Proxim ORiNOCO AP-4000 User Manual

Other manuals for ORiNOCO AP-4000: Specifications, Specifications, Specifications, User Manual, Specification Sheet, User Manual

Page of 270

Download

Print this page

Bookmark us

ORiNOCO AP-4000, AP-4000M and AP-4900M

User Guide

1 2 3 4 5 6 7 Next › »

Summary of ORiNOCO AP-4000

Page 1
Orinoco ap-4000, ap-4000m and ap-4900m user guide.
Page 2
Ap-4000/4000m/4900m user guide 2 copyright © 2008 proxim wireless corporation. All rights reserved. Covered by one or more of the following u.S. Patents: 5,231,634; 5,875,179; 6,006,090; 5,809,060; 6,075,812; 5,077,753. This user guide and the software described in it are copyrighted with all rights...
Page 3: Contents
Ap-4000/4000m/4900m user guide 3 contents 1 introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 products covered in this user guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ....
Page 4
Ap-4000/4000m/4900m user guide 4 dynamic dns support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 5
Ap-4000/4000m/4900m user guide 5 radius servers per authentication mode and per vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 configuring radius profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 6
Ap-4000/4000m/4900m user guide 6 retrieve file via tftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 retrieve file via http . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ....
Page 7
Ap-4000/4000m/4900m user guide 7 other network settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 cli monitoring parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 8
Ap-4000/4000m/4900m user guide 8 e statement of warranty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269 warranty coverage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ....
Page 9: Introduction
9 ap-4000/4000m/4900m user guide 1 introduction this chapter contains information on the following: • products covered in this user guide • introduction to wireless networking • mesh networking • guidelines for roaming • management and monitoring capabilities products covered in this user guide this...
Page 10
Introduction ap-4000/4000m/4900m user guide introduction to wireless networking 10 figure 1-1 typical wireless network access infrastructure.
Page 11
Introduction ap-4000/4000m/4900m user guide mesh networking 11 mesh networking using the orinoco mesh creation protocol (omcp), the ap-4000/4000m/4900m supports structured mesh networking. In a mesh network, access points use their wireless interface as a backhaul to the rest of the network. Access ...
Page 12
Introduction ap-4000/4000m/4900m user guide mesh networking 12 are discovered, map2 through map8 will build a neighbor table from the beacons and probe responses they receive. The neighbor table contains three kinds of links: • active: link with a mesh neighbor that has gone through association and ...
Page 13
Introduction ap-4000/4000m/4900m user guide mesh networking 13 after a short while, the network in this example will look like figure 1-4 , where solid lines indicate active mesh links and dotted lines indicate established but inactive mesh links. Figure 1-4 mesh startup topology example – step 3 in...
Page 14
Introduction ap-4000/4000m/4900m user guide guidelines for roaming 14 – average utilization (time that a client is actually transferring data) is 10%. If the conditions on your network are different than the assumptions above, then the maximum number of aps should be adjusted accordingly. Note: clie...
Page 15
Introduction ap-4000/4000m/4900m user guide management and monitoring capabilities 15 • http/https interface • command line interface • snmp management • ssh (secure shell) management http/https interface the http interface (web browser interface) provides easy access to configuration settings and n...
Page 16
Introduction ap-4000/4000m/4900m user guide management and monitoring capabilities 16 enterprise mib for more information; the mib can be opened with any text editor, such as microsoft word, notepad, or wordpad. Snmpv3 secure management snmpv3 is based on the existing snmp framework, but addresses s...
Page 17
17 ap-4000/4000m/4900m user guide 2 installation and initialization in this chapter: • ap-4000/4000m/4900m hardware description – overview – led indicators – power-over-ethernet (poe) – antennas • prerequisites – general prerequisites – mesh prerequisites • system requirements • product package • ha...
Page 18
Installation and initialization ap-4000/4000m/4900m user guide ap-4000/4000m/4900m hardware description 18 ap-4000/4000m/4900m hardware description overview the ap-4000 and ap-4000m are tri-mode aps equipped with the following embedded radios: • one embedded 802.11a radio and one embedded 802.11b/g ...
Page 19
Installation and initialization ap-4000/4000m/4900m user guide ap-4000/4000m/4900m hardware description 19 figure 2-2 led indicators on the top panel power-over-ethernet (poe) the ap-4000/4000m/4900m is equipped with an 802.3af-compliant power-over-ethernet (poe) module. Poe delivers both data and p...
Page 20
Installation and initialization ap-4000/4000m/4900m user guide ap-4000/4000m/4900m hardware description 20 external antennas the ap-4000/4000m/4900m also has four antenna connectors, two on each radio, for use with external antennas.External antennas can be used with either radio on the ap-4000/4000...
Page 21
Installation and initialization ap-4000/4000m/4900m user guide ap-4000/4000m/4900m hardware description 21 4.9 ghz antenna on the ap-4900m, antenna connector 3 is equipped with a pigtail adaptor for connection to a 4.9 ghz antenna. When the ap-4900m is configured to operate in the 4.9 ghz public saf...
Page 22
Installation and initialization ap-4000/4000m/4900m user guide prerequisites 22 prerequisites general prerequisites before installing your unit, you need to gather certain network information. The following table identifies the information you need. Network name (ssid of the wireless cards) you must...
Page 23
Installation and initialization ap-4000/4000m/4900m user guide system requirements 23 mesh prerequisites before setting up a mesh network, gather the following information: system requirements to begin using an ap, you must have the following minimum requirements: • a 10base-t ethernet or 100base-tx...
Page 24
Installation and initialization ap-4000/4000m/4900m user guide product package 24 product package each ap-4000/4000m/4900m shipment includes the items in the following table. Verify that you have received all parts of the shipment. Note: unless noted in this table, cables are not supplied with the u...
Page 25
Installation and initialization ap-4000/4000m/4900m user guide hardware installation 25 hardware installation perform the following procedures to install the ap hardware: • attach cables • install the security cover (optional) • mount the ap-4000/4000m/4900m • power on the unit attach cables cabling...
Page 26
Installation and initialization ap-4000/4000m/4900m user guide hardware installation 26 • use a cross-over ethernet cable or adapter if you intend to connect the unit to a single computer. Figure 2-4 cabling without poe 3. Optionally, connect an rs-232 cable (not shown) to the rs-232 console port (t...
Page 27
Installation and initialization ap-4000/4000m/4900m user guide hardware installation 27 install the security cover (optional) you can optionally install a security cover to deter unauthorized access to the unit. The security cover is a plastic enclosure that prevents access to the cabling and the re...
Page 28
Installation and initialization ap-4000/4000m/4900m user guide hardware installation 28 wall mounting follow these steps to mount the unit on a wall: 1. If the unit’s power supply is plugged in, unplug it. 2. Put the mounting plate up to the wall so that the embossed letter “l” is on top (see figure...
Page 29
Installation and initialization ap-4000/4000m/4900m user guide hardware installation 29 2. Screw through the mounting plate. 3. Place the ap up against the mounting plate. Orient the ap with the long access vertical, with the connectors facing right. Power on the unit the ap can be powered by a powe...
Page 30
Installation and initialization ap-4000/4000m/4900m user guide hardware installation 30 note: ap-4000 models 8670-us2 and 8670-au do not provide external antenna connectors for 5 ghz (802.11a) operation. Figure 2-8 opening the antenna compartment 2. There are four antenna connectors in the ap-4000/4...
Page 31
Installation and initialization ap-4000/4000m/4900m user guide hardware installation 31 connecting antenna(s) to the ap-4900m for 4.9 ghz operation to attach an external antenna to the ap-4900m, attach the selected antenna to the pigtail attachment connected to the ap’s antenna connector 3 (see figu...
Page 32
Installation and initialization ap-4000/4000m/4900m user guide hardware installation 32 antenna types and maximum gain for devices using external antennas, professional installers should select only the antenna types listed in the following table, with gain not exceeding the listed maximum gain for ...
Page 33
Installation and initialization ap-4000/4000m/4900m user guide initialization 33 initialization the following sections detail how to initialize the ap using scantool, log in to the http interface, perform an initial configuration of the ap using the setup wizard, and download the required ap softwar...
Page 34
Installation and initialization ap-4000/4000m/4900m user guide initialization 34 note: if your access point does not appear in the scan list, click the rescan button to update the display. If the unit still does not appear in the list, see troubleshooting for suggestions. Note that after rebooting a...
Page 35
Installation and initialization ap-4000/4000m/4900m user guide initialization 35 k. Click the change button to return to the change screen. L. Click the web configuration button at the bottom of the change screen. M. Proceed to the logging in section for information on how to access the http interfa...
Page 36
Installation and initialization ap-4000/4000m/4900m user guide initialization 36 figure 2-14 system status screen the buttons on the left of the screen provide access to the monitoring and configuration options for the ap. See advanced configuration to begin configuring the ap manually. You can also...
Page 37
Installation and initialization ap-4000/4000m/4900m user guide initialization 37 • save & next button: each setup wizard screen has a save & next button. Click this button to submit any changes you made to the unit’s parameters and continue to the next page. The instructions below describe how to na...
Page 38
Installation and initialization ap-4000/4000m/4900m user guide initialization 38 — primary network name (ssid): enter a network name (between 1 and 32 characters long) for the wireless network. You must configure each wireless client to use this name as well. Note that the unit supports up to 16 ssi...
Page 39
Installation and initialization ap-4000/4000m/4900m user guide initialization 39 download the software 1. In your web browser, go to http://support.Proxim.Com. 2. If prompted, create an account to gain access. Note: the knowledgebase is available to all website visitors. First-time users will be ask...
Page 40
Installation and initialization ap-4000/4000m/4900m user guide initialization 40 figure 2-17 warning message 5. Click ok to continue with the operation or cancel to abort the operation. 6. If the operation is unsuccessful, you will receive an error message. If this occurs, see the troubleshooting ch...
Page 41
Installation and initialization ap-4000/4000m/4900m user guide initialization 41 4. Enter the ip address of your tftp server in the field provided. 5. Enter the file name (including the file extension). If the file is located in the default tftp directory, you need enter only the file name. Otherwis...
Page 42: System Status
42 ap-4000/4000m/4900m user guide 3 system status the first screen displayed after logging in is the system status screen. You can always return to this screen by clicking the status button. Figure 3-1 system status screen the system status screen provides the following information: • system status:...
Page 43: Advanced Configuration
43 ap-4000/4000m/4900m user guide 4 advanced configuration this chapter contains information on configuring settings in the following categories: • system : configure specific system information such as system name and contact information. • network: configure ip, dns client, dhcp server, dhcp relay...
Page 44
Advanced configuration ap-4000/4000m/4900m user guide 44 figure 4-1 configure main screen 2. Click the tab that corresponds to the parameter you want to configure. For example, click network to configure the access point’s tcp/ip settings. Each configure tab is described in the remainder of this cha...
Page 45
Advanced configuration ap-4000/4000m/4900m user guide system 45 system you can configure and view the following parameters within the system configuration screen: • name: the name assigned to the ap. See the dynamic dns support and access point system naming convention sections for rules on naming t...
Page 46
Advanced configuration ap-4000/4000m/4900m user guide system 46 figure 4-2 system tab dynamic dns support dns is a distributed database mapping the user readable names and ip addresses (and more) of every registered system on the internet. Dynamic dns is a lightweight mechanism which allows for modi...
Page 47
Advanced configuration ap-4000/4000m/4900m user guide network 47 network the network tab contains the following sub-tabs: • ip configuration • dhcp server • dhcp relay agent • link integrity • sntp (simple network time protocol) ip configuration this tab is used to configure the internet (tcp/ip) se...
Page 48
Advanced configuration ap-4000/4000m/4900m user guide network 48 basic ip parameters • ip address assignment type: set this parameter to dynamic to configure the access point as a dynamic host configuration protocol (dhcp) client; the access point will obtain ip settings from a network dhcp server a...
Page 49
Advanced configuration ap-4000/4000m/4900m user guide network 49 figure 4-4 dhcp server configuration screen you can configure and view the following parameters within the dhcp server configuration screen: note: you must reboot the ap before changes to any of these dhcp server parameters take effect...
Page 50
Advanced configuration ap-4000/4000m/4900m user guide network 50 note: the default lease time cannot be larger than the maximum lease time. If you set the maximum lease time, you should also set the default lease time to ensure that the default lease time is less than the maximum. – comment (optiona...
Page 51
Advanced configuration ap-4000/4000m/4900m user guide network 51 dhcp server ip address table the ap supports the configuration of a maximum of 10 server settings in the dhcp relay agents server table. At least one server must be configured to enable dhcp relay. To add entries to the table of dhcp r...
Page 52
Advanced configuration ap-4000/4000m/4900m user guide network 52 figure 4-7 link integrity configuration screen sntp (simple network time protocol) sntp allows a network entity to communicate with time servers in the network/internet to retrieve and synchronize time of day information. When this fea...
Page 53
Advanced configuration ap-4000/4000m/4900m user guide network 53 figure 4-8 sntp configuration screen you can configure and view the following parameters within the sntp screen: • sntp status: select enable or disable from the drop-down menu. The selected status will determine which of the parameter...
Page 54
Advanced configuration ap-4000/4000m/4900m user guide network 54 – year: enter the current year. – month: enter the month in digits (1-12). – day: enter the day in digits (1-31). – hour: enter the hour in digits (0-23). – minutes: enter the minutes in digits (0-59). – seconds: enter the seconds in d...
Page 55
Advanced configuration ap-4000/4000m/4900m user guide interfaces 55 interfaces from the interfaces tab, you configure the access point’s operational mode settings, power control settings, wireless interface settings and ethernet settings. You may also configure a wireless distribution system for ap-...
Page 56
Advanced configuration ap-4000/4000m/4900m user guide interfaces 56 figure 4-10 operational mode screen (ap-4900m) the wireless-a interface operates in 802.11a mode on the ap-4000/4000m and in either 802.11a mode or 4.9 ghz public safety mode on the ap-4900m. In 4.9 ghz public safety mode, you must ...
Page 57
Advanced configuration ap-4000/4000m/4900m user guide interfaces 57 enable h band support in compliance with fcc regulations, dynamic frequency selection is required in the middle frequency band (m band: 5.26 ghz - 5.32 ghz) and high frequency band (h band: 5.470 ghz - 5.725 ghz). Dfs is enabled aut...
Page 58
Advanced configuration ap-4000/4000m/4900m user guide interfaces 58 the beacon frame contains information on the country code, the maximum allowable transmit power, and the channels to be used for the regulatory domain. The same information is transmitted in probe response frames in response to a cl...
Page 59
Advanced configuration ap-4000/4000m/4900m user guide interfaces 59 3. Enter the desired backoff from the maximum transmit power level (between 0 and 35 dbm) in the wireless-a: transmit power level back-off or wireless-b: transmit power level back-off field. 4. Click ok..
Page 60
Advanced configuration ap-4000/4000m/4900m user guide interfaces 60 wireless-a (802.11a/4.9 ghz radio) and wireless-b (802.11b/g radio) figure 4-11 wireless interface a.
Page 61
Advanced configuration ap-4000/4000m/4900m user guide interfaces 61 you can view and configure the following parameters for the wireless-a and wireless-b interfaces: note: you must reboot the access point before any changes to these parameters take effect. • physical interface type: for wireless int...
Page 62
Advanced configuration ap-4000/4000m/4900m user guide interfaces 62 – for 802.11b/g -- auto fallback, 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 mbits/sec – for 802.11g-wifi -- auto fallback, 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 mbits/sec note: 802.11g-wifi has been defined for wi-fi testing...
Page 63
Advanced configuration ap-4000/4000m/4900m user guide interfaces 63 in shutdown state, ap will not transmit and receive frames from the wireless interface and will stop transmitting periodic beacons. Moreover, none of the frames received from the ethernet interface will be forwarded to that wireless...
Page 64
Advanced configuration ap-4000/4000m/4900m user guide interfaces 64 figure 4-12 channel blacklist table 3. Click edit in the channel blacklist table 4. Set blacklist status to enable. Figure 4-13 channel blacklist table - edit screen • wireless distribution system: a wireless distribution system can...
Page 65
Advanced configuration ap-4000/4000m/4900m user guide interfaces 65 the background and triggers acs to perform an auto scan function to select the channel with lowest interference and dynamically switches to the new channel. The dcs is triggered under the following conditions: 1. Dynamic channel cha...
Page 66
Advanced configuration ap-4000/4000m/4900m user guide interfaces 66 figure 4-14 a complete interfaces page.
Page 67
Advanced configuration ap-4000/4000m/4900m user guide interfaces 67 dcs can be configured using the following interfaces: • web (http) interface • command line interface (cli) • mib (snmp) requirements web (http) interface the http interface (web browser interface) provides easy access to configurat...
Page 68
Advanced configuration ap-4000/4000m/4900m user guide interfaces 68 command line interface (cli) see the command line interface (cli) section in appendix a. Mib (snmp) requirements dcs feature can be managed and monitored by mib objects too. All the configuration parameters are present for both inte...
Page 69
Advanced configuration ap-4000/4000m/4900m user guide interfaces 69 • you cannot manually select the device’s operating channel; you must let the unit select the channel. You may make channels unavailable by manually “blacklisting” them and preventing those channels being selected, in accordance wit...
Page 70
Advanced configuration ap-4000/4000m/4900m user guide interfaces 70 transparent mode transparent mode is the default mode and is equivalent to the no vlan support. The vlan receievs both the tagged and untagged frames from the network. Transparent mode simply forwards both the tagged and untagged fr...
Page 71
Advanced configuration ap-4000/4000m/4900m user guide interfaces 71 trunk mode trunk mode works as a filter. Trunk links provide vlan identification for frames travelling between switches. Once this mode is enabled, the frames received from the wds, mesh or wireless ports are filtered and compared w...
Page 72
Advanced configuration ap-4000/4000m/4900m user guide interfaces 72 management vlan configuration trunk mode: in trunk mode if any management vlan id is configured then that management vlan id should present in trunk table, then only we can able to manage the device. Access mode : in access mode if ...
Page 73
Advanced configuration ap-4000/4000m/4900m user guide interfaces 73 web interface the http interface (web browser interface) provides easy access to configuration settings and network statistics from any computer on the network. You can access the http interface over your lan (switch, hub, etc.), ov...
Page 74
Advanced configuration ap-4000/4000m/4900m user guide interfaces 74 • when vlan mode is access, text boxes access vlan id and access vlan priority are enabled and vlan 1 to vlan 16 text boxes are disabled. • when vlan mode is mixed, all the text boxes from vlan 1 to vlan 16, access vlan id and acces...
Page 75
Advanced configuration ap-4000/4000m/4900m user guide interfaces 75 in the wds example below, ap 1 and ap 2 communicate over a wds link (represented by the blue line). This link provides client 2 with access to network resources even though ap 2 is not directly connected to the ethernet network. Pac...
Page 76
Advanced configuration ap-4000/4000m/4900m user guide interfaces 76 wds setup procedure note: you must disable auto channel select to create a wds. Each access point that is a member of the wds must have the same channel setting to communicate with each other. Note: wds and mesh functionality cannot...
Page 77
Advanced configuration ap-4000/4000m/4900m user guide interfaces 77 figure 4-20 adding wds links 6. Select which encryption method to use (if any) from the wds security mode drop-down menu. 7. If you selected a wds security mode, do one of the following: • if you selected wep: enter an encryption ke...
Page 78
Advanced configuration ap-4000/4000m/4900m user guide interfaces 78 figure 4-21 ethernet sub-tab for best results, proxim recommends that you configure the ethernet setting to match the speed and transmission mode of the device the access point is connected to (such as a hub or switch). If in doubt,...
Page 79
Advanced configuration ap-4000/4000m/4900m user guide interfaces 79 mesh mesh functionality can be enabled on only one of the ap’s wireless interfaces. When configured for mesh, the ap’s wireless interface simultaneously functions as a mesh link and as a radio to service clients. Caution: mesh mis-c...
Page 80
Advanced configuration ap-4000/4000m/4900m user guide interfaces 80 • mesh radio: select the wireless interface on which to enable mesh functionality. Select wireless interlace a (802.11a/4.9 ghz radio) or wireless interface b (802.11b/g radio). • mesh ssid: enter a unique mesh network name (ssid) b...
Page 81
Advanced configuration ap-4000/4000m/4900m user guide interfaces 81 advanced mesh parameters figure 4-23 advanced mesh parameters click on the advanced button on the interfaces > mesh page to access advanced mesh parameters. The parameters on the advanced mesh parameters page are preconfigured with ...
Page 82
Advanced configuration ap-4000/4000m/4900m user guide interfaces 82 – mesh ap: this number includes one mandatory uplink to the mesh portal, with the remaining links (up to 6) available for downlinks to mesh aps. A mobile mesh ap should be configured to 1 to allow only uplinks. – proxim recommends a...
Page 83
Advanced configuration ap-4000/4000m/4900m user guide management 83 management the management tab contains the following sub-tabs: • passwords • ip access table • services • automatic configuration (autoconfig) • hardware configuration reset (chrd) passwords passwords are stored in flash memory and ...
Page 84
Advanced configuration ap-4000/4000m/4900m user guide management 84 ip access table the management ip access table limits in-band management access to the ip addresses or range of ip addresses specified in the table. This feature applies to all management services (snmp, http, and cli) except for cl...
Page 85
Advanced configuration ap-4000/4000m/4900m user guide management 85 • secure management status: enables the further configuration of https access, snmpv3, and secure shell (ssh). After enabling secure management, you can choose to configure https (ssl) and secure shell access on the services tab, an...
Page 86
Advanced configuration ap-4000/4000m/4900m user guide management 86 figure 4-24 management services configuration screen.
Page 87
Advanced configuration ap-4000/4000m/4900m user guide management 87 telnet configuration settings • telnet interface bitmask: select the interface (ethernet, wireless-slot a, wireless-slot b, all interfaces) from which you can manage the ap via telnet. This parameter can also be used to disable teln...
Page 88
Advanced configuration ap-4000/4000m/4900m user guide management 88 note: when secure management is enabled on the ap, ssh will be enabled by default and cannot be disabled. Host keys must either be generated externally and uploaded to the ap (see uploading externally generated host keys ), generate...
Page 89
Advanced configuration ap-4000/4000m/4900m user guide management 89 serial configuration settings the serial port interface on the ap is enabled at all times. See setting ip address using serial port for information on how to access the cli interface via the serial port. You can configure and view t...
Page 90
Advanced configuration ap-4000/4000m/4900m user guide management 90 • radius profile for management access control: specifies the radius profile to be used for radius based management access. • local user status: enables or disables the local user when radius based management is enabled. The default...
Page 91
Advanced configuration ap-4000/4000m/4900m user guide management 91 figure 4-26 automatic configuration screen set up automatic configuration for dynamic ip perform the following procedure to enable and set up automatic configuration when you have a dynamic ip address for the tftp server via dhcp. T...
Page 92
Advanced configuration ap-4000/4000m/4900m user guide management 92 figure 4-27 dhcp options: setting the boot server host name 4. Add the boot server hostname and boot filename parameters to the available options list. 5. Set the value of the boot server hostname parameter to the hostname or ip add...
Page 93
Advanced configuration ap-4000/4000m/4900m user guide management 93 access to the ap is not protected, an unauthorized person could reset the ap to factory defaults and thus gain control of the ap. The user can disable the hardware configuration reset functionality to prevent unauthorized access. Th...
Page 94
Advanced configuration ap-4000/4000m/4900m user guide management 94 2. Check (enable) or uncheck (disable) the enable hardware configuration reset checkbox. 3. Change the default configuration reset password in the “configuration reset password” and “confirm” fields. 4. Click ok. 5. Reboot the ap. N...
Page 95
Advanced configuration ap-4000/4000m/4900m user guide filtering 95 filtering the access point’s packet filtering features help control the amount of traffic exchanged between the wired and wireless networks. There are four sub-tabs under the filtering heading: • ethernet protocol • static mac • adva...
Page 96
Advanced configuration ap-4000/4000m/4900m user guide filtering 96 • to add an entry, click add, and then specify the protocol number and a protocol name. – protocol number: enter the protocol number. See http://www.Iana.Org/assignments/ethernet-numbers for a list of protocol numbers. – protocol nam...
Page 97
Advanced configuration ap-4000/4000m/4900m user guide filtering 97 figure 4-33 static mac filter configuration each static mac entry contains the following fields: • wired mac address • wired mask • wireless mac address • wireless mask • comment: this field is optional. Each mac address or mask is c...
Page 98
Advanced configuration ap-4000/4000m/4900m user guide filtering 98 a maximum of 200 entries can be created in the static mac filter table. To create an entry, click add and enter the appropriate mac addresses and masks to setup a filter. The entry is enabled automatically when saved. Figure 4-34 sta...
Page 99
Advanced configuration ap-4000/4000m/4900m user guide filtering 99 prevent all wireless devices from communicating with a single wired device configure the following settings to prevent all three wireless clients from communicating with wired server 1: • wired mac address: 00:40:f4:1c:db:6a • wired ...
Page 100
Advanced configuration ap-4000/4000m/4900m user guide filtering 100 figure 4-35 advanced filter configuration the following protocols are listed in the advanced filter table: • deny ipx rip • deny ipx sap • deny ipx lsp • deny ip broadcasts • deny ip multicasts the ap can filter these protocols in t...
Page 101
Advanced configuration ap-4000/4000m/4900m user guide filtering 101 figure 4-36 static mac filter table - edit entries tcp/udp port port-based filtering enables you to control wireless user access to network services by selectively blocking tcp/udp protocols through the ap. A user specifies a protoc...
Page 102
Advanced configuration ap-4000/4000m/4900m user guide filtering 102 figure 4-37 tcp/udp port filter configuration 2. Click add under the tcp/udp port filter table heading. 3. In the tcp/udp port filter table , enter the protocol names to filter. 4. Set the destination port number (a value between 1 ...
Page 103
Advanced configuration ap-4000/4000m/4900m user guide filtering 103 figure 4-38 tcp/udp port filter table - add entries editing tcp/udp port filters 1. Click edit under the tcp/udp port filter table heading. 2. Make any changes to the protocol name or port number for a specific entry, if necessary. ...
Page 104
Advanced configuration ap-4000/4000m/4900m user guide alarms 104 alarms the alarms tab has the following sub-tabs: • groups • alarm host table • syslog • rogue scan groups alarm groups can be enabled or disabled via the web interface. Place a check mark in the box provided to enable a specific group...
Page 105
Advanced configuration ap-4000/4000m/4900m user guide alarms 105 wireless interface/card trap group operational trap group oritrapauthenticationfailure client authentication failure has occurred. Authentication failures can range from: • mac access control table • radius mac authentication • 802.1x ...
Page 106
Advanced configuration ap-4000/4000m/4900m user guide alarms 106 flash memory trap group tftp trap group image trap group oritrapdhcpfailed response to the dhcp client request not received; device not dynamically assigned an ip address major oritrapdnsclientlookupfailure dns client attempts to resol...
Page 107
Advanced configuration ap-4000/4000m/4900m user guide alarms 107 sntp trap group generic trap group a generic snmp trap may be sent for any of the following reasons: system feature/license group in addition, the ap supports these standard traps, which are always enabled: rfc 1215-trap bridge mib (rf...
Page 108
Advanced configuration ap-4000/4000m/4900m user guide alarms 108 all these alarm groups correspond to system alarms that are displayed in the system status screen , including the traps that are sent by the ap to the snmp managers specified in the alarm host table . Alarm host table to add an entry a...
Page 109
Advanced configuration ap-4000/4000m/4900m user guide alarms 109 syslog the syslog messaging system enables the ap to transmit event messages to a central server for monitoring and troubleshooting. The access point logs “session start (log-in)” and “session stop (log-out)” events for each wireless c...
Page 110
Advanced configuration ap-4000/4000m/4900m user guide alarms 110 • syslog lowest priority logged: the ap will send event messages to the syslog server that correspond to the selected priority number and any priority numbers below it. For example, if set to 6, the ap will transmit event messages labe...
Page 111
Advanced configuration ap-4000/4000m/4900m user guide alarms 111 client login authentication status 6 informational client logs in/authenticates. Message includes: • client mac address • authentication type = none, acl, radius mac, 802.1x • cipher type = none, wep, tkip, aes • status = allow, deny •...
Page 112
Advanced configuration ap-4000/4000m/4900m user guide alarms 112 rogue scan the rogue scan feature provides an additional security level for wireless lan deployments. Rogue scan uses the selected wireless interface(s) for scanning its coverage area for access points and clients. A centralized networ...
Page 113
Advanced configuration ap-4000/4000m/4900m user guide alarms 113 figure 4-41 preventing rogue ap attacks the figure above shows client 1 connected to a trusted ap and client 2 connected to a rogue ap. The trusted ap scans the networks, detects client 2, and notifies the network manager. The network ...
Page 114
Advanced configuration ap-4000/4000m/4900m user guide alarms 114 rogue scan data collection the ap stores information gathered about detected stations during scanning in a rogue scan result table. The rogue scan result table can store a maximum of 2000 entries. When the table fills, the oldest entry...
Page 115
Advanced configuration ap-4000/4000m/4900m user guide alarms 115 • notify all (notify both ap and client detection) 8. Configure the scan results trap report style to control the way detected stations are reported in the notification: • report all detected stations since last scan (default) • report...
Page 116
Advanced configuration ap-4000/4000m/4900m user guide bridge 116 bridge the ap is a bridge between your wired and wireless networking devices. As a bridge, the functions performed by the ap include: • mac address learning • forward and filtering decision making • spanning tree protocol used for loop...
Page 117
Advanced configuration ap-4000/4000m/4900m user guide bridge 117 figure 4-43 spanning tree sub-tab storm threshold storm threshold is an advanced bridge setup option that you can use to protect the network against data overload by: • specifying a maximum number of frames per second as received from ...
Page 118
Advanced configuration ap-4000/4000m/4900m user guide bridge 118 • wireless threshold: enter the maximum allowed number of packets per second. Intra bss the wireless clients (or subscribers) that associate with a certain ap form the basic service set (bss) of a network infrastructure. By default, wi...
Page 119
Advanced configuration ap-4000/4000m/4900m user guide qos 119 qos wi-fi multimedia (wmm)/quality of service (qos) introduction the ap supports wi-fi multimedia (wmm), which is a solution for qos functionality based on the ieee 802.11e specification. Wmm defines enhancements to the mac for wireless l...
Page 120
Advanced configuration ap-4000/4000m/4900m user guide qos 120 2. To enable qos, check the enable quality of service checkbox. 3. Configure the qos maximum medium threshold for all admission controls. Admission will be granted if the new requested traffic stream and already admitted time is less than...
Page 121
Advanced configuration ap-4000/4000m/4900m user guide qos 121 8. Select whether to enable qos marking. 9. Click ok. Priority mapping use this page to configure qos 802.1p to 802.1d priority mappings (for layer 2 policies) and ip dscp to 802.1d priority mappings (for layer 3 policies). The first entr...
Page 122
Advanced configuration ap-4000/4000m/4900m user guide qos 122 figure 4-47 add priority mapping entry 3. Select the 802.1p priority (from 0-7) for 802.1d priorities 0-7. 4. Click ok. 5. Click add in the ip precedence/dscp ranges and 802.1d priority table. 6. Select the ip dscp range for each 802.1d p...
Page 123
Advanced configuration ap-4000/4000m/4900m user guide qos 123 perform the following procedure to configure the station and ap edca tables. 1. Click configure > qos > edca. Figure 4-48 edca tables 2. Click edit and configure the following parameters in each table:.
Page 124
Advanced configuration ap-4000/4000m/4900m user guide qos 124 note: changes to edca parameters require a reboot of the ap to take effect. • index: read-only. Indicates the index of the access category (1-4) being defined: – 1 = best effort – 2 = background – 3 = video – 4 = voice • cwmin: minimum co...
Page 125
Advanced configuration ap-4000/4000m/4900m user guide radius profiles 125 radius profiles configuring radius profiles on the ap allows the administrator to define a profile for radius servers used by the system or by a vlan. The network administrator can define radius servers per authentication mode...
Page 126
Advanced configuration ap-4000/4000m/4900m user guide radius profiles 126 this figure shows a network with separate authentication servers for each authentication type and for each vlan. The clients in vlan 1 are authenticated using the authentication servers configured for vlan 1. The type of authe...
Page 127
Advanced configuration ap-4000/4000m/4900m user guide radius profiles 127 note: this page configures only the primary radius server associated with the profile. After configuring these parameters, save them by clicking ok. Then, to configure the secondary radius server, edit the profile from the mai...
Page 128
Advanced configuration ap-4000/4000m/4900m user guide radius profiles 128 – colon delimited/mac: mac addresses are formatted with a colon between each pair of digits (xx:yy:zz:aa:bb:cc) and the password sent to the radius server is the mac address of the client. – single dash delimited/mac: mac addr...
Page 129
Advanced configuration ap-4000/4000m/4900m user guide radius profiles 129 radius accounting using an external radius server, the ap can track and record the length of client sessions on the access point by sending radius accounting messages per rfc2866. When a wireless client is successfully authent...
Page 130
Advanced configuration ap-4000/4000m/4900m user guide radius profiles 130 – obtained during the authentication process and used for determining the time interval for sending accounting update messages. – this attribute value takes precedence over the value of the accounting update interval. Accounti...
Page 131
Advanced configuration ap-4000/4000m/4900m user guide pxu (proximunify) profile 131 pxu (proximunify) profile the proximunify enables vlan roaming for both data and voice clients. Vlan roaming support is required when a client device roams between aps connected to switches with different vlans confi...
Page 132
Advanced configuration ap-4000/4000m/4900m user guide pxu (proximunify) profile 132 – manages mobility connections between client proximunify modules • backup-master proximunify: – registers with the master proximunify – maintains relevant wireless domain information – assumes the role of the master...
Page 133
Advanced configuration ap-4000/4000m/4900m user guide pxu (proximunify) profile 133 6. Server status: select enable from the drop-down box to enable the pxu server profile. Click ok. To reset your configuration, click cancel. Note: changes to the pxu server profiles require access point reboot in or...
Page 134
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 134 ssid/vlan/security the ap provides several security features to protect your network from unauthorized access. This section gives an overview of vlans and then discusses the ssid/vlan/security configuration options in the a...
Page 135
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 135 figure 4-54 components of a typical vlan vlan workgroups and traffic management access points that are not vlan-capable typically transmit broadcast and multicast traffic to all wireless network interface cards (nics). This...
Page 136
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 136 management vlan figure 4-55 mgmt vlan vlan tagging management control access to the ap management access to the ap can easily be secured by making management stations or hosts and the ap itself members of a common vlan. Sim...
Page 137
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 137 disable vlan tagging 1. Click configure > ssid/vlan/security > mgmt vlan. 2. Remove the check mark from the enable vlan tagging box (to disable all vlan functionality) or set the vlan management id to -1 (to disable vlan ta...
Page 138
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 138 different servers support different eap types and each eap type provides different features. See the documentation that came with your radius server to determine which eap types it supports. Note: the ap supports the follow...
Page 139
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 139 – each client uses a different key to encrypt and decrypt unicast packets exchanged with the ap – a client's key is different for every session; it changes each time the client associates with an ap – the ap uses a single g...
Page 140
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 140 vlans and security profiles the ap allows you to segment wireless networks into multiple sub-networks based on network name (ssid) and vlan membership. A network name (ssid) identifies a wireless network. Clients associate ...
Page 141
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 141 2. Click add in the security profile table to create a new entry. To modify an existing profile, select the profile and click edit. To delete an existing profile, select the profile and click delete. You cannot delete a sec...
Page 142
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 142 • 802.11i station: • authentication mode: 802.1x • cipher: ccmp based on aes • 802.11i-psk station: • authentication mode: psk • cipher: ccmp based on aes • psk passphrase: an 8-63 character user-defined phrase. It is recom...
Page 143
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 143 figure 4-58 security profile table - add entries.
Page 144
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 144 mac access the mac access sub-tab allows you to build a list of stations, identified by their mac addresses, authorized to access the network through the ap. The list is stored inside each ap within your network. Note that ...
Page 145
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 145 wireless-a or wireless-b each ssid can have its own security profile that defines its security mode, authentication mechanism, and encryption, so that customers can have multiple types of clients (non-wep, wep, 802.1x, wpa,...
Page 146
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 146 • enable: mac addresses in the mac access control list stored on the radius server are blocked or allowed, based on the mac acl settings. If a higher priority authentication protocol is also enabled, the higher-priority set...
Page 147
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 147 figure 4-61 ssid/vlan edit entries screen (vlan tagging disabled) 9. Enter a unique network name (ssid) between 1 and 32 characters. This parameter is mandatory. Note: do not use quotation marks (single or double) in the ne...
Page 148
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 148 16.Enable broadcast unique beacon using the drop-down menu. When enabled, broadcast unique beacon allows the broadcast of a up to four unique beacons when the ap is configured for multiple ssids. If closed system (above) is...
Page 149
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 149 figure 4-62 ssid/vlan configuration (vlan tagging enabled) note: if you disable (uncheck) the enable security per ssid option, you will be able to add multiple ssid/vlans, but the same configuration parameters (described be...
Page 150
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 150 • a vlan id is a number from -1 to 4094. A value of -1 means that an entry is “untagged.” • you can set the vlan id to “-1” or “untagged” if you do not want clients that are using a specific ssid to be members of a vlan wor...
Page 151
Advanced configuration ap-4000/4000m/4900m user guide ssid/vlan/security 151 19.If editing an entry, enable or disable the parameters on this page using status drop-down menu. If adding a new entry, this drop-down menu will not appear. 20.Reboot the ap..
Page 152: Monitoring
152 ap-4000/4000m/4900m user guide 5 monitoring this chapter discusses the following monitoring options: • version: provides version information for the access point’s system components. • icmp: displays statistics for internet control message protocol packets sent and received by the ap. • ip/arp t...
Page 153
Monitoring ap-4000/4000m/4900m user guide version 153 version from the http interface, click the monitor button and select the version tab. The list displayed provides you with information that may be pertinent when calling technical support. With this information, your technical support representat...
Page 154
Monitoring ap-4000/4000m/4900m user guide icmp 154 icmp this tab provides statistical information for both received and transmitted messages directed to the ap. Not all icmp traffic on the network is counted in the icmp (internet control message protocol) statistics. Figure 5-3 icmp monitoring tab.
Page 155
Monitoring ap-4000/4000m/4900m user guide ip/arp table 155 ip/arp table this tab provides information based on the address resolution protocol (arp), which relates mac address and ip addresses. Figure 5-4 ip/arp table monitoring tab.
Page 156
Monitoring ap-4000/4000m/4900m user guide learn table 156 learn table this tab displays information relating to network bridging. It reports the mac address for each node that the device has learned is on the network and the interface on which the node was detected. There can be up 10,000 entries in...
Page 157
Monitoring ap-4000/4000m/4900m user guide iapp 157 iapp this tab displays statistics relating to client handovers and communications between access points. Figure 5-6 iapp monitoring tab.
Page 158
Monitoring ap-4000/4000m/4900m user guide radius 158 radius this tab provides radius authentication, eap/802.1x authentication, and accounting information for both the primary and backup radius servers for each radius server profile. Note: separate radius servers can be configured for each radius se...
Page 159
Monitoring ap-4000/4000m/4900m user guide interfaces 159 interfaces this tab displays statistics for the ethernet and wireless interfaces. Figure 5-8 interface monitoring tab (ethernet) description of interface statistics the following statistics are displayed for the ethernet interface only, either...
Page 160
Monitoring ap-4000/4000m/4900m user guide interfaces 160 • ethernet chipset (ethernet): identifies the chipset used to realize the interface. • excessive collisions (ethernet): the number of frames for which transmission fails due to excessive collisions. • failed ack count (wireless-slot a/b): the ...
Page 161
Monitoring ap-4000/4000m/4900m user guide interfaces 161 • out discards (ethernet/wireless-slot a/b): the number of error-free outbound packets chosen to be discarded to prevent their being transmitted. One possible reason for discarding such a packet could be to free up buffer space. • out errors (...
Page 162
Monitoring ap-4000/4000m/4900m user guide station statistics 162 station statistics this tab displays information on wireless clients attached to the ap and on wireless distribution system. Enable the monitoring station statistics feature (station statistics are disabled by default) by checking enab...
Page 163
Monitoring ap-4000/4000m/4900m user guide station statistics 163 • time since last frame received: the time elapsed since the last frame from the associated wireless station (or wds link partner) was received. • number of stations and wds links: the number of stations and wds links monitored. The fo...
Page 164
Monitoring ap-4000/4000m/4900m user guide mesh statistics 164 mesh statistics this mesh tab and its related sub-tabs display statistics relating to mesh functionality. See the following sections: • topology • neighbors • link statistics • link test topology the topology sub-tab displays the network ...
Page 165
Monitoring ap-4000/4000m/4900m user guide mesh statistics 165 figure 5-12 mesh statistics link statistics sub-tab link test the link test tab allows you to run two types of mesh link tests: tree type or neighbor type. The tree type link test is initiated from the portal to any point on the mesh tree...
Page 166
Monitoring ap-4000/4000m/4900m user guide mesh statistics 166 figure 5-13 mesh statistics link test sub-tab to execute a link test, set the following parameters: • test type: tree type or neighbor type • destination system name: the destination mesh unit. • test traffic rate: the number of frames pe...
Page 167: Commands
167 ap-4000/4000m/4900m user guide 6 commands this chapter contains information on the following command functions: • introduction to file transfer via tftp or http : describes the available file transfer methods. • update ap: download files via tftp or http to the ap. • retrieve file: upload config...
Page 168
Commands ap-4000/4000m/4900m user guide introduction to file transfer via tftp or http 168 introduction to file transfer via tftp or http there are two methods of transferring files to or from the ap: tftp or http (or https if enabled): • downloading files (configuration, ap image, bootloader, licen...
Page 169
Commands ap-4000/4000m/4900m user guide update ap 169 update ap update ap via tftp use the update ap via tftp tab to download configuration, ap image, license file, bootloader files, certificate and private key files, and cli batch file to the ap. A tftp server must be running and configured to poin...
Page 170
Commands ap-4000/4000m/4900m user guide update ap 170 – ssh private key: the private key in ssh communications. See secure shell (ssh) settings for more information. – cli batch file: a cli batch file that contains cli commands to configure the ap. This file will be executed by the ap immediately af...
Page 171
Commands ap-4000/4000m/4900m user guide update ap 171 a warning message gets displayed that advises the user that a reboot of the device will be required for changes to take effect. Figure 6-4 warning message 4. Click ok to continue with the operation or cancel to abort the operation. Note: an http ...
Page 172
Commands ap-4000/4000m/4900m user guide retrieve file 172 retrieve file retrieve file via tftp use the retrieve file via tftp tab to upload files from the ap to the tftp server. The tftp server must be running and configured to point to the directory to which you want to copy the uploaded file. We s...
Page 173
Commands ap-4000/4000m/4900m user guide retrieve file 173 retrieve file via http use the retrieve file via http tab to retrieve configuration files, cli batch files, or cli batch logs from the ap. For more information on cli batch files and cli batch logs see cli batch file . 1. Select the type of f...
Page 174
Commands ap-4000/4000m/4900m user guide retrieve file 174 figure 6-10 file download dialog box 4. On clicking the save button the save aswindow displays. Select an appropriate filename and location and click ok..
Page 175
Commands ap-4000/4000m/4900m user guide reboot 175 reboot use the reboot tab to save configuration changes (if any) and reset the ap. Enter a value between 0 and 65535 seconds; entering a value of 0 (zero) seconds causes an immediate reboot. Note that reset, described below, does not save configurat...
Page 176
Commands ap-4000/4000m/4900m user guide reset 176 reset use the reset tab to restore the ap to factory default conditions. Since this will reset the ap’s current ip address, a new ip address must be assigned. See logging in for more information. Caution: resetting the ap to its factory default confi...
Page 177
Commands ap-4000/4000m/4900m user guide help link 177 help link use the help tab to configure the location of the ap help files. During initialization, the ap on-line help files are downloaded to the default location: c:/program files/orinoco/ap4x00x/html/index.Htm. To enable the help button on each...
Page 178: Troubleshooting
178 ap-4000/4000m/4900m user guide 7 troubleshooting this chapter provides information on the following: • troubleshooting concepts • symptoms and solutions • recovery procedures • related applications note: this section helps you locate problems related to the ap device setup. For details about rad...
Page 179
Troubleshooting ap-4000/4000m/4900m user guide symptoms and solutions 179 symptoms and solutions connectivity issues connectivity issues include any problem that prevents you from powering up or connecting to the ap. Ap unit will not boot - no led activity 1. Make sure your power source is operating...
Page 180
Troubleshooting ap-4000/4000m/4900m user guide symptoms and solutions 180 2. The ap only contacts a dhcp server during boot-up. If your network’s dhcp server is not available while the ap is booting, the device will use the default ip address (169.254.128.132). Reboot the ap once your dhcp server is...
Page 181
Troubleshooting ap-4000/4000m/4900m user guide symptoms and solutions 181 5. If you have a problem uploading a file, verify that the tftp server is configured to allow uploads (typically the default setting is to allow only downloads). Client connection problems client software finds no connection m...
Page 182
Troubleshooting ap-4000/4000m/4900m user guide symptoms and solutions 182 caution: the forced reload procedure disconnects all users and resets all values to factory defaults. Power-over-ethernet (poe) the ap does not work 1. Verify that you are using a standard utp category 5 cable. 2. Try a differ...
Page 183
Troubleshooting ap-4000/4000m/4900m user guide recovery procedures 183 recovery procedures the most common installation problems relate to ip addressing. For example, without the tftp server ip address, you will not be able to download a new ap image to the ap. Ip address management is fundamental. ...
Page 184
Troubleshooting ap-4000/4000m/4900m user guide recovery procedures 184 – download a new image using the bootloader cli because the cli option requires a physical connection to the unit’s serial port, proxim recommends the scantool option. Download a new image using scantool to download the ap image,...
Page 185
Troubleshooting ap-4000/4000m/4900m user guide recovery procedures 185 you must also connect the ap to a computer with a standard serial cable and use a terminal client, such as hyperterminal. From the terminal, enter cli commands to set the ip address and download an ap image. Preparing to download...
Page 186
Troubleshooting ap-4000/4000m/4900m user guide recovery procedures 186 [device name]> reboot the ap will reboot and then download the image file. You should see downloading activity begin after a few seconds within the tftp server’s status screen. 8. When the download process is complete, configure ...
Page 187
Troubleshooting ap-4000/4000m/4900m user guide recovery procedures 187 figure 7-1 result of “show ip” cli command 6. Change the ip address and other network values using set and reboot cli commands, similar to the example below (use your own ip address and subnet mask). Note that ip address type is ...
Page 188
Troubleshooting ap-4000/4000m/4900m user guide related applications 188 related applications radius authentication server if you enabled radius authentication on the ap, make sure that your network’s radius servers are operational. Otherwise, clients will not be able to log in. There are several rea...
Page 189: Command Line Interface (Cli)
189 ap-4000/4000m/4900m user guide a command line interface (cli) this section discusses the following: • general notes • command line interface (cli) variations • cli command types • using tables and strings • configuring the ap using cli commands • cli monitoring parameters • parameter tables • cl...
Page 190
Command line interface (cli) ap-4000/4000m/4900m user guide general notes 190 general notes prerequisite skills and knowledge to use this document effectively, you should have a working knowledge of local area networking (lan) concepts, network access infrastructures, and client-server relationships...
Page 191
Command line interface (cli) ap-4000/4000m/4900m user guide general notes 191 cli error messages the following table describes the error messages associated with improper inputs or expected cli behavior. Tab complete the command line ? List available commands error message description syntax error i...
Page 192
Command line interface (cli) ap-4000/4000m/4900m user guide command line interface (cli) variations 192 command line interface (cli) variations administrators use the cli to control access point operation and monitor network statistics. The ap supports two types of cli: the bootloader cli and the no...
Page 193
Command line interface (cli) ap-4000/4000m/4900m user guide command line interface (cli) variations 193 figure a-2 results of “show” bootloader cli command.
Page 194
Command line interface (cli) ap-4000/4000m/4900m user guide cli command types 194 cli command types this guide divides cli commands into two categories: operational and parameter controls. Operational cli commands these commands affect access point behavior, such as downloading, rebooting, and so on...
Page 195
Command line interface (cli) ap-4000/4000m/4900m user guide cli command types 195 example 2. Display specific commands to show all commands that start with specified letters, enter one or more letters, then ? With no space between letters and ?. [device-name]>s? Figure a-4 result of “s?” cli command...
Page 196
Command line interface (cli) ap-4000/4000m/4900m user guide cli command types 196 figure a-7 result of “show iparp?” cli command example 4. Display prompts for successive parameters enter the command, a space, and then ?. Then, when the parameter prompt appears, enter the parameter value. The parame...
Page 197
Command line interface (cli) ap-4000/4000m/4900m user guide cli command types 197 help displays instructions on using control-key sequences for navigating a command line and displays command information and examples. 1. Using help as the only argument: [device-name]>help figure a-8 results of “help”...
Page 198
Command line interface (cli) ap-4000/4000m/4900m user guide cli command types 198 search lists the parameters supported by the specified table. This list corresponds to the table information displayed in the http interface. In this example, the cli returns the list of parameters that make up an entr...
Page 199
Command line interface (cli) ap-4000/4000m/4900m user guide cli command types 199 [device-name]>show network [device-name]>show mgmtipaccesstbl “set” cli command sets (modifies) the value of the specified parameter. To see a definition and syntax example, type only set and then press the enter key. ...
Page 200
Command line interface (cli) ap-4000/4000m/4900m user guide cli command types 200 example 2 - create a table entry or row use 0 (zero) as the index to a table when creating an entry. When creating a table row, only the mandatory table elements are required (comment is usually an optional table eleme...
Page 201
Command line interface (cli) ap-4000/4000m/4900m user guide cli command types 201 figure a-10 results of “show network” and “show ip” cli commands example 6 - show individual and table parameters 1. View a single parameter. Syntax: [device-name]>show example: [device-name]> show ipaddr displays the ...
Page 202
Command line interface (cli) ap-4000/4000m/4900m user guide using tables and strings 202 using tables and strings working with tables each table element (or parameter) must be specified, as in the example below. [device-name]>set mgmtipaccesstbl 0 ipaddr 10.0.0.10 ipmask 255.255.0.0 below are the ru...
Page 203
Command line interface (cli) ap-4000/4000m/4900m user guide using tables and strings 203 the string delimiter does not have to be used for every string object. The single quote or double quote only has to be used for string objects that contain blank space characters. If the string object being used...
Page 204
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 204 configuring the ap using cli commands log into the ap using hyperterminal 1. Open your terminal emulation program (like hyperterminal) and set the following connection properties: • com port: • baud...
Page 205
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 205 set basic configuration parameters using cli commands there are a few basic configuration parameters that you may want to setup right away when you receive the ap. For example: • set system name, lo...
Page 206
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 206 [device-name]>set snmprpasswd (snmp read password) [device-name]>set snmprwpasswd (snmp read/write) [device-name]>set snmpv3authpasswd (snmpv3 authentication password) [device-name]>set snmpv3privpa...
Page 207
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 207 argentina ar hungary hu peru pe armenia am iceland is philippines ph australia au india in poland pl austria at indonesia id portugal pt azerbaijan az ireland 5.8 ghz i1 puerto rico pr bahrain bh is...
Page 208
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 208 enable and configure tx power control for the wireless interface(s) the tx power control feature lets the user configure the transmit power level of the card in the ap. Perform the following command...
Page 209
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 209 set up auto configuration the auto configuration feature which allows an ap to be automatically configured by downloading a specific configuration file from a tftp server during the boot up process....
Page 210
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 210 other network settings there are other configuration settings that you may want to set for the ap. Some of them are listed below. • configure the ap as a dhcp server • configure the dns client • con...
Page 211
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 211 configure dhcp relay perform the following command to enable or disable dhcp relay agent status. Note: you must have at least one entry in the dhcp relay server table before you can set the dhcp rel...
Page 212
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 212 dynamic channel selection (dcs) [device-name]>set dcs [device-name]>set dcsthreshold the values for the dcs threshold range from 1 to 10. The default value is 5. Enable/disable closed system [device...
Page 213
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 213 note: see antennas for more information on internal and external antenna ports. Set the distance between aps [device-name]>set wif distaps (see below) [device-name]>reboot 0 set ethernet speed and t...
Page 214
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 214 [device-name]>ethvlanaccessid this command stands for the access vlan id configuration. The values range from 1 to 4094. [device-name]>set ethvlanpriority for access vlan priority, there are eight v...
Page 215
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 215 set telnet session timeouts [device-name]>set tellogintout (default is 30)> [device-name]>set telsessiontout (default is 900)> configure serial port interface note: to avoid unexpected performance i...
Page 216
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 216 configure mac access control setup mac (address) access control [device-name]>set wifssidtbl aclstatus enable/disable [device-name]>set macacloptype [device-name]>reboot 0 add an entry to the mac ac...
Page 217
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 217 mac address format : dashdelimited response time : 3 maximum retransmission : 3 authorization lifetime : 0 accounting update interval : 0 accounting inactivity timer : 5 index : 1 primary/backup : b...
Page 218
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 218 set hardware configuration reset parameters the hardware configuration reset commands allows you to enable or disable the hardware reset functionality and to change the password to be used for confi...
Page 219
Command line interface (cli) ap-4000/4000m/4900m user guide configuring the ap using cli commands 219 configure a security profile with 802.1x security mode [device-name]>set secprofiletbl secmode 802.1x encryptkeylength status enable example: [device-name]>set secprofiletbl 4 secmode 802.1x encrypt...
Page 220
Command line interface (cli) ap-4000/4000m/4900m user guide cli monitoring parameters 220 cli monitoring parameters using the show command with the following table parameters will display operating statistics for the ap (these are the same statistics that are described in the monitoring section). • ...
Page 221
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 221 parameter tables objects contain groups that contain both parameters and parameter tables. Use the following tables to configure the access point. Columns used on the tables include: • name - parameter, group, or table ...
Page 222
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 222 – broadcast filtering table - control the type of broadcast packets forwarded to the wireless network – tcp/udp port filtering - filter ip packets based on tcp/udp port • alarms parameters – snmp table host table parame...
Page 223
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 223 system parameters * available only on aps with model numbers ending in -wd. When available, this object must be configured before any interface parameters can be set. Country identifiers note: all countries may not be a...
Page 224
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 224 finland indoor fi1 outdoor fi2 france indoor fr1 outdoor fr2 germany indoor de1 outdoor de2 greece indoor gr1 outdoor gr2 hungary indoor hu1 outdoor hu2 ireland indoor ie1 outdoor ie2 italy indoor it1 outdoor it2 latvia...
Page 225
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 225 inventory management information the inventory management commands display advanced information about the ap’s installed components. You may be asked to report this information to a representative if you contact custome...
Page 226
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 226 dns client for radius name resolution dhcp server parameters * the dhcp server (dhcpstatus) can only be enabled after a dhcp ip pool table entry has been created. Dhcp server table for ip pools * ip addresses must be fr...
Page 227
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 227 dhcp relay group the dhcp relay group allows you to enable or disable dhcp relay agent status. Dhcp relay server table the dhcp relay server table contains the commands to set the table entries. The ap supports the conf...
Page 228
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 228 sntp parameters link integrity parameters * link integrity cannot be configured when the ap is configured to function as a mesh ap. Link integrity ip target table name type value access cli parameter sntp group group n/...
Page 229
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 229 interface parameters wireless interface parameters the wireless interface group parameter is wif. Wireless interface a (802.11a/4.9 ghz radio) uses table index 3 and wireless interface b (802.11b/g radio) uses table ind...
Page 230
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 230 common parameters to 802.11a, 4.9 ghz, and 802.11b/g * for 802.11a aps certified in the etsi and telec regulatory domains and operating in the middle frequency band, disabling auto channel select will limit the availabl...
Page 231
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 231 ** each 802.11 packet is acknowledged by the receiving station. On links longer than about 100m, the time that it takes for the ack to get back to the sending station is long enough to cause the sending station to belie...
Page 232
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 232 4.9 ghz specific parameters 802.11a specific parameters name type value access cli parameter operating frequency channel integer varies by regulatory domain and country. See available channels rw channel supported data ...
Page 233
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 233 * available for the 5 ghz frequency band in the fcc regulatory domain only. † super mode must be enabled on the wireless interface before turbo mode can be enabled. Turbo mode and mesh mode (either mesh ap or mesh porta...
Page 234
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 234 802.11b specific parameters 802.11b/g specific parameters name type value access cli parameter operating frequency channel integer 1 - 14; available channels vary by regulatory domain/country; see available channels rw ...
Page 235
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 235 * also for 802.11g-wifi mode. 802.11g-wifi has been defined for wi-fi testing purposes; it is not recommended for use in your wireless network environment. † available in 802.11b/g or 802.11g modes only. Transmit rate i...
Page 236
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 236 wireless distribution system (wds) parameters wireless distribution system (wds) security table parameters the wds security table manages wds related security objects. Wireless interface ssid/vlan/profile parameters the...
Page 237
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 237 ethernet interface parameters mesh parameters . Radius accounting status per vlan integer enable disable rw acctstatus mac acl status per vlan integer enable disable rw aclstatus security profile integer32 user defined ...
Page 238
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 238 * higher roaming threshold value creates a more static mesh environment. Lower roaming threshold value creates a more dynamic mesh environment. † a qos profile corresponding to this index number must exist. ‡ this comma...
Page 239
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 239 management parameters secure management parameters snmp parameters http parameters * the help link must be set to an http address. Use the forward slash character ("/") rather than the backslash character ("\") when con...
Page 240
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 240 telnet parameters serial port parameters radius based management access parameters the radius based management access parameters allow you to enable http or telnet radius management access, enable or disable local user ...
Page 241
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 241 ssh parameters the following commands enable or disable ssh and set the ssh host key. The ap ssh feature, open-ssh, confirms to the ssh protocol, and supports ssh version 2. The following ssh clients have been verified ...
Page 242
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 242 ip access table parameters when creating table entries, you may either specify the argument name followed by argument value or simply enter the argument value. When only the argument value is specified, then enter the v...
Page 243
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 243 note: the filter operation type (passthru or block) applies only to the protocol filters that are enabled in this table. Static mac address filter table protocol number octet string n/a rw protonumber protocol name (opt...
Page 244
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 244 proxy arp parameters ip arp filtering parameters broadcast filtering table tcp/udp port filtering the following parameters are used to enable/disable the port filter feature. Tcp/udp port filtering table the following p...
Page 245
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 245 alarms parameters snmp table host table parameters when creating table entries, you may either specifying the argument name followed by argument value. Cli applies default values to the omitted arguments. Due to the nat...
Page 246
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 246 syslog parameters the following parameters configure the syslog settings. Note: when heartbeat is enabled, the ap periodically sends a message to the syslog server to indicate that it is active. The frequency with which...
Page 247
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 247 bridge parameters spanning tree parameters spanning tree priority and path cost table storm threshold parameters name type value access cli parameter spanning tree group n/a r stp spanning tree status integer enable dis...
Page 248
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 248 storm threshold table intra bss subscriber blocking the following parameters control the intra bss traffic feature, which prevent wireless clients that are associated with the same ap from communicating with each other:...
Page 249
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 249 radius parameters general radius parameters radius server configuration parameters note: use a server name only if you have enabled the dns client functionality. See dns client for radius name resolution . Name type val...
Page 250
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 250 security parameters mac access control parameters mac access control table rogue scan configuration table the rogue scan configuration table allows you to enable or disable rogue scan and configure the scanning paramete...
Page 251
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 251 security profile table the security profile table allows you to configure security profiles. A maximum of 16 security profiles are supported per wireless interface. Each security profile can contain one or more enabled ...
Page 252
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 252 encryption key format if wep security mode is configured, then the appropriate key size must be configured. The ap supports 63-, 128-, and 152-bit encryption keys. Encryption keys may be configured using either hexadeci...
Page 253
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 253 wireless multimedia enhancements (wme)/quality of service (qos) parameters the wireless multimedia enhancements commands enable and configure wireless multimedia enhancement/quality of service parameters per wireless in...
Page 254
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 254 specifying the mapping between ip precedence/dscp ranges and 802.1d priorities the qos ip dscp to 802.1d mapping table specifies the mapping between ip precedence/dscp ranges and 802.1d priorities. Qos enhanced distribu...
Page 255
Command line interface (cli) ap-4000/4000m/4900m user guide parameter tables 255 examples: show qosedcatbl (or qosqapedcatbl) set qosedcatbl (or qosqapedcatbl) . For example: set qosedcatbl 3.1 cwmin 15 defining the qos policy used for a wireless interface ssid the qos policy object configures the q...
Page 256
Command line interface (cli) ap-4000/4000m/4900m user guide cli batch file 256 cli batch file a cli batch file is a user-editable file that lists a series of cli set commands, that can be uploaded to the access point to change its configuration. The access point executes the cli commands specified i...
Page 257
Command line interface (cli) ap-4000/4000m/4900m user guide cli batch file 257 reboot behavior when a cli batch file contains a reboot command, the reboot will occur only after the entire cli batch file has been executed. There are two methods of uploading the cli batch file: • upload • upload and r...
Page 258: Ascii Character Chart
258 ap-4000/4000m/4900m user guide b ascii character chart you can configure wep encryption keys in either hexadecimal or ascii format. Hexadecimal digits are 0-9 and a-f (not case sensitive). Ascii characters are 0-9, a-f, a-f (case sensitive), and punctuation marks. Each ascii character correspond...
Page 259: Specifications
259 ap-4000/4000m/4900m user guide c specifications • software features • hardware specifications • available channels software features the tables below list the software features available on the ap-4000/4000m/4900m. • number of stations per bss • management functions • advanced bridging functions...
Page 260
Specifications ap-4000/4000m/4900m user guide software features 260 advanced bridging functions medium access control (mac) functions * dfs is required for 802.11a aps certified in the etsi, telec, fcc, and ic regulatory domains and operating in the middle frequency band. When acs is disabled, avail...
Page 261
Specifications ap-4000/4000m/4900m user guide software features 261 security functions * key lengths supported by 802.11a/4.9 ghz: 64-bit, 128-bit, and 152-bit. Key lengths supported by 802.11b: 64-bit and 128-bit. Key lengths supported by 802.11b/g: 64-bit, 128-bit, and 152-bit. † eap-md5, eap-tls,...
Page 262
Specifications ap-4000/4000m/4900m user guide software features 262 network functions * includes fallback to primary radius server, radius session timeout, radius multiple mac address formats, radius dns host name support, radius start/stop accounting. † dhcp client requests and ip lease renewals ar...
Page 263
Specifications ap-4000/4000m/4900m user guide hardware specifications 263 hardware specifications category specification physical dimensions (h x w x l) 1 x 4.75 x 7.1 in (25 x 121 x 180 mm) plus additional antenna adaptor for ap-4900m weight ap:4000/4000m unit: .65 lb (.295 kg) ap-4900m unit: .75 l...
Page 264
Specifications ap-4000/4000m/4900m user guide available channels 264 available channels available channels vary based on radio, country, and frequency band. To verify which channels are available for your product: 1. Locate the product model number on the underside of your ap unit or on the unit’s b...
Page 265
Specifications ap-4000/4000m/4900m user guide available channels 265 4.9 ghz channels (ap-4900m only) wd sku channels by country available channel bands depend on the selected country and mode of use (indoor/outdoor). The typical channels available in each 802.11a frequency band are as follows: chan...
Page 266
Specifications ap-4000/4000m/4900m user guide available channels 266 france indoor l, m, h 1 - 13 fr1 fr outdoor h 1 - 13 fr2 fr germany indoor l, m, h 1 - 13 de1 de outdoor h 1 - 13 de2 de greece indoor l, m, h 1 - 13 gr1 gr outdoor h 1 - 13 gr2 gr hungary indoor l, m, h 1 - 13 hu1 hu outdoor h 1 -...
Page 267
267 ap-4000/4000m/4900m user guide d technical services and support see the following sections: • obtaining technical services and support • support options – proxim eservice web site support – telephone support – servpak support obtaining technical services and support if you are having trouble uti...
Page 268
Technical services and support ap-4000/4000m/4900m user guide support options 268 support options proxim eservice web site support the proxim eservice web site is available 7x24x365 at http://support.Proxim.Com . On the proxim eservice web site, you can access the following services: • new product r...
Page 269: Statement of Warranty
269 ap-4000/4000m/4900m user guide e statement of warranty warranty coverage proxim wireless corporation warrants that its products are manufactured solely from new parts, conform substantially to specifications, and will be free of defects in material and workmanship for a warranty period of 1 year...
Page 270
Statement of warranty ap-4000/4000m/4900m user guide other information 270 and shipping instructions. Buyer must return the defective product to proxim wireless, properly packaged to prevent damage, shipping prepaid, with the rma number prominently displayed on the outside of the container. Calls to...