USRobotics Instant802 APSDK guide

Professional Access Point

Administrator Guide

tialization vector (IV)) or 128-bit (104-bit secret key + 24-bit IV) Shared Key for data encryption.

You cannot mix 64-bit and 128-bit WEP keys between the access point and its clients.

Static WEP is not the most secure mode available, but it offers more protection than None as it does pre- vent an outsider from easily sniffing out unencrypted wireless traffic. (For more secure modes, see the sec- tions on “IEEE 802.1x” on page 114, “WPA/WPA2 Enterprise (RADIUS)” on page 117, or “WPA/WPA2 Personal (PSK)” on page 115.)

WEP encrypts data moving across the wireless network based on a static key. (The encryption algorithm is a stream cipher called RC4.)

The access point uses a key to transmit data to the clients. Each client must use that same key to decrypt data it receives from the access point.

Clients can use different keys to transmit data to the access point. (Or they can all use the same key, but this is less secure because it means one station can decrypt the data being sent by another.)

If you selected Static WEP as the security mode, provide the following on the access point settings:

Security - 109

Image 109

USRobotics Instant802 APSDK manual Professional Access Point Administrator Guide

Contents

R46.1224.00 rev 2.0 07/06 Professional Access Point Administrator GuidePage USA Professional Access Point Administrator Guide Professional Access Point Administrator Guide Contents Advanced Class Structure, Commands, and ExamplesClass and Field Reference Support Information Robotics Corporation Two 2 Year Limited Warranty Viii Online Help Features Administrator Audience Typographical Conventions Recommended Settings, Notes and Cautions Getting Started Ieee Standards Support and Wi-Fi Compliance Features and BenefitsWireless Features Security Features Clustering and Auto-Management Guest InterfaceNetworking Snmp Support What’s Next?Maintainability Professional Access Point Option Default Settings Related Information Default Settings for the Professional Access Point Transmit Power Ieee 802.11 ModeSecurity Mode None Authentication Type What the Access Point Does Not Provide Administrator’s ComputerRequired Software or Component Description Required Component Description Wireless Client Computers Dynamic IP Addressing How Does the Access Point Obtain an IP Address at Startup?Required Component Static IP Addressing Recovering an IP Address Professional Access Point Administrator Guide Access Point Hardware and Ports Unpack the access pointWhat’s inside the Access Point? Connect the access point to network and power UK Users Hardware Connections for a Guest Vlan Professional Access Point Administrator Guide Professional Access Point Administrator Guide Professional Access Point Administrator Guide Field Default Setting Viewing Basic Settings for Access PointsLog on to the Web User Interface Username Configure Basic Settings and start the wireless network Default Configuration Make Sure the Access Point is Connected to the LAN Wall Mounting the Access Point Test LAN Connectivity with Wireless Clients Web User Interface Navigating to Basic Settings Field Description Review / Describe the Access PointMAC Address Firmware Version Administrator Password Provide Administrator Password and Wireless Network NameAdministrator Password again Wireless Network Name Ssid New Access Points Set Configuration Policy for New Access PointsField Summary of Settings Update Basic Settings Your Network at a Glance Understanding Indicator Icons Basic Settings for a Standalone Access PointIcon Description Professional Access Point Administrator Guide Cluster Access Points Understanding Clustering Navigating to Access Points Management How Many APs Can a Cluster Support? What is a Cluster?What Kinds of APs Can Cluster? Settings Not Shared by the Cluster Standalone Mode Cluster ModeCluster Formation Auto-Synchronization of Cluster Configuration Understanding Access Point SettingsCluster Size and Membership Intra-Cluster Security Modifying the Location Description Removing an Access Point from the Cluster Http//IPAddressOfAccessPoint Adding an Access Point to a Cluster Professional Access Point Administrator Guide Professional Access Point Administrator Guide User Management Viewing User Accounts Navigating to User Management for Clustered Access PointsAdding a User Enabling and Disabling User Accounts Editing a User AccountEnabling a User Account Real Name Removing a User Account Restoring a User Database from a Backup FileBacking Up and Restoring a User Database Disabling a User Account Professional Access Point Administrator Guide Professional Access Point Administrator Guide Navigating to Session Monitoring Sessions User AP Location User MAC Idle Rate Understanding Session Monitoring Information Signal Utilization Rx Total Tx Total Error Rate Viewing Session Information for Access PointsSorting Session Information Refreshing Session Information Professional Access Point Administrator Guide Channel Management Understanding Channel Management Navigating to Channel ManagementHow it Works Overview Overlapping Channels Background Information Example a Network before and after Channel Management Configuring and Viewing Channel Management Settings Stopping/Starting Automatic Channel Assignment Viewing Last Proposed Set of Changes Viewing Current Channel Assignments and Setting LocksIP Address Band Current Locked IP Address Current Proposed Advanced Use these channels when applying channel assignmentsChange channels if interference is reduced by at least Determine if there is better set of channels every Apply channel modifications even when the network is busy Professional Access Point Administrator Guide Wireless Neighborhood Understanding Wireless Neighbourhood Information Navigating to Wireless Neighborhood Display neighboring APs Viewing Wireless NeighborhoodCluster Neighbors Details for a Cluster Member AP Viewing Details for a Cluster Member Channel SignalBeacon Age Interfaces Status Wireless Settings Ethernet Wired Settings Log Relay Host for Kernel Messages Events Understanding Remote Logging Setting Up the Log Relay HostSYSLOGD=-r Tmp/APsyslog Enabled Log Relay Host EnabledEtc/init.d/sysklogd restart Relay Host Events Log Transmit/Receive Statistics Client Associations ErrorsName Ssid Total Packets Link Integrity Monitoring What is the Difference Between an Association and a Session? Select AP Detection Enabled Neighboring Access Points Type Beacon IntPrivacy Last Beacon # of BeaconsRates Professional Access Point Administrator Guide Advanced Ethernet Wired Settings Navigating to Ethernet Wired Settings Managing Guest Access Setting the DNS NameConfiguring an Internal LAN and a Guest Network Enabling and Disabling Guest Access For Guest access, use Guest AccessSpecifying a Virtual Guest Network Virtual Wireless Networks Configuring Internal Interface Ethernet Settings Static IP Address Default GatewayDNS Nameservers Updating Settings Configuring Guest Interface Ethernet Wired SettingsSubnet Professional Access Point Administrator Guide Navigating to Wireless Settings Wireless Settings 802.11d Regulatory Domain Support Configuring 802.11d Regulatory Domain Support Configuring Internal LAN Wireless Settings Configuring the Radio InterfaceMode Channel Read-only field Configuring Guest Network Wireless Settings How Do I Know Which Security Mode to Use? Understanding Security Issues on Wireless NetworksSecurity When to Use No Security Key Management User AuthenticationEncryption Algorithm Encryption Algorithms When to Use WPA/WPA2 Enterprise Radius How Does Station Isolation Protect the Network? Does Prohibiting the Broadcast of Ssid Enhance Security? Configuring Security Settings Navigating to Security SettingsBroadcast SSID, Station Isolation, and Security Mode Static WEP None Professional Access Point Administrator Guide Key Length Transfer Key IndexBits Key Type Open System Shared Key Both Authentication Algorithm Example of Using Static WEP Static WEP with Transfer KEY Indexes on Client Devices Ieee Enable Radius Accounting Authentication ServerWPA/WPA2 Personal PSK Radius IP Cipher Suites WPA Versions Key WPA/WPA2 Enterprise Radius Improving the security of the network Enable pre-authentication Enter the Radius IP Professional Access Point Administrator Guide Configuring Guest Access Using Virtual LANs Guest LoginConfiguring a Guest Network on a Virtual LAN DSL/T1 Using the Guest Network Configuring the Welcome Screen Captive Portal Configuring a Guest Network on a Dedicated Access Point Configuring Guest Access without Virtual LANs Navigating to Virtual Wireless Network Settings Virtual Wireless Networks Virtual Wireless Network Configuring VLANsOne Two Ton Professional Access Point Administrator Guide Radio Understanding Radio Settings Configuring Radio Settings Navigating to Radio SettingsStatus On/Off Ieee 802.11b ModeSuper G Maximum Stations Broadcast a subset of its supported rate sets Rate Sets Professional Access Point Administrator Guide MAC Filtering Navigating to MAC Filtering Settings Filter Using MAC Filtering Stations List Professional Access Point Administrator Guide Understanding Load Balancing Load BalancingSpecifying Limits for Utilization and Client Associations Configuring Load Balancing Navigating to Load Balancing SettingsLoad Balancing and QoS Utilization for Disassociation Utilization for No New AssociationsStations Threshold for Disassocia Tion To apply your changes, click Update Settings Understanding QoS Quality of ServiceQoS and Load Balancing 802.11e and WMM Standards Support QoS Queues and Parameters to Coordinate Traffic Flow Professional Access Point Administrator Guide Random Backoff and Minimum / Maximum Contention Windows Configuring QoS Queues Navigating to QoS Settings Configuring AP Edca Parameters Enabling/Disabling Wi-Fi Multimedia Data 0 Voice Configuring Station Edca Parameters Transmission Opportunity Limit Txop Limit Professional Access Point Administrator Guide Understanding the Wireless Distribution System Wireless Distribution SystemUsing WDS to Bridge Distant Wired LANs LAN Segment Backup Links and Unwanted Loops in WDS Bridges Security Considerations Related to WDS Bridges Navigating to WDS Settings Configuring WDS Settings Remote Address Local AddressBridge with Internal Network Disabled Example of Configuring a WDS LinkWEP Key Local Address Professional Access Point Administrator Guide Time Protocol Navigating to Time Protocol Settings Enabling and Disabling a Network Time Protocol NTP Server NTP Server Professional Access Point Administrator Guide Understanding Snmp Snmp Navigating to Simple Network Management Protocol Read-only Community Name entire Enable SnmpAllow Snmp SET Requests Read-write community name for per Rebooting and Upgrading Your Access Point Using Snmp Configuring Your Network Management SystemSource hostname or subnet Upgrading your Access Point Rebooting Your Access Point Using SnmpFtp//testuser1testuser1@192.168.1.9922/54531.1.23.tar Ftp//192.168.1.100/54531.1.24.tar Professional Access Point Administrator Guide Reset Configuration Reboot Upgrade Professional Access Point Administrator Guide Navigating to Backup and Restore Settings Backup/Restore Restoring Access Point Settings to a Previous Configuration Backing up Configuration Setting for an Access Point Professional Access Point Administrator Guide Command Line Interface Professional Access Point Administrator Guide Basic Settings Yes Described in Backup/Restore on Telnet Connection to the Access Point How to Access the CLI for an Access PointUSR5453-AP login Password USR5453-AP login admin Password Enter help for help Telnet Function Telnet Command SSH2 Connection to the Access PointStatus Status Down USR5453-AP# Login as Commands and Syntax Quick View of Commands and How to Get HelpSSH Function SSH Command Set ssh Status Get log CommandGet log-entry Get bss wlan0bssInternal Add radius-user wally Command Description Remove radius-user wally Getting Help on Commands at the CLI Ready to Get Started? Command Usage and Configuration Examples Professional Access Point Administrator Guide Interface Description Understanding Interfaces as Presented in the CLIWlan0vwn1 Vlan1234 Get interface vlanVLANID role Saving Configuration ChangesGet interface vlan1234 role Basic Setting Example Get Both the IP Address and MAC Address Get the MAC Address for an Access Point Wlan0wds1 Wds Down Wlan0wds2 Wlan0wds3 USR5453-AP# Get the Location of the Access Point Get the Firmware Version for the Access PointSet the Location for an Access Point Get the Current Password Cluster Command Example Access Point and Cluster SettingsGet MAC Addresses for all Access Points in the Cluster User Accounts Get All User Accounts User Account Command ExampleUSR5453-AP#get radius-user all name name USR5453-AP#set radius-user samantha disabled USR5453-AP#set radius-user samantha password westportAdd Users USR5453-AP#add radius-user samantha username samantha Remove a User Account Status Command ExampleUSR5453-AP#remove radius-user wally Larry samantha endora darren USR5453-AP#get interface br0 Get Current Wireless Radio Settings Get Current Settings for the Ethernet Wired Guest Interface Get Status on Events USR5453-AP# get radio wlan0 detailUSR5453-AP# get log-entry Priority Daemon USR5453-AP#set log relay-enabled USR5453-AP#set log relay-host myserver USR5453-AP#set log relay-hostUSR5453-AP#set log relay-port USR5453-AP# get log Get Transmit / Receive Statistics Get neighbouring Access PointsGet Client Associations USR5453-AP# get detected-ap USR5453-AP#get detected-ap Wired Interface Command Example Ethernet Wired Interface Get Wired Guest Interface Settings Get Wired Internal Interface SettingsSet Up Guest Access Get Summary View of Internal and Guest Interfaces USR5453-AP#remove bridge-port br0 interface eth0 USR5453-AP#get interface brguest status downUSR5453-AP# get bss USR5453-AP#get interface brguest status up USR5453-AP# get interface brguestUSR5453-AP#get bridge-port brguest USR5453-AP#get bridge-port br0 Name Interface USR5453-AP#get dhcp-client status up Get/Change the Connection Type Dhcp or Static IPUSR5453-AP#set dhcp-client status up USR5453-AP#get interface br0 detail USR5453-AP#get interface br0 static-ip Re-Configure Static IP Addressing ValuesUSR5453-AP#set interface br0 static-ip USR5453-AP#get interface br0 static-mask Security Wireless Interface Get the Current Security Mode Security Command ExampleGet Detailed Description of Current Security Settings USR5453-AP#get interface wlan0 security none Set the Broadcast Ssid Allow or Prohibit Enable / Disable Station Isolation USR5453-AP#set interface wlan0 security none Set Security to NoneSet Security to Static WEP USR5453-AP#set interface wlan0 security static-wep Set bss wlan0bssInternal shared-key-authentication off Set bss wlan0bssInternal open-system-authentication onSet bss wlan0bssInternal shared-key-authentication on USR5453-AP#set interface wlan0 wep-key-ascii yes USR5453-AP#get interface wlan0 detail USR5453-AP#set interface wlan0 security dot1x Set Security to IeeeRadius Option Example USR5453-AP#set bss wlan0bssInternal radius-ip Set Bss USR5453-AP#set bss wlan0bssInternal radius-key secretUSR5453-AP#set bss wlan0bssInternal radius-accounting off USR5453-AP#get interface wlan0 security dot1x USR5453-AP#set interface wlan0 security wpa-personal Set Security to WPA/WPA2 Personal PSKWPA Option Example Set bss wlan0bssInternal wpa-cipher-tkip on Cipher Suite Option ExampleSet bss wlan0bssInternal wpa-cipher-ccmp off Set bss wlan0bssInternal wpa-cipher-tkip off Set Security to WPA/WPA2 Enterprise Radius USR5453-AP#get interface wlan0 security wpa-personal USR5453-AP#set interface wlan0 security wpa-enterprise Enable Pre-Authentication USR5453-AP#set bss wlan0bssInternal radius-key KeepSecret Cipher Suite Option USR5453-AP#get interface wlan0 security wpa-enterprise USR5453-AP#set bss wlan0bssInternal radius-accounting on View Guest Login Settings Enable/Configure Guest Login WelcomeEnable/Disable the Guest Welcome Set Guest Welcome Page Text Review Guest Login Settings Configuring Multiple BSSIDs on Virtual Wireless NetworksConfiguring Virtual Wireless Network One on Radio One Set interface wlan0vwn1 security wpa-enterprise Radio Setting Command Example Radio SettingsGet Ieee 802.11 Radio Mode Creating VWN Two on Radio One with WPA security Get All Radio Settings Get Basic Radio SettingsGet Radio Channel Get Supported Rate Set Configure Radio SettingsUSR5453-AP#get supported-rate Get Basic Rate Set USR5453-AP#set radio wlan0 beacon-interval USR5453-AP#set radio wlan0 mode gUSR5453-AP#set bss wlan0bssInternal dtim-period USR5453-AP#get bss wlan0bssInternal dtim-period USR5453-AP#set radio wlan0 rts-threshold USR5453-AP#set radio wlan0 fragmentation-thresholdUSR5453-AP#add basic-rate wlan0 rate USR5453-AP#add supported-rate wlan0 rate USR5453-AP#get supported-rate wlan0 rate MAC Filtering Set bss wlan0bssGuest mac-acl-name Guest Specify an Accept or Deny ListAdd MAC Addresses of Client Stations to the Filtering List USR5453-AP#remove mac-acl Guest mac Get Current MAC Filtering SettingsGet bss interface mac-acl-mode USR5453-AP#get bss wlan0bssGuest mac-acl-mode accept-list QoS Command Quality of ServiceLoad Balancing Enable/Disable Wi-Fi Multimedia QoS Command Example Understanding the Queues for Access Point and Station About Access Point and Station Edca ParametersData Access Point Station Get QoS Settings on the Client Station Get QoS Settings on the Access PointUSR5453-AP#get wme-queue Set Arbirtation Interframe Spaces Aifs Set wme-queue wlan0 with queue QueueName to aifs AIFSValue Setting Minimum and Maximum Contention Windows cwmin, cwmaxUSR5453-AP#set wme-queue wlan0 with queue vo to aifs USR5453-AP#set wme-queue wlan0 with queue vi cwmin 7 cwmax Set the Maximum Burst Length burst on the Access PointSet tx-queue wlan0 with queue QueueName to burst burstValue USR5453-AP#set wme-queue wlan0 with queue vo to txop-limit USR5453-AP#set tx-queue wlan0 with queue data2 to burst Configuring a WDS Link Wireless Distribution SystemGetting Details on a WDS Configuration USR5453-AP#set interface wlan0wds0 remote-mac 00E0B8761B14 Set ntp server ntp.instant802.com Time ProtocolUSR5453-AP#get ntp detail Reset the Access Point to Factory Defaults Reboot the Access PointUSR5453-AP#factory-reset Keyboard Shortcuts and Tab Completion Help Tab Completion and Help Keyboard ShortcutsAction on CLI Keyboard Shortcut USR5453-AP#get system v USR5453-AP#get system version USR5453-AP# set mac-acl CLI Class and Field Overview Has name? \ # of instances? One Multiple Field Reference on CLI Class Relationships Association Class IndexClass Description Field Index AuthenticatedInterface Station Bridge-port Basic-rate Path-cost BssPriority Description StatusRadio Beacon-interface Dtim-period MacMax-stations Ignore-broadcast-ssid Channel-planner Open-system-authenticationCluster Cluster-member Default ConfigNo-external-updates Debug Field Description Detected-ap Capability Beacon-interval Type Erp Dhcp-clientBeacons Last-beacon Host Dot11Debug Dot11d Domain Dns-12Static-dns-12 Static-domain Mask Interface Type Rx-errorsStatic-ip Static-mask Rx-compressed Tx-errorsRx-multicast Tx-packets Ip-route Kickstartd JvmLog Gateway Depth Log-entryNumber Time Ntp Mac-aclMessage Server Welcome-screen PortalWelcome-screen-text Max-bss Max-bss Tx-powerChannel-policy Mode Rts-threshold WmewifinoacktestFragmentation-threshold Load-balance-disassociation-utilization Serial Radius-userSnmp Ro-community Supported-rate SshSystem Rw-community Encrypted-password PasswordPassword-initialized Telnet Community Tx-queueQueue Wme-queue Web-ui Possible Solution Professional Access Point Detection Utility does not find Cannot access the Web User Interface Access point My wireless device cannot find the wireless network Possible Solution Am experiencing poor wireless link quality Wireless Distribution System WDS Problems and Solutions Reboot or Reset Access Point Cluster Recovery Click Stop Clustering Stop Clustering and Reset Each Access Point in the Cluster Professional Access Point Administrator Guide Country Webmail Voice Support Information UAE Detachable Antenna Information Declaration of ConformityFCC Radiation Exposure Statement Radio and Television Interference Industry Canada IC For Canadian UsersUL Listing/CUL Listing Declaration of Conformity CE Compliance EU Health Protection Regulatory Channel FrequencyEU Detachable Antenna Information Professional Access Point Administrator Guide Professional Access Point Administrator Guide Robotics Corporation Two 2 Year Limited Warranty Obtaining Warranty Service Limitations Disclaimer 802.1x 802802.2 802.3 802.11d 802.11b802.11e 802.11f AES Bridge BeaconBroadcast Broadcast Address Ccmp BssidCGI CSMA/CA Dhcp DCFDNS DOM Edcf EAPESS Ethernet Gateway FrameHtml Http Ibss Infrastructure ModeIeee Intrusion Detection ISP IPSecJitter Latency Ldap LANLLC MAC NIC NATNTP OSI Packet Loss PacketPHY PID PSK PPP RC4 RadiusRssi RTP Ssid SnmpSTP TCP Supported Rate SetTCP/IP Tkip Unicast UDPURL Vlan WDS WANWEP Wins WPA2 WMM WPAWrap XML Index DCF Ieee Snmp WDS Index-328