Allied Telesis AT-WA7500 Bedienungsanleitung

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339

Zur Seite of

Richtige Gebrauchsanleitung

Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Allied Telesis AT-WA7500 an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Allied Telesis AT-WA7500, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.

Was ist eine Gebrauchsanleitung?

Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Allied Telesis AT-WA7500 die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.

Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Allied Telesis AT-WA7500. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.

Was sollte also eine ideale Gebrauchsanleitung beinhalten?

Die Gebrauchsanleitung Allied Telesis AT-WA7500 sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Allied Telesis AT-WA7500
- Den Namen des Produzenten und das Produktionsjahr des Geräts Allied Telesis AT-WA7500
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Allied Telesis AT-WA7500
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen

Warum lesen wir keine Gebrauchsanleitungen?

Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Allied Telesis AT-WA7500 zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Allied Telesis AT-WA7500 und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Allied Telesis finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Allied Telesis AT-WA7500 zu überspringen, wie es bei der Papierform passiert.

Warum sollte man Gebrauchsanleitungen lesen?

In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Allied Telesis AT-WA7500, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.

Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Allied Telesis AT-WA7500 widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.

Inhaltsverzeichnis der Gebrauchsanleitungen

  • Seite 1

    Access Points AT-WA7500 AT-WA7501 ◆ Installation and User’s Guide VERSION 2.3 ® PN 613-000066 Rev C[...]

  • Seite 2

    Copyright © 2005 Allied Telesyn, Inc. 3200 North First Street, San Jose, CA 95134 USA All rights reserved. No part of this publication may be reproduc ed without prior written permission from Allied Telesyn, Inc. Microsoft is a registered trademark of Microsoft Corpo ration, Netscape Naviga tor is a registered tr ademark of Netscape Communications[...]

  • Seite 3

    3 Preface .............. .............. .............. .............. .............. .............. .............. .............. .............. ... .............. .............. .............. .... 7 Document Conventions ............. ................. ........... ........ .............. .............. .............. .............. ......... .....[...]

  • Seite 4

    Contents 4 Connecting Power Over Ethernet ........................ ................. ................. .............. ................. ........ ......... .............. .............. 59 External Antenna Placement Guidelines ........... ........ .............. .............. .............. .............. .............. . .......... .............. [...]

  • Seite 5

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 5 Chapter 6 Configuring Security ...................... .............. .............. .............. .............. .............. .............. .............. ....... ..................... 169 Understanding Security .... ......... .............. .............. .............. .............. [...]

  • Seite 6

    Contents 6 Using the AP Monitor .................. ................. ...... .............. .............. .............. .............. .......... ............... .............. .............. . 266 Entering the AP Monitor ... ............ .............. .............. .............. .............. .............. .............. ..... ..............[...]

  • Seite 7

    7 Pr eface This manual provides you with information about the features o f the Allied Telesyn AT-WA7500 and AT-WA7501 access points with software release 2.0 (or later). This manual also descr ibes how to install, configure, operate, maintain, and troubleshoot the access po ints.[...]

  • Seite 8

    Preface 8 Document Conventions This document uses the following conventions: Note Notes provide additional informatio n. Caution Cautions inform you t hat performing or omitting a spe cific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a sp ecific action may result in bodily injury.[...]

  • Seite 9

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 9 Where to Find Web-based Guides The installation and user guides for all Allie d Telesyn products are available in Portable Document Format (PDF) from on our web site at www.alliedtelesyn.com . You can view the documents on-line or download them onto a local workstation or server.[...]

  • Seite 10

    Preface 10 Contacting Allied Telesyn This section provides Allied Telesyn contact information f or technical support as well as sales or corporate informat ion. Online Support You can request technical sup port online by accessing the Allied T elesyn Knowledge Base from the following web site: www.alliedtelesyn.co m/kb . You can use the Knowledge B[...]

  • Seite 11

    11 Chapter 1 Getting S tarted This chapter introduces the Alli ed Telesyn AT-WA7500 and AT-WA7501 access points, explains their feat ures, and describe s how you can use them to expand your data collection network. This chapter covers these topics:  “Which Allied T elesyn Access Product s Does This Manual Support?” on page 12  “Overview[...]

  • Seite 12

    Chapter 1: Get ting Started 12 Which Allied Telesyn Access Prod ucts Does This Manual Support? This system manual supports the AT-WA7500 and AT-WA7501 access points with softwa re release 2.2.[...]

  • Seite 13

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 13 Overview of the AT-WA7500 and AT-WA7501 Access Point Products The Allied Telesyn AT-WA7500 and AT-WA7501 a ccess points deliver reliable and seamless wireless p erf ormance to almost any operational environment. They are designed for sta ndards-based connectivity and they support industry [...]

  • Seite 14

    Chapter 1: Get ting Started 14 Figure 1. Access Point Architecture Access points are multiport (Ethernet-to-wireless) bridges, and because wireless end devices operate similarly to other Ethernet devices, all your existing Ethernet applications will work with the wireless network without any special networking software. Any access po int, except th[...]

  • Seite 15

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 15 Features This table lists the features of the access points. T able 1. Access Point Feature Comp arison Feature A T-W A 7500 A T-W A7501 Access Point Y es Y es Point-to-Point Bridge (Wireless Bridge) Ye s Ye s Wireless Access Point (W AP) or Repeater Ye s Ye s Secure Wireless Hops (SW AP) [...]

  • Seite 16

    Chapter 1: Get ting Started 16 * The 802.11g radio is sometimes ref erred to as the 802.11b/g radio because it can be configured to communicate wit h any 802.11b and 802.11g radios that have the same SSID and security settings. For details, see “About the Radios” on page 9 7. Other features of all access points include:  the ability to be ma[...]

  • Seite 17

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 17 reservation (including a fragment ation threshold and a reservation threshold).  A T -W A7500 Configuration Wizard: Y ou can use the configuration wizard to help you configure and maint ain your access point network.  Ability to configure diffe rent SSIDs to use different authenticat[...]

  • Seite 18

    Chapter 1: Get ting Started 18 This illustration shows the LEDs that are on the AT-WA7501 access point. For help understanding these LEDs, see the LED Descriptions table on page 17. Figure 2. AT-WA7501 LEDs This illustration shows the LEDs that are on the AT-WA7500 access point. For help understanding these LEDs, see the LED Descriptions table on p[...]

  • Seite 19

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 19 Understanding the Ports The access point may have up to four ports. To access the ports on the AT-WA7 501, you must remove the cable access door. To remove the AT-WA7501 cable access door 1. Unscrew the two thumbscrews on the cable access door. 2. Remove the door. This illustration shows t[...]

  • Seite 20

    Chapter 1: Get ting Started 20 Figure 4. AT-WA7501 Ports The AT-WA7500 ports are located on the bottom of the access poin t. This illustration shows the ports that are o n the AT-WA7500. For help understanding these ports, see the Port Descriptions table on page 19. Figure 5. AT-WA7500 Ports For more information on connecting t he ports, see Chapte[...]

  • Seite 21

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 21 How the Access Point Fi ts in Your Network In general, the access point forwards data from wireless end devices to the wired Ethernet network. You can also use the access point as a poin t- to-point bridge, or if your access poi nt has two radios, you can use it as a point-to-multipoint br[...]

  • Seite 22

    Chapter 1: Get ting Started 22 In a simple wireless network, the access point that is con nected to the wired network serves as a transpar ent bridge be tween the wired network and wireless end devices. To install a simple wireless network 1. Configure the initial IP address. For help , see “Configuring the Access Point (Setting the IP Address)?[...]

  • Seite 23

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 23 Allied Telesyn recommends that you always impleme nt some type of security. Using Multiple Access Points and Roaming Wireless End Devices For larger or more complex en vironments, you can install multiple access points so wireless end devices can roam fro m one access point to another. Mul[...]

  • Seite 24

    Chapter 1: Get ting Started 24 2. Configure the LAN I D. For help, see “Configuring the Spanning Tree Parameters” on page 136. 3. Configure one of the access points to be a root access point. For help, see “About the Primary LAN an d the Root Access Point” on page 131. 4. If your network has a switch that is not IEEE 802.1d-complia nt and i[...]

  • Seite 25

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 25 The access points communicate with each o ther through the spanning tree. The wireless end devices are confi gure d as stations with LAN ID set to 0 and SSID set to Op3rat!ons. Using an Access Point as a WAP You can extend the range of your wire less network by configuring a dual radio acc[...]

  • Seite 26

    Chapter 1: Get ting Started 26 Figure 10. Access Point as a WAP WAPs send data from end devices to the access points via wireless hops. Wireless hops are formed when data from end d evices move from one access point to another access point through the radio ports. The master radio in the access point transmits hello messages, which allow the WAPs t[...]

  • Seite 27

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 27 3. (802.11g and 802.11b) Configure the station radio in the WAP to communicate with one of the master radio service sets in the access point: a. From the main menu, click the link corresp onding to the station radio. The radio screen appears. b. In the Primary service set No de Type field,[...]

  • Seite 28

    Chapter 1: Get ting Started 28 e. In the Primary service set SSID (Network Name) field, type the SSID that matches the SSID o f the end device radio. In this example, the SSID is Manufacturing. 7. Click Submit Changes to save your changes. To activate your changes, from the menu bar click Save /Discard Changes, and then click Save Changes and Reboo[...]

  • Seite 29

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 29 You need to configure the wire less end devices to have the same SSID, LAN ID, and frequency as the WAP radio. You do not need to configure any secondary LAN settings because th e WAP is not connected to a secondary LAN. Allied Telesyn recommends that you always impleme nt some type of sec[...]

  • Seite 30

    Chapter 1: Get ting Started 30 You need to configure the wirele ss end devices to have the same SSID, LAN ID, and frequency as the WAP radio. You do not need to configure any secondary LAN settings because the WAP is not connected to a secondary LAN. Allied Telesyn recommends that you always implement some type of security. Using Access Points to C[...]

  • Seite 31

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 31 with access points that are ac ting as point-to-point b ridges. Figure 13. Access Points as Point-to-Point Bridges Point-to-point bridges send data from end devices on the seconda ry LAN to the root access point via wireless hops. Wirele ss hops are formed when data from end devices move f[...]

  • Seite 32

    Chapter 1: Get ting Started 32 You may also need to adju st the flooding parameters. Here are some recommendations:  If there are no end devices on the seconda ry LAN, the bridge on the secondary LAN can use the defaul t flooding settings. The Seconda ry LAN Flooding p arameter is disa bled.  If there are end devices on the secon dary LAN, th[...]

  • Seite 33

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 33 c. In the Secondary LAN Bridge Priority field, enter a numb er other than zero. d. In the Secondary LAN Flooding field, choose Enabled. 6. Configure the spanning tree settings for the point-to-point brid ge on the primary LAN. a. From the main menu, click Spanning Tree Settings. The Spanni[...]

  • Seite 34

    Chapter 1: Get ting Started 34 c. In the Primary service set Node Type f ield, choose Master. d. In the Primary service set SSID (Network Name) field, type the SSID. In this example, the SSID is Manufacturing. e. Click Submit Changes. 10. Configure the spann ing tree settings for the point-to-p oint bridge on the primary LAN: a. From the main menu,[...]

  • Seite 35

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 35 Allied Telesyn recommends that you imple ment some type of security. T able 9. 802.11g Point-to-Point Bridges Parameter Se ttings Screen Parameter Bridge Primar y LAN (Root) Bridge Secondary LAN (Designated Bridge) 802.1 1g Radio Node T ype Master S tation SSID Manufactur- ing Manufactur- [...]

  • Seite 36

    Chapter 1: Get ting Started 36 Example - Configuring an 802.11a Point-to-Multipoint Bridge In this example, each access point only has one 802.1 1a radio. Since the 802.11a radio can function as a master an d a station, wireless end devices can communicate with eith er access point. Figure 15. 802.11a Point-to-Point Bridges Allied Telesyn recommend[...]

  • Seite 37

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 37 Using Dual Radio Access Points for Redundancy You can configure AT-WA7500 units and AT-WA75 01 units that have two 802.11g radios, two 802.11b radios, or two 802.11a radios to provide redundancy for your network. During normal operations, end de vices send frames to the master radio in one[...]

  • Seite 38

    Chapter 1: Get ting Started 38 Configuring the Access Point (Setting the IP Address) The access point will work out of the box if you are using a DHCP server to assign it an IP address. By default, th e access point is configured to be a DHCP client and will resp ond to offers from any DHCP server. However, if you are not using a DHCP server to ass[...]

  • Seite 39

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 39 To use the Allied Telesyn AT-WA7 500 Configuration Wizard Note To use the AT-WA7500 Configuratio n Wizard, you must have a PC that is running Windows 95-OSR 2/98SE/ ME or Windows NT4/2000/ XP. 1. Install the AT-WA7500 Configuration W izard on your PC. The wizard can be downloaded either fr[...]

  • Seite 40

    Chapter 1: Get ting Started 40 5. Proceed with the IP Address conf iguration by following the on-screen menus. Using a Communications Program You can use a communications program (such as HyperTerminal) to set the initial IP address for the access point. After you configure the IP address, you can continue to use t he communications program to set [...]

  • Seite 41

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 41 4. Press Enter when the message “Starting system” appe ars on your PC screen. The Username field appears. 5. In the Username field type the d efault user name “atilan”, and then press Enter. The user name is case sensitive. 6. In the Password field type the default password “atil[...]

  • Seite 42

    Chapter 1: Get ting Started 42  IP Address - A unique IP address.  IP Subnet Mask - The subnet mask that matches the other devices in your network.  IP Router (Gateway) - If the access point will communicate with devices on another subne t, enter the address of the router that will forwa rd frames. Or , if you are using a DHCP server to au[...]

  • Seite 43

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 43 To use a web browser interface 1. Determine the IP address of the access point. I f a DHCP server assigned the IP address, you must get the IP address from the DHCP server. 2. Start the web browser application. 3. Access the access point using one of these meth ods:  In the Address fiel[...]

  • Seite 44

    Chapter 1: Get ting Started 44 5. Click Login. The TCP/IP Settings screen app ears. Y our web browser session is established. Note Although you can use several diffe rent methods to manage the access point remotely, this m anual assumes you are using a web browser. Using a Telnet Session After you have configure d the IP address, you can con figure[...]

  • Seite 45

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 45 2. From a command prompt, type: telnet IPaddress whe re IPaddress is the IP address of the access poin t. 3. Press Enter. 4. If necessary, enter the user name and press Enter. Then, ente r the password and press Enter. The default user na me is “atilan” and the default password is “a[...]

  • Seite 46

    Chapter 1: Get ting Started 46 Saving Configuration Changes When you are done configuring the access po int, you may want to activate your changes immediately or you may want to save the changes n ow and activate them later. If you choose to ac tivate the changes later, they will become active the next time the access point is booted. Note For the [...]

  • Seite 47

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 47 Using a Web Browser Interface 1. On the menu bar, click Save/Discard Changes. This screen appears. 2. Resolve any error messages list ed under the heading Possible Configurations Errors. For help, se e “Using the Co nfiguration Error Messages” on page 240. 3. Verify that all your confi[...]

  • Seite 48

    Chapter 1: Get ting Started 48 Using a Telnet Session 1. From the Access Point Configuration me nu, choose Save Configuration. 2. Choose Reboot to reboot the access point and immedia tely use your new active configuration.[...]

  • Seite 49

    49 Chapter 2 Installing the Access Points This chapter explains how t o install the Allied Telesyn AT-WA7500 and AT-WA7501 access points in your d ata collection network, provides some tips on how to position access points to improve your network performance, and provid es some external antenna guid elines. This chapter covers these topics:  “[...]

  • Seite 50

    Chapter 2: Inst alling the Access Po ints 50 Installation Guidelines Allied Telesyn recommends that you have an Allied Telesyn-certif ied RF specialist conduct a site survey to de termine the ideal locations for all your Allied Telesyn wireless net work devices. To conduct a proper site su rvey, you need to have special eq uipment and training. The[...]

  • Seite 51

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 51 Other Acce ss Points Access points that are configured for th e same frequency and that are in the same radio coverage area may inter fere with each other and decrease throughput. You can reduce the ch ance of interference by config uring access points at least five channel s apa rt, such [...]

  • Seite 52

    Chapter 2: Inst alling the Access Po ints 52 Installing the AT-WA7501 You can place the AT-WA7501 horizontally or vertically on a desk or counter. If you want to mount the AT-WA7501 to a wall or b eam using an Allied Telesyn mounting br acket kit, you need one of these mounting kits:  Mounting bracket kit (to be purchased sep arately)  Rotati[...]

  • Seite 53

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 53 option. For help, see “Connectin g to Your Fiber Optic Network” on page 55. To connect the AT-WA7501 to the Ethernet network  Attach one en d of the Ethernet cable to the 10 BaseT/100BaseTx port on the AT-WA7501 and att ach the other end to your Ethernet network or a power bridge (i[...]

  • Seite 54

    Chapter 2: Inst alling the Access Po ints 54 Installing the AT-WA7500 You can place the AT-WA7500 horizontally on a desk or coun ter. The AT-WA7500 also ships with a mounting bracket that lets you mount it vertically to a wall. Additional mount ing options that you can u se with the mounting bracket include a cubicle bracket t hat lets you mount th[...]

  • Seite 55

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 55 Connecting to Your Fiber Optic Ne twork You can order your AT-WA7501 access point with a fib er optic option. Using an appropriate patch cord and adapter (as described in the next section), you can connect your access point to:  an MT -RJ network.  a square connector (SC) network. ?[...]

  • Seite 56

    Chapter 2: Inst alling the Access Po ints 56 Note All cables must be multimode, 62.5/125 µm. Connecting to an MT-RJ Network To connect to an MT-RJ network, you need:  a patch cord with a female MT -RJ connector to insert into the access point’s male MT -RJ fiber optic port, and another female MT -RJ connector to insert into the MT -RJ adapter[...]

  • Seite 57

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 57 2. Connect the access point to your network as shown in the next two illustrations. Note The patch cord shown above must conne ct to the access point with a female MT-RJ connector. For de tails, see “Using a nd Purchasing the Required Patch Cord and Adapter” on page 55. Note The patch [...]

  • Seite 58

    Chapter 2: Inst alling the Access Po ints 58  a patch cord with a female MT -RJ connector to insert into the access point’s male MT -RJ fiber optic port, and an ST connector to insert into the ST adapter .  an adapter for connecting the p atch cord to the ST network. To connect to an ST network 1. Remove any cable protectors a ttached to th[...]

  • Seite 59

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 59 Connecting Power Over Ethernet The AT-WA7500 is powered by power over Ethernet. The AT-WA7501 can be powered by AC power or by power ove r Ethernet or both. For all access points, you need a power bri dge . For a list of the power bridges that Allied Telesyn sells, contact yo ur local Alli[...]

  • Seite 60

    Chapter 2: Inst alling the Access Po ints 60 External Antenna Placement Guidelines Antennas and their placement play a vi tal role when installing a wireless network. Every wireless network environment presents its own unique obstacles. Therefore, the exact range that you will achie ve with each access point is difficult to determine. Allied Telesy[...]

  • Seite 61

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 61 Allied Telesyn recommends that you use two ant ennas for each radio to achieve optimal performance (a ntenna diversity) of the radios. Positioning Antennas for Dual Radio Access Points In addition to the earlie r antenna gui delines, if you have a dual radio access point, you need to also [...]

  • Seite 62

    Chapter 2: Inst alling the Access Po ints 62  Follow the recommended antenna sep aration precisely when using the closest distance s. Movement of as little as 3.05 cm (1.2 in) may strongly affect pe rformance. Y ou should choose the greatest dist ance possible within the constraints of your en vironment. Stacked Antenna Positioning for Dual Radi[...]

  • Seite 63

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 63 When antenna diversity is enabled, both po rts can receive, but only the primary port transmits. To achieve optimum placement for th e two antennas, you must place the tra nsmit/receive antenna so that it is within range of all the radios that the receive-only antenna can hear. About Anten[...]

  • Seite 64

    64 Chapter 3 Configuring the Ethernet Network This chapter explains how t o configure the AT-WA7500 and AT-WA7501 access points so that they communi cate with your Ethernet network. This chapter explains:  “Configuring the TCP/IP Settings” on p age 65  “Configuring Other Ethernet or Fiber Optic Settings” on p age 77  “Configuring[...]

  • Seite 65

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 65 Configuring the TCP/IP Settings If you are using a DHCP server to aut omatically assign an IP address to the access point, go to “Configuring the Access Point as a DHCP Client” on page 67. If you are not using a DHCP serve r, you need to manually assign some TCP/IP parameters. Note You[...]

  • Seite 66

    Chapter 3: Config uring the Ethernet Network 66 4. If you want to configure the access point a s a NAT server, see “About Network Address Translation (NAT)” on page 7 5. 5. If you want to configure the access p oint to send ARP requests, see “Configuring the Access Point to Send ARP Requests” on page 76. 6. Click Submit Changes to save your[...]

  • Seite 67

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 67 Configuring the Access Point as a DHCP Client You can use a DHCP server to automatically a ssign an IP address and other TCP/IP settings to your access point; that is, th e access point can act as a DHCP client. A DHCP client accepts offers from DHCP or BOOTP servers. Preference is given t[...]

  • Seite 68

    Chapter 3: Config uring the Ethernet Network 68 To configure the access point as a DHCP client 1. From the menu, click TCP/IP Se ttings. The TCP/IP Se ttings screen appears. 2. Configure the DHCP parameters to make this access point a DHCP client. For help, see the next table. Note If you set DHCP Mode to Disable DHCP and the IP address for this ac[...]

  • Seite 69

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 69 3. Click Submit Changes to save your cha nges. To activate your changes, from the menu bar clic k Save/Discard Ch anges, and then click Save Changes and Reboot. For he lp, see “Saving Configuration Changes” on page 46. T able 14. DHCP Client Parameter Descriptions Parameter Explanation[...]

  • Seite 70

    Chapter 3: Config uring the Ethernet Network 70 Configuring the Access Point as a DHCP Server You can configur e the access point as a simple DHCP server that provides DHCP server functions fo r small installations where no other DHCP server is available. The DHCP server will offer IP addresses and other TCP/IP settings to any DHCP client it hears [...]

  • Seite 71

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 71 To configure the access point as a DHCP server 1. From the menu, click TCP/IP Settings. The TCP/IP Settings scre en appears. 2. Verify that the IP Address field, IP Subnet Mask field, and IP Router field are configured. For help, see “Configuring the TCP/IP Settings” on page 65. 3. Con[...]

  • Seite 72

    Chapter 3: Config uring the Ethernet Network 72 4. Click Submit Changes to save your change s. DHCP Server Setup appears in the menu. DHCP User Class Leave the field blan k if you want this access point to respond to requests from any client. Or enter the DHCP user class identifier as defined in RFC 3 004. When this access point acts as a DHCP serv[...]

  • Seite 73

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 73 5. From the menu, click DHCP Serv er Setup. The DHCP Server Setup screen appears. 6. Configure the DHCP server. For help, see the next table. 7. Click Submit Changes to save your cha nges. To activate your changes, from the menu bar clic k Save/Discard Ch anges, and then click Save Changes[...]

  • Seite 74

    Chapter 3: Config uring the Ethernet Network 74 Supported DHCP Server Options When the access point is acting as a DHCP server, it issues IP address leases to configure the IP a ddress, along with the DNS addresses, DNS suffixes, IP subnet mask, and IP router. These parameters will cont ain the same values as those configured for the access po int.[...]

  • Seite 75

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 75 Unsupported DHCP Server Options When the access point is acting as a DHCP serve r, it does not support any DHCP options other than those list ed. The DHCP server disregards any DHCP options that are not explicitly req uired by the DHCP specification. The DHCP server ignores all frames wi t[...]

  • Seite 76

    Chapter 3: Config uring the Ethernet Network 76 To configure the access point as a NAT server 1. From the menu, click TCP/IP Se ttings. The TCP/IP Se ttings screen appears. 2. Verify that the IP Address fi eld and IP Subnet Mask field are configured. For help, see “Configuring the TCP/IP Settings” on page 65. 3. In the DHCP Mode field, c hoose [...]

  • Seite 77

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 77 Configuring Other Ethernet or Fiber Optic Settings Many of the standard Ethernet or fiber optic settings are configured in the TCP/IP Settings screen. For help, see “Configuring the TCP/IP Settings” on page 65. In the Ethernet screen, you can set the port type, set the link speed, and [...]

  • Seite 78

    Chapter 3: Config uring the Ethernet Network 78 T able 17. Ethernet Parameter Descriptions Parameter Explanation Port T ype Appears only if the access point has a fiber optic port. This field specifies the port that the access point uses to communicate with the Ethernet network: 10/100 Mb Twisted-Pair: Th e access point communicates with the Ethern[...]

  • Seite 79

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 79 Configuring the Ethernet Address Table If you have a secondary LAN, you should configure the Ethernet address table in the designated bridge or WAP on the seco ndary LAN. This table contains all the MAC addresses on the secondary LAN that a re communicating with the primary L AN. You must [...]

  • Seite 80

    Chapter 3: Config uring the Ethernet Network 80 Configuring Ethernet Filters You can set both Ethernet a nd IP tunnel filters, and you can creat e protocol filters for both predefined and use r-defined protocol types. In addition, you can define arbitrary fr a me filters based on frame content. Setting Ethernet filters pre vents the Ethernet port f[...]

  • Seite 81

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 81 To set frame type filters 1. From the main menu, click Ethernet > Frame Type F ilters. The Frame Type Filters screen appears. 2. For each frame type field, check or clear t he Allow/Pass check box to configure if the frame types are allo wed to pass or are dropped. If you check the chec[...]

  • Seite 82

    Chapter 3: Config uring the Ethernet Network 82 5. If you set the Scope field to Unlist ed for any of the frame types, you must also configure predefined subty pe filters or customizable subtype filters. For help, see the n ext section, “Using Predefined Subtype Filters” on page 83 or “Customizing Subtype F ilters” on page 83. Note You shou[...]

  • Seite 83

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 83 Using Predefined Subtype Filters You can configure the access point to pass or drop ce rtain predefined frame subtypes. To configure predefined subtype filters 1. From the main menu, click Ethe rnet > Predefined Subtyp e Filters. The Predefined Subtype Filters scre en appears. 2. For ea[...]

  • Seite 84

    Chapter 3: Config uring the Ethernet Network 84 To customize subtype filters 1. From the main menu, click Ethernet > Customizable Subtype Filters. The Customizable Subtype Filters screen appears. 2. For each subtype field, check or clear the Allow/Pass check box to configure if the subt ypes are allowed to pass or are dropped. If you check the c[...]

  • Seite 85

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 85 Example This example shows you how to use customizable filters to allow only the wireless end devices (DHCP clients) communicating with the access point (DHCP server) to receive TCP/IP se ttings. This example prevents the wireless end devices from receivi ng TCP/IP settings from another DH[...]

  • Seite 86

    Chapter 3: Config uring the Ethernet Network 86 Configuring Advanced Filters You can configure advance d filters if you need more flexibility in you r filtering. Settings for adva nced filters execute after those for other filters; that is, advanced filters are only applie d if the fra me has passed the other filters. You can use filter values and [...]

  • Seite 87

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 87 2. Enter up to 22 value IDs and values. 3. Click Submit Changes to save your cha nges. To activate your changes, from the menu bar clic k Save/Discard Ch anges, and then click Save Changes and Reboot. For he lp, see “Saving Configuration Changes” on page 46. Setting Filter Expressions [...]

  • Seite 88

    Chapter 3: Config uring the Ethernet Network 88 2. Configure the filter expr essions parameters. For help, see the next table. 3. Click Submit Changes to save your changes. To activate your changes, from the menu bar click Save /Discard Changes, and then click Save Changes and Reboot. For help , see “Saving Configuration Changes” on page 46. T [...]

  • Seite 89

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 89 Example 1 This example shows you how to use Ethernet filters to filter all traffic that passes through the access point to the wireless network except for traffic for specified MAC addresses. These filt ers do not prevent wireless traffic from reaching the Ethernet network. For this exampl[...]

  • Seite 90

    Chapter 3: Config uring the Ethernet Network 90 T able 22. Example 1 - Filter Values V alue ID V alue Description 1 ff f f ff f f ff f f Allows multicast traf fic to enter the wireless network, which is nec essary fo r IP end devices to communicate 2 00 02 2d 04 b7 a4 The MAC address of an end device you want to be able to communicate. 3 00 02 2d 0[...]

  • Seite 91

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 91 For this example, set these filter expressions. You must enter a filter expression for each Value ID in the Filter Values menu. In this example, only the Ex prSeq and t he Value ID values change. T able 23. Example 1 – Filter Expressions Parameter V alue Explanation ExprSeq 10 The order [...]

  • Seite 92

    Chapter 3: Config uring the Ethernet Network 92 Example 2 This example shows how to use Ethernet filters to discard all DIX IP multicast frames except those from selected devices. Three entries have a value ID of 3 to demonstrate how to enter a list. All en tries with the same value ID belong to the same list. For this example, set these filter val[...]

  • Seite 93

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 93 Set the first filter expression as shown below. T able 25. Example 2 – First Filter Expression Parameter V alue Explanation ExprSeq 1 The first exp ression that is executed. Y ou must have an expression for each V alue ID that is listed in the Filter V alues menu. Offset 0 Since the filt[...]

  • Seite 94

    Chapter 3: Config uring the Ethernet Network 94 Set the second filter ex pression as shown belo w. T able 26. Example 2 – Second Filter Expression Parameter V alue Explanation ExprSeq 2 The second expression that is execu ted. Offset 12 Checks for the DIX IP frame type, which start s 12 bytes from the destination address. Mask ff ff Checks the 2-[...]

  • Seite 95

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 95 Set the third filter expression as shown below. T able 27. Example 2 – Third Filter Expression Parameter V alue Explanation ExprSeq 3 The third expression that is executed. Offset 6 Checks the source Ethernet address, which start s 6 bytes from the destination address. Mask ff ff f f ff [...]

  • Seite 96

    96 Chapter 4 Configuring the Radios This chapter explains how t o configure the radios in the AT-WA750 0 and AT-WA7501 access points so that they communicate with your wireless end devices. This chapter covers these topics:  “About the Radios” on p age 97  “Configuring the 802.1 1g Radio” on page 98  “Configuring the 802.1 1b Rad[...]

  • Seite 97

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 97 About the Radios The AT-WA7500 and AT-WA7501 access products may contain on e or two radios. You can use access points that contain two differe nt types of radios to support two differe nt types of wireless networks, such as legacy networks. You can use access points with two of the same t[...]

  • Seite 98

    Chapter 4: Con figuring the Radio s 98 Configuring the 802.11g Radio You can configure the 8 02.11g radio to communicate with other 802.11g and 802.11b radios that have the same:  SSID (Network Name)  Security For each radio, you can assign up to four service sets, creating one primary service set and up to three seconda ry service sets. Each[...]

  • Seite 99

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 99 2. Configure the parameters for the radio. For help, see the next table. 3. Configure the advanced parameters for the rad io. For help, see “Configuring 802.11g Radio Advanced Parameters” on page 102 . 4. (Master only) Configure inbound fi lters. For help, see “Configuring 802.11g Ra[...]

  • Seite 100

    Chapter 4: Con figuring the Radio s 100 Node T ype Configure the 802.11g radio to master, station, or disabled: Master: The radio always operates in Master mode. The radio becomes active to accept connections for wireless devices when the access point joins the spanning tree. All service sets to be configured for a VLAN must be set to Master. Stati[...]

  • Seite 101

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 101 The 802.11g and 802.11b ch annels that are allowed in a given country may change without notice. Be sure you u se only those frequencies that are permissible in the given country. Note the following:  FCC countries include the United S tates, Canada, China , T aiwan, India, Thailand, I[...]

  • Seite 102

    Chapter 4: Con figuring the Radio s 102 Configuring 802.11g Radio Advanced Parameters You can configur e advanced parameters for the 802.11g radio p rimary service set. These settings are shar e d by any secondary service sets defined for the radio. To configure advanced parameters 1. From the main menu, click 802.11g Radio > Advanced Configurat[...]

  • Seite 103

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 103 T able 31. 802.11g Radio Advanced Parameter Descriptions Parameter Description Client T ype/Performance Specifies if this radio will communicate with 802.11b and/or 802.11g radio s: 11b/11g with range reliability (Not Wi-Fi): Allows clients with 802.11b or 802.11g radios. Parameters are a[...]

  • Seite 104

    Chapter 4: Con figuring the Radio s 104 Power Output Level* Set the transmitted power level: Maximum (63 mW): Sets the output power to the highest level supported by th e radio. Medium (32 mW): Sets the output power to 3 dB lower than the highest level supported by the radio. Low (16 mW): Sets the output power to a level higher than the minimum lev[...]

  • Seite 105

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 105 Fragmentation Threshold Specifies the largest data frame tha t can be transmitted without fragmentation. Range is 256 to 1600. On certain radios, the fragmentation does not occur unless the radio detects interference. Larger frame sizes can improve throughput on a reliable connection. Sma[...]

  • Seite 106

    Chapter 4: Con figuring the Radio s 106 Disallow SSID (Network Name) of ‘ANY (Master radio only) Determines if end devices tha t have their SSID set to ANY or are left blank (empty) can associate with this radio. Clear this check box to allow these end devices to associate with this radio . Although this setting is 802.11 compliant, it is not ver[...]

  • Seite 107

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 107 Configuring 802.11g Radio Inbound Filters You can configure inbound filters for the 802.11g radio primary service se t. These settings are shared by any sec ondary service sets defined for the radio. You can filter diffe rent types of wireless traffic that it may receive. You may want to [...]

  • Seite 108

    Chapter 4: Con figuring the Radio s 108 2. For each frame type, check or clear each check box. For help, see th e next table. 3. Click Submit Changes to save your changes. To activate your changes, from the menu bar click Save /Discard Changes, and then click Save Changes and Reboot. For help , see “Saving Configuration Changes” on page 46. App[...]

  • Seite 109

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 109 3. From the main menu, click Apply Ho t Settings to save your changes to the “active” configuration file (a s defined in “Saving Configuration Changes” on page 46). The Apply Ho t Settings screen appears. This screen is read-only. Configuring the 802.11g Radio to Communicate With [...]

  • Seite 110

    Chapter 4: Con figuring the Radio s 110 Configuring the 802.11b Radio The 802.11b radio will communicat e with other 802.11b radios that have the same:  SSID (Network Name)  Security To configure the 802.11b radio 1. From the main menu, click 802.11b Rad io. The 802.11b Radio screen appears. 2. Configure the parameters for the radio. For help[...]

  • Seite 111

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 111 T able 33. 802.11b Radio Parameter Descriptions Parameter Description Node T ype Configure the 802.1 1b radio as a master or station. Y ou can also disable the radio. SSID (Network Name) Enter the SSID (network name) for this radio. The network name is case sensitive and can be no more th[...]

  • Seite 112

    Chapter 4: Con figuring the Radio s 112 Configuring 802.11b Radio Advanced Parameters 1. From the main menu, click 802.11b Radio > Advanced Configuration. The Advanced Configuration screen appears. 2. Configure the advanced parameters. For help, see the next table. 3. Click Submit Changes to save your changes. To activate your changes, from the [...]

  • Seite 113

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 113 Basic Rate Choose the rate at which the access point transmits multicast and b eacon frames. In general, higher speeds mean shorter range and lower speeds mean longe r range. Do not set this rate higher than the maximum rate at which yo ur end devices can receive multicast frames. Y ou ca[...]

  • Seite 114

    Chapter 4: Con figuring the Radio s 114 Enable Load Balancing Determines if end devices can distrib ute their connections across multiple access points. Enable Medium Density Distribution Determines if these access point parameters— Enable Medium Re servation, Distance Between APs, Enable Microwave Oven Robustness—are distributed to end devices[...]

  • Seite 115

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 115 Configuring 802.11b Radio Inbound Filters When configuring a master rad io, you can filter different types of wirele ss traffic that it may receive. You may want t o use this feature by itself or with an access control list (ACL) to help secure your ne twork. If you clear all the check bo[...]

  • Seite 116

    Chapter 4: Con figuring the Radio s 116 3. Click Submit Changes to save your changes. To activate your changes, from the menu bar click Save /Discard Changes, and then click Save Changes and Reboot. For help , see “Saving Configuration Changes” on page 46. T able 35. 802.11b Radio Inbound Filter Descriptions Parameter Description Allow IAPP Det[...]

  • Seite 117

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 117 Configuring a SpectraLink Network SpectraLink wireless telephone system s simplify network infrastructure and network management by combining voice a nd data traffic over one wireless network, leveraging 802.11b wireless LAN tech nology. You use your SpectraLink telephone to make and rece[...]

  • Seite 118

    Chapter 4: Con figuring the Radio s 118 2. In the Data/Voice Settings field, choose either Data and SpectraLink Traffic or SpectraLink Traffic Only. F or help, see “Configuring 802.11b Radio Advanced Parameters” on page 112. 3. Check the Allow Data Rate Fallback check box. 4. In the Basic Rate field:  if you are using a 2 Mbps SpectraLink te[...]

  • Seite 119

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 119 Configuring the 802.11a Radio The 802.11a radio will communicate with other 802.11a radios that have the same:  SSID (Network Name)  Security For each radio, you can assign up to four SSIDs, creating one primary service set and up to three secondary service sets. Each service set sh[...]

  • Seite 120

    Chapter 4: Con figuring the Radio s 120 If your screen does not look like the previous one, your primary service set may be configured as station (instead of master), so that the secondary service sets are not available, as shown next. 2. Configure the parameters for the radio. For help, see the next table. 3. Configure the advanced parameters for [...]

  • Seite 121

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 121 5. Click Submit Changes to save your cha nges. To activate your changes, from the menu bar clic k Save/Discard Ch anges, and then click Save Changes and Reboot. For he lp, see “Saving Configuration Changes” on page 46. 6. (Optional) Configure security by cl icking Configure security s[...]

  • Seite 122

    Chapter 4: Con figuring the Radio s 122 Node T ype Configure the 802.11a radio to master, station, or disabled: Master: The radio operates in Master mode when it sees the root access point on its Ethernet port. If it cannot see the root, it operate s in Master/ Station mode and tr ies to find the root through its radio port. Station: The radio alwa[...]

  • Seite 123

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 123  Channels marked with an asterisk (*) a re not available in the mid- range radio.  If you set the Frequency p arameter to Dynamic, turbo channels are never selected.  FCC countries include the United S tates, Canada, China , T aiwan, India, Thailand, Indonesia, Mala ysia, Hong Ko[...]

  • Seite 124

    Chapter 4: Con figuring the Radio s 124 Configuring 802.11a Radio Advanced Parameters 1. From the main menu, click 802.11a Radio > Advanced Configuration. The Advanced Configuration screen appears. 2. Configure the advanced parameters. For help, see the next table. 3. Click Submit Changes to save your changes. To activate your changes, from the [...]

  • Seite 125

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 125 Data Rate Choose the rate at which the access point transmits data. In general, higher speed s mean shorter range and lower speeds mean longer range. If you choose the S peed Mode to be 802.1 1 compliant, you can set th is rate to 54, 48, 36, 24, 12, or 6 Mbps. Allow Data Rate Fallback De[...]

  • Seite 126

    Chapter 4: Con figuring the Radio s 126 Configuring 802.11a Radio Inbound Filters When configuring a master radio, you can filter different types of wireless traffic that it may receive. You may want to use this feature by itself or with an access control list (ACL) to help secure your network. If you clear all the check boxes, the radio cannot com[...]

  • Seite 127

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 127 Note If any of the devices are also DHCP clients, you need to check the Allow DHCP check box. To configure 802.11a radio inbound f ilters 1. From the main menu, click 802.11a Ra dio > Inbound Filters. The Inbound Filters screen appea rs. 2. For each frame type, check or clea r each che[...]

  • Seite 128

    Chapter 4: Con figuring the Radio s 128 Allow DHCP Determines if this radio accepts DHCP frames. The DHCP frames must match UDP destination port 67 and ARP . Check this check box if the end d evices are DHCP clients. Allow All Other Protocols Determines if this radio acce pts all other protocols that are not filtered by one of the filters in this s[...]

  • Seite 129

    129 Chapter 5 Configuring the Spanning T r ee This chapter explains how t o configure the AT-WA7500 and AT-WA7501 access points so that they create a spa nning tree topology. This chap ter covers these topics:  “About the Access Point S panning T ree” on page 130  “Configuring the S panning T ree Parameters” on page 1 36  “About [...]

  • Seite 130

    Chapter 5: Config uring the Spanning Tree 130 About the Access Point Spanning Tree AT-WA7500 and AT-WA7501 access points with th e same LAN ID arrange themselves into a self-organized ne twork using a spanning tree topology. The spanning tree provides e fficient, loop-free forwarding of frames through the network and allo ws efficient roaming of wi[...]

  • Seite 131

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 131 About the Primary LAN and the Root Access Point The primary LAN (also called the root IP subnet) contains the root access point, which initiates the spanning tree. When choosing the primary LAN, ideally you should choose the IP subnet that contains gateways or servers for the wireless end[...]

  • Seite 132

    Chapter 5: Config uring the Spanning Tree 132 3. Configure the LAN I D. All access points that want to participate in th e spanning tree must have the same LAN ID. 4. Set the Root Priority parameter to be the highest nu mber of all access points on the primary LAN. Verify that the Enable Eth ernet Bridging check box is checked. The range is 1 to 7.[...]

  • Seite 133

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 133  The designated bridge must be configured so that the Secondary LAN Bridge Priority value is a non-zero numb er .  The designated bridge must have at le ast one radio set to S tation mode, or the designated bridge must be the endpo int of an IP tunnel (as defined in “About IP T un[...]

  • Seite 134

    Chapter 5: Config uring the Spanning Tree 134 About Ethernet Bridging/Data Link Tunneling Ethernet bridging is simply forwardin g a frame received on the radio port to the Ethernet port, and vice versa . Using this default mode, the access point acts as a bridge between the wirele ss and wired networks. Note Allied Telesyn recommends that you enabl[...]

  • Seite 135

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 135 3. On all other access points on the primary LAN, clear the Enab le Ethernet Bridging check box. 4. Make sure that the Root Priority parameter for a ll other access points is less than the root access poin t. The range is 1 to 7. The value 1 is the highest priority. To enable data link tu[...]

  • Seite 136

    Chapter 5: Config uring the Spanning Tree 136 Configuring the Spanni ng Tree Parameters When you configure the spanning tree par ameters, yo u identify the access point as part of the spanning tree . That is, you specify if this access point is a root, or a candidate to beco me a root, or a designated bridge, or a candidate to become a designated b[...]

  • Seite 137

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 137 4. (Optional) Configure security by clicking Configure Spanning Tre e Security. For help, see “Creating a Secure Spanning Tre e” on page 181. T able 42. Spanning Tree Parameter Descriptions Parameter Explanation AP Name Enter a unique name fo r this access point. The name can be from [...]

  • Seite 138

    Chapter 5: Config uring the Spanning Tree 138 Rightmost LED Behavior Choosing Spanning Tree Root Indicator causes the LED to blink if the access point is configured as the root and remain on if an erro r is detected. Enable Ethernet Bridging Determines how frames from end device s are moved between the wired and wireless networks. For more details,[...]

  • Seite 139

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 139 Secondary LAN Flooding (Outbound) Appears for Designated Bridge only. Specifies the types of fram es it forwards from the primary LAN to the secondary LAN: Disabled: No flooding occurs unless the root access point (in the Global Flooding scree n) enables the Multicast or Unicast Outbound [...]

  • Seite 140

    Chapter 5: Config uring the Spanning Tree 140 About IP Tunnels The physical boundary of a network is usually define d by the existence of an IP router. Before IP tunnels techn ology was developed, wireless end devices could only operate within the limited coverage area of their own network and could not roam across IP subnet bound aries. Using IP t[...]

  • Seite 141

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 141 IP tunnels use encapsulation to establish a virtual LAN (VLAN) seg ment through IP routers. The VLAN segment includ es the root IP subnet and logically extends to include end dev ices attache d to access point s on remote IP subnets. IP tunnels are branches in the spanning tree topology. [...]

  • Seite 142

    Chapter 5: Config uring the Spanning Tree 142 When an access point at the endpoin t of the IP tunnel receives data from an end device, it uses a standard IP protocol called Generic Router Encapsulation (GRE) to encap sulate the data into a frame. These encapsulated IP/GRE frames use normal IP routing to pass throu gh IP routers to the root access p[...]

  • Seite 143

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 143 2. Make sure that the root access point and the access point at the endpoint of the IP tunnel have the same LAN ID. 3. On the root access point, set the Mode parameter to Originate if Root. For help configuring a root access point, see “Abo ut the Primary LAN and the Root Access Point?[...]

  • Seite 144

    Chapter 5: Config uring the Spanning Tree 144 Using One IP Multicast Address for Multiple IP Tunnels IP tunneling supports IP multicast a nd Internet Group Management Protocol (IGMP). IP multicast provides an idea l way to distribute IP hello messages. These hello messages are only forwarded to those IP subnets and IP hosts (such as access points) [...]

  • Seite 145

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 145 3. Make sure that the root access point and the access point at the endpoint of the IP tunnel have the same LAN ID. 4. On the root access point, set the Mode parameter to Originate if Root. For help configuring a root access point, see “Abo ut the Primary LAN and the Root Access Point?[...]

  • Seite 146

    Chapter 5: Config uring the Spanning Tree 146 away from their root IP subnet. Unicast frames are not flooded. Unicast frames a re only forwarded outbound through an IP tunnel if the destination address identifies an end device that has roamed to a remote IP subne t. End devices attach to the root access point, which maintains en tries for these dev[...]

  • Seite 147

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 147 Frame Types That Are Never Forwarded Certain frame types are never forwar ded through IP tunnels. Fra me types that are never forwarded include IP fr ames used for coordinating routers and MAC frames used for coordinating bridges. Othe r frame types that are never forwarded include:  8[...]

  • Seite 148

    Chapter 5: Config uring the Spanning Tree 148 Configuring IP Tunnels For guidelines, see “About IP Tunnels” on page 140. To configure the IP Tunnels screen 1. From the main menu, click IP Tunnels. The IP Tu nnels screen appears. 2. Configure the IP tunnels pa rameters. For help, see the next t able. 3. Click Submit Changes to save your changes.[...]

  • Seite 149

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 149 Configuring the IP Address List On the root access point and root can didates, the IP address list contains the IP addresses or DNS na mes of all the access points at the endpoint o f the IP tunnels. You ca n only configure this list if you set the Mode field to Originate If Root. To conf[...]

  • Seite 150

    Chapter 5: Config uring the Spanning Tree 150 2. If you enabled IGMP, enter the Class D IP multicast addre ss. The default is 224.0.1.65. 3. Enter the IP addresses or DNS names of a ll the access points that can be the endpoints of IP tunnels. 4. Click Submit Changes to save your changes. To activate your changes, from the menu bar click Save /Disc[...]

  • Seite 151

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 151 through an IP tunnel by the root access po int unless the destination IP address belongs to the root IP subnet. (Frames are only forward ed outbound to end devices that have roamed away from the root IP subnet.) For detailed information about other frame typ es that are never forwarded, s[...]

  • Seite 152

    Chapter 5: Config uring the Spanning Tree 152 3. Click Submit Changes to save your changes. To activate your changes, from the menu bar click Save /Discard Changes, and then click Save Changes and Reboot. For help , see “Saving Configuration Changes” on page 46. 4. If you set the Scope field to Unlist ed for any of the frame types, you must als[...]

  • Seite 153

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 153 Using Predefined Subtype Filters You can configure the access point to pass or drop ce rtain predefined frame subtypes. To configure predefined subtype filters 1. From the main menu, click IP Tunnels > Predefined Subtype Filters. The Predefined Subtype Filters screen appears. 2. For ea[...]

  • Seite 154

    Chapter 5: Config uring the Spanning Tree 154 Subtype: Selects the frame subtype you wish to configure. Value: The next table de scribes fr ame subtypes and their values. The value must be two hex pairs. When a match is found between frame subtype and value, the specified action is taken. To customize subtype filters 1. From the main menu, click IP[...]

  • Seite 155

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 155 DIX-IPX-Socket Socket value in hexadecimal. DIX-EtherT ype S pecify the registered DIX type in hexadecimal. SNAP-IP-TCP-Port Port value in hexadecimal. SNAP-IP-UDP-Port Port value in hexadecimal. SNAP-IP-P rotocol Port val ue in hex adecimal. SNAP-IPX-Socket Socket value in hexadecimal. S[...]

  • Seite 156

    Chapter 5: Config uring the Spanning Tree 156 Filter Examples These examples illustrate how to set both Ethern et and IP tunnel filters to optimize network performance. The next illustration includ es:  wireless end devices using TCP/IP to communicate with other devices.  a secondary LAN cont aining IP and IPX hosts, linked by AP2 and AP4. ?[...]

  • Seite 157

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 157 Example 1 The root (AP1), AP3, AP5, and AP6 service only wirele ss end devices. These access poin ts need to pass IP traffic, but not pass IPX traffic tha t does not need to be forwarded t o the primary or secondary LAN. For this example, set these options on the Ethernet Frame Type Filte[...]

  • Seite 158

    Chapter 5: Config uring the Spanning Tree 158 For this example, set these options on the Ethe rnet Frame Type Filters screen. In the Predefined Subtype Filter s screen, set the 802.2-IPX-RIP field to drop 802.2, DIX, and 802.3 frames.[...]

  • Seite 159

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 159 Example 3 If you have a DHCP server o n a Windows NT server and you wa nt to use this DHCP server to assign TCP/IP parameters to end devices on a remote IP subnet, you need to set thes e filters to allow for the necessary IP tunneling. 1. On the root access point, set these filters:  O[...]

  • Seite 160

    Chapter 5: Config uring the Spanning Tree 160 Comparing IP Tunnels to Mobile IP The AT-WA7500 and AT-WA7501 access points support IP tunnelin g, which allows end devices to ro am across different subnets (routers) without having to change IP addresses. IP tunneling supports IETF RFC 1701 using GRE and the same encapsulat ion technique as mo bile IP[...]

  • Seite 161

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 161 S pecial network software S tandard network feature. No additional network software is required. Requires home and foreign agents located on ea ch network or subnetwork. T able 46. IP Tunnels and Mobile IP Comparison (Continued) Issue IP T unneling Mobile IP[...]

  • Seite 162

    Chapter 5: Config uring the Spanning Tree 162 Configuring Global Parameters Global parameters are configured on the root access po int and on any other access point that is a root candidate (does not have a root priority of 0). The root access point sends these se ttings to all oth er access points in the spanning tree. You should set the same glob[...]

  • Seite 163

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 163 2. Configure the Global Flooding par ameters. For help, see th e next table. 3. Click Submit Changes to save your cha nges. To activate your changes, from the menu bar clic k Save/Discard Ch anges, and then click Save Changes and Reboot. For he lp, see “Saving Configuration Changes” o[...]

  • Seite 164

    Chapter 5: Config uring the Spanning Tree 164 Allow Multicast Outbound to T erminals Appears only if Multicast Flooding is enabled. Determines if outbound multicast fra mes with unknown destination addresses are flooded toward end devices. T ypically , this parameter is checked. However , if your wired devices do not need to initiate communication [...]

  • Seite 165

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 165 Configuring Global RF Parameters Use global RF paramete rs to set various parameters on the access points. If you are configuring the root access point and you che ck the Set Globally check box, the value for that parameter is set globally for all access points and wireless end devices in[...]

  • Seite 166

    Chapter 5: Config uring the Spanning Tree 166 The Global RF Parameters screen appears. 2. Configure the global RF para meters. Click the links in the Global RF Parameters menu to set more parameters. For help, see the next table. Click to set the global RF[...]

  • Seite 167

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 167 3. Click Submit Changes to save your cha nges. To activate your changes, from the menu bar clic k Save/Discard Ch anges, and then click Save Changes and Reboot. For he lp, see “Saving Configuration Changes” on page 46. T able 48. Global RF Parameter Descriptions Parameter Explanation [...]

  • Seite 168

    Chapter 5: Config uring the Spanning Tree 168 S-UHF/902 MHz Awake Time (S-UHF and 902 MHz radios only) S pecifies the amount of time that a wireless end device stays awake wh en radios are inactive. A sleeping device is less responsive to radio activity; however , the longer a device is kept fully awake, the larger the drain on th e battery . Y ou [...]

  • Seite 169

    169 Chapter 6 Configuring Security This chapter explains how to use different security solutions to ensure that you have a secure wireless network. This chapter covers these topics:  “Understanding Secu rity” on page 170  “Controlling Access to Access Point Menus” on page 174  “Creating a Secure S panning T ree” on page 181 [...]

  • Seite 170

    Chapter 6: Config uring Security 170 Understanding Security The AT-WA7500 and AT-WA7501 access points provide many differe nt security features and solutions t hat you can use to create a secure wireless network. To create a secure wireless network, you need to be concerned about:  securing your backbone. Only a uthorized users should be able to[...]

  • Seite 171

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 171 These security features and solutio ns are listed below in the order of amount of security and ease of use (most basic/least secure to most secure). Allied Telesyn recommends y ou configur e your wireless network for the maximum possible security that you deem ne cessary for the integrity[...]

  • Seite 172

    Chapter 6: Config uring Security 172 Use an 802.1x security solution. 8 02. 1x security provides a framework to authenticate user traf fic to a protected wireless network. Using 802.1x security provides secure dat a transmission by creating a secure spanning tree a nd dynamically rotating the WEP keys. Y ou configure the access point as an authenti[...]

  • Seite 173

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 173 802.11b radio is configured with no security and you expect it to associate with the secondary 1 service set. However, when th e end device receives the beacon from the access poin t that indicates that some type of security is being used, the end device does not communicate with the acce[...]

  • Seite 174

    Chapter 6: Config uring Security 174 Controlling Access to Access Point Menus There are several ways that you can manage who can configu re and manage the access points in your network:  Enable/disable access methods.  Set up individual logins.  Change the default logins an d create a read-only login. The next sections explain how to imple[...]

  • Seite 175

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 175 To enable or disable access methods 1. From the main menu, click Secu rity. The Security scree n appears. 2. Enable or disable the access metho ds that users can use to connect to the access point. For help, see the ne xt table. 3. Click Submit Changes to save your cha nges. To activate y[...]

  • Seite 176

    Chapter 6: Config uring Security 176 Setting Up Logins To ensure login security for configurin g or maintaining the access points, you should either use a password server (typically an EAS or another RADIUS server) or change the defau lt user name and password. To use the password server, you must have:  a password server o n the network that co[...]

  • Seite 177

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 177 Note Each time the service password lo gin attempt fails, the process may take up to 8 seconds. If you do not want to enable RADIUS authorization, you should chan ge the default login user name and password. You may also want to change the read-only password. For help, see “Changing the[...]

  • Seite 178

    Chapter 6: Config uring Security 178 5. Configure the password server by cl icking Sele ct a RADIUS server for login authorization. The RADIUS Server List screen appears. 6. For each password server, enter the IP address o r DNS name, enter the shared secret key, port number, and check the Lo gin check box. Note If you enter more than one password [...]

  • Seite 179

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 179 To set up logins 1. From the main menu, click Security > Passwords. The Passwords screen appears. 2. Verify that the Use RADIUS fo r Login Authorization check box is cleared. 3. Click Submit Changes to save your cha nges. 4. Configure the parameters. For help , see the next table. 5. C[...]

  • Seite 180

    Chapter 6: Config uring Security 180 T able 51. Password Parameter Descriptions Parameter Description Use RADIUS for Login Authorization Determines if you are using a p assword server to authenticate end devices tha t can communicate with this access point. Clear th is check box. User Name Enter the user name you need to use to log in to this acces[...]

  • Seite 181

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 181 Creating a Secure Spanning Tree When you configure a radio to u se 802.1x security, you automatically enable spanning tree security, which can be used for both wired and wireless access points (WAPs). However, if you configure a radio to use another security solution, you may want to stil[...]

  • Seite 182

    Chapter 6: Config uring Security 182 To create a secure spanning tree Note You do not need to perform t his procedure if you are implementing an 802.1x security solution. 802.1x authenticat ion automatically enables secure IAPP and secure wi reless hops. See “Implementing an 802.1x Security Solution” on page 192 . 1. From the main menu, click S[...]

  • Seite 183

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 183 6. Click Submit Changes to save your cha nges. To activate your changes, from the menu bar clic k Save/Discard Ch anges, and then click Save Changes and Reboot. For he lp, see “Saving Configuration Changes” on page 46. 7. Repeat Steps 1 through 6 for each access point in your span nin[...]

  • Seite 184

    Chapter 6: Config uring Security 184 Enabling Secure Communications Be tween Access Points and End Devices There are several ways that you can ensure secure communications between access points and wireless end devices in your n etwork:  Use an access control list (ACL).  Configure virtual LANs (VLANs).  Configure WEP 64/128/152 security .[...]

  • Seite 185

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 185 To use an ACL 1. From the main menu, click Security an d then click the radio service set you are configuring. The appropriate radio screen appears. 2. Check the Enable ACL Client Author ization check bo x if you want to use an ACL to authorize end devices to communicate with the network.[...]

  • Seite 186

    Chapter 6: Config uring Security 186 7. Configure the RADIUS server by clicking Select a RADIUS server for ACL authorization. The RADIUS Server List scree n appears. 8. For each RADIUS server, enter the IP address or DNS name, enter the shared secret key, port number, and check the ACL or Login check box. Note If you enter more than one server, see[...]

  • Seite 187

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 187 Configuring VLANs Virtual LANs (VLANs) make it easy to create and manage logical groups of wireless end devices that communicate as if th ey were on the same LAN. You can group all wireless users on a particular VLAN in order to manage the IP address space differently. Or , you can use VL[...]

  • Seite 188

    Chapter 6: Config uring Security 188 To configure a VLAN 1. From the main menu, click Spanning Tree Settings. Th e Spanning Tree Settings screen appears. 2. Check or clear the Enable GVRP for VLAN check bo x:.  Check the check box if the VL AN switch is configured to dynamically configure its port s based on the end devices’ nee ds.  Clear [...]

  • Seite 189

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 189 5. Under the Security link, click t he radio service set you want to configure for the VLAN. This screen appears. 6. In the VLAN field, enter the VLAN number that encapsulate s all frames received on this radio port. This val ue must match the values t hat are set in the VLAN-capable Ethe[...]

  • Seite 190

    Chapter 6: Config uring Security 190 Since static WEP keys can be difficult to update, the AT-WA7500 and AT-WA7501 access products let you enter up to four WEP keys, and then pick a WEP transmit key (1-4). It is easier to rota te the WEP transmit key than to individually change all the WEP keys. 802.11g and 802.11b radios support WEP 64/12 8 securi[...]

  • Seite 191

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 191 3. Click Submit Changes to save your cha nges. This screen appears. 4. Configure the parameters for WEP configuration. To ensure maximum security, configure each WEP key with a different WEP code. For help, see the next table. 5. Click Submit Changes to save your cha nges. To activate you[...]

  • Seite 192

    Chapter 6: Config uring Security 192 Implementing an 802.1x Security Solution You can implement 802.1x security in your network. The IEEE 802.1x standard provides an authe ntication protocol for 802.11 LANs. 802.1x provides strong authentication, access control, and key management, and lets wireless networks scale by a llowing centralized auth enti[...]

  • Seite 193

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 193  Any device with an EAP-TLS supplicant (end device or child access point) needs both the CA certificate an d the server certificate.  If the child access point is using SW AP and is an authenticator , it does not need any certificates loaded on it. Only the authentication server and[...]

  • Seite 194

    Chapter 6: Config uring Security 194 2. In the Security Level field, select Dynamic WEP/802.1x. 3. Click Submit Changes to save your changes. Th is screen appears. 4. In the Key Rotation Period ( Minutes) field, enter how often (in minutes) the access point generates a new WEP key to d istribute to the end devices.[...]

  • Seite 195

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 195 5. Click Submit Changes to save your cha nges. To activate your changes, from the menu bar clic k Save/Discard Ch anges, and then click Save Changes and Reboot. For he lp, see “Saving Configuration Changes” on page 46. 6. Configure the RADIUS server by clicking Select a RADIUS se rver[...]

  • Seite 196

    Chapter 6: Config uring Security 196 Enabling Secure Communica tions Between Access Points When you configure a radio to use 802.1x security, you automatically enable spanning tree security, which can be used for both wired access points and WAPs. A secure spannin g tree has two functions: 1. To require authentication of any access point atte mptin[...]

  • Seite 197

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 197 SWAP. Note that SWAP authentication is susceptible to d owngrade attacks from rogue supplicants as it is easie r to break SWAP than TLS or TTLS. Configuring Spanning Tree Security Note If you are implementing an 802.1x se curity solution, secure IAPP and secure wireless hops are automatic[...]

  • Seite 198

    Chapter 6: Config uring Security 198 5. Click Submit Changes to save your changes. To activate your changes, from the menu bar click Save /Discard Changes, and then click Save Changes and Reboot. For help , see “Saving Configuration Changes” on page 46. 6. Repeat Steps 1 through 5 for each access point in your spanning tree. All access point s [...]

  • Seite 199

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 199 Configuring Wi- Fi Protected Access (WPA) Security Wi-Fi Protected Access (WPA) is a strongly enhanced, interoperable Wi-Fi security that addresses many of the vulnerab ilities of Wired Equivalent Privacy (WEP). WPA bundles authentication, key manage ment, data encryption, message integri[...]

  • Seite 200

    Chapter 6: Config uring Security 200 To configure WPA security 1. From the main menu, click Security a nd then click the radio service set you are configuring. The ap propriate radio screen appears. 2. In the Security Level field, choose either WPA - PSK or WPA - 802.1x. 3. Click Submit Changes to save your changes. Th e screen changes, depending o[...]

  • Seite 201

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 201 To continue configuring WPA se curity for WPA – 802.1x mode 1. Configure the RADIUS server by clicking Select a RADIUS se rver for 802.1x authentica tion. The RADIUS Server List screen appears. 2. For each authentication server, en ter the IP address or DNS name, enter the shared secret[...]

  • Seite 202

    Chapter 6: Config uring Security 202 Configuring WPA PSK Security T able 54. WPA PSK Security Parameter Descriptions Parameter Explanation Multicast Encryption T ype Indicates that TKIP is used as the data encryption method for broadcast and multicast for this radio port. A station connected to this port may not select a weaker encryption me thod t[...]

  • Seite 203

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 203 Configuring WPA 802.1x Security T able 55. WPA 802.1x Security Parameter Descriptions Parameter Explanation Multicast Encryption T ype Allows you to select the dat a encryption method for broadcast and multicast for this radio p ort. A station connected to this port may not select a weake[...]

  • Seite 204

    204 Chapter 7 Configuring the Embedded Authentication Server (EAS) This chapter explains how t o configure the embedded authentication server (EAS) in your access point for different security solutions to ensure that you have a secure wireless network. This chapter covers these topics:  “About the Embedded Au thentication Server (EAS)” on pa[...]

  • Seite 205

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 205 About the Embedded Authen tication Server (EAS) The AT-WA7500 and AT-WA7501 access points have an e mbedded authentication server (EAS), which is an internal RADIUS server. In your network, you can use the EAS on any access point. The EAS can act as:  a password server that maintains a[...]

  • Seite 206

    Chapter 7: Config uring the Embedded Auth entication Server (EAS) 206 About Certificates Certificates encrypt communication b etween the internal RADIUS server, RADIUS clients, and the supplicants and HTTPS clients. There are two types of certificates:  The trusted certificate authority (CA) certificate (commonly referred to as the “root certi[...]

  • Seite 207

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 207 representative. Or you can install certificates from a third-party certificate authority. Note Access points also come with a default server certificate (ValidforHTTPSOnly). This default certificate supports the secure web browser interface and provides basic security for clients running [...]

  • Seite 208

    Chapter 7: Config uring the Embedded Auth entication Server (EAS) 208 Installing and Uninstalling Certificates Once you have determined that you need to in stall a certificate, use this procedure. To install certificates 1. From the main menu, click Security > Certificate Det ails. The Certificate Details screen appears. 2. Click Install certifi[...]

  • Seite 209

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 209 To uninstall all certificates Note If you follow the procedure to uninstall a ll certificates, you will lose the unique server certificate and the trusted CA certificate. You will need to contact your local Allied Telesyn representative to purchase new certificates. 1. From the main menu,[...]

  • Seite 210

    Chapter 7: Config uring the Embedded Auth entication Server (EAS) 210 Configuring the EAS Once you decide which access p oint will be co nfigured to use its EAS, you need to enable the EAS on that access point and configure its databa se. To configure the EAS 1. Install any certificates. F or help, see “Installing and Uninstalling Certificates”[...]

  • Seite 211

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 211 To enable the EAS 1. Log in to the acce ss point whose EAS you are enabling. 2. From the main menu, click Security > Embedded Au thentication Server. The Embedded Authentication Serve r screen appears. 3. Check the Enable Server check box. 4. Click Submit Changes to save your cha nges.[...]

  • Seite 212

    Chapter 7: Config uring the Embedded Auth entication Server (EAS) 212 Configuring the Database The EAS database contains up to 128 cl ients that this access point authorizes for logins, RADIUS clients, ACL clients, and 802.1x clients. This screen is hot settable; that is, to act ivate a change, you click Save/ Discard changes, and then click Save C[...]

  • Seite 213

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 213 Note Allied Telesyn recommends that when you a re done configuring the database, you export it and save the file in a safe place . If you restore the access point to its default configu ration, the database is not saved. For help, see “Export ing and Importing Databases” on page 217. [...]

  • Seite 214

    Chapter 7: Config uring the Embedded Auth entication Server (EAS) 214 8. Click Save/Discard changes, and then click Save Changes witho ut Reboot. T able 59. Embedded Authentication Se rver Entry Descriptions T ype Field Desc ription User Name Field Password Field Login Enter user names and passwords for users who are authorized to configure and mai[...]

  • Seite 215

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 215 Using the Rejected List The Rejected List screen displays the users and devices that ha ve been rejected by the EAS. You can use this list to discover which users and devices may need to be added to the database. Wh en using the web browser interface, you can immedi ately add previously r[...]

  • Seite 216

    Chapter 7: Config uring the Embedded Auth entication Server (EAS) 216 4. Add users and devices to the dat abase. For help see “Adding Entries to the Database” on page 216. Adding Entries to the Database When you accept TTLS/PAP and PEAP/GTC entries, they are added to the database and require no further configuration. If the authentication type [...]

  • Seite 217

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 217 Clearing the Rejected List To clear the rejected list, you can either reboot the acce ss point or perform these steps. 1. Click Select All Entries. A check box appears next to all entries. 2. Click Clear Selecte d Entries. Exporting and Importing Databases Note Allied Telesyn recommends t[...]

  • Seite 218

    Chapter 7: Config uring the Embedded Auth entication Server (EAS) 218 3. If you are not using the secure web browser, click “A secure session is available.” Repeat Steps 1 and 2. 4. Click Export the EAS database from this access point. A F ile Download dialog bo x appears. 5. Make sure Save this file to disk is selected, and then click OK. The [...]

  • Seite 219

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 219 6. Choose the location and filename of the database. If you use the *.CSV extension, you ca n import it into Microsoft Excel, which recognizes it as a comma separated text file. 7. Click Save. To import a database Note As soon as you import the database, it is active. 1. Log in to the acc[...]

  • Seite 220

    220 Chapter 8 Managing, T r oubleshooting, and Upgrading Access Points This chapter explains how t o manage, maintain, troubleshoot, an d upgrade the access products. This chapte r covers these topics:  “Managing the Access Point s” on page 221  “Maintaining the Access Poin ts” on p age 228  “T roubleshooting the Access Point s ?[...]

  • Seite 221

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 221 Managing the Access Points There are several methods that you can u se to manage the access points: Wavelink Avalanche client management system: You can insta ll the Wavelink Avalanche system to help you manage your wireless network. To use Avalanche, you need Avalan che Manager v3.0 or l[...]

  • Seite 222

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 222 The enabler is already installed on acce ss points with software release 2.0 or later. You can install the agent and the co nsole on the same PC. Avalanche uses a hierarchical file system organized into software packages and software collections:  Software p ackages are gro[...]

  • Seite 223

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 223 To configure your access points to use Avalanche 1. From the main menu, click Network Management. The Network Management page appears. 2. In the Avalanche Agent Na me field, enter the IP address or DNS name of the console. Or , leave this field blank and the access point sends o ut a broa[...]

  • Seite 224

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 224 5. Verify that the Allow Avalanch e Access check box is checked. 6. Click Submit Changes to save your changes. To activate your changes, from the menu bar click Save /Discard Changes, and then click Save Changes and Reboot. For help , see “Saving Configuration Changes” on [...]

  • Seite 225

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 225 3. Install the software package using the Avala nche Management Console. 4. Schedule access point updates or manually initiate an update using the console. For more information on using the Wavelink Avalanche client management system, see the Wavelink Avalanche documenta tion and online h[...]

  • Seite 226

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 226 Using Simple Network Management Protocol (SNMP) The access point can be managed using Simple Network Manage ment Protocol (SNMP); that is, you access the access point from an SNMP management station. Contact your Allied Telesyn rep resentative if you need to obtain a copy of t[...]

  • Seite 227

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 227 SNMP Secret Community Specify a password that provides read and write access and lets the user chan ge the community strings. This password can be from 1 to 15 characters and is case sensitive. The default is Secret. T able 63. SNMP Community Para meter Descriptions (Continued) Parameter [...]

  • Seite 228

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 228 Maintaining the Access Points The Maintenance menu lets you view different parameters con figured for the access point, including connections , port statistics, and a configuration summary. This information may be needed when yo u contact Allied Telesyn Technical Support. You [...]

  • Seite 229

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 229 T able 64. AP Connections Screen Fields Display Field Description S panning T ree Connection S tatus Indicates the current status of this access point in relation to the spanning tree: This access point is root: This acce ss point has formed a spanning tree and is serving as root. Connect[...]

  • Seite 230

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 230 MAC Address Shows the address of the connected device. If another access point is connecte d to this access point, you see the Ethernet MAC address. If a WAP is connected to this access p oint, you see the radio MAC address. Click the hyperlink to perform a MAC ping or display[...]

  • Seite 231

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 231 Viewing AP Neighbors The AP Neighbors screen provides information on all the access point s (even hidden access points) in the area. It displays information gathe red by the radios receiving beacons from other so urces as it operates on a specific channel. You can us e this screen to help[...]

  • Seite 232

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 232 To view AP neighbors  From the menu, click Maintenance > AP Neighbors. The AP Neighbors screen appears. For help interpreting the informa tion on this read-only screen, see the next table. T able 65. AP Neighbors Screen Fields Display Field Description Address Displays t[...]

  • Seite 233

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 233 Capabilities This information is derived from the capability information sent in the beacon. Capabilities ma y include: ESS: Set for an access point and cleared for an end device or ad-hoc device. IBSS: Cleared for an access point and set for an end device or ad-hoc device. Privacy: Indic[...]

  • Seite 234

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 234 Viewing Port Statistics The Port Statistics screen shows t he to tal number of frames and bytes that the access point has received and tra nsmitted since it was last booted. You can also view graphs of inbo und and outbound packets for the port. To view port statistics  Fro[...]

  • Seite 235

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 235 Viewing DHCP Status The DHCP Status screen shows a stat us report for the DHCP client or DHCP server. If the access point is a DHCP ser ver and if the Permanently Save IP Address Mappings check box is checked, you can delete entries from the server’s permanent address map. To view DHCP [...]

  • Seite 236

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 236 Viewing the Events Log The Events Log screen shows a the events that have been logged by this access point. These events are cleared when the access point lose s power or is rebooted. To view the Events Log  From the menu, click Maintenanc e > Event s Log. The Events Log[...]

  • Seite 237

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 237 Viewing the About This Access Point Screen This screen shows information a bout the access point, such as the software version, radio versions, and MAC addresses. It also provides a configuration summary section, which can either show you the configuration settings that are different from[...]

  • Seite 238

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 238 4. Click the button under the Configuration Summary title to switch between displaying all configuration settings a nd displaying the configuration settings that are diffe rent from the factory default settings. To view a processor utilization graph 1. From the main menu, clic[...]

  • Seite 239

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 239 Restoring the Access Point to the Default Configuration You may need to restore the access point to the factory default configuration. For a list of the defa ult settings, see Appendix B, “Default Settings.” To restore the access point to the default configuration, you can use the Web[...]

  • Seite 240

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 240 Troubleshooting the Access Points This section provides you with information on the installatio n, configuration, and operatio n of the access point. Using the Configuration Error Messages When you click Save/Discard Changes, the access point checks fo r potential problems wit[...]

  • Seite 241

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 241 3. Click each error message to jump to the co nfiguration screen where you can resolve the possible configuration error. The configuration error messages are listed in the next table . Most are self explanatory , but a few require additional information. T able 68. Alphabetized List of Co[...]

  • Seite 242

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 242 All SSID values must be unique per physical radio. While configuring multiple service sets, you did not specify a unique SSID (network name) for each service set. For help, see “Configuring the 802.1 1g Radio” on page 98 or “Configuring the 802.1 1a Radio” on page 1 19[...]

  • Seite 243

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 243 The access point is set to originate IP tunnels but no there are no tunnel IP addresses. On the IP T unnels screen, Mode is set to Originate if Root, but no IP addresses have been added to the IP Addresses screen. Either change the mode or a dd some addresses. For help, see “Configuring[...]

  • Seite 244

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 244 The IP Address and IP Router must share the same subnet. For help, see “Configuring the TCP/IP Settings” on page 65. The IP Subnet Mask is invalid. For help, see “Configuring the TCP/IP Settings” on page 65. The IP Subnet Mask should not be zero. For help, see “Confi[...]

  • Seite 245

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 245 Troubleshooting With the LEDs When the access point boots, it performs internal diagnostics and the LEDs display the pattern shown in the next t able. Y ou have enabled the embedded authentication server but you have not installed a server certificate to identify this device. Y ou need to[...]

  • Seite 246

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 246 After the AT-WA7500 or AT-WA7501 successfully boots, the LEDs displa y one of these patterns: General Troubleshooting Only Boot ROM code is available on access point. Load new files. (Wireless #1 and #2 blink in unison.) T able 69. MobileLAN access LED Boot Sequen ce for Relea[...]

  • Seite 247

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 247 The Power LED is not on. 1.Make su re the powe r cable is firmly plugged into the AT-WA7501 access point and the power source. Or make sure th e Ethernet cable is firmly plugged into the AT-WA7500 access point and the power over Ethernet bridge. 2.Verify that the power injector has power [...]

  • Seite 248

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 248 Y ou cannot connect to the access point using a web browser . 1.Verify that you are not using a crossover cable if connected to a hub or a switch. Verify that you are using a crossover cable if connected directly to the PC or server. 2.Verify that you did not disa ble the Brow[...]

  • Seite 249

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 249 The end device cannot connect to the network.  From the Maintenance menu, choose AP Connections and verify that the MAC address of your end device appears on your PC screen. If it do es not appear , your end device is not communicating with the access point. Check your radio configurat[...]

  • Seite 250

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 250 Y ou need to verify the static WEP keys. Y ou cannot verify the WEP keys. The keys are encrypted af ter you enter them and are never displayed aga in. Y ou may need to reconfigure your access point s and end devices to reset the WEP keys. The filters are not filter ing properl[...]

  • Seite 251

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 251 Troubleshooting the Radios If you are having problems communicati ng with your wireless netwo rk, you can use the access point LEDs, error messa ges, Radio MAC Ping, or ICMP Echo to troubleshoot any radio problems. Using LEDs If the access point LEDs show the following pattern after it bo[...]

  • Seite 252

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 252 In this table, “Radio A” refers to the rad io in slot 1 and “Radio B” refers to the radio in slot 2. These error messages may appear for e ither radio. Using Radio MAC Ping (802.11g and 802.11b Radios) Radio MAC Ping runs at the MAC sublayer of the Dat a Link layer, th[...]

  • Seite 253

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 253 ping will have their MAC address listed with a hype rlink. 2. Click a MAC address hyperlink. The access po int pings the device, and then this screen appears showing the resu lts. By default, the Refresh Mode is Manual. T o configure the software to refresh automatically at a set interval[...]

  • Seite 254

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 254 Using ICMP Echo ICMP (Internet Control Message Protoc ol) echo lets yo u ping devices using their IP address. ICMP echo c an only be used if the access point has determined the IP address of the end device or another access point. If the access point is acting as an ARP server[...]

  • Seite 255

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 255 2. Click an IP address hyperlink. The access po int pings the device, and then the Ping Utility screen appears showing the results. Note The information on this screen varies with the type of request sent and the capabilities of the medium throug h which it is sent. Echo requests sent thr[...]

  • Seite 256

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 256 To view the Security Events log  From the menu, click Security > Se curity Event s. The Security Event s log appears. For help understanding the events, see the next table. T able 74. Security Events Log Description Column Description MAC Address Indica tes the Ethernet [...]

  • Seite 257

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 257 Note If you use an SNMP management station or another n etwork management tool, the age represents how much time has passed since the access point was booted th at this event occurred. Exporting the Security Events Log You can export the Security Events log from the web browse r interface[...]

  • Seite 258

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 258 Recovering a Failed Access Point Note Do not use this procedure to upgrade your access point software. For help, see “Upgrading the Access Points” on page 261. You should never need to use this procedure. However, if your access point is not functioning, you may nee d to d[...]

  • Seite 259

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 259 You can recover a failed access point usin g a Windows NT4/2000/XP PC. The procedure is explained in the next su bsection. Using a Windows NT4/2000/XP PC You can use a Windows NT4/2000/XP PC and a command prompt to recover a failed access point. To access a command prompt, see your Window[...]

  • Seite 260

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 260 Once the TFTP transfer is complete, the access point will begin booting the image that was just p a ssed to it. This image is only resident in RAM. If you reboot the access point o r if the access point loses power , the AP824X.DNL image will be lost. 5. Type this command to r[...]

  • Seite 261

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 261 Upgrading the Access Points For optimal performance, you sho uld install the most current software version on all the access points in your network. To upgrade th e software, you must copy the software releas e to your PC and then upload the release to your root access point and other acc[...]

  • Seite 262

    Chapter 8: Managin g, Troubleshooting, a nd Upgrading Access Po ints 262 Note If you have not already copied the upgr ade file to your PC, follow the instructions in “Upgrading the Access Points” on page 261. 4. Click Upgrade to start the upgrade. The upgra de may take up to 3 minutes to complete. 5. When the upgrade is complete, click Save Cha[...]

  • Seite 263

    263 Chapter 9 Additional Access Point Featur es This chapter explains some of the more a dvanced ways that you can maintain the access points. This chapter cove rs these topics:  “Underst anding the Access Point Segment s” on page 264  “Understanding T ransparent Files” on page 265  “Using the AP Monitor” on p age 266  “Us[...]

  • Seite 264

    Chapter 9: Additi onal Access Point Fe atures 264 Understanding the Access Point Segments The AT-WA7500 and AT-WA7501 access points contain on e flash memory segment, as well as temporary memory (RAM). Several of the comma nds described in this cha pter require that you specify the segment where a file is located on th e access point. To indicate t[...]

  • Seite 265

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 265 Understanding Transparent Files The AT-WA7500 and AT-WA7501 access points with software release 2.2 support transparent files, which are file s without file headers. Transparent files all have the date May 14, 2002 (5-14-20 02) and have no version. The advantage of using file heade rs is [...]

  • Seite 266

    Chapter 9: Additi onal Access Point Fe atures 266 Using the AP M onitor The AP (access point ROM) monitor is system software that lets yo u manipulate the access point files and file segments. You can only access the AP monitor through the serial port using a communi cations program. Note Certain functions availa ble through the AP monitor can eras[...]

  • Seite 267

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 267 To list AP monitor commands  Press any key (except the letter B, wh ich reboots the access p oint), and then press Enter . A list of AP monitor commands appears. B Purpose: Reboots the access point. Syntax: B FD Purpose: Displays the fl ash file syst em directory, inclu ding informatio[...]

  • Seite 268

    Chapter 9: Additi onal Access Point Fe atures 268 MR Purpose: Displays the manufacturing record for the access point. Use the MR command to display the MAC address, configuration string, and serial number for your access point . Syntax: MR SR Purpose: Sets the baud rate of the access point. Syntax: SR z where z is the baud rate. You must enter the [...]

  • Seite 269

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 269 To display CAM commands  T ype any letter or number other than B and press Enter . The CAM commands appear on the screen. Using Test Mode Commands Within the AP monitor, Test mode lets you perform certain test funct ions. Because the commands can cause undes irable results if not prope[...]

  • Seite 270

    Chapter 9: Additi onal Access Point Fe atures 270 To display test commands  T y pe any letter or number other than B and pr ess Enter . The test commands appear on the screen. Using Service Mode Commands In Service mode, you can perform file functio ns and segment functions such as deleting a file, downloading a file using the Ymodem protocol, a[...]

  • Seite 271

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 271 To list service commands  Press any key (except the letter B, wh ich reboots the access p oint), and then press Enter . The service commands appear on the screen. Many of the commands that are av ailable in Ser vice mode are also available in the AP monitor or Co nsole Command mode. B [...]

  • Seite 272

    Chapter 9: Additi onal Access Point Fe atures 272 To make segment 2 the active boot segment and segment 4 the active data segment, enter: FB 2 4 You can use an asterisk instead of a se gment name if you want to leave that segment unchanged. For example, to leave the active boot segment unchanged and make segment 4 the active data segment, yo u coul[...]

  • Seite 273

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 273 FDEL Purpose: Deletes a particular file. Note When you use the FDEL command, the file is marked as invalid and remains in the file system. To reclaim the file space, you must erase the entire segment. Use th e FE command to erase a se gment. Syntax: FDEL f ( s ) where: f is the name of th[...]

  • Seite 274

    Chapter 9: Additi onal Access Point Fe atures 274 To erase the contents of the memory card, enter: FE APP: FFR Purpose: Runs a program f, from a locatio n s. Syntax: FFR f ( s ) where: f is the program name. s is the optional segment locatio n of the program. Example: To run program UAPBOOT .PRG from the flash memory segment, enter: FFR UAPBOO T.PR[...]

  • Seite 275

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 275 where: f is the FPGA configuration filename. s is the optional segment where you want to load th e configuration file.[...]

  • Seite 276

    Chapter 9: Additi onal Access Point Fe atures 276 Using Command Console Mode You can use the Command Console mode to ma nipulate some access point files and file segments. You can also use Command Console mode to upgrade access points using TFTP and script files. You access the Command Console mode throu gh the serial port using a communications pr[...]

  • Seite 277

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 277 Using the Commands Several of these commands require that you enter filenames. To indicate the segment where the file is located, you precede the filename with either a segment number or name followed by a colon. For e xample, 1:ap824x.prg refers to the AP824X.PRG file is located in segme[...]

  • Seite 278

    Chapter 9: Additi onal Access Point Fe atures 278 FD Purpose: Displays the flash file system directory, which includes information about the boot file and file type: E (executable ), D (data), and T (transparent). Use this command to en sure that the correct version of the file is in the active boot segment. For information about transparent files,[...]

  • Seite 279

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 279 FE Purpose: Erases all the files in a particular segment, including th ose that have been “deleted” with FDEL. To recover th e files after they have been erased, you must reload them from another so urce. Note You must execute the FE command before you execute a TFTP transfer. Syntax:[...]

  • Seite 280

    Chapter 9: Additi onal Access Point Fe atures 280 In general, TFTP client sessions shoul d fail only if the server is not responding either because it is busy serving oth er clients or because it has not been started. In eith er case, the access point backoff algorithm should prevent excessive network traffic when many access points are trying to c[...]

  • Seite 281

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 281 The following command gets file UAP.DNL from a d irectory on a PC server with IP address 1.2.3.4 and stores it in the flash memory seg ment on the access point. TFTP GET 1.2.3. 4 C:STARTU PUAP.DNL 1: The access point may generate thes e error messages when it issue s a TFTP GET command.[...]

  • Seite 282

    Chapter 9: Additi onal Access Point Fe atures 282 Example: The following command takes file AP824X.PRG that is saved in the active boot drive on the access point client and sto res it in the flash memory segment on the access poin t server that has IP address 1.2.3.4. TFTP PUT 1 .2.3.4 IB :AP824X.P RG 1:AP824X .PRG The access point may generate the[...]

  • Seite 283

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 283 TFTP SERVER STOP Purpose: When you are done transferring files, you can stop the access point from being a TFTP server by using this comman d. Syntax: TFTP SERVER STOP After you issue this command, the access point no longer respond s to TFTP client requests; however, curre nt TFTP sessio[...]

  • Seite 284

    Chapter 9: Additi onal Access Point Fe atures 284 Using sdvars Commands Use sdvars commands to manipulate certain software downloa d variables. Sdvars commands supp ort both GET and SET arguments. You can enter sdvars commands to GET a software download object, an d then issue the sdvars command using the SET argumen t to assign the object a specif[...]

  • Seite 285

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 285 sdvars set starttime Purpose: Sets the internal variable starttime. Sta rttime is a countdown time; that is, when zero is reache d, the software download process be gins. Set this variable to reflect how far in to the future the access point is to begin downloading a nd executing the scri[...]

  • Seite 286

    Chapter 9: Additi onal Access Point Fe atures 286 sdvars set ch eckpoint 2 TFTP get * ap82 4x.prg 1 sdvars set ch eckpoint 3 reboot When the software download is started, you can use SNMP to query its progress by reading the checkpoint variable. If th e variable has a value of 2, you know that the access point is trying to exe cute the TFTP get sta[...]

  • Seite 287

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 287 Example: To change the inactive boot and data se gments to active at the next reboot, enter: sdvars set seta ctivepoin ters both sdvars set nextpoweruptime Purpose: Sets the nextpoweruptime command to set the internal variable nextpoweruptime to a countdown time so that when 0 is reached,[...]

  • Seite 288

    Chapter 9: Additi onal Access Point Fe atures 288 Creating Script Files You can create a script file that exe cutes a series of commands. For example, when you upgrade the access point, you typically need to erase the flash memory segment, download the new files, and reboot using the new software. You can create a script file to perfo rm these comm[...]

  • Seite 289

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 289 file tftp g et * soft warecert .dnl 1: file tftp g et * soft wareclos ed.dnl 1: file tftp g et * soft waredisc inca.dnl 1: file tftp g et * soft wareeasd b.dnl 1: file tftp g et * soft wareecho .dnl 1: file tftp g et * soft warefavi con.dnl 1: file tftp g et * soft warefile .dnl 1:[...]

  • Seite 290

    Chapter 9: Additi onal Access Point Fe atures 290 Legacy Sample Script for Upgrading Any Access Point This sample script file was created for older access points with multiple segments. Although this script specifies segmen ts that do not exist on AT-WA7500 and AT-WA7501 access points, you can run this script on the access points without generating[...]

  • Seite 291

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 291 Copying Files To and From the Access Point You can accomplish a variety of file import /export tasks from the File Import/Export screen. In the menu bar, click File Import/Export, and the File Import and Export screen appears. From this screen you can perform t hese tasks, which are descr[...]

  • Seite 292

    Chapter 9: Additi onal Access Point Fe atures 292 Importing or Exporting an EAS RADIUS Database File To import or export an EAS RADIUS database file 1. Click Read or write the EAS RA DIUS database. The EAS Database Import/Export screen appears. 2. To import a file, enter of select the n ame of the database file to import and click Import Database. [...]

  • Seite 293

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 293 Transferring Files Using Your Web Browser To transfer files to the acce ss point using your web browser 1. Click Transfer files to this device using your browser. Th e File Import screen appears. 2. (Optional) You can type a filename in the first input field to specify the name that the f[...]

  • Seite 294

    Chapter 9: Additi onal Access Point Fe atures 294 Viewing and Copying Files Using Your Web Browser To view and copy files from the access point using your web browser 1. Click View the file system direct ory fro m this device using your browser. The File System Directory screen appears. Note The segment column on this screen contains the identifier[...]

  • Seite 295

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 295 Transferring Files to and from a TFTP Server To transfer files to and fr om a TFTP server 1. Click Transfer files to or from this device using the TFTP client. The TFTP Client screen appears. 2. In the Server IP Address field, enter the IP address or DNS name of the TFTP server. 3. In the[...]

  • Seite 296

    Chapter 9: Additi onal Access Point Fe atures 296 Starting or Stopping the TFTP Server To start or stop the TFTP server 1. Click Start or stop the TFTP se rver. The TFTP Server screen appears. 2. Click Stop Server to stop the TFT P server. Or click Start Server to start the TFTP server. You can also use the TFTP SERVER START and ST OP commands, des[...]

  • Seite 297

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 297 2. In the Server IP Address field, ty pe the IP address of a n active TFTP server from which the software downl oad script file will be retrieved. 3. In the Script File Name field, type the name of a file on the TFTP server that contains the commands that de fine the download process. 4. [...]

  • Seite 298

    298 Appendix A Specifications This appendix contains AT-WA7500 and AT-WA7501 specifications for reference purposes only. Actual product performance and compliance with local telecommunications regulatio ns may vary from country to country. Allied Telesyn only ships products that are type approved in the destination cou ntry.[...]

  • Seite 299

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 299 AT-7500 Access Point T able 80. A T -7500 T echnical S pecifications Dimensions H x L x W 4.6 cm x 25.0 cm x 1 5.9 cm (1.8 in x9.8 in x 6.3 in) Weight 526 g (1.16 lb) POE Electrical Rating x 48V , 315 mA Operating temperature -20 o C to +55 o C (-4 o F to +131 o F) S torage temperature -4[...]

  • Seite 300

    Appendix A: Specifica tions 300 AT-7501 Access Point T able 81. A T -7501 T echnical S pecifications Dimensions H x L x W 9.5 cm x 35.0 cm x 2 3.6 cm (3.8 in x 14.0 in x 5.8 in) Weight 2.63 kg (5. 8 lb) AC electrical rating S tandard: ~100 to 240V , 1.0 to 0.5A, 50 to 60 Hz Heater (optional) ~100 to 120V , 1.0A, 50 to 60 Hz or ~200 to 240V , 0.5A, [...]

  • Seite 301

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 301 Serial port maximum dat a rate 1 15,200 bps Management interfaces W eb browser-bas ed manager , text-based menu system, serial port, T elnet, SNMP SNMP agent RFC 1213 (MIB-2), RFC 1398 (dot3), RFC 1493 (Bridge), 802.1 1, 802.1x Regulatory Approvals EN 55022/CISPR 22 Class A; FCC Part 15 &[...]

  • Seite 302

    Appendix A: Specifica tions 302 Radio Specifications IEEE 802.11g IEEE 802.11b T able 82. IEEE 802.1 1g Radio T echnical S pecifications Frequency band 2.4 to 2.5 GHz worldwide T y pe Direct sequence, spread spectrum Modulation Direct sequence, spread spectrum (CCK, DQPSK, DBPSK) Power output 63 mW (18 dBm) Basic data ra te 1 1, 5.5, 2, and 1 Mbps [...]

  • Seite 303

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 303 IEEE 802.11a Channels 1 1 (North America), 13 (Europe), 4 (France), 14 (Japan). 1 (Israel) Range (1 1 Mbps) 160 m (525 ft) open en vironment 50 m (165 ft) semi-open e nvironment 24 m (80 ft) in closed environment Unlimited range with roaming Receiver sensitivity (1 1 Mbps) -82 dBm Securit[...]

  • Seite 304

    Appendix A: Specifica tions 304 Range (depending on environment) 248 m (813.7 f t) 6 Mbps 240 m (787.4 f t) 12 Mbps 175 m (574.2 f t) 18 Mbps 132 m (433.1 f t) 24 Mbps 56 m (183.7 f t) 36 Mbps 37 m (121.4 f t) 48 Mbps 19 m (62.3 f t) 54 Mbps Receiver sensitivity (54 Mbps) -68 dBm T able 84. IEEE 802.1 1a Radio T echnical S pecifications[...]

  • Seite 305

    305 Appendix B Default Settings This appendix provides factory defaul ts for ref erence purposes only. The factory default sett ings for the access points are listed in this section. You can record the settings for your installation in each table for reference.[...]

  • Seite 306

    Appendix B: Default Settin gs 306 TCP/IP Settings Menu Defaults T able 85. TCP/IP Settings Menu Defaults Parameter Name Range Default Y our Site? IP Address 4 nodes, 0 to 255 or DNS name 0.0.0.0 IP Subnet Mask 4 nodes, 0 to 255 255.255.255.0 IP Router (Gateway ) 4 nodes, 0 to 255 0.0.0.0 DNS Address 1 4 nodes, 0 to 255 0.0.0.0 DNS Address 2 4 nodes[...]

  • Seite 307

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 307 DHCP for Access Point Network Use Any Available DHCP Server , Only Use Access Point DHCP Server Use Any Availa ble DHCP Server Auto ARP Minutes 0 to 120 5 T able 85. TCP/IP Settings Menu Defaults Parameter Name Range Default Y our Site?[...]

  • Seite 308

    Appendix B: Default Settin gs 308 DHCP Server Setup Menu Defaults T able 86. DHCP Server Setup Menu Default s Parameter Name Range Default Y our Site? Low Address 4 nodes, 0 to 255 10.10.10.100 High Address 4 nodes, 0 to 255 10.10.10.199 Lease T ime days:hours:minutes 0:00:20 Permanently Save IP Address Mappings Check/Clea r Clear IP Subnet Mask 4 [...]

  • Seite 309

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 309 IEEE 802.11g Radio Menu Defaults T able 87. 802.1 1g Radio Menu Default s Parameter Name Range Default Y our Site? Frequency Channel 1 to 1 1, 2412 to 2462 MHz Channel 03, 2422 MHz Node T y pe Master , S tation, Disabled Master SSID (Network Name) 0 to 32 characters atilan Member Limit 12[...]

  • Seite 310

    Appendix B: Default Settin gs 310 Antenna Control T wo Antennas/ One Antenna One Antenna Mixed Mode Performance Optimize Mixed (802.1 1b and 802.1 1g), Optimize for 802.1 1g clients, Optimize for 802.1 1b clients Optimize Mixed (802.1 1b and 802.1 1g) Disallow Network Na me of ‘ANY’ Check/Clea r Clear DTIM Period 1 to 65535 1 Inbound Filters (P[...]

  • Seite 311

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 311 IEEE 802.11b Radio Menu Defaults T able 88. 802.1 1b Radio Menu Default s Parameter Name Range Default Y our Site? Node T y pe Master , S tation, Disabled Master SSID (Network Name) 0 to 32 characters atilan Frequency Channel 1 to 1 1, 2412 to 2462 MHz Channel 03, 2422 MHz Advanced Config[...]

  • Seite 312

    Appendix B: Default Settin gs 312 Enable Medium Density Distribution Check/Clear Clear Data/Voice Settings Data T raffic Only , Data a nd Sp e c t r a L i n k Tr a f f i c , Sp e c t r a L i n k Tr a f f i c O n l y Data T raffic only Disallow Network Name of ‘ANY’ Check/Clear Clear DTIM Period 1 to 65535 1 Inbound Filters Parameters Allow IAPP[...]

  • Seite 313

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 313 IEEE 802.11a Radio Menu Defaults T able 89. 802.1 1a Radio Menu Default s Parameter Name Range Default Y our Site? Frequency Dynamic, 36, 40, 42, 44, 48, 50, 52, 56, 58, 60, 64 (full-range) Channel 36, 5180 MHz IEEE (mid-range) Channel 52, 5260 MHz IEEE Allow Wireless Access Points On Pri[...]

  • Seite 314

    Appendix B: Default Settin gs 314 Reservation Threshold (2347 to Disable) 1 to 65535 2347 Fragmentation Threshold 256 to 2346 2346 Disallow Network Name of ‘ANY’ Check/Clear Clear Beacon Period 20 to 1000 TU 100 DTIM Period 1 to 5 1 Inbound Filters Allow IAPP Check/Clear Check Allow Wireless Transport Protocol (WTP) Check/Clear Check Allow UDP [...]

  • Seite 315

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 315 Spanning Tree Settings Menu Defaults T able 90. S panning T ree Setting Menu Default s Parameter Name Range Default Y our Site? AP Name 0 to 16 characters (access point serial number) LAN ID (Domain) 0 to 254 0 Root Priority 0 to 7 1 Enable Ethernet Bridging Check/Clear Check Enable GVRP [...]

  • Seite 316

    Appendix B: Default Settin gs 316 Global Flooding Menu Defaults T able 91. Global Flooding Menu Default s Parameter Name Range Default Y our Site? Multicast Flooding Universal , Hierarchical, Disabled Hierarchical Multicast Outbound to Secondary LANs Enabled globally/Set locally Set locally Allow Multicast Outbound to T erminals Check/Clear Check U[...]

  • Seite 317

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 317 Global RF Parameters Menu Defaults T able 92. Global RF Parameters Menu Defaults Parameter Name Range Default Y our Site? Perform RFC1042/DIX Conversion Check/Clear Check S-UHF Rfp Threshold Set Globally Enabled/ Disabled Disabled Value 0 to 250 bytes 70 bytes S-UHF Frag Size Set Globally[...]

  • Seite 318

    Appendix B: Default Settin gs 318 3 through 20 T wo sets of hexadecimal pair s 00 through FF . 00 00 T able 92. Global RF Parameters Menu Default s Parameter Name Range Default Y our Site?[...]

  • Seite 319

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 319 Telnet Gateway Configuration Menu Defaults T able 93. T e lnet Gateway Configuration Menu Default s Parameter Name Range Default Y our Site? Host Name IP address or DNS name (blank) Host Port 23 23 T erm Port Off, 23,5000, 5001, 5002, 5003, 5004, 5005, 5006, 5007, 5008, 5008 Off Idle T im[...]

  • Seite 320

    Appendix B: Default Settin gs 320 Ethernet Configuration Menu Defaults T able 94. Ethernet Configuration Menu Default s Parameter Name Range Default Y our Site? Port T ype 10/100 Mb T wisted- Pair 100 Mb Fiber Optic 10/100 Mb T wisted-Pair Link S peed Auto Select, 100 Mbps Full-Duplex, 100 Mbps Half- Duplex, 10 Mbps Full-Duplex, 10 Mbps Half-Du ple[...]

  • Seite 321

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 321 Ethernet Advanced Filters Menu Defaults T able 95. Ethernet Advanced Filters Menu Default s Parameter Name Range Default Y our Site? Customizable Subtype Filters Allow/Pass Check/Clear Check SubType DIX-IP-TCP-Port, DIX-IP-UDP-Port, DIX-IP-Protocol, DIX-IPX-Socket, DIX-EtherT ype, SNAP-IP[...]

  • Seite 322

    Appendix B: Default Settin gs 322 IP Tunnels Menu Defaults Tunnels Filter Menu Defaults T able 96. IP T unnels Menu Defaults Parameter Name Range Default Y our Site? Mode Listen, Originate If Root, Disabled Listen Enable IGMP (Appears if Mode is Listen) Check/Clear Clear Multicast Address (Appears if Enable IGMP is checked) 4 nodes, 0 to 255 224.0.[...]

  • Seite 323

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 323 SubType DIX-IP-TCP-Port, DIX-IP-UDP-Port, DIX-IP-Protocol, DIX-IPX-Socket, DIX-EtherT ype, SNAP-IP-TCP- Port, SNAP -IP-UDP- Port, SNAP -IP-Protocol, SNAP -IPX-Socket, SNAP -EtherT ype, 802.3-IPX-Socket, 802.2 -IPX-Socket, 802.2-SAP DIX-IP-TCP- Port Value T wo sets of hexadecimal pairs 00 [...]

  • Seite 324

    Appendix B: Default Settin gs 324 Network Management Menu Defaults Instant On Menu Defaults T able 98. Network Management Menu Default s Parameter Name Range Default Y our Site? SNMP Read Community 1 to 15 characters public SNMP W rite Community 1 to 15 characters CR52401 SNMP Secret Community 1 to 15 characters Secret Avalanche Agent Name IP addre[...]

  • Seite 325

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 325 Security Menu Defaults Passwords Menu Defaults T able 100. Security Menu Defaults Parameter Name Range Default Y our Site? Browser Access Secure-Only (Port 443), Enabled (Port 80/443), Disabled Enabled (Port 80/443) Allow T elnet Access (Port 23) Check/Clear Check Allow SNMP Access (Port [...]

  • Seite 326

    Appendix B: Default Settin gs 326 IEEE 802.11 (g, b or a) Radio Security Menu Defaults Password 1 to 32 characters (Not case sensitive ) atilan Read Only Password 1 to 32 characters (Not case sensitive ) (blank) Allow Service Password Check/Clear Check T able 101. Password Menu Defaults Parameter Name Range Default Y our Site? T able 102. IEEE 802.[...]

  • Seite 327

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 327 If Security Level is S tatic WEP WEP Transmit Key 1, 2, 3, or 4 1 WEP Key 1 to 4 5 ASCII characters (or hex pairs) to 16 ACSII characters (or hex pairs) 8021 1 If Security Level is Dynamic WEP/802.1x Key Rotation Period Any number 5 If Security Level is WP A/PSK Multicast Encryption Type [...]

  • Seite 328

    Appendix B: Default Settin gs 328 RADIUS Server List Menu Defaults Spanning Tree Security Menu Defaults T able 103. RADIUS Server List Menu Defaults Parameter Name Range Default Y our Site? IP Address/ DNS name 4 nodes, 0 to 255 or DNS name 0.0.0.0 Secret Key 16 to 32 bytes (factory def ault) Port 1-65535 Recommended range is 49152-65535 1812 802.1[...]

  • Seite 329

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 329 Embedded Authentication Server Menu Defaults Password 1 to 31 characters anonymous Verify CA Certificate Check/Clea r Clear T able 104. S panning T ree Security Menu Defaults Parameter Name Range Default Y our Site? T able 105. Embedded Authentication Server Menu Default s Parameter Name [...]

  • Seite 330

    330 Appendix C Glossary ARP (Address Resolution Protocol) cache A table that stores IP addresses and their corresponding MAC addresses. The access point maintains an ARP cache and can act as an ARP server. BFSK (Binary Frequency Shift Key) A broadcasting method that len gthens the range but halves the throughput as compared to the QFSK method. In a[...]

  • Seite 331

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 331 To enable data link tunneling, disab le Ethernet bridging. designated bridge Also called a secondary LAN b ridge. An access point that is assigned the role of bridging frames destined for or received from a secondary LAN. A designated bridge connects a secondary LAN with the primary LAN. [...]

  • Seite 332

    Appendix C: Glossary 332 Ethernet bridging When an access point receives wireless traffic and the destination address is known, it forwards frames to the port with the shortest path t o the destination address. When the access point has no t learned the direction of the shortest path for the destination address, it forwards frames based on flooding[...]

  • Seite 333

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 333 IGMP (Internet Group Management Protocol) A standard protocol that lets you originate multiple IP tunnels using one IP multicast address. IGMP allows IP mult icast frames to be routed to remote IP subnets that have hosts participati ng in the multicast group. By enabling IGMP, access poin[...]

  • Seite 334

    Appendix C: Glossary 334 activity. The MIB for the access point is available from the Allied Telesyn web site at www.alliedtelesyn.com. multicast address A form of broadcast address throug h which copies of the frame are delivered to a subset of all possi ble destinations that have a common multicast address. NAT (Network Address Translation) A mec[...]

  • Seite 335

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 335 point-to-point bridge See also wireless bridg e. A bridge that connects two wired networks wit h similar architectures. Two access poi nts can be used to provide a point-to- point bridge between two buildings so t hat wired and wireless devices in each building can communi cate with devic[...]

  • Seite 336

    Appendix C: Glossary 336 root port The access point port that provides the inbou nd connection to the spanning tree. The root port provide s a link to a parent access point. Note that a root access point does not have a root port. root IP subnet Also called the home IP subnet and primary LAN. The IP subn et that contains the root access point. If w[...]

  • Seite 337

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 337 with the MIB to obtain information about network act ivity. spanning tree A form of network organization in wh ich each device on the network has only one path to the root. The access points a utomatically configure into a self-organized network that provides efficient, loop-free forwardi[...]

  • Seite 338

    Appendix C: Glossary 338 to the home subnet of the end device. If the end device has roamed to another subnet, the frame must be forwarded to the remote subnet where the end device currently resides. unicast address A unique Ethernet address assigne d to a single device on the n etwork. VLAN (virtual LAN) A network of wireless end devices that beha[...]

  • Seite 339

    AT-WA7500 and AT-WA7501 Installation and User ’s Guide 339 WPA (Wi-Fi Protected Access) A feature that can be implemented in the 802.11g, 802.11b, and 802. 11a radios for security in a wireless net work. WPA is a strongly enhanced, interoperable Wi-Fi security protocol that addresses man y of the vulnerabilities of WEP. It provides stronger RC4 e[...]