Instruction/ maintenance manual of the product 2.4GHz/5GHz SMC Networks
Go to page of 322
38 T esla Irvine, CA 92618 Phone: (9 49) 679-8000 EliteConnect ™ Un iver sal 2.4G Hz/5GH z Wirele ss Du al-Ba nd Outdoor Access P o int/Brid ge The easy wa y to make all your networ k co nnections May 2005 Revisi on Num ber: R01 F1.
Copyright Information fur nishe d by SMC Networ ks, Inc. (S MC) is b eliev ed to b e accurate and reli able. Howe ver, no responsib ility is assu med by SMC for it s use, nor for any infri ngemen ts of pa tents or other righ ts of third par ties which may result from its use.
i L IMITED W ARRANTY Limited Warranty Statement: SMC Networks, Inc. (“SMC”) war rants its products to be free f rom defects in wor kmanship and materials, under normal use and serv ice, f or the applicable warranty term. All SMC products carr y a standard 90-day limited warranty from the date of purchase from SM C or its Authorized Reseller .
L IMITED W AR RANTY ii Customers are res ponsible f or all shipping charges from their facility to SMC . SMC is responsible for return shippi ng c harges from SMC to c ustomer .
iii C OMPLIA NCES Federal Comm unication Co m miss ion Inter ference Stat emen t This equipment has been tested and found to comply with the limits for a Class B digital de v ice, pursuant to P ar t 15 of the FCC Rules. These limits are designed to provide reasonab le protection against har mful interference in a residentia l installation.
C OMP LIANCE S iv Wirele ss 5 GHz Band State ments: As the SMC2888W access point/bridge can ope rate in the 5150-5250 MHz frequency band it is limit ed by the FCC , Industry Canada and some other countries to indoor use only so as to r educe the potential for harmful interference to co-channel M obile Satellite sys tems.
C OMPL I AN CES v • This device employs a radar detection feature required for European Community operation in the 5 G Hz band. This feat ure is automatically enabled when the country of operation is correctly configured for any European Community country.
C OMP LIANCE S vi Operation Using 5 GHz Channels in the Eur opean Community The user/installer must use the prov ided configuration utility to check the current channel of operation and m ake necessar.
C OMPL I AN CES vii Decla r ation of Confor mity in Languages of the Eur opean Community English Hereby, SMC N etworks, declares that this Radio LA N device is in compliance w ith the essential requirement s and other r elevant provisions of Directive 1999/ 5/EC.
C OMP LIANCE S viii Safety Co mplia nce Po w e r C o r d S a f e t y Please read the following safety information carefully before installing the wireless access point: W ARNING: Installation and remov al of the unit must be carried out by qualified personnel only .
C OMPL I AN CES ix Impo rt ant! Before making connections, make sure you ha ve the correct cord set. Check it (read t he label on the cable) against the f ollowing: Powe r Cord S et U.S.A. and Canada The cord set must be UL-approved and CSA certified.
C OMP LIANCE S x Veuillez l ire à fond l'informati on de la sécurité sui vante avant d'installe r le wir eless ac cess point: A VERTI SSEMENT : L ’installation et la dépose de ce groupe doivent être confiés à un personnel qualifié.
C OMPL I AN CES xi Bitte unbedin gt vor dem Einbauen de s Access Point die folgende n Sicherheitsa nweisungen durchle sen (Germany ) : W ARNUNG: Die Inst allation und der Ausbau des Geräts darf nur durch F achpersonal erfolgen. • Das Gerät sollte nicht an ei n e ungeerdete Wechselstromsteckdos e angeschlossen werden.
C OMP LIANCE S xii gegeben, wenn auch die an das G erät angeschlosse nen Geräte unter SELV-Bedingungen betrieben werden. • Stromkabe l . Dies muss von de m Land, in dem es benutzt wird geprüft werden: U.S.A und Kanada Der Cord muß das UL gepruft und war das CSA beglaubigt.
xiii T ABLE OF C ONTENTS 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Packag e Checklis t . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Hardware Des cription . . . . . . . . . . . . . . . . . . .
T ABLE OF C ONTENTS xiv Connect E xternal An tennas . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5 Connect Ca bles to th e Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . 4- 7 Connect th e Power Injec tor . . . . . . . . . . . . .
T AB LE OF C ONT ENT S xv Entering Co mmands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3 Keywords and Argu ments . . . . . . . . . . . . . . . . . . . . . . . . 7-3 Minimum Abbrevia tion . . . . . . . . . . . . . . . . . . . . .
T ABLE OF C ONTENTS xvi System Clock Comma nds . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 -28 sntp-serve r ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-29 sntp-serve r enable . . . . . . . . . . . . . . . . . .
T AB LE OF C ONT ENT S xvii WDS Co mmands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 -61 wds chan nel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 -62 wds mac-a ddress . . . . . . . . . . . . . . . . .
T ABLE OF C ONTENTS xviii dns server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 -92 ip addr ess . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-93 ip dhcp . . . . . . . . . . . . . . . . . . . .
T AB LE OF C ONT ENT S xix A Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . A-1 B Specific ations . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1 General S pecific ations . . . . . . . . . . . . . . . . . . . . . . . . . .
T ABLE OF C ONTENTS xx.
1-1 Chapter 1 Introduction The SMC Elite Connect Uni v ersal 2.4GHz /5GHz Wi reless Dual-Ba nd Outdoo r Acce ss P oin t/Bri dge sys tem cons ists of two models t hat provide poi nt-to-point or point- .
Introductio n 1-2 In additio n, both wireless brid ge mode ls offer full ne twork managemen t capa bilitie s throug h an eas y-to-use web interface, a command- line in terface, and suppor t for Simple Networ k Managemen t Prot ocol (SNMP ) tools. Radio Characteristics – The I EEE 802.
P ac kage Chec klist 1-3 • Outdoor pol e-mounti ng bracket kit • O u t door w a l l - m ou n ti n g b r a c k e t k i t • T h i s Us e r G u i d e Inform your dealer if there are any incorrec t, miss ing or dam aged par t s. If possible, retain the c ar ton, i ncludin g the or iginal packing mater ials.
Introductio n 1-4 Hardware Description Ether net Port RSSI Conne ctor with Protective Cap Grounding Point Screw Integrated An tenna Bott om Vie w Top Vie w (SMC288 8W-S) N-Type External Antenna Con nector (2.4 GHz) N-Type Extern al Antenna Connecto r (2.
Hardware Descr iption 1-5 Integrated High-Gain Antenna The SMC 2888W-S wireless b rid ge inclu des an in tegrated high-ga in (17 dB i) flat-pa nel antenn a for 5 GHz operat ion.
Introductio n 1-6 Power Injector Module The wire less bridge receiv es po we r throug h its ne twork ca ble connecti on us ing power-ov er -Ether ne t technolo gy .
Hardware Descr iption 1-7 The power inj ector mo dule au tomatica lly a djust s to any AC v o ltage b etween 100-2 40 volts at 50 or 60 Hz. No v o ltage range settings are re quired. Wa r n i n g : The pow er injector m odule is desi gned f or indoor u se only .
Introductio n 1-8 System Configurati on At each locat ion where a unit is install ed, it must be connected to the lo cal networ k usi ng the power inj ector mo dule.
F eatures an d Benefits 1-9 Features and Benefi ts • SMC288 8W -S Slav e units suppor t a 5 GHz hig h-gain 1 7 dBi antenna • SMC2888W-M Maste r units s uppor t 5 GHz point- to-multipoint links usi ng v ar ious extern al antenna options • Both SMC2 888W-S and SMC2888 W - M units a lso sup por t access point ser vic es for the 5 GH z and 2.
Introductio n 1-10 System Defaults The following table lis ts som e of the wireles s bri dge’ s basic system defaults. To reset the bridge de faults, us e the CLI command “reset configur ation” f rom the E xec level prompt.
System Def aults 1-11 SNMP Status Enab led Locat ion null Contac t Contact Comm unity (R ead Only ) Public Communi ty (Read/Write) Private Traps Enab led Trap Dest inat ion I P Add ress null Trap Dest inati on Co mmun ity Name Public System Logging Syslog Disabled Logging Host Disabl ed Logging Console Disabl ed IP Address / Host Name 0.
Introductio n 1-12 Wire less Interface 802.11a Status Enable d SSID SMC Turbo Mode Disabl ed Radio Channe l Default to first chann el Auto Ch annel Sele ct Enabled Transmi t Power Full Maximum Da ta Rate 54 Mbps Beacon I nterval 100 TUs Data Beac on Rate (DTIM Interval ) 2 beacons RTS Thresh old 2347 bytes Wire less Security 802.
System Def aults 1-13 Wire less Interface 802. 11b/ g Status Enabled SSID SMC Radio Channe l Default to first chann el Auto Ch annel Sele ct Enabled Transmi t Power Full Maximum Da ta Rate 54 Mbps Beacon I nterval 100 TUs Data Beac on Rate (DTIM Interval ) 2 beacons RTS Thresh old 2347 bytes Wire less Security 802.
Introductio n 1-14.
2-1 Chapter 2 Network Configuration The Dual -band O utdoor Acc ess P oi nt / Br idge sy stem pr ovides access point or br idgin g ser vi ces through either the 5 GH z or 2.4 GHz radio inter f aces. The wireles s bri dge unit s can be used ju st as nor mal 802.
Netw or k Config uratio n 2-2 The 802. 11b and 802 .11g fr equency ban d, whic h operates at 2.4 GHz, can ea sily en counte r inter f e rence fr om other 2.4 GH z devices, such as other 802 .11b or g wirel ess devices, cord less phones an d microwav e ovens.
Access P oint T opo l ogies 2-3 Infrastructure W ireless LAN The acces s point function of the wireles s bri dge provides a ccess to a wire d LAN for 802.11a/b/ g wirele ss wor kstation s. An integrated wir ed/wireles s LAN is called an Infrastr ucture configura tion.
Netw or k Config uratio n 2-4 Infrastructure Wirele ss LAN for Roaming Wireless PCs The Basi c Ser vic e Set (BSS ) define s the communi catio ns domain f o r each a ccess poi nt and its associate d wirele ss client s.
Bridge Link T opolo gies 2-5 Bridge Link To pologi es The IEE E 802.11 s tandard defines a WIreless Distri bution System (WDS) for brid ge con nections between BSS areas (access points). T he out door wirel ess br idge us es WDS to f o rward traffic on links between units.
Netw or k Config uratio n 2-6 Note: Th e external antennas offer longe r range o ptions using the 5 GHz radi o, wh ich m akes this inte rfac e more suit able for br idg e link s. When usi ng WDS on a radio band, onl y wirele ss br idge un its can associ ate to e ach other.
Bridge Link T opolo gies 2-7 Master with Omnidirectional Antenna Slave Slave Slave Slave Slave Slave Master with Sector Antenna Slave Slave Slave.
Netw or k Config uratio n 2-8.
3-1 Chapter 3 Bridge Link Planning The SMC Dual-ban d Outdoor A ccess P oi nt / Br idge s uppor ts fixed point-to-poi nt or poi nt-to-mul tipoint wi reless links. A sin gle link bet ween two point s can be used to connect a rem ote site to larger core ne twork.
Br idge Li nk P lanni ng 3-2 Thi s area is kno wn as the f irst F res nel Zone of the r adio li nk. F or a radio link not to b e affected by obstacles along its path, n o object, i ncluding th e ground , must intr ude with in 60% of the first F resnel Zone.
Radio P ath Planni ng 3-3 • Be sur e there i s enough clearance f rom building s and tha t no building con stru ction may ev entually block the path.
Br idge Li nk P lanni ng 3-4 . Note that to av oi d any obstr uction along the path, th e heig ht of the objec t must be a dded to the minimum clearance r equired f o r a clear radio line-o f-sight. Consider th e following simple example, illustra ted in the f igure below .
Radio P ath Planni ng 3-5 A wirel ess br idge l ink is dep loy ed to connec t building A to a building B, which is lo cated thr ee miles (4.8 km ) awa y . Mid -wa y between the two buidings is a small tr ee-covered hill. F r om the abov e t able it can be seen th at for a three-mil e link, th e object clearance r equired at the m id-poin t is 5.
Br idge Li nk P lanni ng 3-6 • The wireles s br idge antenna s at both en ds of the li nk must be position ed with the same polar izat ion directi on, ei ther horiz ontal or vertical Antenna P olarization — The wire less br idge ’ s integrated antenna sends a radio signal that is p olar ized in a par tic ular directi on.
Radio P ath Planni ng 3-7 Weather Conditions When p lanning w ireless b ridg e lin ks, you must take into ac count any e xt reme weather conditi ons that a re known to affect your loca tion. Cons ider thes e factors: • T emperature — The wirel ess br idge i s tested f o r nor mal operation in te mperatures fr om -33° C to 55°C.
Br idge Li nk P lanni ng 3-8 Ethernet C abling When a sui table antenna loc ation has been de ter mined, you must plan a cable route form th e wireles s bridge outdoors to th e power injector modu le indoor s.
4-1 Chapter 4 Hardware Installation Before mounting antennas to se t up your wire less br idge links, be sure you have selecte d appropr iate location s for each an tenna. F ol low the guidanc e and in f o rm ation in Cha pter 2, “W ireless L ink Plannin g.
Hardware Installation 4-2 5. Align an tennas at both end s of th e link. Testing Basic Link Ope ration Set up the units over a very s hor t range (15 to 25 f eet) , either outdoors or indo ors. Connect th e units a s indic ated in thi s chapt er and be su re to p erf or m all the bas ic configu ration ta sks out lined abov e.
Mount th e Unit 4-3 3. Use the in clud ed nuts to tig htly sec ure the w ireless b ridg e to the brack et. Be s ure to take acco unt of th e antenna polar izatio n direct ion; both a ntennas in a li nk must be mounted wi th the sam e polar izatio n.
Hardware Installation 4-4 Mounting on L a rger Diameter Poles In additio n, there i s a me thod for attachin g the po le-mount ing brack e t to a pole that is 2 t o 5 inche s in diam eter usi ng an adjustable steel band cla mp (not i ncluded in the ki t).
Connect Exte r nal Antennas 4-5 2. P ositio n the bracket in the inten ded locat ion and mar k the position of the three moun ting sc rew holes. 3. Dril l three holes in the wall tha t match the screws and wall plugs in cluded in th e bracket kit, then secur e the bracket to the wall.
Hardware Installation 4-6 2. Connect th e antenn a to the br idge’s N-type connec tor . 3. Apply weath er proofin g tape t o the an tenna conn ectors to help prev ent water enter ing the con nectors. RF Coaxial Cable 2.4 GHz External Omnidirectional Antenna 2.
Connect Cables to the Unit 4-7 Connect Cables to the Unit 1. Attach the Ether net cable to the Ether net p or t on the wirele ss bri dge. Note: The Et hernet cable inc l uded with the pa ckage is 30 m (100 ft) long. To wire a longer c able (maxim um 100 m, 325 ft), use the connec tor pinout inform ation in Appendi x B.
Hardware Installation 4-8 Note: The wi reless bridge’s Ethernet port does not support Pow er over Ethernet (PoE) bas ed on the IEEE 802.3a f standar d. Do not try to power t he unit by conn ecting it direct ly to a network switch that provide s IEEE 80 2.
Align Antenna s 4-9 5. Check the LED o n top of the power injector to be sur e that power is being suppl ied to the wireles s br idge t hrough th e Ether ne t connect ion.
Hardware Installation 4-10 strong c entral main l obe and sma ller si de lobes. The ob ject of the alignmen t proces s is to se t the ant enna so th at it is r eceiving the stronge st si gnal from the c entral main lobe.
Align Antenna s 4-11 2. P an the antenna hori zontally b ack and f o r th w hile che cking the RSSI voltage. If us ing the pole -mountin g bracket with the unit, you must rotat e the mo unting bracket around the po le. Other exter nal anten na brack ets may require a different hori zontal adjustm ent.
Hardware Installation 4-12.
5-1 Chapter 5 Initial Configuration The wireless br id ge off ers a v ariety of mana gement o ptions , includi ng a web- based in terf ace, a com mand li ne inter f a ce (CLI) , or usin g SNMP ma nagement s oftware. Most ini tial con figurati on steps can be ma de thr ough the web browser inter face using the S etup W izard (pa ge 5-4).
Initial Configuratio n 5-2 Initial Setup t hrough the C LI The wire less br idge provides ac cess to the CLI through a T elnet connecti on. Y ou ca n open a T elnet ses sion by perfor ming thes e steps: 1. F rom t he host computer, enter the T elne t comm and and t he IP address of the wir eless brid ge unit (default 1 92.
Initial Setup through th e CLI 5-3 At the Exec prom pt, type “c ountr y ?” to disp lay the list of countr y codes. Check the code for your countr y , th en ente r the cou ntr y command again followed b y your countr y c ode (e.g., IE f o r Ire land).
Initial Configuratio n 5-4 After co nfigur ing the wireles s br idge’ s IP parame ters, you can access the manag ement i nterface from anywhere wi thin the attached n etwor k. The co mmand l ine inter face can also be access ed usin g T elnet from a ny computer attach ed to the network .
Using the W eb-base d Management S etup Wizard 5-5 The home page dis pla y s the Mai n Menu. Launching the Setup Wizard – T o pe rf o r m initi al co nfiguration , click Setup Wiz ard on the home page, then click on the [Next] button to star t the proc ess.
Initial Configuratio n 5-6 2. Radio Channel – Y ou must enable radi o communicati ons for the 802.11a and 80 2.11g radios a nd set the operatin g chann el.
Using the W eb-base d Management S etup Wizard 5-7 T urbo Mode – I f you select Enable, the wireles s bri dge will operate i n turbo m ode with a data rate of up to 108 Mbps. Nor mal mo de su ppor ts 1 3 cha nnels, T urbo m ode suppo r ts onl y 5 chan nels.
Initial Configuratio n 5-8 Note: Avai lable channel s ettings are l imited by loc al regulat ions which deter mine wh ich chan nels are ava ilable. 3. IP Configuration – Either enable or disable (Dynam ic Host Configuration Pr otocol (DHCP) for automatic IP confi guration.
Using the W eb-base d Management S etup Wizard 5-9 4. WDS – T o set up a wireles s br idge lin k, you must configu re the WDS forwarding table by specifyi ng the Et her net MAC address of t he br idge to which you want to forward traffic.
Initial Configuratio n 5-10 5. Securit y (8 02.11g) – Set the Authenticati on T ype to “Open System” t o allow ope n access w ithout authe nticatio n, or “Shared Ke y” to require a uthenti cation b ased on a sha red key . Enable Wire d Equivalent P rivacy (W EP) to e ncr y pt data transmissions.
Using the W eb-base d Management S etup Wizard 5-11 hexadecimal or A SCII str ing of the approp ria te length. T he key can b e entere d as alp hanumer ic chara cters or hexadecimal ( 0~9, A~F , e.
Initial Configuratio n 5-12.
6-1 Chapter 6 System Configuration Before continuing with advanced co nfiguration , first comp lete th e initial configurat ion st eps desc rib ed in C hapter 5 t o set u p an IP address f or the wi reless br idge. The wirel ess br idge c an be m anaged by any com puter us ing a web browser (Inte rn et Explo rer 5.
System Configuratio n 6-2 When t he home pag e displ a y s, click on Ad v a nced Setu p . The f o llowing pa ge will d isplay . The inform ation i n this c hapter is organi zed to refle ct the str uctu re of the web sc reens for easy reference.
Advanced Conf iguration 6-3 Advanced Con figuration The Advanced Configurati on pages incl ude the f o llowing optio ns. Menu Descript ion Page System Config ures basic adm inistrati ve and client acc.
System Configuratio n 6-4 System Iden tificati on The syste m informat ion paramete rs for the wireless b ridg e can be left at thei r default settings. Howe v er , modi fying the se paramete rs can h elp you to mor e easily disting uish different devices in your network .
Advanced Conf iguration 6-5 System Name – An a lias for the wireles s br idge, enabling the device to be unique ly identi fied o n the networ k. (De f a ult: Dua l Band Ou tdoor AP ; Range: 1- 22 character s) Outdoor Bri dge Band – Sele cts the rad io ban d used for bri dge links.
System Configuratio n 6-6 CLI Command s for System Id entificat ion – Ente r the glo bal configura tion mo de and use the syste m name comma nd to specify a new system name. Use the snmp- server location and snmp-serv er contact command s to i ndicate th e physical location of th e wirel ess br idge and defi ne a system contac t.
Advanced Conf iguration 6-7 TCP / IP Se ttings Configu rin g the wire less br idge wit h an IP address expands your ability to manage the wirel ess br idge.
System Configuratio n 6-8 DHCP Client (Enable) – Selec t this op tion to obtain the IP settings for the wireless br idge from a DHCP (Dynamic Host Configu ration Protoc ol) ser ver .
Advanced Conf iguration 6-9 • Default Gatew ay: The default gatew ay is the IP addres s of the router for the wirele ss b ridg e, which is use d if the r equested destinati on addre ss is not o n the l ocal sub net.
System Configuratio n 6-10 Radius Remote Authenticatio n Dial-i n User Ser v ice (RA DIUS) is an authent ication p rotocol tha t uses s oftware r unning on a cent ral server t o control ac cess to RADIUS -a ware de vices on th e network .
Advanced Conf iguration 6-11 Pri mar y Radius Se r ver Setup – Config ure the following se ttings to use RA DIUS authent ication o n the acc ess point. • IP Addr ess: Spe cifies the IP a ddress or host name of the RADIUS ser v e r . • P or t: T he UDP por t number u sed by the RADIUS s er ver f or authent ication messa ges.
System Configuratio n 6-12 • K ey: A sh ared text str ing u sed to en cr ypt message s between the acce ss point and the RAD IUS se r v e r . Be sure that the same text str ing is specifi ed on the R ADIUS ser ver . Do not use blank sp aces in the str ing.
Advanced Conf iguration 6-13 to displ a y th e curr ent settin gs for the pr imar y an d second ar y RADIUS ser v e rs. PPPoE Sett ings The wirel ess br idge u ses a P oi nt-to-P oi nt Protoc ol ov e .
System Configuratio n 6-14 PPP ov e r Ether net – Enable PPP o E on the RJ-45 E ther net interface to pass management traffic bet ween the unit a nd a remote PPP oE se r v er . (Default: Disable) PPP o E User n ame – The user na me assigned for the PPP oE tunnel.
Advanced Conf iguration 6-15 IP Allocat ion Mode – T his fiel d specifie s how IP adre sses for the PPP o E tunnel a re co nfigured on the RJ- 45 inter face.
System Configuratio n 6-16 Authentication Wirele ss cli ents can be auth enticated f o r networ k acce ss by checking the ir MAC address a gainst the loca l datab ase configur ed on the access point, or by using a da tabase configur ed on a c entral RADIUS s er ver .
Advanced Conf iguration 6-17 Ethe r net Su pplican t Set up – Allows th e acce ss point to act as an 802.1X s upplican t so it c an be authe ntica ted throug h its Eth er net por t with a RADIUS ser ver on the l ocal n etwork. When e nabled, a unique MD5 user na me and pas s word needs to be con figured.
System Configuratio n 6-18 MA C A uthenticatio n – Y ou can con figur e a list of the M A C address es for wireless cli ents that a re author ized to acc ess the network . This pr ovides a b asic lev el of aut henticati on f or wirel ess clients attemp ting to gai n acces s to the ne twork.
Advanced Conf iguration 6-19 Note: Client stati on MAC auth entic atio n occu rs pri or to the IEE E 802. 1X authenti cation procedur e configured for the access poi nt. Howeve r, a client’s MAC add ress provides relatively weak user authenti cation, since MAC addresses can be easily captured and used by another station to break into the network.
System Configuratio n 6-20 • Suppor ted: T he acc ess po int supp or ts 8 02.1X authentic ation only for client s initi ating the 8 02.1X a uthentica tion pro cess (i.e., the acce ss point does not i nitiate 80 2.1X a uthentica tion). F or client s initia ting 802.
Advanced Conf iguration 6-21 Local MAC Authentication – Config ures the local M AC authent ication d atabase. The MAC databas e provides a mechani sm to take cer ta in actio ns based on a wire less client’s MA C addres s. The MAC list can be c onfig ured to al low or deny network acces s to spec ific cl ients.
System Configuratio n 6-22 • Permiss ion: Sele ct Allow to permi t access or Deny to block acc ess. If Dele te is selec ted, the specified MAC address entry is remo ved from the data base. • Update: Ent ers the s pecifie d MAC addr ess an d permis sion se tting into the local databa se.
Advanced Conf iguration 6-23 command. T o dis pla y the c urrent sett ings, use the show authent ication comm and from the Exec mode. AP(conf ig)#m ac-a uthenti catio n server loc al 7-59 AP(conf ig)#.
System Configuratio n 6-24 CLI Command s for RADIUS MAC A uthenti cation – Use the mac-authen tication ser ver comma nd from th e globa l configura tion mode to enable r emote MAC authenti cation. S et the timeout value for re-authentic ation us ing t he mac-aut hentica tion session-timeout c ommand.
Advanced Conf iguration 6-25 CLI Command s for 802.1X Authenticat ion – Use the 802. 1X supported comm and from th e glob al confi guration mo de to enable 802.1X authent ication. Set th e session and b roadcast key refresh rate, and the re-auth entic ation time out.
System Configuratio n 6-26 Filter Control The wire less br idge can emp lo y VLAN t agging suppo r t and network traffic frame fi lter ing to control access to networ k resour ces and increase se curi ty . Native VLAN ID – The VLAN ID a ssigned to wireles s clients that are not a ssigned to a sp ecific VLA N by RADIUS ser ver configura tion.
Advanced Conf iguration 6-27 traffic that has an unkn own VLAN ID or no VLAN ta g is droppe d. When VLA N suppo r t is disabled, the w ireles s bri dge does n ot tag traffic passi ng to the wir ed networ k and ig nores the VLAN tags o n any received frames.
System Configuratio n 6-28 Note: The s p ecific configuration o f RADIUS server s oftware is beyond the sc ope of this gu ide. Refer to t he documen tation pro vided with the RADIUS server s oftware. When VLA N filter ing is enabled, the acc ess poin t must also have 802.
Advanced Conf iguration 6-29 • Enable: Wir eless brid ge filter s Ether n et protoc ol type s based on the con figuration of protoc ol types in the fil ter table. If a protoco l has its st atus set to “O N, ” th e protoco l is filtered from the wirel ess br idge.
System Configuratio n 6-30 you want to filter . T o disp la y the cu rrent s ettings, use t he sho w filters com mand from the Exec mode. SNMP Y ou can use a network manageme nt applic ation to ma nage th e wireless brid ge vi a the Sim ple Networ k Manage ment P rotocol (SNMP) fr om a mana gement s tation.
Advanced Conf iguration 6-31 SNMP – Enable s or dis ables SNMP m anagem ent acce ss an d also ena bles the wirel ess br idge to send SN MP traps (notificat ions). S NMP ma nageme nt is disabled by default. Community Na me (Read O nly) – Defines the SNMP com munity access str ing th at has re ad-only ac cess.
System Configuratio n 6-32 T rap Destinatio n Community Name – The c ommunity str ing s ent with the notificatio n operat ion. (Max imum length : 23 character s; Default: public) CLI Command s f or SNMP – Us e the snmp-server enable server comm and from th e global confi guration mod e to en ab le SNMP .
Advanced Conf iguration 6-33 Administration Changing the Password Managemen t acces s to the web and CLI interface on the wireless bri dge is c ontrolled th rough a s ingle us er name and password. Y ou can also gain addi tional ac cess sec uri ty by using con trol filters ( see “Fil ter Control ” on pa ge 6-26) .
System Configuratio n 6-34 CLI Command s for the User Name and Pass word – Us e the username and passw ord commands fr om th e CLI confi guration mode. Upgrading Firmware Y ou can upgrade new wireless br idge software fr om a loc al file on the management workstation, or from an FTP or TFTP server .
Advanced Conf iguration 6-35 Before upgrading new software, v eri fy that the wireless bri dge is connecte d to the networ k and ha s been configured with a compa tible IP addr ess and s ubnet mas k.
System Configuratio n 6-36 Fir mware Upgrade Local – Downloads a n operation code imag e file fro m the web manag ement s tation to th e wireless bri dge using HTTP . Use the Br owse button to loca te the imag e file lo cally o n the manage ment s tation and click Star t Upgrade to proc eed.
Advanced Conf iguration 6-37 Note: If yo u have upgrad ed system so ftware, then you must reboot the wirele ss bridge to implement t he new operatio n code.
System Configuratio n 6-38 System Log The wirel ess br idge c an be con figured t o send ev ent and e rror message s to a Syste m Log Ser ver . The sys tem clock can als o be synchron ized with a time ser ver , so that a ll the messa ges sent t o the Sys log ser ver are st amped wit h the cor rect tim e and date.
Advanced Conf iguration 6-39 Logging Co nsole – E nables the lo gging of error me ssages to the console. Logging L e vel – Sets the mini mum sev er ity lev el f o r e vent logging. The syst em allows you to limit th e messag es tha t are logged by specify ing a minimum severity lev el.
System Configuratio n 6-40 CLI Command s for System Lo gging – T o enable logging on the wir eless b r idge , use th e logging on comm and from t he glob al configura tion mo de. The logging level command sets the minimum level of message to log. U se the logging console command to ena ble logging to the cons ole.
Advanced Conf iguration 6-41 The wirel ess br idge a cts as a n SNTP c lient, pe riod ically s ending time sy nchroniza tion requ ests to s pecific ti me ser vers. Y ou can configur e up to two time se r v e r IP addres ses. The wirele ss br idge will attem pt to po ll each ser ver in the c onfig ured seq uence.
System Configuratio n 6-42 CLI Command s f or S NTP – T o enable S NTP suppor t on th e wireles s bri dge, from the globa l co nfiguration mode sp ecify S NTP ser ver IP add resses using th e sntp-ser ver ip command , then use the sntp- server enable c ommand to enable the ser vice.
Advanced Conf iguration 6-43 Wireless Distribut ion System ( WDS) The IEE E 802.11 s tandard defines a WIreless Distri bution System (WDS) for connecti ons between wi reless br idg es. The access point uses WD S to f o rward traffic on br idge link s between units.
System Configuratio n 6-44 Mode – The wi reless bri dge is set to oper ate as a Slav e or Master unit: • Master M ode: In a po int-t o-multipoint n etwor k config uration, only one wireles s brid ge unit must be a M aster un it (all ot hers must be Slave units).
Advanced Conf iguration 6-45 MA C Addr ess – The p h y sical layer address of the wi reless bridge unit at the oth er end of the wireless link. (1 2 hexadeci mal digi ts in the f orm “xx:xx:xx: xx:xx:xx”) P or t Status – Enables or d isables the wir eless br idge link.
System Configuratio n 6-46 Bri dge Ag ing Tim e – Changes the ag ing time for entr ies in the dynamic addres s table: • Ether net: T he time after wh ich a l ear ned Ether net po r t en tr y is discarde d. (Ran ge: 60-18 00 secon ds; Default: 100 second s) • Wirele ss 802.
Advanced Conf iguration 6-47 CLI Command s for Brid ging – The following example shows how to set the MAC address aging time for the wireles s bri dge. Spanning Tree Protocol (STP) The Spa nning T ree Protoc ol (STP) can be u sed to det ect and disable networ k loop s, and to provid e backup links be tween s witch es, brid ges or rou ters.
System Configuratio n 6-48 device (e xcept for the ro ot device) which incurs the lowest pat h cost when forwarding a packet from that device to the root device. Then it selects a design ated br idging device from each L AN which in curs the l owest path cost wh en forw arding a packet from that LAN to the root d e vice.
Advanced Conf iguration 6-49 Enable – Enables/dis ables STP on t he wirele ss b ridg e. (Default: Enabled) F or ward Dela y – The m aximum tim e (in se conds ) this de vice waits before changi ng stat es (i.e., disc arding t o lear ning t o f orw ardi ng).
System Configuratio n 6-50 Hello Time – I nter val (in seco nds) at w hich t he root device tr ans mits a configu ration messag e. (Range : 1-10 seconds ) • Default: 2 • Minimum: 1 • Maximum: The lower of 10 o r [(Max.
Advanced Conf iguration 6-51 assigne d to por ts w ith slower media. ( P a th cost ta kes preceden ce ov e r por t prio rity .) • Range: 1- 65535 • Default: Ether net inte rface: 19; Wir eless i nterface: 40 Pri ori ty – Def ines the p r ior ity used for this por t in th e Spannin g T ree Pro tocol.
System Configuratio n 6-52 Po r t Fa s t (F ast F orwarding) – Y ou can enable this op tion i f an interface is attac hed to a LAN segm ent that is at the end of a bri dged LAN or to an end node. Since end nodes canno t cause f o rwarding lo ops, they can pas s directl y throug h to the sp anning tree forwarding state.
Advanced Conf iguration 6-53 CLI Command s f or STP – The following example con figur es spanning tree paramters for the br idge a nd wirel ess por t 5.
System Configuratio n 6-54 RSSI The RSS I value displayed on the RSS I page re presents a signa l to noise ratio . A value of 30 would indicat e that th e power of the received si gnal is 30 dBm above the si gnal nois e thres hold.
Advanced Conf iguration 6-55 RSSI – The RSS I value f or a sel ected por t ca n be di splay ed and a represe ntative voltage output c an be enabled. • Output Ac tivate : Enables or disables the RSSI voltage o utput on the exter nal RSS I connec tor .
System Configuratio n 6-56 Radio Interface The IEE E 802.11a and 802 .11g inter f a ces inc lude co nfiguration option s f or radio signal character isti cs a nd wirel ess sec uri ty f e atures. The c onfiguratio n optio ns are near ly i dentica l, but depend on which int erface is operating as the brid ge band.
Radi o Interf ace 6-57 Radio Settings A (802 .11a) The IEEE 8 02.11a interface operates withi n the 5 GHz band, at up to 54 Mbp s in nor mal mode o r up to 108 M bps in T ur bo mode. Enable – Enables radio communic ations on the wirel ess interface.
System Configuratio n 6-58 mode. SSID Br oadca st – Whe n enabled, the acce ss p oint radio does not include its S SID in bea con me ssag es. Nor does it resp ond to probe requ ests f rom client s that d o not inc lude a fixed SSID . (Default: Disable) T urbo Mode – The no r mal 802 .
Radi o Interf ace 6-59 A uto Cha nnel Sele ct – E nables the wir eless b rid ge to automa tically s elect an unocc upied radio c hannel. ( Default: Enabled) T ransmit P ower – Adj usts the power of the radio signals transmitted f rom the wireles s bri dge.
System Configuratio n 6-60 Using hi gher DTI M values reduce s the p ower used by station s in P ower Sav e mo de, but delays the transmis sion of b roadcast/ mul ticas t fr ames .
Radi o Interf ace 6-61 Maxim um Associ ations – (Access poi nt mode onl y) Sets th e maximum numbe r of clie nts that can be associ ated with th e access po int radio a t the same time. (Range: 1 -64 per radio: Def ault : 64) CLI Command s for the 802.
System Configuratio n 6-62 AP(conf ig)#i nter face wirel ess a 7-99 Enter W irele ss c onfigur ation comman ds, o ne per line . AP(if-w irele ss a )#descr iptio n RD-AP #3 7-99 AP(if-w irele ss a )#ss.
Radi o Interf ace 6-63 Radio Settings G (802.11g) The IEEE 80 2.11g stand ard operate s within th e 2.4 GHz b and at up to 54 Mb ps. Also not e that be cause th e IEEE 802.11g stand ard is an extensio n of the IEE E 802.11b stand ard, it al lows clients wi th 802.
System Configuratio n 6-64 with each o ther . For e x ample, in the United S tates you can de plo y up to thre e acces s points in the sa me area (e.g ., channels 1, 6, 11). Also no te that th e chann el f or wire less cl ients is automatic ally set to the same a s that used by the acce ss po int to w hich it i s linked.
Radi o Interf ace 6-65 stop sen ding th e SSID in beaco n mess ages. Selec t a radio chann el or set selecti on to Auto using the cha nn e l com mand. Set any other pa rameters as required. T o view the cu rrent 80 2.11g ra dio setti ngs, use the show interface w ireless g comma nd.
System Configuratio n 6-66 Security (Bridge Mode) Wired E quivalent Pr ivacy (WEP) and Advanced Enc r yption Standard (AES) a re imple mented f o r secur ity in bri dge mod e to prev ent un author ized acce ss to network data.
Radi o Interf ace 6-67 Settin g up IEEE 802.11 Wired Equ ivalent Pr ivacy (WEP) s hared ke ys prev ents unauthor ized acces s to the w ireles s bridg e network . Be sur e to defi ne at least on e static WEP key for data encr ypti on. Also , be sure that the WEP ke y s are th e same for all b ridg e units in the wireless network.
System Configuratio n 6-68 Advanced En cryption Standar d (AES) AES has been de signate d by the National Institute of Sta ndards and T echno logy as the succe ssor to the Data En cr yption Standard (DES) encr yption algor ithm, and will be used by the U .
Radi o Interf ace 6-69 Configu rin g AES en cr yptio n ke y s on the wireles s bridge provides f a r more robust secu r ity than using W EP . Also, a uniqu e AES key can be us ed for each br idge l ink in th e wirele ss networ k, ins tead of al l bridges sh aring t he sam e WEP k eys .
System Configuratio n 6-70 command. T o view the c urrent sec uri ty setti ngs, use the s how interface w ireless a command . Note: The i ndex and len gth valu es used in t he key comman d must be the sam e values used in the enc ryption and transmit-ke y comma nds.
Radi o Interf ace 6-71 CLI Command s for AES Secur ity – F rom the 802. 11a inter f a ce configura tion m ode, use the encryp tion command to ena b le AES encr ypti on. T o en ter AES keys, use the key command . T o view the c urrent se curity se ttin gs, us e the show interface wireless a comma nd.
System Configuratio n 6-72 Security (Access Point M ode) A radio ba nd set to a ccess point mod e is con figured by def a ult as an “open system, ” wh ich bro adcasts a beacon signal i ncludin g the confi gured S SID .
Radi o Interf ace 6-73 wire less cl ients. A summary of wirele ss secu r ity con sideratio ns is listed i n the following table. Security Mecha nis m Client Support Implementati on Consideration s WEP Built-in sup port on all 802.11a and 802.11g devi ces • Provide s only weak security • Requires manual key manag ement WEP over 802.
System Configuratio n 6-74 Note: Altho ugh a WEP static k e y is no t needed for WEP over 802.1 X, WPA over 8 02.1X, and WPA PSK mod es, you mus t enable WEP encr yption thro ugh the web or C LI in or der to enable all types of encr yption in the access point.
Radi o Interf ace 6-75 authent ication a nd data enc r yption . Also, be sure tha t the WEP shared ke ys are the s ame for each clien t in the wireless networ k.
System Configuratio n 6-76 Shared Ke y Setup – Select 64 Bit, 1 28 Bit, or 15 2 Bit ke y le ngth. Note that the same size of encr yptio n ke y must be supp or te d on all wirele ss cli ents. 152 Bit ke y l ength is o nly sup por te d on 802.11a radi o .
Radi o Interf ace 6-77 f o ur settings without havin g to update t he clien t keys. Note: Key i ndex and typ e must m atch that configured o n the clie nts. The con figuration settin gs f o r WEP are summ ar ized below: CLI Command s for static W EP Shar ed K ey Securit y – F r om the 802.
System Configuratio n 6-78 show interface wire less a or show inter face wirele ss g comma nd. Note: The i ndex and len gth valu es used in t he key comman d must be the sam e values used in the enc ryption and transmit-ke y comma nds. AP(conf ig)#i nter face wirel ess g 7-99 Enter W irele ss c onfigur ation comman ds, o ne per line .
Radi o Interf ace 6-79 CLI Command s for WEP over 802.1X Sec urity – F rom the 802.11a or 802.11g i nterface config uration mode, use th e authent ication comm and to select o pen sys tem auth enticati on. Use the multicast- cipher command to selec t WEP ciph er type.
System Configuratio n 6-80 Wi-Fi Pro tected Access (W PA ) WP A emp loys a comb inatio n of sev eral techn ologi es to provid e an enhanc ed secur ity solutio n for 802.11 wireles s networ ks. The acces s point suppor ts t he f ollowing WP A co mponen ts and f eatur es: IEEE 802.
Radi o Interf ace 6-81 when a R ADIUS ser ver has authentic ated a user ’ s crede ntials wi ll encr ypti on ke y s be sen t to the access point and clie nt. Note: To imp leme nt WP A on w irel ess c lien ts re qui res a W PA- enabl ed network c ard driver and 80 2.
System Configuratio n 6-82 uses TKIP unica st data enc r yption keys for WP A clien ts and W EP unicast ke y s for WEP clie nts. The glob al encr yption ke y for multicast and broad cast traffic must be th e same for all clients, ther ef ore it res tricts encrypti on to a WEP k ey .
Radi o Interf ace 6-83 The WP A config uration parameter s are descr ibed be low: A uthentic ation T y pe Setup – Wh en usi ng WP A, set th e acces s point to c ommunicate as an ope n system to disable WEP keys.
System Configuratio n 6-84 • TKIP: TK IP provides da ta encr yption enh ancem ents includ ing per-packet ke y h ashing (th at is, changi ng the enc r yption key on each p ack et) , a me ssage in tegrity check, an extended initial ization vector wi th seq uencing rule s, and a re- ke yin g mechani sm.
Radi o Interf ace 6-85 The con figuration settin gs f o r WP A are summ ar ized below: CLI Command s for WP A Pr e-shared Ke y Sec urity – F rom t he 802.11a or 802.11g i nterface config uration mode, use th e authent ication comm and to set the ac cess poin t to “Ope n System.
System Configuratio n 6-86 authent ication. T o view the curre nt 802.11 g secur ity s ettin gs, use the show inte rface w ireless a or sh ow interface wir eless g comma nd (not shown in example). CLI Command s for WP A over 802.1X Sec urity – F rom the 802.
Status Infor mation 6-87 Status Inform ation The Stat us page i ncludes in f o r mation o n the following items : AP Status The AP Status wi ndow displays basi c sys tem co nfiguration settings, as well as the se ttings for the wireles s inter f a ces.
System Configuratio n 6-88 • System Up Time: Len gth of ti me the man agement agent has been up. • MA C Add ress: Th e ph ysical l ay er ad dress for this device. • System Name: Name a ssigned to this s ystem. • System Contact : Administra tor respons ible f or the syst em.
Status Infor mation 6-89 • Radio Authentication T ype: Shows th e bri dge is set as a n open syste m. • 802.1X: Shows if IEE E 802 .1X acce ss cont rol for wirele ss clients is e nabled.
System Configuratio n 6-90 Station Status The Stat ion St atus window sh ows wirel ess cl ients cu rrentl y associ ated with th e acces s point. The Sta tion S tatus pag e dis pla ys ba sic connecti on in f o r mation f o r all ass ociated statio ns. Note that thi s page is autom aticall y refreshed ev er y f ive seconds.
Status Infor mation 6-91 • Assoc iated: Shows i f the stati on has be en succ essfull y associ ated with th e acces s point. • F or warding Al lowed: Shows if th e station has pass ed authent ication and is now allowed to f orward traffic.
System Configuratio n 6-92 Event Logs The Event Logs wi ndow shows the log messag es gen erated by the wirel ess br idge a nd sto red in m emor y . The Event Logs ta ble displays the f ollowin g informat ion: • Log Tim e: The time t he log mes sage was gen erated.
Status Infor mation 6-93.
System Configuratio n 6-94.
7- 1 Chapter 7 Command Line Interface Using the Co mmand Line Interface Access ing the CLI When acc essing the manag ement inter f ace for the wireless bri dge via a T elnet c onnecti on, the w ireless b r idge can be managed by enter ing com mand keywords and parameter s at the prompt.
Comm and Li ne Interf ace 7-2 gatewa y if you a re managing the wir eless br idge f rom a diff erent IP subne t. F or example: After you co nfigure th e wireless bri dge with a n IP ad dress, you can o pen a T el net sess ion by perfor ming thes e step s.
Enterin g Comm ands 7-3 Enter ing Comma nds This sec tion des cribes how to enter CL I command s. Keywords and Arguments A CLI com mand i s a ser ies o f ke ywor ds and ar guments. K eywords id entify a c ommand, an d argume nts spec ify configura tion paramet ers.
Comm and Li ne Interf ace 7-4 Getting Help on Commands Y ou can displ a y a br ief de scr iptio n of the help syst em by enter ing the help comm and. Y ou ca n also di splay command syntax b y f o llowing a comma nd with the “?” ch aracter to list keywords or parameters.
Enterin g Comm ands 7-5 The com mand “ show in terface ? ” will disp lay th e fo llowin g informati on: Partial Keyword Lookup If you ter minate a par tial keyword with a ques tion mar k, alter natives th at match the in itial letter s are provided.
Comm and Li ne Interf ace 7-6 Understanding Command Modes The comm and set is div ided into Exec and Conf iguratio n classe s. Ex ec co mmands generally d isplay informat ion on system status or clear statisti cal co unters. Con figuration com mands, on the other han d, modify interface parameter s or enable c er tain functions.
Enterin g Comm ands 7-7 Configuration Commands Configurati on comman ds are u sed to mod ify wirele ss br idge settings. T hese com mands mo dify the r unni ng con figuration and are sav ed in memor y .
Comm and Li ne Interf ace 7-8 Command Line Processing Commands are not c ase sensi tive. Y ou can abbreviate comma nds and p arameters as long as they contai n enoug h letters to differentiate th em from a ny other curr ently available comma nds or param eters.
Command Grou ps 7-9 Command G roups The syst em comman ds can b e broken down into the functi onal groups sh own below . Command Group Desc rip tion Pag e General Basic c ommands for en tering con fig.
Comm and Li ne Interf ace 7-10 The acces s mod e shown in the f ollowin g tables is indi cated by thes e abbr evi ations: GC (Global Configurati on), IC-E (Eth er net Interface Configuration), and IC-W (Wir eles s Interf ace Configurati on). General Co mmand s configure This com mand acti v ates G lobal Conf iguration m ode.
General Comman ds 7-11 Command Mode Ex ec Example Related Commands end (p age 7-1 1) end This com mand r etur ns to th e previous con figuration mode. Default Setti ng None Command Mode Global Co nfig.
Comm and Li ne Interf ace 7-12 Example This example shows how to retur n to the Exec mode fro m the Interface Configuratio n mode, and then quit the CL I sessi on: ping This com mand s ends IC MP echo request p ack et s to an other node on the networ k.
General Comman ds 7-13 – Network o r host un reachab le - The gatewa y found no corre sponding entry in the route table. • Press <Esc> to stop p ingin g. Example reset This comm and resta r ts th e system or restores th e f a ctor y default settings.
Comm and Li ne Interf ace 7-14 show history This com mand shows the contents of the com mand h istor y bu f fe r . Default Setti ng None Command Mode Ex ec Command Usage • The histor y buffer size is fixed at 1 0 command s. • Use the up or down ar row key s to sc roll thro ugh the commands in th e history buffer.
System Mana gement Commands 7-15 Examp le The con sole por t settin gs are fi x ed at the values s hown below . System Manageme nt Comman ds These com mands ar e used to confi gure the u ser name, passw o rd, browser m anagem ent options, an d a variety o f other system inform ation.
Comm and Li ne Interf ace 7-16 country This com mand c onfigure s the wirel ess br idg e’ s coun tr y code, which identi fies the countr y of operation and sets the au thor ized radio channel s. Synta x country < count r y_code > cou ntr y_c ode - A two characte r code tha t identif ies the cou ntr y of operation .
System Mana gement Commands 7-17 Default Setti ng US - f or unit s sold in the United S tates 99 (no cou ntr y se t) - for units sol d in other co untr ies Command Mode Ex ec Command Usage • If you purc hased an w ireless b ridge ou tside of th e United States, the country c ode must be set be fore radi o functions are enab led.
Comm and Li ne Interf ace 7-18 Example prompt This com mand c ustomizes the CLI pro mpt. Use the no form to restor e the default promp t. Synta x pr ompt st r ing no prompt str ing - Any al phanumer ic str ing to use for the CLI p rompt.
System Mana gement Commands 7-19 syst em name This com mand s pecifies or modi fies the system name for this device . Use the no form t o restor e the default system name.
Comm and Li ne Interf ace 7-20 Examp le password After in itially logging onto the system , you should s et the passw o rd. Remem ber to record it in a safe place. Use the no f o r m to reset the default password. Synta x passwor d passw o rd no passw ord passw o rd - P assw ord fo r management a ccess.
System Mana gement Commands 7-21 Default Setti ng 80 Command Mode Global Co nfiguration Examp le Related Commands ip http ser ver (page 7-21) ip http server This com mand al lows this device t o be mo nitored o r config ured from a browser. Use the no f o r m to dis able this functio n.
Comm and Li ne Interf ace 7-22 show syst em This com mand di splays basic s ystem c onfiguratio n setting s. Default Setti ng None Command Mode Ex ec Examp le AP#show system System Information =======.
System Lo gging Comm ands 7-23 show version This com mand di splays the sof tware version for the system. Default Setti ng None Command Mode Ex ec Example System Logg ing Comman ds These com mands are used to confi gure syst em loggin g on the wireles s br idge.
Comm and Li ne Interf ace 7-24 logging on This com mand c ontrols logging of error me ssag es; i.e., send ing debug or error messag es to memo r y . The no fo r m disa bles the logging p roce ss.
System Lo gging Comm ands 7-25 Default Setti ng None Command Mode Global Co nfiguration Example logging console This co mmand init iates logging of er ror messa ges to the console.
Comm and Li ne Interf ace 7-26 Default Setti ng Error Command Mode Global Co nfiguration Command Usage Message s sent inc lude the sel ected lev e l down to the Emergen cy level. Example logging facility-type This com mand sets the facility type f or remote logging o f syslog message s.
System Lo gging Comm ands 7-27 Default Setti ng 16 Command Mode Global Co nfiguration Command Usage The comm and speci fies the facility type tag sen t in sysl og message s. (See RFC 3164.) This type ha s no effect on the kind of me ssages repor te d by the wireless bri dge.
Comm and Li ne Interf ace 7-28 Examp le System Clock Com mands These com mands are used to confi gure SNTP and sys tem cl ock settings on the wir eless brid ge.
System Clock Commands 7-29 sntp-s erver i p This co mmand se ts the IP addre ss of the se r vers to which SNTP time req uests are i ssued. U se the this c ommand wi th no argument s to clea r all ti me se r v e rs from the curre nt list. Synta x sntp-ser ver ip < 1 | 2 > < ip> • 1 - First time server.
Comm and Li ne Interf ace 7-30 sntp-s erver en able This com mand en ables SNTP client requests f o r tim e synchron ization with NTP or SNTP time ser vers specified by the sntp-ser ver i p comm and.
System Clock Commands 7-31 sntp-ser ver date- time This co mmand sets th e system clo ck. Default Setti ng 00:14:0 0, January 1, 19 70 Command Mode Global Co nfiguration Example This example se ts the system c lock to 17:37 June 19, 2003.
Comm and Li ne Interf ace 7-32 Command Usage The comma nd sets the sys tem clock back one hour during the specifi ed per iod. Example This sets daylight savings time to be used fro m July 1st to September 1st. sntp-ser ver timezone This com mand sets the time zone f or the wirel ess br idge’s inter nal clock.
System Clock Commands 7-33 degrees lon gitude. T o displ a y a ti me corresp onding to your loca l time, y o u must indi cate the numbe r of hours an d minutes your time zone is east (be f o re) or west (aft er) of UTC. Example show sntp This com mand di splays the curr ent time a nd config uration settings for the SNTP c lient.
Comm and Li ne Interf ace 7-34 SNMP Commands Controls access t o this wirel ess br idge from mana gement stations using th e Simple Network Manage ment Pro tocol (SNMP), as well as th e hosts th at will rec eive trap messages.
SNMP C omma nds 7-35 Default Setti ng • public - Read-on ly acc ess. Aut horized manag ement stations are onl y able to retrieve M IB obj ects. • private - Read/write ac cess. Aut horized manage ment stations are abl e to both retrieve and mo dify MIB objec ts.
Comm and Li ne Interf ace 7-36 Example Related Commands snmp-s er ver location (page 7-38) snmp-serv er enable server This com mand en ables SNMP ma nageme nt access and also enables this device to se nd SNMP tra ps (i.e., notificat ions). U se the no form to dis able SNMP se r vice an d trap me ssages.
SNMP C omma nds 7-37 snmp- server host This com mand s pecifies the recip ient of an S NMP n otificati on. Use the no form to remove the specifie d host . Synta x snmp-ser ver host < host_ip_a ddress | host_ name > <commu nity-str in g> no snmp-server host • host_ip_ addre ss - IP of t he host ( the target ed recipie nt).
Comm and Li ne Interf ace 7-38 Example Related Commands snmp-s er ver enable ser ver (page 7-36) snmp-se rver lo cation This com mand sets the system locatio n str ing. Use t he no for m to remove the loca tion str ing. Synta x snmp-serv er loc ation te xt no sn mp-serve r loca tion tex t - Str ing that descr ibes t he system l ocation.
Flash/File Com mands 7-39 show snmp This com mand di splays the SNM P config uration set tings. Command Mode Ex ec Examp le Flash/File Com mands These com mands are used to manage the sys tem co de or configura tion fi les.
Comm and Li ne Interf ace 7-40 bootfile This com mand s pecifies the imag e used to s tar t up the sy stem. Synta x bootfile < filename > filename - Name of t he ima ge file.
Flash/File Com mands 7-41 copy This co mmand co pies a boot file, code im age, or config uration file between the wire less bri dge’ s flash memor y and a FTP/TFTP ser ver . When you s av e the config uration se ttings to a file o n a FTP/TFTP ser ver , that file can later be downloaded to the wireles s brid ge to r estore system o peratio n.
Comm and Li ne Interf ace 7-42 • The destination fil e name should not contain slashes ( or /) , the lead ing letter of the file name s hould not be a period (.) , and the maximum length for file names on the FTP/TFTP server i s 255 ch aracter s or 32 character s for files on the wireless bridge.
Flash/File Com mands 7-43 Default Setti ng None Command Mode Ex ec Caution: Bew ar e of de leting app lica tion imag es from f lash memor y . At le ast on e applic ation ima ge is requi red in order t o boot the wi reless bridge.
Comm and Li ne Interf ace 7-44 Command Usage File in f o rm ation is s hown below: Example The f oll owing e xamp le show s how to di spla y al l file inf ormation : Column Head ing Description File N ame The name of the f ile. Type (2) Operati on Code and (5) Configurati on file File Siz e The length of the file i n bytes.
RADIUS Cli ent 7-45 RADIUS Client Remote Authentica tion Dial-i n User Ser vice (RA DIUS) is a logon authent ication p rotocol tha t uses s oftware r unning on a cent ral server t o control ac cess f o r RAD IUS-a ware de vices t o the network .
Comm and Li ne Interf ace 7-46 Command Mode Global Co nfiguration Example radius-server port This comman d sets the RADIUS ser ver networ k por t. Synta x radius -ser ver [ s econdary ] port < por t _number> • secondary - Secon dary se rver. • port_num ber - RADIUS server U DP port used for authent ication messa ges.
RADIUS Cli ent 7-47 radius-server key This com mand sets the RADIUS encr yption ke y . Synta x radius -ser ver [ s econdary ] key < ke y_string> • secondary - Secon dary se rver. • key_ stri ng - E ncryp tion key used to au thenticat e logon access for clien t.
Comm and Li ne Interf ace 7-48 Example radius-server timeout This com mand s ets the in ter val between transm itting authent ication re quests to the RADIUS s er ver . Synta x radius -ser ver [ s econdary ] timeout number_of_se conds • secondary - Secon dary se rver.
A uthentication 7-49 Example Authentication The acces s point suppor ts IEE E 802.1 x acce ss control for wireles s clie nts. This c ontrol feature p rev ent s unau thori zed access to the networ k by req uiri ng a 802.1 x clien t applica tion to submit use r credenti als f o r authentic ation.
Comm and Li ne Interf ace 7-50 Client MAC addresses can also be used for authentication on the access poi nt. F or local MAC authenti cation, fir st define the default filter ing pol icy using the add ress fi lter default com mand. Th en enter the MA C addres ses to be fi ltered, i ndicating i f they are allowed or denied.
A uthentication 7-51 802.1 x This com mand c onfigure s 802.1x as opt ionally suppor ted or as required for wirele ss client s. Use the no form to disable 802.1x suppo r t. Synta x 802.1x < supported | re quired > no 802.1x • supported - Authentica tes clients that init iate the 802.
Comm and Li ne Interf ace 7-52 • When 802. 1x is supported, the ac cess po int su pports 802.1x au thenticati on onl y for cli ents init iating the 802.1x authent ication process (i. e., the a ccess poi nt does NOT initiate 8 02.1x authen tication ).
A uthentication 7-53 Command Usage • The access point uses EAPO L (Extens ible Authen ticati on Protoco l Over LA Ns) pac kets to p ass dynami c unica st sessi on and broadc ast keys to wi reless clien ts. The 802.1 x broadca st-key-r efresh-rat e comman d specif ies th e interva l after whic h the bro adcast k eys are c hanged.
Comm and Li ne Interf ace 7-54 Examp le 802.1x session-time out This co mmand sets th e time period after which a conn ected client must be re- authentic ated. Use the no form to disable 802.1x re-authenti cation. Synta x 802.1x sess ion-timeout < second s> no 802.
A uthentication 7-55 802.1x supplic ant This com mand sets the user name and passwor d used for authent ication o f the ac cess poi nt when operat ing as a 8 02.1x supplic ant an d enables supp licant a uthenti cation. Us e the no f o r m to disable th e feature.
Comm and Li ne Interf ace 7-56 Command Mode Global Co nfiguration Command Usage • Ethernet and WD S user n ames and pass words m ust be s et before en abling th e 802.1x suppli cant featu re for th e specifi ed port. • The acces s point curren tly only suppor ts EAP- MD5 CHAP for 802.
A uthentication 7-57 Examp le Related Commands address filter en tr y (page 7-5 7) show authent ication (pag e 7-60) address f ilter ent ry This com mand en ters a M A C ad dress i n the filte r table. Synta x address filter entry < mac-addr ess> < allowed | denie d > • mac-add ress - Physical addr ess of clie nt.
Comm and Li ne Interf ace 7-58 Examp le Related Commands address filter de f a ult (pa ge 7-56 ) show authent ication (pag e 7-60) address f ilter dele te This com mand de letes a M AC address fro m the filte r table. Synta x address filter delete < mac- address > mac-add ress - Physical ad dress o f client.
A uthentication 7-59 mac-authent i cation serv er This com mand s ets addr ess fi lter ing to be perfor med w ith loca l or remote op tions. Use the no f or m to disa ble MAC address authent ication.
Comm and Li ne Interf ace 7-60 mac-authent ication session-timeout This co mmand sets the inter val at which assoc iated cli ents will be re-authenti cated wit h the RA DIUS ser ver authent ication database. Use the no form to disable reauthen tication .
WDS C omma nds 7-61 Examp le WDS Commands The com mands de scr ibed in th is sect ion are used to c onfigure the W Ireless Di stribut ion Sy stem (WD S) f orw arding t ab le.
Comm and Li ne Interf ace 7-62 wds channe l This com mand s elects t he radio band to be used for WDS f orw arding (brid gin g). Synta x wds cha nnel < a | g | none > • a - Bridg ing is supp orted on the 802.1 1a 5 GH z band. • g - Brid ging is su pporte d on the 80 2.
WDS C omma nds 7-63 Command Mode Global Co nfiguration Command Usage • You can only co nfigure one MA C address per wirele ss port ID. • The Etherne t MAC addre ss for each br idge unit i s printed on the label on the b ack of th e unit.
Comm and Li ne Interf ace 7-64 show wds This co mmand disp la ys the curr ent entries i n the WD S f orwa rding tabl e. Synta x show wd s Command Mode Ex ec Examp le AP#show wds Outdoor_Mode : MASTER .
Brid ge Comman ds 7-65 Bridge Comma nds The comm ands desc rib ed in this sec tion are us ed to set the MAC address table aging ti me and spanning tree param eters for both the E thernet and w ireless i nterf aces .
Comm and Li ne Interf ace 7-66 bridge timeout This co mmand sets the aging time f or both the Ether n et por t and the w ireless inte rf ace. Synta x bridge timeout < interface-id > < seco nds > • inte rf ace-id - An identifier th at specifi es the interf ace.
Brid ge Comman ds 7-67 Default Setti ng Spann ing tre e is enabled. Command Mode Global Co nfiguration Command Usage The Sp anning T ree P rotocol ( STP) can be us ed to de tect a nd disable networ k loops, and to provide backup links be tween s witch es, bridges or rout ers.
Comm and Li ne Interf ace 7-68 Default Setti ng 15 second s Command Mode Global Co nfiguration Command Usage This command sets the m aximum time (in seco nds) t he root device will wait bef ore chan ging state s (i.e., discardin g to lear ning to forwarding).
Brid ge Comman ds 7-69 Command Mode Global Co nfiguration Command Usage This comman d sets the time inte r val (in seconds) at which the root device transmits a configuratio n message. Example bridge stp-bridge max-age Use this command to configu re the spannin g tree br idge maximum age globally for the wirel ess bri dge.
Comm and Li ne Interf ace 7-70 Command Usage This command sets the m aximum ti me (i n se conds) a device can wait with out receivi ng a configu ration mess age before attempt ing to reconfi gure. All device por ts (e x cept for designat ed por ts) should r eceive config uration messag es at regular in ter vals.
Brid ge Comman ds 7-71 Command Usage Bri dge pr ior ity is us ed in selec ting the root device, root por t, and desig nated por t. The device with the h ighest pr ior ity becomes the S TP root de vice. Howev er , if all d evices have the same pr ior it y , th e device with t he lowest MA C addr ess wil l then become the root device.
Comm and Li ne Interf ace 7-72 Command Usage • This com mand i s used by th e Spannin g Tree Protoco l to determin e the bes t path between de vice s. There fore, lower valu es shoul d be assi gned to ports at tached to f aster media, and highe r values a ssigned to ports wit h slower media.
Brid ge Comman ds 7-73 • Where m ore than o ne port i s assigned the highe st prior ity, the port w ith low est numer ic iden tifier will be enable d. Example Related Commands bri dge stp-po r t pat h-cost (page 7- 71) bridge stp-port portfast Use this co mmand to s et an inte rf ac e to fast f orwarding.
Comm and Li ne Interf ace 7-74 • Since end- nodes c annot caus e forwardi ng loops , they can be passe d through the sp anning tree sta te cha nges mor e quickly t han allowe d by stan dard co nver gence tim e. Fast forwarding can ac hieve q uicker c onverge nce for e nd-node devices, a nd also o vercom e other S TP relate d timeout problem s.
Brid ge Comman ds 7-75 show bridge This co mmand disp lays aging time and spanni ng tree setti ngs f or the Ether net and wi reless in terfaces. Synta x show bridge Command Mode Ex ec Examp le AP# sho.
Comm and Li ne Interf ace 7-76 Filtering Comman ds The com mands de scr ibed in th is sect ion are used to c ontrol access to the man agement in terface from the wireless interface and filter traffic u sing spe cific Ethe r net protoc ol types. filter local-bridge This com mand di sables com munication between wirel ess cl ients.
Filterin g Comma nds 7-77 Command Usage This com mand can di sable wire less-to-w ireles s communica tions between client s via the ac cess poi nt. Howe ver , it does n ot affect communica tions between wi reless clients and the wire d network.
Comm and Li ne Interf ace 7-78 filter e thernet- type e nable This com mand c hecks the Ether net type o n all inc oming an d outgoing E ther net p ack ets agains t the protocol filter ing table.
Filterin g Comma nds 7-79 filter ethernet-type protocol This com mand sets a filter for a specific E ther net type. Use the no f o rm to disable fi lter ing for a specific Ether net ty pe. Synta x filter ethernet- t ype pr otocol < proto col> no filter ether net-type pr otocol < protocol> protoco l - An Ether n et protoc ol type.
Comm and Li ne Interf ace 7-80 show filters This com mand s hows the filt er op tions and protoco l entr ies in the filter ta b le. Command Mode Ex ec Examp le PPPoE Commands The com mands de scr ibed in this s ection c onfigu re PPP o E managemen t tunnel connection pa rameters for the Ether net po r t.
PPP oE Comm ands 7-81 ip pppoe This com mand en ables P oin t-to-P o int Protoco l ov er Ether n et (PPP oE ) on the Ethe r net int erface . Use the no f o r m to disable PPP oE o n the E ther net inter face .
Comm and Li ne Interf ace 7-82 Command Usage The ac cess p oint u ses a P PP oE c onnectio n, or tu nnel, only for managemen t traffic b etween the acce ss point an d a remote PPP o E ser ver (typica lly at a n ISP).
PPP oE Comm ands 7-83 Example Related Commands pppoe loc al ip (page 7-86) pppoe rem ote ip (page 7-86) pppoe ipcp dns This com mand r equests allocati on of IP ad dresse s for Dynamic Naming Sy stem (DNS) se r vers from the device at the remote end of the PPPoE tunnel.
Comm and Li ne Interf ace 7-84 pppoe lcp echo-interval This command sets the Link Control Proto col (LCP) echo inter val f o r the PPP oE tunnel . Synta x pppoe lcp echo-interv al < inter val> inter val - The i nter val between sen ding ech o reques ts.
PPP oE Comm ands 7-85 pppoe lcp echo-failure This com mand s ets the Lin k Control Protoc ol (LCP) ec ho tim eout f o r the PPP oE tunnel . Synta x pppoe lcp echo-failure < timeout> timeou t - The number of timeo uts allowed.
Comm and Li ne Interf ace 7-86 pppoe local ip This com mand s ets the lo cal IP addres s for the PPP oE tunnel . Synta x pppoe local ip < ip- addres s> ip-addr ess - IP a ddress of the local end of the PPP oE tunnel.
PPP oE Comm ands 7-87 Default Setti ng None Command Mode Interface Configuration (Ether net) Command Usage If the pppoe ip allocation mode is set to static, the remote IP address must be entered wi th this comma nd, and the lo cal IP addr ess m ust be e ntered with t he pppoe local ip command.
Comm and Li ne Interf ace 7-88 Command Usage Y ou must ente r a user name wi th this comman d, and a passw o rd with the pppoe passw ord comma nd. Example Related Commands pppoe password (pag e 7-88) pppoe password This com mand s ets the pa ssword f or the PPP o E tunn el.
PPP oE Comm ands 7-89 pppoe service-name This com mand s ets the s er vice n ame for the PPP oE tunne l. Synta x pppoe service-name < string> str ing - Ser vice na me ass igned by the ser vice pr ovider .
Comm and Li ne Interf ace 7-90 Example show pppoe This com mand shows i nf o r mation about the P PP oE configura tion. Command Mode Pri vileged Exec Example AP#(if-ethernet)#pppoe restart AP# AP#show.
Ethe r net In terfa ce Commands 7-91 Ethernet Interface Com mands The com mands de scr ibed i n this s ection c onfigu re conne ction parameters for the Ether n et interface. interf ace et hernet This com mand en ters Eth er net in terface configura tion mode.
Comm and Li ne Interf ace 7-92 Example T o speci fy the 1 0/100Bas e-TX networ k inte rface , ente r the f o llowing c omman d: dns server This co mmand spe cifies th e addr ess for the prima r y or sec ondar y domain na me ser v er to be used for name-t o-address resoluti on.
Ethe r net In terfa ce Commands 7-93 Related Commands show interface ethe rn et (page 7- 96) ip address This com mand sets the IP add ress for the (10/1 00Base- TX) Ether ne t interface.
Comm and Li ne Interf ace 7-94 • You must assi gn an IP a ddress to this de vice to gain mana gement a ccess over the networ k or to conne ct the wireles s bridge to existi ng IP s ubnets.
Ethe r net In terfa ce Commands 7-95 Command Usage • You must assi gn an IP a ddress to this de vice to gain mana gement a ccess over the networ k or to conne ct the wireles s bridge to existi ng IP s ubnets.
Comm and Li ne Interf ace 7-96 Command Mode Interface Configuration (Ether net) Command Usage This comm and all ows y o u to disa b le the Ethe r net por t due to abnor ma l behavior (e.g., excessive collision s), and re enable it after the pr oblem has been res olved.
Wirele ss Interf ace Comm ands 7-97 Example Wireless Interface Commands The com mands de scr ibed i n this s ection c onfigu re conne ction parameters for the wi reless i nterface. AP#show interface ethernet Ethernet Interface Information ======================================== IP Address : 192.
Comm and Li ne Interf ace 7-98 dtim -per iod Conf igur es t he r ate at w hic h st ati ons in sle ep mode must wa ke up to receiv e broadcast/m ulticast trans missions IC-W 7 -104 fragmen tation- leng.
Wirele ss Interf ace Comm ands 7-99 interf ace w irel ess This com mand en ters wir eless int erface configurat ion mo de. Synta x interface w ireless a • a - 802.
Comm and Li ne Interf ace 7-10 0 Default Setti ng None Command Mode Interface Configuration (Wireles s) Examp le ssid This com mand c onfigures t he ser vi ce set i dentifier (SSID). Synta x ssid < string> str ing - The name of a basi c ser vi ce set supp or te d by the access poin t.
Wirele ss Interf ace Comm ands 7-101 closed- system This com mand c loses acc ess to cli ents with out a pre- configu red SSID . Use the no for m to disable th is f e ature.
Comm and Li ne Interf ace 7-10 2 Command Mode Interface Configuration (Wireles s) Command Usage The maxi mum transmis sion distance i s affected by the data rate.
Wirele ss Interf ace Comm ands 7-103 Examp le turbo This com mand sets the wire less br idge to an enhan ced mo de (not regul ated in IEEE 802 .11a) that provides a higher data rate of up to 108 Mbps. Default Setti ng Disabled Command Mode Interface Configuration (Wireles s - 802.
Comm and Li ne Interf ace 7-10 4 beacon-interval This com mand c onfigure s the rate a t which bea con sig nals ar e transmitted fr om the wir eless br idge. Synta x beacon-in terval < interval> inter val - The ra te for transmitting beacon s ignals.
Wirele ss Interf ace Comm ands 7-105 Default Setti ng 2 Command Mode Interface Configuration (Wireles s) Command Usage • The Deli very Traff ic Indic ation Map (DTIM) packet in terval valu e indica tes how ofte n the MA C layer forward s broadca st/mul ticast t raffic.
Comm and Li ne Interf ace 7-10 6 Default Setti ng 2346 Command Mode Interface Configuration (Wireles s) Command Usage • If the pa cket si ze is s maller t han the p reset F ragment size, the pack et will no t be segme nted.
Wirele ss Interf ace Comm ands 7-107 Default Setti ng 2347 Command Mode Interface Configuration (Wireles s) Command Usage • If the thresh old is set to 0, the wireless br idge alway s sends RTS si gnals. If set to 23 47, the wireless bridge never sen ds RTS si gnals.
Comm and Li ne Interf ace 7-10 8 Default Setti ng full Command Mode Interface Configuration (Wireles s) Command Usage • The “m in” keywor d indic ates m inimum p ower. • The lon ger the tr ansmis sion dis tance , the highe r the transmiss ion power requir ed.
Wirele ss Interf ace Comm ands 7-109 Example authent ication This co mmand defin es the 80 2.11 authe nticatio n type allowed by the ac cess po int. Synta x authent ication < open | shared > • open - Accepts the client withou t verify ing its identity using a shar ed key.
Comm and Li ne Interf ace 7-11 0 encrypti on This com mand de fines whether W EP or AES encr yption is used to provide p rivacy for wireless commun ication s.
Wirele ss Interf ace Comm ands 7-111 • AES has be en des ignated by th e Nation al Instit ute of Standard s and Technolog y as the s ucces sor to th e Data Encry ption Stan dard (DE S) encry ption al gorithm, and will be used by the U.S. governmen t for encryp ting all sen sitive, nonclas sified i nformati on.
Comm and Li ne Interf ace 7-11 2 key This com mand sets the keys used for WEP and AES enc r yption. Use the no form to delete a config ured key . Synta x key { wep < inde x size type we p - va l ue.
Wirele ss Interf ace Comm ands 7-113 • To enabl e AES enc ryption, us e the encryp tion c ommand to specify the key typ e, and use the key command to config ure a key fo r each wireles s port. • If WEP i s enabled , all uni ts in the wireles s bridg e network must be configur ed with th e same keys .
Comm and Li ne Interf ace 7-11 4 Command Mode Interface Configuration (Wireles s) Command Usage • If you use WE P key en cryption, th e wirel ess bridge us es the transmit k ey to encr ypt multi cast and broa dcast dat a sign als that it sends to other nod es.
Wirele ss Interf ace Comm ands 7-115 Command Usage • WPA ena bles the a ccess poi nt to supp ort differe nt unic ast encryptio n keys for each clie nt. However, the glob al encryptio n key for mult icast and br oadcas t traffic mus t be the same for all c lients.
Comm and Li ne Interf ace 7-11 6 wpa-clie nts This comm and defi nes whethe r Wi-Fi Protected A ccess (WP A) is required o r option ally suppor ted for clien t stations. Synta x wpa-clients < required | supported > • required - Supp orts only c lien ts using WPA.
Wirele ss Interf ace Comm ands 7-117 Example Related Commands wpa-mode (page 7-117) wpa-mode This com mand s pecifies whethe r Wi-Fi Protec ted Acc ess (WP A ) is to us e 802.1x d ynamic ke ys or a pre -shared key . Synta x wpa-mode < dyna mic | pre- shared -key > • dynamic - WPA with 802.
Comm and Li ne Interf ace 7-11 8 Example Related Commands wpa-clien ts (pag e 7-116) wpa-pre shared-key (page 7-118 ) wpa-p reshar ed-k ey This com mand de fines a Wi-Fi Protecte d Access (WP A) preshared -ke y . Synta x wpa-presh ared-key < type> < val u e > • type - Input format.
Wirele ss Interf ace Comm ands 7-119 Example Related Commands wpa-clien ts (pag e 7-116) wpa-mode (page 7-117) wpa-psk-ty pe This co mmand defi nes the Wi-F i Protecte d Access (WP A) preshared -ke y type. Synta x wpa-psk-t y pe < ty pe> type - Input f o rm at.
Comm and Li ne Interf ace 7-12 0 shutdown This co mmand dis ables the wireless interface. Use the no for m t o restar t the interface. Synta x shutdo wn no shutdown Default Setti ng Interface enabled Command Mode Interface Configuration (Wireles s) Example show interface wireless This com mand di splays the sta tus for the wireles s inter f a ce.
Wirele ss Interf ace Comm ands 7-121 Example show station This co mmand sho ws the w irele ss clients asso ciated with the access poin t. Command Mode Ex ec AP#show interface wireless a Wireless Inter.
Comm and Li ne Interf ace 7-12 2 Example IAPP Commands The com mand des cribed in thi s section e nables the protocol signali ng require d to ensure the succes sful hand ov e r of wireless clients roamin g between di fferent 802.11f -complian t acce ss points.
VLAN C ommands 7-123 Default Enabled Command Mode Global Co nfiguration Command Usage The curr ent 802.11 sta ndard does not speci fy the signali ng required be tween acce ss points in order to suppor t clie nts roaming from one a ccess p oint to anothe r .
Comm and Li ne Interf ace 7-12 4 Note: Before enabling VLANs o n the wireles s brid ge , you must configure the con nected LAN switch p ort to acc ept tagged VLAN packets with the w irel ess bri dge ’s native VLAN ID. Oth e rwise, co nnectivity to the wir e less bridge will be lost when you enab le the VLAN feature.
VLAN C ommands 7-125 Examp le Related Commands native-vlanid ( page 7-125 ) native- vlanid This com mand confi gures t he native VLAN I D f o r the wir eless bri dge.
Comm and Li ne Interf ace 7-12 6.
A-1 Appendix A Troubleshooting Check the following items before you contact l ocal T e chnica l Suppo r t. 1. If wirele ss br idge un its do not asso ciate wit h each other , check the following: • .
T roublesh ooting A-2 3. If the wir eless br idge cannot be configure d usin g T elnet, a web browser , or S NMP software: • Be sure to hav e config ured t he wire less br idg e with a valid IP address , subnet mask and defaul t gateway.
B-1 Appendix B Specifications General Spe cifications Maxim um C hannels (Outdoor) 802.11a: US & Canad a: 9 ( nor mal mode ), 3 (turbo mode) Japan: 4 (nor ma l mode), 1 (turbo mode) ETSI: 1 1 channel s (nor mal mode), 4 (turbo mod e) T aiwan: 4 (n or mal m ode), 1 ( turbo mod e) 802.
Specificatio ns B-2 Modulation T ypes 802.11a: B PSK, QPS K, 16-QAM, 64-QA M 802.11g: CCK , BPSK, Q PSK, OFDM 802.11b: CCK , BPSK, Q PSK Netw ork Configuration Bri dge Mode: P oin t-to-point and point- to-multipo int Access Point Mode: Infrastr ucture Operating Frequenc y 802.
Gener al Specific ations B-3 Netw ork Management W eb-br ow ser , T elnet, SN MP T emperature Operating : -33 to 55 °C (-27.4 to 131 °F) Storage: -40 t o 80 °C (- 40 to 176 ° F) Humidity 5% to 95% (n on-condens ing) EMC Compliance (Cla ss B) FCC Class B (US) R TT ED 1999/5 /EC DGT ( T aiw an) Radio Signal Certification FCC P a r t 15 15.
Specificatio ns B-4 Antenna Specifications 17 dBi Integrated Panel Frequency Range 5.150 - 5 .850 GHz Gain 17 dBi VSWR 1.8 : 1 max Po l a r i z a t i o n Linear , ver ti cal/hor izontal HPBW Hori zont.
Antenna Specificati ons B-5 17 dBi Inte grated Panel Antenna Link Budget (5.825 G Hz, Cable Loss 1 dB, F ade Margin 5 dB) Modulatio n/Rates Transmit Power (dBm) Receive Sensitivity (dBm) Maxim um Range (km) with 17 dBi Panel* Norma l Mode BPSK (6 Mbps) 20 -88 15.
Specificatio ns B-6.
C-1 Appendix C Cables and Pinouts Twisted-Pair Ca ble Assignment s F or 10/100 BASE- TX conne ctions, a twis ted-pair ca ble must hav e two pairs of wi res. Each wire pa ir is ide ntified by two different colors. For e x ample, one wi re might be gr een and the other , green with wh ite str ipes.
Cab les and Pino uts C-2 10/100BASE-TX Pin Assignments Use unshield ed twisted- pair (U TP) or shield ed twisted- pair (ST P) cable for RJ-45 connecti ons: 100- ohm Categ or y 3 or bet ter cable f o r 10 Mbps connectio ns, or 100- ohm Categor y 5 or be tter cable f o r 100 Mbp s connec tions.
T w isted- Pa ir Cabl e Assignments C-3 Straight-Through Wiring Becaus e the 10 /100 Mbps Input po r t on the power injector uses an MDI pin confi guration, you must use “straigh t-through” cable f o r networ k conn ections to hubs or switches th at only h av e MDI-X por t s.
Cab les and Pino uts C-4 8-Pin D IN Connect or Pinout The Ethe r net cable from the power injector connec ts to an 8-pi n DIN connec tor on the wireless bridge.
8-Pin DI N Connector Pino ut C-5 8-Pin DIN to RJ -4 5 Cable Wiri ng T o constr uct an extended Ethe rn et cable to con nect fro m the power injector’ s RJ-45 Output por t to th e wireless bri dge’ s 8- pin DIN connec tor , follo w the w iring d iagram below .
Cab les and Pino uts C-6.
Glossary-1 Glossary 10BASE- T IEEE 802 .3 speci fication f o r 10 Mbps Ether net over two pairs of Categor y 3 or better UTP cable. 100BASE- TX IEEE 802 .3u sp ecifica tion for 100 Mbps F ast Eth er net over two pairs of Cat egor y 5 or better U TP cable.
Glossary Glossary-2 Basic Serv ice Se t (BSS) A set of 8 02.11-co mpliant s tation s and an a ccess poi nt that operate as a full y-conn ected w ireless n etwor k. Beacon A signa l per iodical ly transm itted f rom the ac cess p oint that i s used to i dentify th e ser vice set, an d to mainta in contac t with wirele ss clients .
Glossar y Glossary-3 File Transfer Protocol (FTP) A TCP/IP protoc ol use d f or file transfer . Hypertext Transfer Pr otocol (HTTP) HTTP is a sta ndard use d to transmit and recei v e all data over the Wo r l d W i d e We b. Internet Cont rol Message Pr otocol (IC MP ) A networ k lay er protoc ol that re por t s errors in proces sing IP pack e ts.
Glossary Glossary-4 Open Sy stem A secur ity op tion which broadcas ts a beacon signal in cludi ng the access poin t’ s confi gured SSID . Wirele ss c lients c an read the SSID fro m the beac on, and automatic ally rese t their SSID to allow immedi ate conne ction to the near est acces s point.
Glossar y Glossary-5 Simple Network Time Protoc ol (SNTP) SNTP al lows a device to se t its inte r nal clock ba sed on pe riod ic updates fr om a Netwo rk Ti me Proto col (NTP ) ser ver . Upda tes can b e requested from a specifi c NTP ser ver , o r can be received via bro adcasts sent by NTP se r v ers.
Glossary Glossary-6.
Index-1 A Advance d Encryption Stan dard See AES AES 6-82 configu ring 6-68 AES, confi guring 6-66, 7-110 auth ent icati on 6-1 6, 7-10 9 configu ring 6-16, 7-109 MAC ad dress 6-18, 7-56 , 7-57 type 5.
Index Index-2 filt er 6-2 6, 7- 56 address 6-16, 7-56 betwee n wireless clie nts 6-28, 7-76 local bri dge 6-28 , 7-7 6 local or re mote 6- 16, 7-59 manage ment access 6-28, 7-77 protocol types 6-28, 7.
Index Index-3 pas swor d configu ring 6-33, 7-20 manage ment 6-33 , 7-20 PoE 4-8 specif ications B-2 port prior ity STA 7-72 Power over Ethernet See PoE powe r supp ly, sp ecif icat ions B -2 PSK 6- 81, 7- 117 R radio ch annel 802.11a interface 6-58, 7-102 802.
Index Index-4 Tempora l Key Integrit y Protocol See TKIP time zo ne 6-41, 7-32 TKIP 6-81, 7-1 14 tran smit p ower , conf igur ing 6-5 9, 7-107 trap desti nati on 6-3 1, 7-3 7 trap man ager 6-31, 7-37 .
.
SMC2888W-S SMC2888W-M.
An important point after buying a device SMC Networks 2.4GHz/5GHz (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought SMC Networks 2.4GHz/5GHz yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data SMC Networks 2.4GHz/5GHz - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, SMC Networks 2.4GHz/5GHz you will learn all the available features of the product, as well as information on its operation. The information that you get SMC Networks 2.4GHz/5GHz will certainly help you make a decision on the purchase.
If you already are a holder of SMC Networks 2.4GHz/5GHz, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime SMC Networks 2.4GHz/5GHz.
However, one of the most important roles played by the user manual is to help in solving problems with SMC Networks 2.4GHz/5GHz. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device SMC Networks 2.4GHz/5GHz along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center
