Proxim ORiNOCO AP-700 User Manual

Other manuals for ORiNOCO AP-700: Specifications, Specifications, Specifications, User Manual, Specifications, Datasheet, User Giude

Page of 258

Download

Print this page

Bookmark us

ORiNOCO AP-700

User Guide

1 2 3 4 5 6 7 Next › »

Summary of ORiNOCO AP-700

Page 1
Orinoco ap-700 user guide.
Page 2
Ap-700 user guide 2 copyright © 20 10 proxim wireless corporation. All rights reserved. Covered by one or more of the following u.S. Patents: 5,231,634; 5,875,179; 6,006,090; 5,809,060; 6,075,812; 5,077,753. This user guide and the software described in it are copyrighted with all rights reserved. N...
Page 3: Contents
Ap-700 user guide 3 contents 1 introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 introduction to wireless networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 4
Ap-700 user guide 4 link integrity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 sntp (simple network time protocol) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ....
Page 5
Ap-700 user guide 5 wireless domain configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 configuring the proximunify profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 6
Ap-700 user guide 6 connectivity issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 basic software setup and configuration problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 7
Ap-700 user guide 7 alarms parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 bridge parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 8
Ap-700 user guide 8 ask a question or open an issue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257 other adapter cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ...
Page 9: Introduction
9 ap-700 user guide 1 introduction this chapter contains information on the following: • introduction to wireless networking • guidelines for roaming • management and monitoring capabilities introduction to wireless networking an access point extends the capability of an existing ethernet network to...
Page 10
Introduction ap-700 user guide management and monitoring capabilities 10 • all workstations with an 802.11 client adapter installed must use either a network name of “any” or the same network name as the access points that they will roam between. If an ap has closed system enabled, a client must hav...
Page 11
Introduction ap-700 user guide management and monitoring capabilities 11 snmp management in addition to the http and the cli interfaces, you can also manage and configure an ap using the simple network management protocol (snmp). Note that this requires an snmp manager program, like hp openview or c...
Page 12
Introduction ap-700 user guide management and monitoring capabilities 12 the ssh server (ap) hashost keys - a pair of asymmetric keys - a private key that resides on the ap and a public key that is distributed to clients that need to connect to the ap. As the client has knowledge of the server host ...
Page 13
13 ap-700 user guide 2 installation and initialization in this chapter: • ap-700 hardware description – overview – led indicators – power-over-ethernet (poe) – antennas • prerequisites – pxu (proximunify) prerequisites • system requirements • product package • hardware installation – attach cables –...
Page 14
Installation and initialization ap-700 user guide ap-700 hardware description 14 ap-700 hardware description overview the ap-700 is a tri-mode ap that supports 802.11b, 802.11g, or 802.11a clients. The unit contains one embedded 802.11a/b/g radio that supports the following operational modes: • 802....
Page 15
Installation and initialization ap-700 user guide ap-700 hardware description 15 figure 2-2 led indicators on the top panel power-over-ethernet (poe) the ap-700 is equipped with an 802.3af-compliant power-over-ethernet (poe) module. Poe delivers both data and power to the access point over a single ...
Page 16
Installation and initialization ap-700 user guide ap-700 hardware description 16 external antennas the ap-700 also has two antenna connectors for use with external antennas. Figure 2-3 ap-700 antenna connectors when the ap is mounted on a wall, connector 1 corresponds to the horizontally polarized i...
Page 17
Installation and initialization ap-700 user guide prerequisites 17 prerequisites before installing your unit, you need to gather certain network information. The following table identifies the information you need. Pxu (proximunify) prerequisites before setting up a pxu profile, gather the following...
Page 18
Installation and initialization ap-700 user guide system requirements 18 system requirements to begin using an ap, you must have the following minimum requirements: • a 10base-t ethernet or 100base-tx fast ethernet switch or hub or cross-over ethernet cable • at least one of the following ieee 802.1...
Page 19
Installation and initialization ap-700 user guide product package 19 product package each ap-700 shipment includes the items in the following table. Verify that you have received all parts of the shipment. Note: unless noted in this table, cables are not supplied with the unit. Ap-700 unit power cor...
Page 20
Installation and initialization ap-700 user guide hardware installation 20 hardware installation perform the following procedures to install the ap hardware: • attach cables • install the security cover (optional) • mount the ap-700 • power on the unit attach cables cabling without power over ethern...
Page 21
Installation and initialization ap-700 user guide hardware installation 21 • use a straight-through ethernet cable if you intend to connect the unit to a switch, hub, or patch panel. • use a cross-over ethernet cable or adapter if you intend to connect the unit to a single computer. Figure 2-4 cabli...
Page 22
Installation and initialization ap-700 user guide hardware installation 22 install the security cover (optional) you can optionally install a security cover to deter unauthorized access to the unit. The security cover is a plastic enclosure that prevents access to the cabling and the reset and reloa...
Page 23
Installation and initialization ap-700 user guide hardware installation 23 5. Carefully slide the unit to the right until the tabs snap securely onto the narrow holes of the unit. If the unit is mounted correctly, no portion of the mounting plate should protrude from any of the sides of the unit. Fi...
Page 24
Installation and initialization ap-700 user guide hardware installation 24 the led indicators exhibit the following behavior: install external antennas (professional installation required) optionally, you can connect two external antennas to your ap. All products using external antennas must be prof...
Page 25
Installation and initialization ap-700 user guide hardware installation 25 figure 2-8 opening the antenna compartment 2. There are two antenna connectors in the ap-700, labeled 1 and 2 connect the antenna cable to connector 1 (the connector closer to the led panel in the compartment). Figure 2-9 ant...
Page 26
Installation and initialization ap-700 user guide hardware installation 26 fl = feeder loss including loss of connectors g = antenna gain antenna types and maximum gain for devices using external antennas, professional installers should select only the antenna types listed in the following table, wi...
Page 27
Installation and initialization ap-700 user guide initialization 27 initialization the following sections detail how to initialize the ap using scantool, log in to the http interface, perform an initial configuration of the ap using the setup wizard, and download the required ap software. • using sc...
Page 28
Installation and initialization ap-700 user guide initialization 28 note: if your access point does not appear in the scan list, click the rescan button to update the display. If the unit still does not appear in the list, see troubleshooting for suggestions. Note that after rebooting an access poin...
Page 29
Installation and initialization ap-700 user guide initialization 29 k. Click the change button to return to the change screen. L. Click the web configuration button at the bottom of the change screen. M. Proceed to the logging in section for information on how to access the http interface using this...
Page 30
Installation and initialization ap-700 user guide initialization 30 figure 2-13 system status screen the buttons on the left of the screen provide access to the monitoring and configuration options for the ap. See advanced configuration to begin configuring the ap manually. You can also exit the web...
Page 31
Installation and initialization ap-700 user guide initialization 31 • save & next button: each setup wizard screen has a save & next button. Click this button to submit any changes you made to the unit’s parameters and continue to the next page. The instructions below describe how to navigate the se...
Page 32
Installation and initialization ap-700 user guide initialization 32 — primary network name (ssid): enter a network name (between 1 and 32 characters long) for the wireless network. You must configure each wireless client to use this name as well. Note that the unit supports up to 16 ssids/vlans. Ple...
Page 33
Installation and initialization ap-700 user guide initialization 33 note: the knowledgebase is available to all website visitors. First-time users will be asked to create an account to gain access. 3. Click search knowledgebase. 4. In the search knowledgebase field, enter 1686. 5. Click search. 6. C...
Page 34
Installation and initialization ap-700 user guide initialization 34 if the operation is successful, you will receive a confirmation message. 7. Reboot the ap as follows: • click commands > reboot. • enter 0 in the time to reboot field. • click ok. Install software with tftp server a trivial file tra...
Page 35
Installation and initialization ap-700 user guide initialization 35 4. Enter the cli password when prompted. 5. Enter the command: download img the download will begin, and the image will be downloaded to the access point. 6. When the download is complete, type reboot 0 and press enter..
Page 36: System Status
36 ap-700 user guide 3 system status the first screen displayed after logging in is the system status screen. You can always return to this screen by clicking the status button. Figure 3-1 system status screen the system status screen provides the following information: • system status: this area pr...
Page 37: Advanced Configuration
37 ap-700 user guide 4 advanced configuration this chapter contains information on configuring settings in the following categories: • system : configure specific system information such as system name and contact information. • network: configure ip, dns client, dhcp server, dhcp relay agent, dhcp ...
Page 38
Advanced configuration ap-700 user guide 38 figure 4-1 configure main screen 2. Click the tab that corresponds to the parameter you want to configure. For example, click network to configure the access point’s tcp/ip settings. Each configure tab is described in the remainder of this chapter..
Page 39
Advanced configuration ap-700 user guide system 39 system you can configure and view the following parameters within the system configuration screen: • name: the name assigned to the ap. See the dynamic dns support and access point system naming convention sections for rules on naming the ap. • coun...
Page 40
Advanced configuration ap-700 user guide system 40 figure 4-2 system tab dynamic dns support dns is a distributed database mapping the user readable names and ip addresses (and more) of every registered system on the internet. Dynamic dns is a lightweight mechanism which allows for modification of t...
Page 41
Advanced configuration ap-700 user guide network 41 network the network tab contains the following sub-tabs: • ip configuration • dhcp server • dhcp relay agent • link integrity • sntp (simple network time protocol) ip configuration this tab is used to configure the internet (tcp/ip) settings for th...
Page 42
Advanced configuration ap-700 user guide network 42 assignment type is set to dynamic, this field is read-only and reports the unit’s current ip address. The access point will default to 169.254.128.132 if it cannot obtain an address from a dhcp server. Though the access point starts functioning wit...
Page 43
Advanced configuration ap-700 user guide network 43 figure 4-4 dhcp server configuration screen you can configure and view the following parameters within the dhcp server configuration screen: note: you must reboot the ap before changes to any of these dhcp server parameters take effect. • enable dh...
Page 44
Advanced configuration ap-700 user guide network 44 note: the default lease time cannot be larger than the maximum lease time. If you set the maximum lease time, you should also set the default lease time to ensure that the default lease time is less than the maximum. – comment (optional) – status: ...
Page 45
Advanced configuration ap-700 user guide network 45 dhcp server ip address table the ap supports the configuration of a maximum of 10 server settings in the dhcp relay agents server table. At least one server must be configured to enable dhcp relay. To add entries to the table of dhcp relay agents, ...
Page 46
Advanced configuration ap-700 user guide network 46 figure 4-7 link integrity configuration screen sntp (simple network time protocol) sntp allows a network entity to communicate with time servers in the network/internet to retrieve and synchronize time of day information. When this feature is enabl...
Page 47
Advanced configuration ap-700 user guide network 47 figure 4-8 sntp configuration screen you can configure and view the following parameters within the sntp screen: • sntp status: select enable or disable from the drop-down menu. The selected status will determine which of the parameters on the sntp...
Page 48
Advanced configuration ap-700 user guide network 48 – hour: enter the hour in digits (0-23). – minutes: enter the minutes in digits (0-59). – seconds: enter the seconds in digits (0-59)..
Page 49
Advanced configuration ap-700 user guide interfaces 49 interfaces from the interfaces tab, you configure the access point’s operational mode settings, power control settings, wireless interface settings and ethernet settings. You may also configure a wireless distribution system for ap-to-ap communi...
Page 50
Advanced configuration ap-700 user guide interfaces 50 • 802.11b mode only: the radio uses the 802.11b standard only. • 802.11g mode only: the radio is optimized to communicate with 802.11g devices. This setting will provide the best results if this radio interface will only communicate with 802.11g...
Page 51
Advanced configuration ap-700 user guide interfaces 51 ieee 802.11d support for additional regulatory domains the ieee 802.11d specification allows conforming equipment to operate in more than one regulatory domain over time. Ieee 802.11d support allows the ap to broadcast its radio’s regulatory dom...
Page 52
Advanced configuration ap-700 user guide interfaces 52 original power level to maintain a good link. For a full discussion of dfs, see dynamic frequency selection/radar detection (dfs/rd) . Configuring tx power control 1. Click configure > interfaces > operational mode. 2. Select enable transmit pow...
Page 53
Advanced configuration ap-700 user guide interfaces 53 wireless a (802.11a/b/g radio) figure 4-10 wireless interface.
Page 54
Advanced configuration ap-700 user guide interfaces 54 you can view and configure the following parameters for the wireless interface: note: you must reboot the access point before any changes to these parameters take effect. • physical interface type: depending on the operational mode, this field r...
Page 55
Advanced configuration ap-700 user guide interfaces 55 note: turbo mode is supported in only in 802.11a mode in the fcc regulatory domain when dfs is not required. If turbo mode is enabled, then this is displayed in the web ui and the transmit speeds and channels pull-down menus are updated with the...
Page 56
Advanced configuration ap-700 user guide interfaces 56 – start the ap services to wireless clients – indicate the wireless service resume status of the wireless interface through led and traps after wireless service resumes, the ap resumes beaconing, transmitting and receiving frames to/from the wir...
Page 57
Advanced configuration ap-700 user guide interfaces 57 3. Click edit in the channel blacklist table 4. Set blacklist status to enable. Figure 4-12 channel blacklist table - edit screen • wireless distribution system: a wireless distribution system can be used to establish point-to-point (i.E. Wirele...
Page 58
Advanced configuration ap-700 user guide interfaces 58 figure 4-13 dcs trap message the access point monitors the current channel for interference and errors. The dcs threshold controls how aggressively the access point changes the channels. The lowest value of the dcs threshold is 1 which means cha...
Page 59
Advanced configuration ap-700 user guide interfaces 59 figure 4-14 a complete interfaces page.
Page 60
Advanced configuration ap-700 user guide interfaces 60 dcs can be configured using the following interfaces: • web (http) interface • command line interface (cli) • mib (snmp) requirements web (http) interface the http interface (web browser interface) provides easy access to configuration settings ...
Page 61
Advanced configuration ap-700 user guide interfaces 61 command line interface (cli) see the command line interface (cli) section in appendix a. Mib (snmp) requirements dcs feature can be managed and monitored by mib objects too. All the configuration parameters are present for both interface a and i...
Page 62
Advanced configuration ap-700 user guide interfaces 62 • you cannot manually select the device’s operating channel; you must let the unit select the channel. You may make channels unavailable by manually “blacklisting” them and preventing those channels being selected, in accordance with local regul...
Page 63
Advanced configuration ap-700 user guide interfaces 63 transparent mode transparent mode is the default mode and is equivalent to the no vlan support. The vlan receievs both the tagged and untagged frames from the network. Transparent mode simply forwards both the tagged and untagged frames received...
Page 64
Advanced configuration ap-700 user guide interfaces 64 trunk mode trunk mode works as a filter. Trunk links provide vlan identification for frames travelling between switches. Once this mode is enabled, the frames received from the wds, mesh or wireless ports are filtered and compared with the trunk...
Page 65
Advanced configuration ap-700 user guide interfaces 65 management vlan configuration trunk mode: in trunk mode if any management vlan id is configured then that management vlan id should present in trunk table, then only we can able to manage the device. Access mode : in access mode if any managemen...
Page 66
Advanced configuration ap-700 user guide interfaces 66 web interface the http interface (web browser interface) provides easy access to configuration settings and network statistics from any computer on the network. You can access the http interface over your lan (switch, hub, etc.), over the intern...
Page 67
Advanced configuration ap-700 user guide interfaces 67 • when vlan mode is mixed, all the text boxes from vlan 1 to vlan 16, access vlan id and access vlan priority are enabled. Select your mode manually and configure the parameters and finally click ok. Command line interface (cli) see the command ...
Page 68
Advanced configuration ap-700 user guide interfaces 68 in the wds example below, ap 1 and ap 2 communicate over a wds link (represented by the blue line). This link provides client 2 with access to network resources even though ap 2 is not directly connected to the ethernet network. Packets destined...
Page 69
Advanced configuration ap-700 user guide interfaces 69 wds setup procedure note: you must disable auto channel select to create a wds. Each access point that is a member of the wds must have the same channel setting to communicate with each other. To setup a wireless backbone follow the steps below ...
Page 70
Advanced configuration ap-700 user guide interfaces 70 figure 4-20 adding wds links 6. Select which encryption method to use (if any) from the wds security mode drop-down menu. 7. If you selected a wds security mode, do one of the following: • if you selected wep: enter an encryption key. • if you s...
Page 71
Advanced configuration ap-700 user guide interfaces 71 figure 4-21 ethernet sub-tab for best results, proxim recommends that you configure the ethernet setting to match the speed and transmission mode of the device the access point is connected to (such as a hub or switch). If in doubt, leave this s...
Page 72
Advanced configuration ap-700 user guide management 72 management the management tab contains the following sub-tabs: • passwords • ip access table • services • automatic configuration (autoconfig) • hardware configuration reset (chrd) passwords passwords are stored in flash memory and secured using...
Page 73
Advanced configuration ap-700 user guide management 73 figure 4-22 management-password page ip access table the management ip access table limits in-band management access to the ip addresses or range of ip addresses specified in the table. This feature applies to all management services (snmp, http...
Page 74
Advanced configuration ap-700 user guide management 74 • secure management status: enables the further configuration of https access, snmpv3, and secure shell (ssh). After enabling secure management, you can choose to configure https (ssl) and secure shell access on the services tab, and to configur...
Page 75
Advanced configuration ap-700 user guide management 75 figure 4-23 management services configuration screen.
Page 76
Advanced configuration ap-700 user guide management 76 telnet configuration settings • telnet interface bitmask: select the interface (ethernet, wireless, all interfaces) from which you can manage the ap via telnet. This parameter can also be used to disable telnet management. • telnet port number: ...
Page 77
Advanced configuration ap-700 user guide management 77 note: when secure management is enabled on the ap, ssh will be enabled by default and cannot be disabled. Host keys must either be generated externally and uploaded to the ap (see uploading externally generated host keys ), generated manually, o...
Page 78
Advanced configuration ap-700 user guide management 78 serial configuration settings the serial port interface on the ap is enabled at all times. See setting ip address using serial port for information on how to access the cli interface via the serial port. You can configure and view the following ...
Page 79
Advanced configuration ap-700 user guide management 79 • radius profile for management access control: specifies the radius profile to be used for radius based management access. • local user status: enables or disables the local user when radius based management is enabled. The default local user i...
Page 80
Advanced configuration ap-700 user guide management 80 figure 4-25 automatic configuration screen set up automatic configuration for dynamic ip perform the following procedure to enable and set up automatic configuration when you have a dynamic ip address for the tftp server via dhcp. The configurat...
Page 81
Advanced configuration ap-700 user guide management 81 figure 4-26 dhcp options: setting the boot server host name 4. Add the boot server hostname and boot filename parameters to the available options list. 5. Set the value of the boot server hostname parameter to the hostname or ip address of the t...
Page 82
Advanced configuration ap-700 user guide management 82 access to the ap is not protected, an unauthorized person could reset the ap to factory defaults and thus gain control of the ap. The user can disable the hardware configuration reset functionality to prevent unauthorized access. The hardware co...
Page 83
Advanced configuration ap-700 user guide management 83 2. Check (enable) or uncheck (disable) the enable hardware configuration reset checkbox. 3. Change the default configuration reset password in the “configuration reset password” and “confirm” fields. 4. Click ok. 5. Reboot the ap. Note: it is im...
Page 84
Advanced configuration ap-700 user guide filtering 84 filtering the access point’s packet filtering features help control the amount of traffic exchanged between the wired and wireless networks. There are four sub-tabs under the filtering heading: • ethernet protocol • static mac • advanced • tcp/ud...
Page 85
Advanced configuration ap-700 user guide filtering 85 figure 4-29 ethernet protocol filter configuration 3. Configure the ethernet protocol filter table. This table is pre-populated with existing ethernet protocol filters, however, you may enter additional filters by specifying the appropriate param...
Page 86
Advanced configuration ap-700 user guide filtering 86 figure 4-30 ethernet protocol filter table - add entries • to edit or delete an entry, click edit and change the information, or select enable, disable, or delete from the status drop-down menu. Note: an entry’s status must be enabled in order fo...
Page 87
Advanced configuration ap-700 user guide filtering 87 note: the static mac filter is an advanced feature. You may find it easier to control wireless traffic via other filtering options, such as ethernet protocol filtering. Figure 4-32 static mac filter configuration each static mac entry contains th...
Page 88
Advanced configuration ap-700 user guide filtering 88 • to block traffic between a specific wired mac address and a specific wireless mac address, configure all four parameters. A maximum of 200 entries can be created in the static mac filter table. To create an entry, click add and enter the approp...
Page 89
Advanced configuration ap-700 user guide filtering 89 • wireless mask: ff:ff:ff:00:00:00 result: when a logical “and” is performed on the wireless mac address and wireless mask, the result corresponds to any mac address beginning with the 00:20:2d prefix. Since wireless client 1 and wireless client ...
Page 90
Advanced configuration ap-700 user guide filtering 90 figure 4-34 advanced filter configuration the following protocols are listed in the advanced filter table: • deny ipx rip • deny ipx sap • deny ipx lsp • deny ip broadcasts • deny ip multicasts the ap can filter these protocols in the wireless-to...
Page 91
Advanced configuration ap-700 user guide filtering 91 figure 4-35 static mac filter table - edit entries tcp/udp port port-based filtering enables you to control wireless user access to network services by selectively blocking tcp/udp protocols through the ap. A user specifies a protocol name, port ...
Page 92
Advanced configuration ap-700 user guide filtering 92 figure 4-36 tcp/udp port filter configuration 2. Click add under the tcp/udp port filter table heading. 3. In the tcp/udp port filter table , enter the protocol names to filter. 4. Set the destination port number (a value between 1 and 65535) to ...
Page 93
Advanced configuration ap-700 user guide filtering 93 figure 4-37 tcp/udp port filter table - add entries editing tcp/udp port filters 1. Click edit under the tcp/udp port filter table heading. 2. Make any changes to the protocol name or port number for a specific entry, if necessary. 3. In the row ...
Page 94
Advanced configuration ap-700 user guide alarms 94 alarms the alarms tab has the following sub-tabs: • groups • alarm host table • syslog • rogue scan groups alarm groups can be enabled or disabled via the web interface. Place a check mark in the box provided to enable a specific group. Remove the c...
Page 95
Advanced configuration ap-700 user guide alarms 95 wireless interface/card trap group operational trap group oritrapauthenticationfailure client authentication failure has occurred. Authentication failures can range from: • mac access control table • radius mac authentication • 802.1x authentication...
Page 96
Advanced configuration ap-700 user guide alarms 96 flash memory trap group tftp trap group image trap group oritrapdhcpfailed response to the dhcp client request not received; device not dynamically assigned an ip address major oritrapdnsclientlookupfailure dns client attempts to resolve a specified...
Page 97
Advanced configuration ap-700 user guide alarms 97 sntp trap group generic trap group a generic snmp trap may be sent for any of the following reasons: in addition, the ap supports these standard traps, which are always enabled: rfc 1215-trap oritrapinvalidimage invalid image loaded onto device majo...
Page 98
Advanced configuration ap-700 user guide alarms 98 bridge mib (rfc 1493) alarms all these alarm groups correspond to system alarms that are displayed in the system status screen , including the traps that are sent by the ap to the snmp managers specified in the alarm host table . Alarm host table to...
Page 99
Advanced configuration ap-700 user guide alarms 99 syslog the syslog messaging system enables the ap to transmit event messages to a central server for monitoring and troubleshooting. The access point logs “session start (log-in)” and “session stop (log-out)” events for each wireless client as an al...
Page 100
Advanced configuration ap-700 user guide alarms 100 • syslog lowest priority logged: the ap will send event messages to the syslog server that correspond to the selected priority number and any priority numbers below it. For example, if set to 6, the ap will transmit event messages labeled priority ...
Page 101
Advanced configuration ap-700 user guide alarms 101 client login authentication status 6 informational client logs in/authenticates. Message includes: • client mac address • authentication type = none, acl, radius mac, 802.1x • cipher type = none, wep, tkip, aes • status = allow, deny • ssid to whic...
Page 102
Advanced configuration ap-700 user guide alarms 102 rogue scan the rogue scan feature provides an additional security level for wireless lan deployments. Rogue scan uses the selected wireless interface(s) for scanning its coverage area for access points and clients. A centralized network manager rec...
Page 103
Advanced configuration ap-700 user guide alarms 103 figure 4-40 preventing rogue ap attacks the figure above shows client 1 connected to a trusted ap and client 2 connected to a rogue ap. The trusted ap scans the networks, detects client 2, and notifies the network manager. The network manager uses ...
Page 104
Advanced configuration ap-700 user guide alarms 104 rogue scan data collection the ap stores information gathered about detected stations during scanning in a rogue scan result table. The rogue scan result table can store a maximum of 2000 entries. When the table fills, the oldest entry gets overwri...
Page 105
Advanced configuration ap-700 user guide alarms 105 8. Configure the scan results trap report style to control the way detected stations are reported in the notification: • report all detected stations since last scan (default) • report all detected stations since start of scan 9. Click ok. The resu...
Page 106
Advanced configuration ap-700 user guide bridge 106 bridge the ap is a bridge between your wired and wireless networking devices. As a bridge, the functions performed by the ap include: • mac address learning • forward and filtering decision making • spanning tree protocol used for loop avoidance on...
Page 107
Advanced configuration ap-700 user guide bridge 107 figure 4-42 spanning tree sub-tab storm threshold storm threshold is an advanced bridge setup option that you can use to protect the network against data overload by: • specifying a maximum number of frames per second as received from a single netw...
Page 108
Advanced configuration ap-700 user guide bridge 108 intra bss the wireless clients (or subscribers) that associate with a certain ap form the basic service set (bss) of a network infrastructure. By default, wireless subscribers in the same bss can communicate with each other. However, some administr...
Page 109
Advanced configuration ap-700 user guide qos 109 qos wi-fi multimedia (wmm)/quality of service (qos) introduction the ap supports wi-fi multimedia (wmm), which is a solution for qos functionality based on the ieee 802.11e specification. Wmm defines enhancements to the mac for wireless lan applicatio...
Page 110
Advanced configuration ap-700 user guide qos 110 figure 4-43 qos policy sub-tab 2. To enable qos, check the enable quality of service checkbox. 3. Configure the qos maximum medium threshold for all admission controls. Admission will be granted if the new requested traffic stream and already admitted...
Page 111
Advanced configuration ap-700 user guide qos 111 figure 4-44 add qos policy 5. Enter the policy name. 6. Select the policy type: • inlayer2: inbound traffic direction, layer 2 traffic type • inlayer3: inbound traffic direction, layer 3 traffic type • outlayer2: outbound traffic direction, layer 2 tr...
Page 112
Advanced configuration ap-700 user guide qos 112 priority mapping use this page to configure qos 802.1p to 802.1d priority mappings (for layer 2 policies) and ip dscp to 802.1d priority mappings (for layer 3 policies). The first entry in each table contains the recommended priority mappings. Custom ...
Page 113
Advanced configuration ap-700 user guide qos 113 figure 4-46 add priority mapping entry 3. Select the 802.1p priority (from 0-7) for 802.1d priorities 0-7. 4. Click ok. 5. Click add in the ip precedence/dscp ranges and 802.1d priority table. 6. Select the ip dscp range for each 802.1d priority. 7. C...
Page 114
Advanced configuration ap-700 user guide qos 114 1. Click configure > qos > edca. Figure 4-47 edca tables 2. Click edit and configure the following parameters in each table: note: changes to edca parameters require a reboot of the ap to take effect. • index: read-only. Indicates the index of the acc...
Page 115
Advanced configuration ap-700 user guide qos 115 – 4 = voice • cwmin: minimum contention window. Configurable range is 0 to 255. • cwmax: maximum contention window. Configurable range is 0 to 65535. • aifsn: arbitration ifs per access category. Configurable range is 2 to 15. • tx op limit: the trans...
Page 116
Advanced configuration ap-700 user guide radius profiles 116 radius profiles configuring radius profiles on the ap allows the administrator to define a profile for radius servers used by the system or by a vlan. The network administrator can define radius servers per authentication mode and per vlan...
Page 117
Advanced configuration ap-700 user guide radius profiles 117 this figure shows a network with separate authentication servers for each authentication type and for each vlan. The clients in vlan 1 are authenticated using the authentication servers configured for vlan 1. The type of authentication ser...
Page 118
Advanced configuration ap-700 user guide radius profiles 118 1. Click add to create a new profile. To modify an existing profile, select the profile and click edit. To delete an existing profile, select the profile and click delete. You cannot delete a radius server profile if it is applied to an ss...
Page 119
Advanced configuration ap-700 user guide radius profiles 119 – dash delimited/mac: mac addresses are formatted with a dash between each pair of digits (xx-yy-zz-aa-bb), and the password sent to the radius server is the mac address of the client. – colon delimited/mac: mac addresses are formatted wit...
Page 120
Advanced configuration ap-700 user guide radius profiles 120 radius accounting using an external radius server, the ap can track and record the length of client sessions on the access point by sending radius accounting messages per rfc2866. When a wireless client is successfully authenticated, radiu...
Page 121
Advanced configuration ap-700 user guide radius profiles 121 • acct-interim-interval – obtained during the authentication process and used for determining the time interval for sending accounting update messages. – this attribute value takes precedence over the value of the accounting update interva...
Page 122
Advanced configuration ap-700 user guide pxu (proximunify) profile and vlan roaming 122 pxu (proximunify) profile and vlan roaming proximunify architecture enables vlan roaming for both data and voice clients. Vlan roaming support is required when a client device roams between aps connected to switc...
Page 123
Advanced configuration ap-700 user guide pxu (proximunify) profile and vlan roaming 123 figure 4-51 pxu profile interface to configure the pxu profile, click configure>radius/pxu profiles>pxu profile. The pxu profile page appears. Following are the configurable fields to set up the pxu profile to fu...
Page 124
Advanced configuration ap-700 user guide ssid/vlan/security 124 ssid/vlan/security the ap provides several security features to protect your network from unauthorized access. This section gives an overview of vlans and then discusses the ssid/vlan/security configuration options in the ap: • vlan ove...
Page 125
Advanced configuration ap-700 user guide ssid/vlan/security 125 figure 4-52 components of a typical vlan vlan workgroups and traffic management access points that are not vlan-capable typically transmit broadcast and multicast traffic to all wireless network interface cards (nics). This process wast...
Page 126
Advanced configuration ap-700 user guide ssid/vlan/security 126 management vlan figure 4-53 mgmt vlan vlan tagging management control access to the ap management access to the ap can easily be secured by making management stations or hosts and the ap itself members of a common vlan. Simply configure...
Page 127
Advanced configuration ap-700 user guide ssid/vlan/security 127 disable vlan tagging 1. Click configure > ssid/vlan/security > mgmt vlan. 2. Remove the check mark from the enable vlan tagging box (to disable all vlan functionality) or set the vlan management id to -1 (to disable vlan tagging only). ...
Page 128
Advanced configuration ap-700 user guide ssid/vlan/security 128 figure 4-55 edit uplink vlan configuration interface to delete uplink vlan configuration 1. Select the index number of the uplink table by clicking the radio button. 2. Click the delete button. Security profile see the following section...
Page 129
Advanced configuration ap-700 user guide ssid/vlan/security 129 (eap) as a standards-based authentication framework, and supports automatic key distribution for enhanced security. The eap-based authentication framework can easily be upgraded to keep pace with future eap types. Popular eap types incl...
Page 130
Advanced configuration ap-700 user guide ssid/vlan/security 130 wi-fi protected access (wpa/802.11i [wpa2]) wi-fi protected access (wpa) is a security standard designed by the wi-fi alliance in conjunction with the institute of electrical and electronics engineers (ieee). The ap supports 802.11i (wp...
Page 131
Advanced configuration ap-700 user guide ssid/vlan/security 131 if you have both 802.1x and mac access control authentication enabled, the 802.1x authentication takes precedence because it is higher in the authentication protocol hierarchy. This is required in order to propagate the wep/tkip/aes key...
Page 132
Advanced configuration ap-700 user guide ssid/vlan/security 132 figure 4-57 security profile configuration 2. Click add in the security profile table to create a new entry. To modify an existing profile, select the profile and click edit. To delete an existing profile, select the profile and click d...
Page 133
Advanced configuration ap-700 user guide ssid/vlan/security 133 — for 152-bit encryption, an encryption key is 32 hexadecimal characters or 16 ascii characters. • encryption transmit key: select key 0, key 1, key 2, or key 3 note: when vlan tagging is enabled, only key 0 can be configured. • 802.1x ...
Page 134
Advanced configuration ap-700 user guide ssid/vlan/security 134 figure 4-58 security profile table - add entries mac access the mac access sub-tab allows you to build a list of stations, identified by their mac addresses, authorized to access the network through the ap. The list is stored inside eac...
Page 135
Advanced configuration ap-700 user guide ssid/vlan/security 135 note: when mac acl table is in strict mode, any change done in the mac acl web page takes effect dynamically. When not set to strict, all the changes in the mac acl web page requires a reboot. The following list details the configurable...
Page 136
Advanced configuration ap-700 user guide ssid/vlan/security 136 1. Click ssid/vlan/security > wireless. The ssid, vlan, and security configuration page is displayed. Figure 4-60 ssid, vlan, and security configuration (vlan tagging disabled) 2. Enable or disable radius accounting on the vlan/ssid by ...
Page 137
Advanced configuration ap-700 user guide ssid/vlan/security 137 • strict: radius mac acl settings are enabled. If a higher-priority authentication protocol is also enabled, radius mac acl settings will be applied in addition to the higher priority authentication protocol settings. See authentication...
Page 138
Advanced configuration ap-700 user guide ssid/vlan/security 138 figure 4-61 ssid/vlan edit entries screen (vlan tagging disabled) 9. Enter a unique network name (ssid) between 1 and 32 characters. This parameter is mandatory. Note: do not use quotation marks (single or double) in the network name; t...
Page 139
Advanced configuration ap-700 user guide ssid/vlan/security 139 • partial: the ssid is advertised in the beacon, and the ap will not respond to "any" ssid requests. The partial setting reduces network traffic by eliminating the repeated broadcast of ssids in probe responses. • disable: the ssid is a...
Page 140
Advanced configuration ap-700 user guide ssid/vlan/security 140 figure 4-62 ssid/vlan configuration (vlan tagging enabled) note: if you disable (uncheck) the enable security per ssid option, you will be able to add multiple ssid/vlans, but the same configuration parameters (described below) will app...
Page 141
Advanced configuration ap-700 user guide ssid/vlan/security 141 figure 4-63 ssid/vlan edit entries screen (vlan tagging enabled) 4. Enter a unique network name (ssid) between 1 and 32 characters. This parameter is mandatory. Note: do not use quotation marks (single or double) in the network name; th...
Page 142
Advanced configuration ap-700 user guide ssid/vlan/security 142 • when vlan is "untagged" and cmob status is enabled, the converged mobility (cmob) functionality does not work. 6. Select the status of closed system to control whether the ssid is advertised in the beacon and manage the way probe requ...
Page 143
Advanced configuration ap-700 user guide ssid/vlan/security 143 18.Set the maximum tx bandwidth in kbps. If this parameter is set to 0, full bandwidth is available. 19.Set the maximum rx bandwidth in kbps. If this parameter is set to 0, full bandwidth is available. 20.If editing an entry, enable or ...
Page 144: Monitoring
143 ap-700 user guide 5 monitoring this chapter discusses the following monitoring options: • version: provides version information for the access point’s system components. • icmp: displays statistics for internet control message protocol packets sent and received by the ap. • ip/arp table: display...
Page 145
Monitoring ap-700 user guide version 144 version from the http interface, click the monitor button and select the version tab. The list displayed provides you with information that may be pertinent when calling technical support. With this information, your technical support representative can verif...
Page 146
Monitoring ap-700 user guide icmp 145 icmp this tab provides statistical information for both received and transmitted messages directed to the ap. Not all icmp traffic on the network is counted in the icmp (internet control message protocol) statistics. Figure 5-3 icmp monitoring tab.
Page 147
Monitoring ap-700 user guide ip/arp table 146 ip/arp table this tab provides information based on the address resolution protocol (arp), which relates mac address and ip addresses. Figure 5-4 ip/arp table monitoring tab.
Page 148
Monitoring ap-700 user guide learn table 147 learn table this tab displays information relating to network bridging. It reports the mac address for each node that the device has learned is on the network and the interface on which the node was detected. There can be up 10,000 entries in the learn ta...
Page 149
Monitoring ap-700 user guide iapp 148 iapp this tab displays statistics relating to client handovers and communications between access points. Figure 5-6 iapp monitoring tab.
Page 150
Monitoring ap-700 user guide radius 149 radius this tab provides radius authentication, eap/802.1x authentication, and accounting information for both the primary and backup radius servers for each radius server profile. Note: separate radius servers can be configured for each radius server profile....
Page 151
Monitoring ap-700 user guide interfaces 150 interfaces this tab displays statistics for the ethernet and wireless interfaces. Figure 5-8 interface monitoring tab (ethernet) description of interface statistics the following statistics are displayed for the ethernet interface only, the wireless interf...
Page 152
Monitoring ap-700 user guide interfaces 151 • ethernet chipset (ethernet): identifies the chipset used to realize the interface. • excessive collisions (ethernet): the number of frames for which transmission fails due to excessive collisions. • failed ack count (wireless): the number of times an ack...
Page 153
Monitoring ap-700 user guide interfaces 152 • out errors (ethernet/wireless): the number of outbound packets that could not be transmitted because of errors. • out non-unicast packets (ethernet/wireless): the total number of packets that higher-level protocols requested be transmitted to a non-unica...
Page 154
Monitoring ap-700 user guide station statistics 153 station statistics this tab displays information on wireless clients attached to the ap and on wireless distribution system. Enable the monitoring station statistics feature (station statistics are disabled by default) by checking enable monitoring...
Page 155
Monitoring ap-700 user guide station statistics 154 • time since last frame received: the time elapsed since the last frame from the associated wireless station (or wds link partner) was received. • number of stations and wds links: the number of stations and wds links monitored. The following stati...
Page 156
Monitoring ap-700 user guide mesh statistics 155 mesh statistics as the ap-700 does not support mesh functionality, this tab contains no information. Visit www.Proxim.Com for information on mesh. Figure 5-10 mesh monitoring tab.
Page 157: Commands
156 ap-700 user guide 6 commands this chapter contains information on the following command functions: • introduction to file transfer via tftp or http : describes the available file transfer methods. • update ap: download files via tftp or http to the ap. • retrieve file: upload configuration files...
Page 158
Commands ap-700 user guide introduction to file transfer via tftp or http 157 introduction to file transfer via tftp or http there are two methods of transferring files to or from the ap: tftp or http (or https if enabled): • downloading files (configuration, ap image, bootloader, license, private k...
Page 159
Commands ap-700 user guide update ap 158 update ap update ap via tftp use the update ap via tftp tab to download configuration, ap image, bootloader files, certificate and private key files, and cli batch file to the ap. A tftp server must be running and configured to point to the directory containi...
Page 160
Commands ap-700 user guide update ap 159 – cli batch file: a cli batch file that contains cli commands to configure the ap. This file will be executed by the ap immediately after being uploaded. See cli batch file for more information. • file operation: select either update ap or update ap & reboot....
Page 161
Commands ap-700 user guide update ap 160 figure 6-4 warning message 4. Click ok to continue with the operation or cancel to abort the operation. Note: an http file transfer using ssl may take extra time. If the operation completes successfully the following screen appears. Figure 6-5 update ap succe...
Page 162
Commands ap-700 user guide retrieve file 161 retrieve file retrieve file via tftp use the retrieve file via tftp tab to upload files from the ap to the tftp server. The tftp server must be running and configured to point to the directory to which you want to copy the uploaded file. We suggest you as...
Page 163
Commands ap-700 user guide retrieve file 162 retrieve file via http use the retrieve file via http tab to retrieve configuration files, cli batch files, or cli batch logs from the ap. For more information on cli batch files and cli batch logs see cli batch file . 1. Select the type of file (config, ...
Page 164
Commands ap-700 user guide retrieve file 163 figure 6-10 file download dialog box 4. On clicking the save button the save aswindow displays. Select an appropriate filename and location and click ok..
Page 165
Commands ap-700 user guide reboot 164 reboot use the reboot tab to save configuration changes (if any) and reset the ap. Enter a value between 0 and 65535 seconds; entering a value of 0 (zero) seconds causes an immediate reboot. Note that reset, described below, does not save configuration changes. ...
Page 166
Commands ap-700 user guide reset 165 reset use the reset tab to restore the ap to factory default conditions. Since this will reset the ap’s current ip address, a new ip address must be assigned. See logging in for more information. Caution: resetting the ap to its factory default configuration will...
Page 167
Commands ap-700 user guide help link 166 help link use the help tab to configure the location of the ap help files. During initialization, the ap on-line help files are downloaded to the default location: c:/program files/orinoco/ap700/html/index.Htm. To enable the help button on each page of the we...
Page 168: Troubleshooting
167 ap-700 user guide 7 troubleshooting this chapter provides information on the following: • troubleshooting concepts • symptoms and solutions • recovery procedures • related applications note: this section helps you locate problems related to the ap device setup. For details about radius, tftp, se...
Page 169
Troubleshooting ap-700 user guide symptoms and solutions 168 symptoms and solutions connectivity issues connectivity issues include any problem that prevents you from powering up or connecting to the ap. Ap unit will not boot - no led activity 1. Make sure your power source is operating. 2. Make sur...
Page 170
Troubleshooting ap-700 user guide symptoms and solutions 169 2. The ap only contacts a dhcp server during boot-up. If your network’s dhcp server is not available while the ap is booting, the device will use the default ip address (169.254.128.132). Reboot the ap once your dhcp server is on-line agai...
Page 171
Troubleshooting ap-700 user guide symptoms and solutions 170 5. If you have a problem uploading a file, verify that the tftp server is configured to allow uploads (typically the default setting is to allow only downloads). Client connection problems client software finds no connection make sure you ...
Page 172
Troubleshooting ap-700 user guide symptoms and solutions 171 caution: the forced reload procedure disconnects all users and resets all values to factory defaults. Cmob operation issues • client computer can not connect to a cmob-enabled ssid — the pxu profile should have at least one pxu module (pri...
Page 173
Troubleshooting ap-700 user guide symptoms and solutions 172 “overload” indications 1. Verify that you are not using a cross-over cable between the poe output port and the ap. 2. Verify that there is no short over any of the twisted pair cables. 3. Move the device into a different output port (remem...
Page 174
Troubleshooting ap-700 user guide recovery procedures 173 recovery procedures the most common installation problems relate to ip addressing. For example, without the tftp server ip address, you will not be able to download a new ap image to the ap. Ip address management is fundamental. We suggest yo...
Page 175
Troubleshooting ap-700 user guide recovery procedures 174 – download a new image using the bootloader cli because the cli option requires a physical connection to the unit’s serial port, proxim recommends the scantool option. Download a new image using scantool to download the ap image, you will nee...
Page 176
Troubleshooting ap-700 user guide recovery procedures 175 you must also connect the ap to a computer with a standard serial cable and use a terminal client, such as hyperterminal. From the terminal, enter cli commands to set the ip address and download an ap image. Preparing to download the ap image...
Page 177
Troubleshooting ap-700 user guide recovery procedures 176 [device name]> reboot the ap will reboot and then download the image file. You should see downloading activity begin after a few seconds within the tftp server’s status screen. 8. When the download process is complete, configure the ap. Setti...
Page 178
Troubleshooting ap-700 user guide recovery procedures 177 figure 7-1 result of “show ip” cli command 6. Change the ip address and other network values using set and reboot cli commands, similar to the example below (use your own ip address and subnet mask). Note that ip address type is set to dynami...
Page 179
Troubleshooting ap-700 user guide related applications 178 related applications radius authentication server if you enabled radius authentication on the ap, make sure that your network’s radius servers are operational. Otherwise, clients will not be able to log in. There are several reasons the auth...
Page 180: Command Line Interface (Cli)
179 ap-700 user guide a command line interface (cli) this section discusses the following: • general notes • command line interface (cli) variations • cli command types • using tables and strings • configuring the ap using cli commands • cli monitoring parameters • parameter tables • cli batch file ...
Page 181
Command line interface (cli) ap-700 user guide general notes 180 general notes prerequisite skills and knowledge to use this document effectively, you should have a working knowledge of local area networking (lan) concepts, network access infrastructures, and client-server relationships. In addition...
Page 182
Command line interface (cli) ap-700 user guide general notes 181 cli error messages the following table describes the error messages associated with improper inputs or expected cli behavior. Tab complete the command line ? List available commands error message description syntax error invalid syntax...
Page 183
Command line interface (cli) ap-700 user guide command line interface (cli) variations 182 command line interface (cli) variations administrators use the cli to control access point operation and monitor network statistics. The ap supports two types of cli: the bootloader cli and the normal cli. The...
Page 184
Command line interface (cli) ap-700 user guide command line interface (cli) variations 183 figure a-2 results of “show” bootloader cli command.
Page 185
Command line interface (cli) ap-700 user guide cli command types 184 cli command types this guide divides cli commands into two categories: operational and parameter controls. Operational cli commands these commands affect access point behavior, such as downloading, rebooting, and so on. After enter...
Page 186
Command line interface (cli) ap-700 user guide cli command types 185 example 2. Display specific commands to show all commands that start with specified letters, enter one or more letters, then ? With no space between letters and ?. [device-name]>s? Figure a-4 result of “s?” cli command example 3. D...
Page 187
Command line interface (cli) ap-700 user guide cli command types 186 figure a-7 result of “show iparp?” cli command example 4. Display prompts for successive parameters enter the command, a space, and then ?. Then, when the parameter prompt appears, enter the parameter value. The parameter is change...
Page 188
Command line interface (cli) ap-700 user guide cli command types 187 help displays instructions on using control-key sequences for navigating a command line and displays command information and examples. 1. Using help as the only argument: [device-name]>help figure a-8 results of “help” cli command ...
Page 189
Command line interface (cli) ap-700 user guide cli command types 188 search lists the parameters supported by the specified table. This list corresponds to the table information displayed in the http interface. In this example, the cli returns the list of parameters that make up an entry in the ip a...
Page 190
Command line interface (cli) ap-700 user guide cli command types 189 [device-name]>show network [device-name]>show mgmtipaccesstbl “set” cli command sets (modifies) the value of the specified parameter. To see a definition and syntax example, type only set and then press the enter key. To see a list...
Page 191
Command line interface (cli) ap-700 user guide cli command types 190 example 2 - create a table entry or row use 0 (zero) as the index to a table when creating an entry. When creating a table row, only the mandatory table elements are required (comment is usually an optional table element). For opti...
Page 192
Command line interface (cli) ap-700 user guide cli command types 191 figure a-10 results of “show network” and “show ip” cli commands example 6 - show individual and table parameters 1. View a single parameter. Syntax: [device-name]>show example: [device-name]> show ipaddr displays the access point ...
Page 193
Command line interface (cli) ap-700 user guide using tables and strings 192 using tables and strings working with tables each table element (or parameter) must be specified, as in the example below. [device-name]>set mgmtipaccesstbl 0 ipaddr 10.0.0.10 ipmask 255.255.0.0 below are the rules for creat...
Page 194
Command line interface (cli) ap-700 user guide using tables and strings 193 the string delimiter does not have to be used for every string object. The single quote or double quote only has to be used for string objects that contain blank space characters. If the string object being used does not con...
Page 195
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 194 configuring the ap using cli commands log into the ap using hyperterminal 1. Open your terminal emulation program (like hyperterminal) and set the following connection properties: • com port: • baud rate: 9600 •...
Page 196
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 195 set basic configuration parameters using cli commands there are a few basic configuration parameters that you may want to setup right away when you receive the ap. For example: • set system name, location and co...
Page 197
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 196 [device-name]>set snmprpasswd (snmp read password) [device-name]>set snmprwpasswd (snmp read/write) [device-name]>set snmpv3authpasswd (snmpv3 authentication password) [device-name]>set snmpv3privpasswd (snmpv3 ...
Page 198
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 197 enable and configure tx power control for the wireless interface the tx power control feature lets the user configure the transmit power level of the card in the ap. Armenia am iceland is philippines ph australi...
Page 199
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 198 perform the following commands to enable tx power control and set the transmit power level: [device-name]>set txpowercontrol enable [device-name]>set wif currentbackofftpcvalue configure ssids (network names), v...
Page 200
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 199 note: the configuration filename and tftp server ip address are configured only when the ap is configured for static ip. If the ap is configured for dynamic ip these parameters are not used and obtained from dhc...
Page 201
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 200 other network settings there are other configuration settings that you may want to set for the ap. Some of them are listed below. • configure the ap as a dhcp server • configure the dns client • configure dhcp r...
Page 202
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 201 configure dhcp relay perform the following command to enable or disable dhcp relay agent status. Note: you must have at least one entry in the dhcp relay server table before you can set the dhcp relay status to ...
Page 203
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 202 the values for the dcs threshold range from 1 to 10. The default value is 5. Enable/disable closed system [device-name]>set wif 3 closedsys shutdown/resume wireless service [device-name]>set wif 3 wssstatus set ...
Page 204
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 203 set ethernet speed and transmission mode [device-name]>set etherspeed (see below) [device-name]>reboot 0 set vlan parameters [device-name]> set ethvlanmode this command is configured to select any of the four mo...
Page 205
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 204 configure management ports [device-name]>set snmpifbitmask (see below)> [device-name]>set httpifbitmask (see below)> [device-name]>set telifbitmask (see below)> choose from the following values: set communicatio...
Page 206
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 205 configure syslog [device-name]>set syslogpriority [device-name]>set syslogstatus [device-name]>set sysloghbstatus (default is disable) [device-name]>set sysloghbinterval (default is 900 seconds) [device-name]>se...
Page 207
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 206 maxretx acctupdtintrvl macaddrfmt authlifetm radaccinactivetmr vlanid status enable note: to create a new radius profile, use 0 for index>. Examples of configuring primary and secondary radius servers and displa...
Page 208
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 207 server status : notready server addressing format : ipaddr ip address/host name : 0.0.0.0 destination port : 1812 vlan identifier : -1 mac address format : dashdelimited response time : 3 maximum retransmission ...
Page 209
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 208 disable vlan management [device-name]>set vlanstatus disable or [device-name]>set vlanmgmtid -1 [device-name]>reboot 0 add a entry to the wifssid table [device-name]>set wifssidtbl ssid vlanid status enable set ...
Page 210
Command line interface (cli) ap-700 user guide configuring the ap using cli commands 209 example: [device-name]>set secprofiletbl 8 secmode 802.11i-psk passphrase 12345678 status enable.
Page 211
Command line interface (cli) ap-700 user guide cli monitoring parameters 210 cli monitoring parameters using the show command with the following table parameters will display operating statistics for the ap (these are the same statistics that are described in the monitoring section). • staticmp: dis...
Page 212
Command line interface (cli) ap-700 user guide parameter tables 211 parameter tables objects contain groups that contain both parameters and parameter tables. Use the following tables to configure the access point. Columns used on the tables include: • name - parameter, group, or table name • type -...
Page 213
Command line interface (cli) ap-700 user guide parameter tables 212 – tcp/udp port filtering - filter ip packets based on tcp/udp port • alarms parameters – snmp table host table parameters - enter the list of ip addresses that will receive alarms from the ap – syslog parameters - configure the ap t...
Page 214
Command line interface (cli) ap-700 user guide parameter tables 213 system parameters * available only on aps with model numbers ending in -wd. When available, this object must be configured before any interface parameters can be set. Country identifiers note: all countries may not be available on y...
Page 215
Command line interface (cli) ap-700 user guide parameter tables 214 finland indoor fi1 outdoor fi2 france indoor fr1 outdoor fr2 germany indoor de1 outdoor de2 greece indoor gr1 outdoor gr2 hungary indoor hu1 outdoor hu2 ireland indoor ie1 outdoor ie2 italy indoor it1 outdoor it2 latvia indoor lv1 o...
Page 216
Command line interface (cli) ap-700 user guide parameter tables 215 inventory management information the inventory management commands display advanced information about the ap’s installed components. You may be asked to report this information to a representative if you contact customer support. Ne...
Page 217
Command line interface (cli) ap-700 user guide parameter tables 216 dns client for radius name resolution dhcp server parameters * the dhcp server (dhcpstatus) can only be enabled after a dhcp ip pool table entry has been created. Dhcp server table for ip pools * ip addresses must be from within the...
Page 218
Command line interface (cli) ap-700 user guide parameter tables 217 dhcp relay group the dhcp relay group allows you to enable or disable dhcp relay agent status. Dhcp relay server table the dhcp relay server table contains the commands to set the table entries. The ap supports the configuration of ...
Page 219
Command line interface (cli) ap-700 user guide parameter tables 218 sntp parameters link integrity parameters link integrity ip target table name type value access cli parameter sntp group group n/a r sntp sntp status integer enable disable rw sntpstatus primary server name or ip address displaystri...
Page 220
Command line interface (cli) ap-700 user guide parameter tables 219 interface parameters wireless interface parameters the wireless interface group parameter is wif. The wireless interface uses table index 3. Common parameters to 802.11a and 802.11b/g * for 802.11a aps certified in the etsi and tele...
Page 221
Command line interface (cli) ap-700 user guide parameter tables 220 ** each 802.11 packet is acknowledged by the receiving station. On links longer than about 100m, the time that it takes for the ack to get back to the sending station is long enough to cause the sending station to believe that the p...
Page 222
Command line interface (cli) ap-700 user guide parameter tables 221 802.11b specific parameters 802.11b/g specific parameters name type value access cli parameter operating frequency channel integer 1 - 14; available channels vary by regulatory domain/country; see available channels rw channel multi...
Page 223
Command line interface (cli) ap-700 user guide parameter tables 222 * also for 802.11g-wifi mode. 802.11g-wifi has been defined for wi-fi testing purposes; it is not recommended for use in your wireless network environment. † available in 802.11b/g or 802.11g modes only. Transmit rate integer32 for ...
Page 224
Command line interface (cli) ap-700 user guide parameter tables 223 wireless distribution system (wds) parameters wireless distribution system (wds) security table parameters the wds security table manages wds related security objects. Wireless interface ssid/vlan/profile parameters the wireless int...
Page 225
Command line interface (cli) ap-700 user guide parameter tables 224 ethernet interface parameters radius eap profile displaystring user defined rw radeapprofile radius accounting profile displaystring user defined rw radacctprofile qos policy integer32 user defined rw qospolicy name type value acces...
Page 226
Command line interface (cli) ap-700 user guide parameter tables 225 management parameters secure management parameters snmp parameters http parameters * the help link must be set to an http address. Use the forward slash character ("/") rather than the backslash character ("\") when configuring the ...
Page 227
Command line interface (cli) ap-700 user guide parameter tables 226 telnet parameters serial port parameters radius based management access parameters the radius based management access parameters allow you to enable http or telnet radius management access, enable or disable local user access, and c...
Page 228
Command line interface (cli) ap-700 user guide parameter tables 227 the ap ssh feature, open-ssh, confirms to the ssh protocol, and supports ssh version 2. The following ssh clients have been verified to interoperate with the ap’s server. The following table lists the clients, version number, and th...
Page 229
Command line interface (cli) ap-700 user guide parameter tables 228 ip access table parameters when creating table entries, you may either specify the argument name followed by argument value or simply enter the argument value. When only the argument value is specified, then enter the values in the ...
Page 230
Command line interface (cli) ap-700 user guide parameter tables 229 proxy arp parameters ip arp filtering parameters broadcast filtering table tcp/udp port filtering the following parameters are used to enable/disable the port filter feature. Static mac address on wired network physaddress user defi...
Page 231
Command line interface (cli) ap-700 user guide parameter tables 230 tcp/udp port filtering table the following parameters are used to configure tcp/udp port filters. Alarms parameters snmp table host table parameters when creating table entries, you may either specifying the argument name followed b...
Page 232
Command line interface (cli) ap-700 user guide parameter tables 231 syslog parameters the following parameters configure the syslog settings. Note: when heartbeat is enabled, the ap periodically sends a message to the syslog server to indicate that it is active. The frequency with which the heartbea...
Page 233
Command line interface (cli) ap-700 user guide parameter tables 232 bridge parameters spanning tree parameters spanning tree priority and path cost table storm threshold parameters name type value access cli parameter spanning tree group n/a r stp spanning tree status integer enable disable (default...
Page 234
Command line interface (cli) ap-700 user guide parameter tables 233 storm threshold table intra bss subscriber blocking the following parameters control the intra bss traffic feature, which prevent wireless clients that are associated with the same ap from communicating with each other: packet forwa...
Page 235
Command line interface (cli) ap-700 user guide parameter tables 234 radius parameters general radius parameters radius server configuration parameters note: use a server name only if you have enabled the dns client functionality. See dns client for radius name resolution . Name type value access cli...
Page 236
Command line interface (cli) ap-700 user guide parameter tables 235 security parameters mac access control parameters mac access control table rogue scan configuration table the rogue scan configuration table allows you to enable or disable rogue scan and configure the scanning parameters. 802.1x pa...
Page 237
Command line interface (cli) ap-700 user guide parameter tables 236 security profile table the security profile table allows you to configure security profiles. A maximum of 16 security profiles are supported. Each security profile can contain one or more enabled security modes (non-secure station, ...
Page 238
Command line interface (cli) ap-700 user guide parameter tables 237 each ascii character corresponds to two hexadecimal digits. See ascii character chart for ascii/hexadecimal correspondence. Vlan/ssid parameters other parameters iapp parameters note: these parameters configure the inter access poin...
Page 239
Command line interface (cli) ap-700 user guide parameter tables 238 enabling qos configuring qos policies the qos group manages the qos policies: * qos must be enabled on the wireless interface before spectralink can be enabled. † a priority mapping needs to be specified for a qos policy. The priori...
Page 240
Command line interface (cli) ap-700 user guide parameter tables 239 specifying the mapping between ip precedence/dscp ranges and 802.1d priorities the qos ip dscp to 802.1d mapping table specifies the mapping between ip precedence/dscp ranges and 802.1d priorities. Qos enhanced distributed channel a...
Page 241
Command line interface (cli) ap-700 user guide parameter tables 240 examples: show qosedcatbl (or qosqapedcatbl) set qosedcatbl (or qosqapedcatbl) . For example: set qosedcatbl 3.1 cwmin 15 defining the qos policy used for a wireless interface ssid the qos policy object configures the qos policy to ...
Page 242
Command line interface (cli) ap-700 user guide cli batch file 241 cli batch file a cli batch file is a user-editable file that lists a series of cli set commands, that can be uploaded to the access point to change its configuration. The access point executes the cli commands specified in the cli bat...
Page 243
Command line interface (cli) ap-700 user guide cli batch file 242 reboot behavior when a cli batch file contains a reboot command, the reboot will occur only after the entire cli batch file has been executed. There are two methods of uploading the cli batch file: • upload • upload and reboot (this o...
Page 244: Proximunify (Pxu) Management
243 ap-4000/4000m/4900m user guide b proximunify (pxu) management this section discusses the mib parameters: • to manage cmob • to manage the pxu • to manage the uplink vlan id table to manage cmob * the value 1 means you can choose only one pxu profile. To manage the pxu name type value access mib ...
Page 245
Proximunify (pxu) management ap-4000/4000m/4900m user guide 244 to manage the uplink vlan id table name type access mib objects uplink vlan id table table n/a oriuplinkvlanidtable uplink vlan id table entry table entry n/a oriuplinkvlanidtableentry uplink vlan id table index integer32 ro oriuplinkvl...
Page 246: Ascii Character Chart
245 ap-700 user guide c ascii character chart you can configure wep encryption keys in either hexadecimal or ascii format. Hexadecimal digits are 0-9 and a-f (not case sensitive). Ascii characters are 0-9, a-f, a-f (case sensitive), and punctuation marks. Each ascii character corresponds to two hexa...
Page 247: Specifications
246 ap-700 user guide d specifications • software features • hardware specifications • available channels software features the tables below list the software features available on the ap-700. • number of stations per bss • management functions • advanced bridging functions • medium access control (...
Page 248
Specifications ap-700 user guide software features 247 advanced bridging functions medium access control (mac) functions * dfs is required for 802.11a aps certified in the etsi, telec, fcc, and ic regulatory domains and operating in the middle frequency band. When acs is disabled, available channels...
Page 249
Specifications ap-700 user guide software features 248 security functions * key lengths supported by 802.11a: 64-bit, 128-bit, and 152-bit. Key lengths supported by 802.11b: 64-bit and 128-bit. Key lengths supported by 802.11b/g: 64-bit, 128-bit, and 152-bit. † eap-md5, eap-tls, eap-ttls, and peap c...
Page 250
Specifications ap-700 user guide hardware specifications 249 hardware specifications category specification physical dimensions (h x w x l) 1 x 4.75 x 7.1 in (25 x 121 x 180 mm) weight unit: .65 lb (.295 kg) power supply: .45 lbs (.20 kg) electrical voltage 100 to 240 vac +/- 10% (50-60 hz) (power s...
Page 251
Specifications ap-700 user guide available channels 250 available channels available channels vary based on operational mode and country. To verify which channels are available for your product: 1. Locate the product model number on the underside of your ap unit or on the unit’s box. 2. Note the alp...
Page 252
Specifications ap-700 user guide available channels 251 wd sku channels by country available channel bands depend on the selected country and mode of use (indoor/outdoor). The typical channels available in each 802.11a frequency band are as follows: band supported channels all channels (a) 30 to 215...
Page 253
Specifications ap-700 user guide available channels 252 latvia indoor l, m, h 1 - 13 lv1 lv outdoor h 1 - 13 lv2 lv lithuania indoor l, m, h 1 - 13 lt1 lt outdoor h 1 - 13 lt2 lt luxembourg indoor l, m, h 1 - 13 lu1 lu outdoor h 1 - 13 lu2 lu malta indoor l, m, h 1 - 13 mt1 mt outdoor h 1 - 13 mt2 m...
Page 254
253 ap-700 user guide e technical services and support see the following sections: • obtaining technical services and support • support options – proxim eservice web site support – telephone support – servpak support obtaining technical services and support if you are having trouble utilizing your p...
Page 255
Technical services and support ap-700 user guide support options 254 support options proxim eservice web site support the proxim eservice web site is available 7x24x365 at http://support.Proxim.Com . On the proxim eservice web site, you can access the following services: • new product registration: ...
Page 256
Technical services and support ap-700 user guide support options 255 • 8x5 technical support: this service provides unlimited, direct access to proxim’s world-class technical support 8 hours a day, 5 days a week from 8:00am - 5:00pm (pst (us)). Technical support is available at no charge for the fir...
Page 257: Statement of Warranty
256 ap-700 user guide f statement of warranty warranty coverage proxim wireless corporation warrants that its products are manufactured solely from new parts, conform substantially to specifications, and will be free of defects in material and workmanship for a warranty period of 1 year from the dat...
Page 258
Statement of warranty ap-700 user guide other information 257 sent to buyer. In the event the customer service center instructs buyer to return the product to proxim wireless for repair or replacement, the customer service center will provide buyer a return material authorization (“rma”) number and ...