- DL manuals
- Airlink101
- Wireless Access Point
- APO1200
- User Manual
Airlink101 APO1200 User Manual
Summary of APO1200
Page 1
Wireless n/a 5ghz 200mw outdoor ap model: apo1200/apo1215 user’s manual v.1.0
Page 2: Table Of Contents
Table of contents chapter 1. System overview .......................................................................................................................................................1 1.1 i ntroduction .......................................................................................
Page 3
5.1 e xternal n etwork c onnection ...............................................................................................................................................79 5.1.1 network requirement.................................................................................................
Page 4
6.7.2 associated clients status ..................................................................................................................................................169 6.7.3 remote ap .........................................................................................................
Page 5
8.7.4 extra info...............................................................................................................................................................................260 8.7.5 qos plot..............................................................................................
Page 6: Chapter 1. System Overview
1 chapter 1. System overview 1.1 introduction airlink101® wireless n/a 5ghz 200mw outdoor access point, apo1200 / wireless n/a 5ghz 200mw outdoor access point with 15dbi patch antenna, apo1215 is the point of connection to wireless outdoor network for service provider deploying last mile services to...
Page 7: 1.2 System Concept
2 1.2 system concept the apo1200/apo1215 is not only designed and used as traditional outdoor ap, but also with rich features tailored for wisp applications. The two-level management capability and access control ease wisp and owners to maintain and manage wireless network in a more controllable fas...
Page 8
3 1.3 applications in wireless network apo1200/apo1215 is a multiple mode system which can be configured either as a wireless gateway or an access point as desired. It also can be used as a wds link for ethernet network expansion. This section depicts different applications on router ap mode, ap mod...
Page 9
4 configuration in ap mode (including access point + wds) an access point can be either a main, relay or remote base station. A main base station is typically connected to a wired network via the ethernet port. A relay base station relays data between main base stations and relay stations or remote ...
Page 10
5 Î example 1 : point-to-point Î example 2 : point-to-multi-point wc Î example 3 : multi-point repeating bridge configuration in cpe mode it can be used as an outdoor customer premises equipment (cpe) to receive wireless signal over last mile application, helping wisps deliver wireless broadband int...
Page 11
6 configuration in client bridge + universal repeater mode it can be used as an client bridge + universal repeater to receive wireless signal over last mile applications, helping wisps deliver wireless broadband internet service to new residential and business customers. In this mode, apo1200/apo121...
Page 12: 1.4 Product Benefit
7 1.4 product benefit ieee 802.11n compliance in 2tx / 2rx design support ieee 802.11n and 802.11a operates in the 5ghz ism band enables bandwidth of up to 300mbps(tx), 300mbps(rx) link rate topology : point to point ; point to multi point Î router ap mode Î access point mode : pure access point fun...
Page 13: 1.5 Specification
8 1.5 specification wireless architecture mode Î router ap mode 9 wire connection as wan , in this mode , the device run as dhcp server to assign ip address to wireless clients out of a private ip address pool behind a nat 9 this enables the wireless interconnection of access point in an ieee802.11 ...
Page 14
9 Î dhcp server in router ap , cpe/cpe + ap and client bridge + universal repeater mode Î 802.3 bridging Î masquerading (nat) Î proxy dns Î dynamic dns Î ntp client Î virtual dmz Î virtual server (ip/ port forwarding) Î support mac filter Î support ip filter Î bandwidth traffic shaping wireless feat...
Page 15
10 authentication/ encryption (wireless security) Î layer 2 user isolation and ap isolation Î blocks client to client discovery within a specified vlan Î wep 64/ 128 bits Î eap-tls + dynamic wep Î eap-ttls + dynamic wep Î peap/ ms-peap+dynamic wep Î wpa (psk +tkip) Î wpa (802.1x certification + tkip...
Page 16
11 system administration Î intuitive web management interface Î password protected access Î firmware upgrade via web Î reset to factory defaults Î profiles configuration backup and restore Î one-button-click to reset factory default Î two administrator accounts Î remote link test – display connect s...
Page 17: 2.1 Hardware Installation
12 chapter 2. Basic installation 2.1 hardware installation 2.1.1 package contents the standard package contents of apo1200/apo1215 : apo1200/apo1215 x 1 quick installation guide x 1 cd-rom (with user manual and qig) x 1 power adapter dc24v 0.5a x 1 poe injector x 1 mounting kit x 2 it is highly reco...
Page 18
13 apo1200 front panel rear panel 1. Reboot button : unscrew the screw and click reset button to restart system or reset to default configurations. ► press and hold the reset button for 2 seconds and release to restart system. The led except power indicator will be off before restarting. ► press and...
Page 19
14 2.1.3 hardware installation steps you can refer to the quick installation guide for more detailed instructions. Follow the steps mentioned below to install the hardware of apo1200/apo1215 : apo1200 connect n-type antenna to the n-type connector on the rear panel. Connect pse to the poe connector ...
Page 20
15 2.2 web management interface instructions apo1200/apo1215 supports web-based configuration. Upon the completion of hardware installation, apo1200/apo1215 can be configured through a pc/laptop by using its web browser such as internet explorer version 6.0. Default ip address : 192.168.2.254 defaul...
Page 21
16 system login the system manager login page then appears. Enter “root” for user name and “default” for password, and then click ok to login to the system. Login success system overview page will appear after successful login..
Page 22
17 chapter 3. Ap mode configuration when ap mode is selected, the system can be configured as an access point. This section provides detailed explanation for users to configure in the ap mode with help of illustrations. In the ap mode, functions listed in the table below are also available from the ...
Page 23
18 3.1.2 configure lan ip here are the instructions to setup the local ip address and netmask. Please click on system -> lan and follow the below setting. Mode : check either “static ip” or “dynamic ip” button as desired to set up the system ip of lan port . Î static ip : the administrator can manua...
Page 24
19 click save button to save your changes. Click reboot button to activate your changes apo1200 apo1200
Page 25
20 3.2 wireless lan network creation the network manager can configure related wireless settings, general settings, advanced settings, virtual ap(vap) setting, security settings and mac filter settings. 3.2.1 wireless general setup the administrator can change the data transmission, channel and outp...
Page 26
21 ht txstream /rxstream : by default, it's 2. Operating mode : by default, it's mixed mode. Î mixed mode : in this mode packets are transmitted with a preamble compatible with the legacy 802.11a/g, the rest of the packet has a new format. In this mode the receiver shall be able to decode both the m...
Page 27
22 3.2.2 wireless advanced setup to achieve optimal wireless performance, it is necessary to tweak advance setting per requirements properly, not necessary higher the better or lower. The administrator can change the rts threshold and fragmentation threshold settings for the system. Please click on ...
Page 28
23 ack timeout : ack timeout is in the range of 1~255 and set in unit of microsecond. The default value is 32 microsecond. All data transmission in 802.11b/g request an “acknowledgement” (ack) send by receiving radio. The transmitter will resend the original packet if correspondent ack failed to arr...
Page 29
24 fragment threshold : the fragment threshold is in the range of 256~2346 byte. The default is 2346 byte. Each wi-fi packet can be divided into smaller packets, marked with a sequential fragment number and re-assemble in the receiving ends. The purpose is to make a short frame, instead of long fram...
Page 30
25 wmm : by default, it's “disable”. To enable is to use wmm and the wmm parameters should appears. When you enable wmm, the “tx burst” will be disabled automatically by system. Î wmm parameters of access point : this affects traffic flowing from the access point to the client station queue data tra...
Page 31
26 9 aifsn : the arbitration inter-frame spacing number specifies a wait time (in milliseconds) for data frames 9 cwmin : minimum contention window. This parameter is input to the algorithm that determines the initial random backoff wait time ("window") for retry of a transmission. The value specifi...
Page 32
27 the upper limit (in milliseconds) for the doubling of the random backoff value. This doubling continues until either the data frame is sent or the maximum contention window size is reached. Once the maximum contention window size is reached, retries will continue until a maximum number of retries...
Page 33
28 3.2.3 create virtual ap (vap) the apo1200/apo1215 support broadcasting multiple ssids, allowing the creation of virtual access points, partitioning a single physical access point into 7 logical access points, each of which can have a different set of security, vlan tag(id) and network settings. F...
Page 34
29 3.2.3.2 virtual ap setup for each virtual ap, administrators can configure ssid, vlan tag(id), ssid broadcasting, maximum number of client associations, security type settings. Click edit button on the edit column, and then a virtual ap setup page appears. Enable ap : by default, it’s “disable” f...
Page 35
30 vlan tag(id) : by default, it’s selected “disable”. This system supports tagged virtual lan(vlan). A valid number of 1 to 4094 can be entered after it’s enabled. If your network utilize vlans you could tie a vlan tag to a specific ssid, and packets from/to wireless clients belonging to that ssid ...
Page 36
31 9 wpa general settings : • cipher suite : bydefault, it is aes. Select either aes or tkip cipher suites • group key update period : bydefault, it’s 3600 seconds. This time interval for rekeying gtk, broadcast/multicast encryption keys, in seconds. Entering the time-length is required. • pmk cache...
Page 37
32 Î wep 802.1x : when wep 802.1x authentication is enabled, please refer to the following dynamic wep and radius settings to complete configuration. 9 radius server settings : • ip address : enter the ip address of the authentication radius server. • port : by default, it’s 1812.The port number use...
Page 38
33 3.2.4 wireless mac filter setup continue 3.2.3.2 virtual ap setup section. For each virtual ap setting, the administrator can allow or reject clients to access each virtual ap. Mac filter setup : by default, it’s “disable”. Optionsare disable, only deny list mac or only allow list mac. Two ways t...
Page 39
34 3.3 wireless network expansion the administrator could create wds links to expand wireless network. When wds is enabled, access point functions as a wireless bridge and is able to communicate with other access points via wds links. A wds link is bidirectional and both side must support wds. Acces...
Page 40: 3.4 System Management
35 3.4 system management 3.4.1 configure management administrator could specify geographical location of the system via instructions in this page. Administrator could also enter new root and admin passwords and allow multiple login methods. Please click system -> management and follow the below sett...
Page 41
36 admin login methods : only root user can enable or disable system login methods and change services port. Î enable http : check to select http service. Î http port : thedefault is 80 and the range is between 1 ~ 65535. Î enable https : check to select https service Î https port : thedefault is 44...
Page 42
37 without a valid certificate, users may encounter the following problem in ie7 when they try to access system's wmi ( https://192.168.2.254 ). There will be a “certificate error”, because the browser treats system as an illegal website. Click “continue to this website” to access the system's wmi. ...
Page 43
38 3.4.2 configure system time system time can be configured via this page, and manual setting or via a ntp server is supported. Please click on system -> time server and follow the below setting. Local time : display the current system time. Ntp client : to synchronize the system time with ntp serv...
Page 44
39 3.4.3 configure snmp setup snmp is an application-layer protocol that provides a message format for communication between snmp manager and agent. By enabling snmp function, the administrator can obtain the system information remotely. Please click on system -> snmp setup and follow the below sett...
Page 45
40 Î community : set a community string required by the remote host computer that will receive trap messages or notices send by the system. Î ip : enter the ip addresses of the remote hosts to receive trap messages. Click save button to save changes and click reboot button to activate..
Page 46
41 3.4.4 backup / restore and reset to factory backup current configuration, restore prior configuration or reset back to factory default configuration can be executed via this page. Please click on utilities -> profile setting and follow the below setting. Save settings to pc : click save button to...
Page 47
42 3.4.5 firmware upgrade firmware is the main software image that system needs to respond to requests and to manage real time operations. Firmware upgrades are sometimes required to include new features or bugs fix. It takes around 2 minutes to upgrade due to complexity of firmware. To upgrade syst...
Page 48
43 3.4.6 network utility the administrator can diagnose network connectivity via the ping or traceroute utility. Please click on utilities -> network utility and follow the below setting. Ping : this utility will help ping other devices on the network to verify connectivity. Ping utility, using icmp...
Page 49
44 3.4.7 reboot this function allows user to restart system with existing or most current settings when changes are made. Click reboot buttonto proceed and take around three minutes to complete. A reminder will be available for remaining time to complete. If power cycle is necessary, please wait til...
Page 50: 3.5 System Status
45 3.5 system status this section breaks down into subsections of system overview, associated clients status, wds link status, extra information and event log. 3.5.1 system overview display detailed information of system, network, lan and wireless in the system overview page. System : display the in...
Page 51
46 lan information : display total received and transmitted statistics on the lan interface. Î mac address : the mac address of the lan port. Î receive bytes : the total received packets in bytes on the lan port. Î receive packets : the total received packets of the lan port. Î transmit bytes : the ...
Page 52
47 3.5.2 associated clients status it displays essid, on/off status, security type, total number of wireless clients associated with all virtual ap. Vap information : highlights key vap information. Î vap : available vap from primary ap to vap6. Î essid : display name of essid for each vap. Î mac ad...
Page 53
48 3.5.3 show wds link status peers mac address, antenna 0/1 received signal strength, phy mode and channel bandwidth for each wds are available. Mac address : display mac address of wds peer. Signal strength ant0/ant1 : indicate the signal strength of the respective wds links. Phy mode : indicate t...
Page 54
49 3.5.4 extra information users could pull out information such as route table, arp table, mac table, bridge table or stp available in the drop- down list from system. The “refresh” button is used to retrieve latest table information. Route table information : select “route table information” on th...
Page 55
50 bridge stp information : select “bridge stp information” on the drop-down list to display a list of bridge stp information..
Page 56
51 3.5.5 event log the event log displays system events when system is up and running. Also, it becomes very useful as a troubleshooting tool when issues are experienced in system. Time : the date and time when the event occurred. Facility : it helps users to identify source of events such “system” ...
Page 57
52 chapter 4. Wds mode configuration please refer to illustrations of the section 1.3 for possible applications in the wds mode. This section provides detailed explanation for users to configure in the wds mode with help of illustrations. In the wds mode, functions listed in the table below are also...
Page 58
53 4.1.2 configure lan ip here are the instructions for how to setup the local ip address and netmask. Please click on system -> lan and follow the below setting. Mode : check either “static ip” or “dynamic ip” button as desired to set up the system ip of lan port . Î static ip : the administrator c...
Page 59
54 4.2 wireless network expansion the network manager can configure related wireless settings, general settings, advanced settings and wds settings . 4.2.1 general setup the administrator can change the data transmission, channel and output power settings for the system. Please click on wireless -> ...
Page 60
55 ht txstream /rxstream : by default, it's 2. Operating mode : by default, it's mixed mode Î mixed mode : in this mode packets are transmitted with a preamble compatible with the legacy 802.11a/g, the rest of the packet has a new format. In this mode the receiver shall be able to decode both the mi...
Page 61
56 4.2.2 wireless advanced setup to achieve optimal wireless performance, it is necessary to tweak advance setting per requirements properly, not necessary higher the better or lower. The administrator can change the rts threshold and fragmentation threshold settings for the system. Please click on ...
Page 62
57 ack timeout : ack timeout is in the range of 1~255 and set in unit of microsecond. The default value is 32 microsecond. All data transmission in 802.11b/g request an “acknowledgement” (ack) send by receiving radio. The transmitter will resend the original packet if correspondent ack failed to arr...
Page 63
58 fragment threshold : the fragment threshold is in the range of 256~2346 byte. The default is 2346 byte. Each wi-fi packet can be divided into smaller packets, marked with a sequential fragment number and re-assemble in the receiving ends. The purpose is to make a short frame, instead of long fram...
Page 64
59 when you enable wmm, the “tx burst” will be disabled automatically by system. Î wmm parameters of access point : this affects traffic flowing from the access point to the client station queue data transmitted ap to clients priority description ac_bk background. Low high throughput. Bulk data that...
Page 65
60 9 aifsn : the arbitration inter-frame spacing number specifies a wait time (in milliseconds) for data frames 9 cwmin : minimum contention window. This parameter is input to the algorithm that determines the initial random backoff wait time ("window") for retry of a transmission. The value specifi...
Page 66
61 either the data frame is sent or the maximum contention window size is reached. Once the maximum contention window size is reached, retries will continue until a maximum number of retries allowed is reached. Valid values for the "cwmax" are 1, 3, 7, 15, 31, 63, 127, 255, 511, or 1024. The value f...
Page 67
62 4.2.3 wds setup the administrator could create wds links to expand wireless network. When wds is enabled, access point functions as a wireless bridge and is able to communicate with other access points via wds links. A wds link is bidirectional and both side must support wds. Access points know e...
Page 68: 4.3 System Management
63 4.3 system management 4.3.1 configure management administrator could specify geographical location of the system via instructions in this page. Administrator could also enter new root and admin passwords and allow multiple login methods. Please click system -> management and follow the below sett...
Page 69
64 admin login methods : only root user can enable or disable system login methods and change services port. Î enable http : check to select http service. Î http port : thedefault is 80 and the range is between 1 ~ 65535. Î enable https : check to select https service Î https port : thedefault is 44...
Page 70
65 click save button to save your changes. Click reboot button to activate your changes without a valid certificate, users may encounter the following problem in ie7 when they try to access system's wmi ( https://192.168.2.254 ). There will be a “certificate error”, because the browser treats system...
Page 71
66 4.3.2 configure system time system time can be configured via this page, and manual setting or via a ntp server is supported. Please click on system -> time server and follow the below setting. Local time : display the current system time. Ntp client : to synchronize the system time with ntp serv...
Page 72
67 4.3.3 configure snmp setup snmp is an application-layer protocol that provides a message format for communication between snmp managers and agents. By enabling snmp function, the administrator can obtain the system information remotely. Please click on system -> snmp setup and follow the below se...
Page 73
68 Î community : set a community string required by the remote host computer that will receive trap messages or notices send by the system. Î ip : enter the ip addresses of the remote hosts to receive trap messages. Click save button to save changes and click reboot button to activate..
Page 74
69 4.3.4 backup / restore and reset to factory backup current configuration, restore prior configuration or reset back to factory default configuration can be executed via this page. Please click on utilities -> profile setting and follow the below setting. Save settings to pc : click save button to...
Page 75
70 4.3.5 firmware upgrade firmware is the main software image that system needs to respond to requests and to manage real time operations. Firmware upgrades are sometimes required to include new features or bugs fix. It takes around 2 minutes to upgrade due to complexity of firmware. To upgrade syst...
Page 76
71 4.3.6 network utility the administrator can diagnose network connectivity via the ping and traceroute utility. Please click on utilities -> network utility and follow the below setting. Ping : this utility will help ping other devices on the network to verify connectivity. Ping utility, using icm...
Page 77
72 4.3.7 reboot this function allows user to restart system with existing or most current settings when changes are made. Click reboot buttonto proceed and take around three minutes to complete. A reminder will be available for remaining time to complete. If power cycle is necessary, please wait til...
Page 78: 4.4 System Status
73 4.4 system status this section breaks down into subsections of system overview, wds link status, extra information and event log. 4.4.1 system overview detailed information on system, network, lan information and wireless information can be reviewed via this page. System : display the information...
Page 79
74 lan information : display total received and transmitted statistics on the lan interface. Î mac address : the mac address of the lan port. Î receive bytes : the total received packets in bytes on the lan port. Î receive packets : the total received packets of the lan port. Î transmit bytes : the ...
Page 80
75 4.4.2 wds list peers mac address, antenna 0/1 received signal strength, phy mode and channel bandwidth for each wds are available. Mac address : display mac address of wds peer. Signal strength ant0/ant1 : indicate the signal strength of the respective wds links. Phy mode : indicate the phy mode ...
Page 81
76 4.4.3 extra information users could pull out information such as route table, arp table, mac table, bridge table or stp available in the drop- down list from system. The “refresh” button is used to retrieve latest table information. Route table information : select “route table information” on th...
Page 82
77 bridge mac information : select “bridge macs information” on the drop-down list to display mac table. This table displays local mac addresses associated with wired or wireless interfaces, but also remember non-local mac addresses learned from wired or wireless interfaces. Ageing timers will be re...
Page 83
78 4.4.4 event log the event log displays system events when system is up and running. Also, it becomes very useful as a troubleshooting tool when issues are experienced in system. Time : the date and time when the event occurred. Facility : it helps users to identify source of events such “system” ...
Page 84
79 chapter 5. Cpe mode configuration when cpe mode is chosen, the system can be configured as a customer premises equipment(cpe). This section provides detailed explanation for users to configure in the cpe mode with help of illustrations. In the cpe mode, functions listed in the table below are als...
Page 85
80 5.1.2 configure wan setup there are three connection types for the wan port : static ip, dynamic ip, pppoe and pptp. Please click on system -> wan and follow the below setting. In cpe mode, the wan port is the wireless interface. Mode : by default, it’s “static ip”. Check “static ip”, “dynamic ip...
Page 86
81 9 user name : enter user name for pppoe connection 9 password : enter password for pppoe connection 9 reconnect mode : • always on – a connection to internet is always maintained. • on demand – a connection to internet is made as needed. When time server is enabled at the “on demand” mode, the “r...
Page 87
82 when time server is enabled at the “on demand” mode, the “reconnect mode” will turn out “always on”. • manual – click the “connect” button on “wan information” in the overview page to connect to the internet. 9 idle time : time to last before disconnecting pppoe session when it is idle. Enter pre...
Page 88
83 5.1.3 configure ddns setup dynamic dns allows you to map domain name to dynamic ip address. Please click on system -> ddns setup and follow the below setting. Enabled: by default, it’s “disable”. The mapping domain name won’t change when dynamic ip changes. The beauty of it is no need to remember...
Page 89
84 5.1.4 configure lan setup here are the instructions for how to setup the local ip address and netmask. Please click on system -> lan and follow the below setting. Lan ip : the administrator can manually setup the lan ip address. Î ip address : the ip address of the lan port; default ip address is...
Page 90
85 5.2 access point association 5.2.1 configure wireless general setting the administrator can change the data transmission, channel and output power settings for the system. Please click on wireless -> general setup and follow the below setting. Band mode : select an appropriate wireless band; band...
Page 91
86 mcs : this parameter represents transmission rate. By default (auto) the fastest possible transmission rate will be selected. You have the option of selecting the speed if necessary. (refer to appendix c. Mcs data rate) mpdu enable : check enable button to activate this function, and disable to d...
Page 92
87 5.2.2 configure wireless advanced setting to achieve optimal wireless performance, it is necessary to tweak advance setting per requirements properly, not necessary higher the better or lower. The administrator can change the rts threshold and fragmentation threshold settings for the system. Plea...
Page 93
88 5.2.3 site survey use this tool to scan and locate wisp access points and select one to associate with. Please click on wireless -> site survey. Below depicts an example for site survey. Essid : available extend service set id of surrounding access points. Mac address : mac addresses of surroundi...
Page 94
89 5.2.4 create wireless profile the administrator can configure station profiles via this page. Please click on wireless -> wireless profile and follow the below setting. Mac address : the mac address of the wireless station is displayed here. Profile name : setdifferent profiles for quick connecti...
Page 95
90 9 cipher suite : select the desired cipher suite from the drop-down list; the options are aes and tkip 9 pre-shared key : enter the information for pre-shared key; the key can be either entered as a 256-bit secret in 64 hex digits format, or 8 to 63 ascii characters. Profile list : the user can m...
Page 96: 5.3 System Management
91 5.3 system management 5.3.1 configure management administrator could specify geographical location of the system via instructions in this page. Administrator could also enter new root and admin passwords and allow multiple login methods. Please click system -> management and follow the below sett...
Page 97
92 admin login methods : only root user can enable or disable system login methods and change services port. Î enable http : check to select http service. Î http port : thedefault is 80 and the range is between 1 ~ 65535. Î enable https : check to select https service Î https port : thedefault is 44...
Page 98
93 click save button to save your changes. Click reboot button to activate your changes without a valid certificate, users may encounter the following problem in ie7 when they try to access system's wmi ( https://192.168.2.254 ). There will be a “certificate error”, because the browser treats system...
Page 99
94 5.3.2 configure system time system time can be configured via this page, and manual setting or via a ntp server is supported. Please click on system -> time server and follow the below setting. Local time : display the current system time. Ntp client : to synchronize the system time with ntp serv...
Page 100
95 5.3.3 configure upnp universal plug and play(upnp) is an architecture to enable pervasive peer-to-peer network connectivity between pcs, intelligent devices and appliances when upnp is supported. Upnp works on tcp/ip network to enable upnp devices to connect and access to each other, very well ad...
Page 101
96 5.3.4 configure snmp setup snmp is an application-layer protocol that provides a message format for communication between snmp managers and agents. By enabling snmp function, the administrator can obtain the system information remotely. Please click on system -> snmp setup and follow the below se...
Page 102
97 Î community : set a community string required by the remote host computer that will receive trap messages or notices send by the system. Î ip : enter the ip addresses of the remote hosts to receive trap messages. Click save button to save changes and click reboot button to activate..
Page 103
98 5.3.5 backup / restore and reset to factory backup current configuration, restore prior configuration or reset back to factory default configuration can be executed via this page. Please click on utilities -> profile setting and follow the below setting. Save settings to pc : click save button to...
Page 104
99 5.3.6 firmware upgrade firmware is the main software image that system needs to respond to requests and to manage real time operations. Firmware upgrades are sometimes required to include new features or bugs fix. It takes around 2 minutes to upgrade due to complexity of firmware. To upgrade syst...
Page 105
100 5.3.7 network utility the administrator can diagnose network connectivity via the ping and traceroute utility. Please click on utilities -> network utility and follow the below setting ping : this utility will help ping other devices on the network to verify connectivity. Ping utility, using icm...
Page 106
101 5.3.8 reboot this function allows user to restart system with existing or most current settings when changes are made. Click reboot buttonto proceed and take around three minutes to complete. A reminder will be available for remaining time to complete. If power cycle is necessary, please wait ti...
Page 107: 5.4 Access Control List
102 5.4 access control list 5.4.1 ip filter setup allows to create deny or allow rules to filter ingress or egress packets from specific source and/or to destination ip address on wired (lan) or wireless (wan) ports. Filter rules could be used to filter unicast or multicast packets on different prot...
Page 108
103 Î example 1 : create a higher priority rule to allow ip address 192.168.2.2 telnet access from lan port first, and deny telnet access from remaining ip addresses in the same subnet. Source destination rule ip/mask port ip/mask port in/out protocol listen action side 1 192.168.2.2/32 192.168.2.25...
Page 109
104 5.4.2 mac filter setup allows to create mac filter rules to allow or deny unicast or multicast packets from limited number of mac addresses. Important to note that mac filter rules have precedence over ip filter rules. Please click on advance -> mac filter setup and follow the below setting. Mac...
Page 110
105 5.4.3 parental control setup parental control allows you to block or allow specific kinds of internet usage and traffic, such as internet access, designated services, and websites. Please click on advance -> parental control and follow the below setting. Rules : control can be managed by a rule....
Page 111
106 if you want to block websites with specific url address or using specific keywords, enter each url or keywords in the “url blocking” field and click “add” button to add in the url blocking list of each rule. Click “remove” button can remove url or keywords. Î local port : specify local port(lan ...
Page 112
107 5.4.4 qos setup quality of service (qos) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without qos, all traffic data is equally likely to be dropped when the network is congested. This can cause a reduction...
Page 113
108 rules : use the rules to define the classifiers. After you define the rules, you can specify action to act upon the traffic that matches the rules Î comment : enter a descriptive name for this rule for identifying purposes. Î mac address : enter mac address in valid mac address format(xx:xx:xx:x...
Page 114
109 drop precedence class 1 class 2 class 3 class 4 low drop af11 af21 af31 af41 medium drop af12 af22 af32 af42 high drop af13 af23 af33 af43 Î protocol : select any or specify protocol(tcp, udp, icmp, application) from drop-down list. When you select icmp or layer 7 application, the local/ destina...
Page 115: 5.5 Resource Sharing
110 5.5 resource sharing 5.5.1 dmz dmz is commonly work with the nat functionality as an alternative of virtual server(port forwarding) while wanting all ports of dmz host visible to internet users. Virtual server rules have precedence over the dmz rule. In order to use a range of ports available to...
Page 116
111 5.5.2 virtual server (port forwarding) “virtual server” can also referred to as “port forward” as well and used interchangeably. Resources in the network can be exposed to the internet users in a controlled manner including on-line gaming, video conferencing or others via virtual server setup. D...
Page 117
112 while creating multiple virtual server rules, the prior rules have higher priority. The virtual server rules have precedence over the dmz one while both rules exist. Example 1 and 2 demonstrate proper usage of dmz and virtual server rules. Example 1 : all connections should be redirected to 192....
Page 118: 5.6 System Status
113 5.6 system status this section breaks down into subsections of system overview, station statistics, extra information and event log. 5.6.1 overview detailed information on system, wan information, lan information and dhcp server status can be reviewed via this page. System : display the informat...
Page 119
114 the wan port specified pppoe or pptp, and the connect and disconnect button will be show up. Click “connect” button to assigned ip address from pppoe or pptp server, “disconnect” button to release ip address of wan port. Î mode : supports static, dynamic, pppoe and pptp modes. Î reconnect mode :...
Page 120
115 Î ip address : ip addresses to lan devices by dhcp server. Î mac address : mac addresses of lan devices. Î expired in : shows how long the leased ip address will expire..
Page 121
116 5.6.2 station statistics link information, transmit and receive statistics for the connection with ap, below depicts an example for station statistics. Link status : Î status : shows the current link status. It should be “connected” or “disconnected”. Î essid : shows the current ssid, which must...
Page 122
117 Î frames fail to receive ack after all retries: the number of unsuccessfully transmitted frame with many retries. Î rts frames successfully receive cts: the number of successful received cts (clear to send) response after this apo1200/apo1215 sends out the rts (request to send) message. Î rts fr...
Page 123
118 5.6.3 extra info users could pull out information such as route table, arp table, mac table, bridge table or stp available in the drop- down list from system. The “refresh” button is used to retrieve latest table information. Netstat information : select “netstatus information” on the drop-down ...
Page 124
119 bridge table information : select “bridge table information” on the drop-down list to display bridge table. Bridge table will show bridge id and stp's status on the each ethernet bridge and its attached interfaces, the bridge port should be attached to some interfaces. Bridge mac information : s...
Page 125
120 5.6.4 qos plot the qos plot show graphs, which continuously represents the current data traffic on each qos rule. The chart scale and throughput dimension (bps, kbps, mbps) changes dynamically according to the mean throughput value. The statistics is updated automatically every 5 seconds. The th...
Page 126
121 5.6.5 event log the event log displays system events when system is up and running. Also, it becomes very useful as a troubleshooting tool when issues are experienced in system. Time : the date and time when the event occurred. Facility : it helps users to identify source of events such “system”...
Page 127
122 chapter 6. Cpe + ap mode configuration when cpe+ap mode is chosen, the system can be configured as a customer premises equipment (cpe). This section provides detailed explanation for users to configure in the cpe+ap mode with help of illustrations. In the cpe+ap mode, functions listed in the tab...
Page 128
123 6.1.2 configure wan setup there are three connection types for the wan port : static ip, dynamic ip, pppoe and pptp, please click on system -> wan and follow the below setting. In cpe mode, the wan port is the wireless interface. Mode : by default, it’s “static ip”. Check “static ip”, “dynamic i...
Page 129
124 9 user name : enter user name for pppoe connection 9 password : enter password for pppoe connection 9 reconnect mode : • always on – a connection to internet is always maintained. • on demand – a connection to internet is made as needed. When time server is enabled at the “on demand” mode, the “...
Page 130
125 when time server is enabled at the “on demand” mode, the “reconnect mode” will turn out “always on”. • manual – click the “connect” button on “wan information” in the overview page to connect to the internet. 9 idle time : time to last before disconnecting pppoe session when it is idle. Enter pr...
Page 131
126 6.1.3 configure ddns setup dynamic dns allows you to map domain name to dynamic ip address. Please click on system -> ddns setup and follow the below setting. Enabled: by default, it’s “disable”. The mapping domain name won’t change when dynamic ip changes. The beauty of it is no need to remembe...
Page 132
127 6.1.4 configure lan setup here are the instructions for how to setup the local ip address and netmask. Please click on system -> lan and follow the below setting. Lan ip : the administrator can manually setup the lan ip address. Î ip address : the ip address of the lan port; default ip address i...
Page 133
128 6.2 access point association 6.2.1 configure wireless general setting the administrator can change the data transmission, channel and output power settings for the system. Please click on wireless -> general setup and follow the below setting. Band mode : select an appropriate wireless band; ban...
Page 134
129 mcs : this parameter represents transmission rate. By default (auto) the fastest possible transmission rate will be selected. You have the option of selecting the speed if necessary. (refer to appendix c. Mcs data rate) mpdu enable : check enable button to activate this function, and disable to ...
Page 135
130 6.2.2 wireless advanced setup to achieve optimal wireless performance, it is necessary to tweak advance setting per requirements properly, not necessary higher the better or lower. The administrator can change the rts threshold and fragmentation threshold settings for the system. Please click on...
Page 136
131 ack timeout : ack timeout is in the range of 1~255 and set in unit of microsecond. The default value is 32 microsecond. All data transmission in 802.11b/g request an “acknowledgement” (ack) send by receiving radio. The transmitter will resend the original packet if correspondent ack failed to ar...
Page 137
132 fragment threshold : the fragment threshold is in the range of 256~2346 byte. The default is 2346 byte. Each wi-fi packet can be divided into smaller packets, marked with a sequential fragment number and re-assemble in the receiving ends. The purpose is to make a short frame, instead of long fra...
Page 138
133 when you enable wmm, the “tx burst” will be disabled automatically by system. Wmm parameters of access point : this affects traffic flowing from the access point to the client station queue data transmitted ap to clients priority description ac_bk background. Low high throughput. Bulk data that ...
Page 139
134 9 aifsn : the arbitration inter-frame spacing number specifies a wait time (in milliseconds) for data frames 9 cwmin : minimum contention window. This parameter is input to the algorithm that determines the initial random backoff wait time ("window") for retry of a transmission. The value specif...
Page 140
135 the upper limit (in milliseconds) for the doubling of the random backoff value. This doubling continues until either the data frame is sent or the maximum contention window size is reached. Once the maximum contention window size is reached, retries will continue until a maximum number of retrie...
Page 141
136 6.2.3 site survey use this tool to scan and locate wisp access points and select one to associate with. Please click on wireless -> site survey. Below depicts an example for site survey. Essid : available extend service set id of surrounding access points. Mac address : mac addresses of surround...
Page 142
137 6.2.4 create wireless profile the administrator can configure station profiles via this page. Please click on wireless -> wireless profile and follow the below setting. Mac address : the mac address of the wireless station is displayed here. Profile name : set different profiles for quick connec...
Page 143
138 Î wpa-psk (or wpa2-psk) : wpa (or wpa2) algorithms, allows the system accessing the network by using the wpa-psk protected access. 9 cipher suite : select the desired cipher suite from the drop-down list; the options are aes and tkip 9 pre-shared key : enter the information for pre-shared key; t...
Page 144
139 6.3 wireless lan network creation the network manager can configure related wireless settings, repeater ap setup, security settings, and mac filter settings . 6.3.1 repeater ap setup administrators can configure essid, ssid broadcasting, maximum number of client associations, security type setti...
Page 145
140 9 authentication method : enable the desire option among open, shared or wepauto. 9 key index : key index is used to designate the wep key during data transmission. 4 different wep keys can be entered at the same time, but only one is chosen. 9 wep key # : enter hex or ascii format wep key value...
Page 146
141 9 wpa general settings : • cipher suite : bydefault, it is aes. Select either aes or tkip cipher suites • group key update period : bydefault, it’s 3600 seconds. This time interval for rekeying gtk, broadcast/multicast encryption keys, in seconds. Entering the time-length is required. • pmk cach...
Page 147
142 Î wep 802.1x : when wep 802.1x authentication is enabled, please refer to the following dynamic wep and radius settings to complete configuration. 9 radius server settings : • ip address : enter the ip address of the authentication radius server. • port : by default, it’s 1812.The port number us...
Page 148
143 6.3.2 wireless mac filter setup continue 6.3.1 repeater ap setup section, the administrator can allow or reject clients to access repeater ap. Mac filter setup : by default, it’s “disable”. Optionsare disable, only deny list mac or only allow list mac. Two ways to set mac filter rules : Î only a...
Page 149: 6.4 System Management
144 6.4 system management 6.4.1 configure management administrator could specify geographical location of the system via instructions in this page. Administrator could also enter new root and admin passwords and allow multiple login methods. Please click system -> management and follow the below set...
Page 150
145 admin login methods : only root user can enable or disable system login methods and change services port. Î enable http : check to select http service. Î http port : thedefault is 80 and the range is between 1 ~ 65535. Î enable https : check to select https service Î https port : thedefault is 4...
Page 151
146 click save button to save your changes. Click reboot button to activate your changes without a valid certificate, users may encounter the following problem in ie7 when they try to access system's wmi ( https://192.168.2.254 ). There will be a “certificate error”, because the browser treats syste...
Page 152
147 6.4.2 configure system time system time can be configured via this page, and manual setting or via a ntp server is supported. Please click on system -> time server and follow the below setting. Local time : display the current system time. Ntp client : to synchronize the system time with ntp ser...
Page 153
148 6.4.3 configure upnp universal plug and play(upnp) is an architecture to enable pervasive peer-to-peer network connectivity between pcs, intelligent devices and appliances when upnp is supported. Upnp works on tcp/ip network to enable upnp devices to connect and access to each other, very well a...
Page 154
149 6.4.4 configure snmp setup snmp is an application-layer protocol that provides a message format for communication between snmp managers and agents. By enabling snmp function, the administrator can obtain the system information remotely. Please click on system -> snmp setup and follow the below s...
Page 155
150 Î community : set a community string required by the remote host computer that will receive trap messages or notices send by the system. Î ip : enter the ip addresses of the remote hosts to receive trap messages. Click save button to save changes and click reboot button to activate..
Page 156
151 6.4.5 backup / restore and reset to factory backup current configuration, restore prior configuration or reset back to factory default configuration can be executed via this page. Please click on utilities -> profile setting and follow the below setting. Save settings to pc : click save button t...
Page 157
152 6.4.6 firmware upgrade firmware is the main software image that system needs to respond to requests and to manage real time operations. Firmware upgrades are sometimes required to include new features or bugs fix. It takes around 2 minutes to upgrade due to complexity of firmware. To upgrade sys...
Page 158
153 6.4.7 network utility the administrator can diagnose network connectivity via the ping and traceroute utility. Please click on utilities -> network utility and follow the below setting ping : this utility will help ping other devices on the network to verify connectivity. Ping utility, using icm...
Page 159
154 6.4.8 reboot this function allows user to restart system with existing or most current settings when changes are made. Click reboot buttonto proceed and take around three minutes to complete. A reminder will be available for remaining time to complete. If power cycle is necessary, please wait ti...
Page 160: 6.5 Access Control List
155 6.5 access control list 6.5.1 ip filter setup allows to create deny or allow rules to filter ingress or egress packets from specific source and/or to destination ip address on wired (lan) or wireless (wan) ports. Filter rules could be used to filter unicast or multicast packets on different prot...
Page 161
156 Î example 1 : create a higher priority rule to allow ip address 192.168.2.2 telnet access from lan port first, and deny telnet access from remaining ip addresses in the same subnet. Source destination rule ip/mask port ip/mask port in/out protocol listen action side 1 192.168.2.2/32 192.168.2.25...
Page 162
157 6.5.2 mac filter setup create mac filter rules to allow or deny unicast or multicast packets from limited number of mac addresses. It is important to note that mac filter rules have precedence over ip filter rules. Please click on advance -> mac filter setup and follow the below setting. Mac fil...
Page 163
158 6.5.3 parental control setup parental control allows you to block or allow specific kinds of internet usage and traffic, such as internet access, designated services, and websites. Please click on advance -> parental control and follow the below setting. Rules : control can be managed by a rule....
Page 164
159 Î protocol : select any or specify protocol(tcp, udp, icmp, url blocking and application) from drop-down list. When you select icmp or layer 7 application , the local(lan)/ destination port can not used. If you want to block websites with specific url address or using specific keywords, enter ea...
Page 165
160 6.5.4 qos setup quality of service (qos) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without qos, all traffic data is equally likely to be dropped when the network is congested. This can cause a reduction...
Page 166
161 rules : use the rules to define the classifiers. After you define the rules, you can specify action to act upon the traffic that matches the rules Î comment : enter a descriptive name for this rule for identifying purposes. Î mac address : enter mac address in valid mac address format(xx:xx:xx:x...
Page 167
162 drop precedence class 1 class 2 class 3 class 4 low drop af11 af21 af31 af41 medium drop af12 af22 af32 af42 high drop af13 af23 af33 af43 Î protocol : select any or specify protocol from drop-down list. When you select icmp or layer 7 application , the source/ destination port can not used. Î l...
Page 168: 6.6 Resource Sharing
163 6.6 resource sharing 6.6.1 dmz dmz is commonly work with the nat functionality as an alternative of virtual server(port forwarding) while wanting all ports of dmz host visible to internet users. Virtual server rules have precedence over the dmz rule. In order to use a range of ports available to...
Page 169
164 6.6.2 virtual server (port forwarding) “virtual server” can also referred to as “port forward” as well and used interchangeably. Resources in the network can be exposed to the internet users in a controlled manner including on-line gaming, video conferencing or others via virtual server setup. D...
Page 170
165 click “add” button to add virtual server rule to list. Total of maximum 20 rules are allowed in this list. All rules can be edited or removed from the list. Click reboot button to activate your changes. While creating multiple virtual server rules, the prior rules have higher priority. The virtu...
Page 171: 6.7 System Status
166 6.7 system status this section breaks down into subsections of system overview, associated clients status, remote ap, extra information and event log. 6.7.1 overview detailed information on system, wan information, lan information, wireless information and dhcp server status can be reviewed via ...
Page 172
167 the wan port specified pppoe or pptp, and the connect and disconnect button will be show up. Click “connect” button to assigned ip address from pppoe or pptp server, “disconnect” button to release ip address of wan port. Î mode : supports static, dynamic, pppoe and pptp modes. Î reconnect mode :...
Page 173
168 wireless information : display the detailed receive and transmit statistics of wireless interface. Î ap mac address : the mac address of the repeater ap. Î station mac address : the mac address of the wireless client station. Î channel : the current channel on the wireless port. Î ap rate : the ...
Page 174
169 6.7.2 associated clients status it displays essid, on/off status, security type, total number of wireless clients associated with repeater ap. Ap information : highlights key repeater ap information. Î ap : available repeater ap. Î essid : display name of essid for repeater ap. Î mac address : d...
Page 175
170 6.7.3 remote ap ssid, mac address, antenna 0/1 received signal strength and channel bandwidth for associated ap are available. Essid : shows the current essid, which must be the same on the wireless client and ap in order for communication to be established. Mac address : display mac address of ...
Page 176
171 6.7.4 extra info users could pull out information such as route table, arp table, mac table, bridge table or stp available in the drop- down list from system. The “refresh” button is used to retrieve latest table information. Netstat information : select “netstatus information” on the drop-down ...
Page 177
172 bridge mac information : select “bridge macs information” on the drop-down list to display mac table. This table displays local mac addresses associated with wired or wireless interfaces, but also remember non-local mac addresses learned from wired or wireless interfaces. Ageing timers will be r...
Page 178
173 6.7.5 qos plot the qos plot show graphs which continuously represents the current data traffic on each qos rule. The chart scale and throughput dimension (bps, kbps, mbps) changes dynamically according to the mean throughput value. The statistics is updated automatically every 5 seconds. The thr...
Page 179
174 6.7.6 event log the event log displays system events when system is up and running. Also, it becomes very useful as a troubleshooting tool when issues are experienced in system. Time : the date and time when the event occurred. Facility : it helps users to identify source of events such “system”...
Page 180: Configuration
175 chapter 7. Client bridge + universal repeater configuration when client bridge+universal repeater mode is activated, the system can be configured as an access point and client station simultaneously. This section provides information in configuring the client bridge+universal repeater mode with ...
Page 181
176 7.1.2 configure lan ip here are the instructions for how to setup the local ip address and netmask. Please click on system -> lan and follow the below setting. Mode : check either “static ip” or “dynamic ip” button as desired to set up the system ip of lan port . Î static ip : the administrator ...
Page 182
177 Î dhcp : check enable button to activate this function or disable to deactivate this service. Î start ip / end ip: specify the range of ip addresses to be used by the dhcp server when assigning ip address to clients. The default range ip address is 192.168.2.10 to 192.168.2.70, the netmask is 25...
Page 183
178 7.2 access point association 7.2.1 configure wireless general setting the administrator can change the data transmission, channel and output power settings for the system. Please click on wireless -> general setup and follow the below setting. Band mode : select an appropriate wireless band; ban...
Page 184
179 mcs : this parameter represents transmission rate. By default (auto) the fastest possible transmission rate will be selected. You have the option of selecting the speed if necessary. (refer to appendix c. Mcs data rate) mpdu enable : check enable button to activate this function, and disable to ...
Page 185
180 7.2.2 wireless advanced setup to achieve optimal wireless performance, it is necessary to tweak advance setting per requirements properly, not necessary higher the better or lower. The administrator can change the rts threshold and fragmentation threshold settings for the system. Please click on...
Page 186
181 ack timeout : ack timeout is in the range of 1~255 and set in unit of microsecond. The default value is 32 microsecond. All data transmission in 802.11b/g request an “acknowledgement” (ack) send by receiving radio. The transmitter will resend the original packet if correspondent ack failed to ar...
Page 187
182 fragment threshold : the fragment threshold is in the range of 256~2346 byte. The default is 2346 byte. Each wi-fi packet can be divided into smaller packets, marked with a sequential fragment number and re-assemble in the receiving ends. The purpose is to make a short frame, instead of long fra...
Page 188
183 when you enable wmm, the “tx burst” will be disabled automatically by system. Wmm parameters of access point : this affects traffic flowing from the access point to the client station queue data transmitted ap to clients priority description ac_bk background. Low high throughput. Bulk data that ...
Page 189
184 9 aifsn : the arbitration inter-frame spacing number specifies a wait time (in milliseconds) for data frames 9 cwmin : minimum contention window. This parameter is input to the algorithm that determines the initial random backoff wait time ("window") for retry of a transmission. The value specif...
Page 190
185 the upper limit (in milliseconds) for the doubling of the random backoff value. This doubling continues until either the data frame is sent or the maximum contention window size is reached. Once the maximum contention window size is reached, retries will continue until a maximum number of retrie...
Page 191
186 7.2.3 site survey use this tool to scan and locate wisp access points and select one to associate with. Please click on wireless -> site survey. Below depicts an example for site survey. Essid : available extend service set id of surrounding access points. Mac address : mac addresses of surround...
Page 192
187 7.2.4 create wireless profile the administrator can configure station profiles via this page. Please click on wireless -> wireless profile and follow the below setting. Mac address : the mac address of the wireless station is displayed here. Profile name : set different profiles for quick connec...
Page 193
188 Î wpa-psk (or wpa2-psk) : wpa (or wpa2) algorithms, allows the system accessing the network by using the wpa-psk protected access. 9 cipher suite : select the desired cipher suite from the drop-down list; the options are aes and tkip 9 pre-shared key : enter the information for pre-shared key; t...
Page 194
189 7.3 wireless lan network creation the network manager can configure related wireless settings, repeater ap setup, security settings, and mac filter settings . 7.3.1 repeater ap setup administrators can configure essid, ssid broadcasting, maximum number of client associations, security type setti...
Page 195
190 9 authentication method : enable the desire option among open, shared or wepauto. 9 key index : key index is used to designate the wep key during data transmission. 4 different wep keys can be entered at the same time, but only one is chosen. 9 wep key # : enter hex or ascii format wep key value...
Page 196
191 9 wpa general settings : • cipher suite : bydefault, it is aes. Select either aes or tkip cipher suites • group key update period : bydefault, it’s 3600 seconds. This time interval for rekeying gtk, broadcast/multicast encryption keys, in seconds. Entering the time-length is required. • pmk cach...
Page 197
192 Î wep 802.1x : when wep 802.1x authentication is enabled, please refer to the following dynamic wep and radius settings to complete configuration. 9 radius server settings : • ip address : enter the ip address of the authentication radius server. • port : by default, it’s 1812.The port number us...
Page 198
193 7.3.2 wireless mac filter setup continue 7.3.1 repeater ap setup section, the administrator can allow or reject clients to access repeater ap. Mac filter setup : by default, it’s “disable”. Optionsare disable, only deny list mac or only allow list mac. Two ways to set mac filter rules : Î only a...
Page 199: 7.4 System Management
194 7.4 system management 7.4.1 configure management administrator could specify geographical location of the system via instructions in this page. Administrator could also enter new root and admin passwords and allow multiple login methods. Please click system -> management and follow the below set...
Page 200
195 admin login methods : only root user can enable or disable system login methods and change services port. Î enable http : check to select http service. Î http port : thedefault is 80 and the range is between 1 ~ 65535. Î enable https : check to select https service Î https port : thedefault is 4...
Page 201
196 click save button to save your changes. Click reboot button to activate your changes without a valid certificate, users may encounter the following problem in ie7 when they try to access system's wmi ( https://192.168.2.254 ). There will be a “certificate error”, because the browser treats syste...
Page 202
197 7.4.2 configure system time system time can be configured via this page, and manual setting or via a ntp server is supported. Please click on system -> time server and follow the below setting. Local time : display the current system time. Ntp client : to synchronize the system time with ntp ser...
Page 203
198 7.4.3 configure snmp setup snmp is an application-layer protocol that provides a message format for communication between snmp manager and agent. By enabling snmp function, the administrator can obtain the system information remotely. Please click on system -> snmp setup and follow the below set...
Page 204
199 Î community : set a community string required by the remote host computer that will receive trap messages or notices send by the system. Î ip : enter the ip addresses of the remote hosts to receive trap messages. Click save button to save changes and click reboot button to activate..
Page 205
200 7.4.4 backup / restore and reset to factory backup current configuration, restore prior configuration or reset back to factory default configuration can be executed via this page. Please click on utilities -> profile setting and follow the below setting. Save settings to pc : click save button t...
Page 206
201 7.4.5 firmware upgrade firmware is the main software image that system needs to respond to requests and to manage real time operations. Firmware upgrades are sometimes required to include new features or bugs fix. It takes around 2 minutes to upgrade due to complexity of firmware. To upgrade sys...
Page 207
202 7.4.6 network utility the administrator can diagnose network connectivity via the ping utility. Please click on utilities -> network utility and follow the below setting. Ping : this utility will help ping other devices on the network to verify connectivity. Ping utility, using icmp packets, det...
Page 208
203 7.4.7 reboot this function allows user to restart system with existing or most current settings when changes are made. Click reboot buttonto proceed and take around three minutes to complete. A reminder will be available for remaining time to complete. If power cycle is necessary, please wait ti...
Page 209: 7.5 System Status
204 7.5 system status this section breaks down into subsections of system overview, associated clients status, remote ap, extra information and event log. 7.5.1 system overview display detailed information of system, network, lan and wireless in the system overview page. System : display the informa...
Page 210
205 lan information : display the detailed receive and transmit statistics of lan interface. Î mac address : the mac address of the lan port. Î receive bytes : the total received packets in bytes on the lan port. Î receive packets : the total received packets of the lan port. Î transmit bytes : the ...
Page 211
206 dhcp server status : users could retrieve dhcp server and dhcp clients’ ip/mac address via this field. Î ip address : ip addresses to lan devices by dhcp server. Î mac address : mac addresses of lan devices. Î expired in : shows how long the leased ip address will expire..
Page 212
207 7.5.2 associated clients status it displays essid, on/off status, security type, total number of wireless clients associated with repeater ap. Ap information : highlights key repeater ap information. Î ap : available repeater ap. Î essid : display name of essid for repeater ap. Î mac address : d...
Page 213
208 7.5.3 remote ap ssid, mac address, antenna 0/1 received signal strength and channel bandwidth for associated ap are available. Essid : shows the current essid, which must be the same on the wireless client and ap in order for communication to be established. Mac address : display mac address of ...
Page 214
209 7.5.4 extra information users could pull out information such as route table, arp table, mac table, bridge table or stp available in the drop- down list from system. The “refresh” button is used to retrieve latest table information. Route table information : select “route table information” on t...
Page 215
210 pruned from the table. In that situation, switching packet to that particular mac address will be discontinued. Bridge stp information : select “bridge stp information” on the drop-down list to display a list of bridge stp information..
Page 216
211 7.5.5 event log the event log displays system events when system is up and running. Also, it becomes very useful as a troubleshooting tool when issues are experienced in system. Time : the date and time when the event occurred. Facility : it helps users to identify source of events such “system”...
Page 217
212 chapter 8. Router ap mode configuration when router ap mode is chosen, the system can be configured as a router with access point and wds function. This section provides detailed explanation for users to configure in the router ap mode with help of illustrations. In the router ap mode, functions...
Page 218
213 8.1.2 configure wan setup there are three connection types for the wan port : static ip, dynamic ip, pppoe and pptp. Please click on system -> wan and follow the below setting. In router ap mode, the wan port is the wired interface. Mode : by default, it’s “static ip”. Check “static ip”, “dynami...
Page 219
214 9 user name : enter user name for pppoe connection 9 password : enter password for pppoe connection 9 reconnect mode : • always on – a connection to internet is always maintained. • on demand – a connection to internet is made as needed. When time server is enabled at the “on demand” mode, the “...
Page 220
215 when time server is enabled at the “on demand” mode, the “reconnect mode” will turn out “always on”. • manual – click the “connect” button on “wan information” in the overview page to connect to the internet. 9 idle time : time to last before disconnecting pppoe session when it is idle. Enter pr...
Page 221
216 8.1.3 configure ddns setup dynamic dns allows you to map domain name to dynamic ip address. Please click on system -> ddns setup and follow the below setting. Enabled: by default, it’s “disable”. The mapping domain name won’t change when dynamic ip changes. The beauty of it is no need to remembe...
Page 222
217 8.1.4 configure lan setup here are the instructions for how to setup the local ip address and netmask. Please click on system -> lan and follow the below setting. Lan ip : the administrator can manually setup the lan ip address. Î ip address : the ip address of the lan port; default ip address i...
Page 223
218 8.2 wireless lan network creation the network manager can configure related wireless settings, general settings, advanced settings, virtual ap(vap) setting, security settings, and mac filter settings. 8.2.1 wireless general setup the administrator can change the data transmission, channel and ou...
Page 224
219 ht txstream /rxstream : by default, it's 2. Operating mode : by default, it's mixed mode. Î mixed mode : in this mode packets are transmitted with a preamble compatible with the legacy 802.11a/g, the rest of the packet has a new format. In this mode the receiver shall be able to decode both the ...
Page 225
220 8.2.2 wireless advanced setup to achieve optimal wireless performance, it is necessary to tweak advance setting per requirements properly, not necessary higher the better or lower. The administrator can change the rts threshold and fragmentation threshold settings for the system. Please click on...
Page 226
221 ack timeout : ack timeout is in the range of 1~255 and set in unit of microsecond. The default value is 32 microsecond. All data transmission in 802.11b/g request an “acknowledgement” (ack) send by receiving radio. The transmitter will resend the original packet if correspondent ack failed to ar...
Page 227
222 fragment threshold : the fragment threshold is in the range of 256~2346 byte. The default is 2346 byte. Each wi-fi packet can be divided into smaller packets, marked with a sequential fragment number and re-assemble in the receiving ends. The purpose is to make a short frame, instead of long fra...
Page 228
223 when you enable wmm, the “tx burst” will be disabled automatically by system. Î wmm parameters of access point : this affects traffic flowing from the access point to the client station queue data transmitted ap to clients priority description ac_bk background. Low high throughput. Bulk data tha...
Page 229
224 9 aifsn : the arbitration inter-frame spacing number specifies a wait time (in milliseconds) for data frames 9 cwmin : minimum contention window. This parameter is input to the algorithm that determines the initial random backoff wait time ("window") for retry of a transmission. The value specif...
Page 230
225 the upper limit (in milliseconds) for the doubling of the random backoff value. This doubling continues until either the data frame is sent or the maximum contention window size is reached. Once the maximum contention window size is reached, retries will continue until a maximum number of retrie...
Page 231
226 8.2.3 create virtual ap (vap) the apo1200/apo1215 support broadcasting multiple ssids, allowing the creation of virtual access points, partitioning a single physical access point into 7 logical access points, each of which can have a different set of security and network settings. Figure 8-2 sho...
Page 232
227 8.2.3.2 virtual ap setup for each virtual ap, administrators can configure ssid, ssid broadcasting, maximum number of client associations, security type settings. Click edit button on the edit column, and then a virtual ap setup page appears. Enable ap : by default, it’s “disable” for vap1 ~ vap...
Page 233
228 in this mode, the system does not support vlan tag(id) function. Security type : select the desired security type from the drop-down list; the options are disable, wep, wpa-psk, wpa2-psk , wpa-enterprise, wpa2-enterprise and wep 802.1x. Î disable : data are unencrypted during transmission when t...
Page 234
229 Î wpa-enterprise (or wpa2-enterprise): the radius authentication and encryption will be both enabled if this is selected. 9 wpa general settings : • cipher suite : bydefault, it is aes. Select either aes or tkip cipher suites • group key update period : bydefault, it’s 3600 seconds. This time in...
Page 235
230 Î wep 802.1x : when wep 802.1x authentication is enabled, please refer to the following dynamic wep and radius settings to complete configuration. 9 radius server settings : • ip address : enter the ip address of the authentication radius server. • port : by default, it’s 1812.The port number us...
Page 236
231 8.2.4 wireless mac filter setup continue 8.2.3.2 virtual ap setup section. For each virtual ap setting, the administrator can allow or reject clients to access each virtual ap. Mac filter setup : by default, it’s “disable”. Optionsare disable, only deny list mac or only allow list mac. Two ways ...
Page 237
232 8.3 wireless network expansion the administrator could create wds links to expand wireless network. When wds is enabled, access point functions as a wireless bridge and is able to communicate with other access points via wds links. A wds link is bidirectional and both side must support wds. Acce...
Page 238: 8.4 System Management
233 8.4 system management 8.4.1 configure management administrator could specify geographical location of the system via instructions in this page. Administrator could also enter new root and admin passwords and allow multiple login methods. Please click system -> management and follow the below set...
Page 239
234 admin login methods : only root user can enable or disable system login methods and change services port. Î enable http : check to select http service. Î http port : thedefault is 80 and the range is between 1 ~ 65535. Î enable https : check to select https service Î https port : thedefault is 4...
Page 240
235 click save button to save your changes. Click reboot button to activate your changes without a valid certificate, users may encounter the following problem in ie7 when they try to access system's wmi ( https://192.168.2.254 ). There will be a “certificate error”, because the browser treats syste...
Page 241
236 8.4.2 configure system time system time can be configured via this page, and manual setting or via a ntp server is supported. Please click on system -> time server and follow the below setting. Local time : display the current system time. Ntp client : to synchronize the system time with ntp ser...
Page 242
237 8.4.3 configure upnp universal plug and play(upnp) is an architecture to enable pervasive peer-to-peer network connectivity between pcs, intelligent devices and appliances when upnp is supported. Upnp works on tcp/ip network to enable upnp devices to connect and access to each other, very well a...
Page 243
238 8.4.4 configure snmp setup snmp is an application-layer protocol that provides a message format for communication between snmp managers and agents. By enabling snmp function, the administrator can obtain the system information remotely. Please click on system -> snmp setup and follow the below s...
Page 244
239 Î community : set a community string required by the remote host computer that will receive trap messages or notices send by the system. Î ip : enter the ip addresses of the remote hosts to receive trap messages. Click save button to save changes and click reboot button to activate..
Page 245
240 8.4.5 backup / restore and reset to factory backup current configuration, restore prior configuration or reset back to factory default configuration can be executed via this page. Please click on utilities -> profile setting and follow the below setting. Save settings to pc : click save button t...
Page 246
241 8.4.6 firmware upgrade firmware is the main software image that system needs to respond to requests and to manage real time operations. Firmware upgrades are sometimes required to include new features or bugs fix. It takes around 2 minutes to upgrade due to complexity of firmware. To upgrade sys...
Page 247
242 8.4.7 network utility the administrator can diagnose network connectivity via the ping and traceroute utility. Please click on utilities -> network utility and follow the below setting ping : this utility will help ping other devices on the network to verify connectivity. Ping utility, using icm...
Page 248
243 8.4.8 reboot this function allows user to restart system with existing or most current settings when changes are made. Click reboot buttonto proceed and take around three minutes to complete. A reminder will be available for remaining time to complete. If power cycle is necessary, please wait ti...
Page 249: 8.5 Access Control List
244 8.5 access control list 8.5.1 ip filter setup allows to create deny or allow rules to filter ingress or egress packets from specific source and/or to destination ip address on wired (lan) or wireless (wan) ports. Filter rules could be used to filter unicast or multicast packets on different prot...
Page 250
245 Î example 1 : create a higher priority rule to allow ip address 192.168.2.2 telnet access from lan port first, and deny telnet access from remaining ip addresses in the same subnet. Source destination rule ip/mask port ip/mask port in/out protocol listen action side 1 192.168.2.2/32 192.168.2.25...
Page 251
246 8.5.2 mac filter setup create mac filter rules to allow or deny unicast or multicast packets from limited number of mac addresses. It is important to note that mac filter rules have precedence over ip filter rules. Please click on advance -> mac filter setup and follow the below setting. Mac fil...
Page 252
247 8.5.3 parental control setup parental control allows you to block or allow specific kinds of internet usage and traffic, such as internet access, designated services, and websites. Please click on advance -> parental control and follow the below setting. Rules : control can be managed by a rule....
Page 253
248 Î protocol : select any or specify protocol(tcp, udp, icmp, url blocking and application) from drop-down list. When you select icmp or layer 7 application , the local(lan)/ destination port can not used. If you want to block websites with specific url address or using specific keywords, enter ea...
Page 254
249 8.5.4 qos setup quality of service (qos) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without qos, all traffic data is equally likely to be dropped when the network is congested. This can cause a reduction...
Page 255
250 rules : use the rules to define the classifiers. After you define the rules, you can specify action to act upon the traffic that matches the rules Î comment : enter a descriptive name for this rule for identifying purposes. Î mac address : enter mac address in valid mac address format(xx:xx:xx:x...
Page 256
251 drop precedence class 1 class 2 class 3 class 4 low drop af11 af21 af31 af41 medium drop af12 af22 af32 af42 high drop af13 af23 af33 af43 Î protocol : select any or specify protocol from drop-down list. When you select icmp or layer 7 application , the source/ destination port can not used. Î l...
Page 257: 8.6 Resource Sharing
252 8.6 resource sharing 8.6.1 dmz dmz is commonly work with the nat functionality as an alternative of virtual server(port forwarding) while wanting all ports of dmz host visible to internet users. Virtual server rules have precedence over the dmz rule. In order to use a range of ports available to...
Page 258
253 8.6.2 virtual server (port forwarding) “virtual server” can also referred to as “port forward” as well and used interchangeably. Resources in the network can be exposed to the internet users in a controlled manner including on-line gaming, video conferencing or others via virtual server setup. D...
Page 259
254 click “add” button to add virtual server rule to list. Total of maximum 20 rules are allowed in this list. All rules can be edited or removed from the list. Click reboot button to activate your changes. While creating multiple virtual server rules, the prior rules have higher priority. The virtu...
Page 260: 8.7 System Status
255 8.7 system status this section breaks down into subsections of system overview, associated clients status, wds link status, extra information and event log. 8.7.1 overview detailed information on system, wan information, lan information, wireless information and dhcp server status can be reviewe...
Page 261
256 the wan port specified pppoe or pptp, and the connect and disconnect button will be show up. Click “connect” button to assigned ip address from pppoe or pptp server, “disconnect” button to release ip address of wan port. Î mode : supports static, dynamic, pppoe and pptp modes. Î reconnect mode :...
Page 262
257 wireless information : display the detailed receive and transmit statistics of wireless interface. Î mac address : the mac address of the wireless port. Î channel : the current channel on the wireless port. Î rate : the current bit rate on the wireless port. Î receive bytes : the total received ...
Page 263
258 8.7.2 associated clients status it displays essid, on/off status, security type, total number of wireless clients associated with all virtual ap. Vap information : highlights key vap information. Î vap : available vap from primary ap to vap6. Î essid : display name of essid for each vap. Î mac a...
Page 264
259 8.7.3 show wds link status peers mac address, antenna 0/1 received signal strength, phy mode and channel bandwidth for each wds are available. Mac address : display mac address of wds peer. Signal strength ant0/ant1 : indicate the signal strength of the respective wds links. Phy mode : indicate ...
Page 265
260 8.7.4 extra info users could pull out information such as route table, arp table, mac table, bridge table or stp available in the drop- down list from system. The “refresh” button is used to retrieve latest table information. Netstat information : select “netstatus information” on the drop-down ...
Page 266
261 bridge mac information : select “bridge macs information” on the drop-down list to display mac table. This table displays local mac addresses associated with wired or wireless interfaces, but also remember non-local mac addresses learned from wired or wireless interfaces. Ageing timers will be r...
Page 267
262 8.7.5 qos plot the qos plot show graphs which continuously represents the current data traffic on each qos rule. The chart scale and throughput dimension (bps, kbps, mbps) changes dynamically according to the mean throughput value. The statistics is updated automatically every 5 seconds. The thr...
Page 268
263 8.7.6 event log the event log displays system events when system is up and running. Also, it becomes very useful as a troubleshooting tool when issues are experienced in system. Time : the date and time when the event occurred. Facility : it helps users to identify source of events such “system”...
Page 269
264 appendix a. Windows tcp/ip settings windows xp 1. Click start -> settings -> control panel , and then “control panel” window appears. Click on “network connections ”, and then “network connections” window appears. 2. Click right on “local area connection”, and select properties..
Page 270
265 3. In “local area connection properties” window, select “internet protocol (tcp/ip)” and click on properties button. 4. Select “use the following ip address”, and type in ip address : 192.168.2.100 subnet mask : 255.255.255.0
Page 271
266 appendix b. Web gui valid characters table b web gui valid characters block field valid characters ip address ip format; 1-254 ip netmask 128.0.0.0 ~ 255.255.255.252 ip gateway ip format; 1-254 primary dns ip format; 1-254 secondary dns ip format; 1-254 lan hostname length : 32 0-9, a-z, a-z ~ !...
Page 274
269 appendix c. Mcs data rate the table below shows the relationships between the variables that allow for the maximum data rate table c mcs data rate data rate (mb/s) channel bandwidth = 20 channel bandwidth = 40 mcs index modulation long guard interval short guard interval long guard interval shor...
Page 275
270 appendix d. System manager privileges there are two system management accounts for maintaining the system; namely, the root and admin accounts are with different levels of privileges. The root manager account is empowered with full privilege to read & write while the admin manager account is rea...
Page 276
271 appendix e. Enabling upnp in windows xp 1. Open the “add/remove programs” control panel, and then click on “add/remove windows components” in the sidebar. Scroll down and find “networking services”, highlight it, and then click details. 2. In the “networking services” window, ensure that the “in...
Page 277
272 discovery services , and choose start from the pop-up menu. The ssdp discovery service will then be running and start each time you boot. 4. After enabling upnp and starting the ssdp discovery service, it may take few minutes for the “air force one 5” to be discovered and appear in your “my netw...
Page 278: Technical Support
273 technical support e-mail: support@airlink101.Com toll free: 1-888-746-3238 web site: www.Airlink101.Com *theoretical maximum wireless signal rate derived from ieee standard 802.11 specifications. Actual data throughput will vary. Network conditions and environmental factors, including volume of ...