- DL manuals
- Proxim
- Wireless Access Point
- ORiNOCO AP-4000
- User Manual
Proxim ORiNOCO AP-4000 User Manual
Summary of ORiNOCO AP-4000
Page 1
Orinoco ap-4000 series access points user guide.
Page 2
Ap-4000 series user guide 2 copyright © 2005 proxim corporation. All rights reserved. Covered by one or more of the following u.S. Patents: 5,231,634; 5,875,179; 6,006,090; 5,809,060; 6,075,812; 5,077,753. This user’s guide and the software described in it are copyrighted with all rights reserved. N...
Page 3: Contents
Ap-4000 series user guide 3 contents 1 introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 products covered in this user guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 4
Contents ap-4000 series user guide 4 3 system status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 4 advanced configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ....
Page 5
Contents ap-4000 series user guide 5 configuring radius profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 mac access control via radius authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 6
Contents ap-4000 series user guide 6 connectivity issues. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 basic software setup and configuration problems . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 7
Contents ap-4000 series user guide 7 bridge parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 radius parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ....
Page 8
Ap-4000 series user guide 8 ask a question or open an issue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 other adapter cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 9: Introduction
9 ap-4000 series user guide 1 introduction this chapter contains information on the following: • products covered in this user guide • document conventions • introduction to wireless networking • mesh networking (ap-4000m/4900m only) • guidelines for roaming • ieee 802.11 specifications • management...
Page 10
Introduction ap-4000 series user guide introduction to wireless networking 10 introduction to wireless networking an access point extends the capability of an existing ethernet network to devices on a wireless network. Wireless devices can connect to a single access point, or they can move between m...
Page 11
Introduction ap-4000 series user guide mesh networking (ap-4000m/4900m only) 11 mesh networking (ap-4000m/4900m only) using the orinoco mesh creation protocol (omcp), the ap-4000m and ap-4900m support structured mesh networking. For information on converting an ap-4000 into an ap-4000m to enable mes...
Page 12
Introduction ap-4000 series user guide mesh networking (ap-4000m/4900m only) 12 are discovered, map2 through map8 will build a neighbor table from the beacons and probe responses they receive. The neighbor table contains three kinds of links: • active: link with a mesh neighbor that has gone through...
Page 13
Introduction ap-4000 series user guide mesh networking (ap-4000m/4900m only) 13 from map4 to mp1 fails, map4 can still reach the backbone via map3 and map2. The same goes for other maps that discover each other. After a short while, the network in this example will look like figure 1-4 , where solid...
Page 14
Introduction ap-4000 series user guide guidelines for roaming 14 – 18 mbps throughput is available at the portal (max is 25 mbps, but aps will back off as distance between them increases). – 20 wireless clients are supported per ap. – average utilization (time that a client is actually transferring ...
Page 15
Introduction ap-4000 series user guide ieee 802.11 specifications 15 • in countries that require passive scanning for mesh, the roam time may be higher. • when an ap-4000m/4900m is mounted in a vehicle and is being used in a mesh network, there will be limited connectivity when the vehicle is moving...
Page 16
Introduction ap-4000 series user guide management and monitoring capabilities 16 users enter command statements, composed of cli commands and their associated parameters. Statements may be issued from the keyboard for real time control, or from scripts that automate configuration. For example, when ...
Page 17
Introduction ap-4000 series user guide management and monitoring capabilities 17 • privacy (a.K.A encryption): protects against disclosure of message payload. • access control: controls and authorizes access to managed objects. The default snmpv3 username is administrator, with sha authentication, a...
Page 18
18 ap-4000 series user guide 2 installation and initialization this chapter contains information on the following: • ap-4000 series hardware description – overview – antennas – active ethernet – led indicators • prerequisites – general prerequisites – mesh prerequisites • product package • system re...
Page 19
Installation and initialization ap-4000 series user guide ap-4000 series hardware description 19 the ap-4000/4000m/4900m includes a a power jack, a 10/100 base-t ethernet port, and an rs-232 serial data communication port. The ap includes an optional security cover that can be installed to protect a...
Page 20
Installation and initialization ap-4000 series user guide ap-4000 series hardware description 20 figure 2-2 ap-4000/4000m/4900m antenna connectors connectors 1 and 2 are for the 802.11b/g radio; connectors 3 and 4 are for the 802.11a radio. When the ap is mounted on a wall, connectors 1 and 4 corres...
Page 21
Installation and initialization ap-4000 series user guide ap-4000 series hardware description 21 • the active ethernet (ae) integrated module receives ~48 vdc over a standard category 5 ethernet cable. • to use active ethernet, you must have an ae hub (also known as a power injector) connected to th...
Page 22
Installation and initialization ap-4000 series user guide prerequisites 22 prerequisites general prerequisites before installing an ap-4000/4000m/4900m, you need to gather certain network information. The following table identifies the information you need. Network name (ssid of the wireless cards) ...
Page 23
Installation and initialization ap-4000 series user guide prerequisites 23 mesh prerequisites before setting up a mesh network, gather the following information: mesh mode the mode in which the ap will be used. If the ap will be connected directly to the wired backbone, it should be configured for m...
Page 24
Installation and initialization ap-4000 series user guide product package 24 product package each ap-4000/4000m/4900m comes with the following: • ap-4000/4000m/4900m unit (with integrated 802.11a radio and 802.11b/g radio, and active ethernet) • power adapter • one ceiling or wall mounting plate • s...
Page 25
Installation and initialization ap-4000 series user guide hardware installation 25 hardware installation required materials • ap-4000/4000m/ap-4900m unit • mounting bracket with screws • power adapter • security cover • quick start flyer perform the following procedures to install the ap hardware: •...
Page 26
Installation and initialization ap-4000 series user guide hardware installation 26 2. Attach one end of an ethernet cable to the ap's lan port (the center port, labeled “lan”) and the other end to a network hub or switch. 3. Optionally, connect an rs-232 cable to the rs-232 console port (the right p...
Page 27
Installation and initialization ap-4000 series user guide hardware installation 27 once you have chosen a final location for your unit, mount the ap-4000/4000m/4900m to a wall, to a t-bar ceiling, or in a vehicle as described below. Mounting the ap-4000/4000m/4900m to a ceiling 1. Attach the mountin...
Page 28
Installation and initialization ap-4000 series user guide hardware installation 28 installing external antennas you can optionally install external antennas on the ap-4000/4000m/4900m. For information on the ap’s antenna functionality, see antennas . Follow the mounting instructions included with yo...
Page 29
Installation and initialization ap-4000 series user guide hardware installation 29 figure 2-7 ap-4000/4000m/4900m antenna connectors 3. If installing a second external antenna on a radio, connect the antenna cable to connector 2 (802.11b/g radio) or connector 3 (802.11a radio). 4. Close the external...
Page 30
Installation and initialization ap-4000 series user guide hardware installation 30 cables must comply with certain safety requirements, such as underwriter labs (ul) standard 2043: “standard for fire test for heat and visible smoke release for discrete products and their accessories installed in air...
Page 31
Installation and initialization ap-4000 series user guide initialization 31 initialization the following sections detail how to initialize the ap using scantool, log in to the http interface, perform an initial configuration of the ap using the setup wizard, and download the required ap software. • ...
Page 32
Installation and initialization ap-4000 series user guide initialization 32 note: if your computer has more than one network adapter installed, you will be prompted to select the adapter that you want scantool to use before the scan list appears. If prompted, select an adapter and click ok. You can ...
Page 33
Installation and initialization ap-4000 series user guide initialization 33 figure 2-10 scan tool change screen c. Set ip address type to static . D. Enter a static ip address for the ap in the field provided. You must assign the unit a unique address that is valid on your ip subnet. Contact your ne...
Page 34
Installation and initialization ap-4000 series user guide initialization 34 – click ok twice to save your changes and return to internet explorer. 3. Enter the access point’s ip address in the browser’s address field and press enter or go. This is either the dynamic ip address assigned by a network ...
Page 35
Installation and initialization ap-4000 series user guide initialization 35 figure 2-12 system status screen the buttons on the left of the screen provide access to the monitoring and configuration options for the ap. See advanced configuration to begin configuring the ap without using the setup wiz...
Page 36
Installation and initialization ap-4000 series user guide initialization 36 setup wizard instructions 1. Click setup wizard to begin. The setup wizard supports the following navigation options: • save & next button: each setup wizard screen has a save & next button. Click this button to submit any c...
Page 37
Installation and initialization ap-4000 series user guide initialization 37 — auto channel select: by default, the ap scans the area for other access points and selects the best available communication channel, either a free channel (if available) or the channel with the least amount of interference...
Page 38
Installation and initialization ap-4000 series user guide initialization 38 2. If prompted, create an account to gain access. Note: the knowledgebase is available to all website visitors. First-time users will be asked to create an account to gain access. 3. Click search knowledgebase. 4. In the sea...
Page 39
Installation and initialization ap-4000 series user guide initialization 39 5. Click ok to continue with the operation or cancel to abort the operation. 6. If the operation is unsuccessful, you will receive an error message. If this occurs, see the troubleshooting chapter or attempt installing the s...
Page 40
Installation and initialization ap-4000 series user guide related topics 40 install updates from your tftp server using the cli 1. Download the latest software to http://support.Proxim.Com (knowledgebase answer id 1250). See download the software for instructions). 1. Copy the latest software update...
Page 41: System Status
41 ap-4000 series user guide 3 system status the first screen displayed after logging in is the system statusscreen. You can always return to this screen by clicking the status button. Figure 3-1 system status screen the system status screen provides the following information: • system status: this ...
Page 42: Advanced Configuration
42 ap-4000 series user guide 4 advanced configuration this chapter contains information on configuring settings in the following categories: • system : configure specific system information such as system name and contact information. • network: configure ip, dns client, dhcp server, dhcp relay agen...
Page 43
Advanced configuration ap-4000 series user guide 43 figure 4-1 configure main screen 2. Click the tab that corresponds to the parameter you want to configure. For example, click network to configure the access point’s tcp/ip settings. Each configure tab is described in the remainder of this chapter..
Page 44
Advanced configuration ap-4000 series user guide system 44 system you can configure and view the following parameters within the system configuration screen: • name: the name assigned to the ap. See the dynamic dns support and access point system naming convention sections for rules on naming the ap...
Page 45
Advanced configuration ap-4000 series user guide system 45 access point system naming convention the access point's system name is used as its host name. In order to prevent access points with default configurations from registering similar host names in dns, the default system name of the access po...
Page 46
Advanced configuration ap-4000 series user guide network 46 network the network tab contains the following sub-tabs: • ip configuration • dhcp server • dhcp relay agent • link integrity • sntp (simple network time protocol) ip configuration this tab is used to configure the internet (tcp/ip) setting...
Page 47
Advanced configuration ap-4000 series user guide network 47 basic ip parameters • ip address assignment type: set this parameter to dynamic to configure the access point as a dynamic host configuration protocol (dhcp) client; the access point will obtain ip settings from a network dhcp server automa...
Page 48
Advanced configuration ap-4000 series user guide network 48 figure 4-4 dhcp server configuration screen you can configure and view the following parameters within the dhcp server configuration screen: note: you must reboot the access point before changes to any of these dhcp server parameters take e...
Page 49
Advanced configuration ap-4000 series user guide network 49 – status: ip pools are enabled upon entry in the table. You can also disable or delete entries by changing this field’s value. Note: you must reboot the access point before changes to any of these dhcp server parameters take effect. Dhcp re...
Page 50
Advanced configuration ap-4000 series user guide network 50 figure 4-6 dhcp server ip address table - edit entries to add an entry, enter the ip address of the dhcp server and a comment (optional), and click ok. To edit an entry, make changes to the appropriate entry. Enable or disable the entry by ...
Page 51
Advanced configuration ap-4000 series user guide network 51 figure 4-7 link integrity configuration screen sntp (simple network time protocol) sntp allows a network entity to communicate with time servers in the network/internet to retrieve and synchronize time of day information. When this feature ...
Page 52
Advanced configuration ap-4000 series user guide network 52 figure 4-8 sntp configuration screen you can configure and view the following parameters within the sntp screen: • sntp status: select enable or disable from the drop-down menu. The selected status will determine which of the parameters on ...
Page 53
Advanced configuration ap-4000 series user guide network 53 – year: enter the current year. – month: enter the month in digits (1-12). – day: enter the day in digits (1-31). – hour: enter the hour in digits (0-23). – minutes: enter the minutes in digits (0-59). – seconds: enter the seconds in digits...
Page 54
Advanced configuration ap-4000 series user guide interfaces 54 interfaces from the interfaces tab, you configure the access point’s operational mode settings, power control settings, wireless interface settings and ethernet settings. You may also configure a wireless distribution system for ap-to-ap...
Page 55
Advanced configuration ap-4000 series user guide interfaces 55 • 802.11g only mode: the radio is optimized to communicate with 802.11g devices. This setting will provide the best results if this radio interface will only communicate with 802.11g devices. • 802.11b/g mode: this is the default mode. U...
Page 56
Advanced configuration ap-4000 series user guide interfaces 56 the wireless nic determines the regulatory domain the ap is operating in. If the ap has dual wireless nics, the nic in slot a determines the regulatory domain. Depending on the regulatory domain, a default country code is chosen that is ...
Page 57
Advanced configuration ap-4000 series user guide interfaces 57 wireless-a (802.11a radio) and wireless-b (802.11b/g radio) figure 4-10 wireless interface a.
Page 58
Advanced configuration ap-4000 series user guide interfaces 58 you can view and configure the following parameters for the wireless-a and wireless-b interfaces: note: you must reboot the access point before any changes to these parameters take effect. • physical interface type: for wireless interfac...
Page 59
Advanced configuration ap-4000 series user guide interfaces 59 – for 802.11b/g -- auto fallback, 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 mbits/sec – for 802.11g-wifi -- auto fallback, 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 mbits/sec note: 802.11g-wifi has been defined for wi-fi testing purp...
Page 60
Advanced configuration ap-4000 series user guide interfaces 60 affected countries japan is certified in the telec regulatory domain for operation in the 5 ghz band. The following countries are certified in the etsi regulatory domain for operation in the 5 ghz band: rts/cts medium reservation the 802...
Page 61
Advanced configuration ap-4000 series user guide interfaces 61 • enable the transmission and reception of frames on that wireless interface • enable the associated bss port on that interface • start the ap services to wireless clients • indicate the wireless service resume status of the wireless int...
Page 62
Advanced configuration ap-4000 series user guide interfaces 62 4. Set blacklist status to enable. Figure 4-12 channel blacklist table - edit screen note: in the ap-4000/4000m/4900m, wireless service can be shut down/resumed on each wireless interface individually. Wireless distribution system (wds) ...
Page 63
Advanced configuration ap-4000 series user guide interfaces 63 bridging wds each wds link is mapped to a logical wds port on the ap. Wds ports behave like ethernet ports rather than like standard wireless interfaces: on a bss port, an access point learns by association and from frames; on a wds or e...
Page 64
Advanced configuration ap-4000 series user guide interfaces 64 5. Click the edit button to update the wireless distribution system (wds) table. Figure 4-15 adding wds links 6. Select whether to use encryption in the wds by checking the enable wds security mode checkbox. 7. If you enabled wds securit...
Page 65
Advanced configuration ap-4000 series user guide interfaces 65 figure 4-16 ethernet sub-tab for best results, proxim recommends that you configure the ethernet setting to match the speed and transmission mode of the device the access point is connected to (such as a hub or switch). If in doubt, leav...
Page 66
Advanced configuration ap-4000 series user guide interfaces 66 mesh (ap-4000m/ap-4900m only) mesh functionality can be enabled on only one of the ap’s wireless interfaces. When configured for mesh, the ap’s wireless interface simultaneously functions as a mesh link and as a radio to service clients....
Page 67
Advanced configuration ap-4000 series user guide interfaces 67 – for a mesh ap, one uplink and up to 5 downlink connections are supported. For more information on mesh, see mesh networking (ap-4000m/4900m only) . Mesh software kit the mesh software kit (purchased seperately) converts an ap-4000 unit...
Page 68
Advanced configuration ap-4000 series user guide management 68 management the management tab contains the following sub-tabs: • passwords • ip access table • services • automatic configuration (autoconfig) • hardware configuration reset (chrd) passwords you can configure the following passwords: • s...
Page 69
Advanced configuration ap-4000 series user guide management 69 ip access table the management ip access table limits in-band management access to the ip addresses or range of ip addresses specified in the table. This feature applies to all management services (snmp, http, and cli) except for cli man...
Page 70
Advanced configuration ap-4000 series user guide management 70 • secure management status: enables the further configuration of https access, snmpv3, and secure shell (ssh). After enabling secure management, you can choose to configure https (ssl) and secure shell access on the services tab, and to ...
Page 71
Advanced configuration ap-4000 series user guide management 71 figure 4-19 management services configuration screen.
Page 72
Advanced configuration ap-4000 series user guide management 72 telnet configuration settings • telnet interface bitmask: select the interface (ethernet, wireless-slot a, wireless-slot b, all interfaces) from which you can manage the ap via telnet. This parameter can also be used to disable telnet ma...
Page 73
Advanced configuration ap-4000 series user guide management 73 note: when secure management is enabled on the ap, ssh will be enabled by default and cannot be disabled. Host keys must either be generated externally and uploaded to the ap (see uploading externally generated host keys ), generated man...
Page 74
Advanced configuration ap-4000 series user guide management 74 serial configuration settings the serial port interface on the ap is enabled at all times. See setting ip address using serial port for information on how to access the cli interface via the serial port. You can configure and view the fo...
Page 75
Advanced configuration ap-4000 series user guide management 75 • radius profile for management access control: specifies the radius profile to be used for radius based management access. • local user status: enables or disables the local user when radius based management is enabled. The default loca...
Page 76
Advanced configuration ap-4000 series user guide management 76 figure 4-21 automatic configuration screen set up automatic configuration for dynamic ip perform the following procedure to enable and set up automatic configuration when you have a dynamic ip address for the tftp server via dhcp. The co...
Page 77
Advanced configuration ap-4000 series user guide management 77 figure 4-22 dhcp options: setting the boot server host name 4. Add the boot server hostname and boot filename parameters to the active options list. 5. Set the value of the boot server hostname parameter to the hostname or ip address of ...
Page 78
Advanced configuration ap-4000 series user guide management 78 ap is not protected, an unauthorized person could reset the ap to factory defaults and thus gain control of the ap. The user can disable the hardware configuration reset functionality to prevent unauthorized access. The hardware configur...
Page 79
Advanced configuration ap-4000 series user guide management 79 2. Check (enable) or uncheck (disable) the enable hardware configuration reset checkbox. 3. Change the default configuration reset password in the “configuration reset password” and “confirm” fields. 4. Click ok. 5. Reboot the ap. Note: ...
Page 80
Advanced configuration ap-4000 series user guide filtering 80 filtering the access point’s packet filtering features help control the amount of traffic exchanged between the wired and wireless networks. There are four sub-tabs under the filtering heading: • ethernet protocol • static mac • advanced ...
Page 81
Advanced configuration ap-4000 series user guide filtering 81 each mac address or mask is comprised of 12 hexadecimal digits (0-9, a-f) that correspond to a 48-bit identifier. (each hexadecimal digit represents 4 bits (0 or 1).) taken together, a mac address/mask pair specifies an address or a range...
Page 82
Advanced configuration ap-4000 series user guide filtering 82 • wireless client 2: 00:02:2d:51:32:12 • wireless client 3: 00:20:a6:12:4e:38 prevent two specific devices from communicating configure the following settings to prevent the wired server and wireless client 1 from communicating: • wired m...
Page 83
Advanced configuration ap-4000 series user guide filtering 83 • wired mac address: 01:00:5e:00:32:4b • wired mask: ff:ff:ff:ff:ff:ff • wireless mac address: 00:00:00:00:00:00 • wireless mask: 00:00:00:00:00:00 result: the access point does not forward any packets that have a destination address of 0...
Page 84
Advanced configuration ap-4000 series user guide filtering 84 4. Set the destination port number (a value between 1 and 65535) to filter. See the iana web site at http://www.Iana.Org/assignments/port-numbers for a list of assigned port numbers and their descriptions. 5. Set the port type for the pro...
Page 85
Advanced configuration ap-4000 series user guide alarms 85 alarms the alarms tab has the following sub-tabs: • groups • alarm host table • syslog • rogue scan groups alarm groups can be enabled or disabled via the web interface. Place a check mark in the box provided to enable a specific group. Remo...
Page 86
Advanced configuration ap-4000 series user guide alarms 86 security trap group wireless interface/card trap group operational trap group trap name description severity level oritrapinvalidencryptionkey invalid encryption key has been detected. Critical oritrapauthenticationfailure client authenticat...
Page 87
Advanced configuration ap-4000 series user guide alarms 87 flash memory trap group oritrapdhcpfailed response to the dhcp client request not received; device not dynamically assigned an ip address major oritrapdnsclientlookupfailure dns client attempts to resolve a specified hostname (dns lookup) an...
Page 88
Advanced configuration ap-4000 series user guide alarms 88 tftp trap group image trap group sntp trap group generic trap group a generic snmp trap may be sent for any of the following reasons: system feature/license group in addition, the ap supports these standard traps, which are always enabled: t...
Page 89
Advanced configuration ap-4000 series user guide alarms 89 rfc 1215-trap bridge mib (rfc 1493) alarms all these alarm groups correspond to system alarms that are displayed in the system status screen , including the traps that are sent by the ap to the snmp managers specified in the alarm host table...
Page 90
Advanced configuration ap-4000 series user guide alarms 90 syslog the syslog messaging system enables the ap to transmit event messages to a central server for monitoring and troubleshooting. The access point logs “session start (log-in)” and “session stop (log-out)” events for each wireless client ...
Page 91
Advanced configuration ap-4000 series user guide alarms 91 • syslog lowest priority logged: the ap will send event messages to the syslog server that correspond to the selected priority number and any priority numbers below it. For example, if set to 6, the ap will transmit event messages labeled pr...
Page 92
Advanced configuration ap-4000 series user guide alarms 92 client login authentication status 6 informational client logs in/authenticates. Message includes: • client mac address • authentication type = none, acl, radius mac, 802.1x • cipher type = none, wep, tkip, aes • status = allow, deny • ssid ...
Page 93
Advanced configuration ap-4000 series user guide alarms 93 rogue scan the rogue scan feature provides an additional security level for wireless lan deployments. Rogue scan uses the selected wireless interface(s) for scanning its coverage area for access points and clients. A centralized network mana...
Page 94
Advanced configuration ap-4000 series user guide alarms 94 figure 4-27 preventing rogue ap attacks the figure above shows client 1 connected to a trusted ap and client 2 connected to a rogue ap. The trusted ap scans the networks, detects client 2, and notifies the network manager. The network manage...
Page 95
Advanced configuration ap-4000 series user guide alarms 95 throughput. The optimum value for this parameter during background scanning mode is 20ms.The channel scan time is calculated from the scan cycle time parameter and the number of channels in the scan channel list as follows: intra-channel sca...
Page 96
Advanced configuration ap-4000 series user guide alarms 96 7. Configure the scan results trap notification mode to control the notification behavior when aps or stations are detected in a scan: • no notification • notify ap • notify client • notify all (notify both ap and client detection) 8. Config...
Page 97
Advanced configuration ap-4000 series user guide bridge 97 bridge the ap is a bridge between your wired and wireless networking devices. As a bridge, the functions performed by the ap include: • mac address learning • forward and filtering decision making • spanning tree protocol used for loop avoid...
Page 98
Advanced configuration ap-4000 series user guide bridge 98 figure 4-29 spanning tree sub-tab storm threshold storm threshold is an advanced bridge setup option that you can use to protect the network against data overload by: • specifying a maximum number of frames per second as received from a sing...
Page 99
Advanced configuration ap-4000 series user guide bridge 99 • wireless threshold: enter the maximum allowed number of packets per second. Intra bss the wireless clients (or subscribers) that associate with a certain ap form the basic service set (bss) of a network infrastructure. By default, wireless...
Page 100
Advanced configuration ap-4000 series user guide qos 100 qos wireless multimedia extensions (wme)/quality of service (qos) the ap supports wireless multimedia enhancements which defines an intermediate solution for qos functionality until the ieee 802.11e specification is formally approved. Wme is b...
Page 101
Advanced configuration ap-4000 series user guide qos 101 2. To enable qos, check the enable quality of service checkbox. 3. Configure the qos maximum medium threshold for all admission controls. Admission will be granted if the new requested traffic stream and already admitted time is less than the ...
Page 102
Advanced configuration ap-4000 series user guide qos 102 8. Select whether to enable qos marking. 9. Click ok. Priority mapping use this page to configure qos 802.1p to 802.1d priority mappings (for layer 2 policies) and ip dscp to 802.1d priority mappings (for layer 3 policies). The first entry in ...
Page 103
Advanced configuration ap-4000 series user guide qos 103 figure 4-33 add priority mapping entry 3. Select the 802.1p priority (from 0-7) for 802.1d priorities 0-7. 4. Click ok. 5. Click add in the ip precedence/dscp ranges and 802.1d priority table. 6. Select the ip dscp range for each 802.1d priori...
Page 104
Advanced configuration ap-4000 series user guide qos 104 perform the following procedure to configure the station and ap edca tables. 1. Click configure > qos > edca. Figure 4-34 edca tables 2. Click edit and configure the following parameters in each table: note: changes to edca parameters require ...
Page 105
Advanced configuration ap-4000 series user guide qos 105 • tx op limit: the transmission opportunity limit. The tx op is an interval of time during which a particular qos enhanced client has the right to initiate a frame exchange sequence onto the wireless medium. The tx op limit defines the upper l...
Page 106
Advanced configuration ap-4000 series user guide radius profiles 106 radius profiles configuring radius profiles on the ap allows the administrator to define a profile for radius servers used by the system or by a vlan. The network administrator can define radius servers per authentication mode and ...
Page 107
Advanced configuration ap-4000 series user guide radius profiles 107 figure 4-35 radius servers per vlan this figure shows a network with separate authentication servers for each authentication type and for each vlan. The clients in vlan 1 are authenticated using the authentication servers configure...
Page 108
Advanced configuration ap-4000 series user guide radius profiles 108 figure 4-36 radius server profiles adding or modifying a radius server profile perform the following procedure to add a radius server profile and to configure its parameters. 1. Click add to create a new profile. To modify an exist...
Page 109
Advanced configuration ap-4000 series user guide radius profiles 109 figure 4-37 add radius server profile • server profile name: the profile name. This is the name used to associated a vlan to the profile. See configuring security profiles . The server profile name is also used in the configure > m...
Page 110
Advanced configuration ap-4000 series user guide radius profiles 110 • destination port: enter the port number which the ap and the server will use to communicate. By default, radius servers communicate on port 1812. • server vlan id: indicates the vlan that uses this radius server profile. If vlan ...
Page 111
Advanced configuration ap-4000 series user guide radius profiles 111 note: this feature requires radius authentication using mac access control or 802.1x. Wireless clients configured in the access point’s static mac access control list are not tracked. Authentication and accounting attributes additi...
Page 112
Advanced configuration ap-4000 series user guide radius profiles 112 – number of octets (bytes) received by subscriber. • acct-output-octets – number of octets (bytes) sent by subscriber. • acct-input-packets – number of packets received by subscriber. • acct-output-packets – number of packets sent ...
Page 113
Advanced configuration ap-4000 series user guide ssid/vlan/security 113 ssid/vlan/security the ap provides several security features to protect your network from unauthorized access. This section gives an overview of vlans and then discusses the ssid/vlan/security configuration options in the ap: • ...
Page 114
Advanced configuration ap-4000 series user guide ssid/vlan/security 114 figure 4-38 components of a typical vlan vlan workgroups and traffic management access points that are not vlan-capable typically transmit broadcast and multicast traffic to all wireless network interface cards (nics). This proc...
Page 115
Advanced configuration ap-4000 series user guide ssid/vlan/security 115 typical user vlan configurations vlans segment network traffic into workgroups, which enable you to limit broadcast and multicast traffic. Workgroups enable clients from different vlans to access different resources using the sa...
Page 116
Advanced configuration ap-4000 series user guide ssid/vlan/security 116 3. Place a check mark in the enable vlan tagging box. Provide access to a wireless host in the same workgroup the vlan feature can allow wireless clients to manage the ap. If the vlan management id matches a vlan user id, then t...
Page 117
Advanced configuration ap-4000 series user guide ssid/vlan/security 117 • eap-tunneled transport layer security (ttls): certificate-based authentication (a certificate is required on the server; a client’s username/password is tunneled to the server over a secure connection); supports automatic key ...
Page 118
Advanced configuration ap-4000 series user guide ssid/vlan/security 118 wpa is a replacement for wired equivalent privacy (wep), the encryption technique specified by the original 802.11 standard. Wep has several vulnerabilities that have been widely publicized. Wpa addresses these weaknesses and pr...
Page 119
Advanced configuration ap-4000 series user guide ssid/vlan/security 119 vlans and security profiles the ap-4000/4000m/4900m allows you to segment wireless networks into multiple sub-networks based on network name (ssid) and vlan membership. A network name (ssid) identifies a wireless network. Client...
Page 120
Advanced configuration ap-4000 series user guide ssid/vlan/security 120 2. Click add in the security profile table to create a new entry. To modify an existing profile, select the profile and click edit. To delete an existing profile, select the profile and click delete. You cannot delete a security...
Page 121
Advanced configuration ap-4000 series user guide ssid/vlan/security 121 • cipher: ccmp based on aes • 802.11i-psk station: • authentication mode: psk • cipher: ccmp based on aes • psk passphrase: an 8-63 character user-defined phrase. It is recommended a passphrase of at least 13 characters, includi...
Page 122
Advanced configuration ap-4000 series user guide ssid/vlan/security 122 figure 4-42 security profile table - add entries.
Page 123
Advanced configuration ap-4000 series user guide ssid/vlan/security 123 mac access the mac access sub-tab allows you to build a list of stations, identified by their mac addresses, authorized to access the network through the ap. The list is stored inside each ap within your network. Note that you m...
Page 124
Advanced configuration ap-4000 series user guide ssid/vlan/security 124 the same system separated per vlan. See the security profile section for more information. Each ssid can support a unique vlans. In order for the ap to support multiple ssid/vlans, vlan tagging must be enabled. These parameters ...
Page 125
Advanced configuration ap-4000 series user guide ssid/vlan/security 125 6. Enter the security profile used by the vlan in the security profile field. See the security profile section for more information. 7. Define the radius server profile configuration for the vlan/ssid: • radius mac authenticatio...
Page 126
Advanced configuration ap-4000 series user guide ssid/vlan/security 126 11.Specify a qos profile. See the enabling qos and adding qos policies section for more information. 12.If editing an entry, enable or disable the parameters on this page by electing enable or disable from the status drop-down m...
Page 127
Advanced configuration ap-4000 series user guide ssid/vlan/security 127 figure 4-47 ssid/vlan edit entries screen (vlan tagging enabled) 4. Enter a unique network name (ssid) between 1 and 32 characters. This parameter is mandatory. Note: do not use quotation marks (single or double) in the network ...
Page 128
Advanced configuration ap-4000 series user guide ssid/vlan/security 128 7. Enable or disable radius accounting on the vlan/ssid under the accounting status drop-down menu. 8. Enable or disable radius mac authentication status on the vlan/ssid under the radius authentication status drop-down menu. 9....
Page 129: Monitoring
129 ap-4000 series user guide 5 monitoring this chapter discusses the following monitoring options: • version: provides version information for the access point’s system components. • icmp: displays statistics for internet control message protocol packets sent and received by the ap. • ip/arp table:...
Page 130
Monitoring ap-4000 series user guide version 130 version from the http interface, click the monitor button and select the version tab. The list displayed provides you with information that may be pertinent when calling technical support. With this information, your technical support representative c...
Page 131
Monitoring ap-4000 series user guide icmp 131 icmp this tab provides statistical information for both received and transmitted messages directed to the ap. Not all icmp traffic on the network is counted in the icmp (internet control message protocol) statistics. Figure 5-3 icmp monitoring tab ip/arp...
Page 132
Monitoring ap-4000 series user guide learn table 132 learn table this tab displays information relating to network bridging. It reports the mac address for each node that the device has learned is on the network and the interface on which the node was detected. There can be up 10,000 entries in the ...
Page 133
Monitoring ap-4000 series user guide radius 133 radius this tab provides radius authentication, eap/802.1x authentication, and accounting information for both the primary and backup radius servers for each radius server profile. Note: separate radius servers can be configured for each radius server ...
Page 134
Monitoring ap-4000 series user guide interfaces 134 interfaces this tab displays statistics for the ethernet and wireless interfaces. Figure 5-8 interface monitoring tab (ethernet) description of interface statistics the following statistics are displayed for the ethernet interface only, either of t...
Page 135
Monitoring ap-4000 series user guide interfaces 135 • ethernet chipset (ethernet): identifies the chipset used to realize the interface. • excessive collisions (ethernet): the number of frames for which transmission fails due to excessive collisions. • failed ack count (wireless-slot a/b): the numbe...
Page 136
Monitoring ap-4000 series user guide interfaces 136 • out discards (ethernet/wireless-slot a/b): the number of error-free outbound packets chosen to be discarded to prevent their being transmitted. One possible reason for discarding such a packet could be to free up buffer space. • out errors (ether...
Page 137
Monitoring ap-4000 series user guide station statistics 137 station statistics this tab displays information on wireless clients attached to the ap and on wireless distribution system links. Enable the monitoring station statistics feature (station statistics are disabled by default) by checking ena...
Page 138
Monitoring ap-4000 series user guide station statistics 138 the following stations statistics are available through snmp: • octets received: the number of octets received from the associated wireless station (or wds link partner) by the ap. • unicast frames received: the number of unicast frames rec...
Page 139: Commands
139 ap-4000 series user guide 6 commands this chapter contains information on the following command functions: • introduction to file transfer via tftp or http : describes the available file transfer methods. • update ap via tftp: download files from a tftp server to the ap. • update ap via http: do...
Page 140
Commands ap-4000 series user guide introduction to file transfer via tftp or http 140 • uploading files (configuration, cli batch file) from the ap is called “retrieving files.” tftp file transfer guidelines a tftp server must be running and configured to point to the directory containing the file. ...
Page 141
Commands ap-4000 series user guide update ap 141 update ap update ap via tftp use the update ap via tftp tab to download configuration, ap image, license file, bootloader files, certificate and private key files, and cli batch file to the ap. A tftp server must be running and configured to point to ...
Page 142
Commands ap-4000 series user guide update ap 142 – ssh private key: the private key in ssh communications. See secure shell (ssh) settings for more information. – cli batch file: a cli batch file that contains cli commands to configure the ap. This file will be executed by the ap immediately after b...
Page 143
Commands ap-4000 series user guide retrieve file 143 a warning message gets displayed that advises the user that a reboot of the device will be required for changes to take effect. Figure 6-4 warning message 4. Click ok to continue with the operation or cancel to abort the operation. Note: an http f...
Page 144
Commands ap-4000 series user guide retrieve file 144 – double-click the tftp server icon on your desktop and locate the ip address assigned to the tftp server. • file name: enter the name of the file to be uploaded. • file type: select the type of file to be uploaded: config file, cli batch file, or...
Page 145
Commands ap-4000 series user guide retrieve file 145 click on the retrieve file button to initiate the operation. Figure 6-8 retrieve file via http command screen a confirmation message is displayed, asking if the user wants to proceed with retrieving the file. Figure 6-9 retrieve file confirmation ...
Page 146
Commands ap-4000 series user guide reboot 146 on clicking the save button the save aswindow displays, where the user is prompted to choose the filename and location where the file is to be downloaded. Select an appropriate filename and location and click ok. Reboot use the reboot tab to save configu...
Page 147
Commands ap-4000 series user guide help link 147 help link use the help tab to configure the location of the ap help files. During initialization, the ap on-line help files are downloaded to the default location: c:/program files/orinoco/ap4xxxx/html/index.Htm. To enable the help button on each page...
Page 148: Troubleshooting
148 ap-4000 series user guide 7 troubleshooting this chapter provides information on the following: • troubleshooting concepts • symptoms and solutions • recovery procedures • related applications note: this section helps you locate problems related to the ap device setup. For details about radius, ...
Page 149
Troubleshooting ap-4000 series user guide symptoms and solutions 149 serial link does not work 1. Make sure you are using a standard, straight-through, 9-pin serial cable. 2. Double-check the physical network connections. 3. Make sure your pc terminal program (such as hyperterminal) is active and co...
Page 150
Troubleshooting ap-4000 series user guide symptoms and solutions 150 6. Perform the reset to factory default procedure in this guide. This will reset the unit to “dhcp” mode. If there is a dhcp server on the network, the dhcp server will assign an ip address to the ap. Http interface or telnet inter...
Page 151
Troubleshooting ap-4000 series user guide symptoms and solutions 151 client pc card does not work 1. Make sure you are using the latest pc card driver software. 2. Download and install the latest orinoco client software from http://support.Proxim.Com . Intermittent loss of connection 1. Make sure yo...
Page 152
Troubleshooting ap-4000 series user guide recovery procedures 152 3. If possible, try to connect the ap to a different ae hub. 4. Try using a different ethernet cable – if it works, there is probably a faulty connection over the long cable, or a bad rj-45 connection. 5. Check power plug and hub. 6. ...
Page 153
Troubleshooting ap-4000 series user guide recovery procedures 153 for this procedure, you will first erase the ap image currently installed on the unit and then use either scantool or the bootloader cli (over the serial port) to set the ip address and download a new ap image. Follow these steps: 1. ...
Page 154
Troubleshooting ap-4000 series user guide recovery procedures 154 the access point will reboot and the download will begin automatically. You should see downloading activity begin after a few seconds within the tftp server’s status screen. 11.Click ok when prompted that the device has been updated s...
Page 155
Troubleshooting ap-4000 series user guide recovery procedures 155 [device name]> reboot example: [device name]> show [device name]> set ipaddrtype static [device name]> set ipaddr 10.0.0.12 [device name]> set ipsubmask 255.255.255.0 [device name]> set tftpipaddr 10.0.0.20 [device name]> set tftpfile...
Page 156
Troubleshooting ap-4000 series user guide related applications 156 the terminal display shows power on self tests (post) activity, and then displays a cli prompt, similar to the example below. This process may take up to 90 seconds. [device name]> please enter password: 4. Enter the cli password (de...
Page 157
Troubleshooting ap-4000 series user guide related applications 157 tftp server the “trivial file transfer protocol” (tftp) server allows you to transfer files across a network. You can upload configuration files from the ap for backup or copying, and you can download configuration files or new softw...
Page 158: Command Line Interface (Cli)
158 ap-4000 series user guide a command line interface (cli) this section discusses the following: • general notes • command line interface (cli) variations • cli command types • using tables and strings • configuring the ap using cli commands • set basic configuration parameters using cli commands ...
Page 159
Command line interface (cli) ap-4000 series user guide general notes 159 • download vs. Upload - downloads transfer files to the access point. Uploads transfer files from the access point. The tftp server performs file transfers in both directions. • group - a logical collection of network parameter...
Page 160
Command line interface (cli) ap-4000 series user guide command line interface (cli) variations 160 command line interface (cli) variations administrators use the cli to control access point operation and monitor network statistics. The ap supports two types of cli: the bootloader cli and the normal ...
Page 161
Command line interface (cli) ap-4000 series user guide cli command types 161 figure a-2 results of “show” bootloader cli command cli command types this guide divides cli commands into two categories: operational and parameter controls. Operational cli commands these commands affect access point beha...
Page 162
Command line interface (cli) ap-4000 series user guide cli command types 162 [device-name]>? Figure a-3 result of “?” cli command example 2. Display specific commands to show all commands that start with specified letters, enter one or more letters, then ? With no space between letters and ?. [devic...
Page 163
Command line interface (cli) ap-4000 series user guide cli command types 163 example 3b. Display parameters based on letter sequence this example shows entries for parameters that start with the letter “i”. The more letters you enter, the fewer the results returned. Notice that there is no space bet...
Page 164
Command line interface (cli) ap-4000 series user guide cli command types 164 example: [device-name]>download 192.168.1.100 apimage2 img 2. Syntax to display help and usage information: [device-name]>download 3. Syntax to execute the download command using previously set (stored) tftp parameters: [de...
Page 165
Command line interface (cli) ap-4000 series user guide cli command types 165 reboot reboots access point after specified number of seconds. Specify a value of 0 (zero) for immediate reboot. [device-name]> reboot 0 [device-name]> reboot 30 search lists the parameters supported by the specified table....
Page 166
Command line interface (cli) ap-4000 series user guide cli command types 166 syntax: [device-name]>show [device-name]>show [device-name]>show examples: [device-name]>show ipaddr [device-name]>show network [device-name]>show mgmtipaccesstbl “set” cli command sets (modifies) the value of the specified...
Page 167
Command line interface (cli) ap-4000 series user guide cli command types 167 example 1 - set the access point ip address parameter syntax: [device-name]>set example: [device-name]> set ipaddr 10.0.0.12 ip address will be changed when you reboot the access point. The cli reminds you when rebooting is...
Page 168
Command line interface (cli) ap-4000 series user guide cli command types 168 example 5 - show the group parameters this example illustrates how to view all elements of a group or table. Syntax: [device-name]> show example: [device-name]>show network the cli displays network group parameters. Note sh...
Page 169
Command line interface (cli) ap-4000 series user guide using tables and strings 169 using tables and strings working with tables each table element (or parameter) must be specified, as in the example below. [device-name]>set mgmtipaccesstbl 0 ipaddr 10.0.0.10 ipmask 255.255.0.0 below are the rules f...
Page 170
Command line interface (cli) ap-4000 series user guide configuring the ap using cli commands 170 the string delimiter does not have to be used for every string object. The single quote or double quote only has to be used for string objects that contain blank space characters. If the string object be...
Page 171
Command line interface (cli) ap-4000 series user guide set basic configuration parameters using cli commands 171 • download an ap configuration file from your tftp server • backup your ap configuration file set system name, location and contact information [device-name]>set sysname sysloc [device-na...
Page 172
Command line interface (cli) ap-4000 series user guide set basic configuration parameters using cli commands 172 figure a-13 results of “show wif” cli command for an ap enable 802.11d support and set the country code perform the following command to enable 802.11d ieee 802.11d support for additional...
Page 173
Command line interface (cli) ap-4000 series user guide set basic configuration parameters using cli commands 173 enable and configure tx power control for the wireless interface(s) the tx power control feature lets the user configure the transmit power level of the card in the ap at one of four leve...
Page 174
Command line interface (cli) ap-4000 series user guide set basic configuration parameters using cli commands 174 examples: [device-name]>set wifssidtbl 3.1 ssid accesspt1 vlanid 22 ssidauth enable acctstatus enable secprofile 1 radmacprofile "mac authentication" radeapprofile "eap authentication" ra...
Page 175
Command line interface (cli) ap-4000 series user guide other network settings 175 other network settings there are other configuration settings that you may want to set for the ap. Some of them are listed below. • configure the ap as a dhcp server • configure the dns client • configure dhcp relay an...
Page 176
Command line interface (cli) ap-4000 series user guide other network settings 176 configure dhcp relay perform the following command to enable or disable dhcp relay agent status. Note: you must have at least one entry in the dhcp relay server table before you can set the dhcp relay status to enable....
Page 177
Command line interface (cli) ap-4000 series user guide other network settings 177 enable/disable closed system [device-name]>set wif closedsys shutdown/resume wireless service [device-name]>set wif wssstatus set load balancing maximum number of clients [device-name]>set wif lbmaxclients set the mult...
Page 178
Command line interface (cli) ap-4000 series user guide other network settings 178 note: see antennas for more information on internal and external antenna ports. Set the distance between aps [device-name]>set wif distaps (see below) [device-name]>reboot 0 set ethernet speed and transmission mode [de...
Page 179
Command line interface (cli) ap-4000 series user guide other network settings 179 [device-name]>set telifbitmask (see below)> choose from the following values: set communication ports [device-name]>set httpport (default is 80)> [device-name]>set telport (default is 23)> configure secure socket layer...
Page 180
Command line interface (cli) ap-4000 series user guide other network settings 180 [device-name]>set serbaudrate [device-name]>set serflowctrl [device-name]>show serial figure a-16 result of “show serial” cli command configure syslog [device-name]>set syslogpriority [device-name]>set syslogstatus [de...
Page 181
Command line interface (cli) ap-4000 series user guide other network settings 181 set radius parameters configure radius authentication servers perform the following command to configure a radius server and assign it to a vlan. The radius server profile index is specified by the index parameter and ...
Page 182
Command line interface (cli) ap-4000 series user guide other network settings 182 maximum retransmission : 3 . . . Index : 4 primary/backup : backup profile name : management access server status : notready server addressing format : ipaddr ip address/host name : 0.0.0.0 destination port : 1812 vlan...
Page 183
Command line interface (cli) ap-4000 series user guide other network settings 183 set vlan/ssid parameters enable vlan management [device-name]>set vlanstatus enable [device-name]>set vlanmgmtid [device-name]>show wifssidtbl (to review your settings) [device-name]>reboot 0 disable vlan management [d...
Page 184
Command line interface (cli) ap-4000 series user guide cli monitoring parameters 184 configure a security profile with 802.11i security mode [device-name]>set secprofiletbl secmode 802.11i rekeyint status enable example: [device-name]>set secprofiletbl 7 secmode 802.11i rekeyint 900 status enable co...
Page 185
Command line interface (cli) ap-4000 series user guide parameter tables 185 – link integrity parameters - monitor link status • interface parameters - configure wireless and ethernet settings – wireless interface parameters — channel blacklist parameters - view and configure blacklisted channels — w...
Page 186
Command line interface (cli) ap-4000 series user guide parameter tables 186 – hardware configuration reset - disable or enable hardware configuration reset and configure a configuration reset password. – other parameters - configure security profiles that define allowed security modes (wireless clie...
Page 187
Command line interface (cli) ap-4000 series user guide parameter tables 187 system parameters inventory management information note: the inventory management commands display advanced information about the ap’s installed components. You may be asked to report this information to a representative if ...
Page 188
Command line interface (cli) ap-4000 series user guide parameter tables 188 network parameters ip configuration parameters note: the ip address assignment type (ipaddrtype) must be set to static before the ip address (ipaddr), ip mask (ipmask) or default gateway ip address (ipgw) values can be enter...
Page 189
Command line interface (cli) ap-4000 series user guide parameter tables 189 dhcp server table for ip pools note: set either end ip address or width (but not both) when creating an ip address pool. Dhcp relay group the dhcp relay group allows you to enable or disable dhcp relay agent status. Dhcp rel...
Page 190
Command line interface (cli) ap-4000 series user guide parameter tables 190 sntp parameters link integrity parameters * link integrity cannot be configured when the ap is configured to function as a mesh ap. Link integrity ip target table name type value access cli parameter sntp group group n/a r s...
Page 191
Command line interface (cli) ap-4000 series user guide parameter tables 191 interface parameters wireless interface parameters the wireless interface group parameter is wif. Wireless interface a (802.11a radio) uses table index 3 and wireless interface b (802.11b/g radio) uses table index 4. Common ...
Page 192
Command line interface (cli) ap-4000 series user guide parameter tables 192 § when the ap-4900m is configured to use the 4.9 ghz public safety operational mode, antenna diversity is disabled, and antenna 3 is stati- cally configured for use. If an operational mode other than 4.9 public safety is con...
Page 193
Command line interface (cli) ap-4000 series user guide parameter tables 193 802.11b only parameters 802.11b/g only parameters name type value access cli parameter operating frequency channel integer 1 - 14; available channels vary by regulatory domain/country; see available channels rw channel multi...
Page 194
Command line interface (cli) ap-4000 series user guide parameter tables 194 * also for 802.11g-wifi mode. 802.11g-wifi has been defined for wi-fi testing purposes; it is not recommended for use in your wireless network environment. † super mode must be enabled on the wireless interface before turbo ...
Page 195
Command line interface (cli) ap-4000 series user guide parameter tables 195 channel blacklist parameters wireless distribution system (wds) parameters wireless interface ssid/vlan/profile parameters the wireless interface ssid table manages the ssids, vlans, security profiles, and radius profiles as...
Page 196
Command line interface (cli) ap-4000 series user guide parameter tables 196 wireless distribution system (wds) security table parameters the wds security table manages wds related security objects. Ethernet interface parameters radius accounting status per vlan integer enable disable rw acctstatus m...
Page 197
Command line interface (cli) ap-4000 series user guide parameter tables 197 mesh network parameters * higher rssi smoothing and roaming threshold values create a more static mesh envrironment. Lower rssi smoothing and roaming threshold values create a more dynamic mesh envrionment management paramet...
Page 198
Command line interface (cli) ap-4000 series user guide parameter tables 198 snmpv3 privacy password displaystring user defined public (default) 6 - 32 characters w snmpv3privpasswd.
Page 199
Command line interface (cli) ap-4000 series user guide parameter tables 199 http parameters * the help link must be set to an http address. Use the forward slash character ("/") rather than the backslash character ("\") when configur- ing the help link location. Telnet parameters name type value acc...
Page 200
Command line interface (cli) ap-4000 series user guide parameter tables 200 serial port parameters radius based management access parameters the radius based management access parameters allow you to enable http or telnet radius management access, enable or disable local user access, and configure t...
Page 201
Command line interface (cli) ap-4000 series user guide parameter tables 201 auto configuration parameters these parameters relate to the auto configuration feature which allows an ap to be automatically configured by downloading a specific configuration file from a tftp server during the boot up pro...
Page 202
Command line interface (cli) ap-4000 series user guide parameter tables 202 filtering parameters ethernet protocol filtering parameters ethernet filtering table identify the different filters by using the table index. Note: the filter operation type (passthru or block) applies only to the protocol f...
Page 203
Command line interface (cli) ap-4000 series user guide parameter tables 203 proxy arp parameters ip arp filtering parameters broadcast filtering table tcp/udp port filtering the following parameters are used to enable/disable the port filter feature. Tcp/udp port filtering table the following parame...
Page 204
Command line interface (cli) ap-4000 series user guide parameter tables 204 alarms parameters snmp table host table parameters when creating table entries, you may either specifying the argument name followed by argument value. Cli applies default values to the omitted arguments. Due to the nature o...
Page 205
Command line interface (cli) ap-4000 series user guide parameter tables 205 syslog parameters the following parameters configure the syslog settings. Note: when heartbeat is enabled, the ap periodically sends a message to the syslog server to indicate that it is active. The frequency with which the ...
Page 206
Command line interface (cli) ap-4000 series user guide parameter tables 206 bridge parameters spanning tree parameters spanning tree priority and path cost table storm threshold parameters name type value access cli parameter spanning tree group n/a r stp spanning tree status integer enable (default...
Page 207
Command line interface (cli) ap-4000 series user guide parameter tables 207 storm threshold table intra bss subscriber blocking the following parameters control the intra bss traffic feature, which prevent wireless clients that are associated with the same ap from communicating with each other: pack...
Page 208
Command line interface (cli) ap-4000 series user guide parameter tables 208 radius parameters general radius parameters radius server configuration parameters note: use a server name only if you have enabled the dns client functionality. See dns client for radius name resolution . Name type value ac...
Page 209
Command line interface (cli) ap-4000 series user guide parameter tables 209 security parameters mac access control parameters mac access control table rogue scan configuration table the rogue scan configuration table allows you to enable or disable rogue scan and configure the scanning parameters. 8...
Page 210
Command line interface (cli) ap-4000 series user guide parameter tables 210 security profile table the security profile table allows you to configure security profiles. A maximum of 16 security profiles are supported per wireless interface. Each security profile can be enable and configure one or mo...
Page 211
Command line interface (cli) ap-4000 series user guide parameter tables 211 vlan/ssid parameters other parameters iapp parameters note: these parameters configure the inter access point protocol (iapp) for roaming. Leave these settings at their default value unless a technical representative asks yo...
Page 212
Command line interface (cli) ap-4000 series user guide parameter tables 212 enabling qos configuring qos policies the qos group manages the qos policies: * qos must be enabled on a wireless interface before spectralink can be enabled. † a priority mapping needs to be specified for a qos policy. The ...
Page 213
Command line interface (cli) ap-4000 series user guide parameter tables 213 specifying the mapping between ip precedence/dscp ranges and 802.1d priorities the qos ip dscp to 802.1d mapping table specifies the mapping between ip precedence/dscp ranges and 802.1d priorities. Qos enhanced distributed c...
Page 214
Command line interface (cli) ap-4000 series user guide cli batch file 214 defining the qos policy used for a wireless interface ssid the qos policy object configures the qos policy to be used per wireless interface ssid. This object is part of the wireless interface ssid table; the cli command for t...
Page 215
Command line interface (cli) ap-4000 series user guide cli batch file 215 set ipaddr 11.0.0.66 set ipaddrtype static set ipsubmask 255.255.255.0 set ipgw 11.0.0.1 set wif 4 autochannel disable set wif 4 mode 1 set syslogstatus enable set sysloghbstatus enable set sysloghbinterval 5 set wif 4 netname...
Page 216: Ascii Character Chart
216 ap-4000 series user guide b ascii character chart you can configure wep encryption keys in either hexadecimal or ascii format. Hexadecimal digits are 0-9 and a-f (not case sensitive). Ascii characters are 0-9, a-f, a-f (case sensitive), and punctuation marks. Each ascii character corresponds to ...
Page 217: Specifications
217 ap-4000 series user guide c specifications • software features • hardware specifications • available channels software features the tables below list the software features available on the ap-4000 series. • number of stations per bss • management functions • advanced bridging functions • medium ...
Page 218
Specifications ap-4000 series user guide software features 218 advanced bridging functions medium access control (mac) functions * dfs is required for 802.11a aps certified in the etsi and telec regulatory domains and operating in the middle frequency band. When acs is disabled, available channels a...
Page 219
Specifications ap-4000 series user guide software features 219 ‡ support is provided for a primary and backup radius authentication server for both mac-based authentication and 802.1x authentication per vlan. § use in conjunction with wpa or 802.1x authentication. Network functions * includes fallba...
Page 220
Specifications ap-4000 series user guide hardware specifications 220 hardware specifications physical specifications dimensions (h x w x l) = 6.5 x 18.5 x 26 cm (2.5 x 7.25 x 10.25 in.) weight = 1.75 kg (3.5 lb.) electrical specifications voltage = 100 to 240 vac (50-60 hz) current = 0.2 amp power c...
Page 221
Specifications ap-4000 series user guide available channels 221 available channels available channels vary based on radio, country, and frequency band. To verify which channels are available for your product: 1. Locate the product sku on the underside of your ap unit or on the unit’s box. 2. Note th...
Page 222
Specifications ap-4000 series user guide available channels 222 ap-4900m channels channel availability in the ap-4900m depends on the operational mode. When operating in 802.11a-only, 802.11b-only, or 802.11b/g operational mode, the ap uses the channels in the following table. Additionally, when the...
Page 223
Specifications ap-4000 series user guide available channels 223 25 30 3 3 35 40 3 3 45 50 3 3 55 60 3 3 65 70 3 3 75 80 3 3 85 90 3 channel frequency band 10 mhz 20 mhz.
Page 224: Technical Support
224 ap-4000 series user guide d technical support if you are having a problem using an ap and cannot resolve it with the information in troubleshooting , gather the following information and contact your local reseller: • list of orinoco products installed on your network; include the following: – p...
Page 225
Technical support ap-4000 series user guide telephone support 225 submit a knowledgebase question or open an issue at: . Our technical support staff will reply to you by email. Note: the knowledgebase is available to all website visitors. First-time users will be asked to create an account to gain a...
Page 226: Statement of Warranty
226 ap-4000 series user guide e statement of warranty warranty coverage proxim corporation warrants that its products are manufactured solely from new parts, conform substantially to specifications, and will be free of defects in material and workmanship for a warranty period of 1 year from the date...
Page 227
Statement of warranty ap-4000 series user guide other information 227 calls to the customer service center for reasons other than product failure will not be accepted unless buyer has purchased a proxim service contract or the call is made within the first thirty (30) days of the product’s invoice d...
Page 228: Regulatory Compliance
228 ap-4000 series user guide f regulatory compliance note: please read this section before installing and using your product, and save these instructions. Visit http://support.Proxim.Com for the latest regulatory compliance information. This section contains important regulatory compliance informat...
Page 229
Regulatory compliance ap-4000 series user guide 229 please see the following sections for more information: • safety information (usa, canada, & european union) • federal communications commission (fcc) (ap-4000/4000m) • industry canada (ic) (ap-4000/4000m only) • european union (ap-4000/4000m only)...
Page 230
Regulatory compliance ap-4000 series user guide safety information (usa, canada, & european union) 230 safety information (usa, canada, & european union) this product has been evaluated to, and complies with, the safety requirements of ul60950:2000, and iec60950:1999; the standards for the safety of...
Page 231
Regulatory compliance ap-4000 series user guide federal communications commission (fcc) (ap-4000/4000m) 231 federal communications commission (fcc) (ap-4000/4000m).
Page 232
Regulatory compliance ap-4000 series user guide federal communications commission (fcc) (ap-4000/4000m) 232 warnings this equipment generates, uses, and can radiate radio frequency energy; and, if not installed and used in accordance with the instructions, may cause harmful interference to radio com...
Page 233
Regulatory compliance ap-4000 series user guide industry canada (ic) (ap-4000/4000m only) 233 industry canada (ic) (ap-4000/4000m only).
Page 234
Regulatory compliance ap-4000 series user guide european union (ap-4000/4000m only) 234 european union (ap-4000/4000m only) note: european union includes the following countries: austria, belgium, cyprus, czech republic, denmark, estonia, finland, france, germany, greece, hungary, ireland, italy, la...
Page 235
Regulatory compliance ap-4000 series user guide regulatory compliance certifications summary (ap-4000/4000m) 235 regulatory compliance certifications summary (ap-4000/4000m) * european union includes the following countries: austria, belgium, cyprus, czech republic, denmark, estonia, finland, france...