Alvarion SW VERSION 5.1 4.2.6.7 Security Parameters

Menus and Parameters

Operation and Administration

207

4.2.6.7 Security Parameters

BreezeACCESS VL systems can support encryption of authentication messages

and/or data frames using one of the following encryption standards:

 WEP Wired Equivalent Privacy algorithm. WEP is defined in the IEEE 802.11

Wireless LAN standard and is based on the RSA’s RC4 encryption algorithm.

 AES OCB Advanced Encryption Standard. AES is defined by the National

Institute of Standards and Technology (NIST) and is based on Rijndael block

cipher. AES OCB (Offset Code Book) is a mode that operates by augmenting

the normal encryption process by incorporating an offset value.

 FIPS 197 is certified for compliance with Federal Information Processing

Standards. It provides encryption and message integrity in one solution and

implements the Advanced Encryption Standard using Rijndael block cipher.

NOTE

The FIPS 197 encryption algorithm is a licensed feature, and is available only in units with the

required license. FIPS 197 can be supported only in Access Units with HW revision C or higher.

FIPS 197 feature license is not available for AUS unit.

The following parameters are available through the Security Parameters menu (in

certain units some or all of the security options may not be available):

 Authentication Algorithm

 Data Encryption Option

 Security Mode

 Default Key (SU only)

 Default Multicast Key (AU only)

 Key # 1 to Key # 4

 Promiscuous Authentication (AU only)

4.2.6.7.1 Authentication Algorithm

The Authentication Algorithm option determines the operation mode of the

selected unit. The following two options are available:

Contents

Main Document History Page Page Page Page Page Page Page Page Page Page Legal Rights Trade Names Statement of Conditions Warranties and Disclaimers Exclusive Warranty Disclaimer Limitation of Liability Electronic Emission Notices FCC Radio Frequency Interference Statement FCC Radiation Hazard Warning Antenna Compliance Statement R&TTE Compliance Statement Safety Considerations Caution Outdoor Unit and Antenna Installation and Grounding Disposal of Electronic and Electrical Waste Page Important Notice Page About This Manual Page Contents Page Page Page Figures Page Tables Page Page Page Page 1.1 Introducing BreezeACCESS VL Page 1.2 Base Station Equipment 1.2.1 Modular Base Station Equipment Page 1.2.2 Standalone Micro-cell Access Unit Page 1.3 Subscriber Unit 1.3.1 SU-A/E Subscriber Units Page Page 1.3.2 SU-I Subscriber Units 1.3.3 The SU-E-BS 1.4 BreezeACCESS B&B (4.9 GHz only) 1.5 Networking Equipment 1.6 Management Systems 1.6.1 AlvariCRAFT 1.6.2 AlvariSTAR Page Page 1.7 Specifications 1.7.1 Radio Page Page 1.7.2 Data Communication 1.7.3 Configuration and Management 1.7.4 Standards Compliance, General 1.7.5 Physical and Electrical 1.7.5.1 SU-A/E Subscriber Unit 1.7.5.1.1 Mechanical 1.7.5.1.2 Connectors 1.7.5.1.3 Electrical 1.7.5.2 SU-I Subscriber Unit 1.7.5.2.1 Mechanical and Electrical 1.7.5.2.2 Connectors 1.7.5.3 Modular Base Station Equipment 1.7.5.3.1 Mechanical 1.7.5.3.2 Connectors 1.7.5.3.3 Electrical 1.7.5.4 Standalone Access Unit 1.7.5.4.1 Mechanical 1.7.5.4.2 Connectors 1.7.5.4.3 Electrical 1.7.5.5 25dBi Antenna (for B&B point-to-point link) 1.7.5.6 SU-I-D Wall/Window Detached Antenna 1.7.6 Environmental Page Page 2.1 Installation Requirements 2.1.1 Packing List 2.1.1.1 SU-A/E Subscriber Unit 2.1.1.2 Modular Base Station Equipment 2.1.1.2.1 BS-SH Base Station Chassis 2.1.1.2.2 AU-E-BS Access Unit 2.1.1.2.3 BS-PS-AC Power Supply 2.1.1.2.4 BS-PS-DC Power Supply 2.1.1.3 AU-E-SA Standalone Access Unit 2.1.1.4 Optional Items Available from Alvarion 2.1.1.5 Additional Installation Requirements 2.1.2 Indoor-to-Outdoor Cables 2.2 Equipment Positioning Guidelines Page 2.3 Installing the Outdoor Unit 2.3.1 Pole Mounting the Outdoor Unit Page 2.3.2 Pole Mounting the New ODU 2.3.2.1 Polarization 2.3.2.2 Pole Mounting the ODU Using the Clamp Page 2.3.2.3 Pole Mounting the ODU with the Tilt Accessory 2.3.3 Protecting ODU Connections 2.3.4 Connecting the Grounding and Antenna Cables Page 2.3.5 Connecting the Indoor-to-Outdoor Cable 2.3.5.1 Units with an Installed Waterproof Seal (not applicable to new ODU) 2.3.5.2 Units with a Waterproof Seal Supplied with the Ethernet Cable (not applicable to new ODU) 2.3.5.3 New ODU Page 2.4 Installing the Universal IDU Indoor Unit 2.4.1 RESET Button Functionality 2.5 Installing the SU-I 2.5.1 Installation Requirements 2.5.1.1 Packing List 2.5.1.2 Additional/Optional Items 2.5.2 SU-I Connectors and LEDs 2.5.3 Installation Guidelines 2.5.4 Installing the SU-I 2.5.4.1 Connecting the SU-I 2.5.5 Installing the Detached Antenna 2.5.5.1 Wall Mount 2.5.5.2 Wall Mount with Rotation Capability Page 2.5.5.3 Window Mount 2.5.5.4 Window Mount with Rotation Capability 2.6 Installing the Modular Base Station Equipment 2.6.1 BS-SH Slot Assignment 2.6.2 BS-PS-AC Power Supply Module 2.6.3 BS-PS-DC Power Supply Module 2.6.4 BS-AU Network Interface Module 2.6.5 Installing the BS-SH Chassis and Modules Page Page 3.1 Configuring Basic Parameters 3.1.1 Initial Configuration Page 3.1.2 Country Code Selection 3.1.3 Transmit Power Compliance With Regulations Page 3.2 Using the Optional Y-cable (New SU-A/E-ODU) 3.3 Aligning the Subscriber Unit Antenna Page 3.4 Configuring the Subscriber Units Maximum Modulation Level Page 3.5 Operation Verification 3.5.1 Outdoor Unit Verification Page Page 3.5.2 Indoor Unit Verification 3.5.3 SU-I Unit Verification Page 3.5.4 Verifying the Ethernet Connection (Modular Base station) 3.5.5 Verifying the Indoor-to-Outdoor Connection (Modular Base Station) 3.5.6 Verifying Data Connectivity Page 4.1 Working with the Monitor Program 4.1.1 Accessing the Monitor Program Using Telnet 4.1.2 Common Operations Page 4.2 Menus and Parameters 4.2.1 Main Menu 4.2.2 Info Screens Menu 4.2.2.1 Show Unit Status Page Page 4.2.2.2 Show Basic Configuration 4.2.2.3 Show Advanced Configuration 4.2.2.4 Show Country Dependent Parameters 4.2.2.5 Show All Parameters 4.2.3 Unit Control Menu 4.2.3.1 Reset Unit 4.2.3.2 Default Settings 4.2.3.2.1 Set Defaults 4.2.3.2.1.1 Set Complete Factory Defaults 4.2.3.2.1.2 Set Partial Factory Defaults Page Page 4.2.3.2.1.3 Set Complete Operators Defaults 4.2.3.2.1.4 Set Partial Operator Defaults 4.2.3.2.1.5 Cancel Current Pending Request 4.2.3.2.2 Save Current Configuration As Operator Defaults 4.2.3.3 Change Unit Name 4.2.3.4 Change Password 4.2.3.5 Flash Memory Control 4.2.3.6 Log Out Timer 4.2.3.7 Ethernet Negotiation Mode 4.2.3.8 Change System Location 4.2.3.9 Event Log Menu 4.2.3.9.1 Event Log Policy 4.2.3.9.2 Display Event Log 4.2.3.9.3 Erase Event Log 4.2.3.9.4 Event Log Upload 4.2.3.10 Feature Upgrade 4.2.3.11 SW Version Download 4.2.3.12 Configuration File Upload/Download Page Page 4.2.4 Basic Configuration Menu 4.2.4.1.1 IP Parameters 4.2.4.1.2 Performance Parameters 4.2.4.1.3 Network Management Parameters 4.2.4.1.4 Air Interface Parameters 4.2.4.1.5 Country Code Parameters 4.2.4.1.6 Bridge Parameters 4.2.4.1.7 Security Parameters 4.2.5 Site Survey Menu 4.2.5.1 Traffic Statistics 4.2.5.1.1 Ethernet Counters 4.2.5.1.2 WLAN Counters Page Page 4.2.5.2 Ping Test 4.2.5.3 Link Quality (SU only) 4.2.5.3.1 Continuous Average SNR/RSSI Display 4.2.5.3.2 Continuous Noise Floor Display 4.2.5.3.3 Continuous UpLink Quality Indicator Display 4.2.5.4 MAC Address Database 4.2.5.4.1 MAC Address Database in AU Page Page Page 4.2.5.4.2 MAC Address Database in SU 4.2.5.5 Continuous Noise Floor Display (AU only) 4.2.5.6 Per Modulation Level Counters 4.2.5.7 Link Capability 4.2.5.7.1 Show Link Capability-General 4.2.5.7.2 Show Link Capability-Wireless Link Configuration 4.2.5.7.3 Show Link Capability-Security Configuration 4.2.5.7.4 Show Link Capability by AU (SU only) 4.2.5.7.5 Show Link Capability by SU (AU only) 4.2.6 Advanced Configuration Menu 4.2.6.1 IP Parameters 4.2.6.1.1 IP Address 4.2.6.1.2 Subnet Mask 4.2.6.1.3 Default Gateway Address 4.2.6.1.4 DHCP Client 4.2.6.1.4.1 DHCP Option 4.2.6.1.4.2 Access to DHCP 4.2.6.1.5 Show IP Parameters 4.2.6.2 Air Interface Parameters 4.2.6.2.1 Country Code and Sub-Bands 4.2.6.2.2 ESSID Parameters 4.2.6.2.2.1 ESSID 4.2.6.2.2.2 Operator ESSID Parameters (AU only) 4.2.6.2.2.2.1 Operator ESSID Option 4.2.6.2.2.2.2 Operator ESSID 4.2.6.2.3 Frequency Definition Parameters 4.2.6.2.3.1 Sub-Bands and Frequency Selection 4.2.6.2.3.2 Avoiding Frequencies with Radar Activity 4.2.6.2.4 Frequency Definition Submenu in AU 4.2.6.2.4.1 Sub-Band Select 4.2.6.2.4.2 Frequency 4.2.6.2.4.3 DFS Parameters 4.2.6.2.4.3.1 DFS Required by Regulations 4.2.6.2.4.3.2 Frequency Subset Definition 4.2.6.2.4.3.3 Channel Check Time 4.2.6.2.4.3.4 Channel Avoidance Period 4.2.6.2.4.3.5 SU Waiting Option 4.2.6.2.4.3.6 Minimum Pulses to Detect 4.2.6.2.4.3.7 Clear Radar Detected Channels After Reset 4.2.6.2.4.4 Channel Reuse Parameters (DFS+) 4.2.6.2.4.4.1 Show DFS Settings And Data 4.2.6.2.4.5 Country Code Learning by SU 4.2.6.2.4.6 Show Frequency definitions 4.2.6.2.5 Frequency Definition Submenu in SU 4.2.6.2.5.1 Sub-Band Select 4.2.6.2.5.2 User Defined Frequency Subsets 4.2.6.2.5.3 Show Frequency Definitions 4.2.6.2.6 Best AU Parameters (SU) 4.2.6.2.6.1 Best AU Support 4.2.6.2.6.2 Number Of Scanning Attempts 4.2.6.2.6.3 Preferred AU MAC Address 4.2.6.2.6.4 Show Best AU Parameters and Data 4.2.6.2.7 Scanning Mode (SU only) 4.2.6.2.8 Power Control Parameters 4.2.6.2.8.1 Transmit Power 4.2.6.2.8.1.1 Transmit Power 4.2.6.2.8.1.2 Show Transmit Power Parameters 4.2.6.2.8.2 Maximum Transmit Power (SU only) 4.2.6.2.8.2.1 Maximum Tx Power 4.2.6.2.8.2.2 Show Maximum Tx Power Parameters 4.2.6.2.8.3 ATPC Parameters in AU 4.2.6.2.8.3.1 ATPC Option 4.2.6.2.8.3.2 ATPC Minimum SNR Level 4.2.6.2.8.3.3 ATPC Delta from Minimum SNR Level 4.2.6.2.8.3.4 Minimum Interval Between ATPC Messages 4.2.6.2.8.3.5 ATPC Power Level Step 4.2.6.2.8.4 ATPC Parameters in SU 4.2.6.2.8.4.1 ATPC Option 4.2.6.2.8.5 Tx Control (AU only) 4.2.6.2.9 Antenna Gain 4.2.6.2.10 Cell Distance Parameters (AU only) 4.2.6.2.10.1 Cell Distance Mode 4.2.6.2.10.2 Maximum Cell Distance 4.2.6.2.10.3 Fairness Factor 4.2.6.2.10.4 Per SU Distance Learning 4.2.6.2.10.5 Show Cell Distance Parameters 4.2.6.2.11 Arbitration Inter-Frame Spacing (AIFS) 4.2.6.2.12 Maximum Number of Associations (AU only) 4.2.6.2.13 Wireless Link Trap Threshold (AU only) 4.2.6.2.14 Spectrum Analysis 4.2.6.2.14.1 Spectrum Analysis Channel Scan Period 4.2.6.2.14.2 Spectrum Analysis Scan Cycles 4.2.6.2.14.3 Automatic Channel Selection (AU only) 4.2.6.2.14.4 Spectrum Analysis Activation 4.2.6.2.14.5 Reset Spectrum Analysis Information 4.2.6.2.14.6 Spectrum Analysis Information Display 4.2.6.2.14.7 Spectrum Analysis Information Display - Continuous 4.2.6.2.14.8 Show Spectrum analysis Parameters & Data 4.2.6.2.15 Lost Beacons Transmission Watchdog Threshold (AU only) 4.2.6.2.16 Disassociate (AU only) 4.2.6.2.17 Noise Immunity Control 4.2.6.2.17.1 Noise Immunity State Control 4.2.6.2.17.2 Noise Immunity Level 4.2.6.2.17.3 Spur Immunity Level 4.2.6.2.17.4 OFDM Weak Signal 4.2.6.2.17.5 Pulse Detection Sensitivity 4.2.6.2.17.6 Show Noise Immunity 4.2.6.2.18 Noise Floor Calculation Parameters 4.2.6.2.18.1 Calculation Mode 4.2.6.2.18.2 Forced Value 4.2.6.2.18.3 Show Noise Floor Calculation 4.2.6.2.19 Interference Mitigation (VL 900 only) 4.2.6.2.19.1.1 Installation Model 4.2.6.2.19.1 Basic Settings 4.2.6.2.19.1.2 Minimum Desired Performance 4.2.6.2.19.1.3 Minimum Desired Distance 4.2.6.2.19.1.4 Channel Selection Optimization Criteria 4.2.6.2.19.1.5 Scanning Type 4.2.6.2.19.2 Advanced Settings 4.2.6.2.19.2.1 AU Height 4.2.6.2.19.2.2 AU/SU Antenna Gain 4.2.6.2.19.2.3 AU/SU Maximum Modulation 4.2.6.2.19.2.4 KeepLink (AU only) 4.2.6.2.19.2.5 Channel Scan Period 4.2.6.2.19.2.6 Automatic Scan Period 4.2.6.2.19.2.7 Frequency Subset (AU only) 4.2.6.2.19.3 Activation 4.2.6.2.19.4 Delete Statistics File 4.2.6.2.19.5 Show Interference Mitigation Parameters & Data 4.2.6.3 Network Management Parameters 4.2.6.3.1 Access to Network Management 4.2.6.3.2 Network Management Filtering Page Page 4.2.6.4 Bridge Parameters 4.2.6.4.1 VLAN Support 4.2.6.4.1.1 VLAN ID-Data (SU only) 4.2.6.4.1.2 VLAN ID-Management Page 4.2.6.4.1.3 VLAN Link Type 4.2.6.4.1.3.1 Access Link (SU only) 4.2.6.4.1.3.2 Trunk Link 4.2.6.4.1.3.3 Hybrid Link 4.2.6.4.1.3.4 Service Provider Link 4.2.6.4.1.4 VLAN Forwarding (AU and SU) 4.2.6.4.1.4.1 VLAN Forwarding Support 4.2.6.4.1.4.2 Add Forwarding VLAN ID 4.2.6.4.1.4.3 Remove Forwarding VLAN ID 4.2.6.4.1.4.4 Show VLAN ID Forwarding List 4.2.6.4.1.5 VLAN Relaying (AU only) 4.2.6.4.1.5.1 VLAN Relaying Support 4.2.6.4.1.5.2 Add Relaying VLAN ID 4.2.6.4.1.5.3 Remove Relaying VLAN ID 4.2.6.4.1.5.4 Show VLAN ID Relaying List 4.2.6.4.1.6 Service Provider VLAN ID (SU only) 4.2.6.4.1.7 VLAN Traffic Priority 4.2.6.4.1.7.1 VLAN Priority - Data (SU only) 4.2.6.4.1.7.2 VLAN Priority - Management 4.2.6.4.1.8 VLAN QinQ Protocol Ethertype 4.2.6.4.1.9 Show VLAN Parameters 4.2.6.4.2 Ethernet Broadcast Filtering (SU only) 4.2.6.4.2.1 Filter Options 4.2.6.4.2.2 DHCP Broadcast Override Filter 4.2.6.4.2.3 PPPoE Broadcast Override Filter 4.2.6.4.2.4 ARP Broadcast Override Filter 4.2.6.4.3 Ethernet Broadcast/Multicast Limiter 4.2.6.4.3.1 Ethernet Broadcast/Multicast Limiter Option 4.2.6.4.3.2 Ethernet Broadcast/Multicast Limiter Threshold 4.2.6.4.3.3 Ethernet Broadcast/Multicast Limiter Send Trap Interval 4.2.6.4.4 Bridge Aging Time 4.2.6.4.5 Broadcast/Multicast Relaying (AU only) 4.2.6.4.6 Unicast Relaying (AU only) 4.2.6.4.7 MAC Address List (AU only) 4.2.6.4.7.1 Add MAC Address to List 4.2.6.4.7.2 Remove MAC Address from List 4.2.6.4.7.3 MAC Address List Action 4.2.6.4.7.4 Station Allowed Option 4.2.6.4.7.5 Show MAC Address List 4.2.6.4.8 Roaming Option (SU only) 4.2.6.4.9 Ports Control (SU only) 4.2.6.4.9.1 Ethernet Port Control 4.2.6.4.10 Show Bridge Parameters 4.2.6.5 Performance Parameters 4.2.6.5.1 RTS Threshold 4.2.6.5.2 Maximum Contention Window 4.2.6.5.3 Multicast Modulation Level (AU only) 4.2.6.5.4 Maximum Modulation Level 4.2.6.5.5 Average SNR Memory Factor 4.2.6.5.6 Number of HW Retries 4.2.6.5.7 Burst Mode 4.2.6.5.7.1 Burst Mode Option 4.2.6.5.7.2 Burst Mode Time Interval 4.2.6.5.8 Adaptive Modulation 4.2.6.5.8.1 Adaptive Modulation Option 4.2.6.5.8.2 History Size 4.2.6.5.8.3 Packet Thershold to Test Up Rate 4.2.6.5.8.4 Packet No On Upper Rate 4.2.6.5.9 Concatenation Parameters 4.2.6.5.9.1 Concatenation Option 4.2.6.5.9.2 Maximum Concatenated Frame Size 4.2.6.6 Service Parameters 4.2.6.6.1 User Filtering Parameters (SU only) 4.2.6.6.1.1 User Filtering Option 4.2.6.6.1.2 Set/Change Filter IP Address Range 4.2.6.6.1.3 Delete Filter IP Address Range 4.2.6.6.1.4 Delete All User Filtering Entries 4.2.6.6.1.5 DHCP Unicast Override Filter 4.2.6.6.1.6 Show User Filtering Parameters 4.2.6.6.2.1 MIR: Downlink (SU only) 4.2.6.6.2.2 MIR: Uplink (SU only) 4.2.6.6.2.3 CIR: Downlink (SU only) 4.2.6.6.2.4 CIR: Uplink (SU only) 4.2.6.6.2.5 Maximum Burst Duration (SU and AU) 4.2.6.6.2.6 Maximum Delay (SU only) 4.2.6.6.2.7 Graceful Degradation Limit (AU only) 4.2.6.6.2.8 MIR Only Option (AU only) 4.2.6.6.2.9 MIR Threshold Percent (AU only) 4.2.6.6.2.10 Show MIR/CIR Parameters 4.2.6.6.3 Traffic Prioritization 4.2.6.6.3.1 VLAN Priority Threshold 4.2.6.6.3.2 ToS Prioritization 4.2.6.6.3.2.1 ToS Prioritization Option 4.2.6.6.3.2.2 IP Precedence Threshold 4.2.6.6.3.2.3 DSCP Threshold 4.2.6.6.3.3 UDP/TCP Port Ranges Traffic Prioritization 4.2.6.6.3.3.1 UDP/TCP Port Ranges Prioritization Option 4.2.6.6.3.3.2 UDP Port Ranges 4.2.6.6.3.3.3 TCP Port Ranges 4.2.6.6.3.4 Low Priority Traffic Minimum Percent 4.2.6.6.3.5 Wireless Link Prioritization Parameters (AU) Page 4.2.6.6.3.5.1 Wireless Link Prioritization Option 4.2.6.6.3.5.2 Low Priority AIFS 4.2.6.6.3.5.3 Number of HW Retries for High Priority Traffic 4.2.6.6.3.5.4 Number of HW Retries for Low Priority Traffic 4.2.6.6.3.5.5 AU Burst Duration for High Priority Traffic 4.2.6.6.3.5.6 AU Burst Duration for Low Priority Traffic 4.2.6.6.3.5.7 SU Burst Duration for High Priority Traffic 4.2.6.6.3.5.8 SU Burst Duration for Low Priority Traffic 4.2.6.6.4 DRAP Parameters (AU only) Page 4.2.6.7 Security Parameters 4.2.6.7.1 Authentication Algorithm 4.2.6.7.2 Data Encryption Option 4.2.6.7.3 Security Mode 4.2.6.7.4 Default Key (SU only) 4.2.6.7.5 Default Multicast Key (AU only) 4.2.6.7.6 Key # 1 to Key # 4 4.2.6.7.7 Promiscuous Authentication (AU only) 4.2.6.8 Country Code Parameters 4.2.6.8.1 Country Code Select 4.2.6.8.2 Re-apply Country Code Values Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page E.1 Parameters Summary E.1.1 Unit Control Parameters BreezeACCESS VL System Manual E.1.2 IP Parameters Parameter Unit Range Default Run-Time E.1.3 Air Interface Parameters Parameter Unit Range Default Run-Time Page BreezeACCESS VL System Manual Parameter Unit Range Default Run-Time E.1.4 Network Management Parameters E.1.5 Bridge Parameters Page BreezeACCESS VL System Manual E.1.6 Performance Parameters * Applicable only if Burst Mode is supported by the Sub-Band. Parameter Unit Range Default Run-Time 5 E.1.7 Service Parameters BreezeACCESS VL System Manual Parameter Unit Range Default Run-Time E.1.8 Security Parameters Parameter Unit Range Default Run-Time Page Page Page F.1 Ethernet Port Connection Problems F.2 SU Association Problems F.3 Low Throughput Problems