Creation When at least one plan is enabled the administrator can generate On demand user accounts here Gateway Mode On demand Account List All created On demand accounts are list...

Страница 77: ...erform the search All usernames matching the keyword will be listed Username The login name of the instant account Password The login password of the instant account Remaining Quota The total time tha...

Страница 78: ...ng Firewall Rules Specific Routes Profile which will be applied to all users unless the user has been regulated and applied to another policy Gateway Mode Global Policy Firewall Profile Global policy...

Страница 79: ...s applied this policy will access the Internet through this default gateway Schedule Profile The Schedule table in a 7x24 format is used to control the clients login time When Schedule is enabled clie...

Страница 80: ...the list can be deleted Delete button from the list or edited Edit button Source IP Subnet Mask The combination of these two fields specifies either the IP address of a source host or the source netwo...

Страница 81: ...G800 ENGLISH 2008 4IPNET INC 72 subnet 192 168 2 xxx Protocol The specific service protocol for the filtering rule ALL TCP UDP TCP UDP ICMP and IP Action Pass is to allow the packet to pass Block is t...

Страница 82: ...ugh the system s default gateway WAN interface Gateway Mode To add a rule to the Specific Route list specify the values of following fields and click the Add button A rule in the list can be deleted D...

Страница 83: ...from the IP address or network segment of 802 1 X enabled client devices or the remote gateway is not allowed 802 1X The client device is 802 1X enabled such as AP and switch Roaming Out The device is...

Страница 84: ...access it is strongly recommended to change the default administrator s password to your own one Only alpha numeric characters pattern is allowed and it is strongly recommended to take a combination...

Страница 85: ...Gateway Mode Import Local User Click Browser button to select the file for uploaded user account and then click Import to execute the process Export Local User Click Export button to create all build...

Страница 86: ...system configurations to a backup file on a local disk of the management console A backup file for OWL800 keeps the current system settings as well as the local user accounts Before any configuration...

Страница 87: ...age appearing to notify the administrator to restart the system after successful firmware upgrade Gateway AP Mode Although the system will check the firmware s contents to ensure its integrity it is s...

Страница 88: ...0 safely The process should take about three minutes Click Reboot button to restart the system Please wait for the blinking timer to finish before accessing the system web management interface again O...

Страница 89: ...ttings it can avoid unexpected conflict in settings and tune the corresponding parameters Gateway AP Mode Scan Enable or Disable scan settings Scan Interval The time interval used to trigger the scann...

Страница 90: ...mer certification external certificate issued by public or private authority Click the first Browse button to select the Private Key or Certificate Click the second Browse button to select the file fo...

Страница 91: ...following functions System Overview WDS List Antennas Associated Clients Event Log Online Users and User Log 4 6 1 Overview The section provides an overview of the system status for the administrator...

Страница 92: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 83 AP Mode...

Страница 93: ...me is shown as the local time MAC Address The MAC address of Network Interface Network Interface IP Address The IP address of the Network Interface MAC Address The MAC address of LAN Interface IP Addr...

Страница 94: ...s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 85 4 6 2 WDS List WDS lists indicate the link status of each RF interface including status of Mac Address SNR dB rate count and errors Gateway AP...

Страница 95: ...nna connectors one Main connector and the other as Auxiliary connector The Main connector must be connected with an antenna The Auxiliary is optionally connected to an antenna The above picture repres...

Страница 96: ...OWL2000 HSG800 ENGLISH 2008 4IPNET INC 87 4 6 4 Associated Clients List all associated clients from all the VAPs Please take this table to manage the clients and take the signal strength for debug pur...

Страница 97: ...ate Time Name or Status Date Time The time date when the event happened Hostname Indicate which host records this event Note that all events in this page are local event so events of this field are al...

Страница 98: ...e users information can be obtained by using this function These include User name IP Address MAC Address Idle Time and Action The administrator can use this function to force a specific online user t...

Страница 99: ...on the volatile memory and will be lost if the system is powered off Gateway AP Mode Users Log The Users Log provides information of all users login and logout activities except guest users RADIUS ro...

Страница 100: ...es When the number of a user s sessions reaches the session limit a choice of Unlimited 10 25 50 100 200 350 and 500 the user will be implicitly suspended upon receipt of any new connection request In...

Страница 101: ...s of the client SPort The source port number of the client DIP The destination IP address of the client DPort The destination port number of the client The following table shows an example of the sess...

Страница 102: ...eristics of IEEE 802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point to point connection characteristics and of preventi...

Страница 103: ...802 1X Client Device Authenticator The system will only allow this 802 1X enabled client device AP to send 802 1X authentication request to internal or external RADIUS server Click the Roaming Out 80...

Страница 104: ...xample 2 OWL800 is configured to use external RADIUS server for 802 1X authentication Internal RADIUS Local Database Supplicant 192 168 1 64 Authenticator hq user1 hq radius 192 168 1 254 Gateway Mode...

Страница 105: ...ADIUS server in the RADIUS page Step 2 Specify the 802 1X Client Device Authenticator The system will only allow this 802 1X enabled client device AP to send 802 1X authentication request to internal...

Страница 106: ...external RADIUS server for remote gateway to service Roaming Out users Note In this example the AP is not enabled as 802 1X Authenticator therefore the Roaming Out User will be authenticated via web...

Страница 107: ...Specify the remote gateway Authenticator The system will only allow this 802 1X enabled client device remote gateway to send 802 1X authentication request to internal or external RADIUS server Click t...

Страница 108: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 99 P N 100200904071...

Отзывы: