Lantech IWP-2000-68 User manual

Manual is about: 802.11a/b/g Dual Radio Outdoor Multi-Function Wireless Access Point

Page of 235

Download

Print this page

Bookmark us

Lantech

IWP-2000-68

802.11a/b/g Dual Radio Outdoor Multi-Function

Wireless Access Point

User’s Manual

1 2 3 4 5 6 7 Next › »

Summary of IWP-2000-68

Page 1
Lantech iwp-2000-68 802.11a/b/g dual radio outdoor multi-function wireless access point user’s manual.
Page 2: Iwp-2000-68
Ii iwp-2000-68 user’s manual release 1.0
Page 3: Table Of Contents
Iii table of contents caution .................................................................................................Vi 1. Introduction .......................................................................... 2 1-1. Overview of iwp-2000-68 ...................................................
Page 4
Iv 3.5.6 snmp .................................................................................. 100 3.5.7 tools .................................................................................. 105 3.5.8 log out ............................................................................... 105 3....
Page 5: Revision History
V revision history release date revision 1.0 12/31/2010 a1.
Page 6
Vi caution circuit devices are sensitive to static electricity, which can damage their delicate electronics. Dry weather conditions or walking across a carpeted floor may cause you to acquire a static electrical charge. To protect your device, always: touch the metal chassis of your computer to grou...
Page 7
1 about this user’s manual in this user’s manual, it will not only tell you how to install and connect your network system but configure and monitor the iwp-2000-68 through the built-in web ui step-by-step. Many explanations in details of hardware and software functions are shown as well as the exam...
Page 8: 1. Introduction
2 1. Introduction 1-1. Overview of iwp-2000-68 the iwp-2000-68 is a 802.11a/b/g dual radio outdoor multi-function wireless access point with power over ethernet (poe) supported. The iwp-2000-68 also operates as multi-function wireless system that includes mesh, point-to-point/point-to-multipoint bri...
Page 9
3 1-2. Specification general data rates 802.11b: 1, 2, 5.5, 11mbps 802.11g: 6,9,12,18,24,36,48,54 mbps 802.11a: 6,9,12,18,24,36,48,54 mbps standards ieee802.11 a/b/g, ieee802.1x, ieee802.3, ieee802.3u,i eee802.3af power requirements active ethernet (power over ethernet) 48 vdc/1a external power unit...
Page 10
4 ssid multiple ssid interface two 10/100mbps rj‐ 45 lan ports security • ieee802.1x / radius client (ttls, peap) support in ap mode • iee802.1x supplicant (ttls, peap) support in client bridge mode • wpa-wifi protected access • wpa2 (802.11i) • wep 64,128 bits • ip address filtering • mac address f...
Page 11
5 1-3. Package contents make sure that you have following items: 1. 1 x iwp-2000-68 outdoor wireless access point unit 2. 1 x power cord 3. 1 x 100~240vac, 50~60hz ac to 48v/1a power supply 4. 1 x grounding wire 1.8m 5. 1 x rj-45 cat-5 cross-over ethernet cable 1.8m 6. 1 x rj-45 cat-5 ethernet cable...
Page 12: 2. Installation
6 2. Installation 2-1. Full view of iwp-2000-68 interface on the iwp-2000-68 unit: eth1: for connecting the rj-45 cat-5 ethernet cable to receiving the power and for user to configure the access point. Eth0: for connecting and provide power to other device, such as ipcam. By default it is disabled. ...
Page 13
7 2-2. Full view of poe injector interface on the inline power injector: data input port 3: for connecting cross-over ethernet cable to pc or straight ethernet cable to hub, switch or router. Ac input port 4: 100/240v ac power input. Power & data output port 5: for connecting an ethernet cable to th...
Page 14
8 figure 2-2 2-4. System requirements installation of the iwp-2000-68 outdoor wireless unit requires the following: 1. A pc with 10/100/1000 ethernet port and web browser (e.G. Internet explore or firefox). 2. Rj-45 ethernet cable connected to the ethernet network. 3. An ac power outlet (100~240v, 5...
Page 15
9 ethernet cabling is much cheaper than antenna cabling. 2.4.2 preparing installation before installing iwp-2000-68 for outdoor application or hard-to-reach location, we recommend configure and test all the devices first. For configuring the iwp-2000-68, please follow the quick steps below to power ...
Page 16
10 3. Operation of web-based management 3.1 basic configuration this chapter instructs user how to configure and manage the iwp-2000-68 through the web user interface. The default values of the ap are listed in the table below: ip address 192.168.1.1 subnet mask 255.255.255.0 gateway address 192.168...
Page 17
11 figure 3-1 step3: enter ‘admin’in the username and password fields, and click to enter the web configuration page as shown in figure 3-2. This page includes all basic configurations for the access point. The items are list in left hand side of the menu. Figure 3-2 3.2 ap-bridge mode the default o...
Page 18
12 ● bridge status ● wifi status ● log ● system time ● reboot ▽ lan ● bridge lan settings ▽ wireless ● wifi ath0 setting ● wifi ath1 setting ● wifi ath2 setting ● wifi ath3 setting ● wifi ath4 setting ● wifi ath5 setting ● wifi ath6 setting ● wifi ath7 setting ▽ filter ● mac filtering ▽ snmp ● basic...
Page 19
13 figure 3-2-1 3.2.1.1 administrator by selecting the item of administrator under system, user will see the screen shown in figure 3-2-2. These settings allow user to configure the device name, language, model, password, remote management and wifi loading warning threshold. Device name this is a ho...
Page 20
14 figure 3-2-2 password settings if user wants to change the password for admin account, the user should enter the current password, a new password and, re-type the new password. The idle time out is the amount of time of inactivity allowed before user proceeds next action. The user needs to re-log...
Page 21
15 figure 3-2-3 using tftp on any computer in the network or a compute direct connect to the ap. Install a tftp server utility, and put the firmware file named ‘upgradefw.Tar’ in a folder. Run tftp server utility and specify the folder in which the firmware file located. Enter the tftp server ip and...
Page 22
16 figure 3-2-4 restore factory default configuration: to reset configuration settings to the factory default values, just click on button beside ‘restore factory default configuration’. Figure 3-2-5 then click on button on next page, now the system will reset to factory default value. Figure 3-2-6 ...
Page 23
17 figure 3-2-8 remote backup settings/restore settings user can also backup/restore the configuration of this device remotely. Click on button beside ‘local backup settings/restore settings’, figure 3-2-9 enter the necessary setting in next page, then click on to server> or to start the process. Fi...
Page 24
18 figure 3-2-11 3.2.1.5 power control/status in this page user can enable the poe power forwarding function for eth0 port..
Page 25
19 figure 3-2-12 3.2.1.6 bridge status in this page user could see the bridge interfaces information of this device, such as interface information, stp status, mac address information etc. Figure 3-2-13 3.2.1.7 wifi status in this page user could see the wifi information of this device, such as: int...
Page 26
20 figure 3-2-14 3.2.1.8 log in this page user could see the system logs record of this device. Figure 3-2-15 3.2.1.9 system time select setting type setting by: user can set system time in two ways. One is manual setting, the other one is synchronize with an internet time server. Manual setting use...
Page 27
21 figure 3-2-16 3.2.1.10 reboot user can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the button and click on on pop-up sc...
Page 28
22 lowest priority will be elected 'root bridge' hello time: set the bridge's 'bridge hello time' value (seconds). Forwarding delay: set the bridge's 'bridge forward delay' value (seconds). Max age: set the bridge's 'maximum message age' value (seconds) port cost: set the port cost of the port. Port...
Page 29
23 3.2.3 wireless user can configure the wireless related settings in this page. Figure 3-2-19 3.2.3.1 wifi ath0~7 setting general radio power: turn this interface on or off wireless mode: select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g an...
Page 30
24 number between 1 and 255 to specify. Fragment threshold: it is the maximum frame size that wireless device can transmit without fragmenting the frame. Enter a value between 256 and 2346 to specify the fragment threshold. Rts/cts threshold: packets larger than the value are transmitted by the rts/...
Page 31
25 select key: check the radio box in front of the key that user would like to use for this ap. Figure 3-2-22 wpa-personal: the method of authentication is similar to wep, user can define a ‘pre-shared key’, once the key is confirmed and satisfied on both the client and access point, then access is ...
Page 32
26 qos wmm: enable/disable wmm support. Max associated station: maximum number of stations allowed in station table. Common parameters: cwmin: minimum contention window. The valid values for ‘cwmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095. The value for ‘cwmin’ must be lower than...
Page 33
27 wireless medium (wm). This value specifies (in milliseconds) the transmission opportunity (txop) for client station; that is, the interval of time when the wmm ap has the right to initiate transmissions on the wireless network. Acm: admission control mandatory. Figure 3-2-25 3.2.4 filtering the m...
Page 34
28 figure 3-2-26 3.2.5 snmp the iwp-2000-68 support snmp v1/v2c/v3, this page is for defines the snmp access control and snmp traps. 3.2.5.1 basic setting snmp agent check the check box to turn on snmp. Please note: enable the snmp will also enable the lldp (link layer discovery protocol) function. ...
Page 35
29 have the correct community name, user can't retrieve any data (get) or make any change (set). Multiple snmp managers may be organized in a specified community. V3 the snmp v3 is a security enhancement for snmp, it provides secure access to devices by a combination of userid, authenticating and en...
Page 36
30 3.2.5.2 vacm setting user can use the view-based access control model (vacm) to define whether access to a specified managed object is authorized. Access control is done at the following points: when processing retrieval request messages from the snmp manager. When processing modification request...
Page 37
31 view create a view for user to let the groups have rights to view the mib tree. Index: index of view. Tick the checkbox to enable the recordset. View name: the name of view. Include: assign include or exclude in this record for certain subtree. Sub tree: the oid value. For example: ‘1.3.6.1.2.1’ ...
Page 38
32 figure 3-2-30 3.2.5.3 snmp trap it is an snmp application that uses the snmp trap operation to send information to a network management system. Snmp trap trap active: to enable or disable snmp trap function. Version: indicate the traps will be sent in v1 or v2c or not send (disable). V1/v2c trap ...
Page 39
33 figure 3-2-32 3.2.6 tools command ping it runs ping command to test the connection capability of this device with the other ethernet device. Figure 3-2-33 3.2.7 log out user can manually logout by click on . Figure 3-2-34 3.3 ap-cb-bridge mode ap-cb-bridge mode is to set this device as an ap and ...
Page 40
34 ● rogue ap scan ● wifi ath3 setting ● wifi ath4 setting ● wifi ath5 setting ● wifi ath6 setting ● wifi ath7 setting ▽ filter ● mac filtering ▽ snmp ● basic setting ● vacm setting ● trap setting ▽ tools ● tools ▽ log out 3.3.1 system this page shows the current status and some basic settings of th...
Page 41
35 language select this function allows user to select a language for the ui, the options available are: english, simplified chinese and traditional chinese. Model select olsr-ap: to set this device as an ap with layer 3 mesh function. Aodv-ap: to set this device as an ap with layer 3 mesh function....
Page 42
36 remote management user can enable/disable the management of the access point from a remote host. Just tick the check box and enter an ip address of the remote host. Then, only the host with the entered ip address can access this device. Wifi loading warning threshold the threshold value is used b...
Page 43
37 using ftp on ftp server, there should have valid firmware which includes fs-opn.Img and/or kernel-opn.Img. On the firmware update - ftp page, enter the ip address of the ftp server, firmware name and ftp user name and password. Then click on button to start the firmware upgrade process. At the en...
Page 44
38 click on button on next page to save the settings of this device to a file named ‘configs.Tar’ on user’s pc. To restore the settings, click on button and select the correct file path and file name. Then, click on button to start the restore settings process. Figure 3-3-8 remote backup settings/re...
Page 45
39 figure 3-3-11 3.3.1.5 power control/status in this page user can enable the eth0 port to provide poe power and data forwarding function. Figure 3-3-12.
Page 46
40 3.3.1.6 bridge status in this page user could see the bridge interfaces information of this device, such as interface information, stp status, mac address information etc. Figure 3-3-13 3.3.1.7 wifi status in this page user can click wifi interfaces to see each wifi’s information of this device, ...
Page 47
41 the figure 3-3-15shows that the ath3 (cb model) has connected to an ap, and display the relevant information. Figure 3-3-15 the figure 3-3-16 shows ath4 (ap model) information. Figure 3-3-16 3.3.1.8 log in this page user could see the system logs record of this device. Figure 3-3-17 3.3.1.9 syste...
Page 48
42 user can manually enter the year/ month/ day and hour: minute: second. Using internet time server hours from gmt: user can enter the hours from gmt, for example taiwan is gmt +8 hours. Server ip: user should enter the internet time server ip address. Time update for every: user can set time updat...
Page 49
43 user can change the network settings of this device from lan configuration; it is including ip address, subnet mask, and gateway address. Bridge stp setting user can also set the bridge stp setting in this page. Stp/rstp: disable the bridge stp or set the bridge mode as stp or rstp mode. Bridge p...
Page 50
44 3.3.3 wireless user can set the wireless related setting here. Figure 3-3-21 3.3.3.1 rogue ap scan rogue enable check the radio box in front of to enable the rogue ap detection, and press or button to apply. Allow ap the allowable ap list. The ap in the list is a legal ap for cb to connect. Check...
Page 51
45 the options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. Ssid: the ssid (service set identifier) is an identifier of an ap in user’s wireless network. In station mode (cb), this ssid must be same as the ap that user wish to connect. User can either type in the ssid by themself or ...
Page 52
46 figure 3-3-23 ssid security mode authentication: user can choose which authentication type to secure the wireless net work. There are four options for authentication: disable, wep, wpa-personal and wpa-enterprise. Wep: short for wired equivalent privacy, a security protocol for wireless local are...
Page 53
47 figure 3-3-25 wpa-enterprise: wpa-enterprise includes all of the features of wpa-psk plus support the 802.1x authentication. To use this function, a separate radius server is required user should enter their account and password to pass the authentication. Figure 3-3-26 please note: in wifi stati...
Page 54
48 figure 3-3-27 advanced settings peer node distance: set the distance between this device and it’s adjacent. If select 'manual', the distance will be determined by 'slot time', 'ack timeout' and 'cts timeout' three values. Beacon period: this item contains the length of the beacon interval. Enter ...
Page 55
49 figure 3-3-28 ssid security mode authentication: user can choose which authentication type to secure the wireless net work. There are four options for authentication: disable, wep, wpa-personal and wpa-enterprise. Wep: short for wired equivalent privacy, a security protocol for wireless local are...
Page 56
50 (broadcast/multicast encryption keys) in seconds. Figure 3-3-30 wpa-enterprise: wpa-enterprise includes all of the features of wpa-psk plus support the 802.1x authentication. To use this function, a separate radius server is required. User should enter the ip and port number of the authentication...
Page 57
51 this affects traffic flowing from the access point to the client station. These parameters are used by the access point when transmitting frames to the clients. Ap tx-best effort: medium priority. Medium throughput and delay. Most traditional ip data is sent to this queue. Ap tx-background: low p...
Page 58
52 3.3.4 filtering the mac address filter can be used to filter network access by machines based on the unique mac addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to user’s network. A mac address is a unique id assigned by the manufac...
Page 59
53 lantech-wireless-view to remote management the ap and draw the network topography. System information contact: specify the contact name for this managed node as well as information about how to contact this person. Location: it is used to define the location of the host on which the snmp agent is...
Page 60
54 figure 3-2-34 3.3.5.2 vacm setting user can use the view-based access control model (vacm) to define whether access to a specified managed object is authorized. Access control is done at the following points: when processing retrieval request messages from the snmp manager. When processing modifi...
Page 61
55 index: index of group. Tick the checkbox to enable the recordset. Group name: a group name is given to a group of users and is used when managing their access rights. Security model: assign security model for group. Security name: assign security name for group. This field will obtain from the ‘s...
Page 62
56 the access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: index of access. Tick the checkbox to enable recordset. Group: returned and lookup the ‘group name’ from the group table. Security model: sp...
Page 63
57 figure 3-3-38 trap items enable/disable which trap items to send. Figure 3-3-39 3.3.6 tools command ping it runs ping command to test the connection capability of this device with the other ethernet device. Figure 3-3-40 3.3.7 log out user can manually logout by click on . Figure 3-3-41.
Page 64
58 3.4 ap-cb-route mode ap-cb-route mode is to set this device as a router device with ap and cb functions. The setting and functions as following: ▽ system ● administrator ● firmware ● configuration tools ● general status ● power control ● wifi status ● log ● system time ● reboot ▽ wan ● wan settin...
Page 65
59 3.4.1 system this page shows the current status and some basic settings of the device, including administrator, firmware, configuration tools, general status, power control, wifi status, log, system time and reboot; screen as shown in figure 3-4-1 figure 3-4-1 3.4.1.1 administrator by selecting t...
Page 66
60 figure 3-4-2 password settings if user wants to change the password for admin account, the user should enter the current password, a new password and, re-type the new password. The idle time out is the amount of time of inactivity allowed before user proceeds next action. The user needs to re-log...
Page 67
61 figure 3-4-3 using tftp on any computer in the network or a compute direct connect to the ap. Install a tftp server utility, and put the firmware file named ‘upgradefw.Tar’ in a folder. Run tftp utility and specify the folder in which the firmware file located. Enter the tftp server ip and click ...
Page 68
62 figure 3-4-4 restore factory default configuration: to reset configuration settings to the factory default values, just click on button beside ‘restore factory default configuration’. Figure 3-4-5 then click on button on next page, now the system will reset to factory default value. Figure 3-4-6 ...
Page 69
63 figure 3-4-8 remote backup settings/restore settings user can also backup/restore the configuration of this device remotely. Click on button beside ‘local backup settings/restore settings’, figure 3-4-9 enter the necessary setting in next page, then click on to server> or to start the process. Fi...
Page 70
64 figure 3-4-11 3.4.1.5 power control/status in this page user can enable the eth0 port to provide poe power and data forwarding function..
Page 71
65 figure 3-4-12 3.4.1.6 wifi status in this page user can click wifi interfaces to see each wifi information of this device, such as: interface information, security information, associated ap/station. The figure 3-4-13 shows the ath3 (cb) interface is waiting for connecting to an ap. Figure 3-4-13...
Page 72
66 3.4.1.7 log in this page user could see the system logs record of this device. Figure 3-4-16 3.4.1.8 system time select setting type setting by: user can set system time in two ways. One is manual setting, the other one is synchronize with an internet time server. Manual setting user can manually...
Page 73
67 figure 3-4-18 3.4.2 wan configuration 3.4.2.1 wan settings this function is to establish a connection with user’s wan network, select the ip allocation mode that isp is used. Interface ath3 setting ip authentication: indicate how the ip address of this device will be assigned. There are two optio...
Page 74
68 user can press button to add ip address to the bandwidth limitation list. User can tick the check box and press button to delete the ip address from the bandwidth limitation list. Figure 3-4-20 3.4.3 lan configuration user can change the local network settings of this device from lan configuratio...
Page 75
69 figure 3-4-21 3.4.4 wireless user can set the wireless related setting here. Figure 3-4-22 3.4.4.1 rogue ap scan rogue enable check the radio box in front of to enable the rogue ap detection, and press or button to apply. Allow ap the allowable ap list. The ap in the list is a legal ap for cb to ...
Page 76
70 press button to re-scan the aps nearby which are scanned by wifi card x (x:1 or 2) figure 3-4-23 3.4.4.2 wifi ath3 setting general radio power: turn this interface on or off wireless mode: select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g...
Page 77
71 specify the value of the rts /cts threshold. Tx power: to set the tx power as off to turn off the tx power, set auto to let device determine the tx power value automatically, or set manual to set the tx power value. The max value is depending on the wireless module. Wep key setting: it uses two k...
Page 78
72 granted. The encryption method used is referred to as the temporal key integrity protocol (tkip). Wpa mode: in this setting, user can choose wpa or wpa2 or wpa & wpa2. (wpa2 is far superior to wpa, because the encryption of method used is advanced encryption standard (aes).) share key: user shoul...
Page 79
73 radio channels. Channel: set the operating frequency/channel for this device. Figure 3-4-28 advanced settings peer node distance: set the distance between this device and it’s adjacent. If select 'manual', the distance will be determined by 'slot time', 'ack timeout' and 'cts timeout' three value...
Page 80
74 figure 3-4-29 ssid security mode authentication: user can choose which authentication type to secure the wireless net work. There are four options for authentication: disable, wep, wpa-personal and wpa-enterprise. Wep: short for wired equivalent privacy, a security protocol for wireless local are...
Page 81
75 (broadcast/multicast encryption keys) in seconds. Figure 3-4-31 wpa-enterprise: wpa-enterprise includes all of the features of wpa-psk plus support the 802.1x authentication. To use this function, a separate radius server is required. User should enter the ip and port number of the authentication...
Page 82
76 this affects traffic flowing from the access point to the client station. These parameters are used by the access point when transmitting frames to the clients. Ap tx-best effort: medium priority. Medium throughput and delay. Most traditional ip data is sent to this queue. Ap tx-background: low p...
Page 83
77 3.4.5 filtering the mac address filter can be used to filter network access by machines based on the unique mac addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to user’s network. A mac address is a unique id assigned by the manufac...
Page 84
78 interfaces/pcs with mac address in the mac address table. Figure 3-4-35 3.4.6 snmp the iwp-2000-68 support snmp v1/v2c/v3, this page is for defines the snmp access control and snmp traps. 3.4.6.1 basic setting snmp agent check the check box to turn on snmp. Please note: enable the snmp will also ...
Page 85
79 snmp community provides a simple protection by using the community name to control the access to the snmp. The community name can be thought of as a password. If user don’t have the correct community name, user can’t retrieve any data (get) or make any change (set). Multiple snmp managers may be ...
Page 86
80 figure 3-4-36 3.4.6.2 vacm setting user can use the view-based access control model (vacm) to define whether access to a specified managed object is authorized. Access control is done at the following points: when processing retrieval request messages from the snmp manager. When processing modifi...
Page 87
81 index: index of group. Tick the checkbox to enable the recordset. Group name: a group name is given to a group of users and is used when managing their access rights. Security model: assign security model for group. Security name: assign security name for group. This field will obtain from the ‘s...
Page 88
82 the access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: index of access. Tick the checkbox to enable recordset. Group: returned and lookup the ‘group name’ from the group table. Security model: sp...
Page 89
83 figure 3-4-40 trap items enable/disable which trap items to send. Figure 3-4-41 3.4.7 tools command ping it runs ping command to test the connection capability of this device with the other ethernet device. Figure 3-4-42 3.4.8 log out user can manually logout by click on . Figure 3-4-43.
Page 90
84 3.5 cb-cb-route mode cb-cb-route mode is to set this device as a router device with two cbs (station mode). For example, one cb connects to an internet provider’s ap for wan connection; another cb connects to the intranet’s ap. The setting and functions list as following: ▽ system ● administrator...
Page 91
85 3.5.1 system this page shows the current status and some basic settings of the device, including administrator, firmware, configuration tools, general status, power control, wifi status, log, system time and reboot; screen as shown in figure 3-5-1 figure 3-5-1 3.5.1.1 administrator by selecting t...
Page 92
86 figure 3-5-2 password settings if user wants to change the password for admin account, the user should enter the current password, a new password and, re-type the new password. The idle time out is the amount of time of inactivity allowed before user proceeds next action. The user needs to re-log...
Page 93
87 figure 3-5-3 using tftp on any computer in the network or a compute direct connect to the ap. Install a tftp server utility, and put the firmware file named ‘upgradefw.Tar’ in a folder. Run tftp utility and specify the folder in which the firmware file located. Enter the tftp server ip and click ...
Page 94
88 figure 3-5-4 restore factory default configuration: to reset configuration settings to the factory default values, just click on button beside ‘restore factory default configuration’. Figure 3-5-5 then click on button on next page, now the system will reset to factory default value. Figure 3-5-6 ...
Page 95
89 figure 3-5-8 remote backup settings/restore settings user can also backup/restore the configuration of this device remotely. Click on button beside ‘local backup settings/restore settings’, figure 3-5-9 enter the necessary setting in next page, then click on to server> or to start the process. Fi...
Page 96
90 figure 3-5-11 3.5.1.5 power control/status in this page user can enable the eth0 port to provide poe power and data forwarding function. Figure 3-5-12.
Page 97
91 3.5.1.6 wifi status in this page user can click wifi interfaces to see each wifi information of this device, such as: interface information, security information, associated ap/station. The figure 3-5-13 shows the ath3/ath7 (cb) interface is waiting for connecting to an ap. Figure 3-5-13 the figu...
Page 98
92 using internet time server hours from gmt: user can enter the hours from gmt, for example taiwan is gmt +8 hours. Server ip: user should enter the internet time server ip address here. Time update for every: user can set time update interval by enter the days, hours, and minutes. Figure 3-5-16 3....
Page 99
93 figure 3-5-18 3.5.2.2 bandwidth management this function allows user to set the limitation of total upload/download bandwidth on wan interface, and also can set the limitation of upload/download bandwidth for each user or a group of users by ip address. Bandwidth management bandwidth management: ...
Page 100
94 user can change the network settings of this interface from lan configuration; it is including ip address, subnet mask and enable/disable the dhcp server function. Dhcp server parameters primary / secondary dns address: the domain-name-servers option specifies a list of domain name system name se...
Page 101
95 figure 3-5-22 3.5.4.1 rogue ap scan rogue enable check the radio box in front of to enable the rogue ap detection, and press or button to apply. Allow ap the allowable ap list. The ap in the list is a legal ap for cb to connect. Check the box and press the button to remove it. Rogue ap the nearby...
Page 102
96 user’s wireless network. In station mode (cb), this ssid must be same as the ap that user wish to connect. User can either type in the ssid by themself or simply press the button and select the ap form the popup list, then click . Mac cloning: this feature controls the mac address of the wireless...
Page 103
97 figure 3-5-24 ssid security mode authentication: user can choose which authentication type to secure the wireless net work. There are four options for authentication: disable, wep, wpa-personal and wpa-enterprise. Wep: short for wired equivalent privacy, a security protocol for wireless local are...
Page 104
98 figure 3-5-26 wpa-enterprise: wpa-enterprise includes all of the features of wpa-psk plus support the 802.1x authentication. To use this function, a separate radius server is required user should enter their account and password to pass the authentication. Figure 3-5-27 please note: in wifi stati...
Page 105
99 figure 3-5-28 3.5.5.2 mac filtering user can block certain clients from accessing this ap based on its mac address. Use filtering type to define the filtering scenario: general disabled: disable this filtering function. If this option is selected, all pcs can access this ap. Accept: all pcs are f...
Page 106
100 figure 3-5-29 3.5.6 snmp the iwp-2000-68 support snmp v1/v2c/v3, this page is for defines the snmp access control and snmp traps. 3.5.6.1 basic setting snmp agent check the check box to turn on snmp. Please note: enable the snmp will also enable the lldp (link layer discovery protocol) function....
Page 107
101 community name can be thought of as a password. If user don't have the correct community name, user can't retrieve any data (get) or make any change (set). Multiple snmp managers may be organized in a specified community. V3 the snmp v3 is a security enhancement for snmp, it provides secure acce...
Page 108
102 figure 3-5-30 3.5.6.2 vacm setting user can use the view-based access control model (vacm) to define whether access to a specified managed object is authorized. Access control is done at the following points: when processing retrieval request messages from the snmp manager. When processing modif...
Page 109
103 index: index of group. Tick the checkbox to enable the recordset. Group name: a group name is given to a group of users and is used when managing their access rights. Security model: assign security model for group. Security name: assign security name for group. This field will obtain from the ‘...
Page 110
104 the access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: index of access. Tick the checkbox to enable recordset. Group: returned and lookup the ‘group name’ from the group table. Security model: s...
Page 111
105 figure 3-5-34 trap items enable/disable which trap items to send. Figure 3-5-35 3.5.7 tools command ping it runs ping command to test the connection capability of this device with the other ethernet device. Figure 3-5-36 3.5.8 log out user can manually logout by click on . Figure 3-5-37.
Page 112
106 3.6 vlan ap mode to set this device as a vlan-ap. Each ap bridge (ssid) has its own vlan id, the setting and functions as following: ▽ system ● administrator ● firmware ● configuration tools ● general status ● power control ● wifi status ● log ● system time ● reboot ▽ lan ● lan settings ▽ wirele...
Page 113
107 figure 3-6-1 3.6.1.1 administrator by selecting the item of administrator under system, user will see the screen shown in figure 3-6-2. These settings allow user to configure the device name, language, model, password, remote management and wifi loading warning threshold. Device name this is a h...
Page 114
108 figure 3-6-2 password settings if user wants to change the password for admin account, the user should enter the current password, a new password and, re-type the new password. The idle time out is the amount of time of inactivity allowed before user proceeds next action. The user needs to re-lo...
Page 115
109 figure 3-6-3 using tftp on any computer in the network or a compute direct connect to the ap. Install a tftp server utility, and put the firmware file named ‘upgradefw.Tar’ in a folder. Run tftp utility and specify the folder in which the firmware file located. Enter the tftp server ip and click...
Page 116
110 figure 3-6-4 restore factory default configuration: to reset configuration settings to the factory default values, just click on button beside ‘restore factory default configuration’. Figure 3-6-5 then click on button on next page, now the system will reset to factory default value. Figure 3-6-6...
Page 117
111 figure 3-6-8 remote backup settings/restore settings user can also backup/restore the configuration of this device remotely. Click on button beside ‘local backup settings/restore settings’, figure 3-6-9 enter the necessary setting in next page, then click on to server> or to start the process. F...
Page 118
112 figure 3-6-11 3.6.1.5 power control/status in this page user can enable the eth0 port to provide poe power and data forwarding function. Figure 3-6-12.
Page 119
113 3.6.1.6 wifi status in this page user could see the wifi information of this device, such as: interface information, security information, associated ap/station. Figure 3-6-13 3.6.1.7 log in this page user could see the system logs record of this device. Figure 3-6-14 3.6.1.8 system time select ...
Page 120
114 figure 3-6-15 3.6.1.9 reboot user can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the button and click on on pop-up sc...
Page 121
115 figure 3-6-18 3.6.3.1 wifi ath0~7 setting general radio power: turn this interface on or off wireless mode: select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. Vlan id: it is only available in vlan_ap model. It is the vlan t...
Page 122
116 number between 1 and 255 to specify. Fragment threshold: it is the maximum frame size that wireless device can transmit without fragmenting the frame. Enter a value between 256 and 2346 to specify the fragment threshold. Rts/cts threshold: packets larger than the value are transmitted by the rts...
Page 123
117 select key: check the radio box in front of the key that user would like to use for this ap. Figure 3-6-21 wpa-personal: the method of authentication is similar to wep, user can define a ‘pre-shared key’, once the key is confirmed and satisfied on both the client and access point, then access is...
Page 124
118 qos wmm enable/disable wmm support. Max associated station: maximum number of stations allowed in station table. Common parameters: cwmin: minimum contention window. The valid values for ‘cwmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095. The value for ‘cwmin’ must be lower than...
Page 125
119 wireless medium (wm). This value specifies (in milliseconds) the transmission opportunity (txop) for client station; that is, the interval of time when the wmm ap has the right to initiate transmissions on the wireless network. Acm: admission control mandatory. Figure 3-6-24 3.6.4 filtering the ...
Page 126
120 figure 3-6-25 3.6.5 snmp the iwp-2000-68 support snmp v1/v2c/v3, this page is for defines the snmp access control and snmp traps. 3.6.5.1 basic setting snmp agent check the check box to turn on snmp. Please note: enable the snmp will also enable the lldp (link layer discovery protocol) function....
Page 127
121 community name can be thought of as a password. If user don't have the correct community name, user can't retrieve any data (get) or make any change (set). Multiple snmp managers may be organized in a specified community. V3 the snmp v3 is a security enhancement for snmp, it provides secure acce...
Page 128
122 figure 3-6-26 3.6.5.2 vacm setting user can use the view-based access control model (vacm) to define whether access to a specified managed object is authorized. Access control is done at the following points: when processing retrieval request messages from the snmp manager. When processing modif...
Page 129
123 index: index of group. Tick the checkbox to enable the recordset. Group name: a group name is given to a group of users and is used when managing their access rights. Security model: assign security model for group. Security name: assign security name for group. This field will obtain from the ‘...
Page 130
124 the access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: index of access. Tick the checkbox to enable recordset. Group: returned and lookup the ‘group name’ from the group table. Security model: s...
Page 131
125 auth level: assign security level in this record. The options are: noauthnopriv, authnopriv, authpriv. Figure 3-6-30 trap items enable/disable which trap items to send. Figure 3-6-31 3.6.6 tools command ping it runs ping command to test the connection capability of this device with the other eth...
Page 132
126 3.7 ap_wds_bridge mode to set this device as a wds device, the setting and functions as following: ▽ system ● administrator ● firmware ● configuration tools ● general status ● power control ● bridge status ● wifi status ● log ● system time ● reboot ▽ lan ● bridge lan settings ▽ wireless ● wifi a...
Page 133
127 figure 3-7-1 3.7.1.1 administrator by selecting the item of administrator under system, user will see the screen shown in figure 3-7-2. These settings allow user to configure the device name, language, model, password, remote management and wifi loading warning threshold. Device name this is a h...
Page 134
128 figure 3-7-2 password settings if user wants to change the password for admin account, the user should enter the current password, a new password and, re-type the new password. The idle time out is the amount of time of inactivity allowed before user proceeds next action. The user needs to re-lo...
Page 135
129 figure 3-7-3 using tftp on any computer in the network or a compute direct connect to the ap. Install a tftp server utility, and put the firmware file named ‘upgradefw.Tar’ in a folder. Run tftp utility and specify the folder in which the firmware file located. Enter the tftp server ip and click...
Page 136
130 figure 3-7-4 restore factory default configuration: to reset configuration settings to the factory default values, just click on button beside ‘restore factory default configuration’. Figure 3-7-5 then click on button on next page, now the system will reset to factory default value. Figure 3-7-6...
Page 137
131 figure 3-7-8 remote backup settings/restore settings user can also backup/restore the configuration of this device remotely. Click on button beside ‘local backup settings/restore settings’, figure 3-7-9 enter the necessary setting in next page, then click on to server> or to start the process. F...
Page 138
132 figure 3-7-11 3.7.1.5 power control/status in this page user can enable the eth0 port to provide poe power and data forwarding function. Figure 3-7-12.
Page 139
133 3.7.1.6 bridge status in this page user could see the bridge interfaces information of this device, such as interface information, stp ststus, mac address information etc. Figure 3-7-13 3.7.1.7 wifi status in this page user could see the wifi information of this device, such as: interface inform...
Page 140
134 figure 3-7-14 3.7.1.8 log in this page user could see the system logs record of this device. Figure 3-7-15 3.7.1.9 system time select setting type setting by: user can set system time in two ways. One is manual setting, the other one is synchronize with an internet time server. Manual setting us...
Page 141
135 figure 3-7-16 3.7.1.10 reboot user can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the button and click on on pop-up s...
Page 142
136 max age: set the bridge's 'maximum message age' value (seconds) port cost: set the port cost of the port. Port priority: set the port priority of the port (interface). It is used in the designated port and root port selection algorithms. P to p: if a bridge port is operating in full-duplex mode,...
Page 143
137 3.7.3.1 wifi ath0 and ath4 setting general radio power: turn this interface on or off wireless mode: select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. Ssid: the ssid (service set identifier) is an identifier of an ap in us...
Page 144
138 other. Wep key setting: it uses two kinds of wep encryption key length: 5-bytes and 13-bytes. The key format can either use 'ascii' to set the key values (ie. 0~9, a~z) or use 'hex' to set the key value in hexadecimal. (ie. 0~9, a~f). User can set maximum 4 keys, but only one key will functional...
Page 145
139 wpa-personal: the method of authentication is similar to wep, user can define a ‘pre-shared key’, once the key is confirmed and satisfied on both the client and access point, then access is granted. The encryption method used is referred to as the temporal key integrity protocol (tkip). Wpa mode...
Page 146
140 cwmin: minimum contention window. The valid values for ‘cwmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095. The value for ‘cwmin’ must be lower than the value for ‘cwmax’. Cwmax: maximum contention window. The valid values for ‘cwmax’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023,...
Page 147
141 figure 3-7-25 3.7.4 filtering the mac address filter can be used to filter network access by machines based on the unique mac addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to user’s network. A mac address is a unique id assigned...
Page 148
142 figure 3-7-26 3.7.5 snmp the iwp-2000-68 support snmp v1/v2c/v3, this page is for defines the snmp access control and snmp traps. 3.7.5.1 basic setting snmp agent check the check box to turn on snmp. Please note: enable the snmp will also enable the lldp (link layer discovery protocol) function....
Page 149
143 community name can be thought of as a password. If user don't have the correct community name, user can't retrieve any data (get) or make any change (set). Multiple snmp managers may be organized in a specified community. V3 the snmp v3 is a security enhancement for snmp, it provides secure acce...
Page 150
144 figure 3-7-27 3.7.5.2 vacm setting user can use the view-based access control model (vacm) to define whether access to a specified managed object is authorized. Access control is done at the following points: when processing retrieval request messages from the snmp manager. When processing modif...
Page 151
145 index: index of group. Tick the checkbox to enable the recordset. Group name: a group name is given to a group of users and is used when managing their access rights. Security model: assign security model for group. Security name: assign security name for group. This field will obtain from the ‘...
Page 152
146 the access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: index of access. Tick the checkbox to enable recordset. Group: returned and lookup the ‘group name’ from the group table. Security model: s...
Page 153
147 figure 3-7-31 trap items enable/disable which trap items to send. Figure 3-7-32 3.7.6 tools command ping it runs ping command to test the connection capability of this device with the other ethernet device. Figure 3-7-33 3.7.7 log out user can manually logout by click on . Figure 3-7-34.
Page 154
148 3.8 ap4 wds bridge mode to set this device as a wds device, the setting and functions as following: ▽ system ● administrator ● firmware ● configuration tools ● general status ● power control ● bridge status ● wifi status ● log ● system time ● reboot ▽ lan ● bridge lan settings ▽ wireless ● wifi ...
Page 155
149 figure 3-8-1 3.8.1.1 administrator by selecting the item of administrator under system, user will see the screen shown in figure 3-8-2. These settings allow user to configure the device name, language, model, password, remote management and wifi loading warning threshold. Device name this is a h...
Page 156
150 figure 3-8-2 password settings if user wants to change the password for admin account, the user should enter the current password, a new password and, re-type the new password. The idle time out is the amount of time of inactivity allowed before user proceeds next action. The user needs to re-lo...
Page 157
151 figure 3-8-3 using tftp on any computer in the network or a compute direct connect to the ap. Install a tftp server utility, and put the firmware file named ‘upgradefw.Tar’ in a folder. Run tftp utility and specify the folder in which the firmware file located. Enter the tftp server ip and click...
Page 158
152 figure 3-8-4 restore factory default configuration: to reset configuration settings to the factory default values, just click on button beside ‘restore factory default configuration’. Figure 3-8-5 then click on button on next page, now the system will reset to factory default value. Figure 3-8-6...
Page 159
153 figure 3-8-8 remote backup settings/restore settings user can also backup/restore the configuration of this device remotely. Click on button beside ‘local backup settings/restore settings’, figure 3-8-9 enter the necessary setting in next page, then click on to server> or to start the process. F...
Page 160
154 figure 3-8-11 3.8.1.5 power control in this page user can enable the eth0 port to provide poe power and data forwarding function. Figure 3-8-12.
Page 161
155 3.8.1.6 bridge status in this page user could see the bridge interfaces information of this device, such as interface information, stp status, mac address information etc. Figure 3-8-13 3.8.1.7 wifi status in this page user could see the wifi information of this device, such as: interface inform...
Page 162
156 figure 3-8-14 3.8.1.8 log in this page user could see the system logs record of this device. Figure 3-8-15 3.8.1.9 system time select setting type setting by: user can set system time in two ways. One is manual setting, the other one is synchronize with an internet time server. Manual setting us...
Page 163
157 figure 3-8-16 3.8.1.10 reboot user can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the button and click on on pop-up s...
Page 164
158 max age: set the bridge's 'maximum message age' value (seconds) port cost: set the port cost of the port. Port priority: set the port priority of the port (interface). It is used in the designated port and root port selection algorithms. P to p: if a bridge port is operating in full-duplex mode,...
Page 165
159 figure 3-8-19 3.8.3.1 wifi ath0 setting general radio power: turn this interface on or off wireless mode: select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. Ssid: the ssid (service set identifier) is an identifier of an ap ...
Page 166
160 tx power: to set the tx power as off to turn off the tx power, set auto to let device determine the tx power value automatically, or set manual to set the tx power value. The max value is depending on the wireless module. Rate: set the bit rate for wireless interface to supporting multiple bit r...
Page 167
161 transmitted without encryption. If the 'restricted' selected, all the packets are transmitted with encryption. Select key: check the radio box in front of the key you would like to use for this ap. F igure 3-8-23 wpa-personal: the method of authentication is similar to wep, user can define a ‘pr...
Page 168
162 figure 3-8-25 qos wmm: enable/disable wmm support. Max associated station: maximum number of stations allowed in station table. Common parameters: cwmin: minimum contention window. The valid values for ‘cwmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095. The value for ‘cwmin’ mus...
Page 169
163 transmitted to the access point. Sta tx-best effort: medium priority, medium throughput and delay. Most traditional ip data will be sending to this queue. Sta tx-background: low priority, high throughput. Bulk data that requires maximum throughput and it’s not time-sensitive will be sending to t...
Page 170
164 figure 3-8-27 advanced settings peer node distance: set the distance between this device and it’s adjacent. If select 'manual', the distance will be determined by 'slot time', 'ack timeout' and 'cts timeout' three values. Beacon period: this item contains the length of the beacon interval. Enter...
Page 171
165 figure 3-8-28 ssid security mode authentication: user can choose which authentication type to secure the wireless net work. There are four options for authentication: disable, wep, wpa-personal and wpa-enterprise. Wep: short for wired equivalent privacy, a security protocol for wireless local ar...
Page 172
166 (broadcast/multicast encryption keys) in seconds. Figure 3-8-30 wpa-enterprise: wpa-enterprise includes all of the features of wpa-psk plus support the 802.1x authentication. To use this function, a separate radius server is required. User should enter the ip and port number of the authenticatio...
Page 173
167 ap parameters: this affects traffic flowing from the access point to the client station. These parameters are used by the access point when transmitting frames to the clients. Ap tx-best effort: medium priority. Medium throughput and delay. Most traditional ip data is sent to this queue. Ap tx-b...
Page 174
168 figure 3-8-32 3.8.4 filtering the mac address filter can be used to filter network access by machines based on the unique mac addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to user’s network. A mac address is a unique id assigned...
Page 175
169 protocol) function. This function will be used if user wants lantech-wireless-view to remote management the ap and draw the network topography. System information contact: specify the contact name for this managed node as well as information about how to contact this person. Location: it is used...
Page 176
170 figure 3-8-34 3.8.5.2 vacm setting user can use the view-based access control model (vacm) to define whether access to a specified managed object is authorized. Access control is done at the following points: when processing retrieval request messages from the snmp manager. When processing modif...
Page 177
171 map the security names into group names. (for snmp v3, the security name is the user id in basic setting.) index: index of group. Tick the checkbox to enable the recordset. Group name: a group name is given to a group of users and is used when managing their access rights. Security model: assign...
Page 178
172 access the access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: index of access. Tick the checkbox to enable recordset. Group: returned and lookup the ‘group name’ from the group table. Security m...
Page 179
173 noauthnopriv, authnopriv, authpriv. Figure 3-8-38 trap items enable/disable which trap items to send. Figure 3-8-39 3.8.6 tools command ping it runs ping command to test the connection capability of this device with the other ethernet device. Figure 3-8-40 3.8.7 log out user can manually logout ...
Page 180
174 3.9 olsr_ap mode to set this device as a mesh device, the setting and functions as following: ▽ system ● administrator ● firmware ● configuration tools ● general status ● power control ● wifi status ● log ● system time ● reboot ▽ wan ● wan settings ● bandwidth management ▽ lan ● eth0 settings ● ...
Page 181
175 3.9.1 system this page shows the current status and some basic settings of the device, including administrator, firmware, configuration tools, general status, power control, wifi status, log, system time and reboot; screen as shown in figure 3-9-1 figure 3-9-1 3.9.1.1 administrator by selecting ...
Page 182
176 figure 3-9-2 password settings if user wants to change the password for admin account, the user should enter the current password, a new password and, re-type the new password. The idle time out is the amount of time of inactivity allowed before user proceeds next action. The user needs to re-lo...
Page 183
177 figure 3-9-3 using tftp on any computer in the network or a compute direct connect to the ap. Install a tftp server utility, and put the firmware file named ‘upgradefw.Tar’ in a folder. Run tftp utility and specify the folder in which the firmware file located. Enter the tftp server ip and click...
Page 184
178 figure 3-9-4 restore factory default configuration: to reset configuration settings to the factory default values, just click on button beside ‘restore factory default configuration’. Figure 3-9-5 then click on button on next page, now the system will reset to factory default value. Figure 3-9-6...
Page 185
179 figure 3-9-8 remote backup settings/restore settings user can also backup/restore the configuration of this device remotely. Click on button beside ‘local backup settings/restore settings’, figure 3-9-9 enter the necessary setting in next page, then click on to server> or to start the process. F...
Page 186
180 figure 3-9-11 3.9.1.5 power control in this page user can enable the eth0 port to provide poe power and data forwarding function. Figure 3-9-12.
Page 187
181 3.9.1.6 wifi status in this page user could see the wifi information of this device, such as: interface information, security information, associated ap/station. Figure 3-9-13 3.9.1.7 log in this page user could see the system logs record of this device. Figure 3-9-14 3.9.1.8 system time select ...
Page 188
182 f figure 3-9-15 3.9.1.9 reboot user can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the button and click on on pop-up ...
Page 189
183 figure 3-9-17 3.9.2.2 bandwidth management this function allows user to set the limitation of total upload/download bandwidth on wan interface, and also can set the limitation of upload/download bandwidth for each user or a group of users by ip address. Bandwidth management bandwidth management:...
Page 190
184 3.9.3 lan configuration the access point must have an ip address for the (wireless) local area network. User can also enable dhcp service to assign ip address to the wireless clients. (please note: the dhcp service for mesh network is inhibited.) 3.9.3.1 eth0 settings network ip parameters user ...
Page 191
185 lease time: how long does the ip address can be leased by dhcp server. Figure 3-9-20 3.9.3.3 mesh wlan settings user can configure the ip address for mesh ath0 interface in here. The ip address for mesh ath0 must be in the same subnet with other mesh device’s ath0 interface, and must be in diffe...
Page 192
186 figure 3-9-22 3.9.4.2 olsr-admin in this page, user can set the meshrelated settings that shows in olsr-config change basic settings pollrate [0.0-m.N]: this option sets the interval in seconds, which the mesh scheduler should be poll for events every 0.2 seconds if the pollrate is set to 0.2. T...
Page 193
187 fisheye [enable, disable]: to increase stability in a mesh, tc messages should be sent quite frequently. However, the network would then suffer from the resulting overhead. The idea is to frequently send tc messages to adjacent nodes, i.E. Nodes that are likely to be involved in routing loops, w...
Page 194
188 figure 3-9-24 3.9.4.4 olsr-links links local ip remote ip lq lost total nlq etx 192.168.0.2 192.168.0.1 1.000 0 100 1.000 1.00 this table contains the links to our neighbors. It contains the following columns. Local ip: the ip address of the interface that have contacted to the neighbor. Remote ...
Page 195
189 will: the neighbor's willingness. 2_hop_neighbors:the ip address of 2 hops neighbors. Topology entries this table displays the topology information that mesh system has gathered from lq tc messages. It states which nodes in the network report links to which other nodes and what quality does thes...
Page 196
190 figure 3-9-26 3.9.5.1 wifi ap setting general radio power: turn this interface on or off wireless mode: select which wireless mode that you want to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. Ssid: the ssid (service set identifier) is an identifier of an ap in u...
Page 197
191 rts/cts threshold: packets larger than the value are transmitted by the rts/cts handshake. Enter a value between 1 and 2346 to specify the value of the rts /cts threshold. Tx power: to set the tx power as off to turn off the tx power, set auto to let device determine the tx power value automatic...
Page 198
192 figure 3-9-29 wpa-personal: the method of authentication is similar to wep, user can define a ‘pre-shared key’, once the key is confirmed and satisfied on both the client and access point, then access is granted. The encryption method used is referred to as the temporal key integrity protocol (t...
Page 199
193 max associated station: maximum number of stations allowed in station table. Common parameters: cwmin: minimum contention window. The valid values for ‘cwmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095. The value for ‘cwmin’ must be lower than the value for ‘cwmax’. Cwmax: maxim...
Page 200
194 interval of time when the wmm ap has the right to initiate transmissions on the wireless network. Acm: admission control mandatory. Figure 3-9-32 3.9.5.2 wifi mesh setting general radio power: turn this interface on or off wireless mode: select which wireless mode that you want to use. The optio...
Page 201
195 number between 1 and 255 to specify. Fragment threshold: it is the maximum frame size that wireless device can transmit without fragmenting the frame. Enter a value between 256 and 2346 to specify the fragment threshold. Rts/cts threshold: packets larger than the value are transmitted by the rts...
Page 202
196 select key: check the radio box in front of the key you would like to use for this ap. Figure 3-9-35 3.9.6 filtering the mac address filter can be used to filter network access by machines based on the unique mac addresses of their network adapter(s). It is most useful to prevent unauthorized wi...
Page 203
197 3.9.6.2 mac filtering user can block certain clients from accessing this ap based on its mac address. Use filtering type to define the filtering scenario: general disabled: disable this filtering function. If this option is selected, all pcs can access this ap. Accept: all pcs are filtered out e...
Page 204
198 v1/v2c user can change user’s snmp community settings on this page. Access right: select an access right for the snmp manager. 'read' is read only, 'write' is read-write, and 'deny' means this community name is not implemented. Community: specify the name of community for the snmp manager. Snmp ...
Page 205
199 figure 3-9-38 3.9.7.2 vacm setting you can use the view-based access control model (vacm) to define whether access to a specified managed object is authorized. Access control is done at the following points: when processing retrieval request messages from the snmp manager. When processing modifi...
Page 206
200 index: index of group. Tick the checkbox to enable the recordset. Group name: a group name is given to a group of users and is used when managing their access rights. Security model: assign security model for group. Security name: assign security name for group. This field will obtain from the ‘...
Page 207
201 the access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: index of access. Tick the checkbox to enable recordset. Group: returned and lookup the ‘group name’ from the group table. Security model: s...
Page 208
202 figure 3-9-42 trap items enable/disable which trap items to send. Figure 3-9-43 3.9.8 tools command ping it runs ping command to test the connection capability of this device with the other ethernet device. Figure 3-9-44 3.9.9 log out user can manually logout by click on . Figure 3-9-45.
Page 209
203 3.10 aodv_ap mode to set this device as a mesh device, the setting and functions as following: ▽ system ● administrator ● firmware ● configuration tools ● general status ● power concrol ● wifi status ● log ● system time ● reboot ▽ wan ● wan settings ● bandwidth management ▽ lan ● eth0 settings ●...
Page 210
204 status, power control, wifi status, log, system time and reboot; screen as shown in figure 3-10-1 figure 3-10-1 3.10.1.1 administrator by selecting the item of administrator under system, user will see the screen shown in figure 3-10-2. These settings allow user to configure the device name, lan...
Page 211
205 figure 3-10-2 password settings if user wants to change the password for admin account, the user should enter the current password, a new password and, re-type the new password. The idle time out is the amount of time of inactivity allowed before user proceeds next action. The user needs to re-l...
Page 212
206 figure 3-10-3 using tftp on any computer in the network or a compute direct connect to the ap. Install a tftp server utility, and put the firmware file named ‘upgradefw.Tar’ in a folder. Run tftp utility and specify the folder in which the firmware file located. Enter the tftp server ip and clic...
Page 213
207 figure 3-10-4 restore factory default configuration: to reset configuration settings to the factory default values, just click on button beside ‘restore factory default configuration’. Figure 3-10-5 then click on button on next page, now the system will reset to factory default value. Figure 3-1...
Page 214
208 figure 3-10-8 remote backup settings/restore settings user can also backup/restore the configuration of this device remotely. Click on button beside ‘local backup settings/restore settings’, figure 3-10-9 enter the necessary setting in next page, then click on to server> or to start the process....
Page 215
209 figure 3-10-11 3.10.1.5 power control in this page user can enable the eth0 port to provide poe power and data forwarding function. Figure 3-10-12.
Page 216
210 3.10.1.6 wifi status in this page user could see the wifi information of this device, such as: interface information, security information, associated ap/station. Figure 3-10-13 3.10.1.7 log in this page user could see the system logs record of this device. Figure 3-10-14 3.10.1.8 system time se...
Page 217
211 figure 3-10-15 3.10.1.9 reboot user can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the button and click on on pop-up ...
Page 218
212 figure 3-10-16 3.10.2.2 bandwidth management this function allows user to set the limitation of total upload/download bandwidth on wan interface, and also can set the limitation of upload/download bandwidth for each user or a group of users by ip address. Bandwidth management bandwidth managemen...
Page 219
213 3.10.3 lan configuration 3.10.3.1 eth0 settings network ip parameters user can change the network settings of this interface from lan configuration; it is including ip address, subnet mask, and enable/disable the dhcp server function. Dhcp server parameters primary / secondary dns address: the d...
Page 220
214 figure 3-10-19 3.10.3.3 mesh wlan settings user can configure the ip address for mesh ath0 interface in here. The ip address for mesh ath0 must be in the same subnet with other mesh device’s ath0 interface, and must be in different subnet with wan, ap wlan ip address. Network ip parameters ip ad...
Page 221
215 active internet: it will provide interfaces to provide internet. When set 'on', the eth1 will be the interface to internet. The default gateway is set within wan setting page. When set 'off', the default gateway will set on the aodv interface (ath0). Rreq gratuitous: force the gratuitous flag to...
Page 222
216 wireless mode: select which wireless mode that you want to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. Ssid: the ssid (service set identifier) is an identifier of an ap in user’s wireless network. The ssid must be identical for all access points in the network. ...
Page 223
217 5-bytes and 13-bytes. The key format can either use 'ascii' to set the key values (ie. 0~9, a~z) or use 'hex' to set the key value in hexadecimal. (ie. 0~9, a~f). User can set maximum 4 keys, but only one key will functional at one time. Figure 3-10-23 ssid security mode authentication: user can...
Page 224
218 length of the key is (8-23 characters). Wpa encryption: user can choose the encryption method of the pre-shared key here; there are three options: auto, aes and tkip. Group key update interval: time interval for rekeying the gtk (broadcast/multicast encryption keys) in seconds. Figure 3-10-25 wp...
Page 225
219 ms) for bursting. Ap parameters: this affects traffic flowing from the access point to the client station. These parameters are used by the access point when transmitting frames to the clients. Ap tx-best effort: medium priority. Medium throughput and delay. Most traditional ip data is sent to t...
Page 226
220 figure 3-10-27 3.10.5.2 wifi mesh setting general radio power: turn this interface on or off wireless mode: select which wireless mode that you want to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. Ssid: the ssid (service set identifier) is an identifier of an ap ...
Page 227
221 between 256 and 2346 to specify the fragment threshold. Rts/cts threshold: packets larger than the value are transmitted by the rts/cts handshake. Enter a value between 1 and 2346 to specify the value of the rts /cts threshold. Tx power: to set the tx power as off to turn off the tx power, set a...
Page 228
222 figure 3-10-30 3.10.6 filtering the mac address filter can be used to filter network access by machines based on the unique mac addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to user’s network. A mac address is a unique id assign...
Page 229
223 general disabled: disable this filtering function. If this option is selected, all pcs can access this ap. Accept: all pcs are filtered out except those mac addresses in the following mac address table. In other words, only those interfaces/ pcs with mac address in the mac address table can acce...
Page 230
224 v1/v2c user can change user’s snmp community settings on this screen. Access right: select an access right for the snmp manager. 'read' is read only, 'write' is read-write, and 'deny' means this community name is not implemented. Community: specify the name of community for the snmp manager. Snm...
Page 231
225 figure 3-10-33 3.10.8.2 vacm setting you can use the view-based access control model (vacm) to define whether access to a specified managed object is authorized. Access control is done at the following points: when processing retrieval request messages from the snmp manager. When processing modi...
Page 232
226 index: index of group. Tick the checkbox to enable the recordset. Group name: a group name is given to a group of users and is used when managing their access rights. Security model: assign security model for group. Security name: assign security name for group. This field will obtain from the ‘...
Page 233
227 the access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: index of access. Tick the checkbox to enable recordset. Group: returned and lookup the ‘group name’ from the group table. Security model: s...
Page 234
228 figure 3-10-37 trap items enable/disable which trap items to send. Figure 3-10-38 3.10.8 tools command ping it runs ping command to test the connection capability of this device with the other ethernet device. Figure 3-10-39 3.10.9 log out user can manually logout by click on . Figure 3-10-40
Page 235
229 caution the part 15 radio device operates on a non-interference basis with other devices operating at this frequency when using integrated antennas. Any changes or modification to the product not expressly approved by original manufacture could void the user's authority to operate this device. C...