Manuals / Brands / Computer Equipment / Network Router / Symbol Technologies / Computer Equipment / Network Router

Symbol Technologies AP-5131 manual - page 2

1 578
Download 578 pages, 5.94 Mb
Contents
Main Page Page Page Page Page Contents About This Guide Chapter 1. AP-5131 Introduction Page Chapter 2. Hardware Installation Chapter 3. Getting Started Chapter 4. System Configuration Chapter 5. Network Management Chapter 6. Configuring Access Point Security Chapter 7. Monitoring Statistics Chapter 8. Command Line Interface Reference Chapter 9. Configuring Mesh Networking Appendix A. Technical Specifications Appendix B. AP-5131 Usage Scenarios Appendix C. Customer Support Page Notational Conventions Service Information AP-5131 Introduction 1.1 New AP-5131 Features 1.1.1 Mesh Networking 1.1.2 Additional LAN Subnet 1.1.3 On-board Radius Server Authentication 1.1.4 Hotspot Support 1.1.5 Routing Information Protocol (RIP) 1.1.6 Manual Date and Time Settings 1.2 Feature Overview 1.2.1 Single or Dual Mode Radio Options 1.2.2 Separate LAN and WAN Ports 1.2.3 Multiple Mounting Options 1.2.4 Antenna Support for 2.4 GHz and 5.2 GHz Radios 1.2.5 Sixteen Configurable WLANs 1.2.6 Support for 4 BSSIDs per Radio 1.2.7 Quality of Service (QoS) Support 1.2.8 Industry Leading Data Security 1.2.8.1 Kerberos Authentication 1.2.8.2 EAP Authentication 1.2.8.3 WEP Encryption 1.2.8.4 KeyGuard Encryption 1.2.8.5 Wi-Fi Protected Access (WPA) Using TKIP Encryption 1.2.8.6 WPA2-CCMP (802.11i) Encryption 1.2.8.7 Firewall Security 1.2.8.8 VPN Tunnels 1.2.9 VLAN Support 1.2.10 Multiple Management Accessibility Options 1.2.11 Updatable Firmware 1.2.12 Programmable SNMP v1/v2/v3 Trap Support 1.2.13 Power-over-Ethernet Support 1.2.14 MU-MU Transmission Disallow 1.2.15 Voice Prioritization 1.2.16 Support for CAM and PSP MUs 1.2.17 Statistical Displays 1.2.18 Transmit Power Control 1.2.19 Advanced Event Logging Capability 1.2.20 Configuration File Import/Export Functionality 1.2.21 Default Configuration Restoration 1.2.22 DHCP Support 1.3 Theory of Operations 1.3.1 Cellular Coverage 1.3.2 MAC Layer Bridging 1.3.3 Media Types 1.3.4 Direct-Sequence Spread Spectrum 1.3.5 MU Association Process 1.3.6 Operating Modes 1.3.7 Management Access Options Page Hardware Installation 2.1 Precautions 2.2 Package Contents 2.2.1 Available Product Configurations Page 2.3 Requirements 2.4 Placement of the AP-5131 2.4.1 Site Surveys 2.4.2 Antenna Options Page Page 2.5 Power Options 2.6 Symbol Power Injector System 2.6.1 Installing the Power Injector 2.6.1.1 Preparing for Site Installation 2.6.1.2 Cabling the Power Injector 2.6.1.3 Power Injector LED Indicators 2.7 Mounting the AP-5131 2.7.1 Desk Mounted Installations Page 2.7.2 Wall Mounted Installations Page 2.7.3 Suspended Ceiling T-Bar Installations Page 2.7.4 Above the Ceiling (Plenum) Installations Page Page 2.8 LED Indicators Page 2.9 Setting Up MUs Getting Started 3.1 Installing the AP-5131 3.2 Configuration Options 3.3 Default Configuration Changes 3.4 Initially Connecting to the Access Point 3.4.1 Connecting to the Access Point using the WAN Port 3.4.2 Connecting to the Access Point using the LAN Port 3.5 Basic Device Configuration 3.5.1 Configuring Device Settings Page Page Page Page 3.5.1.1 Configuring WLAN Security Settings Page 3.5.2 Testing Connectivity 3.5.3 Where to Go from Here? System Configuration 4.1 Configuring System Settings Page Page Page 4.2 Configuring Data Access Page Page 4.3 Managing Certificate Authority (CA) Certificates 4.3.1 Importing a CA Certificate 4.3.2 Creating Self Certificates for Accessing the VPN Page Page 4.3.3 Creating a Certificate for Onboard Radius Authentication Page Page Page 4.4 Configuring SNMP Settings Page Page Page Page Page 4.4.1 Configuring SNMP Access Control Page 4.4.2 Enabling SNMP Traps Page Page 4.4.3 Configuring Specific SNMP Traps Page 4.4.4 Configuring SNMP RF Trap Thresholds Page 4.5 Configuring Network Time Protocol (NTP) Page Page 4.6 Logging Configuration AP-5131 4.7 Importing/Exporting Configurations Page This interface is a DHCP Client CAUTION For HTTP downloads (exports) to be successful, pop-up messages must be disabled. Page 4.8 Updating Device Firmware Page Page Page Page 4.8.1 Upgrade/Downgrade Considerations Page Page Network Management 5.1 Configuring the LAN Interface Page Page 5.1.1 Configuring VLAN Support Page Page Page 5.1.2 Configuring LAN1 and LAN2 Settings Page AP-5131 numerical (non DNS name) DNS name) 5.1.2.1 Configuring Advanced DHCP Server Settings Page 5.1.2.2 Setting the Type Filter Configuration 5.2 Configuring WAN Settings Page AP-5131 VPN WAN IP Configuration Page 5.2.1 Configuring Network Address Translation (NAT) Settings Page 5.2.1.1 Configuring Port Forwarding 5.3 Enabling Wireless LANs (WLANs) Page 5.3.1 Creating/Editing Individual WLANs Page Page Page Page 5.3.1.1 Configuring WLAN Security Policies Page 5.3.1.2 Configuring a WLAN Access Control List (ACL) Page Page 5.3.1.3 Setting the WLAN Quality of Service (QoS) Policy Page Page Page Page U-APSD (WMM Power Save) Support 5.3.1.4 Configuring WLAN Hotspot Support Page Page Defining the Hotspot White List Page 5.3.2 Setting the WLANs Radio Configuration Page Page 5.3.2.1 Configuring the 802.11a or 802.11b/g Radio Page Page 4. Refer to the Beacon Settings field to set the radio beacon and DTIM intervals. Page Page Page 5.3.3 Configuring Bandwidth Management Settings Page 5.4 Configuring Router Settings Page 5.4.1 Setting the RIP Configuration Page Page Page Configuring Access Point Security 6.1 Configuring Security Options 6.2 Setting Passwords 6.2.1 Resetting the AP-5131 Password 6.3 Enabling Authentication and Encryption Schemes Page Page Page 6.4 Configuring Kerberos Authentication Page 6.5 Configuring 802.1x EAP Authentication Page Page Page Page 6.6 Configuring WEP Encryption Page 6.7 Configuring KeyGuard Encryption Page 6.8 Configuring WPA Using TKIP Page 6.9 Configuring WPA2-CCMP (802.11i) Page Page 6.10 Configuring Firewall Settings Page Page 6.10.1 Configuring LAN to WAN Access Page Page 6.10.1.1 Available Protocols 6.10.2 Configuring Advanced Subnet Access Page 6.11 Configuring VPN Tunnels Page Page Page 6.11.1 Configuring Manual Key Settings Page Page Page 6.11.2 Configuring Auto Key Settings 3. Configure the Auto Key Settings screen to modify the following: 6.11.3 Configuring IKE Key Settings 3. Configure the IKE Key Settings screen to modify the following: Page Page 6.11.4 Viewing VPN Status Page 6.12 Configuring Content Filtering Settings Page 3. Configure the SMTP field to disable or restrict specific kinds of network mail traffic. 4. Configure the FTP field to block or restrict various FTP traffic on the network. 6.13 Configuring Rogue AP Detection Page Page 6.13.1 Moving Rogue APs to the Allowed AP List Page 6.13.1.1 Displaying Rogue AP Details 3. Refer to the Rogue AP Detail field for the following information: 4. Refer to the Rogue Detector Detail field for the following inform ation: 6.13.2 Using MUs to Detect Rogue Devices Page 6.14 Configuring User Authentication 6.14.1 Configuring the Radius Server Page Page 6.14.2 Configuring LDAP Authentication Page 6.14.3 Configuring a Proxy Radius Server Page 6.14.4 Managing the Local User Database Page 6.14.4.1 Mapping Users to Groups 6.14.5 Defining the User Access Policy Page Page Monitoring Statistics 7.1 Viewing WAN Statistics Page 3. Refer to the Received field to reference data received over the AP-5131 WAN port. 4. Refer to the Transmitted field to reference data received over the AP-5131 WAN port. AP-5131 Page 7.2 Viewing LAN Statistics Page Page 7.2.1 Viewing a LANs STP Statistics Page 7.3 Viewing Wireless Statistics 2. Refer to the WLAN Summary field to reference high-level data for each enabled WLAN. 7.3.1 Viewing WLAN Statistics Page Page Page 7.4 Viewing Radio Statistics Summary 7.4.1 Viewing Radio Statistics Page Page Page 7.4.1.1 Retry Histogram 7.5 Viewing MU Statistics Summary Page 7.5.1 Viewing MU Details 5. Refer to the Traffic field to view individual MU RF throughput information. 7.5.2 Pinging Individual MUs 7.5.3 MU Authentication Statistics 7.6 Viewing the Mesh Statistics Summary 7.7 Viewing Known Access Point Statistics Page Page Page Page Command Line Interface Reference 8.1 Connecting to the CLI 8.1.1 Accessing the CLI through the Serial Port Page 8.2 Admin and Common Commands AP5131>admin> AP5131>admin>help Displays general CLI user interface help. help Displays command line help using combinations of function keys for navigation. AP5131>admin>passwd AP5131>admin>summary Displays the AP-5131s system summary. summary Displays a summary of high-level characteristics and settings for the WAN, LAN and WLAN. Page Page AP5131>admin>save Page 8.3 Network Commands AP5131>admin(network)> 8.3.1 Network LAN Commands AP5131>admin(network.lan)> AP5131>admin(network.lan)> show Displays the AP-5131 LAN settings. show Shows the settings for the AP-5131 LAN1 and LAN2 interfaces. Page AP5131>admin(network.lan)> set Description: Syntax: Example: Related Commands: Page AP5131>admin(network.lan.bridge)> show AP5131>admin(network.lan.bridge)> set 8.3.1.2 Network LAN, WLAN-Mapping Commands AP5131>admin(network.lan.wlan-mapping)> AP5131>admin(network.lan.wlan-mapping)> show Page AP5131>admin(network.lan.wlan-mapping)> set AP5131>admin(network.lan.wlan-mapping)> create Page Page Page Page Page AP5131>admin(network.lan.dhcp)> show AP5131>admin(network.lan.dhcp)> set AP5131>admin(network.lan.dhcp)> add AP5131>admin(network.lan.dhcp)> delete Deletes static DHCP address assignments. AP5131>admin(network.lan.dhcp)> list Page AP5131>admin(network.lan.type-filter)> show AP5131>admin(network.lan.type-filter)> set AP5131>admin(network.lan.type-filter)> add AP5131>admin(network.lan.type-filter)> delete 8.3.2 Network WAN Commands AP5131>admin(network.wan)> AP5131>admin(network.wan)> show Displays the AP-5131 WAN port parameters. show Shows the general IP parameters for the WAN port along with settings for the WAN interface.. AP5131>admin(network.wan)> set 8.3.2.1 Network WAN NAT Commands AP5131>admin(network.wan.nat)> AP5131>admin(network.wan.nat)> show AP5131>admin(network.wan.nat)> set AP5131>admin(network.wan.nat)> add AP5131>admin(network.wan.nat)> delete AP5131>admin(network.wan.nat)> list 8.3.2.2 Network WAN, VPN Commands AP5131>admin(network.wan.vpn)> AP5131>admin(network.wan.vpn)> add AP5131>admin(network.wan.vpn)> set Page AP5131>admin(network.wan.vpn)> delete AP5131>admin(network.wan.vpn)> list Lists VPN tunnel entries. AP5131>admin(network.wan.vpn)> reset AP5131>admin(network.wan.vpn)> stats AP5131>admin(network.wan.vpn)> ikestate 8.3.3 Network Wireless Commands AP5131>admin(network.wireless) 8.3.3.1 Network WLAN Commands AP5131>admin(network.wireless.wlan)> AP5131>admin(network.wireless.wlan)> show Displays the AP-5131s current WLAN configuration. AP5131>admin(network.wireless.wlan)> create Page AP5131>admin(network.wireless.wlan)> edit Page AP5131>admin(network.wireless.wlan.hotspot)> AP5131>admin(network.wireless.wlan.hotspot)> show Displays the current AP-5131 Rogue AP detection configuration. show hotspot <idx> Shows hotspot parameters per wlan index (1-16). AP5131>admin(network.wireless.wlan.hotspot)> redirection AP5131>admin(network.wireless.wlan.hotspot)> radius AP5131>admin(network.wireless.wlan.hotspot.radius)> set AP5131>admin(network.wireless.wlan.hotspot.radius)> show AP5131>admin(network.wireless.wlan.hotspot)> white-list 8.3.3.2 Network Security Commands AP5131>admin(network.wireless.security)> AP5131>admin(network.wireless.security)> show Page Page Page Page Page AP5131>admin(network.wireless.security.edit)> Page Page AP5131>admin(network.wireless.acl)> show AP5131>admin(network.wireless.acl)> create AP5131>admin(network.wireless.acl.edit)> Page Page AP5131>admin(network.wireless.radio)> show Displays the AP-5131s current radio configuration. show Displays the AP-5131s current radio configuration. AP5131>admin(network.wireless.radio)> set AP5131>admin(network.wireless.radio.radio1)> AP5131>admin(network.wireless.radio.radio1)> show Displays specific 802.11b/g radio settings. Page AP5131>admin(network.wireless.radio.802-11bg)> set AP5131>admin(network.wireless.radio.802-11bg.advanced)> AP5131>admin(network.wireless.radio.802-11bg.advanced)> show Displays the BSSID to WLAN mapping for the 802.11b/g radio. AP5131>admin(network.wireless.radio.802-11bg.advanced)> set AP5131>admin(network.wireless.radio.radio2)> AP5131>admin(network.wireless.radio.802-11a)> show Displays specific 802.11a radio settings. Page AP5131>admin(network.wireless.radio.802-11a)> set AP5131>admin(network.wireless.radio.802-11a.advanced)> AP5131>admin(network.wireless.radio.802-11a.advanced)> show Displays the BSSID to WLAN mapping for the 802.11a radio. AP5131>admin(network.wireless.radio.802-11a.advanced)> set Page AP5131>admin(network.wireless.qos)> show AP5131>admin(network.wireless.qos.create)> AP5131>admin(network.wireless.qos.edit)> Descripton: Syntax: AP5131>admin(network.wireless.qos)> delete Page AP5131>admin(network.wireless.bandwidth)> show AP5131>admin(network.wireless.bandwidth)> set 8.3.3.7 Network Rogue-AP Commands AP5131>admin(network.wireless.rogue-ap)> AP5131>admin(network.wireless.rogue-ap)> show AP5131>admin(network.wireless.rogue-ap)> set AP5131>admin(network.wireless.rogue-ap.mu-scan)> Page Page AP5131>admin(network.wireless.rogue-ap.allowed-list)> AP5131>admin(network.wireless.rogue-ap.allowed-list)> show AP5131>admin(network.wireless.rogue-ap.allowed-list)> add AP5131>admin(network.wireless.rogue-ap.allowed-list)> delete Page AP5131>admin(network.firewall)> show AP5131>admin(network.firewall)> set AP5131>admin(network.firewall)> access AP5131>admin(network.firewall)> advanced Page AP5131>admin(network.router)> show AP5131>admin(network.router)> set AP5131>admin(network.router)> add AP5131>admin(network.router)> delete AP5131>admin(network.router)> list 8.4 System Commands AP5131>admin(system)> AP5131>admin(system)>restart AP5131>admin(system)>show AP5131>admin(system)>set Page Page AP5131>admin(system.access)>set AP5131>admin(system.access)>show 8.4.3 System Certificate Management Commands AP5131>admin(system)>cmgr AP5131>admin(system.cmgr)> genreq AP5131>admin(system.cmgr)> delself Page Page Page Page Page Page Page Page Page Page Page Page AP5131>admin(system.snmp.access)> show AP5131>admin(system.snmp.access)> add AP5131>admin(system.snmp.access)> delete AP5131>admin(system.snmp.access)> list Page AP5131>admin(system.snmp.traps)> show Shows SNMP trap parameters. show trap Shows SNMP trap parameter settings. rate-trap Shows SNMP rate-trap parameter settings. AP5131>admin(system.snmp.traps)> set AP5131>admin(system.snmp.traps)> add AP5131>admin(system.snmp.traps)> delete AP5131>admin(system.snmp.traps)> list 8.4.5 System Network Time Protocol (NTP) Commands AP5131>admin(system)> ntp AP5131>admin(system.ntp)> show Page Page AP5131>admin(system.ntp)> set 8.4.6 System Log Commands AP5131>admin(system)> logs AP5131>admin(system.logs)> show AP5131>admin(system.logs)> set AP5131>admin(system.logs)> view Displays the AP-5131 system log file. view Displays the entire AP-5131 system log file. Page AP5131>admin(system.logs)> send 8.4.7 System Configuration-Update Commands AP5131>admin(system.config)> AP5131>admin(system.config)> default AP5131>admin(system.config)> partial AP5131>admin(system.config)> show AP5131>admin(system.config)> set AP5131>admin(system.config)> export AP5131>admin(system.config)> import Page AP5131>admin(system.fw-update)>show AP5131>admin(system.fw-update)>set AP5131>admin(system.fw-update)>update 8.5 Statistics Commands AP5131>admin(stats) AP5131>admin(stats)> show AP5131>admin(stats)> send-cfg-ap AP5131>admin(stats)> send-cfg-all AP5131>admin(stats)> clear AP5131>admin(stats)> flash-all-leds AP5131>admin(stats)> echo AP5131>admin.stats.echo)> show AP5131>admin.stats.echo)> list AP5131>admin.stats.echo)>set AP5131>admin.stats.echo)> start AP5131>admin(stats)> ping AP5131>admin.stats.ping)> show AP5131>admin.stats.ping)> list AP5131>admin.stats.ping)> set AP5131>admin.stats.echo)> start Page Configuring Mesh Networking 9.1 Mesh Networking Overview Page 9.1.1 The AP-5131 Client Bridge Association Process 9.1.2 Spanning Tree Protocol (STP) 9.1.3 Defining the Mesh Topology 9.1.4 Mesh Networking and the AP-5131s Two Subnets 9.1.5 Normal Operation 9.1.6 Impact of Importing/Exporting Configurations to a Mesh Network 9.2 Configuring Mesh Networking Support 9.2.1 Setting the LAN Configuration for Mesh Networking Support Page 9.2.2 Configuring a WLAN for Mesh Networking Support Page Page Page 9.2.3 Configuring the AP-5131 Radio for Mesh Networking Support Page Page Page Page Page 9.3 Usage Scenario - Trion Enterprises 9.3.1 Trions Initial Deployment Page Page Page Page Page Page Page Page Page Page 9.3.2 Adding 2 Client Bridges to Expand the Coverage Area Page Page Page Page Page Page 9.3.3 Adding 2 More Client Bridges to the Trion Network Page Page Page Page Page Page Page A.1 Physical Characteristics The AP-5131 has the following physical characteristics: The AP-5131 has the following electrical characteristics: A.2 Electrical Characteristics A.3 Radio Characteristics The AP-5131 has the following radio characteristics: A.4 Antenna Specifications A.4.1 2.4 GHz Antenna Matrix A.4.2 5.2 GHz Antenna Matrix A.4.3 Additional Antenna Components The following table describes each antenna accessorys connector and cable type, plus the length. A.4.4 Antenna Accessory Connectors, Cable Type and Length A.5 Country Codes Page Page AP-5131 Usage Scenarios B.1.1 Windows - DHCP Server Configuration B.1.1.1 Embedded Options - Using Option 43 Page B.1.1.2 Global Options - Using Extended/Standard Options B.1.1.3 DHCP Priorities B.1.2 Linux - BootP Server Configuration B.1.2.1 BootP Options Page B.1.2.2 BootP Priorities B.2 Configuring an IPSEC Tunnel and VPN FAQs B.2.1 Configuring a VPN Tunnel Between Two AP-5131s Page Page B.2.2 Configuring a Cisco VPN Device B.2.3 Frequently Asked VPN Questions Page Page Page Page B.3 Replacing an AP-4131 with an AP-5131 Page Customer Support North American Contacts International Contacts Web Support Sites Additional Information Page Index A B C D E F H I J K L M R S T V W IN-9