manualshive.com logo in svg

D-Link DWL-3600AP, Руководство администратора

Бесплатно скачайте руководство пользователя для D-Link DWL-3600AP с подробными спецификациями на manualshive.com. Этот надежный точка доступа обеспечивает быстрое и надежное подключение к сети Wi-Fi. Получите доступ к полной информации о продукте и его функциях.

Поделиться
Скачать
background image

Packet

 

Capture

 

Configuration

 

and

 

Settings

D-Link

Unified

 

Access

 

Point

 

Administrator’s

 

Guide

 

November

 

2011

   

Page

 

126

Unified

 

Access

 

Point

 

Administrator’s

 

Guide

To

 

configure

 

Wireshark

 

to

 

use

 

the

 

AP

 

as

 

the

 

source

 

for

 

captured

 

packets,

 

you

 

must

 

specify

 

the

 

remote

 

interface

 

in

 

the

 

"Capture

 

Options"

 

menu.

 

For

 

example

 

to

 

capture

 

packets

 

on

 

an

 

AP

 

with

 

IP

 

address

 

192.168.1.10

 

on

 

radio

 

1

 

using

 

the

 

default

 

IP

 

port,

 

specify

 

the

 

following

 

interface:

 

rpcap://192.168.1.10/radio1

To

 

capture

 

packets

 

on

 

the

 

Ethernet

 

interface

 

of

 

the

 

AP

 

and

 

VAP0

 

on

 

radio

 

1

 

using

 

IP

 

port

 

58000,

 

start

 

two

 

Wireshark

 

sessions

 

and

 

specify

 

the

 

following

 

interfaces:

rpcap://192.168.1.10:58000/eth0
rpcap://192.168.1.10:58000/wlan0

When

 

you

 

are

 

capturing

 

traffic

 

on

 

the

 

radio

 

interface,

 

you

 

can

 

disable

 

beacon

 

capture,

 

but

 

other

 

802.11

 

control

 

frames

 

are

 

still

 

sent

 

to

 

Wireshark.

 

You

 

can

 

set

 

up

 

a

 

display

 

filter

 

to

 

show

 

only:

• Data

 

frames

 

in

 

the

 

trace

• Traffic

 

on

 

specific

 

BSSIDs

• Traffic

 

between

 

two

 

clients

Some

 

examples

 

of

 

useful

 

display

 

filters

 

are:

• Exclude

 

beacons

 

and

 

ACK/RTS/CTS

 

frames:

!(wlan.fc.type_subtype

  

==

  

8

 

||

 

wlan.fc.type

 

==

 

1)

• Data

 

frames

 

only:

 

wlan.fc.type

 

==

 

2

• Traffic

 

on

 

a

 

specific

 

BSSID:

wlan.bssid

 

==

  

00:02:bc:00:17:d0

• All

 

traffic

 

to

 

and

 

from

 

a

 

specific

 

client:

wlan.addr

 

==

 

00:00:e8:4e:5f:8e

In

 

remote

 

capture

 

mode,

 

traffic

 

is

 

sent

 

to

 

the

 

PC

 

running

 

Wireshark

 

via

 

one

 

of

 

the

 

network

 

interfaces.

 

Depending

 

on

 

where

 

the

 

Wireshark

 

tool

 

is

 

located

 

the

 

traffic

 

can

 

be

 

sent

 

on

 

an

 

Ethernet

 

interface

 

or

 

one

 

of

 

the

 

radios.

 

In

 

order

 

to

 

avoid

 

a

 

traffic

 

flood

 

caused

 

by

 

tracing

 

the

 

trace

 

packets,

 

the

 

AP

 

automatically

 

installs

 

a

 

capture

 

filter

 

to

 

filter

 

out

 

all

 

packets

 

destined

 

to

 

the

 

Wireshark

 

application.

 

For

 

example

 

if

 

the

 

Wireshark

 

IP

 

port

 

is

 

configured

 

to

 

be

 

58000

 

then

 

the

 

following

 

capture

 

filter

 

is

 

automatically

 

installed

 

on

 

the

 

AP:

 

not

 

portrange

 

58000

58004.

Enabling

 

the

 

packet

 

capture

 

feature

 

impacts

 

performance

 

of

 

the

 

AP

 

and

 

can

 

create

 

a

 

security

 

issue

 

(unauthorized

 

clients

 

may

 

be

 

able

 

to

 

connect

 

to

 

the

 

AP

 

and

 

trace

 

user

 

data).

 

The

 

AP

 

performance

 

is

 

negatively

 

impacted

 

even

 

if

 

there

 

is

 

no

 

active

 

Wireshark

 

session

 

with

 

the

 

AP.

 

The

 

performance

 

is

 

negatively

 

impacted

 

to

 

a

 

greater

 

extent

 

when

 

packet

 

capture

 

is

 

in

 

progress.

 

Due

 

to

 

performance

 

and

 

security

 

issues,

 

the

 

packet

 

capture

 

mode

 

is

 

not

 

saved

 

in

 

NVRAM

 

on

 

the

 

AP;

 

if

 

the

 

AP

 

resets,

 

the

 

capture

 

mode

 

is

 

disabled

 

and

 

the

 

you

 

must

 

re

enable

 

it

 

in

 

order

 

to

 

resume

 

capturing

 

traffic.

 

Packet

 

capture

 

parameters

 

(other

 

than

 

mode)

 

are

 

saved

 

in

 

NVRAM.

Содержание DWL-3600AP

Страница 1: ...Copyright 2011 All rights reserved Unified Access Point Administrator s Guide Product Model DWL 3600AP DWL 6600AP DWL 8600AP Unified Wired Wireless Access System Release 2 0 November 2011...

Страница 2: ...D Link Unified Access Point Administrator s Guide November 2011 Page 2 Unified Access Point Administrator s Guide...

Страница 3: ...ess 24 Using the CLI to View the IP Address 24 Configuring the Ethernet Settings 25 Using the CLI to Configure Ethernet Settings 26 Configuring IEEE 802 1X Authentication 27 Using the CLI to Configure...

Страница 4: ...and VAP Scheduler 65 Scheduler Association Settings 68 Virtual Access Point Settings 70 None Plain text 74 Static WEP 74 Static WEP Rules 76 IEEE 802 1X 76 WPA Personal 78 WPA Enterprise 79 Configurin...

Страница 5: ...ile 118 Performing AP Maintenance 120 Resetting the Factory Default Configuration 120 Rebooting the Access Point 120 Upgrading the Firmware 120 Packet Capture Configuration and Settings 122 Packet Cap...

Страница 6: ...nfiguring Advanced Settings 157 Viewing Wireless Neighborhood Information 158 Viewing Details for a Cluster Member 160 Appendix A Default AP Settings 161 Appendix B Configuration Examples 164 Configur...

Страница 7: ...tor s Guide November 2011 Page 7 Unified Access Point Administrator s Guide DiffServ Configuration 176 Configuring QoS by Using the CLI 179 ACL Configuration 179 DiffServ Configuration 179 ACL Configu...

Страница 8: ...igure 14 Wireless Interface Configuration 54 Figure 15 Configuring Radio Settings 58 Figure 16 Configuring Radio Settings Continued 59 Figure 17 Scheduler Configuration 65 Figure 18 Modify Rule Config...

Страница 9: ...e 40 VAP QoS Parameters 129 Figure 41 Client QoS ACL 132 Figure 42 Client QoS DiffServ Class Map 139 Figure 43 Client QoS DiffServ Policy Map 144 Figure 44 Client QoS Status 146 Figure 45 Cluster Info...

Страница 10: ...42 Table 13 TSPEC Status and Statistics 46 Table 14 TSPEC AP Statistics 47 Table 15 Radio Statistics Information 48 Table 16 Email Alert Status 50 Table 17 Ethernet Settings Page 52 Table 18 Wireless...

Страница 11: ...Capture Configuration 124 Table 49 Packet File Capture 125 Table 50 Remote Packet Capture 127 Table 51 Packet Capture File Download 127 Table 52 VAP QoS Parameters 129 Table 53 ACL Configuration 132 T...

Страница 12: ...figuring SNMPv3 on page 111 Section 7 Maintaining the Access Point on page 117 Section 8 Configuring Client Quality of Service on page 128 Section 9 Clustering Multiple APs on page 149 Appendix A Defa...

Страница 13: ...fect network connectivity security and so on Table 1 Typographical Conventions Symbol Example Description Bold Click Apply to save your settings Menu titles page names and button names Blue Text See D...

Страница 14: ...features available from the user interface UI The information in the online help is a subset of the information available in the Unified Access Point Administrator s Guide Online help information corr...

Страница 15: ...ed Wireless Switch see the User Manual for the switch Before you power on a new UAP review the following sections to check required hardware and software components client configurations and compatibi...

Страница 16: ...g a wireless connection to the internal network For wireless connection to the access point your administration device will need Wi Fi capability similar to that of any wireless client Portable or bui...

Страница 17: ...g the Ethernet Settings on page 25 or by using the Web UI see Ethernet Settings on page 51 Table 3 Requirements for Wireless Clients Required Component Description Wi Fi Client Adapter Portable or bui...

Страница 18: ...dynamically assigned address by connecting the AP to a network that has a DHCP server Discovering a Dynamically Assigned IP Address If you have access to the DHCP server on your network and know the...

Страница 19: ...e following figure The hub or switch you use must permit broadcast signals from the access point to reach all other devices on the network To use a direct cable connection connect one end of an Ethern...

Страница 20: ...information a Connect a serial cable from the administrative computer to the AP and use a terminal emulation program to access the command line interface CLI b At the login prompt enter admin for the...

Страница 21: ...Settings page for UAP administration is displayed as the following figure shows 5 Verify the settings on the Basic Settings page Review access point description and provide a new administrator passwo...

Страница 22: ...Configuring IEEE 802 1X Authentication on page 27 Basic Settings From the Basic Settings page you can view various information about the UAP including IP and MAC address information and configure the...

Страница 23: ...strator password must be an alphanumeric string of up to 8 characters Do not use special characters or spaces Note As an immediate first step in securing your wireless network we recommend that you ch...

Страница 24: ...eral net Using the CLI to View the IP Address The DHCP client on the UAP is enabled by default If you connect the UAP to a network with a DHCP server the AP automatically acquires an IP address To man...

Страница 25: ...oadcasts requests for network information If you want to use a static IP address you must disable the DHCP client and manually configure the IP address and other network information The management VLA...

Страница 26: ...vlan id 1 4094 View untagged VLAN information get untagged vlan Enable the untagged VLAN set untagged vlan status up Disable the untagged VLAN set untagged vlan status down Set the untagged VLAN ID s...

Страница 27: ...the network until the 802 1X authenticator grants access If your network uses 802 1X you must configure 802 1X authentication information that the AP can supply to the authenticator If your network u...

Страница 28: ...m your computer to the access point do the following procedures a Disconnect the cable from the computer and the access point b Connect an Ethernet cable from the access point to the LAN c Connect you...

Страница 29: ...ure a unique security mode to control wireless client access Each radio has 16 VAPs with VAP IDs from 0 15 By default only VAP 0 on each radio is enabled VAP0 has the following default settings VLAN I...

Страница 30: ...ns Viewing Interface Status Viewing Events Viewing Transmit and Receive Statistics Viewing Associated Wireless Client Information Viewing TSPEC Client Associations Viewing Rogue AP Detection Viewing M...

Страница 31: ...bnet Mask and DNS information To change any of these settings click the Edit link After you click Edit you are redirected to the Ethernet Settings page For information about configuring these settings...

Страница 32: ...t erased when the system reboots Set a Severity Level to determine what category of log messages are displayed Set Depth to determine how many log messages are displayed in the Event log Enable a remo...

Страница 33: ...ased when the AP reboots Choose Disabled to save system logs to volatile memory Logs in volatile memory are deleted when the system reboots Severity Specify the severity level of the log messages to w...

Страница 34: ...ement operations and alerts To use Kernel Log relaying you must configure a remote server to receive the syslog messages The procedure to configure a remote log host depends on the type of system you...

Страница 35: ...lay to the remote log server monitor a specified kernel log file or other storage depending on how you configured the Log Relay Host If you disabled the Log Relay Host clicking Apply will disable remo...

Страница 36: ...the current AP and a real time display of the transmit and receive statistics for the Ethernet interface on the AP and for the VAPs on all supported radio interfaces All transmit and receive statisti...

Страница 37: ...et on the VAP page See Configuring Load Balancing on page 88 Name SSID Wireless network name Also known as the SSID this alphanumeric key uniquely identifies a wireless local area network The SSID is...

Страница 38: ...s the underlying IEEE 802 11 authentication and association status which is present no matter which type of security the client uses to connect to the AP This status does not show IEEE 802 1X authenti...

Страница 39: ...e wireless client as belonging to a particular user priority An example of a voice traffic stream is a Wi Fi CERTIFIED telephone handset that marks its codec generated data packets as voice priority t...

Страница 40: ...TSPEC Traffic Session Identifier range 0 7 TS Type There will only be an entry in the row for a client association that has an active TS If there are no active traffic streams there is no entry for t...

Страница 41: ...ue AP Detection information provides real time statistics for all APs within range of the AP on which you are viewing the Administration Web pages When AP detection is enabled the radio will periodica...

Страница 42: ...con frames are transmitted by an AP at regular intervals to announce the existence of the wireless network The default behavior is to send a beacon frame once every 100 milliseconds or 10 per second T...

Страница 43: ...Basic Rates shown in bold Rate sets are configured on the Radio Settings page See Modifying Radio Settings on page 58 Known AP List Action An AP can appear in the Known AP List if it has been moved fr...

Страница 44: ...must be a plain text file with a txt or cfg extension Entries in the file are MAC addresses in hexidecimal format with each octet separated by colons for example 00 11 22 33 44 55 Separate entries wit...

Страница 45: ...configure a DHCP server to respond to AP DHCP requests with the switch IP address information see the User Manual for the switch Viewing TSPEC Status and Statistics Information The TSPEC Status and S...

Страница 46: ...or this Access Category over the transmission medium to carry data This value should be less than or equal to the maximum bandwidth allowed over the medium for this TS Medium Time Unallocated Time in...

Страница 47: ...eams accepted and rejected by the AP To view TSPEC AP statistics click the TSPEC AP Statistics tab Table 14 describes the information provided on TSPEC AP Statistics page Table 14 TSPEC AP Statistics...

Страница 48: ...DWL 8600AP and DWL 6600AP only WLAN Packets Received Total packets received by the AP on this radio interface WLAN Bytes Received Total bytes received by the AP on this radio interface WLAN Packets Tr...

Страница 49: ...SDU is not transmitted successfully due to transmit attempts exceeding either the short retry limit or the long retry limit Transmit Retry Count Number of times an MSDU is successfully transmitted aft...

Страница 50: ...ert on page 106 Figure 12 Email Alert Operational Status The following table describes details about the Email Alert Operational Status Table 16 Email Alert Status Field Description Email Alert Status...

Страница 51: ...is section are located under the Manage heading on the Administration Web UI Ethernet Settings The default wired interface settings which include DHCP and VLAN information might not work for all netwo...

Страница 52: ...t change Management VLAN ID The management VLAN is the VLAN associated with the IP address you use to access the AP The default management VLAN ID is 1 Provide a number between 1 and 4094 for the mana...

Страница 53: ...uter Advertisements received on the LAN port The AP can have multiple auto configured IPv6 addresses Static IPv6 Address Enter a static IPv6 address The AP can have a static IPv6 address even if addre...

Страница 54: ...scribe aspects of the local area network LAN related specifically to the radio device in the access point 802 11 Mode and Channel and to the network interface to the access point MAC address for acces...

Страница 55: ...IEEE 802 11a n operates in the 5 GHz ISM band and includes support for both 802 11a and 802 11n devices IEEE 802 11n is an extension of the 802 11 standard that includes multiple input multiple output...

Страница 56: ...ion between Radio 1 and Radio 2 even if the VAP configuration on each radio is the same AeroScout Engine Protocol Support AeroScout Engine support provides location based services for wireless network...

Страница 57: ...more information on WDS see Configuring Load Balancing on page 88 Enabling AeroScout Engine Support The AeroScout Engine AE is a software platform produced by AeroScout Inc for location based service...

Страница 58: ...ding on the mode you select All settings are described in Table 19 on page 60 Figure 15 Configuring Radio Settings Note The following notes apply to AeroScout product and protocol support D Link does...

Страница 59: ...Modifying Radio Settings D Link Unified Access Point Administrator s Guide November 2011 Page 59 Unified Access Point Administrator s Guide Figure 16 Configuring Radio Settings Continued...

Страница 60: ...ging from 6 to 54 Mbps IEEE 802 11a n operates in the 5 GHz ISM band and includes support for both 802 11a and 802 11n devices IEEE 802 11n is an extension of the 802 11 standard that includes multipl...

Страница 61: ...el can be considered to consist of two 20 MHz channels that are contiguous in the frequency domain These two 20 MHz channels are often referred to as the Primary and Secondary channels The Primary Cha...

Страница 62: ...ly sleeping in low power mode have data buffered on the AP awaiting pick up The DTIM period you specify indicates how often the clients served by this AP should check for buffered data still on the AP...

Страница 63: ...upport and the basic rate sets you want the AP to advertise Rates are expressed in megabits per second Supported Rate Sets indicate rates that the AP supports You can check multiple rates click a chec...

Страница 64: ...t which includes the allotted medium time if the TSPEC was admitted Off A station can send and receive voice priority traffic without requiring an admitted TSPEC the AP ignores voice TSPEC requests fr...

Страница 65: ...ing the office working hours in order to achieve security and reduce power consumption You can also use the Scheduler to allow access to VAPs for wireless clients only during specific times of day Eac...

Страница 66: ...de Scheduler Profile The Scheduler profile defines the list of profiles names that can be associated to the VAP or Radio configuration Rules are associated with a named scheduler profile You can defin...

Страница 67: ...t Administrator s Guide To change an existing rule select the rule update the values in the Rule Configuration area and click Modify Rule Figure 18 Modify Rule Configuration Click Apply to save the ne...

Страница 68: ...s created so no profile is associated to any radio or VAP The Scheduler profile needs to be explicitly associated to a radio or VAP configuration Only one Scheduler profile can be associated to any ra...

Страница 69: ...one radio Status The operational status of the Scheduler The range is Up or Down VAP Scheduler Profile Operational Status Radio From the menu select Radio 1 or Radio 2 to associate the VAP Scheduler P...

Страница 70: ...D you configure on the VAP page or by using the RADIUS server assignment If you use an external RADIUS server you can configure multiple VLANs on each VAP The external RADIUS server assigns wireless c...

Страница 71: ...e with the AP the AP sends an authentication request to the primary server If the primary server responds to the authentication request the AP continues to use this RADIUS server as the primary server...

Страница 72: ...VAP0 is the physical radio interface so to disable VAP0 you must disable the radio Enabled You can enable or disable a configured network To enable the specified network select the Enabled option besi...

Страница 73: ...PA Enterprise If you select a security mode other than None additional fields appear These fields are explained below Note The Security mode you set here is specifically for this VAP MAC Authenticatio...

Страница 74: ...available but it offers more protection than setting the security mode to None Plain text as it does prevent an outsider from easily sniffing out unencrypted wireless traffic WEP encrypts data moving...

Страница 75: ...lowed to associate with an AP when static WEP is the security mode Specify the authentication algorithm you want to use by choosing one of the following options Open System authentication allows any c...

Страница 76: ...tensible Authentication Protocol EAP messages sent over an IEEE 802 11 wireless network using a protocol called EAP Encapsulation Over LANs EAPOL IEEE 802 1X provides dynamically generated keys that a...

Страница 77: ...o prevent others from seeing the RADIUS key as you type RADIUS Key 1 3 Enter the RADIUS key associated with the configured backup RADIUS servers The server at RADIUS IP Address 1 uses RADIUS Key 1 RAD...

Страница 78: ...ch support WPA2 and others which support only the original WPA select both of the check boxes This lets both WPA and WPA2 client stations associate and authenticate but uses the more robust WPA2 for c...

Страница 79: ...thentication for WPA2 clients Click Enable pre authentication if you want WPA2 wireless clients to send pre authentication packet The pre authentication information will be relayed from the AP the cli...

Страница 80: ...er The text you enter will be displayed as characters to prevent others from seeing the RADIUS key as you type RADIUS Key 1 3 Enter the RADIUS key associated with the configured backup RADIUS servers...

Страница 81: ...simple OSI layer 2 network device In the point to multipoint bridge mode one AP acts as the common link between multiple APs In this mode the central AP accepts client associations and communicates wi...

Страница 82: ...ress may appear only once on the WDS page for a particular AP Both APs participating in a WDS link must be on the same Radio channel and using the same IEEE 802 11 mode See Modifying Radio Settings on...

Страница 83: ...dio AP the Local Address reflects the MAC address for the internal interface on the selected radio Radio One on wlan0 or Radio Two on wlan1 Remote Address Specify the MAC address of the destination AP...

Страница 84: ...u selected HEX enter hexadecimal digits any combination of 0 9 and a f or A F These are the RC4 encryption keys shared with the stations using the AP Note To configure WPA PSK on any WDS link VAP0 of...

Страница 85: ...setting is applied If it is not found the opposite is applied On the VAP page the MAC Authentication Type setting controls whether the AP uses the station list configured locally on the MAC Authentica...

Страница 86: ...ess Note The filter you select is applied to the clients in the station list regardless of whether that station list is local or on the RADIUS server Stations List This is the local list of clients th...

Страница 87: ...d in the following table Note After you configure local MAC Authentication settings you must click Apply to apply the changes and to save the settings Changing some settings might cause the AP to stop...

Страница 88: ...ring Load Balancing Table 32 Load Balancing Field Description Load Balancing Enable or disable load balancing To enable load balancing on this AP click Enable To disable load balancing on this AP clic...

Страница 89: ...messages on the SSL TCP connection As long as the AP maintains communication with the switch through the keepalive messages it remains in Managed Mode If the AP does not receive a message within 45 s...

Страница 90: ...ss switches on your network that were configured by using a DHCP server The AP attempts to contact Switch IP Address 1 first Base IP Port The starting IP port number used by the wireless feature in a...

Страница 91: ...e AP to discover and establish WDS link with the Root AP WDS Managed Ethernet Port Specify whether the Ethernet port is to be enabled or disabled when the AP becomes part of a WDS group WDS Group Pass...

Страница 92: ...n information that the AP can supply to the authenticator To configure the UAP 802 1X supplicant user name and password by using the Web interface click the Authentication tab and configure the fields...

Страница 93: ...rs numbers and special symbols such as and Certificate File Status Indicates whether a certificate file is present and when that certificate expires Certificate File Upload Upload a certificate file t...

Страница 94: ...L tab Figure 26 Management ACL Table 35 Management ACL Field Description Management ACL Mode Enable or disable the management ACL feature At least one IPv4 or IPv6 address should be configured before...

Страница 95: ...ply to SNMPv1 and SNMPv2c only Key components of any SNMP managed network are managed devices SNMP agents and a management system The agents store data about their devices in Management Information Ba...

Страница 96: ...y to save your configuration changes Note If SNMP is disabled all remaining fields on the SNMP page are disabled This is a global SNMP parameter which applies to SNMPv1 SNMPv2c and SNMPv3 Read only co...

Страница 97: ...Pv4 DNS hostname or subnet of the machines that can execute get and set requests to the managed devices The valid range is 1 256 characters As with community names this provides a level of security on...

Страница 98: ...to send SNMP traps The valid range is 1 256 characters An example of a DNS hostname is snmptraps foo com Since SNMP traps are sent randomly from the SNMP agent it makes sense to specify where exactly...

Страница 99: ...enabled Either access type can be disabled separately To configure Web server settings click Web Server tab Figure 28 Configuring Web Server Settings Table 37 Web Server Settings Field Description HTT...

Страница 100: ...art the secure Web server The secure connection will not work until the new certificate is accepted on the browser HTTP SSL Certificate File Status Indicates whether a certificate file is present and...

Страница 101: ...ing the Telnet Status Telnet is a program that provides access to the DWL x600AP CLI from a remote host From the Telnet page you can enable or disable Telnet access to the system Figure 30 Telnet Stat...

Страница 102: ...Windows for transmission The settings described here apply to data transmission behavior on the AP only not to that of the client stations AP Enhanced Distributed Channel Access EDCA Parameters affec...

Страница 103: ...itive data such as VoIP and streaming media are automatically sent to this queue Data 1 Video High priority queue minimum delay Time sensitive video data is automatically sent to this queue Data 2 bes...

Страница 104: ...ntion Window size is reached retries will continue until a maximum number of retries allowed is reached Valid values for cwMax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwMax must be higher...

Страница 105: ...it time expires before the data frame is sent a retry counter is incremented and the random backoff value window is doubled Doubling will continue until the size of the random backoff value reaches th...

Страница 106: ...ring Email Alert Note Email alert is operationally disabled when the AP transitions to managed mode Table 41 Email Alert Configuration Field Description Email Alert Global Configuration Admin Mode Glo...

Страница 107: ...hostname of the SMTP server on the network Mail Server Security Specify whether to use SMTP over SSL TLSv1 or no security Open for authentication with the mail server The default is Open Mail Server P...

Страница 108: ...the email server details are configured The following text shows an example of an email alert sent from the AP to the network administrator From AP 192 168 2 10 mailserver com Sent Wednesday July 08...

Страница 109: ...s computer clock times on your network NTP servers transmit Coordinated Universal Time UTC also known as Greenwich Mean Time to their client systems NTP sends periodic time requests to servers using t...

Страница 110: ...and hyphens are accepted The first character must be a letter a z or A Z and the last character cannot be a hyphen System Date Manual configuration Specify the current month day and year System Time...

Страница 111: ...of view subtrees where each view subtree is a subtree within the managed object naming tree You can create MIB views to control the OID range that SNMPv3 users can access A MIB view called all is crea...

Страница 112: ...6 1 2 1 1 Mask The OID mask is 47 characters in length The format of the OID mask is xx xx xx or xx xx xx and is 16 octets in length Each octet is 2 hexadecimal characters separated by either period o...

Страница 113: ...be defined By default users of this group will have read only access to the default all MIB view which can be modified by the user RW A read write group using authentication and data encryption Users...

Страница 114: ...tication and data encryption With this security level users send an MD5 key password for authentication and a DES key password for encryption For groups that require authentication encryption or both...

Страница 115: ...User names can contain up to 32 alphanumeric characters Group Map the user to a group The default groups are RWAuth RWPriv and RO You can define additional groups on the SNMPv3 Groups page Authentica...

Страница 116: ...ve defined on the AP To remove a user select the user and click Remove Note After you configure the SNMPv3 Users settings you must click Apply to apply the changes and to save the settings Table 46 SN...

Страница 117: ...s all of the information about the AP settings You can download the configuration file to a management station to manually edit the content or to save as a back up copy You can use HTTP or TFTP to tra...

Страница 118: ...Configuration from a Previously Saved File You can use HTTP or TFTP to transfer files to and from the UAP After you download a configuration file to the management station you can manually edit the fi...

Страница 119: ...d or Choose File dialog box displays 4 Navigate to the directory that contains the file then select the file to upload and click Open Only those files created with the Backup function and saved as xml...

Страница 120: ...ubleshooting measure you can reboot the UAP To reboot the AP click the Reboot button on the Configuration page Upgrading the Firmware As new versions of the UAP firmware become available you can upgra...

Страница 121: ...oint restarts The AP resumes normal operation with the same configuration settings it had before the upgrade 6 To verify that the firmware upgrade completed successfully check the firmware version sho...

Страница 122: ...capture file mode captured packets are stored in a file on the Access Point The AP can transfer the file to a TFTP server The file is formatted in pcap format and can be examined using tools such as W...

Страница 123: ...Packet Capture Configuration and Settings D Link Unified Access Point Administrator s Guide November 2011 Page 123 Unified Access Point Administrator s Guide Figure 39 Packet Capture Configuration...

Страница 124: ...or transmitted by the radio Promiscuous Capture Enable to place the radio in promiscuous mode when the capture is active In promiscuous mode the radio receives all traffic on the channel including tr...

Страница 125: ...capture mode is in use the AP doesn t store any captured data locally in its file system Your can trace up to five interfaces on the AP at the same time However you must start a separate Wireshark se...

Страница 126: ...on a specific BSSID wlan bssid 00 02 bc 00 17 d0 All traffic to and from a specific client wlan addr 00 00 e8 4e 5f 8e In remote capture mode traffic is sent to the PC running Wireshark via one of the...

Страница 127: ...gured TFTP server or by HTTP S to a PC The captured packets are stored in file tmp apcapture pcap on the AP A capture is automatically stopped when the capture file download command is triggered Becau...

Страница 128: ...idual client is allowed to send and receive To control general categories of traffic such as HTTP traffic or traffic from a specific subnet you can configure ACLs and assign them to one or more VAPs I...

Страница 129: ...will not affect clients that access the network through other VAPs Client QoS Mode Enable or disable QoS operation on the VAP selected in the VAP menu QoS must be enabled globally from the Client QoS...

Страница 130: ...applied to traffic in the outbound down direction After switching the packet or frame to the outbound interface the ACL s rules are checked for a match The packet or frame is transmitted if it is perm...

Страница 131: ...on IP address the source or destination L4 port or the protocol carried in the packet MAC ACLs MAC ACLs are Layer 2 ACLs You can configure the rules to inspect fields of a frame such as the source or...

Страница 132: ...lients in the 192 168 20 0 network from being forwarded Figure 41 Client QoS ACL The following table describes the fields available on the Client QoS ACL page Table 53 ACL Configuration Field Descript...

Страница 133: ...ria is forwarded unless this rule is the final rule Because there is an implicit deny all rule at the end of every ACL traffic that is not explicitly permitted is dropped Match Every Indicates that th...

Страница 134: ...to match ftp ftpdata http smtp snmp telnet tftp www Each of these keywords translates into its equivalent port number Match to Port Enter the IANA port number to match to the source port identified in...

Страница 135: ...box and select a DSCP value keyword or enter a DSCP value to match You can select only one service type DSCP IP Precedence or TOS bits to use for match criteria Select from List Select from a list of...

Страница 136: ...ld to apply this criteria Source IPv6 Prefix Length Enter the prefix length of the source IPv6 address Source Port Select this option to include a source port in the match condition for the rule The s...

Страница 137: ...in the first only 802 1Q VLAN tag Source MAC Address Select this field and enter the source MAC address to compare against an Ethernet frame Source MAC Mask Select this field and enter the source MAC...

Страница 138: ...erv for Client QoS use the Class Map and Policy Map pages to define the following categories and their criteria Class create classes and define class criteria Policy create policies associate classes...

Страница 139: ...alphanumeric characters Match Layer 3 Protocol Specify whether to classify IPv4 or IPv6 packets Match Criteria Configuration Class Map Name Select name of the class to configure Use the fields in the...

Страница 140: ...sk in IP dotted decimal format indicating which part s of the destination IP Address to use for matching against packet content A DiffServ mask of 255 255 255 255 indicates that all bits are important...

Страница 141: ...fy quality of service handling in routers range 0 to 1048575 IP DSCP To use IP DSCP as a match criteria select the check box and select a DSCP value keyword or enter a DSCP Select from List Select fro...

Страница 142: ...and includes three different types of ports 0 1023 Well Known Ports 1024 49151 Registered Ports 49152 65535 Dynamic and or Private Ports EtherType Select the EtherType field to compare the match crite...

Страница 143: ...specify one type of service to use in matching packets to class criteria IP DSCP To use IP DSCP as a match criteria select the check box and select a DSCP value keyword or enter a DSCP Select from Li...

Страница 144: ...iteria is defined by a class on the Class Map page The processing is defined by a policy s attributes on the Policy Map page Policy attributes may be defined on a per class instance basis and it is th...

Страница 145: ...iteria is met Drop Select Drop to specify that all packets for the associated traffic stream are to be dropped if the class map criteria is met Mark Class of Service Select this field to mark all pack...

Страница 146: ...r the QOS mode for the selected client is enabled or disabled Note For the Qos Mode to be enabled on a client it must be globally enabled on the AP and enabled on the VAP the client is associated with...

Страница 147: ...AP the ACL s rules are checked for a match The packet or frame is processed if it is permitted and discarded if it is denied ACL Type Down Shows the type of ACL to apply to traffic in the outbound AP...

Страница 148: ...121 Access list identifier to be applied to 802 1X authenticated wireless client traffic in the inbound up direction If this attribute refers to an ACL that does not exist on the AP all packets for th...

Страница 149: ...t The APs joining the cluster have the same Cluster Name Clustering mode is enabled on both APs Clustering Single and Dual Radio APs Clustering of single and dual radios is not supported A cluster can...

Страница 150: ...5 Cluster Information and Member Configuration The following figure shows the Cluster Access Points page when clustering is enabled and two access points are in the cluster Figure 46 Cluster Informati...

Страница 151: ...one of the information in this table is visible To disable clustering on the AP click Stop Clustering Location Description of where the access point is physically located MAC Address Media Access Cont...

Страница 152: ...tral management of clustered access points For access points in a cluster all access points in the cluster reflect the same configuration In this case it does not matter which access point you actuall...

Страница 153: ...session ends when the client either logs off intentionally or loses the connection for some other reason To manage sessions associated with the cluster click Cluster Sessions Figure 47 Session Managem...

Страница 154: ...nes that a change is necessary that information is sent to all members of the cluster and a syslog message is generated indicating the sender AP new and old channel assignments The Channel Management...

Страница 155: ...nnel Assignment By default automatic channel assignment is disabled off Click Start to resume automatic channel assignment When automatic channel assignment is enabled the Channel Manager periodically...

Страница 156: ...channels than they were previously using depending on the results of the plan Table 61 Channel Assignments Field Description IP Address Specifies the IP Address for the access point Radio Identifies t...

Страница 157: ...algorithm Click Apply under Advanced settings to apply these settings Advanced settings will take effect when they are applied and influence how automatic channel management is performed Table 63 Adva...

Страница 158: ...erval You can click on an AP to get additional statistics about the APs in radio range of the currently selected AP The Wireless Neighborhood view can help you Detect and locate unexpected or rogue ac...

Страница 159: ...er member itself Neighbors who are also cluster members are always shown at the top of the list with a heavy bar above and include a location indicator The colored bars to the right of each AP in the...

Страница 160: ...ccess point must always have two different network names MAC Address Shows the MAC address of the neighboring access point A MAC address is a hardware address that uniquely identifies each node of a n...

Страница 161: ...e Default System Information User Name admin Password admin Ethernet Interface Settings Connection Type DHCP DHCP Enabled IP Address 10 90 90 91 if no DHCP server is available Subnet Mask 255 0 0 0 DN...

Страница 162: ...al 100 DTIM Period 2 Fragmentation Threshold 2346 RTS Threshold 2347 TSPEC Mode Off TSPEC Voice ACM Mode Off Virtual Access Point Settings Status VAP0 is enabled on both radios all other VAPs disabled...

Страница 163: ...Access Enabled disabled in Managed Mode HTTPS Access Enabled disabled in Managed Mode Console Port Access Enabled Telnet Access Enabled disabled in Managed Mode SSH Access Enabled disabled in Managed...

Страница 164: ...amples the objects you use to AP are in a private MIB The path to the tables that contain the objects is iso 1 org 3 dod 6 internet 1 private 4 enterprises 1 dlink 171 dlink products 10 dwl ap 37 dwlW...

Страница 165: ...Set the Security Mode to WPA Personal set interface wlan0vap1 security wpa personal 6 Allow WPA2 clients and not WPA clients to connect to the AP set bss wlan0bssvap1 wpa allowed off set bss wlan0bssv...

Страница 166: ...figSecurity object to wpa personal 3 10 Set the value of instance3 in the apIfConfigWpaPersonalKey object to JuPXkC7GvY moQiUttp2 which is the WPA pre shared key 11 Navigate to the objects in the apRa...

Страница 167: ...t Administrator s Guide 5 From the Channel Bandwidth field select 40 MHz 6 In the Maximum Stations field change the value to 100 7 In the Transmit Power field change the value to 75 The following imag...

Страница 168: ...tx power 75 8 View information about the radio settings get radio wlan1 detail Radio Configuration Using SNMP 1 Load the DLINK WLAN ACCESS POINT MIB module 2 From the MIB tree navigate to the objects...

Страница 169: ...WDS Configuration from the Web Interface To create a WDS link between a pair of access points MyAP1 and MyAP2 use the following steps 1 Log onto MyAP1 and navigate to the Manage WDS page The MAC addre...

Страница 170: ...P1 by using Telnet SSH or a serial connection 2 Configure the remote MAC address for MyAP2 set interface wlan0wds0 status up remote mac 00 30 AB 00 00 B0 3 Set WPA PSK as the encryption type for the l...

Страница 171: ...The first WDS link is instance 1 4 Set the value of instance 1 in the apIfConfigRemoteMac object to 00 30 AB 00 00 B0 In the MG Soft browser the format for the MAC address value to set is 0x00 0x30 0...

Страница 172: ...r Clustering APs by Using the Web Interface 1 Log onto the AP and navigate to the Cluster Access Points page 2 If clustering has started click Stop Clustering so you can change the Clustering Options...

Страница 173: ...clustering so you can change the location and cluster name set cluster clustered 0 3 Set the AP Location set cluster cluster name Room 214 4 Set the cluster name set cluster location MyCluster 5 Start...

Страница 174: ...d to the inbound interface on the AP so that packets are checked when the AP receives traffic from associated clients The DiffServ policy in this example shows how to establish default DiffServ behavi...

Страница 175: ...List Source Port www 7 Click Apply to save the rule 8 Select New Rule from the Rule menu and create another rule with the following settings Action Permit Match Every Clear the option Protocol IP Add...

Страница 176: ...e Class Map Name field and click Add Class Map The page refreshes and additional fields appear 3 Select the Match Every option to indicate that all match criteria defined for the class must be satisfi...

Страница 177: ...Access Point Administrator s Guide Destination IP Mask 255 255 255 255 7 Click Apply to save the match criteria 8 Navigate to the Client QoS Policy Map page 9 To create a policy enter pol_voip into t...

Страница 178: ...f from the Select From List menu 11 Traffic that meets the criteria defined in the class_voip class is marked with a DSCP value of EF expedited forwarding 12 Click Apply to save the policy 13 Navigate...

Страница 179: ...c ip mask 0 0 0 255 src port http 4 Add another rule to acl1 that allows all traffic from the host with an IP address of 192 168 1 23 add rule acl name acl2 acl type ipv4 action permit protocol ip src...

Страница 180: ...ction from the client to the AP set vap wlan0vap2 def policy up pol_voip Configuring QoS by Using SNMP ACL Configuration 1 Load the DLINK WLAN ACCESS POINT MIB module 2 From the MIB tree navigate to t...

Страница 181: ...ss of 192 168 1 23 Use 1 3 6 1 4 1 6132 1 1 28 10 3 1 14 1 4 97 99 108 49 2 to set the apQosAclRuleStatus of Rule 2 to active 1 Use 1 3 6 1 4 1 6132 1 1 28 10 3 1 4 1 4 97 99 108 49 2 to set the apQos...

Страница 182: ...t apQosDsClassMapMatchProtocol to UDP 17 Set apQosDsClassMapMatchSrcIpAddress to 192 168 1 0 Set apQosDsClassMapMatchSrcIpMask to 255 255 255 0 Set apQosDsClassMapMatchDestIpAddress to 192 168 2 200 S...

Страница 183: ...Mode object to set the status to up 1 which enables Client QoS on the AP 9 Walk the apVapDescription object to view the instance ID for VAP 2 wlan0vap2 VAP 2 on Radio 1 is instance 5 10 Use the apVapQ...

Отзывы:

Нет отзывов

Похожие инструкции для DWL-3600AP

D-Link DIR-890L Quick Install Manual preview
DIR-890L
Бренд: D-Link Страницы: 20
D-Link DIR-882 Manual preview
DIR-882
Бренд: D-Link Страницы: 95
IP-COM W45AP Quick Install Manual preview
W45AP
Бренд: IP-COM Страницы: 2
ZyXEL Communications EMG5523-T50B Quick Start Manual preview
EMG5523-T50B
Бренд: ZyXEL Communications Страницы: 2
Atatech BT402 Installation Manual preview
BT402
Бренд: Atatech Страницы: 2
Raisecom iTN201-R Hardware Description preview
iTN201-R
Бренд: Raisecom Страницы: 84
NEC Aterm W300P Setup Manual preview
Aterm W300P
Бренд: NEC Страницы: 4
NEC PA-MR10LN Instruction Manual preview
PA-MR10LN
Бренд: NEC Страницы: 25
NEC Aterm MR03LN Instruction Manual preview
Aterm MR03LN
Бренд: NEC Страницы: 25
NEC NAR01 Instruction Manual preview
NAR01
Бренд: NEC Страницы: 26
NEC UNIVERGE WL Quick Installation Manual preview
UNIVERGE WL
Бренд: NEC Страницы: 34
NEC OPS-DRD User Manual preview
OPS-DRD
Бренд: NEC Страницы: 46
NEC NP06LM Important Information Manual preview
NP06LM
Бренд: NEC Страницы: 48
ZyXEL Communications WAP3205 User Manual preview
WAP3205
Бренд: ZyXEL Communications Страницы: 164
Fortinet FortiAP S322CR Information preview
FortiAP S322CR
Бренд: Fortinet Страницы: 17
Fortinet FortiAP C23JD Quick Start Manual preview
FortiAP C23JD
Бренд: Fortinet Страницы: 16
ADDON NWAR3670 Quick Installation Manual preview
NWAR3670
Бренд: ADDON Страницы: 8
Wisnetworks WIS-Q2300 User Manual preview
WIS-Q2300
Бренд: Wisnetworks Страницы: 26

Бренды по названию

Популярные бренды

Загрузить еще бренды