| all | frequencies |
|
|
|
|
|
exhibits | applications |
|---|---|---|---|---|---|---|---|---|
| manuals | ||||||||
| app s | submitted / available | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 |
|
Users Manual 1 | Users Manual | 553.09 KiB | ||||
| 1 |
|
Users Manual 2 part 1 | Users Manual | 3.56 MiB | ||||
| 1 |
|
Users Manual 2 part 2 | Users Manual | 2.57 MiB | ||||
| 1 |
|
Users Manual 3 | Users Manual | 3.04 MiB | ||||
| 1 |
|
Users Manual 4 | Users Manual | 607.89 KiB | ||||
| 1 | ID Label/Location Info | |||||||
| 1 | ID Label/Location Info | |||||||
| 1 | Parts List/Tune Up Info | |||||||
| 1 | Parts List/Tune Up Info | |||||||
| 1 | Parts List/Tune Up Info | |||||||
| 1 | Cover Letter(s) | |||||||
| 1 | Test Report | |||||||
| 1 | Test Report | |||||||
| 1 | External Photos | |||||||
| 1 | Internal Photos | |||||||
| 1 | Internal Photos | |||||||
| 1 | Cover Letter(s) | |||||||
| 1 | Test Setup Photos | |||||||
| 1 | Test Setup Photos | |||||||
| 1 | Cover Letter(s) | |||||||
| 1 | Cover Letter(s) | |||||||
| 1 | Cover Letter(s) |
| 1 | Users Manual 1 | Users Manual | 553.09 KiB |
i e d u G l l a t s n I i k c u Q s e i r e S 4 5 0 5 X A M h s e M i
) n o s r e v t n i r P i
) n o s r e v D C
2 3 4 4 7 4 3 4 4 7 r e b m u N r e b m u N t r a P t r a P 1 3 e g a P d e v r e s e r s t h g i r l l A s a t i p l i M
, e v i r D e y e k c u B 1 6 5 1 i m o c
. m x o r p
. w w w 0 0 7 2
1 3 7
8 0 4
e n o h P 5 3 0 5 9
A C s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 2 e g a P d e b i r c s e d e r a w i t f o s e h t d n a e d u G r e s U s i h T
. 3 5 7
, 7 7 0
, 5
2 1 8
, 5 7 0
, 6
0 6 0
, 9 0 8
, 5 e b y a m n o i t a c i l b u p s i h t f o t r a p o N
. d e v r e s e r s t h g i r l l a h t i w d e t h g i r y p o c e r a t i n i d e t a l s n a r t r o
, m e t s y s l a v e i r t e r a n i d e r o t s
, d e b i r c s n a r t
, d e t t i m s n a r t
, d e c u d o r p e r f o n o i s s i m r e p n e t t i r w e h t t u o h t i w s n a e m y n a y b m r o f y n a n i e g a u g n a l y n a o t n i
0 9 0
, 6 0 0
, 6
9 7 1
, 5 7 8
, 5
4 3 6
, 1 3 2
, 5
s t n e t a p
. S
. U g n w o i l l o f e h t f o e r o m r o e n o y b d e r e v o C
. d e v r e s e r s t h g i r l l A
. A C
, e s o J n a S
, s s e e r i l i W m x o r P 8 0 0 2 I S E C T O N
. n o i t a r o p r o C s s e e r i l W m x o r P i 4
. n o i t c u d o r t n I 6
. s t n e t n o C e g a k c a P 8
. n o i t a l l a t s n I e r a w t f o S d n a e r a w d r a H 9
. n o i t a c o L a e s o o h C
1 p e t S 0 1
. x o B g n p p h S e h t k c a p n U
2 p e t S i i 1 1
. e b a C e h t e b m e s s A
3 p e t S l l 2 1
. e r a w d r a H g n i t n u o M e b m e s s A
4 p e t S l 3 1
. t i n U e h t t n u o M
5 p e t S 4 1
. s e b a C e h t n i g u P
6 p e t S l l 5 1
. t i n U e h t n o r e w o P
7 p e t S 6 1
. s D E L w e V
8 p e t S i 7 1
. s e b a C e h t n e t h g T
9 p e t S i l 8 1
. s r o t c e n n o C e h t f o o r p r e h t a e W
0 1 p e t S 9 1
. a n n e t n A e h t n g i l A
1 1 p e t S 0 2
. e r a w t f o S d n a n o i t a t n e m u c o D l l a t s n I
2 1 p e t S 1 2
. n o i t a z i l a i t i n I t i n U 1 2
. n o i t a z i l a i t i n I t i n U h s e M 8 2
. n o i t a z i l a i t i n I t i n U r e b i r c s b u S 0 3
. t r o p p u s d n a s e c i v r e s l a c i n h c e T 0 3
. s n o i t p O t r o p p u S 3 e g a P d e v r e s e r s t h g i r l l A h t i i w d e d v o r p n o i t a t n e m u c o d l a n o i t i d d a e h t d m a e d u G r e s U 4 5 0 5 X A M h s e M i e h t t u o b a s l i i a t e d r o f e d u G r e s U 4 5 0 5 X A M h s e M e h t n i r e t p a h c t r o p p u S d n a d e t s i l s n o i t p O t r o p p u s e h t g n i s u e r o f e b r e h t a g o t d e e n l l i w u o y n o i t a m r o f n i s e c i v r e S l a c i n h c e T e h t o t e r e f e r e s a e p
, t r o p p u s l a n o i t i d d a e r i u q e r u o y f I l
. t c u d o r p r u o y e h t i l i w e v e r e s a e p
, t c u d o r p m x o r P r u o y g n i z i l i t u e b u o r t g n v a h e r a u o y f I i l
. w o e b l
. i m x o r p
. t r o p p u s
p t t h
t a 5 6 3 x 4 2 x 7 e b a l l i a v a s i e t i S b e W e c i v r e S e m x o r P e h T i
. i m o c
. m x o r p
. t r o p p u s
m o c t r o p p u S e n o h p e l e T t r o p p u S e t i S b e W e c i v r e S e m i x o r P s n o i t p O t r o p p u S
s w o l l l i o f s a e n o h p e e t a v t r o p p u s l a c i n h c e t t c a t n o C r e m o t s u c m o r f y r a v s t n e m e r i u q e r t r o p p u s d n a e c i v r e s t a h t s d n a t s r e d n u m x o r P i
) e e r F l l o T
6 2 6 6
4 7 6
6 6 8
, 0 0 7 7
3 8 3
8 0 4
a d a n a C d n a S U M P 0 0
. 6
M A 8
s n o i t a r e p O f o s r u o H M P 0 0
. 6
M A 9
s n o i t a r e p O f o s r u o H 0 9 4 5 1 1 3 2
0 4 0 9
s e i r t n u o C C A P A M P 0 0
. 6
M A 8
s n o i t a r e p O f o s r u o H 0 0 7 7
3 8 3
8 0 4
l a n o i t a n r e t n I t r o p p u S k a P v r e S e c i v r e S d e c n a h c n E f o m a r g o r p a s i k a P v r e S
. k a P v r e S d e l l a c m a r g o r p t r o p p u s a l i d e p o e v e d e v a h e w s t n e m e r i u q e r g n y r a v e s e h t f o n o i t i n g o c e r n I
. r e m o t s u c o t r u o y t e e m o t s n o i t a n b m o c n i r o y i l l i i a u d v d n i d e s a h c r u p e b n a c t a h t s n o i t p O s t r o p p u S l a c i n h c e T 5 6 3 x 4 2 x 7 l t n e m e c a p e R d e c n a v d A y t n a r r a W d e d n e t x E
. s d e e n l i a m e n a d n e s r o 0 0 7 7
3 8 3
8 0 4 t a t r o p p u S m x o r P l l i l i i a c e s a e p
, e r o m n r a e l o T g n u e u Q y t i r o i r P l t c a t n o c e s a e p
, s e c i v r e s t r o p p u s k a P v r e S e s a h c r u p o T
. i m o c
. m x o r p
k a p v r e s o t i
. r o t u b i r t s i d m x o r P d e z i r o h t u a r u o y s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 0 3 e g a P S T N E T N O C T R O P P U S D N A S E C V R E S L A C N H C E T I I o t K O k c i l c d n a
) c i l l b u p s i e u a v t l u a f e d e h t
d r o w s s a P e t i r W
d a e R e h t r e t n E l
. e v i t c e f f e e h t e k a m o t s t o o b e r e u d o m e v i t c e p s e r e h T
. s e g n a h c r u o y m r n o c l e h t f o s s e r d d a P I e h t r e t n e d n a
) r e r o p x E t e n r e t n I s a h c u s
r e s w o r b b e W a t r a t S
r e s w o r B b e W a h t i l w e u d o m e h t s s e c c a o T r e s w o r B b e W e h t g n s s e c c A i l
) 1
. 0
. 0
. 0 1
p t t h
, e p m a x e r o f
x o b s s e r d d A e h t n i e u d o m l l e h t y n o r e t n e
e m a n r e s U e h t n i l l t o n o D l
. d e y a p s i d s i i w o d n w n g o l A i 5 l a n o i t i d d a h t i w P A h s e M e d o m
i r t d e z i d e g g u r a s i s e i r e S 4 5 0 5 X A M h s e M e h T I N O T C U D O R T N I l t I
. s t n e m y o p e d r o o d t u o r o f d e z i m i t p o s i t I
. y t i l a n o i t c n u f n o i t a t s r e b i r c s b u s z H G h s e M t r o p p u s o s l a s o d a r h t o B
. s t n e i i l c g 1 1
. 2 0 8 d n a
, b 1 1
. 2 0 8
, a 1 1
. 2 0 8 f o t r o p p u s s u o e n a t l u m i s g n i l b a n e
, e u d o m l
) g
b 1 1
. 2 0 8
z H G 4
. 2 d e d d e b m e e n o d n a e u d o m l
) a 1 1
. 2 0 8
z H G 5 d e d d e b m e e n O
e l u d o M h s e M
. n o i t a r e p o l
s e u d o m d e d d e b m e g n w o i l l o f e h t h t i w d e p p u q e s i i e h t d n a r e t u p m o c e h t n e e w t e b e b a c t e n r e h t E r e v o
s s o r c a h t i l w r o
, k r o w t e n
. t r o p l a i r e s s e u d o m l t r o P t e n r e h t E d n a
, l m a r g o r p t e n e t a e v a h t s u m u o y
, t r o p t e n r e h t E e h t h g u o r h t I L C e h t e s u o T
. s s e r d d a P I s e u d o m e h t l
n u R t c e e S
, u n e m l t r a t S s w o d n W e h t i i m o r f
w o d n w d n a m m o c S O D a n e p O
. d m c r e t n e i
C P s w o d n W a n o t e n r e h t E h g u o r h t t i n u e h t s s e c c a o T l e h t h g u o r h t d e t c e n n o c e b a c 2 3 2
S R l a i r e S e h t h g u o r h t e b i s s e c c a s i I L C e h T l e c a f r e t n I i e n L d n a m m o C e h t g n s s e c c A i l
. d e y a p s i d s i i w o d n w s u t a t S m e t s y S e h t
, n g o l l u f s s e c c u s n o p U i t e n e t l l
, e p m a x e r o f
s s e r d d a P I d n a t e n l e t r e t n e
, d e y a p s i d w o d n w S O D e h t n I i l e n o g n o l e h T
. 1 1 J R e h t o t t c e n n o c h c i h w s r o t c e n n o c 9 B D o w l t s a h e b a c
Y e h T
) c i l b u p s i t l u a f e d e h t
d r o w s s a p l e b a C Y
l
. e o s n o c r e b i r c s b u S e h t o t e n o t r o h s e h t d n a e o s n o c h s e M e h t o t s t c e n n o c l 9 2 e g a P d e v r e s e r s t h g i r l l A e h t r e t n E
. d r o w s s a p r u o y r o f d e t p m o r p e b l l i w u o Y
r e t n e
e p y t d n a
) 1 0 0 0 1
. i n o i t a n b m o c e h t h t i w E o P g n i s u r e h t i e e t a r e p o n a c s e i r e S 4 5 0 5 X A M h s e M e h T i l u a h k c a b d e e p s
h g h e b a n e o t d n a b z H G l r e w o p C A V 0 4 2
0 0 1 a m o r f y l t c e r i d r o d e d v o r p r o t c e j n i
y p p u s r e w o p C D l i l
) y e t a r a p e s d e r e d r o e b a c C A
e c r u o s l r e v o r e w o P d n a n o i t c e n n o c t e n r e h t E r o f d e s u
t r o p t e n r e h t E
r e w o P
. r o t c e j n i r e w o p d e i l p p u s e h t g n i s u
) E o P
t e n r e h t E i e n L d n a m m o C e h t n i s d n a m m o c g n i r e t n e r o f d e s u
n o i t c e n n o c l a i r e S
) I L C
e c a f r e t n I l a n o i t a r e p o d n a r e w o p e h t e t a c i d n i o t d e s u s D E L l a u d
) s
r o t a c i d n i D E L
. t i n u e h t f o s e t a t s
. e c r u o s r e w o p C A l a n r e t x e m o r f r e w o p t c e r i d s e b a n e
t u p n l i r e w o p C A
, s s e c c a t n e i l c z H G 4
. 2 r o f e n o
) e e r h t
s r o t c e n n o c a n n e t n a l a n r e t x E
. n o i t a r e p o r e b i r c s b u S z H G 5 e n o d n a
, n o i t a r e p o h s e M z H G 5 r o f e n o n o i t a m r o f n i r o F
. l a n o i t a r e p o t c u d o r p e h t e k a m o t d e s u e b t s u m a n n e t n a d n a y t e f a S e h t o t r e f e r
, t c u d o r p s i h t h t i w e s u r o f d e z i r o h t u a s a n n e t n a n o l a n r e t x e e n o t s a e l t A
. s a n n e t n a l a n r e t n i n a t n o c t o n s e o d t c u d o r p s i h T i
. D C n o i t a l l a t s n i e h t n o e d u G e c n a i i l p m o C y r o t a u g e R l
) o w t
s w e r c s g n d n u o r G i
e t o N
h t i i w d e p p u q e s i t i n u h c a E s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 4 e g a P
. c i l b u p d r o w s s a p t l u a f e d 5 d e s n e c i l l n u e h t n i g n i t a r e p o e u d o m d e d d e b m e e n O
e l u d o M r e b i r c s b u S 5 e g a P d e v r e s e r s t h g i r l l A s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C
. k r o w t e n r u o y 8 2 e g a P t i n U 4 5 0 5 X A M h s e M
1 e r u g i F
. i m a r g o r p e h t h c n u a l o t p o t k s e d s w o d n W e h t n o n o c i l o o T n a c S e h t k c i l c
e b u o D l X A M h s e M
s m a r g o r P l l A
t r a t S k c i l c
, p o t k s e d r u o y n o t o n s i n o c i e h t f I
. l o o T n a c S
s e i r e s 4 5 0 5 t o n s a h e n o t c e r r o c e h t f i s s e r d d a P I n a n g i s s a o t r o
, t s i L n a c S a n i s s e r d d a l C A M e h t g n i c n e r e f e r y b e u d o m a f o s s e r d d a P I e h t d n u o y s t e l l o o T n a c S r u o y n o d e l l a t s n i s t i n u e h t s t c e t e d y l l a c i t a m o t u a l o o t e h T
. d e n g i s s a n e e b s t i n u h c a e e r u g n o c u o y s t e l d n a
, s s e r d d a P I f o s s e d r a g e r
, t n e m g e s k r o w t e n l a o t e r a w l t f o s w e n d a o n w o d o t l o o T n a c S e s u n a c u o y
, n o i t i d d a n I
. s g n i t t e s P I
. d e l l a t s n i e g a m i e r a w t f o s d i l a v a e v a h t o n s e o d t a h t t i n u
, y r a s s e c e n f i
, d n a t i n u e h t f o s s e r d d a P I t n e r r u c e h t t u o d n n a c u o y
) D C
. k r o w t e n r u o y r o f e t a i r p o r p p a s i t a h t o s t i e g n a h c r o
, t i n u e h t s a t e n b u s N A L e m a s e h t o t d e t c e n n o c r e t u p m o c a n o l o o T n a c S n u R l
. e b a c t e n r e h t E r e v o
s s o r c a h t i l w e u d o m e h t o t d e t c e n n o c y l t c e r i d r e t u p m o c a
t i n u e h t f o s s e r d d a P I e h t e g n a h c
t e s d n a r e v o c s d o T i
. i i l w o d n w n a m e h t n i s d n t i e u d o m e h t s y a p s i d d n a t e n b u s e h t s n a c s l o o T n a c S l l s a h e u d o m e n o n a h t e r o m l f i n e v e
, e u d o m e n o o t s s e r d d a P I w e n a n g i s s a n a c i e u q n u e b t s u m s s e r d d a P I w e n e h t t u b
, 1
. 0
. 0
. 0 1 s s e r d d a P I
) t l u a f e d
e m a s e h t l u o Y
. y a p s i d e h t e t a d p u d n a t e n b u s e h t n a c s
e r o t n a c s e R k c i l c
, y r a s s e c e n f I
. s e c a f r e t n i t n e m e g a n a m e h t f o e s u e h t w o l l a o t
. e g n a h C k c i l c d n a s s e r d d a P I e h t t e s o t t n a w u o y h c i h w r o f e u d o m e h t t c e e S l l P I e h t s a d e t c e e s s i c i m a n y D l t a h t e r u s n e
, y l l a c i m a n y d s s e r d d a P I e h t t e s o T l e h t r o f e b a t i u s k s a M t e n b u S d n a s s e r d d A P I e h t n i l l d n a e p y T s s e r d d A
. d e t c e n n o c s i i n u e h t h c i h w o t t e n b u s N A L n o r e v r e s P C H D a m o r f s s e r d d a P I s t i t s e u q e r l l i l w e u d o m e h T
. e p y T s s e r d d A l P I e h t s a d e t c e e s s i c i t a t S t a h t e r u s n e
, y l l a u n a m s s e r d d a P I e h t t e s o T l
. d e y a p s i d s i l i i w o d n w g o a d e g n a h C e h T i l a n m r e T r e p y H e e S
. l a n m r e T r e p y H s a h c u s
, i m a r g o r p n o i t a u m e l a n m r e t l i i
. e d u G r e s U 4 5 0 5 X A M h s e M e h t n i s e i t r e p o r P n o i t c e n n o C s s e r d d A P I e h t g n i t t e S n o i t a l l a t s n i t c u d o r p e h t n o d e d u l c n i s i t a h t y t i l i t u e r a w t f o s a
l o o T n a c S h t i W 2 3
S R l a i r e s a h t i l w r o e b a c t e n r e h t E n a h t i w n o i t c e n n o c l a c i s y h p t c e r i d A l e b a c l
r e h t i e s e r i u q e r e u d o m e h t o t g n i t c e n n o C n o i t a z i l a i t i n I r e b i r c s b u S a h g u o r h t t i n u e h t s s e c c a o t u o y s w o l l l a e b a c t e n r e h t E e h t h t i n o i t c e n n o c k r o w t e n A w g n i t c e n n o C d n a h t a p l l u f e h t e d u l c n i t s u m u o y
, e m a n e e h t g n p y t f I
. e s a b e g d e w o n K l i l l
. x o b t x e t e m a n e e h t n i n o i s n e t x e e e h t l l
. d e t o o b e R o t e m i T e h t n i 0 r e t n E
. b e e S
. e g a s s e m r o r r e n a e v e c e r l l i i w u o y
, l u f s s e c c u s n u s i n o i t a r e p o e h t f I
. 7 s i n o i t a r e p o e h t f I
. n o i t a m r o f n i e r o m i r o f e d u G r e s U 4 5 0 5 X A M h s e M e h t
. e g a s s e m n o i t a m r n o c a e v e c e r l l i i w u o y
, l u f s s e c c u s
. t o o b e R
s d n a m m o C k c i l C
. a
s w o l l i o f s a o d a r h s e M e h t t o o b e R
. 8 d e r i u q e r e b l l i w e c i v e d e h t f o t o o b e r a t a h t u o y s e s i v d a e g a s s e m g n n r a w i A
. n o t t u b P A e t a d p U e h t k c i l c
, n o i t a r e p o e t a d p U P T T H e h t e t a i t i n i o T
. 5
. t c e f f e e k a t o t s e g n a h c r o f
. n o i t a r e p o e h t t r o b a o t l e c n a C r o n o i t a r e p o e h t h t i w e u n i t n o c o t K O k c i l C
. 6
. t i n u e h t h t i I L C e h t r o r e v r e S P T F T a a v e r a w i i l t f o s e h t g n d a o n w o d n o s n o i t c u r t s n i r o F
. K O k c i l C
. c
e t o N i
. e d u G r e s U 4 5 0 5 X A M h s e M e h t e e s
, e c a f r e t n I E D C B A
) 2
s r o t c e n n o c 5 4 J R
. A
) 2
s p a c g n i l a e S
. B
s e d u l c n i t i K t u n g n i l a e S
. D t u n k c o L
. C
) 2
s w e r c s g n d n u o r G i
. E e h t f o e m a n e h t n i e p y t y l l a u n a m r o e t a c o l o t n o t t u b e s w o r B e h t e s U
. 4 i m x o r P e h t l m o r f d e d a o n w o d u o y
) n o i s n e t x e e e h t g n d u l c n i
e l i l e v a h u o y t a h t y f i r e V
. e b a t g n w o i l l l o f e h t n i s m e t i e h t s e d u l c n i t n e m p h s h c a E i l
. e g a m I t c e e s
, u n e m n w o d
p o r d e p y T e l i F e h t m o r F
. 3 S T N E T N O C E G A K C A P l w d e d u l c n i t o n e r a s e b a c
, e r e h d e t s i l s s e n U l i
. t n e m p h s e h t f o s t r a p l l a d e v e c e r i
e t o N t i n U 4 5 0 5 X A M h s e M
. a e 1
D C n o i t a l l a t s n I d r o C d n a r o t c e j n I r e w o P
. a e 1
r o t c e n n o c e b a c
Y l i t i K n o i t a n m r e T e b a C l 7 2 e g a P d e v r e s e r s t h g i r l l A s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 6 e g a P 7 e g a P d e v r e s e r s t h g i r l l A s s e e r i l i W m x o r P 8 0 0 2 5 3 x 8 1
6 1
5 C N w e r c s p a c x e H
. a e 2 4
1
r e h s a w k c o l g n i r p s l a c i l e H
. a e 4 6 1
5
r e h s a w k c o l g n i r p s l a c i l e H
. a e 4 0 8 x 8 1
6 1
5 C N w e r c s p a c x e H a e 2 8 1
6 1
5 C N t u N
. a e 2 6 1
5
r e h s a w n a P l i a e 6 D C B A d e d u l c n i s i e r a w d r a h g n i t n u o m g n w o i l l o f e h T e r a w d r a H g n i t n u o M
t i k g n i t n u o m h t i w n o i t p i r c s e D
. y t Q l g n i t n u o m e o p r o f p m a l c g n i t n u o M
. D e r u s o l c n e o t e t a p g n i t n u o M l
. C l e o p
l l a w r o f p m a l c g n i t n u o M
. A
g n w o i l l o f e h t s e d u l c n i t i K m r a n o i s n e t x E
. B t i K g n i t n u o M
, n a P
, e n h c a M i
, w e r c S
, 4 6 7 8 6 L 8
5
, 0 2
4
1
, s p i l l i h P
. a e 4 p i r t S e p a T r e b b u R s t i n o 4 5 0 5 X A M h s e M e h t r o f e r a w t f o s d e t a d p u s e s a e e r y l l l a c i d o i r e p m x o r P i s e t a d p U e r a w t f o S u o y t a h t s d n e m m o c e r i m x o r P
. i m o c
. m x o r p
. t r o p p u s
p t t h
, e t i s b e W t r o p p u s d e z i l a i t i n i d n a d e l l a t s n i e v a h u o y r e t f a s e t a d p u t s e t a l e h t r o f e t i s b e W e h t k c e h c e r a w t f o S e h t d a o n w o D l
. t i n u e h t
. i m o c
. m x o r p
. t r o p p u s
p t t h o t o g
, r e s w o r b b e w r u o y n I
. 1 l l i w s r e s u e m i t
t s r i F
. s r o t i s i v e t i s b e W l l a o t e b a l l i a v a s i e s a b e g d e w o n K e h T l i
. s s e c c a n a g o t t n u o c c a n a e t a e r c o t d e k s a e b
e t o N
. e s a b e g d e l w o n K h c r a e S k c i l C
. 3 i
. s s e c c a n a g o t t n u o c c a n a e t a e r c
, d e t p m o r p f I
. 2 l
. 3 6 7 2 r e t n e
, d e e s a b e g d e l w o n K h c r a e S e h t n I
. 4
. h c r a e S k c i l C
. 5 l
. e g a p d a o n w o d e h t s s e c c a o t n m u o c y r a m m u S e h t n i k n l i l e h t n o k c i l C
. 6
. e r a w t f o s e h t d a o n w o d o t k n l i l e t a i r p o r p p a e h t n o k c i l C
. 7 e r a w t f o S e h t l l a t s n I l s s e r p d n a d e s s e r d d A s r e s w o r b e h t n i s s e r d d a P I s t n o P s s e c c A e h t r e t n E i
. 1
. o G r o r e t n E i P T T H a v P A e t a d p U e h T
. P T T H a i v
P A e t a d p U
s d n a m m o C k c i l C
. 2 t h g i r y p o C 6 2 e g a P l
. d e y a p s i d e b l l i w n e e r c s s t i n u e h t o t e d a m u o y s e g n a h c y n a t i m b u s o t n o t t u b s i h t k c i l C
. n o t t u b t x e N
e v a S a s a h n e e r c s d r a z i W p u t e S h c a E
n o t t u B t x e N
e v a S l w o e b s n o i t c u r t s n i e h T
. e g a p t x e n e h t o t e u n i t n o c d n a s r e t e m a r a p t x e N
e v a S e h t g n i s u d r a z i W p u t e S e h t e t a g v a n o t i w o h e b i r c s e d
. s n o t t u b i i l e n a p n o i t a g v a n a s e d v o r p d r a z i W p u t e S e h T
l e n a P n o i t a g i v a N o t s d n o p s e r r o c t a h t k n i l e h t k c i l C
. n e e r c s e h t f o e d i s d n a h
t f e l e h t n o i l e n a p n o i t a g v a n e h t n i k n i i l a g n k c i l c t a h t e t o N
. n e e r c s n o i t a r u g n o c l r a u c i t r a p t a h t o t n e k a t e b o t e r u g n o c o t t n a w u o y s r e t e m a r a p e h t e h t n o n o i t a r u g n o c s t i n u e h t o t e d a m u o y s e g n a h c y n a t i m b u s t o n l l i w
. e g a p t n e r r u c
. n o t t u b t i x E e h t k c i l c n e h t d n a
, l e n a p n o i t a g v a n e h t n o n o i t c u d o r t n I i
1 p e t S k c i l c
, e m i t y n a t a d r a z i W p u t e S e h t m o r f t i x e o T
t i x E y b
d e t t i m b u s u o y s e g n a h c y n a
, d r a z i W p u t e S e h t m o r f t i x e u o y f I
N O I T U A C e h t o t d e v a s e b l l i w i t n o p t a h t o t p u
) n o t t u b t x e N
e v a S e h t g n i k c i l c l a i t i n i n a m r o f r e p o t d r a z i W p u t e S e h t y b d e d v o r p s t p m o r p e h t i w o l l o F
. 2
. d e t o o b e r s i t i l i t n u t c e f f e e k a t t o n l l i w t u b t i n u i r o f e d u G r e s U 4 5 0 5 X A M h s e M e h t e e S
. o d a r h s e M e h t f o n o i t a r u g n o c i n o i t a r u g n o c d e c n a v d a r o f d n a s n o i t c u r t s n i d r a z i W p u t e S d e l i a t e d e r o m
. s n o i t c u r t s n i 5 2 e g a P d e v r e s e r s t h g i r l l A g n w o i l l o f e h t s t r o p p u s d r a z i W p u t e S e h T
. n g e b o t d r a z i W p u t e S k c i l i C
. 1
s n o i t p o n o i t a g v a n i
G N I N R A W i l k c a b e h t n o t n o p m o t t o b e h t t a e o h e h t e s u
, g n d n u o r g r e p o r p e r u s n e o T i f o e r i w d n u o r g a h c a t t a o t s w e r c s g n d n u o r g d e d v o r p e h t d n a t i n u h c a e f o i i i
h c e t g n d n u o r g e r i w r e p o r p e s U
. t i n u h c a e o t d e d n a r t s G W A 0 1 t s a e l t a
. s e d o c c i r t c e e l a c o l h t i l w e c n a d r o c c a n i s e u q n i
s e t o N l e b a l i a v a n e e b e v a h t o n y a m t a h t n o i t a m r o f n i r e v i r d d n a n o i s r e v e r a w t f o s
. d e c u d o r p s a w t n e m u c o d s i h t n e h w i d e d v o r p r o t c e j n i r e w o p e h t
, y b d e r e w o p d n a
, h t i w d e s u e b o t s i t n e m p u q E i s e c i v e d n a p s
d m i r o f d r a d n a t s f a 3
. 2 0 8 s w o l l o f t u o n P i 0 5 9 0 6 C E I
L U r e p t u p t u O e c r u o S r e w o P d e t i m L i
) Q G W N
E T I
d e t s i L
L U t e n r e h t E
r e v o
r e w o P r o f d e v o r p p A A 2 4
. 0
c d V 8 4
, t u p t u o d e t a R d e k r a m
E C
s t n e m e r i u q e r e s e h t s t e e m t a h t r o t c e j n i r e w o p a y b r o i l s n a t n o c t i s a D C t c u d o r p e h t n o e s e t o N e s a e e R e h t d a e r o t e r u s e B l s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 8 e g a P I N O T A L L A T S N I E R A W T F O S D N A E R A W D R A H
T N A T R O P M I e c n a i l l p m o C y r o t a u g e R d n a y t e f a S e e s
, t c u d o r p s i h t g n i l l a t s n i e r o f e B
. n o i t a m r o f n i t n a t r o p m i r o f D C t c u d o r p e h t n o n o i t a m r o f n I
T N A T R O P M I n o i t a l l a t s n i l a n o i s s e f o r p d e n a r t y b a t i u s a y b d e l i l l a t s n i e b t s u m s t i n u l l A
. e c i v r e s n o i t a l l a t s n i d e i l a u q a y b r o n a i c i n h c e t l e h t f o n o i t i s o p e h t n o p u s d n e p e d y e g r a l t i n u o d a r e h t f o e g n a r e h T
. e r a w d r a h i g n w o i l l i o f e h t g n v r e s b o
, y e v r u s e t i s a o d u o y s d n e m m o c e r i m x o r P
. a n n e t n a
. e r a w d r a h e h t g n i t n u o m e r o f e b
, s t n e m e r i u q e r i f i o d a r e h t o t r e w o p f o n o i t c e n n o c s i d y s a e w o l l a t s u m n o i t a c o l e h T
. y r a s s e c e n
. t a e h e v i s s e c x e d n a n o i t a r b v m o r f y a w a t p e k e b t s u m i i t i n u o d a r e h T
. e r a w d r a h e h t d n u o r a y e e r f l l w o o t e b a e b t s u m r i A i e e s
r o t c e t o r P g n n t h g i L m i x o r P e h t e s a h c r u p n a c u o Y i
. t n o p s s e r g n i g n d i l i u b e h t t a r o t s e r r a g n n t h g i i l a f o e s u e h t s d n e m m o c e r m i x o r P
n o i t u a C
. e c a f r u s t a r e h t o r o l l a w a o t t i t n u o m n a c u o y e r o m r o f r o t c e t o r P g n n t h g i L e h t h t i i w s e m o c t a h t n o i t a t n e m u c o d e h t 9 e g a P d e v r e s e r s t h g i r l l A
. s n o i t c u r t s n i n o i t a l l a t s n i d n a n o i t a m r o f n i
5
. 4 o t h c n i 5 2
. 1 a o t t i n u e h t t n u o m n a c u o y
, e r a w d r a h d n a s p m a l c g n i t n u o m
, s t e k c a r b s p m a l c g n i t n u o m e h t f o e n o t s u j g n i s U i
) r e t e m a d e d i s t u o
e o p h c n l i d e i l p p u s e h t g n i s U
. s e m i t l l l l
. l l a t a s n o i t a u g e r l a c o l o t a w r o e o p a o t t n u o m y l t c e r i d o t d e n g i s e d s i t i n u e h T m r o f n o c t s u m n o i t a a t s n i e h T l l e e S
. d e r u g n o c y l l a u n a m u o y s s e r d d a P I c i t a t s e h t r o r e v r e s P C H D k r o w t e n i e h t e n m r e t e d o t w o h n o n o i t a m r o f n i r o f e v o b a n o i t c e s l o o T n a c S g n i s U e h t
. y r a s s e c e n f i
, s s e r d d a P I w e n a e r u g n o c y l l a u n a m d n a s s e r d d a P I s t i n u a y b d e n g i s s a s s e r d d a P I c i m a n y d e h t r e h t i e s i s i h T
. o G r o r e t n E s s e r p
. s r a e p p a n e e r c s n g o l e h T i
. 4 l e m a N r e s U e h t e v a e L
. d e d r o w s s a P e h t n i d r o w s s a p P T T H e h t r e t n E
. 5
. c i l b u p s i d r o w s s a p P T T H t l u a f e d e h t
, s t i n u w e n r o F
. k n a b d e l l h c n u a l l l i w d r a z i W p u t e S e h t e m i t t s r e h t r o f n o g n g g o l e r a u o y f I i i p u t e S e h t e c r o f o T
. s n g o l t n e u q e s b u s n o h c n u a e r t o n l l i l
. y l l a c i t a m o t u a w d r a z i W p u t e e S t o N e s o o h c d n a s e c i v r e S
t n e m e g a n a M k c i l c
, n g o l n o p u h c n u a l o t d r a z i W i p u t e S e h t g n i s U e e s
, d r a z i W p u t e S e h t g n i s u o d a r h s e M e h t e r u g n o c o T i
. 6
. u n e m n w o d p o r d d r a z i W p u t e S e h t m o r f e l b a n E l d n a d e s s e r d d A s r e s w o r b e h t n i s s e r d d a P I s t n o P s s e c c A e h t r e t n E i
. 3
, d r a z i W p u t e S e h t g n i s u t u o h t i i w o d a r e h t e r u g n o c o T
. l w o e b
, d r a z i W e e S
. r a e p p a l l i w n e e r c s s u t a t S m e t s y S e h t
, t i x E g n k c i l c n o p U i
. t i x E k c i l c i r o f e d u G r e s U 4 5 0 5 X A M h s e M e h t n i r e t p a h c n o i t a r u g n o C d e c n a v d A e h t
. s n o i t c u r t s n i n o i t a r u g n o c e r u g n o c o t w o h r o f s n o i t c u r t s n i p e t s
y b
p e t s s e d v o r p d r a z i W p u t e S e h T i P I
, e m a N k r o w t e N s a h c u s
, s r e t e m a r a p g n i t a r e p o c i s a b s t n o P s s e c c A e h t i
. s d r o w s s a p t n e m e g a n a m d n a
, s r e t e m a r a p m e t s y s
, s r e t e m a r a p d r a z i W p u t e S e h t g n s U i s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 4 2 e g a P l e h t r o f n o i t a c o l e b a t i u s a d n t s u m u o y
, t i n u e h t f o e s u l a m i t p o e k a m o T
. s g n i t t e s y x o r p t e n r e t n I s r e s w o r b e h t e b a s i d
, y r a s s e c e n f I l
. 2 n o i t a c o L a e s o o h C
1 p e t S
. r e t u p m o c k r o w t e n a n o r e s w o r b b e W a n e p O
. 1 P I r u o y n o d i l i a v s i t a h t s s e r d d a e u q n u a t i n u e h t n g i s s a t s u m u o Y
. t e n b u s
. c i l b u p s i d r o w s s a p t l u a f e d e h t
, s t i n u w e n r o F
. d e d r o w s s a P l e t i r W
d a e R e h t n i d r o w s s a p e t i r w
d a e r P M N S e h t r e t n E
. g
. s e g n a h c r u o y e v a s o t K O k c i l C
. h
. s s e r d d A P I y a w e t a G s k r o w t e n r u o y r e t n E
. f
. k s a M t e n b u S s k r o w t e n r u o y r e t n E
. e e h t t o o b e r o t K O k c i l c
, s r a e p p a e g a s s e m t o o b e r e h t n e h W
. e d a m
. n e e r c s t s i L n a c S e h t o t n r u t e r d n a e c i v e d l u o y s e g n a h c y n a y p p a o t t o o b e r o t d e e n l l i w i t n o P s s e c c A e h T
. i k c i l c
, t o o b e r o t e c i v e d e h t r o f e m i t t n e i c f u s g n w o i l l a r e t f A
. j i l i
. d e d v o r p d e e h t n i o d a r h s e M e h t r o f s s e r d d A P I c i t a t s a r e t n E
. c i t a t S o t e p y T s s e r d d A P I t e S
. c
. d
. d e i l p p a n e e b e v a h s e g n a h c r u o y t a h t y f i r e v o t n a c s e R
. n e e r c s e g n a h C e h t o t n r u t e r o t n o t t u b e g n a h C e h t k c i l C
. k e h t f o m o t t o b e h t t a n o t t u b n o i t a r u g n o C b e W e h t k c i l C
. l
. n e e r c s e g n a h C e h t g n i s u r o t i n o m d n a e r u g n o c o T
. o d a r h s e M e h t e r u g n o c d n a r o t i n o m o t i r e s w o r b b e w r u o y e s u y a m u o y
, s s e r d d A P I d i l i a v a s a h o d a r h s e M e h t e c n O i
. e d u G r e s U 4 5 0 5 X A M h s e M e h t e e s
, e c a f r e t n i e n i l d n a m m o c 3 2 e g a P d e v r e s e r s t h g i r l l A
. l w o e b
, n o i t c e s n I g n g g o L e h t o t d e e c o r P i
. m n I i g n g g o L s s e e r i l i W m x o r P 8 0 0 2 l
. e c a p e f a s a n i n o i t a m r o f n i s i h t p e e K t h g i r y p o C 0 1 e g a P i i m x o r P m o r f t r o p p u s n a t b o o t d e r i u q e r s i r e b m u n l a i r e s e h T
. r e b m u n l a i r e s e h t s a l l e w s a
, t i n u e h t f o s e s s e r d d a C A M s s e e r i w d n a t e n r e h t E e h t e t o N l
. 2 i
. x o b g n p p h s e h t i m o r f s e i r o s s e c c a d n a t i n u e h t k c a p n U
. 1 i x o B g n p p h S e h t i k c a p n U
2 p e t S i n a g n h c a t t a e b l l i l l w u o Y
. e b a c e h t e b m e s s a o t t i K n o i t a n m r e T e b a C e h t e s U l i l e b a C e h t l e b m e s s A
3 p e t S 4
. 6 o t 9
. 2
s e h c n i 0 5 2
. o t 4 1 1
. r e t e m a d
e b a c 5 T A C G W A 4 2 d e t a r
r o o d t u o l i u o y
, t s r i F
. e r u d e c o r p n o i t a l l l a t s n i e h t n i r e t a l y b m e s s a e h t g n o o r p r e h t a e w d n a t i n u e h t f o k c a b e h t n o t r o p t e n r e h t E
r e v o
r e w o P e h t o t
) d e d v o r p t o n
) i m m l s s e c o r p y b m e s s a s i h t s e i l i p m i s y l t a e r g m x o r P
. s p e t s g n w o i l l o f e h t n i d e b i r c s e d l s a s r e v o c e b a c g n o o r p r e h t a e w e h t e b m e s s a d n a e b a c e h t t c u r t s n o c t s u m l l t r a p
s h t g n e l m 5 7 d n a
, m 0 5
, l m 5 2 n i s t i k e b a c 5 T A C d e b m e s s a
e r p g n i r e f f o y b l l
. e b a c 5 T A C e h t f o d n e e r a b e h t r e v o
) A
t u n g n i l a e s e h t e d i l S
. 1 l
. e b a c 5 T A C e h t f o d n e e r a b e h t r e v o
) B
t u n k c o l e h t e d i l S
. 2 l
) y e v i t c e p s e r
, 1 2 8 9 6 d n a
, 0 2 8 9 6
, 9 1 8 9 6 s r e b m u n i
. s n o i t s e g g u s r o f e d u G r e s U 4 5 0 5 X A M h s e M e h t n i r e t p a h c g n i t o o h s e b u o r T l e h t e e s
, t s i l e h t n i r a e p p a t o n s e o d l l i t s t i n u e h t f I
. y a p s i d e h t e t a d p u o t l n o t t u b n a c s e R e h t k c i l c
, t s i L n a c S e h t n i r a e p p a t o n s e o d t i n u r u o y f I
e t o N e r u s e k a M l
. e b a c 5 T A C e h t f o d n e e r a b e h t r e v o
) C
p a c g n i l a e s e h t e d i l S
. 3 i r o f s e t u n m e v o t p u e k a t y a m i t i
, t n o P s s e c c A n a g n i t o o b e r r e t f a t a h t e t o N i i e h t f o s e u q n h c e t n o i t a n m r e t
, r e t e m a d e b a c 5 T A C n i e c n a i r a v o t e u D l i d n u o r a
) t i n u h t i w d e i l p p u s t o n
e p a t n o e T e d w 5
. 0 f o s p a r w o w i l t y p p A
. 4
. p a c g n i l a e s e h t e d i s n i o g l l i w t a h t
) B
t u n k c o l e h t f o s d a e r h t e h t
. n e t h g i t d n a h d n a
) C
p a c g n i l a e s e h t o t n o
) B
t u n k c o l e h t d a e r h T
. 5
. p a c e h t e d i s n i s i t e k s a g r e b b u r d e r e h t l r o f t s e t
e b a c 5 T A C e h t f o s d n e h t o b o t
) D
s r o t c e n n o c 5 4 J R e h t e t a n m r e T i
. 6 l i
) e b a c h g u o r h t
t h g a r t s a g n i s u
g n i r i w r e p o r p n o r e v r e s P C H D a y b s s e r d d a P I n a d e n g i s s a n e e b s a h o d a r h s e M e h t f I i
k r o w t e n e h t e e s
s r a e p p a n e e r c s e g n a h C e h T
. n o t t u b e g n a h C e h t k c i l C
. e r u g n o c o t t n a w u o y t i n u e h t r o f y r t n e e h t t h g i l h g H i
. a
. b
) w o e b l e h t f o m o t t o b e h t t a n o t t u b n o i t a r u g n o C b e W e h t n o k c i l C
. c
. n e e r c s e g n a h c
. t s i L n a c S e h t n i r a e p p a o t t i n u e h t
g n w o i l l o f e h t f o e n o o D
. 4 e h t e r o f e b p a c f o o r p r e h t a e w e h t f o s t r a p l l a h g u o r h t d e e f t s u m e b a c e h
: T s e t o N l i
t h g a r t s a e b t s u m t i n u e h t d n a r o t c e j n i r e w o p e h t n e e w t e b e b a c e h T l
) r e v o s s o r c t u o h t i l w
e b a c t e n r e h t E h g u o r h t l
. e b a c t e n r e h t E r o o d t u o e h t n o d e p m i r c s i 5 4 J R e s e h t w o l l o f
) 2 3 1
. 8 2 1
. 4 5 2
. 9 6 1
, s s e r d d a P I t l u a f e d s t i g n i s u s i t i n u e h t
, s d r o w r e h t o n i
s s e r d d a P I n a d e n g i s s a n e e b t o n s a h o d a r h s e M e h t f I i
k r o w t e n r u o y n o d i l a v s i t a h t s s e r d d a P I c i t a t s a t i n g i s s a o t s p e t s
. e r u g n o c o t t n a w u o y t i n u e h t r o f y r t n e e h t t h g i l h g H i
. s r a e p p a n e e r c s e g n a h C e h T
. n o t t u b e g n a h C e h t k c i l C
. a
. b
. l w o e b
, n o i t c e s n I g n g g o L e h t o t d e e c o r P i
. d s i t i
, s r o t c e n n o c e h t f o s s e n t h g i t r e p o r p f o n o i t a c i l p p a e h t d n a
, r e l l a t s n i l a n r e t x e y b d e r u c e s e r a s r o t c e n n o c e b a c l l l a t a h t d e d n e m m o c e r y g n o r t s l f o o r p r e h t a e W
0 1 p e t S n i d e b i r c s e d e b l l i w s s e c o r p s i h T
. g n o o r p r e h t a e w
. s r o t c e n n o C e h t 1 1 e g a P d e v r e s e r s t h g i r l l A s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 2 2 e g a P s s e r d d a P I n a n g i s s a o t r o
, t s i L n a c S a n i s s e r d d a C A M e h t g n i c n e r e f e r y b t n o P i s s e c c A n a f o s s e r d d a P I e h t d n o t u o y s w o l l a t a h t l o o t n o i t a r u g n o c l a i t i n i n a
. d e n g i s s a n e e b t o n s a h e n o f i i o t o d a r h s e M e h t w o l l a l l i w t a h t s r e t e m a r a p e c i v e d l a i t i n i t e s n a c u o y
, n o i t i d d a
, k r o w t e n r u o y n o d e l l a t s n i s t i n u X A M h s e M e h t s t c e t e d y l l a c i t a m o t u a l o o t e h T n I
. s g n i t t e s P I s t i n u h c a e e r u g n o c u o y s t e l d n a
, s s e r d d a P I f o s s e d r a g e r l
. d e l l a t s n i t o n s i e g a m i e r a w t f o s d i l a v a f i e g a m i e r a w t f o s w e n a e v e i r t e r e b t s u m t i n u e h t
, t i n u h s e M e h t e r u g n o c d n a e c a f r e t n i P T T H e h t s s e c c a o T e h t
, t l u a f e d y B
. k r o w t e n t e n r e h t E s t i n o d i l a v s i t a h t s s e r d d a P I n a d e n g i s s a k r o w t e n a m o r f y l l i a c i t a m o t u a s s e r d d a P I n a n a t b o o t d e r u g n o c s i t i n u h s e M r u o y f I
. p u
t o o b g n i r u d r e v r e s
) P C H D
l o c o t o r P n o i t a r u g n o C t s o H c i m a n y D P I t a h w t u o d n o t l o o T n a c S n u r n a c u o y
, r e v r e s P C H D a s n a t n o c k r o w t e n i i n a t n o c t o n s e o d k r o w t e n r u o y f I
. d e n g i s s a n e e b e v a h s o d a r h s e M e h t s s e r d d a i i
. 2 3 1
. 8 2 1
. 4 5 2
. 9 6 1 o t s t l u a f e d s o d a r h s e M e h t r o f s s e r d d a P I e h t
, r e v r e s P C H D a s i t a h t s s e r d d a P I c i t a t s a t i n u e h t n g i s s a o t l o o T n a c S e s u n a c u o y
, e s a c s i h t n I
. t i n u e h t t e s e r r o
, t o o b e r
, p u r e w o P
. 1 s n o i t c u r t s n I l o o T n a c S
. k r o w t e n r u o y n o d i l a v
s m a r g o r P l l A
t r a t S k c i l c
, p o t k s e d r u o y n o t o n s i n o c i e h t f I
. m a r g o r p
. l o o T n a c S
4 5 0 5 X A M h s e M
m i x o r P i e h t h c n u a l o t p o t k s e d s w o d n W e h t n o n o c i l o o T n a c S e h t k c i l c
e b u o D l
. 2 s i t I
. M O R
D C n o i t a l l a t s n i e h t n o d e d u l c n i s i t a h t y t i l i t u e r a w t f o s a s i l o o T n a c S I N O T A Z L A T N I I I I I T N U n o i t a z i l a i t i n I h s e M l o o T n a c S g n s U i
, t u n
, w e r c s e h t h t i i w
) A
e c e p g n i t n u o m o t
) B
m r a n o i s n e t x e e h t h c a t t A
. 2
. s r e h s a w d n a
, t u n
, w e r c s e h t h t i w
) B
m r a n o i s n e t x e o t
) C
t e k c a r b g n i t n u o m e h t h c a t t A
. 3 i
. d e d v o r p s r e h s a w d n a
) s b l
n i 5 7
m N 9 e u q r o T
) s b l
n i 0 3 1
m N 5 1 e u q r o T
y b m e s s a n e t h g T l i
. 4 i s r e h s a w d n a s w e r c s d e d v o r p e h t g n i s u
) A
e t a p g n i t n u o m e h t h c a t t A l
. 1 e r a w d r a H g n i t n u o M e l b m e s s A
4 p e t S e b l l i w u o y
, d e l l a t s n i r e t p a d a k r o w t e n e n o n a h t e r o m s a h r e t u p m o c r u o y f I e h t e r o f e b e s u o t l o o T n a c S t n a w u o y t a h t r e t p a d a e h t t c e e s o t d e t p m o r p l l
. r o t p a d a s s e e r i w r o t e n r e h t E n a r e h t i e e s u n a c u o Y
. s r a e p p a t s i L n a c S r e t p a d a r u o y e g n a h c n a c u o Y
. K O k c i l c d n a r e t p a d a n a t c e e s
, d e t p m o r p f I l
e t o N
. t i n u e h t o t d e h c a t t a y b m e s s a l l l u f e h t s w o h s e r u g g n w o i l l o f e h T t s i L n a c S e h t n o n o t t u b r e t p a d A t c e l e S e h t g n k c i l c y b e m i i t y n a t a g n i t t e s s l o o T n a c S e h T
. s t i n u d e t c e t e d l l l a s y a p s i d d n a t e n b u s e h t s n a c s l o o T n a c S
. n e e r c s l
. e p m a x e g n w o i l l o f e h t n i n w o h s s a
, s r a e p p a n e e r c s t s i L n a c S 1 2 e g a P d e v r e s e r s t h g i r l l A s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 2 1 e g a P
) s b l
n i 0 0 1
m N 1 1 e u q r o T
e r u c e s d n a E t e k c a r b o t e o p e h t l d n u o r a n e t s a F
. F t e k c a r b h g u o r h t s w e r c s d e d v o r p e h t t r e s n i
, t n u o m
e o p o T l i
. 1 g n i c a f s r o t c e n n o c a n n e t n a e h t h t i w t i n u e h t t n u o m
, s r o t c e n n o c a n n e t n a e h t d n u o r a r e h t a g t o n s e o d r e t a w t a h t e r u s n e o T
. d r a w n w o d
. s r e t e m a r a p
n o i t u a C
T N A T R O P M I o t d e e n l l i w u o y
, k r o w t e n h s e M a f o t r a p s a d e s u e b o t g n o g s i t i n u e h t f I i i t n u o m u o y e r o f e b e d u G r e s U 4 5 0 5 X A M h s e M s i h t f o n o i t c e s s e t i s i u q e r e s e h t g n i r u g n o c n o n o i t a m r o f n i e r o m i r o f e d u G r e s U e h t e e S
. t i n u e h t
e r P e h t n i d e n o i t n e m s r e t e m a r a p e h t f o n o i t a r u g n o c l a i t i n i m r o f r e p t i n U e h t t n u o M
5 p e t S k c i l c
, y l l a c i t a m o t u a t r a t s t o n s e o d m a r g o r p n o i t a l l a t s n i e h t f I
. y l l a c i t a m o t u a s t r a t s y l l a m r o n r e l l a t s n i e h T
. e v i r d M O R
D C a n i D C n o i t a l l a t s n i e h t e c a P l
. 1
) D C n o i t a l l a t s n i e h t n o e x e
. p u t e s
. s w o d n w r e i l l l a t s n i e h t n o d e y a p s i d s n o i t c u r t s n i e h t w o l l o F
. 2
k r o w t e n r o r e t u p m o c a n o e r a w t f o s d n a n o i t a t n e m u c o d e h t l l a t s n i o T e r a w t f o S d n a n o i t a t n e m u c o D l l a t s n I
2 1 p e t S t o n
s w e r c s 4 g n i s u l l a w e h t o t
) E
t e k c a r b t n u o m
, t i n u e h t t n u o m
l l a w o T
. 2
. n w o h s s a
) d e d v o r p i 3 1 e g a P d e v r e s e r s t h g i r l l A s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 0 2 e g a P D A A
, t r o p l a i r e s e h t n O
. 9 9 o t 0 0 m o r f r e b m u n a g n i t n e s e r p e r s r e t a r a h c l a m i c e d
. g n i t o o b r e t f a t l u a f e d y b d e b a n e s i l l d m a I L C e h t t a e u a v l a n g i s d e t n i r p c i r e m u n a
r e n n a m t e r p r e t n i
o t
y s a e n a o w t y b t r o p l a i r e s I L C e h t n o d e y a p s i d y l l l a c i r e m u n s i R N S e h T
. s t r o p l a i r e s I L C e h t
, d e t a i t i n i y l l u f s s e c c u s n e e b s a h s s e c o r p e h t r e t f A
. s s e c o r p t n e m n g i l a a n n e t n a e h t p o t s d n a e t a i t i n i o t d e s u e r a s d n a m m o c I L C g n w o i l l o f e h T s d n a m m o c t n e m n g i l a a n n e t n A l s m 0 0 5 n i
s e u a v R N S e g a r e v a
e t o m e r
t n e r r u c
l a c o l
t n e r r u c e h t s y a p s i d l l
. e u a v R N S g n i l l a f a n i s t l u s e r n o i t c e r i d y n a n i g n v o m i l f i e t e p m o c s i g n m A i i
. U S e h t d n a U S B e h t n e e w t e b d e h s i l b a t s e e b t s u m k n l l i l s s e e r i w a d n a D A A e b a n e t s u m u o y
, y a p s i d e h t t r a t s o T l
. y t i l a u q k n i l e h t e t a c i d n i o t
) s l a v r e t n i i e h t t a r e v e c e r e h t y b d e r u s a e m s a R N S e h t
R N S l a c o l e h t f o y a p s i d s e b a n E l l e t o m e r e l b a n e d a a t e S
) d n e r a f l a c o l e l b a n e d a a t e S l t r o p t u O r e w o P d n a a t a D e h t o t e b a c 5 T A C e h t f o d n e e e r f e h t t c e n n o C
. 2
. r o t c e j n i r e w o p e h t n o i e h t t a r e v e c e r e h t y b d e r u s a e m s a R N S e h t
R N S e t o m e r e h t f o y a p s i d s e b a n E l l
) R N S e t o m e r d n a l a c o l f o e g a r e v a e h t
R N S e t o m e r e h t f o y a p s i d s e b a n E l l e g a r e v a e l b a n e d a a t e S
) d n e r a f l
) D A A s e b a s i d o s l a C
l r t C
y a p s i D t n e m n g l i l A a n n e t n A s e b a s i D l e l b a s i d d a a t e S t r o p n I a t a D 5 4 J R e h t d n a C P e h t n i d r a c e c a f r e t n i k r o w t e n e h t n e e w t e b l e b a c t e n r e h t E r e v o
s s o r c a t c e n n o c
, C P a o t y l t c e r i d t i n u e h t t c e n n o c o T
. r o t c e j n i r e w o p e h t n o d n a C P e h t n i d r a c e c a f r e t n i k r o w t e n e h t n e e w t e b e b a c t e n r e h t E h g u o r h t l E o P e h t n o t r o p n I a t a D 5 4 J R e h t d n a b u h e h t n e e w t e b d n a
, b u h e h t i
t h g a r t s a t c e n n o c
, C P a o t h c t i w s a r o b u h a h g u o r h t t i n u e h t t c e n n o c o T
. 3
. r e t p a d a t e n r e h t E r e v o s s o r c a e s u
, t i n u e h t o t y l t c e r i d C P e h t g n i t c e n n o c e r a u o y f I n I a t a D 5 4 J R e h t d n a C P e h t n i d r a c e c a f r e t n i k r o w t e n e h t n e e w t e b e b a c l
. r o t c e j n i r e w o p e h t n o t r o p 9 1 e g a P d e v r e s e r s t h g i r l l A s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 4 1 e g a P n i y t i l a u q l a n g i s f o t n e m e r u s a e m a s e d v o r p
) D A A
y a p s i D t n e m n g l i i l A a n n e t n A
) B
t i n u e h t f o k c a j 5 4 J R e h t o t n i
) A
e b a c 5 T A C e h t f o d n e e n o g u P l l
. 1 a n n e t n A e h t n g i l A
1 1 p e t S s e l b a C e h t n i g u P l
6 p e t S i l o t 4 1 1
. r e t e m a d
5 T A C G W A 4 2 e g n i s a r e v o t i n u e h t o t y t i v i t c e n n o c d e r i w d n a i i l m x o r P
d e d v o r p t o n
e p a t l a c i r t c e e d n a p i r t s e p a t d e s a b
r e b b u r
, g n i s u f
f l e s l l e h t e s u s y a w A
. e b i t a p m o c
f a 3
. 2 0 8 t o n s i t i n u e h T
) m m 4
. 6 o t 9
. 2
s e h c n i 0 5 2
. l
, n o i t c e n n o c e h t l a e s o t
) e p a T l a c i r t c e E l y n V
3 3 r e p u S h c t o c S s d n e m m o c e r i t a h t e t o N
. y l r e p o r p d e r e w o p s i t i n u e h t t a h t e r u s n e o t r o t c e j n i r e w o p d e i l p p u s
. s w o l l o f s a l i l y t i c i r t c e e g n y p p u s
) E o P
t e n r e h t E
r e v o
r e w o P s e d v o r p r o t c e j n i r e w o p e h T i i l d e d v o r p e h t e s u
, e b a c e h t d e n e t h g i t d n a d e b m e s s a y l l l u f e v a h u o y r e t f A t i n U e h t n o r e w o P
7 p e t S s r o t c e n n o C e h t f o o r p r e h t a e W
0 1 p e t S t e n r e h t E 5 T A C d r a d n a t s a r e v o C D V 8 4
s e d v o r p e u d o m l i t e n r e h t E e v i t c A e h t l
. e b a c e h t s e t a v i t c a s i h T
. h t d w i i l l a n g i r o s t i f o f l a h y e t a m x o r p p a s i t i l i t n u e p a t i e h t h c t e r t s d n a
, p i r t s e p a t d e s a b
r e b b u r e h t m o r f r e n i l l m e h t e v o m e R
. 1 r e w o P d n a a t a D e h t m o r f r o t c e n n o c 5 4 J R e h t t c e n n o c s i d r o t e l t u o C A e h t m o r f l d r o c C A e h t g u p n u
, r e w o p e v o m e r o T
. t i n u e h t n o h c t i w s F F O
N O o n s i e r e h T
. n o d e r e w o p s i t i n u e h t
, t e l t u o C A n a o t n i d r o c r o t c e j n i r e w o p e h t d e g g u p l
. r o t c e j n i r e w o p e h t n o t r o p t u O s d n o c e s e v r o f
) r o t c e j n i r e w o p e h t f o e d i s e h t n o
n o t t u b d a o l e R e h t s s e r P 5 4 J R e h t t c e n n o c t o n o d
, h c t i w s
r e t u o r r u o y g n g a m a d d o v a o T i i o t r o t c e j n i r e w o p e h t m o r f t u O r e w o P
a t a D r e h t i e d e l e b a l t r o p
. h c t i w s
r e t u o r r u o y e h t e t a i t n i o t
) r o t c e j n i r e w o p e h t f o e d i s e h t n o
n o t t u b d a o l e R e h t s s e r P
G N I N R A W e h t s s e r p e d o t p i i l c r e p a p r o n p a f o d n e e h t e s u o t d e e n l l i w u o Y
. s g n i t t e s
. n o t t u b i t l u a f e d y r o t c a f r i e h t o t s o d a r h s e M e h t s t e s e r y e t o m e r p u
r e w o p g n i r u d l o t p i i l c r e p a p r o n p a f o d n e e h t e s u o t e v a h y a m u o Y
. y t i l a n o i t c n u f t e s e R
d a o e R l l d n o y e b d e s s e r p s i n o t t u b d a o e R f I
. e t a t s r e d a o l t o o b e h t o t s e v o m e u d o m h s e M l l n e h t
, d e s a e e r n e h t d n a s d n o c e s 0 1 o t 5 r o f d e s s e r p s i n o t t u b d a o e R e h t f I l
. n o t t u b e h t s s e r p
. d e r o n g i s i y t i l l l a n o i t c n u f d a o e R s e u d o m h s e M e h t n e h t
, s d n o c e s 0 1 l f o e n o n n e h t
, d e s a e e r d n a s d n o c s 0 2 o t 0 1 r o f d e s s e r p s i n o t t u b d a o e R e h t f I l r e b i r c s b u S e h t n e h t
, e v o b a d n a s d n o c e s 0 2 r o f d e s s e r p s i n o t t u b d a o e R e h t f I l l
. d e t r o b a s i n o t t u b d a o e R e h t d n a d e m r o f r e p s i n o i t a r e p o e h t l
. e t a t s d a o e r o t s e v o m e u d o m l e h t l w o e b g n i t r a t s
, y l t h g i t r o t c e n n o c e h t d n u o r a e p a t e h t p a r w d n a h c t e r t S
. 2
. s s a m f o o r p r e t a w i
. n o i t c e r i d e s i w k c o l c a n i g n p p a r w d n a t i n u e h t t s n a g a d n a p a c r o t c e n n o c i e u n i t n o C
) A
p a c r o t c e n n o c e h t f o e s a b e h t d n u o r a e c n o e p a t e h t p a r W
, n o i t c e r i d e s i w k c o l c a n i r o t c e n n o c e h t d n u o r a y l l a r i p s e p a t e h t p a r w o t y l l i a r i p s e p a t e h t g n p p a r w e u n i t n o C
) B
p a l r e v o h t d w
0 5 a g n n a t n a m i i i i l e h t d e s u e v a h u o y d n a e b a c e h t o t n o s d n e t x e e p a t e h t l i t n u
) C
d r a w p u i e h t d n a r o t c e n n o c e h t t s n a g a y l t h g i t e p a t e h t l a e S
. e p a t f o h t g n e l e r i t n e
) D
e b a c l i a n i e p a t e h t g n p p a r w
n o i t c e r i d e s i w k c o l c a n i e p a t e h t p a r w o t e r u s e B
. r o t c e n n o c e h t p u n e s o o l y a m n o i t c e r i d e s i w k c o l c r e t n u o c
e t o N l l k c a b f o r e y a l a y p p a
, e v o b a 2 p e t S n i d e b i r c s e d s a r e n n a m e m a s e h t n I
. 3 r e h t r u f r o f e p a t d e s a b
r e b b u r e h t r e v o
) d e d v o r p t o n
e p a t l a c i r t c e e i l
. y t i l a n o i t c n u f d a o e R e h t l m r o f r e p o t r e s u e d u g l l i i w h c i h w l
, e o s n o c l a i r e s e h t o t s t n e v e l l l a y a p s i d l l i w r e d a o l t o o B
E T O N
r e b b u r e h t d n o y e b s d n e t x e o s l a e p a t l a c i r t c e e e h t e r u s e k a M l
. n o i t c e t o r p
. t i l a e s o t e p a t d e s a b 5 1 e g a P d e v r e s e r s t h g i r l l A s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 8 1 e g a P
. e t a i r p o r p p a s a s r o t c e n n o c r e h t o r o f e r u d e c o r p g n o o r p r e h t a e w e h t t a e p e R
. 4 d n a g n i l b a c t e n r e h t E e h t o t r o t c e j n i r e w o p e h t d e t c e n n o c e v a h u o y e c n O l
, e g n i s a e t a e r c o t e m i t r e v o p u t e s l l i w h c i h w
, e p a t e h t f o n o i t c a g n i s u f
f l e s k c a j 5 4 J R s t i n u e h t f o s d a e r h t e h t d n u o r a e p a t n o e T f o s p a r w o w l t y p p A
. 1 t h g i t r e t a w e h t w e r c s n u
r o t c e n n o c t e n r e h t E s t i n u e h t t a t n e s e r p e r a s D E L e h T l s e b a C e h t n e t h g T
9 p e t S i s D E L w e V i
8 p e t S e h t f o p a c g n i l a e s e h t n i d e t a e s l l i t s s i t e k s a g r e b b u r d e r e h t t a h t e r u s e k a M
. 2 l
) B
y b m e s s a t u n k c o l
p a c g n i l a e s d n a
) A
k c a j 5 4 J R e h t r e v o
) B
y b m e s s a t u n k c o l
p a c g n l i l a e s e h t e d i l S
. 3
. n o i t c e r i d e s i w k c o l c a n i
) A
r a l i i m i s r o h c n e r w e p p a e s u n e h t
, t s r n e t h g i t d n a H
. e r u s o l c n e o t n o d a e r h t l d n a
) B
y b m e s s a t u n k c o l
p a c g n i l a e s e h t o t n o
) D
t u n g n i l a e s e h t d a e r h T
. 5
) s b l
n i 5 2
m N 3 e u q r o T
n e t h g i t t s u m
) B
y l b m e s s a t u n k c o
p a c g n l i l a e s e h t n o
) C
t u n k c o l e h T
n o i t u a C
) s b l
n i 5 3
m N 4 e u q r o T
) C
t u n k c o l e h t n e t h g T i
. 4
. n r u t r e t r a u q e r o m e n o n e t h g i t o t l o o t
n e t h g i t
r e v o t o n o D
n o i t u a C t u n g n i l a e s e h t e r o f e b r o t c e n n o c 5 4 J R e h t r e v o d e n e t h g i t y l l u f e b i e h t r o p a c e h t g n w e r c s n u e r o f e b e s o o l s i t u n g n i l a e s d e m o d e h t e r u s e k a M
. d e g a m a d d n a d e t s i w l t e b y a m e b a c t e n r e h t E
E T O N s i p u t r a t s n e h W i
. s c i t s o n g a d p u t r a t s s m r o f r e p t i
, n o d e r e w o p s i t i n u e h t n e h W
s w o l l o f s a
, e t a t s l a n o i t a r e p o s t i n u e h t w o h s s D E L e h t
, e t e p m o c l D E L o d a R i D E L t e n r e h t E
r e w o P e t a t S D E L
. s D E L e h t i w e v o t y r a s s e c e n f i p a c d n a t s i w t y a m e l b a c t e n r e h t E e h t
, e s i w r e h t O
. d e n e t h g i t y l l u f s i
) D
. d e z i l
. e g a m a d i a i t i n i g n e b e r a s o d a r h s e M i i g n e b e r a s o d a r h s e M i
. n w o d s i k n i l t e n r e h t E
, p u g n i t o o b s i t i n u
, n o s i r e w o P n e e r G g n k n i i l B
. p u s i k n i l t e n r e h t E
, n o s i r e w o P n e e r G y d a e t S 7 1 e g a P d e v r e s e r s t h g i r l l A s s e e r i l i W m x o r P 8 0 0 2 t h g i r y p o C 6 1 e g a P
. l a n o i t a r e p o
| 1 | Users Manual 2 part 1 | Users Manual | 3.56 MiB |
MeshMAX 5054 Series User Guide Version 1.0.0 MeshMAX 5054 Series User Guide Before installing and using this product, see the Safety and Regulatory Compliance Guide located on the product CD. IMPORTANT!
Copyright 2008 Proxim Wireless, San Jose, CA. All rights reserved. Covered by one or more of the following U.S. patents: 5,231,634; 5,875,179;
6,006,090; 5,809,060; 6,075,812; 5,077,753. This manual and the software described herein are copyrighted with all rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form by any means without the written permission of Proxim Wireless. Trademarks Tsunami, Proxim, and the Proxim logo are trademarks of Proxim Wireless. All other trademarks mentioned herein are the property of their respective owners. MeshMAX 5054 Series User Guide PN 75605 , August 2008 12 MeshMAX 5054 Series User Guide Contents 1 Introduction. 8 Introduction to MeshMAX 5054 Series . 8 Introduction to Wi-Fi and Mesh Networking . 8 Mesh Networking . 9 Guidelines for Roaming . 13 Introduction to Wireless Network Topologies - Subscriber Module . 13 Point-to-Point Link . 14 Point-to-Multipoint Link . 14 Management and Monitoring Capabilities . 15 HTTP/HTTPS Interface . 15 Command Line Interface . 15 SNMP Management . 15 SNMPv3 Secure Management . 16 SSH (Secure Shell) Management . 16 2 Installation and Initialization . 18 Hardware Overview . 19 Package Contents . 20 Installation Procedure . 22 Step 1: Choose a Location . 22 Step 2: Unpack the Shipping Box . 22 Step 3: Assemble the Cable . 22 Step 4: Assemble Mounting Hardware . 23 Step 5: Mount the Unit . 24 Step 6: Plug in the Cables . 25 Step 7: Power on the Unit. 26 Step 8: View LEDs . 26 Step 9: Tighten the Cables . 27 Step 10: Weatherproof the Connectors . 27 Step 11: Align the Antenna . 28 Step 12: Install Documentation and Software. 29 Reboot and Reset Functionality for MeshMAX . 30 Reboot and Reset Functionality for Mesh and Access Point Module. 30 Reboot and Reset Functionality for Subscriber Module . 30 Unit Initialization . 31 Using ScanTool. 31 Scan Tool Instructions . 31 Mesh Initialization . 33 Logging In. 33 Using the Setup Wizard . 33 1 MeshMAX 5054 Series User Guide Software Updates. 34 Subscriber Initialization . 36 Setting the IP Address . 36 Software Updates. 37 3 System Overview of Subscriber Module . 39 Changing Basic Configuration Information . 39 Country and Related Settings . 40 Dynamic Frequency Selection (DFS). 40 Transmit Power Control . 42 SU Registration . 42 Dynamic Data Rate Selection (DDRS) . 43 Virtual Local Area Networks (VLANs) . 43 VLAN Modes . 44 Q-in-Q (VLAN Stacking) . 44 VLAN Forwarding. 44 VLAN Relaying. 44 Management VLAN . 44 BSU and SU in Transparent Mode. 45 BSU in Trunk Mode and SU in Trunk/Access Mode . 45 BSU in Mixed Mode and SU in Mixed, Access, or Trunk Mode . 47 Quality of Service (QoS) . 49 Concepts and Definitions . 49 4 Basic Management of Subscriber Module . 54 Navigation . 54 Rebooting and Resetting . 55 Rebooting. 55 Resetting Hardware . 55 Soft Reset to Factory Default . 55 Reset and Reboot Functionality. 55 General Configuration Settings . 56 Monitoring Settings . 57 Security Settings . 57 Encryption . 57 Passwords . 57 Default Settings . 58 Upgrading the Unit . 59 5 System Status. 60 Subscriber Module . 60 Status . 60 2 MeshMAX 5054 Series User Guide Contents Event Log . 61 Mesh and Access Point Module . 62 6 Configuration . 63 Configuring the Subscriber Module . 65 System Parameters . 65 Network Parameters. 68 Interface Parameters . 77 SNMP Parameters . 81 Management Parameters . 82 Security Parameters. 85 Filtering Parameters . 85 RIP Parameters (Routing Mode Only) . 93 NAT (Routing Mode Only) . 95 Advanced Configuration of Mesh and Access Point Module . 99 System . 99 Network . 101 Interfaces . 109 Management. 127 Filtering. 138 Alarms . 147 Bridge . 159 QoS . 162 Radius Profiles . 168 SSID/VLAN/Security. 174 7 Monitoring . 192 Monitoring Options for Subscriber Module . 192 Wireless . 193 ICMP. 194 Per Station . 194 Features . 194 Link Test . 195 Interfaces . 196 IP ARP Table . 197 IP Routes . 197 Learn Table. 198 RIP . 198 Monitoring Options for Mesh and Access Point Module . 198 Version . 199 ICMP. 200 3 MeshMAX 5054 Series User Guide IP/ARP Table . 200 Learn Table . 201 IAPP . 201 RADIUS . 202 Interfaces . 203 Station Statistics . 205 Mesh Statistics . 207 8 Commands . 210 Command Functions for Subscriber Module . 210 Download . 210 Upload . 211 Reboot . 211 Reset . 212 Help Link . 212 Downgrade. 212 Command Function for Mesh and Access Point Module . 213 Introduction to File Transfer via TFTP or HTTP . 213 Update AP . 214 Retrieve File . 217 Reboot . 220 Reset . 220 Help Link . 220 9 Procedures for Subscriber Module. 222 TFTP Server Setup . 222 Web Interface Image File Download . 222 Configuration Backup. 223 Configuration Restore . 223 Soft Reset to Factory Default . 224 Hard Reset to Factory Default . 224 Forced Reload . 224 Image File Download with the Bootloader . 224 Download with ScanTool . 224 Download with CLI . 225 10 Troubleshooting . 227 Troubleshooting for Power-Over-Ethernet (PoE) . 228 Troubleshooting Concepts for Subscriber Module . 228 Connectivity Issues . 228 Communication Issues. 229 Setup and Configuration Issues. 229 VLAN Operation Issues . 230 Link Problems . 230 4 MeshMAX 5054 Series User Guide Troubleshooting Concepts for Mesh and Access Point Module . 232 Troubleshooting Concepts . 233 Symptoms and Solutions . 233 Recovery Procedures. 236 Related Applications . 240 A Country Codes for Subscriber Module. 242 Channels/Frequencies by Country . 243 B CLI for Mesh and Access Point Module . 260 General Notes . 261 Prerequisite Skills and Knowledge. 261 Notation Conventions. 261 Important Terminology . 261 Navigation and Special Keys . 261 CLI Error Messages . 262 Command Line Interface (CLI) Variations . 263 Bootloader CLI . 263 CLI Command Types . 265 Operational CLI Commands. 265 Parameter Control Commands . 269 Using Tables and Strings . 273 Working with Tables . 273 Using Strings . 273 Configuring the AP using CLI commands . 275 Log into the AP using HyperTerminal. 275 Log into the AP using Telnet . 275 Set Basic Configuration Parameters using CLI Commands . 276 Other Network Settings . 281 CLI Monitoring Parameters . 290 Parameter Tables . 291 System Parameters . 293 Network Parameters . 295 Interface Parameters . 299 Management Parameters. 308 Filtering Parameters. 311 Alarms Parameters . 314 Bridge Parameters . 316 RADIUS Parameters . 318 Security Parameters. 319 VLAN/SSID Parameters. 321 Other Parameters. 321 5 MeshMAX 5054 Series User Guide Wireless Multimedia Enhancements (WME)/Quality of Service (QoS) parameters. 322 CLI Batch File . 325 Auto Configuration and the CLI Batch File. 325 CLI Batch File Format and Syntax . 325 Reboot Behavior . 326 C ASCII Chart for Mesh and Access Point Module . 327 D Technical Specifications . 328 Part Numbers . 329 MeshMAX 5054 Series . 329 Regulatory Approval and Frequency Ranges . 329 Radio and Transmission Specifications . 330 Receive Sensitivity . 330 Maximum Throughput . 330 Transmit Power Settings . 331 Software Features . 331 Mesh and Wi-Fi Features. 332 LEDs . 333 Interfaces . 334 Other Specifications . 334 Electrical . 334 Physical and Environmental Specifications . 334 MTBF and Warranty. 334 E Specifications for Mesh and Access Point Module. 336 Software Features . 337 Number of Stations per BSS . 337 Management Functions . 338 Advanced Bridging Functions . 338 Medium Access Control (MAC) Functions . 338 Security Functions . 339 Network Functions . 340 Available Channels . 341 F Technical Services and Support . 342 Obtaining Technical Services and Support . 343 Support Options . 344 Proxim eService Web Site Support . 344 Telephone Support. 344 ServPak Support . 344 G Statement of Warranty . 345 6 MeshMAX 5054 Series User Guide Warranty Coverage . 345 Repair or Replacement . 345 Limitations of Warranty. 345 Support Procedures . 345 Telephone Support. 345 Other Information . 346 Search Knowledgebase . 346 Ask a Question or Open an Issue . 346 Other Adapter Cards . 346 7 MeshMAX 5054 Series User Guide
Introduction This chapter contains following information:
Management and Monitoring Capabilities Introduction to MeshMAX 5054 Series Introduction to Wi-Fi and Mesh Networking Introduction to Wireless Network Topologies - Subscriber Module Introduction to MeshMAX 5054 Series The MeshMAX 5054 Series is a ruggedized tri-mode Mesh AP with additional 5 GHz subscriber station functionality, optimed for outdoor deployments. MeshMAX is 3-radio solution is a single integrated unit, with:
WiMAX subscriber unit connects to a WiMAX base station for backhauling Mesh gateway provides 5 GHz mesh backhaul by connecting other mesh devices through it to the network Wi-Fi Access point functionality. MeshMAX is equipped with two modules:
Mesh and Access Point Module One embedded 5 GHz (802.11a) module and one embedded 2.4GHz (802.11b/g) module, enabling simultaneous support of 802.11a, 802.11b and 802.11g clients. Both modules support Mesh operation. Subscriber Module One embedded module operating in the licensed 5 GHz band that conforms to the 802.11a standard to enable high-speed backhaul. Introduction to Wi-Fi and Mesh Networking An Access Point (AP) extends the capability of an existing Ethernet network to devices on a wireless network. Wireless devices can connect to a single AP, or they can move between multiple AP located within the same vicinity. As wireless clients move from one coverage cell to another, they maintain network connectivity. In a typical network environment (see ), the AP functions as a wireless network access point to data and voice networks. An AP network provides:
Seamless client roaming for both data and voice (VoIP) Easy installation and operation Over-the-air encryption of data High speed network links 8 Introduction Introduction to Wi-Fi and Mesh Networking MeshMAX 5054 Series User Guide Figure 1-1 Typical Wireless Network Access Infrastructure Mesh Networking Using the ORiNOCO Mesh Creation protocol (OMCP), the Mesh and Access Point Module supports structured Mesh networking. In a Mesh network, access points use their wireless interface as a backhaul to the rest of the network. Access points connected directly to the wired infrastructure are called Portals; Mesh Access Points relay packets to other Mesh Access Points to reach the Portal, dynamically determining the best route over multiple hops. Mesh networks are self-configuring (a Mesh access point will scan for other Mesh Access Points periodically and choose the best path to the portal) and self-healing (the network will reconfigure data paths if an AP or link fails or becomes inactive). Mesh Network Convergence Mesh networks are formed when Mesh APs on the same channel have the identical Mesh SSID, security settings, and management VLAN ID when VLAN is enabled. As these Mesh APs come online, they discover and set up links with each other to form the Mesh network. 9 Introduction Introduction to Wi-Fi and Mesh Networking MeshMAX 5054 Series User Guide Figure 1-2 Mesh Startup Topology Example - Step 1 In Figure 1-2, MP1 and MP9 are APs configured as Mesh portals, each on a different channel. When they are up and running, they will transmit beacons with a Mesh information element (IE) containing a Mesh SSID, and respond to probe requests that contain Mesh IEs with the same Mesh SSID. To find Mesh connections, Mesh AP (MAP) 2 through 8 will scan all allowed channels, either actively or passively. In active scanning, the MAP sends a broadcast probe request; in passive scanning, the MAP listens for beacons. Active scanning is used in regulatory domains that do not use Dynamic Frequency Selection (DFS); passive scanning is used in DFS-controlled regulatory domains. As other Mesh APs are discovered, MAP2 through MAP8 will build a neighbor table from the beacons and probe responses they receive. The neighbor table contains three kinds of links:
Active: Link with a Mesh neighbor that has gone through association and authentication, and the port is open. Connected: Link with a Mesh neighbor that has gone through association and authentication, but the port is closed. Disconnected: Possible link to a Mesh neighbor that has not gone through association and authentication. From the neighbor table, MAP2 through MAP8 will select the best possible connection to the backbone network. This connection is the active link. If a link to the backbone on a different channel is significantly better than any on the current channel, then MAP2 through MAP8 will switch to a new channel and join the Mesh network on that channel. In Figure 1-2 through Figure 1-4, the circles approximately indicate the range of the respective Mesh radios. As shown in these figures, MAP2 and MAP4 will discover Mesh Portal (MP) 1, and MAP7 and MAP8 will discover MP9. MAP3 is also within reach of MAP2 and MAP4, but they will not allow MAP3 to connect until they have established a Mesh link to the Mesh Portal. 10 Introduction Introduction to Wi-Fi and Mesh Networking MeshMAX 5054 Series User Guide Assume that links are established as shown in Figure 1-3. Solid lines indicate established links. Figure 1-3 Mesh Startup Topoloy Example - Step 2 After the first Mesh links are formed, MAP2,4,7 and 8 will add the Mesh IE to their beacon and respond to probe requests with a Mesh IE containing the same Mesh SSID and security settings. Eventually MAP 3 will find both MAP2 and 4 and will setup a Mesh link with the one with the best path to the portal, say MAP2. Optimal paths have low path costs; path costs are calculated based on the number of hops to the portal, RSSI (relative signal strength), and medium occupancy. Once MAP4 has established a path to the Mesh portal, MAP 3 will also establish a Mesh link with MAP4, but that connection will remain inactive. It will only be used as a possible alternative uplink for MAP3, and at the same time an alternative uplink for MAP4. If for some reason the link from MAP4 to MP1 fails, MAP4 can still reach the backbone via MAP3 and MAP2. The same goes for other MAPs that discover each other. After a short while, the network in this example will look like Figure 1-4, where solid lines indicate active Mesh links and dotted lines indicate established but inactive Mesh links. 11 Introduction Introduction to Wi-Fi and Mesh Networking MeshMAX 5054 Series User Guide Figure 1-4 Mesh Startup topologyExample - Step 3 In this example, if MAP8 loses Mesh link to MP9, MAP8 will immediately activate the Mesh link to MAP7. If the link to MAP7 has a higher path cost than a possible link to MAP4, which has the same Mesh SSID and security mode but is on a different channel, then MAP7 may decide to switch channels and establish and activate a link to MAP4. Mesh Network Configuration In the Mesh and Access Point Module either of the wireless interfaces may be configured for Mesh functionality, with the following considerations in mind:
To form or join a Mesh network, Mesh APs must have identical Mesh SSIDs and security modes (None or AES). If using AES, the shared secret should also be identical. All Mesh APs connected to a Portal will be on the same channel. The channel used by the Mesh Portal will determine the channel used by all of its connected Mesh APs. On Mesh APs, Mesh and WDS functionality cannot co-exist on the same wireless interface. Mesh and WDS can co-exist on Mesh Portals. The maximum number of links downlinks from a Mesh Portal to Mesh APs in the tree is 32. Proxim recommends a maximum of 30-40 APs total per portal (whether connected directly to the Portal or to another Mesh AP) for an average per-client throughput of 300-500 Kbps. This recommendation is based on the following assumptions:
18 Mbps throughput is available at the portal (max is 25 Mbps, but rates decrease as distance between APs increases). 20 wireless clients are supported per AP. 12 Introduction Introduction to Wireless Network Topologies - Subscriber Module MeshMAX 5054 Series User Guide Average utilization (time that a client is actually transferring data) is 10%. If the conditions on your network are different than the assumptions above, then the maximum number of APs should be adjusted accordingly. NOTE: Clients whose traffic must traverse multiple hops in order to reach the portal will have lower throughput than clients whose traffic traverses fewer hops. Although this solution is designed to be flexible and have a short convergence time after a topology change, it is not recommended for high-speed roaming or a highly dynamic environment. The Mesh network assumes that the uplink to the backbone will be provided by Mesh only. NOTE: To avoid loops, the administrator should not configure alternate links to the backbone through Ethernet or WDS connections. Mesh APs will avoid loops caused by Mesh links; similarly, Spanning Tree will detect and correct loops caused by WDS and wired links. NOTE: Neither Mesh APs nor Spanning Tree will detect loops caused by a mixture of Mesh and WDS/wired links. Administrators should avoid any such scenario while deploying Mesh. When VLAN is enabled, all APs in a Mesh network must have the same Management VLAN ID. For information on configuring Mesh using the HTTP interface, see Mesh. For information on configuring Mesh using the CLI for Mesh and Access Point Module, in the Command Line Interface chapter. Guidelines for Roaming Typical voice network cell coverages vary based on environment. Proxim recommends having a site survey done professionally to ensure optimal performance. For professional site surveyors, Ekahau Site Survey software is included in the Xtras folder of the Installation CD. An AP can only communicate with client devices that support its wireless standards. All Access Points must have the same Network Name to support client roaming. All workstations with an 802.11 client adapter installed must use either a Network Name of any or the same Network Name as the Access Points that they will roam between. If an AP has Closed System enabled, a client must have the same Network Name as the Access Point to communicate. All Access Points and clients must have matching security settings to communicate. The Access Points cells should overlap to ensure that there are no gaps in coverage and to ensure that the roaming client will always have a connection available. To ensure optimal AP placement, Proxim recommends having a site survey done professionally to ensure optimal performance. For professional site surveyors, Ekahau Site Survey software is included in the Xtras folder of the Installation CD. All Access Points in the same vicinity should use a unique, independent channel. By default, the AP automatically scans for available channels during boot-up but you can also set the channel manually. Access Points that use the same channel should be installed as far away from each other as possible to reduce potential interference. If a Mesh AP switches to a new uplink, by default it will send a deauthentication message to clients connected to it. Administrators can prevent the sending of this message by disabling the Notify Clients on Uplink Change parameter on the Configure > Interfaces > Mesh > Advanced page. In countries that require passive scanning for Mesh, the roam time may be higher. Introduction to Wireless Network Topologies - Subscriber Module The unit can be used in various network topologies and combinations. The required equipment depends upon the wireless network topology you want to build. Make sure all required equipment is available before installing the unit. You can set up the following types of topologies:
13 Introduction Introduction to Wireless Network Topologies - Subscriber Module MeshMAX 5054 Series User Guide Point-to-Point Link Point-to-Multipoint Network Point-to-Point Link With a BSU and a SU, it is easy to set up a wireless point-to-point link as depicted in the following figure. Figure 1-5 Point-to-Point Link A point-to-point link lets you set up a connection between two locations as an alternative to:
Leased lines in building-to-building connections Wired Ethernet backbones between wireless access points in difficult-to-wire environments Point-to-Multipoint Link If you want to connect more than two buildings, you can set up a single point-to-multipoint network with a single BSU amd multiple SUs, as depicted in the following figure. 14 Introduction Management and Monitoring Capabilities Figure 1-6 Point-to-Multipoint Link MeshMAX 5054 Series User Guide Up to 250 SUs can be connected to a BSU. If a BSU already has 250 SU, a new SU cannot be connected to the BSU. In this figure, the system is designed as follows:
The central building B is equipped with a BSU, connected to either an omni-directional, or a wide angle antenna. The two other buildigs A and C are both equipped with an SU connected to a directional antenna. Management and Monitoring Capabilities There are several management and monitoring interfaces available to the network administrator to configure and manage an AP on the network:
HTTP/HTTPS Interface (Web Interface) Command Line Interface SNMP Management SSH (Secure Shell) Management HTTP/HTTPS Interface The HTTP Interface (Web browser Interface) provides easy access to configuration settings and network statistics from any computer on the network. You can access the HTTP Interface over your LAN (switch, hub, etc.), over the Internet, or with a crossover Ethernet cable connected directly to your computers Ethernet Port. HTTPS provides an HTTP connection over a Secure Socket Layer. HTTPS is one of three available secure management options on the AP; the other secure management options are SNMPv3 and SSH. Enabling HTTPS allows the user to access the AP in a secure fashion using Secure Socket Layer (SSL) over port 443. The AP supports SSLv3 with a 128-bit encryption certificate maintained by the AP for secure communications between the AP and the HTTP client. All communications are encrypted using the server and the client-side certificate. The AP comes pre-installed with all required SSL files: default certificate, private key and SSL Certificate Passphrase installed. Command Line Interface The Command Line Interface (CLI) is a text-based configuration utility that supports a set of keyboard commands and parameters to configure and manage an AP. Users enter Command Statements, composed of CLI Commands and their associated parameters. Statements may be issued from the keyboard for real time control, or from scripts that automate configuration. For example, when downloading a file, administrators enter the download CLI Command along with IP Address, file name, and file type parameters. You access the CLI over a HyperTerminal serial connection or via Telnet. During initial configuration, you can use the CLI over a serial port connection to configure an Access Points IP address. When accessing the CLI via Telnet, you can communicate with the Access Point from over your LAN (switch, hub, etc.), from over the Internet, or with a crossover Ethernet cable connected directly to your computers Ethernet Port. See Command Line Interface (CLI) for more information on the CLI and for a list of CLI commands and parameters. SNMP Management In addition to the HTTP and the CLI interfaces, you can also manage and configure an AP using the Simple Network Management Protocol (SNMP). Note that this requires an SNMP manager program, like HP Openview or Castlerocks SNMPc. The AP supports several Management Information Base (MIB) files that describe the parameters that can be viewed and/or configured over SNMP:
15 Introduction Management and Monitoring Capabilities MeshMAX 5054 Series User Guide MIB-II (RFC 1213) Bridge MIB (RFC 1493) Ethernet-like MIB (RFC 1643) 802.11 MIB ORiNOCO Enterprise MIB Proxim provides these MIB files on the CD-ROM included with each Access Point. You need to compile one or more of the above MIBs into your SNMP programs database before you can manage an Access Point using SNMP. See the documentation that came with your SNMP manager for instructions on how to compile MIBs. The Enterprise MIB defines the read and read-write objects that can be viewed or configured using SNMP. These objects correspond to most of the settings and statistics that are available with the other management interfaces. See the Enterprise MIB for more information; the MIB can be opened with any text editor, such as Microsoft Word, Notepad, or WordPad. NOTE: Using a serial connection, you can access the CLI of the unit through a terminal emulation program such as Hyperterminal. For all other modes of connection, you will need the IP address of the unit in order to use the Web Interface, SNMP, or the CLI via telnet. SNMPv3 Secure Management SNMPv3 is based on the existing SNMP framework, but addresses security requirements for device and network management. The security threats addressed by Secure Management are:
Modification of information: An entity could alter an in-transit message generated by an authorized entity in such a way as to effect unauthorized management operations, including the setting of object values. The essence of this threat is that an unauthorized entity could change any management parameter, including those related to configuration, operations, and accounting. Masquerade: Management operations that are not authorized for some entity may be attempted by that entity by assuming the identity of an authorized entity. Message stream modification: SNMP is designed to operate over a connectionless transport protocol. There is a threat that SNMP messages could be reordered, delayed, or replayed (duplicated) to effect unauthorized management operations. For example, a message to reboot a device could be copied and replayed later. Disclosure: An entity could observe exchanges between a manager and an agent and thereby could learn of notifiable events and the values of managed objects. For example, the observation of a set command that changes passwords would enable an attacker to learn the new passwords. To address the security threats listed above, SNMPv3 provides the following when secure management is enabled:
Authentication: Provides data integrity and data origin authentication. Privacy (a.k.a Encryption): Protects against disclosure of message payload. Access Control: Controls and authorizes access to managed objects. The default SNMPv3 username is administrator, with SHA authentication, and DES privacy protocol. SSH (Secure Shell) Management You may securely also manage the AP using SSH (Secure Shell). The AP supports SSH version 2, for secure remote CLI
(Telnet) sessions. SSH provides strong authentication and encryption of session data. The SSH server (AP) has host keys - a pair of asymmetric keys - a private key that resides on the AP and a public key that is distributed to clients that need to connect to the AP. As the client has knowledge of the server host keys, the client can verify that it is communicating with the correct SSH server. 16 Introduction Management and Monitoring Capabilities MeshMAX 5054 Series User Guide NOTE: The remainder of this guide describes how to configure an AP using the HTTP Web interface or the CLI interface. For information on how to manage devices using SNMP or SSH, see the documentation that came with your SNMP or SSH program. Also, see the MIB files for information on the parameters available via SNMP and SSH. The remainder of the User Guide discusses installing your Mesh and Subscriber modules and managing it using the Web and CLI interfaces only. IMPORTANT!
17 Installation and Initialization MeshMAX 5054 Series User Guide 2 This chapter describes the steps required to install and mount the MeshMAX 5054 unit, including installing, mounting, and aligning the antenna. The installation procedure does not include the mounting and connection of antennas. See the MeshMAX 5054 Series Antenna Installation Guide for this information. If you are already familiar with this type of product, you can use the Quick Install Guide for streamlined installation procedures. See the following sections:
Hardware Overview Package Contents Installation Procedure Step 1: Choose a Location Step 2: Unpack the Shipping Box Step 3: Assemble the Cable Step 4: Assemble Mounting Hardware Step 5: Mount the Unit Step 6: Plug in the Cables Step 7: Power on the Unit Step 8: View LEDs Step 9: Tighten the Cables Step 10: Weatherproof the Connectors Step 11: Align the Antenna Step 12: Install Documentation and Software Reboot and Reset Functionality for MeshMAX Reboot and Reset Functionality for Mesh and Access Point Module Reboot and Reset Functionality for Subscriber Module Unit Initialization Using ScanTool Scan Tool Instructions Mesh Initialization Logging In Using the Setup Wizard Software Updates Subscriber Initialization Setting the IP Address 18 Installation and Initialization MeshMAX 5054 Series User Guide Hardware Overview The MeshMAX 5054 Series is an full-featured outdoor Subscriber Unit (SU) that is for outdoor deployment, that operate wither using Power-over-Ethernet (PoE) with the combination DC power supply/injector provided or directly from a 100-
240VAC power source (AC cable provided separately. The unit is designed for desk-, wall-, or ceiling mounting. It is powered either through DC power or through Power-Over-
Ethernet (see Power-over-Ethernet), and is equipped with the following connectors and controls:
Power/Ethernet port: used for Ethernet connection and Power-over-Ethernet (PoE) using the supplied power injector. Serial Connection: used for entering commands in the Command Line Interface (CLI). LED Indicator(s): dual LEDs used used to indicate the power and operational states of the unit. AC Power Unit: enables direct power from external AC power source. External Antenna Connectors (three): one for 2.4 GHz operation for client access, one for 5 GHz for Mesh operations and one 5 GHz for Subscriber operation. Grounding Screws (two) Figure 2-1 MeshMAX 5054 Unit 19 Installation and Initialization MeshMAX 5054 Series User Guide Package Contents Each shipment includes the items in the following table. Verify that you have recevied all parts of the shipment. NOTE: Unless listed here, cables are not included with the unit. MeshMAX 5054 Unit Y-Cable Installation CD (1ea.) Power Injector and Cord (1ea.) Cable Termination Kit Kit includes:
a. RJ45 connectors (2) b. Sealing caps (2) c. Lock nut d. Sealing nut e. Grounding screws (2) A B C D E 20 Installation and Initialization MeshMAX 5054 Series User Guide Mounting Kit Kit includes the following:
Mounting clamp for walls/pole Extension arm Mounting plate to enclosure Mounting clamp for pole mounting Mounting Hardware A B C D The following mounting hardware is included with mounting kit:
Qty. 6 ea 2 ea Description Plain washer # 5/16 Hex cap screw NC 5/16-18 x 35 2 ea Nut NC 5/16-18 4 ea Helical spring loack washer # 1/4 4 ea 2 ea 4 ea Helical speing lock washer # 5/16 Hex cap screw NC 5/16-18 x 80 68764, Screw, Machine, Pan, Phillips, 1/4 - 20, 5/8 L Rubber Tape Strip 21 Installation and Initialization Installation Procedure Step 1: Choose a Location MeshMAX 5054 Series User Guide To make optimal use of the unit, you must find a suitable location for the hardware. The range of the radio unit largely depends upon the position of the antenna. Proxim recommends you do a site survey, observing the following requirements, before mounting the hardware. The location must allow easy disconnection of power to the radio if necessary. Air must be able to flow freely around the hardware. The radio unit must be kept away from vibration and excessive heat. The installation must conform to local regulations at all times. The unit is designed to directly mount to a pole or wall. Using the supplied mounting clamps and hardware, you can mount the unit to a 1.25 inch to 4.5- inch pole (outside diameter). Using just one of the mounting clamps brackets, you can mount it to a wall or other flat surface. CAUTION: Proxim recommends the use of a lightning arrestor at the building ingress point. You can purchase the Proxim Lightning Protector; see the documentation that comes with the Lightning Protector for more information and installation instructions. Step 2: Unpack the Shipping Box 1. Unpack the unit and accessories from the shipping box. 2. Note the Ethernet and wireless MAC addresses of the unit, as well as the serial number. The serial number is required to obtain support from Proxim. Keep this information in a safe place. Step 3: Assemble the Cable Use the Cable Termination Kit to assemble the cable. You will be attaching an outdoor-rated 24 AWG CAT5 cable
(diameter .114 to .250 inches/2.9 to 6.4 mm) (not provided) to the Power-over-Ethernet port on the back of the unit and weatherproofing the assembly later in the installation procedure. First, you must construct the cable and assemble the weatherproofing cable covers as described in the following steps. Proxim greatly simplifies this assembly process by offering pre-assembled CAT5 cable kits in 25m, 50m, and 75m lengths (part numbers 69819, 69820, and 69821, respectively). 1. Slide the sealing nut (A) over the bare end of the CAT5 cable. 2. Slide the lock nut (B) over the bare end of the CAT5 cable. 3. Slide the sealing cap (C) over the bare end of the CAT5 cable. Make sure the red rubber gasket is inside the cap. 4. Apply two wraps of 0.5 wide Teflon tape (not supplied with unit) around the threads of the lock nut (B) that will go inside the sealing cap. 5. Thread the lock nut (B) onto the sealing cap (C), and hand tighten. 6. Terminate the RJ45 connectors (D) to both ends of the CAT5 cable; test for proper wiring (using a straight-through cable). 7. There are two DB9 connectors that connect to RJ11. The long one connects to Mesh and Access Point module and the short one to the Subscriber module. NOTE: The cable must feed through all parts of the weatherproof cap before the RJ45 is crimped on the outdoor Ethernet cable. The cable between the power injector and the unit must be a straightthrough Ethernet cable
(without crossover). Due to variance in CAT5 cable diameter, termination techniques of the installer, and the application of proper tightness of the connectors, it is strongly recommended that all cable connectors are secured by external weatherproofing. This process will be described in Step 10: Weatherproof the Connectors. 22 Installation and Initialization MeshMAX 5054 Series User Guide Step 4: Assemble Mounting Hardware 1. Attach the mounting plate (A) using the provided screws and washers (Torque 9 Nm/75 in-lbs) 2. Attach the extension arm (B) to mounting piece (A) with the screw, nut, and washers. 3. Attach the mounting bracket (C) to extension arm (B) with the screw, nut, and washers provided. 4. Tighten assembly (Torque 15 Nm/130 in-lbs). 23 Installation and Initialization MeshMAX 5054 Series User Guide The following figure shows the full assembly attached to the unit Step 5: Mount the Unit IMPORTANT! If the unit is going to be used as part of a Mesh network, you will need to perform initial configuration of the parameters mentioned in the Prerequisites section of this MeshMAX 5054 User Guide before you mount the unit. See the User Guide for more information on configuring these parameters. CAUTION: To ensure that water does not gather around the antenna connectors, mount the unit with the antenna connectors facing downward. 1. To pole-mount, insert the provided screws through bracket F. Fasten around the pole to bracket E and secure
(Torque 11 N.m/100 in-lbs). 24 Installation and Initialization MeshMAX 5054 Series User Guide 2. To wall-mount the unit, mount bracket (E) to the wall using 4 screws (not provided), as shown. Step 6: Plug in the Cables 1. Plug one end of the CAT5 cable (A) into the RJ45 jack of the unit (B). 2. Connect the free end of the CAT5 cable to the Data and Power Out port on the power injector. 25 Installation and Initialization MeshMAX 5054 Series User Guide 3. To connect the unit through a hub or a switch to a PC, connect a straightthrough Ethernet cable between the network interface card in the PC and the hub, and between the hub and the RJ45 Data In port on the PoE adapter. To connect the unit directly to a PC, connect a cross-over Ethernet cable between the network interface card in the PC and the RJ45 Data In port on the power injector. If you are connecting the PC directly to the unit, use a crossover Ethernet cable between the network interface card in the PC and the RJ45 Data In port on the power injector. Step 7: Power on the Unit The power injector provides Power-over-Ethernet (PoE), supplying electricity and wired connectivity to the unit over a single 24 AWG CAT5 (diameter .114 to .250 inches/2.9 to 6.4 mm). The unit is not 802.3af-compatible. Always use the supplied power injector to ensure that the unit is powered properly. Note that the Active Ethernet module provides +48 VDC over a standard CAT5 Ethernet cable. Once you have connected the power injector to the Ethernet cabling and plugged the power injector cord into an AC outlet, the unit is powered on. There is no ON/OFF switch on the unit. To remove power, unplug the AC cord from the AC outlet or disconnect the RJ45 connector from the Data and Power Out port on the power injector. Press the Reload button (on the side of the power injector) for five seconds during power-up remotely resets the Mesh radios to their factory default settings. You will need to use the end of a pin or paperclip to depress the button. WARNING: To avoid damaging your router/switch, do not connect the RJ45 port labeled either Data & Power Out from the power injector to your router/switch. Step 8: View LEDs The LEDs are present at the units Ethernet connector; unscrew the watertight cap if necessary to view the LEDs. NOTE: Make sure the domed sealing nut is loose before unscrewing the cap or the Ethernet cable may be twisted and damaged. 26 Installation and Initialization MeshMAX 5054 Series User Guide When the unit is powered on, it performs startup diagnostics. When startup is complete, the LEDs show the units operational state, as follows:
LED State Power/Ethernet LED Blinking Green Power is on, unit is booting up, Ethernet link is down. Steady Green Power is on, Ethernet link is up. Radio LED Mesh radios are being initialized. Mesh radios are being operational. Step 9: Tighten the Cables 1. Apply two wraps of Teflon tape around the threads of the units RJ45 jack (A) in a clockwise direction. 2. Make sure that the red rubber gasket is still seated in the sealing cap of the sealing cap/lock nut assembly (B). 3. Slide the sealing cap/lock nut assembly (B) over the RJ45 jack (A) and thread onto enclosure. Hand tighten first, then use a pipe wrench or similar tool to tighten one more quarter turn. CAUTION: Do not over-tighten!
4. Tighten the lock nut (C) (Torque 4 N.m/35 in-lbs). 5. Thread the sealing nut (D) onto the sealing cap/lock nut assembly (B) and tighten (Torque 3 N.m/25 in-lbs). CAUTION: The lock nut (C) on the sealing cap/lock nut assembly (B) must be fully tightened over the RJ45 connector before the sealing nut (D) is fully tightened. Otherwise, the Ethernet cable may twist and damage. Step 10: Weatherproof the Connectors After you have fully assembled and tightened the cable, use the provided self-fusing, rubber-based tape strip and electrical tape (not provided; Proxim recommends Scotch Super 33+ Vinyl Electrical Tape) to seal the connection, as follows. 1. Remove the film liner from the rubber-based tape strip, and stretch the tape until it is approximately half of its original width. This activates the self-fusing action of the tape, which will set up over time to create a single, waterproof mass. 27 Installation and Initialization MeshMAX 5054 Series User Guide 2. Stretch and wrap the tape around the connector tightly, starting below the connector cap and against the unit and wrapping in a clockwise direction. Wrap the tape once around the base of the connector cap (A). Continue to wrap the tape spirally around the connector in a clockwise direction, maintaining a 50% width overlap (B). Continue wrapping the tape spirally upward (C) until the tape extends onto the cable and you have used the entire length of tape. Seal the tape tightly against the connector and the cable (D). NOTE: Be sure to wrap the tape in a clockwise direction; wrapping the tape in a counterclockwise direction may loosen 3. up the connector. In the same manner as described in Step 2 above, apply a layer of black electrical tape (not provided) over the rubber-based tape for further protection. Make sure the electrical tape also extends beyond the rubberbased tape to seal it. 4. Repeat the weatherproofing procedure for other connectors as appropriate. Step 11: Align the Antenna Antenna Alignment Display (AAD) provides a measurement of signal quality in an easy-to-interpret manner - a numeric printed signal value at the CLI amd serial ports. The SNR is numerically displayed on the CLI serial port by two decimal charaters representing a number from 00 to 99. On the serial port, AAD is enabled by default after booting. To start the display, you must enable AAD and a wireless link must be established between the BSU and the SU. Aiming is complete if moving in any direction results in a falling SNR value. Antenna alignment commands The following CLI commands are used to initiate and stop the antenna alignment process. After the process has been successfully initiated, the CLI displays the current-local/current-remote/average SNR values (in 500 ms intervals) to indicate the link quality. 28 Installation and Initialization MeshMAX 5054 Series User Guide Set aad enable local Enables display of the local SNR (the SNR as measured by the receiver at the far end). Set aad enable remote Enables display of the remote SNR (the SNR as measured by the receiver at the far end). Set aad enable average Enables display of the remote SNR (the average of local and remote SNR). Set aad disable Disables Antenna Alignment Display (Ctrl-C also disables AAD). Step 12: Install Documentation and Software To install the documentation and software on a computer or network:
1. Place the installation CD in a CD-ROM drive. The installer normally starts automatically. (If the installation program does not start automatically, click setup.exe on the installation CD). 2. Follow the instructions displayed on the installer windows. 29 Installation and Initialization MeshMAX 5054 Series User Guide Reboot and Reset Functionality for MeshMAX Press the Reload button (on the side of the power injector) to intiate the Reload/Reset functionality. You may have to use the end of a pin or paperclip to press the button. Reboot and Reset Functionality for Mesh and Access Point Module If the Reload button is pressed for 5 to 10 seconds and then released, then Mesh and Access Point module moves to the bootloader state. If Reload button is pressed beyond 10 seconds, then the Mesh and Access Point modules Reload functionality is ignored. Reboot and Reset Functionality for Subscriber Module If the Reload button is pressed for 20 seconds and above, then the Subscriber module moves to reload state. If the Reload button is pressed for 10 to 20 sconds and released, then none of the operation is performed and the Reload button is aborted. NOTE: Bootloader will display allevents to the serial console, which will guide user to perform the Reload functionality. 30 Installation and Initialization MeshMAX 5054 Series User Guide Unit Initialization The MeshMAX unit has two modules: Subscriber module and Mesh and Access Point module. To initiate the process, you need to use the Scantool. Using ScanTool ScanTool is a software utility that is included on the installation CD-ROM. It is an initial configuration tool that allows you to find the IP address of an Access Point by referencing the MAC address in a Scan List, or to assign an IP address if one has not been assigned. The tool automatically detects the MeshMAX units installed on your network, regardless of IP address, and lets you configure each units IP settings. In addition, you can set initial device parameters that will allow the Mesh radio to retrieve a new software image if a valid software image is not installed. To access the HTTP interface and configure the Mesh unit, the unit must be assigned an IP address that is valid on its Ethernet network. By default, the Mesh unit is configured to obtain an IP address automatically from a network Dynamic Host Configuration Protocol (DHCP) server during boot-up. If your network contains a DHCP server, you can run ScanTool to find out what IP address the Mesh radios have been assigned. If your network does not contain a DHCP server, the IP address for the Mesh radios defaults to 169.254.128.132. In this case, you can use ScanTool to assign the unit a static IP address that is valid on your network. Scan Tool Instructions 1. Power up, reboot, or reset the unit. 2. Double-click the ScanTool icon on the Windows desktop to launch the program. If the icon is not on your desktop, click Start > All Programs > Proxim > MeshMAX 5054 > ScanTool. If your computer has more than one network adapter installed, you will be prompted to select the adapter that you want ScanTool to use before the Scan List appears. You can use either an Ethernet or wireless adaptor. NOTE: If prompted, select an adapter and click OK. You can change your adapter setting at any time by clicking the Select Adapter button on the Scan List screen. ScanTool scans the subnet and displays all detected units. The ScanTools Scan List screen appears, as shown in the following example. If your unit does not appear in the Scan List, click the Rescan button to update the display. If the unit still does not appear in the list, see the Troubleshooting chapter in the MeshMAX 5054 User Guide for suggestions. Note that after rebooting an Access Point, it may take up to five minutes for the unit to appear in the Scan List. 3. Do one of the following:
If the Mesh radio has been assigned an IP address by a DHCP server on the network:
a. a. Highlight the entry for the unit you want to configure. b. Click the Change button. The Change screen appears (see below). c. Click on the Web Configuration button at the bottom of the change screen. d. Proceed to the Logging In section, below. 31 Installation and Initialization MeshMAX 5054 Series User Guide If the Mesh radio has not been assigned an IP address (in other words, the unit is using its default IP address, 169.254.128.132), follow these steps to assign it a static IP address that is valid on your network:
a. Highlight the entry for the unit you want to configure. b. Click the Change button. The Change screen appears. c. Set IP Address Type to Static. d. Enter a static IP Address for the Mesh radio in the field provided. You must assign the unit a unique address that is valid on your IP subnet. e. Enter your networks Subnet Mask. f. Enter your networks Gateway IP Address. g. Enter the SNMP read/write password in the Read/Write Password field. For new units, the default password is public. h. Click OK to save your changes. i. The Access Point will need to reboot to apply any changes you made. When the reboot message appears, click OK to reboot the device and return to the Scan List screen. j. After allowing sufficient time for the device to reboot, click Rescan to verify that your changes have been applied. k. Click the Change button to return to the Change screen. l. Click the Web Configuration button at the bottom of the Change screen. m. Proceed to the Logging In section, below. 32 Installation and Initialization MeshMAX 5054 Series User Guide Mesh Initialization Logging In Once the Mesh radio has a valid IP Address, you may use your web browser to monitor and configure the Mesh radio.
(To configure and monitor using the command line interface, see the MeshMAX 5054 User Guide.) 1. Open a Web browser on a network computer. 2. 3. Enter the Access Points IP address in the browsers Address field and press Enter or Go. This is either the dynamic If necessary, disable the browsers Internet proxy settings. IP address assigned by a network DHCP server or the static IP address you manually configured. See the Using ScanTool section above for information on how to determine the units IP address and manually configure a new IP address, if necessary. 4. The login screen appears. 5. Enter the HTTP password in the Password field. Leave the User Name field blank. For new units, the default HTTP password is public. If you are logging on for the first time the Setup Wizard will launch automatically. NOTE: Setup Wizard will not relaunch on subsequent logins. To force the Setup Wizard to launch upon login, click Management > Services and choose Enable from the Setup Wizard drop down menu. 6. To configure the Mesh radio using the Setup Wizard, see Using the Setup Wizard, below. To configure the radio without using the Setup Wizard, click Exit. Upon clicking Exit, the System Status screen will appear. See the Advanced Configuration chapter in the MeshMAX 5054 User Guide for configuration instructions. Using the Setup Wizard The Setup Wizard provides step-by-step instructions for how to configure the Access Points basic operating parameters, such as Network Name, IP parameters, system parameters, and management passwords. 33 Installation and Initialization MeshMAX 5054 Series User Guide 1. Click Setup Wizard to begin. The Setup Wizard supports the following navigation options:
Save & Next Button: Each Setup Wizard screen has a Save & Next button. Click this button to submit any changes you made to the units parameters and continue to the next page. The instructions below describe how to navigate the Setup Wizard using the Save & Next buttons. Navigation Panel: The Setup Wizard provides a navigation panel on the left-hand side of the screen. Click the link that corresponds to the parameters you want to configure to be taken to that particular configuration screen. Note that clicking a link in the navigation panel will not submit any changes you made to the units configuration on the current page. Exit: To exit from the Setup Wizard at any time, click Step 1: Introduction on the navigation panel, and then click the Exit button. CAUTION: If you exit from the Setup Wizard, any changes you submitted (by clicking the Save & Next button) up to that point will be saved to the unit but will not take effect until it is rebooted. 2. Follow the prompts provided by the Setup Wizard to perform an initial configuration of the Mesh radio. See the MeshMAX 5054 User Guide for more detailed Setup Wizard instructions and for advanced configuration instructions. Software Updates Proxim periodically releases updated software for the MeshMAX 5054 on its support Web site, http://support.proxim.com. Proxim recommends that you check the Web site for the latest updates after you have installed and initialized the unit. Download the Software In your web browser, go to http://support.proxim.com. If prompted, create an account to gain access. 1. 2. NOTE: The Knowledgebase is available to all Web site visitors. First-time users will be asked to create an account to gain access. In the Search Knowledgebase field, enter 2334. 3. Click Search Knowledgebase. 4. 5. Click Search. 6. Click on the link in the Summary column to access the download page. 34 Installation and Initialization MeshMAX 5054 Series User Guide 7. Click on the appropriate link to download the software. Install the Software 1. Enter the Access Points IP address in the browsers Address field and press Enter or Go. 2. Click Commands > Update AP > via HTTP. The Update AP via HTTP screen will be displayed. 3. From the File Type drop-down menu, select Image. 4. Use the Browse button to locate or manually type in the name of the file (including the file extension) you downloaded from the Proxim Knowledgebase. If typing the file name, you must include the full path and the file extension in the file name text box. 5. To initiate the HTTP Update operation, click the Update AP button. A warning message advises you that a reboot of the device will be required for changes to take effect. 6. Click OK to continue with the operation or Cancel to abort the operation. 7. If the operation is unsuccessful, you will receive an error message. See the MeshMAX 5054 User Guide for more information. If the operation is successful, you will receive a confirmation message. 8. Reboot the Mesh radio as follows:
a. Click Commands > Reboot. b. Enter 0 in the Time to Reboot field. c. Click OK. NOTE: For instructions on downloading the software via a TFTP Server or the CLI Interface, see the MeshMAX 5054 User Guide. 35 Installation and Initialization MeshMAX 5054 Series User Guide Subscriber Initialization Connecting to the module requires either:
A direct physical connection with an Ethernet cable or with a serial RS-32 cable A network connection Connecting with the Ethernet cable allows you to access the unit through a terminal emulation program, such as HyperTerminal. (See HyperTerminal Connection Properties in the MeshMAX 5054 User Guide. Setting the IP Address With ScanTool (a software utility that is included on the product installation CD), you can find out the current IP address of the unit and, if necessary, change it so that is appropriate for your network. ScanTool lets you find the IP address of a module by referencing the MAC address in a Scan List, or to assign an IP address if the correct one has not been assigned. The tool automatically detects the units installed on your network segment, regardless of IP address, and lets you configure each units IP settings. In addition, you can use ScanTool to download new software to a unit that does not have a valid software image installed. To discover and set/change the IP address of the unit:
Run ScanTool on a computer connected to the same LAN subnet as the unit, or a computer directly connected to the module with a cross-over Ethernet cable. Double-click the ScanTool icon on the Windows desktop to launch the program. If the icon is not on your desktop, click Start > All Programs > MeshMAX 5054 series > ScanTool. ScanTool scans the subnet and displays the module it finds in the main window. If necessary, click Rescan to re-scan the subnet and update the display. You can assign a new IP address to one module, even if more than one module has the same (default) IP address 10.0.0.1, but the new IP address must be unique to allow the use of the management interfaces. Select the module for which you want to set the IP address and click Change. The Change dialog window is displayed. To set the IP address manually, ensure that Static is selected as the IP Address Type and fill in the IP Address and Subnet Mask suitable for the LAN subnet to which the uni is connected. To set the IP address dynamically, ensure that Dynamic is selected as the IP Address Type. The module will request its IP address from a DHCP server on your network. Enter the Read/Write Password (the default value is public) and click OK to confirm your changes. The respective module reboots to make the effective. Accessing the Web Browser To access the module with a Web Browser:
Start a Web browser and enter the IP address of the module in the Address box (for example, http://10.0.0.1). A login window is displayed. Do not fill in the User name; enter only the default password public. Upon successful login, the System Status window is displayed. Accessing the Command Line Interface The CLI is accessible through the Serial RS-232 cable connected through the network, or with a cross-over Ethernet cable between the computer and the modules serial port. Ethernet Port To use the CLI through the Ethernet port, you must have a telnet program, and the modules IP address. 36 Installation and Initialization MeshMAX 5054 Series User Guide To access the unit through Ethernet on a Windows PC:
Open a DOS command window: from the Windows Start menu, Select Run; enter cmd. In the DOS window displayed, enter telnet and IP address (for example, telnet 10.0.0.1) and type <enter>. You will be prompted for your password. Enter the password (the default is public). Software Updates Proxim periodically releases updated software for the MeshMAX 5054 on its support Web site, http://support.proxim.com. Proxim recommends that you check the Web site for the latest updates after you have installed and initialized the unit. Download the Software In your web browser, go to http://support.proxim.com. If prompted, create an account to gain access. 1. 2. NOTE: The Knowledgebase is available to all Web site visitors. First-time users will be asked to create an account to gain access. In the Search Knowledgebase field, enter 2334. 3. Click Search Knowledgebase. 4. 5. Click Search. 6. Click on the link in the Summary column to access the download page. 7. Click on the appropriate link to download the software. Install the Software 1. Click Commands > Download to download configuration, image and license files to the unit via a TFTP server (see TFTP Server Setup for information about the SolarWinds TFTP server software located on your product installation CD). 2. The following parameters may be configured or viewed:
Server IP address: Enter the TFTP Server IP address. File Name: Enter the name of the file to be downloaded. If you are using the SolarWinds TFTP server software located on your product installation CD, the default directory for downloading files is C:\TFTP-Root. File Type: Choose either Config, image, BspBl, or license. File Operation: Choose either Download or Download and Reboot. 37 Installation and Initialization MeshMAX 5054 Series User Guide 3. Click OK to start the download. 38 System Overview of Subscriber Module MeshMAX 5054 Series User Guide 3 This chapter has information about the following:
Changing Basic Configuration Information Country and Related Settings Dynamic Frequency Selection (DFS) Transmit Power Control SU Registration Dynamic Data Rate Selection (DDRS) Virtual Local Area Networks (VLANs) Quality of Service (QoS) Concepts and Definitions Packet Identification Rule (PIR) Service Flow Class (SFC) QoS Class Changing Basic Configuration Information To view or change basic system information, click the Configure button on the left side of the Web interface window, then click the System tab. See System Parameters for detailed information about the fields and selections in this window. NOTE: System Name by default contains the actual model number. The following screenshot is for information only. 39 System Overview of Subscriber Module Changing Basic Configuration Information MeshMAX 5054 Series User Guide Country and Related Settings The units Configure System window provides a selectable Country field that automatically provides the allowed bandwidth and frequencies for the selected country. Units sold only in the United States are pre-configured to scan and display only the outdoor frequencies permitted by the FCC. No other Country can be configured. Units sold outside of the United States support the selection of a Country by the professional installer. NOTE: Non-US installers should not add an antenna system until the Country is selected, the unit is rebooted, and the proper power level is configured. The output power level of the final channel selected by DFS scan can be found in the Event Log. The Dynamic Frequency Selection (DFS) feature is enabled automatically when you choose a country and band that require it. The Transmit Power Control (TPC) feature is always available. Click Configure > System; then select the appropriate country for your regulatory domain from the Country drop-down box. Continue configuring settings as desired; then click Commands> Reboot tab to save and activate the settings. Alternatively, if you want to save the configuration settings to the flash memory but not activate the settings, use the save config CLI command. Dynamic Frequency Selection (DFS) The subscriber module supports Dynamic Frequency Selection (DFS) for FCC, IC, and ETSI regulatory domains per FCC Part 15 Rules for U-NII devices, IC RSS-210, and ETSI EN 301-893 and 302-502 regulations, respectively. These rules and regulations require that 802.11a devices use DFS to prevent interference with radar systems and other devices that already occupy the 5 GHz band. 40 System Overview of Subscriber Module Changing Basic Configuration Information MeshMAX 5054 Series User Guide During boot-up, the unit scans the available frequency and selects the best channel. If the unit subsequently detects interference on its channel, it rescans to find a better channel. Upon finding a new channel, the unit is required to wait 60 seconds to ensure that the channel is not busy or occupied by radar, and then commences normal operation. (In Canada, if the channel was previously blacklisted, the unit scans for 600 seconds before commencing normal operation if the selected channel frequency is in the 5600 - 5650 MHz range). If you are using the unit in a country and band that require DFS, keep in mind the following:
DFS is not a configurable parameter; it is always enabled and cannot be disabled. You cannot manually select the devices operating channel; you must let the unit select the channel. You may make channels unavailable by manually blacklisting them and preventing those channels being selected, in accordance with local regulations or interference. You can also display the Channel Blacklist Table to view the channels that have been blacklisted. In compliance with FCC regulations, the unit uses ATPC (Automatic Transmit Power Control) to automatically adapt transmit power when the quality of the link is more than sufficient to maintain a good communication with reduced transmit power. See Transmit Power Control for more information. Dynamic Frequency Selection (DFS) is enabled automatically based upon the country and band you select. You can tell DFS is in use because the Frequency Channel field on the Interfaces page displays only the DFS-selected frequency. DFS scans all available frequencies, starting with the DFS preferred channel (when configured) and skipping blacklisted channels, to select the operating frequency automatically. A country/band selection with DFS enabled causes the Base Station to come up in scan mode. It scans the available frequencies and channels to avoid radar and selects a channel with the least interference. NOTE: Scanning is performed only on the frequencies allowed in the regulatory domain of the country/band selected when it is required for radar detection and avoidance. The SU also comes up in scan mode to scan all available frequencies to find a BSU with which it can register. Scanning may take several minutes. After establishing a wireless link, the wireless LED stops flashing and continues to shine green. NOTE: Because DFS may need to scan for radar on multiple channels, you must allow a sufficient amount of time for the units to start up. This is considerably longer than when the unit is not using DFS. This is expected behavior. Startup time is within four minutes if no radar is detected, but up to one minute is added for every selected channel that results in radar detection. DFS is required for three purposes:
1. Radar avoidance both at startup and while operational. To meet these requirements, the BSU scans available frequencies at startup. If a DFS-enabled channel is busy or occupied with radar, the system will blacklist the channel for a period of 30 minutes in accordance with FCC, IC, and ETSI regulations. Once fully operational on a frequency, the BSU actively monitors the occupied frequency. If interference is detected, the BSU blacklists the channel, logs a message and rescans to find a new frequency that is not busy and is free of radar interference. Radar detection is performed only by the BSU and not by the SU. When an SU is set to a country/band in which DFS is used, it scans all available channels upon startup looking for a BSU that best matches its connection criteria (such as Base Station System Name, Network Name, and Shared Secret). The SU connects to the BSU automatically on whatever frequency the BSU has selected. Because of this procedure, it is best to set up the BSU and have it fully operational before installing the SU, although this is not required. If a BSU rescans because of radar interference, the SU loses its wireless link. The SU waits 30 seconds (when the Mobility feature is enabled, the SU starts scanning for a BSU instantly rather than waiting 30 seconds); if it finds that it could not receive the BSU in this amount of time, it rescans the available frequencies for an available BSU. 2. Guarantee the efficient use of available frequencies by all devices in a certain area. To meet this requirement, the BSU scans each available frequency upon startup and selects a frequency based upon the least amount of noise and interference detected. This lets multiple devices operate in the same area with limited interference. This procedure is 41 System Overview of Subscriber Module SU Registration MeshMAX 5054 Series User Guide done only at startup; if another UNII device comes up on the same frequency, the BSU does not detect this or rescan because of it. It is expected that other devices using these frequencies also are in compliance with country/band regulations, so this should not happen. 3. Uniform Channel Spreading. To meet this requirement, the MP.11-R randomly selects operating channel from the available channels with least interference. If the DFS Preferred Channel is configured, the unit begins by scanning that channel. If no interference is detected, the unit makes this channel operational. If the channel is busy or occupied by radar, the unit blacklists that channel and scans other available channels for the one with least interference. This implements the Uniform Channel Spreading requirement by either automatically selecting the channel with least interference or allowing the installer to manually select a channel with least interference from a channel plan. Transmit Power Control Transmit Power Control is a manual configuration selection to reduce the units output power. The maximum output power level for the operating frequency can be found in the event log of the units embedded software. ATPC (Automatic Transmit Power Control) is a feature to automatically adapt transmit power when the quality of the link is more than sufficient to maintain a good communication with reduced transmit power. This feature is required for FCC DFS. It works by monitoring the quality of the link and reducing the output power of the radio by up to 6 dB when good link quality can still be achieved. When link quality reduces, the output power is automatically increased up to the original power level to maintain a good link. For a full discussion of DFS, see Dynamic Frequency Selection (DFS) above. By default, the unit lets you transmit at the maximum output power that the radio can sustain for data rate and frequency selected. However, with Transmit Power Control (TPC), you can adjust the output power of the unit to a lower level in order to reduce interference to neighboring devices or to use a higher gain antenna without violating the maximum radiated output power allowed for your country/band. Also, some countries that require DFS also require the transmit power to be set to a 6 dB lower value than the maximum allowed EIRP when link quality permits, as part of the DFS requirements. NOTE: When the system is set to transmit at the maximum power, professional installers must ensure that the maximum EIRP limit is not exceeded. To achieve this, they may have to add attenuation between the device and the antenna when a high gain antenna is used. NOTE: You can see your units current output power for the selected frequency in the event log. The event log shows the selected power for all data rates, so you must look up the relevant data rate to determine the actual power level. NOTE: This feature only lets you decrease your output power; you cannot increase your output power beyond the maximum the radio allows for your frequency and data rate. See System Parameters to configure Country. See Interface Parameters to configure Transmit Power Control. SU Registration The list of parameters you must configure for registration of the SU on a BSU are:
Network Name Base Station System Name (when used; otherwise, leave blank) Network Secret Encryption (when used) Frequency Channel (when available) See System Parameters to see the description of these fields and to configure them. NOTES:
The frequency channel must be the same for the BSU and the SU in order to register the SU when roaming is not enabled and DFS is not required. 42 System Overview of Subscriber Module Dynamic Data Rate Selection (DDRS) MeshMAX 5054 Series User Guide Channel Bandwidth and Turbo mode (when available) must be the same for the BSU and SU in order to register the SU. Roaming will automatically select a channel on the SU corresponding to the BSU channel. Roaming is the procedure in which an SU terminates the session with the current BSU and starts the registration procedure with another BSU when it finds the quality of the other BSU to be better. Dynamic Data Rate Selection (DDRS) NOTE: DDRS is configured on the BSU. See the Tsunami MP.11-R Installation and Management Guide for more information. The WORP Dynamic Data Rate Selection (DDRS) lets the BSU and SUs monitor the remote average signal-to-noise ratio (SNR) and the number of retransmissions between the BSU and SUs and adjust the transmission data rate to an optimal value to provide the best possible throughput according to the current communication conditions and link quality. With DDRS enabled, a BSU can maintain different transmission data rates to different SUs, optimizing the data rate based on the link quality of each SU independently. Both the BSU and the SUs monitor the remote SNR and number of retransmissions. The BSU monitors these values for each SU that is registered. An SU monitors these values for the BSU. When necessary, based on this information, the data rate is dynamically adjusted. Note that DDRS is enabled or disabled on the BSU only. This operation requires the BSU to be rebooted. After rebooting, the BSU sends a multicast announcement to all SUs to begin the registration process. During registration, an SU is informed by the BSU whether DDRS is enabled or disabled and it sets its DDRS status accordingly. Virtual Local Area Networks (VLANs) NOTE: VLANs are configured on the Base Station Unit. See the Tsunami MP.11-R Installation and Management Guide for more information. Virtual Local Area Networks (VLANs) are logical groupings of network hosts. Defined by software settings, other VLAN members or resources appear (to connected hosts) to be on the same physical segment, no matter where they are attached on the logical LAN or WAN segment. They simplify allowing traffic to flow between hosts and their frequently-used or restricted resources according to the VLAN configuration. Subscriber units are fully VLAN-ready; however, by default, VLAN support is disabled. Before enabling VLAN support, certain network settings should be configured and network resources such as VLAN-aware switches should be available, dependent upon the type of configuration. VLANs are used to conveniently, efficiently, and easily manage your network in the following ways:
Manage VLAN configuration from a single window Define groups Reduce broadcast and multicast traffic to unnecessary destinations Secure network restricts members to resources on their own VLAN VLAN tagged data is collected and distributed through a units Ethernet interface. The units can communicate across a VLAN-capable switch that analyzes VLAN-tagged packet headers and directs traffic to the appropriate ports when the units are working in their Transparent mode. VLAN features can be managed via:
The BSUs Web interface The Command Line Interface Improve network performance and reduce latency Increase security 43 System Overview of Subscriber Module Virtual Local Area Networks (VLANs) SNMP (see the MIBs provided on the product CD) VLAN Modes Transparent Mode MeshMAX 5054 Series User Guide Transparent mode is available on both the SU and the BSU. This mode is equivalent to NO VLAN support and is the default mode. It is used when the devices behind the SU and BSU are both VLAN aware and unaware. The SU/BSU transfers both tagged and untagged frames received on the Ethernet or WORP interface. Both tagged and untagged management frames can access the device. Trunk Mode Trunk mode is available on both the SU and the BSU. It is used when all devices behind the SU and BSU are VLAN aware. The SU and BSU transfer only tagged frames received on the Ethernet or WORP interface. SU can be accessed by both tagged and untagged frames. When BSU is in trunk mode, then it can be accessed only by the frmaes that are tagged with the management VLAN ID.Access Mode. Access mode is available only on the SU. It is used when the devices behind the SU are VLAN unaware. Frames to and from the Ethernet interface behind the SU map into only one VLAN segment. Frames received on the Ethernet interface are tagged with the configured Access VLAN ID before forwarding them to the WORP interface. Both tagged and untagged management frames can access the device from the WORP interface. However, only untagged management frames can access the device from the Ethernet Interface. Mixed Mode Mixed mode is available on both the SU and the BSU. It is used when the devices behind the SU send both tagged and untagged data. Frames to and from the Ethernet interface behind the SU can be tagged or untagged. Tagged frames received on the Ethernet interface are compared against the SUs trunk table, and only packets whose VLAN ID matches the trunk table are forwarded. All other packets are dropped. Untagged traffic is forwarded without any restrictions. If the BSU is in Mixed mode, the SU can be in Trunk, Access, or Mixed mode. Q-in-Q (VLAN Stacking) The Q-in-Q mechanism allows Service Providers to maintain customer-assigned VLANs while avoiding interference with the Service Providers VLANs. Using the Q-in-Q mechanism, an Outer VLAN ID and Priority are added to VLAN tagged packets on top of the existing VLAN ID, such that interference is avoided and traffic is properly routed. VLAN Forwarding The VLAN Trunk mode provides a means to configure a list of VLAN IDs in a Trunk VLAN Table. The SU and BSU only forward frames (between Ethernet and WORP interface) tagged with the VLAN IDs configured in the Trunk VLAN Table. Up to 256 VLAN IDs can be configured for the BSU and up to 16 VLAN IDs can be configured for the SU (depending upon the capabilities of your switching equipment). VLAN Relaying The VLAN Trunk mode for BSU operation provides an option to enable and disable a VLAN relaying flag; when enabled, the BSU shall relay frames between SUs on the same BSU having the same VLAN ID. Management VLAN The BSU and SU allow the configuration of a separate VLAN ID and priority for SNMP, ICMP, Telnet, and TFTP management frames for device access. 44 System Overview of Subscriber Module Virtual Local Area Networks (VLANs) MeshMAX 5054 Series User Guide The management VLAN ID and management VLAN priority may be applied in any mode. The management stations tag the management frames they send to the BSU or SU with the management VLAN ID configured in the device. The BSU and SU tag all the management frames from the device with the configured management VLAN and priority. BSU and SU in Transparent Mode When the BSU is in Transparent mode, all associated SUs must be in Transparent mode. How the BSU and SUs function in Transparent mode is described in the following table. BSU Function Transparent Mode BSU forwards both tagged and untagged SU Function Transparent Mode SU forwards both tagged and untagged frames frames received from the Ethernet interface or from any of the associated SUs. If a valid management VLAN ID is configured, BSU allows only management frames tagged with the configured management VLAN ID to access it. If a valid management VLAN ID is configured, BSU tags all management frames generated by the BSU with the configured management VLAN ID and priority. If the management VLAN ID is configured as
-1 (untagged), BSU allows only untagged management frames to access it. received from the Ethernet interface or from the BSU. If a valid management VLAN ID is configured, SU allows only management frames tagged with the configured management VLAN ID to access it. If a valid management VLAN ID is configured, SU tags all management frames generated by the SU with the configured management VLAN ID and priority. If the management VLAN ID is configured as
-1 (untagged), SU allows only untagged management frames to access them. BSU in Trunk Mode and SU in Trunk/Access Mode When the BSU is in Trunk mode, the associated SUs must be in either Trunk mode or Access mode. When an SU associates to a BSU that is in Trunk mode, it gets the VLAN mode from the BSU. How the BSU and SU function in Trunk mode, and the SU in Access mode, is described in the following table. 45 System Overview of Subscriber Module Virtual Local Area Networks (VLANs) MeshMAX 5054 Series User Guide BSU Function Trunk Mode SU Function Trunk Mode SU Function Access Mode Up to 256 VLAN IDs can be configured on a BSU. Up to 16 VLAN IDs can be configured on an SU. BSU discards all untagged SU discards all untagged frames frames received from the Ethernet interface or from any of the associated SUs
(unexpected). If a valid VLAN ID is configured, BSU forwards only VLAN-tagged frames received from the Ethernet interface or from any of the associated SUs that are tagged with the configured VLAN ID; it discards all other tagged frames. If a valid management VLAN ID is configured, BSU allows only management frames tagged with the configured management VLAN ID to access it. If a valid management VLAN ID is configured, BSU tags all management frames generated by the BSU with the configured management VLAN ID and priority. If the management VLAN ID is configured as -1 (untagged), BSU allows only untagged management frames to access it. received from the Ethernet interface or from the BSU
(unexpected). If a valid VLAN ID is configured, SU forwards only VLAN-tagged frames received from the Ethernet interface or from the BSU that are tagged with the configured VLAN ID; it discards all other tagged frames. If a valid management VLAN ID is configured, SU allows only management frames tagged with the configured management VLAN ID to access it. If a valid management VLAN ID is configured, SU tags all management frames generated by the SU with the configured management VLAN ID and priority. If the management VLAN ID is configured as -1 (untagged), SU allows only untagged management frames to access it. SU discards all tagged frames received from the Ethernet interface and all untagged frames received from the BSU (unexpected). SU tags all untagged frames received from the Ethernet interface with the configured Access VLAN ID and forwards them to the BSU. SU untags all tagged frames received from the BSU that are tagged with the configured Access VLAN ID and forwards them to the Ethernet interface; it discards all other tagged frames from the BSU. If a valid management VLAN ID is configured, SU allows only management frames tagged with the configured management VLAN ID to access it from the BSU. If a valid management VLAN ID is configured, SU tags all management frames generated by the SU with the configured management VLAN ID and priority and forwards them to the BSU. If the management VLAN ID is configured as -1 (untagged), SU allows only untagged management frames to access it from the BSU. SU allows only untagged management frames to access it from the Ethernet interface, regardless of the value of the management VLAN ID. 46 System Overview of Subscriber Module Virtual Local Area Networks (VLANs) BSU in Mixed Mode and SU in Mixed, Access, or Trunk Mode MeshMAX 5054 Series User Guide When the BSU is in Mixed mode, the associated SUs can be in Trunk, Access, or Mixed mode. How the BSU and SU function in Trunk mode, and the SU in Access mode and Mixed mode, is described in the following table:
47 System Overview of Subscriber Module Virtual Local Area Networks (VLANs) MeshMAX 5054 Series User Guide BSU Function Mixed Mode Up to 256 VLAN IDs can be configured on a BSU. BSU allows all untagged frames received from the Ethernet interface or from any of the associated SUs
(unexpected). If a valid VLAN ID is configured, BSU forwards only VLAN-tagged frames received from the Ethernet interface or from any of the associated SUs that are tagged with the configured VLAN IDs; it discards all other tagged frames. If a valid management VLAN ID is configured, BSU allows only management frames tagged with the configured management VLAN ID to access it. If a valid management VLAN ID is configured, BSU tags all management frames generated by the BSU with the configured management VLAN ID and priority. If the management VLAN ID is configured as -1
(untagged), BSU allows only untagged management frames to access it. SU Function Mixed Mode SU Function Trunk Mode Up to 16 VLAN IDs can be configured on an SU. Up to 16 VLAN IDs can be configured on an SU. SU accepts all untagged frames received from the Ethernet interface or from the BSU (unexpected). If a valid VLAN ID is configured, SU forwards only VLAN-tagged frames received from the Ethernet interface or from the BSU that are tagged with the configured VLAN IDs; it discards all other tagged frames. If a valid management VLAN ID is configured, SU allows only management frames tagged with the configured management VLAN ID to access it. If a valid management VLAN ID is configured, SU tags all management frames generated by the SU with the configured management VLAN ID and priority. If the management VLAN ID is configured as -1
(untagged), SU allows only untagged management frames to access it. SU discards all untagged frames received from the Ethernet interface or from the BSU (unexpected). If a valid VLAN ID is configured, SU forwards only VLAN-tagged frames received from the Ethernet interface or from the BSU that are tagged with the configured VLAN IDs; it discards all other tagged frames. If a valid management VLAN ID is configured, SU allows only management frames tagged with the configured management VLAN ID to access it. If a valid management VLAN ID is configured, SU tags all management frames generated by the SU with the configured management VLAN ID and priority. If the management VLAN ID is configured as -1
(untagged), SU allows only untagged management frames to access it. SU Function Access Mode SU discards all tagged frames received from the Ethernet interface and all untagged frames received from the BSU
(unexpected). SU tags all untagged frames received from the Ethernet interface with the configured Access VLAN ID and forwards them to the BSU. SU untags all tagged frames received from the BSU that are tagged with the configured Access VLAN ID and forwards them to the Ethernet interface; it discards all other tagged frames from the BSU. If a valid management VLAN ID is configured, SU allows only management frames tagged with the configured management VLAN ID to access it from the BSU. If a valid management VLAN ID is configured, SU tags all management frames generated by the SU with the configured management VLAN ID and priority and forwards them to the BSU. If the management VLAN ID is configured as -1
(untagged), SU allows only untagged management frames to access it from the BSU. SU allows only untagged management frames to access it from the Ethernet interface, regardless of the value of the management VLAN ID. 48 System Overview of Subscriber Module Quality of Service (QoS) MeshMAX 5054 Series User Guide Quality of Service (QoS) NOTE: Quality of Service is configured on the Base Station Unit. See the Tsunami MP.11-R Installation and Management Guide for more information. The Quality of Service (QoS) feature is based on the 802.16 standard and defines the classes, service flows, and packet identification rules for specific types of traffic. QoS main priority is to guarantee a reliable and adequate transmission quality for all types of traffic under conditions of high congestion and bandwidth over-subscription. There are already several pre-defined QoS classes, SFCs and PIRs available that you may choose from which cover the most common types of traffic. If you want to configure something else, you start building the hierarchy of a QoS class by defining PIRs; then you associate some of those PIRs to specific Service Flow classes (SFCs); you assign priorities to each PIR within each SFC; and finally you define the QoS class by associating relevant SFCs to each QoS class. Concepts and Definitions The software supports QoS provisioning from the BSU only. You may define different classes of service on a BSU that can then be assigned to the SUs that are associated, or that may get associated, with that BSU. The software provides the ability to create, edit, and delete classes of service that are specified by the following hierarchy of parameters:
Packet Identification Rule (PIR) up to 64 rules, including 17 predefined rules Service Flow class (SFC) up to 32 SFs, including 7 predefined SFCs; up to 8 PIRs may be associated per SFC Priority for each rule within each SF class 0 to 255, with 0 being lowest priority QoS class up to 8 QoS classes, including 4 predefined classes; up to 4 SFCs may be associated per QoS class Packet Identification Rule (PIR) A Packet Identification Rule is a combination of parameters that specifies what type of traffic is allowed or disallowed. The software allows to create up to 64 different PIRs, including 17 predefined PIRs. It provides the ability to create, edit, and delete PIRs that contain none, one, or more of the following classification fields:
Rule Name 802.1p tag (layer 2 QoS identification) Up to 4 pairs of Source IP address + Mask Up to 4 pairs of Destination IP address + Mask Up to 4 source TCP/UDP port ranges IP ToS (Layer 3 QoS identification) IP Protocol List containing up to 4 IP protocols 49 System Overview of Subscriber Module Quality of Service (QoS) MeshMAX 5054 Series User Guide Up to 4 destination TCP/UDP port ranges Up to 4 source MAC addresses Up to 4 destination MAC addresses VLAN ID Ether type (Ethernet protocol identification) A good example is provided by the 17 predefined PIRs. Note that these rules help to identify specific traffic types:
1. All No classification fields, all traffic matches 2. Cisco VoIP UL a. Protocol Source Port Range (16,000-32,000) b. IP Protocol List (17 = UDP) 3. Vonage VoIP UL a. Protocol Source Port Range (8000-8001, 10000-20000) b. IP Protocol List (17 = UDP) 4. Cisco VoIP DL a. Protocol Destination Port Range (16,000-32,000) b. IP Protocol List (17 = UDP) 5. Vonage VoIP DL a. Protocol Destination Port Range (8000-8001, 10000-20000) b. IP Protocol List (17 = UDP) 6. TCP a. IP Protocol List (6) 7. UDP a. IP Protocol List (17) 8. PPPoE Control a. Ethertype (type 1, 0x8863) 9. PPPoE Data a. Ethertype (type 1, 0x8864) 10.IP a. Ethertype (type 1, 0x800) 11.ARP a. Ethertype (type 1, 0x806) 12.Expedited Forwarding a. IP TOS/DSCP (low=0x2D, high=0x2D, mask = 0x3F) 13.Streaming Video (IP/TV) a. IP TOS/DSCP (low=0x0D, high=0x0D, mask = 0x3F) 14.802.1p BE a. Ethernet Priority (low=0, high=0) (this is the equivalent of the User Priority value in the TCI (Tag Control Information) field of a VLAN tag) 15.802.1p Voice a. Ethernet Priority (low=6, high=6) (this is the equivalent of the User Priority value in the TCI (Tag Control Information) field of a VLAN tag) 16.802.1p Video 50 System Overview of Subscriber Module Quality of Service (QoS) MeshMAX 5054 Series User Guide a. Ethernet Priority (low=5, high=5) (this is the equivalent of the User Priority value in the TCI (Tag Control Information) field of a VLAN tag) 17.L2 Broadcast/Multicast a. Ethernet Destination (dest = 0x80000000, mask = 0x80000000) Note that two different VoIP rule names have been defined for each direction of traffic, Uplink (UL) and Downlink (DL),
(index numbers 2 to 5). This has been done to distinguish the proprietary nature of the Cisco VoIP implementation as opposed to the more standard Session Initiation Protocol (SIP) signaling found, for example, in the Vonage-type VoIP service. Service Flow Class (SFC) A Service Flow class defines a set of parameters that determines how a stream of application data that matches a certain classification profile will be handled. The software allows to create up to 32 different SFs, including seven predefined SFs. The software provides the ability to create, edit, and delete SFs that contain the following parameters and values:
Service flow name Scheduling type Best Effort (BE); Real-Time Polling Service (RtPS) Service Flow Direction Downlink (DL: traffic from BSU to SU); Uplink (UL: traffic from SU to BSU) Maximum sustained data rate (or Maximum Information Rate, MIR) specified in units of 1 Kbps from 8 Kbps up to he maximum rate of 108000 Kbps per SU Minimum reserved traffic rate (or Committed Information Rate, CIR) specified in units of 1 Kbps from 0 Kbps up to the maximum rate of 10000 Kbps per SU Maximum Latency specified in increments of 5 ms steps from a minimum of 5 ms up to a maximum of 100 ms Tolerable Jitter specified in increments of 5 ms steps from a minimum of 0 ms up to the Maximum Latency (in ms) Traffic priority zero (0) to seven (7), 0 being the lowest, 7 being the highest Maximum number of data messages in a burst one (1) to four (4), which affects the percentage of the maximum throughput of the system Activation state Active; Inactive Note that traffic priority refers to the prioritization of this specific Service Flow. The software tries to deliver the packets within the specified latency and jitter requirements, relative to the moment of receiving the packets in the unit. For delay-sensitive traffic the jitter must be equal to or less than the latency. A packet is buffered until an interval of time equal to the difference between Latency and Jitter (Latency Jitter) has elapsed. The software will attempt to deliver the packet within a time window starting at (Latency Jitter) until the maximum Latency time is reached. If the SFCs scheduling type is real-time polling (rtPS), and the packet is not delivered by that time, it will be discarded. This can lead to loss of packets without reaching the maximum throughput of the wireless link. For example, when the packets arrive in bursts on the Ethernet interface and the wireless interface is momentarily maxed out, then the packets at the end of the burst may be timed out before they can be sent. Users are able to set up their own traffic characteristics (MIR, CIR, latency, jitter, etc.) per service flow class to meet their unique requirements. A good example is provided by the seven predefined SFCs:
1. UL-Unlimited BE a. Scheduling Type = Best Effort b. Service Flow Direction = Uplink c. d. Maximum Sustained Data Rate = 20 Mbps e. Traffic Priority = 0 Initialization State = Active 2. DL-Unlimited BE (same as UL-Unlimited BE, except Service Flow Direction = Downlink) 3. UL-G711 20 ms VoIP rtPS a. Schedule type = Real time Polling 51 System Overview of Subscriber Module Quality of Service (QoS) Initialization State = Active b. Service Flow Direction = Uplink c. d. Maximum Sustained Data Rate = 88 Kbps e. Minimum Reserved Traffic Rate = 88 Kbps f. Maximum Latency = 20 milliseconds g. Traffic Priority = 1 MeshMAX 5054 Series User Guide 4. DL-G711 20 ms VoIP rtPS (same as UL-G711 20ms VoIP rtPS, except Service Flow Direction = Downlink) 5. UL-G729 20 ms VoIP rtPS (same as UL-G711 20ms VoIP rtPS, except Maximum Sustained Data Rate and Maximum Reserved Traffic Rate = 64 Kbps) 6. DL-G729 20 ms VoIP rtPS (same as UL-G729 20ms VoIP rtPS, except Service Flow Direction = Downlink) 7. DL-2Mbps Video Initialization State = Active a. Schedule type = Real time Polling b. Service Flow Direction = Downlink c. d. Maximum Sustained Data Rate = 2 Mbps e. Minimum Reserved Traffic Rate = 2 Mbps f. Maximum Latency = 20 milliseconds g. Traffic Priority = 1 Note that two different VoIP Service Flow classes for each direction of traffic have been defined (index numbers 3 to 6) which follow the ITU-T standard nomenclatures: G.711 refers to a type of audio companding and encoding that produces a 64 Kbps bitstream, suitable for all types of audio signals. G.729 is appropriate for voice and VoIP applications, but cannot transport music or fax tones reliably. This type of companding and encoding produces a bitstream between 6.4 and 11.8 Kbps (typically 8 Kbps) according to the quality of voice transport that is desired. QoS Class A QoS class is defined by a set of parameters that includes the PIRs and SFCs that were previously configured. The software allows creating up to eight different QoS classes, including four predefined QoS classes. Up to four SF classes can be associated to each QoS class, and up to eight PIRs can be associated to each SF class. For example, a QoS class called G711 VoIP may include the following SFCs: UL-G711 20 ms VoIP rtPS and DL-G711 20 ms VoIP rtPS. In turn, the SFC named UL-G711 20 ms VoIP rtPS may include the following rules: Cisco VoIP UL and Vonage VoIP UL. The software provides the ability to create, edit, and delete QoS classes that contain the following parameters:
QoS class name Service Flow (SF) class name list per QoS class (up to four SF classes can be associated to each QoS class) Packet Identification Rule (PIR) list per SF class (up to eight PIRs can be associated to each SF class) Priority per rule which defines the order of execution of PIRs during packet identification process. The PIR priority is a number in the range 0-63, with priority 63 being executed first, and priority 0 being executed last. The PIR priority is defined within a QoS class, and can be different for the same PIR in some other QoS class. If all PIRs within one QoS class have the same priority, the order of execution of PIR rules will be defined by the order of definition of SFCs, and by the order of definition of PIRs in each SFC, within that QoS class. A good example of this hierarchy is provided by the four predefined QoS classes:
1. Unlimited Best Effort a. SF class: UL-Unlimited BE PIR: All; PIR Priority: 0 b. SF class: DL-Unlimited BE PIR: All; PIR Priority: 0 52 MeshMAX 5054 Series User Guide System Overview of Subscriber Module Quality of Service (QoS) 2. G711 VoIP a. SF class: UL-G711 20 ms VoIP rtPS PIR: Vonage VoIP UL; PIR Priority: 1 PIR: Cisco VoIP UL; PIR Priority: 1 b. SF class: DL-G711 20 ms VoIP rtPS PIR: Vonage VoIP DL; PIR Priority: 1 PIR: Cisco VoIP DL; PIR Priority: 1 3. G729 VoIP a. SF class: UL-G729 20 ms VoIP rtPS PIR: Vonage VoIP UL; PIR Priority: 1 PIR: Cisco VoIP UL; PIR Priority: 1 b. SF class: DL-G729 20 ms VoIP rtPS PIR: Vonage VoIP DL; PIR Priority: 1 PIR: Cisco VoIP DL; PIR Priority: 1 4. 2Mbps Video a. SF class: DL-2Mbps Video PIR: Streaming Video (IP/TV); PIR Priority: 1 53 Basic Management of Subscriber Module MeshMAX 5054 Series User Guide 4 This chapter describes basic features and functionality of the unit. In most cases, configuring these basic features is sufficient. The following topics are discussed in this chapter:
Navigation Rebooting and Resetting General Configuration Settings Monitoring Settings Security Settings Default Settings Upgrading the Unit Navigation To use the Web Interface for configuration and management, you must access the unit. With ScanTool you can determine the units current IP address. Then enter http://<ip address> in your Web browser (for example http://10.0.0.1). NOTE: If you have your Security Internet Options set to High, you may not be able to access the Web interface successfully; a high security setting disables JavaScript, which is required for running Proxims Web browser interface. Adding the radios IP address as a Trusted site should fix this problem. The Web Interface consists of Web page buttons and tabs. A tab can also contain sub-tabs. The following figure shows the convention used to guide you to the correct tab or sub-tab. Click Configure > Interfaces > Wireless:
1 2 3 The Web Interface also provides online help, which is stored on your computer. 54 Basic Management of Subscriber Module Rebooting and Resetting Rebooting and Resetting MeshMAX 5054 Series User Guide All configuration changes require a restart unless otherwise stated. New features explicitly state whether a reboot is required or not. You can restart the unit with the Reboot command; see the first method described in the following sub-sections. Most changes you make become effective only when the Subscriber unit is rebooted. A reboot stores configuration information in non-volatile memory and then restarts the Subscriber unit with the new values. In some cases, the Subscriber unit reminds you that a reboot is required for a change to take effect. You need not reboot immediately; you can reboot after you have made all your changes. NOTE: Saving of the units configuration occurs only during a controlled reboot or by specifically issuing the CLI Save command. If you make changes to settings without a controlled reboot (command) and you have not issued the Save command, a power outage would wipe out all changes since the last reboot. For example, entering static routes takes effect immediately; however, the routes are not saved until the unit has gone through a controlled reboot. Proxim strongly recommends saving your settings immediately when you finish making changes. Rebooting When you reboot, the changes you have made become effective and the Subscriber unit is restarted. The changes are saved automatically in non-volatile memory before the actual reboot takes place. To reboot, click Commands > Reboot > Reboot button. The Subscriber unit restarts the embedded software. During reboot, you are redirected to a page showing a countdown timer, and you are redirected to the Status page after the timer counts down to 0 (zero). The CLI is disconnected during reboot. This means that a new telnet session must be started. Resetting Hardware If the unit does not respond for some reason and you are not able to reboot, you can restart by means of a hardware reset. This restarts the hardware and embedded software. The last saved configuration is used. Any changes that you have made since then are lost. To reset the hardware, press and release the RESET button on the Subscriber unit unit with, for example, a pencil. Soft Reset to Factory Default If necessary, you can reset the unit to the factory default settings. This must be done only when you are experiencing problems. Resetting to the default settings requires you to reconfigure the unit. To reset to factory default settings:
1. Click Commands > Reset. 2. Click the Reset to Factory Default button. The device configuration parameter values are reset to their factory default values. If you do not have access to the unit, you can use the procedure described in Hard Reset to Factory Default as an alternative. Reset and Reboot Functionality The Reset and Reboot functionality on the power injector provides a way to reset the subscriber module and is applicable during the boot up phase. To initiate the Reset and Reload functionality, use the Reload button, available on the side of power injector. The Reload feature implemented in the boot loader ensures that the application software image is removed from the flash, and reloads the either the Mesh or Subscriber modules of MeshMAX unit, but they cannot be reloaded simultaneously. As soon as the image is removed, the boot loader prompt appears to ensure that new application is downloaded.User can use TFTP for normal operation. Press the Reload button to perform the reload functionality. 55 Basic Management of Subscriber Module General Configuration Settings MeshMAX 5054 Series User Guide If the Reload button us pressed for 10-20 seconds and released, then reloading operation is not performed and the operation is aborted. If the Reload button is pressed for 20 seconds and above, then the Subscriber module is reload state. NOTE: Boot loader will display all events to the serial console, which will guide user to perform Relad functionality. General Configuration Settings System Status: The status tab showing the system status is displayed automatically when you log into the Web interface. It is also the default window displayed when you click the Status button on the left side of the window. System Configuration: The System Configuration window lets you change the units country, system name, location name, and so on (see the window to the right). The Country selection is required to enable the correct radio parameters. The other details help distinguish this unit from other routers, and let you know whom to contact in case of problems. IP Configuration: The IP Configuration window lets you change the units IP parameters. These settings differ between Routing and Bridge mode. Interface Configuration: The Interface configuration pages let you change the Ethernet and Wireless parameters. The Wireless tab is displayed by default when you click the Interfaces tab. Ethernet: To configure the Ethernet interface, click Configure > Interfaces > Ethernet. You can set the Configuration parameter from this tab for the type of Ethernet transmission. The recommended setting is auto-speed auto-duplex. Wireless: To configure the wireless interface, click Configure > Interfaces > Wireless. For the Subscriber module, the wireless interface is always in WORP Satellite mode (selected from the Interface Type drop-down box). VLAN Configuration: VLANs are configured on the Base Station Unit only. 56 Basic Management of Subscriber Module Monitoring Settings Monitoring Settings MeshMAX 5054 Series User Guide The unit offers various facilities to monitor its operation and interfaces. Only the most significant monitoring categories are mentioned here. Wireless: To monitor the wireless interfaces, click Monitor > Wireless. This tab lets you monitor the general performance of the radio and the performance of the WORP Base or WORP Satellite interfaces. Interfaces: To monitor transmission details, click Monitor > Interfaces. The Interfaces tab provides detailed information about the MAC-layer performance of the wireless network and Ethernet interfaces. Per Station: Click Monitor > Per Station to view Station Statistics. On the SU, the Per Station page shows statistics of the BSU to which the SU is registered. The pages statistics refresh every 4 seconds. Security Settings To prevent misuse, the Subscriber unit provides wireless data encryption and password-protected access. Be sure to set the encryption parameters and change the default passwords. In addition to Wired Equivalent Privacy (WEP), the units support Advanced Encryption Standard (AES) 128-bit encryption. Two types of the AES encryption are available. The AES CCM protocol is now also supported. Proxim highly recommends you change the Network Name, Encryption Key, and Shared Secret as soon as possible. To do so, click Configure > Interfaces > Wireless. The encryption key is set using the Security tab. For systems that will use roaming features, the Network Name, Encryption Key, and the Shared Secret should each be the same for all SUs that are allowed to roam as well as for all BSUs to which these SUs are allowed to roam. Encryption You can protect the wireless data link by using encryption. Encryption keys can be 5 (64-bit), 13 (WEP 128-bit), or 16
(AES 128-bit) characters in length. Both ends of the wireless data link must use the same parameter values. In addition to Wired Equivalent Privacy (WEP), the unit supports Advanced Encryption Standard (AES) 128-bit encryption. To set the encryption parameters, click Configure > Security > Encryption. See Encryption. Passwords Access to the units are protected with passwords. The default password is public. For better security it is recommended to change the default passwords to a value (6-32 characters) known only to you. To change the units HTTP, Telnet, or SNMP passwords, click Configure > Management > Password. See Passwords. 57 Basic Management of Subscriber Module Default Settings Default Settings MeshMAX 5054 Series User Guide Feature Default Setting System Name Mode of Operation Routing IP Address Assignment Type IP Address Subnet Mask Default Router IP Address Default TTL RIPv2 Base Station System Name Network Name Frequency Channel Subscriber Module Bridge Disabled Static 10.0.0.1 255.255.255.0 10.0.0.1 64 Enabled when in Routing Mode
<blank>
OR_WORP Channel 149, Frequency 5.745 GHz (FCC Only devices) DFS Enabled (World Mode devices) Transmit Power Control (TPC) 0 dB Data Rate 36 Mbps Turbo Mode Disabled Channel Bandwidth 20 MHz Registration Timeout 5 Network Secret public Serial port Baud Rate (for factory use only) 9600 SNMP Management Interface Enabled Telnet Management Interface Enabled HTTP Management Interface Enabled HTTP Port 80 Telnet Port 23 Telnet Login Timeout 30 Telnet Session Timeout 900 Password public Maximum Satellites (per BSU) 250 MAC Authentication Disabled Radius Authentication Disabled Encryption Disabled Static MAC Address Filter Disabled / No Entries Ethernet Protocol Filtering All Filters Disabled DFS Priority Frequency Channel Disabled Announcement Period (when roaming enabled) 100 ms Multi-Frame Bursting Enabled Storm Threshold Broadcast/Multicast Unlimited Broadcast Protocol Filtering All Protocols Allowed Dynamic Data Rate Selection Disabled Roaming Disabled NAT Disabled Intra-Cell Blocking Disabled Antenna Alignment Disabled 58 Basic Management of Subscriber Module Upgrading the Unit MeshMAX 5054 Series User Guide Feature Default Setting Country Selection DHCP Server DHCP Relay Spanning Tree Protocol Antenna Gain Satellite Density VLAN Mode Access VLAN ID Access VLAN Priority Management VLAN ID Management VLAN Priority Trunk VLAN ID Upgrading the Unit US-only device US World device GB Disabled Disabled Disabled 0 (For DFS Threshold compensation) Large BSU: Transparent Mode SU: Transparent mode when BSU is in Transparent mode;
Trunk mode when the BSU is in Trunk mode. BSU: N/A; SU: 1 BSU: N/A; SU: 0 BSU: -1; SU: -1 BSU: 0; SU: 0 BSU: N/A; SU: -1 The units are equipped with embedded software that can be updated when new versions are released. Updating the embedded software is described Web Interface Image File Download. A TFTP server is provided on the Documentation and Software CD; the server is required to transfer the downloaded file to the unit. See TFTP Server Setup. To access all resolved problems in our solution database, or to search by product, category, keywords, or phrases, go to http://secure.proxim.com You can also find links to drivers, documentation, and downloads at this link. 59 System Status MeshMAX 5054 Series User Guide 5 This section describes viewing system status and event log information from the units Web Interface. Subscriber Module Status Event Log Mesh and Access Point Module Subscriber Module Click on the Status button to access system and event log information. See the following sections:
Status Event Log Help and Exit buttons also appear on each page of the Web interface; click the Help button to access online help; click the Exit button to exit the application. For an introduction to the basics of management, see Basic Management of Subscriber Module. Status The Status tab showing the system status is displayed automatically when you log into the Web Interface. It also is the default window displayed when you click the Status button on the left side of the window. The Status tab shows the System Status and the System Traps. 60 System Status Subscriber Module MeshMAX 5054 Series User Guide Figure 5-1 System Status Screen of Subscriber Module System Status The basic system status is shown in this section, including the version number of the embedded software. Systems Traps The status of system traps is shown in this section. System traps occur when the Subscriber unit encounters irregularities. Deleting system traps has no effect on the operation of the Subscriber unit. System traps also are sent to an SNMP manager station (if so configured). Event Log Click the Status button and the Event Log tab to view the contents of your Event Log. The Event Log keeps track of events that occur during the operation of the Subscriber unit. The Event Log displays messages that may not be captured by System Traps, such as the Transmit Power for the Frequency Channel selected. 61 System Status Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 5-2 Event Log Screen of Subscriber Module Mesh and Access Point Module The first screen displayed after Logging In is the System Status screen. You can always return to this screen by clicking the Status button. Figure 5-3 System Status Screen of Mesh and Access Point Module The System Status screen provides the following information:
System Status: This area provides system-level information, including the units IP address and contact information. System Alarms: System traps (if any) appear in this area. Each trap identifies a specific severity level: critical, major, minor, and informational. NOTE: On APs with model numbers ending in -WD, an operating Country must be selected (during the Setup Wizard or on the Configure > System tab). If a country has not been selected, an informational message will appear in the System Alarms list, and you will be unable to configure interface parameters. From this screen, you can also access the APs monitoring and configuration options by clicking on the buttons on the left of the screen. 62 Configuration MeshMAX 5054 Series User Guide 6 This section describes configuring the MeshMAX 5054 settings using the units web interface. The following topics are discussed in this chapter:
Configuring the Subscriber Module System Parameters Bridge and Routing Modes Network Parameters IP Configuration Roaming DHCP Server Spanning Tree (Bridge Mode Only) DHCP Relay Agent (Routing Mode Only) Interface Parameters Wireless Ethernet IP Routes (Routing Mode only) SNMP Parameters Trap Host Table Management Parameters Passwords Services Security Parameters MAC Authentication (BSU Only) Encryption Filtering Parameters Overview Ethernet Protocol Static MAC Address Filtering Storm Threshold Broadcast Protocol Filtering IP Access Table Filtering RIP Parameters (Routing Mode Only) RIP Example RIP Notes NAT (Routing Mode Only) NAT Static Port Mapping Table Supported Session Protocols Advanced Configuration of Mesh and Access Point Module System Parameters 63 Configuration MeshMAX 5054 Series User Guide Dynamic DNS Support Network Parameters IP Configuration Link Integrity DHCP Server DHCP Relay Agent SNTP (Simple Network Time Protocol) Interface Parameters Operational Mode Wireless-A (802.11a or 4.9 GHz Radio) and Wireless-B (802.11b/g Radio) Ethernet Mesh Management IP Access Table Passwords Services Automatic Configuration (AutoConfig) Hardware Configuration Reset (CHRD) Filtering Ethernet Protocol Static MAC Advanced TCP/UDP Port Alarms Groups Syslog Rogue Scan Bridge Spanning Tree Storm Threshold Packet Forwarding Intra BSS QoS Wi-Fi Multimedia (WMM)/Quality of Service (QoS) Introduction Policy Priority Mapping Enhanced Distributed Channel Access (EDCA) Radius Profiles RADIUS Servers per Authentication Mode and per VLAN Configuring Radius Profiles MAC Access Control Via RADIUS Authentication RADIUS Accounting 802.1x Authentication using RADIUS 64 Configuration Configuring the Subscriber Module SSID/VLAN/Security VLAN Overview Management VLAN Security Profile MAC Access Wireless-A or Wireless-B MeshMAX 5054 Series User Guide Configuring the Subscriber Module Click the Configure button to access configuration settings. Help and Exit buttons also appear on each page of the Web interface; click the Help button to access online help; click the Exit button to exit the application. For an introduction to the basics of management, see Basic Management of Subscriber Module. System Parameters The System configuration page lets you change the units System Name, Location, Mode of Operation, and so on. These details help you to distinguish the unit from other routers and let you know whom to contact in case you experience problems. Click Configure > System; the following window is displayed. You can enter the following details:
System Name: This is the system name for easy identification of the SU. The System Name field is limited to a length of 32 bytes. Use the system name of a BSU to configure the Base Station System Name parameter on an SU if you want the SU to register only with this BSU. If the Base Station System Name is left blank on the SU, it can register with any Base Station that has a matching Network Name and Network Secret. Country: Upon choosing a country/band, the Dynamic Frequency Selection (DFS) and Transmit Power Control (TPC) features are enabled automatically if the selected country/band has a regulatory domain that requires it. The Country selection pre-selects and displays only the allowed frequencies for the selected country/band. Click Configure > Interfaces > Wireless to see the channel/frequency list for the selected Country. NOTE: If All Channels 5 GHz is selected from the Country drop-down menu, any channel in the 5 GHz range are displayed for manual selection. 65 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide NOTE: Units sold only in the United States are pre-configured to scan and display only the outdoor frequencies permitted by the FCC. No other Country selections, channels, or frequencies can be configured. Units sold outside of the United States support the selection of a Country by the professional installer. If you change the Country, a reboot of the unit is necessary for the upgrade to take place. For a non US-only device, the default country selected is United Kingdom (GB). Note the following:
The channel center frequencies are not regulated; only the band edge frequencies are regulated. If, before upgrade, US was selected as a country for a non US-Only device (which is an incorrect configuration), the country is changed automatically to United Kingdom upon upgrade. See Country Codes for Subscriber Module for a list of country codes. Location: This field can be used to describe the location of the unit, for example Main Lobby. Contact Name, Contact Email, and Contact Phone: In these fields, you can enter the details of the person to contact. ObjectID: This read-only field shows the OID of the product name in the MIB. Ethernet MAC Address: This read-only field shows the MAC address of the Ethernet interface of the device. Descriptor: This read-only field shows the product name and firmware build version. Up Time: This read-only field shows the length of time the device has been up and running since the last reboot. Mode of Operation: This drop-down menu is used to set the unit as a bridge (layer 2) or as a router (layer 3). See Bridge and Routing Modes for more information. Bridge and Routing Modes Bridge Mode A bridge is a product that connects a local area network (LAN) to another LAN that uses the same protocol (for example, Ethernet). You can envision a bridge as being a device that decides whether a message from you to someone else is going to the local area network in your building or to someone on the local area network in the building across the street. A bridge examines each message on a LAN, passing those known to be within the same LAN, and forwarding those known to be on the other interconnected LAN (or LANs). In bridging networks, computer or node addresses have no specific relationship to location. For this reason, messages are sent out to every address on the network and are accepted only by the intended destination node. Bridges learn which addresses are on which network and develop a learning table so that subsequent messages can be forwarded to the correct network. Bridging networks are generally always interconnected LANs since broadcasting every message to all possible destination would flood a larger network with unnecessary traffic. For this reason, router networks such as the Internet use a scheme that assigns addresses to nodes so that a message or packet can be forwarded only in one general direction rather than forwarded in all directions. A bridge works at the data-link (physical) layer of a network, copying a data packet from one network to the next network along the communications path. The default Bridging Mode is Transparent Bridging. This mode works if you do not use source routing in your network. If your network is configured to use source routing, then you should use either Multi-Ring SRTB or Single-Ring SRTB mode. In Multi-Ring SRTB mode, each unit must be configured with the Bridge number, Radio Ring number, and Token Ring number. The Radio Ring number is unique for each Token Ring Access Point and the Bridge number is unique for each Token Ring Access Point on the same Token Ring segment. Alternatively, you may use the Single-Ring SRTB mode. In this mode, only the Token Ring number is required for configuration. 66 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Routing Mode Routing mode can be used by customers seeking to segment their outdoor wireless network using routers instead of keeping a transparent or bridged network. By default the unit is configured as a bridge device, which means traffic between different outdoor locations can be seen from any point on the network. By switching to routing mode, your network now is segmented by a layer 3 (IP) device. By using Routing mode, each network behind the BSU and SUs can be considered a separate network with access to each controlled through routing tables. The use of a router on your network also blocks the retransmission of broadcast and multicast packets on your networks, which can help to improve the performance on your outdoor network in larger installations. The use of Routing mode requires more attention to the configuration of the unit and thorough planning of the network topology of your outdoor network. BSU and SUs can use routing mode in any combination. For example, you may have the BSU in Routing mode and the SU in Bridge mode, or vice versa. When using Routing mode, pay close attention to the configuration of the default gateway both on your unit and on your PCs and servers. The default gateway controls where packets with unknown destinations (Internet) should be sent. Be sure that each device is configured with the correct default gateway for the next hop router. Usually this is the next router on the way to your connection to the Internet. You can configure routes to other networks on your Intranet through the addition of static routes in your routers routing table. Key Reasons to Use Routing Mode One key reason why customers would use Routing mode is to implement virtual private networks (VPNs) or to let nodes behind two different SUs communicate with each other. Many customers do this same thing in Bridging mode by using secondary interfaces on the router at the BSU or virtual interfaces at the BSU in VLAN mode to avoid some of the drawbacks of IP Routing mode. Routing mode prevents the transport of non-IP protocols, which may be desirable for Service Providers. Routing mode is usually more efficient because Ethernet headers are not transported and non-IP traffic is blocked. Benefits of using Routing Mode Enabling RIP makes the Subscriber unit easier to manage for a Service Provider that uses RIP to dynamically manage routes. RIP is no longer very common for Service Providers or Enterprise customers and an implementation of a more popular routing protocol like OSPF would be desirable. Routing mode saves bandwidth by not transporting non-IP protocols users might have enabled, like NetBEUI or IPX/SPX, which eliminates the transmission of broadcasts and multicasts. The MAC header is:
Destination MAC 6 bytes Source MAC 6 bytes Ethernet Type 2 bytes If the average packet size is 1000 bytes, the overhead saved is 1.5%; With a frame size of 64 bytes, the overhead saved is 20%; and for frame sizes of 128 bytes, the saving is 10%. Network researches claim that most network traffic consists of frames smaller than 100 bytes. In order to support routers behind the SUs with multiple subnets and prevent routing loops, you want individual routes
(and more then one) per SU. Routing Mode Examples In the first example, both the BSU and the SUs are configured for Routing mode. This example is appropriate for businesses connecting remote offices that have different networks. In example 2, the BSU is in Routing mode and the SUs are in Bridge mode. Notice the PCs behind the SUs must configure their default gateways to point to the BSU, not the SU. 67 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Notes:
One of the most important details to pay attention to in Routing mode are the units and the PCs default gateways. It is a common mistake to set up the PCs gateway to point to the SU when the SU is in Bridge mode and the BSU is in Routing mode. Always check to make sure the PCs on your network are configured to send their IP traffic to the correct default gateway. Be sure to reboot the unit to permanently save static routes. New routes take effect immediately without a reboot, but are not permanently saved with your configuration until you do reboot the device. An unexpected power outage could cause static routes you entered to disappear when the unit reboots if they have not been saved. You also should save a copy of your units configuration file in case the unit must be reloaded. This saves you from being required to re-enter numerous static routes in a large network. The routing table supports up to 500 static routes. Network Parameters The Network tab contains the following sub-tabs. Note that the availability of some sub-tabs depends on whether the unit is in Bridge or Routing Mode:
IP Configuration Click Configure > Network > IP Configuration to view and configure local IP address information. Configurable settings differ between Bridge mode and Routing mode. Bridge Mode If the device is configured in Bridge mode, the following screen is displayed:
68 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Configure or view the following parameters:
IP Address Assignment Type:
Select Static if you want to assign a static IP address to the unit. Use this setting if you do not have a DHCP server or if you want to manually configure the IP settings Select Dynamic to have the device run in DHCP client mode, which gets an IP address automatically from a DHCP server over the network. When the unit is in Bridge mode, only one IP address is required. This IP address also can be changed with ScanTool. IP Address: The units static IP address (default IP address is 10.0.0.1). This parameter is configurable only if the IP Address Assignment Type is set to Static. Subnet Mask: The mask of the subnet to which the unit is connected (the default subnet mask is 255.255.255.0). This parameter is configurable only if the IP Address Assignment Type is set to Static. Default Router IP Address: The IP address of the default gateway. This parameter is configurable only if the IP Address Assignment Type is set to Static. Default TTL: The default time-to-live value. Routing Mode If the device is configured in Routing mode, both Ethernet and Wireless interfaces require an IP address. The following screen is displayed:
Configure or view the following parameters:
Subnet Mask Ethernet Port: The units Ethernet IP address subnet mask.The default is 255.255.255.0. IP Address Ethernet Port: The units Ethernet IP address. The default is 10.0.1.1. 69 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide IP Address Wireless Slot A: The units wireless IP address. The default is 10.0.1.1. Subnet Mask Wireless Slot A: The units wireless IP address subnet mask. Default Router IP Address: The routers IP address. Default TTL: The default time-to-live value. Management Interface: The interface used to manage the device. Select Ethernet, Wireless, or Auto. Roaming Roaming Overview Roaming is a feature by which an SU terminates the session with the current BSU and starts the registration procedure with another BSU when it finds the quality of the other BSU to be better. Roaming provides MAC level connectivity to the SU that roams from one BSU to another. Roaming takes place across the range of frequencies and channel bandwidths
(5, 10, or 20 MHz, as available) that are available per configuration. The current release offers handoff times of up to a maximum of 80 ms. This is fast enough to allow the SU to seamlessly roam from one BSU to the other therefore supporting session persistence for delay-sensitive applications. The feature also functions as BSU backup in case the current BSU fails or becomes unavailable. The Roaming feature lets the SU monitor local SNR and data rate for all frames received from the current BSU. As long as the average local SNR for the current BSU is greater than the slow scanning threshold, and the number of retransmitted frames is greater than the slow scanning threshold given in percentage, the SU does not scan other channels for a better BSU. The normal scanning procedure starts when the average local SNR for the current BSU is less than or equal to the slow scanning threshold and the number of retransmitted frames is greater than the slow scanning threshold given in percentage. During the normal scanning procedure the SU scans the whole list of active channels while maintaining the current session uninterrupted. Fast scanning is the scanning procedure performed when the average local SNR for the current BSU is very low
(below the fast scanning threshold) and the number of retransmitted frames is greater than the fast scanning retransmission threshold given in%, so that the current session should terminate as soon as possible. During this procedure, the SU scans other active channels as fast as possible. Roaming can only occur if the normal scanning or fast scanning procedure is started under the following conditions:
1. If the roaming is started from the normal scanning procedure (after the SU scans all the active channels), the SU selects the BSU with the best SNR value on all available channels. The SU roams to the best BSU only if the SNR value for the current BSU is still below the slow scanning SNR threshold, and best BSU offers a better SNR value for at least roaming threshold than the current BSU. The SU starts a new registration procedure with the best BSU without ending the current session. If the roaming is started from the fast scanning procedure, the SU selects the first BSU that offers better SNR than the current BSU, and starts a new registration procedure with the better BSU without ending the current session. 2. Roaming with Dynamic Data Rate Selection (DDRS) Enabled When an SU roams from BSU-1 to BSU-2 and DDRS is enabled, the data rate at which the SU connects to BSU-2 is the default DDRS data rate. If this remains at the factory default of 6 Mbps, there can be issues with the application if it requires more then 6 Mbps (for example multiple video streams). Applications requiring a higher data rate could experience a slight data loss during the roaming process while DDRS selects a higher rate (based upon link conditions). When the applications re-transmit at a possibly slower rate, the WORP protocol initially services the data at 6 Mbps and increases the data rate up to the "Maximum DDRS Data Rate" (ddrsmaxdatarate) one step at a time. Because the applications are not being serviced at the best possible rate, they further slow down the rate of data send. 70 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide The DDRS algorithm requires data traffic (a minimum of 128 frames) to raise the rate to a higher value. Although roaming occurs successfully, the previous scenario causes applications to drop their sessions; hence session persistence is not maintained. NOTE: You must know the data rate required for the applications running and you must ensure (during network deployment) that the ranges and RF links can support the necessary data rate. You also must set the default DDRS data rate at the capacity necessary for the application so that it connects to the next Base Station at the required capacity if roaming occurs. Set the Default DDRS Data Rate (ddrsdefdatarate) to a greater value (24, 36, 48 or 54 Mbps, for example) for applications requiring session persistence when roaming occurs. Roaming Configuration Click Configure > Network > Roaming to configure Roaming. Enable or disable the Roaming feature in the Roaming Status drop-down box. The default value is disabled. NOTE: To enable roaming, you must enable Roaming Status on both the BSU and the SU. An SU scans all available channels for a given bandwidth during roaming. In order to reduce the number of channels an SU has to scan and thus decrease the roaming time, a channel priority list that tells the SU what channels to scan is implemented. Each channel in the channel priority list is specified with its corresponding bandwidth and the priority with which it should be scanned, either Active (standard priority), Active High (high priority), or Inactive. An SU will scan all channels indicated as Active during roaming. However, it will scan active channels indicated as High Priority before scanning active channels indicated as standard priority. Channels that are not going to be used in the wireless network should be configured as Inactive so that the SU can skip over those channels during scanning saving this way time. A BSU broadcasts the channel priority list to all valid authenticated SUs in its sector. It re-broadcasts the channel priority list to all SUs every time the list is updated on the BSU. For information for configuring the channel priority list on the BSU see the Tsunami MP.11-R Installation and Management Guide. Note that an SU may roam from one BSU with a bandwidth setting to another BSU with a different bandwidth setting. Since in this case more channels need to be scanned than with only one channel bandwidth setting, it is important that the channel priority list mentioned above is properly used to limit scanning time. When Scanning Across Bandwidth on the SU is enabled, the SU supports bandwidth selection of the communications channel of either 20 MHz, 10 MHz, or 5 MHz, as available. This allows the BSUs in the network to be set to different bandwidths while an SU can still roam from one BSU to the next, because it will not only scan other frequencies (when the signal level or quality are lower than the threshold) but it will also switch to other bandwidths to find a BSU that may be on another bandwidth than its current one. During roaming, the SU will start scanning first the channels on its current bandwidth from the Active channel list provided by the BSU in order to find a BSU to register, since that is the most likely setting for other BSUs in the network. If the SU cannot find an acceptable roaming candidate, it will switch bandwidth and start scanning channels on that 71 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide corresponding bandwidth from the Active channel list provided by the BSU. The process is repeated until the SU finds an appropriate BSU to register. In the example above, an SU whose current bandwidth is 20 MHz will start scanning all active channels within the bandwidth of 20 MHz. If it cannot find a suitable BSU, it will switch to a 10 MHz bandwidth and start scanning all active channels within that bandwidth, in this case channel 56 first since it is configured as high priority and channel 60 next. No channels will be scanned on the 5 MHz bandwidth since all those channels are configured as inactive. DHCP Server When enabled, the DHCP server allows allocation of IP addresses to hosts on the Ethernet side of the SU or BSU. Specifically, the DHCP Server feature lets the SU or BSU respond to DHCP requests from Ethernet hosts with the following information:
Host IP address Gateway IP address Subnet Mask DNS Primary Server IP address DNS Secondary Server IP Click Configure > Network > DHCP Server to enable the unit on a DHCP Server. The following parameters are configurable:
DHCP Server Status: Verify that DHCP Relay Agent is disabled. After you have made at least one entry in the DHCP server IP Pool Table, enable DHCP Server by selecting Enable from the DHCP Server Status pull-down menu. NOTE: There must be at least one entry in the DHCP server IP Pool Table to enable DHCP server. Also, DHCP server cannot be enabled if DHCP Relay Agent is enabled. Subnet Mask: The unit supplies this subnet mask in its DHCP response to a DHCP request from an Ethernet host. Indicates the IP subnet mask assigned to hosts on the Ethernet side using DHCP. Gateway IP Address: The unit supplies this gateway IP address in the DHCP response. It indicates the IP address of a router assigned as the default gateway for hosts on the Ethernet side. This parameter must be set. Primary DNS IP Address: The unit supplies this primary DNS IP address in the DHCP response. It indicates the IP address of the primary DNS server that hosts on the Ethernet side uses to resolve Internet host names to IP addresses. This parameter must be set. 72 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Secondary DNS IP Address: The unit supplies this secondary DNS IP address in the DHCP response. Number of IP Pool Table Entries: The number of IP pool table entries is a read-only field that indicates the total number of entries in the DHCP server IP Pool Table. Add Entries to the DHCP Server IP Pool Table You can add up to 20 entries in the IP Pool Table. An IP address can be added if the entrys network ID is the same as the network ID of the device. NOTE: After adding entries, you must reboot the unit before the values take effect. 1. To add an entry click Add Table Entries. 2. Enter the following parameters and click Add:
Start IP Address: Indicates the starting IP address that is used for assigning address to hosts on the Ethernet side in the configured subnet. End IP Address: Indicates the ending IP address that is used for assigning address to hosts on the Ethernet side in the configured subnet. Default Lease Time: Specifies the default lease time for IP addresses in the address pool. The value is 3600-86400 seconds. Max Lease Time: The maximum lease time for IP addresses in the address pool. The value is 3600-86400 seconds. Comment: The comment field is a descriptive field of up to 255 characters. Edit/Delete Entries in the DHCP Server IP Pool Table Entries 1. Click Edit/Delete Table Entries to make changes 2. Enter your changes and click OK. 73 Configuration Configuring the Subscriber Module Spanning Tree (Bridge Mode Only) MeshMAX 5054 Series User Guide NOTE: The unit must be in Bridge mode to configure Spanning Tree. This protocol is executed between the bridges to detect and logically remove redundant paths from the network. Spanning Tree can be used to prevent link-layer loops (broadcast is forwarded to all port where another device may forward it and, finally, it gets back to this unit; therefore, it is looping). Spanning Tree can also be used to create redundant links and operates by disabling links: hot standby customer is creating a redundant link without routing function. If your network does not support Spanning Tree, be careful to avoid creating network loops between radios. For example, creating a WDS link between two units connected to the same Ethernet network creates a network loop (if spanning tree is disabled). The Spanning Tree configuration options are advanced settings. Proxim recommends that you leave these parameters at their default values unless you are familiar with the Spanning Tree protocol. Click the Spanning Tree tab to change Spanning Tree values. Edit/Disable Entries in the Priority and Path Cost Table 1. Click Edit Table Entries to make changes 2. Enter your changes and click OK. IP Routes (Routing Mode only) NOTE: The unit must be in Routing mode to configure IP Routes. 74 Configuration Configuring the Subscriber Module Click Configure > Network > IP Routes to configure. MeshMAX 5054 Series User Guide Add IP Routes 1. Click the Add button; the following screen is displayed. 2. Enter the route information. 3. Click Add. The IP Address and Subnet Mask combination is validated for a proper combination. NOTE: When adding a new entry, the IP address of the Route Destination must be in either the Ethernet subnet or in the wireless subnet of the unit. Edit/Delete IP Routes 1. Click the Edit/Delete Table Entries button to make changes to or delete existing entries. 2. Edit the route information. 3. Click OK. The IP address and subnet mask combination is validated for a proper combination. 75 Configuration Configuring the Subscriber Module DHCP Relay Agent (Routing Mode Only) MeshMAX 5054 Series User Guide NOTE: The unit must be in Routing mode to configure DHCP Relay Agent. Click Configure > Network > DHCP RA to enable the Subscriber unit DHCP Relay Agent. When enabled, the DHCP relay agent forwards DHCP requests to the set DHCP server. There must be at least one entry in the corresponding Server IP Address table in order to enable the DHCP Relay Agent. Note that DHCP Relay Agent parameters are configurable only in Routing mode. It cannot be enabled when NAT or DHCP Server is enabled. Add Entries to the DHCP Relay Agent Table 1. Click Add Table Entries; the following window is displayed:
2. Enter the Server IP Address and any optional comments, and click Add. Edit/Delete Entries in the DHCP Relay Agent Table 1. Click Edit/Delete Table Entries. The following window is displayed:
76 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide 2. Enter your changes, and click OK. Interface Parameters Wireless To configure the wireless interface, click Configure > Interfaces > Wireless. SUs can be placed only in WORP Satellite mode. The Wireless Outdoor Router Protocol (WORP) is a polling algorithm designed for wireless outdoor networks. WORP takes care of the performance degradation incurred by the so-called hidden-node problem, which can occur when wireless LAN technology is used for outdoor building-to-building connectivity. In this situation, when multiple radios send an RTS, if another radio is transmitting, it corrupts all data being sent, degrading overall performance. The WORP polling algorithm ensures that these collisions cannot occur, which increases the performance of the overall network significantly. WORP dynamically adapts to the number of SUs that are active on the network and the amount of data they have queued to send. The mandatory parameters to configure for registration of the SU on a Base Station are:
Network Name Base Station System Name (when used) Channel Frequency Encryption (when used) Network Secret These and other parameters found on the SUs Interfaces > Wireless page are described below. 77 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Interface Type: The interface type is WORP Satellite. MAC Address: The factory-assigned MAC address of the unit. This is a read-only field. Base Station System Name: The name found on the system page of the BSU to which this SU is connecting. This parameter can be used as an added security measure, and when there are multiple BSUs in the network and you want an SU to register with only one when it may actually have adequate signal strength for either. The System Name field is limited to a length of 32 bytes. If the Base Station System Name is left blank on the SU, it can register with any BSU with a matching Network Name and Network Secret. Operational Mode: This field indicates the operational mode of the unit, depending upon the specific Tsunami MP.11. This operational mode cannot be changed as it is based upon a license file. Network Name: A Network Name is a name given to a network so that multiple networks can reuse the same frequency without problems. An SU can only register to its base if it has the same Network Name. The Network Name is one of the parameters that allow a Subscriber Unit to register on a Base Station. The Base Station System Name and Frequency Channel also are parameters to guide the SU to the proper BSU on the network, but they provide no security. Basic security is provided through encryption, as it causes none of the messages to be sent in the clear. Further security is provided by mutual authentication of the BSU and SU using the Network Secret. The Network Name can be 2 to 32 characters in length. Dynamic Data Rate Selection (DDRS) Status: For the WORP Satellite Mode, DDRS Status is read-only parameter and its value is based upon the WORP Base to which this SU is associated. When you enable or disable DDRS on the BSU, the BSU sends an announcement to the SUs and the SUs enable or disable DDRS automatically. Transmit Power Control (TPC): By default, the unit lets you transmit at the maximum output power for the country or regulatory domain and frequency selected. However, with Transmit Power Control (TPC), you can adjust the output power of the unit to a lower level in order to reduce interference to neighboring devices or to use a higher gain antenna without violating the maximum radiated output power allowed for your country/band. Also, some countries/bands that require DFS also require the transmit power to be set to a 6 dB lower value than the maximum allowed EIRP when link quality permits. You can see your units current output power for the selected frequency in the event log. 78 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide The event log shows the selected power for all data rates, so you must look up the proper data rate to determine the actual power level. NOTE: This feature only lets you decrease your output power; it does not let you increase your output power beyond the maximum allowed defaults for your frequency and country. Select one of the following options and click OK at the bottom of the window. Your original output power is adjusted relative to the value selected. The new setting takes effect immediately without rebooting:
TPC Selection (dB) Maximum TX Power (dBm) 0 (default)
-3
-6
-9
-12
-15
-18 (minimum TPC level) 16 13 10 7 4 1 0 NOTE: 24 Mbps and lower modulation have maximum +16 dBm TX power, 36 Mbps has maximum +13 dBm TX power, 48 Mbps has maximum +12 dBm TX power, and 54 Mbps has maximum +11 dBm TX power. Because higher modulation has a lower maximum TX power, the total TPC range is smaller at a higher data rate. Because the minimum TX power is equal for all data rates, each TPC selection has constant TX power for all data rates except where the maximum TX power is limited. Actual Transmit Power Control: The configured Transmit Power Control setting. Enable Turbo Mode (Non-DFS US Only): Check this box to enable Turbo Mode. Turbo Mode is supported only in the United States. Enabling turbo mode, in its current implementation, allows the unit to use two adjacent frequency channels to transmit and receive a signal. By enabling turbo mode, the receive sensitivity improves by 4 dB for the 36 Mbps data rate and by 2 dB for the 24 Mbps data rate. NOTE: The additional sensitivity is provided with the impact of using twice as much spectrum and thus increasing the opportunity of interference and decreased ability for system collocation. Generally, Turbo mode is not recommended except when the extra sensitivity is absolutely required. Frequency Channel: The frequency channel indicates the band center frequency the unit uses for communicating with peers. This frequency channel can be set in several ranges, depending upon the regulatory domain. Refer to Country Codes for Subscriber Module for channelization information. For countries in which DFS is not required, the Frequency Channel list displays only the channels and frequencies allowed for the selected country/band. For countries in which DFS is required, Frequency Channel is not configurable. Instead the channel is auto-selected by the DFS process. If All Channels 5 GHz is selected in the Country drop-down menu on the Configure > System page, any channel in the 5 GHz range is manually selectable. Scanning Across Bandwidth: Enable this field if you want the SU to scan across the whole range of channel bandwidths (5, 10, or 20 MHz, as available) with or without roaming enabled. Disable this field if you wish the SU to scan only across its configured channel bandwidth. Multicast Rate: The rate at which data is to be transferred. All RF traffic between Subscriber unit units is multicast. This drop down box is unavailable when DDRS is enabled. The default data rate for the Subscriber unit is 36 Mbps. The SU must never be set to a lower data rate than the BSU, because timeouts will occur at the BSU and communication will fail. Selections for multicast rate are shown in the following table:
5 MHz 10 MHz 20 MHz 1.5 3 6 40 MHz
(Turbo Mode, Non-DFS US Only) 12 79 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide 2.25 3 4.5 6 9 12 13.5 4.5 6 9 12 18 24 27 9 12 18 24 36 48 54 18 24 36 48 72 96 108 Channel Bandwidth: This field is used to change the bandwidth. Values are 5 MHz, 10 MHz, or 20 MHz, as well as 40 MHz when Turbo mode is enabled. NOTE: The 5 MHz channel bandwidth is not available when the selected country is UNITED STATES DFS. Satellite Density: The Satellite Density setting is a valuable feature for achieving maximum bandwidth in a wireless network. It influences the receive sensitivity of the radio interface and improves operation in environments with a high noise level. Reducing the sensitivity of the unit enables unwanted noise to be filtered out (it disappears under the threshold). You can configure the Satellite Density to be Large, Medium, Small, Mini, or Micro. The default value for this setting is Large. The smaller settings are appropriate for high noise environments; a setting of Large would be for a low noise environment. A long distance link may have difficulty maintaining a connection with a small density setting because the wanted signal can disappear under the threshold. Consider both noise level and distance between the peers in a link when configuring this setting. The threshold should be chosen higher than the noise level, but sufficiently below the signal level. A safe value is 10 dB below the present signal strength. If the Signal-to-Noise Ratio (SNR) is not sufficient, you may need to set a lower data rate or use antennas with higher gain to increase the margin between wanted and unwanted signals. In a point-to-multipoint configuration, the BSU should have a density setting suitable for all of its registered SUs, especially the ones with the lowest signal levels
(longest links). Take care when configuring a remote interface; check the available signal level first, using Remote Link Test. WARNING: When the remote interface accidentally is set at too small a value and communication is lost, it cannot be reconfigured remotely and a local action is required to bring the communication back. Therefore, the best place to experiment with the level is at the unit that can be managed without going through the link; if the link is lost, the setting can be adjusted to the correct level to bring the link back. Make your density selection from the drop-down menu. This setting requires a reboot of the unit. Sensitivity threshold settings related to the density settings for the Subscriber unit are:
Satellite Density Receive Sensitivity Threshold Defer Threshold Large Medium Small Mini Micro
-95 dBm
-86 dBm
-78 dBm
-70 dBm
-62 dBm
-62 dBm
-62 dBm
-52 dBm
-42 dBm
-36 dBm Registration Timeout: This is the registration process time-out of an SU on a BSU. Default is 5 seconds. Rx Activity Timeout: This is the activity time-out of an SU on a BSU. Default is 0 seconds. Network Secret: A network secret is a secret password given to all nodes of a network. An SU can only register to a BSU if it has the same Network Secret. The Network Secret is sent encrypted and can be used as a security option. Input / Output Bandwidth Limit: These parameters limit the data traffic received on the wireless interface and transmitted to the wireless interface, respectively. Selections are in steps of 64 Kbps from 64 Kbps to 12 Mbps on the 5012-SUI and from 64 Kbps to 108,064 Kbps on the SU. 80 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide NOTE: For the 5012-SUI, the aggregate maximum bandwidth shared between input and output is 12 Mbps. If you attempt to set the input/output bandwidth values so that the total exceeds 12 Mbps, the management interface will automatically adjust the values to the available aggregate bandwidth of 12 Mbps. For example, the system default is 6 Mbps for both input and output bandwidths. If you change the input to 8 Mbps, the management interface will automatically adjust the output to 4 Mbps, for an aggregate bandwidth of 12 Mbps. The values will not adjust automatically if the total is less than 12 Mbps. Ethernet To set the Ethernet speed, duplex mode, and input and output bandwidth limits, click Configure > Interfaces > Ethernet. You can set the desired speed and transmission mode by clicking on Configuration. Select Auto-duplex (selects the best transmission mode available when both sides are set to auto-select) from the settings for the type of Ethernet transmission. NOTE: The device may not wok, if there is a change in the configuration. SNMP Parameters Click Configure > SNMP to enable or disable trap groups, and to configure the SNMP management stations to which the Subscriber unit sends system traps. See Trap Groups in the MeshMAX 5054 Subscriber Unit/MeshMAX 5054 Subscriber Unit/MeshMAX 5054 Subscriber Unit/Tsunami MP.11/QB.11 Reference Manual for a list of the system traps. Trap Groups: You can enable or disable different types of traps in the system. By default, all traps are enabled. Trap Host Table: This table shows the SNMP management stations to which the Subscriber unit sends system traps. 81 Configuration Configuring the Subscriber Module Trap Host Table Add Entries to the Trap Host Table Click the Add Table Entries button to add entries to the Trap Host Table. MeshMAX 5054 Series User Guide Edit/Delete Entries to the Trap Host Table Click the Edit/Delete Table Entries button to make changes to or delete existing entries. Management Parameters Use the Management tab to configure passwords and other service parameters. Passwords The Password tab lets you configure the SNMP, Telnet, and HTTP (Web Interface) passwords. 82 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide For all password fields, the passwords must be between 6 and 32 characters. Changes take effect immediately after you click OK. SNMP Read Community Password: The password for read access to the Subscriber unit using SNMP. Enter a password in both the Password field and the Confirm field. The default password is public. SNMP Read/Write Community Password: The password for read and write access to the Subscriber unit using SNMP. Enter a password in both the Password field and the Confirm field. The default password is public. Telnet (CLI) Password: The password for the CLI interface. Enter a password in both the Password field and the Confirm field. The default password is public. HTTP (Web) Password: The password for the Web browser HTTP interface. Enter a password in both the Password field and the Confirm field. The default password is public. Services The Services tab lets you configure the SNMP, Telnet, HTTP, and Serial interface parameters. Changes to these parameters require a reboot to take effect. 83 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide SNMP Configuration Settings SNMP Interface Bitmask: Configure the interface or interfaces (All Interfaces, Only Ethernet, Only Slot A, None) from which you will manage the unit using SNMP. You also can select Disabled to prevent a user from accessing the unit through SNMP. HTTP Configuration Settings HTTP Interface Bitmask: Configure the interface or interfaces (All Interfaces, Only Ethernet, Only Slot A, None) from which you will manage the unit through the Web interface. For example, to allow Web configuration through the Ethernet network only, set HTTP Interface Bitmask to Ethernet. You can also select Disabled to prevent a user from accessing the unit from the Web interface. HTTP Port: Configure the HTTP port from which you will manage the unit through the Web interface. By default, the HTTP port is 80. HTTP Connections: The number of allowed HTTP connections (the maximum is 8). Telnet Configuration Settings NOTE: To use HyperTerminal for CLI access, make sure to check Send line ends with line feeds in the ASCII Setup window (in the HyperTerminal window, click Properties; then select Setup > ASCII Setup. See HyperTerminal Connection Properties in the MeshMAX 5054 Subscriber Unit/Tsunami MP.11/QB.11 Reference Manual for more information). Telnet Interface Bitmask: Select the interface (Ethernet, Wireless, All Interfaces) from which you can manage the unit through telnet. This parameter can also be used to disable telnet management. Telnet Port Number: The default port number for Telnet applications is 23. However, you can use this field if you want to change the Telnet port for security reasons (but your Telnet application also must support the new port number you select). Telnet Login Timeout (seconds): Enter the number of seconds the system is to wait for a login attempt. The unit terminates the session when it times out. The range is 1 to 300 seconds; the default is 30 seconds. Telnet Session Timeout (seconds): Enter the number of seconds the system is to wait during a session while there is no activity. The unit ends the session upon timeout. The range is 1 to 36000 seconds; the default is 900 seconds. Telnet Connections: The number of allowed Telnet connections (the maximum is 8). Serial Configuration Settings The serial port interface on the unit is enabled at all times. See Serial Port in the MeshMAX 5054 Subscriber Unit/Tsunami MP.11/QB.11 Reference Manual for information about how to access the CLI interface through the serial port. You can configure and view following parameters:
Serial Baud Rate: Select the serial port speed (bits per second). Choose between 2400, 4800, 9600, 19200, 38400, or 57600; the default Baud Rate is 9600. Serial Flow Control: Select either None (default) or Xon/Xoff (software controlled) data flow control. To avoid potential problems when communicating with the unit through the serial port, Proxim recommends that you leave the Flow Control setting at None (the default value). Serial Data Bits: This is a read-only field and displays the number of data bits used in serial communication (8 data bits by default). Serial Parity: This is a read-only field and displays the number of parity bits used in serial communication (no parity bits by default). Serial Stop Bits: This is a read-only field that displays the number of stop bits used in serial communication (1 stop bit by default). The serial port bit configuration is commonly referred to as 8N1. 84 Configuration Configuring the Subscriber Module Security Parameters MAC Authentication (BSU Only) MAC authentication is available only for BSUs. MeshMAX 5054 Series User Guide Encryption NOTE: Be sure to set the encryption parameters and change the default passwords. You can protect the wireless data link by using encryption. In addition to Wired Equivalent Privacy (WEP), the unit supports Advanced Encryption Standard (AES) 128-bit encryption. To provide even stronger encryption, the AES CCM Protocol is also supported. Encryption keys can be 5 (64-bit), 13 (WEP 128-bit), or 16 (AES 128-bit) characters in length. Both ends of the wireless data link must use the same parameter values. Click Configure > Security > Encryption sub-tab to set encryption keys for the data transmitted and received by the unit. Note that all devices in one network must use the same encryption parameters to communicate to each other. Filtering Parameters Overview Click Configure > Filtering to configure packet filtering. Packet filtering can be used to control and optimize network performance. The Filtering feature can selectively filter specific packets based upon their Ethernet protocol type. Protocol filtering is done at the Bridge layer. 85 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Protocol filters are useful for preventing bridging of selected protocol traffic from one segment of a network to other segments (or subnets). You can use this feature both to increase the amount of bandwidth available on your network and to increase network security. Increasing Available Bandwidth It may be unnecessary to bridge traffic from a subnet using IPX/SPX or AppleTalk to a segment of the network with UNIX workstations. By denying the IPX/SPX AppleTalk traffic from being bridged to the UNIX subnet, the UNIX subnet is free of this unnecessary traffic. Increasing Network Security By bridging IP and IP/ARP traffic and blocking LAN protocols used by Windows, Novell, and Macintosh servers, you can protect servers and client systems on the private local LAN from outside attacks that use those LAN protocols. This type of filtering also prevents private LAN data from being bridged to an untrusted remote network or the Internet. To prevent blocking your own access (administrator) to the unit, Proxim recommends that IP (0x800) and ARP (0x806) protocols are always passed through. Sample Use and Validation Configure the protocol filter to let only IP and ARP traffic pass through the Subscriber unit (bridge) from one network segment to another. Then, attempt to use Windows file sharing across the bridge. The file should not allow sharing; the packets are discarded by the bridge. Setting the ARP Filter There may be times when you need to set the ARP or Multicast. Usually, this is required when there are many nodes on the wired network that are sending ARP broadcast messages or multicast packets that unnecessarily consume the wireless bandwidth. The goal of these filters is to allow only necessary ARP and multicast traffic through the 1.6 Mbps wireless pipe. The TCP/IP Internet Protocol Suite uses a method known as ARP (Address Resolution Protocol) to match a device's MAC (Media Access Control) address with its assigned IP address. The MAC address is a unique 48-bit identifier assigned to each hardware device at the factory by the manufacturer. The MAC address is commonly represented as 6 pairs of hexadecimal digits separated by colons. For example, a RangeLAN2 device may have the MAC address of 00:20:A6:33:ED:45. When devices send data over the network (Ethernet, Token Ring, or wireless), they use the MAC address to identify a packet's source and destination. Therefore, an IP address must be mapped to a MAC address in order for a device to send a packet to particular IP address. In order to resolve a remote node's IP address with its MAC address, a device sends out a broadcast packet to all nodes on the network. This packet is known as an ARP request or ARP broadcast and requests that the device assigned a particular IP address respond to the sender with its MAC address. Because ARP requests are broadcast packets, these packets are forwarded to wireless nodes by default, even if the packet is not meant for a wireless node. As the number of nodes on a network backbone increases, so does the number of ARP broadcasts that are forwarded to the wireless nodes. Many of these ARP broadcasts are unnecessary and can consume valuable wireless bandwidth. On some networks, there are so many ARP broadcasts that the performance of the wireless network will degrade due to the amount of bandwidth being consumed by these messages. To reduce the number of ARP broadcasts that are forwarded to the wireless nodes, you can enable ARP filtering. When enabled, the ARP Filter allows the unit to forward only those ARP broadcasts destined for an IP address that falls within the range specified by the ARP Filter Network Address and the ARP Filter Subnet Mask. The ARP Filter performs a logical AND function (essentially keeping what is the same and discarding what is different) on the IP address of the ARP request and the ARP Filter Subnet Mask. It then compares the result of the logical AND to the ARP Filter Network Address. If the two values match, the ARP broadcast is forwarded to the wireless network by the unit. 86 Configuration Configuring the Subscriber Module Ethernet Protocol MeshMAX 5054 Series User Guide The Ethernet Protocol filter blocks or forwards packets based upon the Ethernet protocols they support. Click Configure
> Filtering > Ethernet Protocol to enable or disable certain protocols in the table. Entries can be selected from a drop-down box. Follow these steps to configure the Ethernet Protocol Filter:
1. Select the interfaces that will implement the filter from the Ethernet Protocol Filtering drop-down menu. Ethernet: Packets are examined at the Ethernet interface Wireless-Slot A or Wireless-Slot B: Packets are examined at the Wireless A or B interfaces Disabled: The filter is not used 2. Select the Filter Operation Type. All Interfaces: Packets are examined at both interfaces If set to Block, the bridge blocks enabled Ethernet Protocols listed in the Filter Table. If set to Passthru, only the enabled Ethernet Protocols listed in the Filter Table pass through the bridge. 3. Configure the Filter Table. See below. NOTE: Entries must be enabled in order to be subject to the filter. Add Entries to the Filter Table 1. Click Add Table Entries. You may add one of the supplied Ethernet Protocol Filters, or you may enter additional filters by specifying the appropriate parameters:
To add one of the supplied Ethernet Protocol Filters to the filter table:
Select the appropriate filter from the Specify Common Protocol drop-down menu. Protocol Name and Protocol Number fields will be filled in automatically. Click Add To add a new filter to the filter table:
Enter the Protocol Number. See http://www.iana.org/assignments/ethernet-numbers for a list of protocol numbers. Enter the Protocol Name. Click Add. Edit/Delete Entries in the Filter Table 1. Click Edit and change the information, or select Enable, Disable, or Delete from the Status drop-down menu. 87 Configuration Configuring the Subscriber Module Static MAC Address Filtering MeshMAX 5054 Series User Guide Overview The Static MAC Address filter optimizes the performance of a wireless (and wired) network. When this feature is configured properly, the unit can block traffic between wired devices on the wired (Ethernet) interface and devices on the wireless interface based upon MAC address. NOTE: The device on the wireless interface can be any device connected through the link. It can be directly connected to the Ethernet interface of the peer unit, or it can be attached through multiple hops. The MAC address in the packets arriving at the wireless interface is the important element. The filter is an advanced feature that lets you limit the data traffic between two specific devices (or between groups of devices based upon MAC addresses and masks) through the units wireless interface. For example, if you have a server on your network with which you do not want wireless clients to communicate, you can set up a static MAC filter to block traffic between these devices. The Static MAC Filter Table performs bi-directional filtering. However, note that this is an advanced filter and it may be easier to control wireless traffic through other filter options, such as Protocol Filtering. Each MAC address or mask is comprised of 12 hexadecimal digits (0-9 and A-F) that correspond to a 48-bit identifier. Each hexadecimal digit represents 4 bits (0 or 1). Taken together, a MAC address/mask pair specifies an address or a range of MAC addresses that the unit looks for when examining packets. The unit uses Boolean logic to perform an and operation between the MAC address and the mask at the bit level. However, for most users, you do not need to think in terms of bits. It should be sufficient to create a filter using only the hexadecimal digits 0 and F in the mask (where 0 is any value and F is the value specified in the MAC address). A mask of 00:00:00:00:00:00 corresponds to all MAC addresses, and a mask of FF:FF:FF:FF:FF:FF:FF:FF applies only to the specified MAC address. For example, if the MAC address is 00:20:A6:12:54:C3 and the mask is FF;FF;FF;00:00:00, the unit examines the source and destination addresses of each packet looking for any MAC address starting with 00:20:A6. If the mask is FF;FF;FF;FF;FF;FF, the unit looks only for the specific MAC address (in this case, 00:20:A6:12:54:C3). When creating a filter, you can configure the Wired parameters only, the Wireless parameters only, or both sets of parameters. Which parameters to configure depends upon the traffic that you want to block:
To prevent all traffic from a specific wired MAC address from being forwarded to the wireless network, configure only the Wired MAC address and Wired mask (leave the Wireless MAC and Wireless mask set to all zeros). To prevent all traffic from a specific wireless MAC address from being forwarded to the wired network, configure only the Wireless MAC and Wireless mask (leave the Wired MAC address and Wired mask set to all zeros). To block traffic between a specific wired MAC address and a specific wireless MAC address, configure all four parameters. Static MAC Filter Examples Consider a network that contains a wired server and three wireless clients. The MAC address for each unit is as follows:
Wired Server: 00:40:F4:1C:DB:6A Wireless Client 1: 00:02:2D:51:94:E4 Wireless Client 2: 00:02:2D:51:32:12 Wireless Client 3: 00:20:A6:12:4E:38 Prevent Two Specific Devices from Communicating Configure the following settings to prevent the Wired Server and Wireless Client 1 from communicating:
Wired MAC Address: 00:40:F4:1C:DB:6A Wired Mask: FF:FF:FF:FF:FF:FF Wireless MAC Address: 00:02:2D:51:94:E4 88 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Wireless Mask: FF:FF:FF:FF:FF:FF Result: Traffic between the Wired Server and Wireless Client 1 is blocked. Wireless Clients 2 and 3 still can communicate with the Wired Server. Prevent Multiple Wireless Devices From Communicating With a Single Wired Device Configure the following settings to prevent Wireless Clients 1 and 2 from communicating with the Wired Server:
Wired MAC Address: 00:40:F4:1C:DB:6A Wired Mask: FF:FF:FF:FF:FF:FF Wireless MAC Address: 00:02:2D:51:94:E4 Wireless Mask: FF:FF:FF:00:00:00 Result: When a logical AND is performed on the Wireless MAC Address and Wireless Mask, the result corresponds to any MAC address beginning with the 00:20:2D prefix. Since Wireless Client 1 and Wireless Client 2 share the same prefix (00:02:2D), traffic between the Wired Server and Wireless Clients 1 and 2 is blocked. Wireless Client 3 can still communicate with the Wired Server since it has a different prefix (00:20:A6). Prevent All Wireless Devices From Communicating With a Single Wired Device Configure the following settings to prevent all three Wireless Clients from communicating with Wired Server:
Wired MAC Address: 00:40:F4:1C:DB:6A Wired Mask: FF:FF:FF:FF:FF:FF Wireless MAC Address: 00:00:00:00:00:00 Wireless Mask: 00:00:00:00:00:00 Result: The unit blocks all traffic between the Wired Server and all wireless clients. Prevent A Wireless Device From Communicating With the Wired Network Configure the following settings to prevent Wireless Client 3 from communicating with any device on the Ethernet:
Wired MAC Address: 00:00:00:00:00:00 Wired Mask: 00:00:00:00:00:00 Wireless MAC Address: 00:20:A6:12:4E:38 Wireless Mask: FF:FF:FF:FF:FF:FF Result: The unit blocks all traffic between Wireless Client 3 and the Ethernet network. Prevent Messages Destined for a Specific Multicast Group from Being Forwarded to the Wireless LAN If devices on your Ethernet network use multicast packets to communicate and these packets are not required by your wireless clients, you can set up a Static MAC filter to preserve wireless bandwidth. For example, if routers on your network use a specific multicast address (such as 01:00:5E:00:32:4B) to exchange information, you can set up a filter to prevent these multicast packets from being forwarded to the wireless network:
Wired MAC Address: 01:00:5E:00:32:4B Wired Mask: FF:FF:FF:FF:FF:FF Wireless MAC Address: 00:00:00:00:00:00 Wireless Mask: 00:00:00:00:00:00 Result: The unit does not forward any packets that have a destination address of 01:00:5E:00:32:4B to the wireless network. Static MAC Filter Configuration Click Configure > Filtering > Static MAC to access the Static MAC Address filter. 89 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Add Enteries to the Static MAC Filter Table To add the entries to Filter table, click the Add Table Entries button. The following fields are may be configured or viewed:
Wired MAC Address: Enter the MAC address of the device on the Ethernet network that you want to prevent from communicating with a device on the wireless network. Wired Mask: Enter the appropriate bit mask to specify the range of MAC addresses to which this filter is to apply. To specify only the single MAC address you entered in the Wired MAC Address field, enter 00:00:00:00:00:00 (all zeroes). Wireless MAC Address: Enter the MAC address of the wireless device on the wireless interface that you want to prevent from communicating with a device on the wired network. Wireless Mask: Enter the appropriate bit mask to specify the range of MAC addresses to which this filter is to apply. To specify only the single MAC address you entered in the Wireless MAC Address field, enter 00:00:00:00:00:00 (all zeroes). Comment: Enter related information. Status: The Status field can show Enable, Disable, or Delete. After entering the data, click the Add button. The entry is enabled automatically when saved. Edit/Delete Entries to the Static MAC Filter Table To edit an entry, click Edit. To disable or remove an entry, click Edit and change the Status field from Enable to Disable or Delete. Storm Threshold Click Configure > Filtering > Storm Threshold to use threshold limits to prevent broadcast/multicast overload. 90 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Storm Threshold is an advanced Bridge setup option that you can use to protect the network against data overload by specifying:
A maximum number of frames per second as received from a single network device (identified by its MAC address). An absolute maximum number of messages per port. The Storm Threshold parameters let you specify a set of thresholds for each port of the Subscriber unit, identifying separate values for the number of broadcast messages per second and multicast messages per second. When the number of frames for a port or identified station exceeds the maximum value per second, the Subscriber unit ignores all subsequent messages issued by the particular network device, or ignores all messages of that type. The following parameters are configurable:
Per Address Threshold: Enter the maximum allowed number of packets per second. Ethernet Threshold: Enter the maximum allowed number of packets per second. Wireless Slot A Threshold: Enter the maximum allowed number of packets per second. Broadcast Protocol Filtering Click Configure > Filtering > Broadcast Protocol to deny specific IP broadcast, IPX broadcast, and multicast traffic. Click the Edit Table Entries button to display an editable window such as the following. You can configure whether this traffic must be blocked for Ethernet to wireless, wireless to Ethernet, or both. 91 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide IP Access Table Filtering Click Configure > Filtering > IP Access Table to limit in-band management access to the IP addresses or range of IP addresses specified in the table. For example, 172.17.23.0/255.255.255.0 allows access from all wireless stations with an IP address in the 172.17.23.xxx range. This feature applies to all management services (SNMP, HTTP, and CLI), except for CLI management over the serial port. Add Entries to the IP Access Table To add an entry, click the Add Table Entries button, specify the IP address and mask of the wireless stations to which you want to grant access, and click Add. CAUTION: Ensure that the IP address of the management PC you use to manage the unit is within the first entry in the table, as this filter takes effect immediately. Otherwise, you will have locked yourself out. If you do lock yourself out, you may try to give the PC the correct IP address for management; otherwise you must reset the unit via the CLI over the serial port. 92 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide Edit/Delete Entries in the IP Access Table To edit or delete table entries, click the Edit/Delete Table Entries button, make your changes, and click OK. RIP Parameters (Routing Mode Only) Routing Internet Protocol (RIP) is a dynamic routing protocol you can use to help automatically propagate routing table information between routers. The unit can be configured as RIPv1, RIPv2, RIPv1 Compatible, or a combination of the three versions while operating in Routing mode. In general, the units RIP module is based upon RFC 1389. NOTE: The RIP tab is available for SUs in Routing mode only. RIP is configurable only when the unit is in Routing Mode and Network Address Translation (NAT) is disabled. Note the following:
93 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide RIPv2 is enabled by default when routing mode is selected. You may turn RIP off by clearing the Enable RIP Interface check box for the Ethernet or the wireless interface. Any RIP advertisements that are received on the designated interface are ignored. All other options on the page are dimmed. If the Enable RIP Interface check box is selected, the unit sends RIP requests and listens for RIP updates coming from RIP-enabled devices advertising on the network. You may configure the Receive field for RIPv1, RIPv2, or a combination of both. Although the unit receives and processes these updates, it does not further propagate these updates unless configured to advertise RIP. Again, you may configure the Advertize field for RIPv1, RIPv2, or a combination of both. The ability to enable or disable default route propagation is not user configurable. Once initialized, the Subscriber unit uses its static default route and does not advertise this route in RIP updates. If another router on your network is configured to advertise its default route, this route overwrites the static default route configured on the Subscriber unit. The Subscriber unit then also propagates the new dynamic default route throughout the network. Be aware that, once a dynamic default route is learned, it behaves just as any other dynamic route learned through RIP. This means if the device sending the default route stops sending RIP updates, the default route times out and the unit has no default route to the network. Workarounds for this condition include rebooting or re-entering a static default route. In general, the best approach is to disable the propagation of default routes on the other routers in your network unless you understand the risks. The following table describes the properties and features of each version of RIP supported. RIPv1 Broadcast No Authentication Class routing Distance-vector protocol Metric-Hops Maximum Distance 15 IGP RIPv2 Multicast Authentication Classless routing (VLSM) Distance-vector protocol Metric-Hops Maximum Distance 15 IGP RIPv1 Compatible Broadcast Authentication Classless routing (VLSM) Distance-vector protocol Metric-Hops Maximum Distance 15 IGP RIP Example In the following example, assume that both the BSU and the SUs all are configured in Routing mode with RIP enabled to send and receive on both the Ethernet and Wireless interfaces. The network converges through updates until each unit has the following routing table:
94 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide RIP Notes Ensure that routers on the same physical network are configured to use the same version of RIP. Routing updates occur every 30 seconds. It may take up to 3 minutes for a route that has gone down to timeout in a routing table. RIP is limited to networks with 15 or fewer hops. NAT (Routing Mode Only) The NAT (Network Address Translation) feature lets hosts on the Ethernet side of the SU transparently access the public network through the BSU. All hosts in the private network can have simultaneous access to the public network. NOTE: The NAT tab is available for SUs in Routing mode only. The SU supports NAPT (Network Address Port Translation) where all private IP addresses are mapped to a single public IP address, and does not support Basic NAT (where private IP addresses are mapped to a pool of public IP addresses). Both dynamic mapping (allowing private hosts to access hosts in the public network) and static mapping (allowing public hosts to access hosts in the private network) are supported. In dynamic mapping, the SU maps the private IP addresses and its transport identifiers to transport identifiers of a single Public IP address as they originate sessions to the public network. This is used only for outbound access. Static mapping is used to provide inbound access. The SU maps a private IP address and its local port to a fixed public port of the global IP address. This is used to provide inbound access to a local server for hosts in the public network. Static port mapping allows only one server of a particular type. Up to 1000 ports (500 UDP and 500 TCP) are supported. 95 Configuration Configuring the Subscriber Module MeshMAX 5054 Series User Guide The following parameters are configurable:
NOTE: Changes to NAT parameters, including the NAT Static Port Mapping Table, require a reboot to take effect. NOTE: When NAT is enabled, the DHCP Relay Agent feature is not supported (DHCP Relay Agent must be disabled before NAT is enabled) and RIP updates are not sent or received. You can configure a DHCP server to allocate IP addresses to hosts on the Ethernet side of the SU/ BSU. NAT Status: Enables or disables the NAT feature. NAT can be enabled only for SUs in Routing mode. The default is disabled. NAT Static Bind Status: Enables or disables the NAT Static Bind status (static mapping) allowing public hosts to access hosts in a private network. The default is disabled. Public IP Address: The NAT Public IP address is the wireless interface IP address. NAT Static Port Mapping Table Adding entries to the NAT Static Mapping Table lets configured hosts in a private address realm on the Ethernet side of the SU access hosts in the public network using Network Address Port Translation (NAPT). Up to 1000 entries can be configured (500 UDP ports and 500 TCP ports). Add Entries to the NAT Static Mapping Table 1. Click the Add Table Entries button. 2. Enter the following information, and click Add:
Enter the Local IP Address of the host on the Ethernet side of the SU. Select the Port Type: TCP, UDP, or Both. Enter the Start Port and End Port. 96 Configuration Configuring the Subscriber Module Edit/Delete Entries in the NAT Static Mapping Table 1. Click the Edit/Delete Table Entries button. MeshMAX 5054 Series User Guide 2. Enter your changes. To delete an entry, click the Status drop-down box and select Delete. Then Click OK. Supported Session Protocols The NAT feature supports the following session protocols for both inbound and outbound access with the required support, applications, and limitations given in the following table. Certain Internet applications require an Application Level Gateway (ALG) to provide the required transparency for an application running on a host in a private network to connect to its counterpart running on a host in the public network. An ALG may interact with NAT to set up state information, use NAT state information, modify application specific payload and perform the tasks necessary to get the application running across address realms. No more than one server of a particular type is supported within the private network behind the SU. These VPN protocols are supported with their corresponding ALGs: IPsec, PPTP, L2TP. The following session protocols are supported:
Protocol Support ICMP FTP H.323 HTTP TFTP Telnet CUSeeMe IMAP PNM POP3 SMTP ICMP ALG FTP ALG H.323 ALG Port mapping for inbound connection. Port mapping for inbound connection. Port mapping for inbound connection. Port mapping for inbound and outbound connection. Port mapping for inbound connection. Port mapping for inbound connection. Port mapping for inbound connection. Port mapping for inbound connection. Limitations Applications Ping File transfer Multimedia conferencing Web browser File transfer Remote login Video conferencing One user is allowed for video conferencing Mail Streaming media with Real Player E-mail E-mail Mails with IP addresses of MTAs or using IP addresses in place of FQDN are not supported (requires SMTP ALG). 97 Configuration Configuring the Subscriber Module Protocol RTSP Support Port mapping for inbound connection. ICQ IRC MSN Messenger Net2Phone Port mapping for inbound connection. Port mapping for inbound connection. Port mapping for inbound and outbound connection. Port mapping for inbound and outbound connection. Pass Through IP Multicast Stream works Port mapping for inbound Quake connection. Port mapping for inbound connection. Applications Streaming audio/video with Quick Time and Real Player Chat and file transfer Chat and file transfer Conference and Share files with Net meeting Voice communication Multicasting Streaming video Games MeshMAX 5054 Series User Guide Limitations Each host using ICQ needs to be mapped for different ports. Each host using IRC needs to be mapped for different ports. Only one user is allowed for net meeting. When a Quake server is configured within the private network behind a SU, the SU cannot provide information about that server on the public network. Also, certain Quake servers do not let multiple users log in using the same IP address, in which case only one Quake user is allowed. 98 Configuration Advanced Configuration of Mesh and Access Point Module Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide To configure the AP using the HTTP/HTTPS interface, you must first log in to a web browser. See Logging In for instructions. You may also configure the AP using the command line interface. See CLI for Mesh and Access Point Module for more information. To configure the AP via HTTP/HTTPS:
3. Click the Configure button located on the left-hand side of the screen. Figure 6-1 Configure Main Screen 4. Click the tab that corresponds to the parameter you want to configure. For example, click Network to configure the Access Points TCP/IP settings. Each Configure tab is described in the remainder of this chapter. System You can configure and view the following parameters within the System Configuration screen:
Name: The name assigned to the AP. Country: The country in which the AP will be used. Note that some countries have two selectable options (one for indoor use and one for outdoor use). Setting the country makes the AP automatically compliant with the rules of the regulatory domain in which it is used by configuring the allowed frequency bands, channels, Dynamic Frequency Selection status, Transmit Power Control status, and power levels. NOTE: You must reboot the AP in order for country selection to take effect. NOTE: Country selection is available only on APs with model numbers ending in -WD. If country selection is available, however, it must be set before any interface parameters can be configured. Location: The location where the AP is installed. 99 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide GPS Longitude: The longitude at which the AP is installed. Enter the value in the format required by your network management system. If using the ProximVision Network Management System (recommended), enter the value in decimals (e.g., 78.4523). GPS Latitude: The latitude at which the AP is installed. Enter the value in the format required by your network management system. If using the ProximVision Network Management System (recommended), enter the value in decimals (e.g., 78.4523). GPS Altitude: The altitude at which the AP is installed. Enter the value in the format required by your network management system. If using the ProximVision Network Management System (recommended), enter the value in decimals (e.g., 78.4523). Contact Name: The name of the person responsible for the AP. Contact Email: The email address of the person responsible for the AP. Contact Phone: The telephone number of the person responsible for the AP. Object ID: This is a read-only field that displays the Access Points system object identification number; this information is useful if you are managing the AP using SNMP. Ethernet MAC Address: This is a read-only field that displays the unique MAC (Media Access Control) address for the Access Points Ethernet interface. The MAC address is assigned at the factory. Descriptor: This is a read-only field that reports the Access Points name, serial number, current image software version, and current bootloader software version. Up Time: This is a read-only field that displays how long the Access Point has been running since its last reboot. Figure 6-2 System Tab Dynamic DNS Support DNS is a distributed database mapping the user readable names and IP addresses (and more) of every registered system on the Internet. Dynamic DNS is a lightweight mechanism which allows for modification of the DNS data of host 100 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide systems whose IP addresses change dynamically. Dynamic DNS is usually used in conjunction with DHCP for mapping meaningful names to host systems whose IP addresses change dynamically. Access Points provide DDNS support by adding the host name (option 12) in DHCP Client messages, which is used by the DHCP server to dynamically update the DNS server. Access Point System Naming Convention The Access Point's system name is used as its host name. In order to prevent Access Points with default configurations from registering similar host names in DNS, the default system name of the Access Point is uniquely generated. Access Points generate unique system names by appending the last 3 bytes of the Access Point's MAC address to the default system name. The system name must be compliant with the encoding rules for host name as per DNS RFC 1123. According to the encoding rules, the AP name:
Can contain alphanumeric or hyphen characters only. Can contain up to 31 characters. Cannot start or end with a hyphen. Cannot start with a digit. Network The Network tab contains the following sub-tabs:
IP Configuration This tab is used to configure the internet (TCP/IP) settings for the access point. These settings can be either entered manually (static IP address, subnet mask, and gateway IP address) or obtained automatically (dynamic).The DNS Client functionality can also be configured, so that host names used for configuring the access point can be resolved to their IP addresses. 101 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-3 IP Configuration You can configure and view the following parameters within the IP Configuration sub-tab:
NOTE: You must reboot the AP in order for any changes to the Basic IP or DNS Client parameters to take effect. Basic IP Parameters IP Address Assignment Type: Set this parameter to Dynamic to configure the Access Point as a Dynamic Host Configuration Protocol (DHCP) client; the Access Point will obtain IP settings from a network DHCP server automatically during boot-up. If you do not have a DHCP server or if you want to manually configure the Access Points IP settings, set this parameter to Static. NOTE: IP Address Assignment Type must be set to Static if the AP will be configured as a Mesh AP. IP Address: The Access Points IP address. When IP Address Assignment Type is set to Dynamic, this field is read-only and reports the units current IP address. The Access Point will default to 169.254.128.132 if it cannot obtain an address from a DHCP server. Subnet Mask: The Access Points subnet mask. When IP Address Assignment Type is set to Dynamic, this field is read-only and reports the units current subnet mask. The subnet mask will default to 255.255.0.0 if the unit cannot obtain one from a DHCP server. Gateway IP Address: The IP address of the Access Points gateway. When IP Address Assignment Type is set to Dynamic, this field is read-only and reports the IP address of the units gateway. The gateway IP address will default to 169.254.128.133 if the unit cannot obtain an address from a DHCP server. DNS Client If you prefer to use host names to identify network servers rather than IP addresses, you can configure the AP to act as a Domain Name Service (DNS) client. When this feature is enabled, the Access Point contacts the networks DNS server to 102 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide translate a host name to the appropriate network IP address. You can use this DNS Client functionality to identify RADIUS servers by host name. Enable DNS Client: Place a check mark in the box provided to enable DNS client functionality. Note that this option must be enabled before you can configure the other DNS Client parameters. DNS Primary Server IP Address: The IP address of the networks primary DNS server. DNS Secondary Server IP Address: The IP address of a second DNS server on the network. The Access Point will attempt to contact the secondary server if the primary server is unavailable. DNS Client Default Domain Name: The default domain name for the Access Points network (for example, proxim.com). Contact your network administrator if you need assistance setting this parameter. Advanced Default TTL (Time to Live): Time to Live (TTL) is a field in an IP packet that specifies the number of hops, or routers in different locations, that the request can travel before returning a failed attempt message. The Access Point uses the default TTL for generated packets for which the transport layer protocol does not specify a TTL value. This parameter supports a range from 0 to 255. By default, TTL is 64. DHCP Server If your network does not have a DHCP Server, you can configure the AP as a DHCP server to assign dynamic IP addresses to Ethernet nodes and wireless clients. NOTE: DHCP client functionality is not supported in a Mesh network. CAUTION: Make sure there are no other DHCP servers on the network and do not enable the DHCP server without checking with your network administrator first, as it could disrupt normal network operation. Also, the AP must be configured with a static IP address before enabling this feature. When the DHCP Server functionality is enabled, you can create one or more IP address pools from which to assign addresses to network devices. 103 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-4 DHCP Server Configuration Screen You can configure and view the following parameters within the DHCP Server Configuration screen:
NOTE: You must reboot the AP before changes to any of these DHCP server parameters take effect. Enable DHCP Server: Place a check mark in the box provided to enable DHCP Server functionality. NOTE: You cannot enable the DHCP Server functionality unless there is at least one IP Pool Table Entry configured. Subnet Mask: This field is read-only and reports the Access Points current subnet mask. DHCP clients that receive dynamic addresses from the AP will be assigned this same subnet mask. Gateway IP Address: The AP will assign the specified address to its DHCP clients. Primary DNS IP Address: The AP will assign the specified address to its DHCP clients. Secondary DNS IP Address: The AP will assign the specified address to its DHCP clients. Number of IP Pool Table Entries: This is a read-only field that reports the number of entries in the IP Pool Table. IP Pool Table Entry: This entry specifies a range of IP addresses that the AP can assign to its wireless clients. Click Add to create a new entry. Click Edit to change an existing entry. Each entry contains the following fields:
Start IP Address: The first IP address in the pool. IP addresses must be within the same subnet as the AP. End IP Address: The last IP address in the pool. IP addresses must be within the same subnet as the AP. Default Lease Time (optional): The default time value for clients to retain the assigned IP address. DHCP automatically renews IP Addresses without client notification. This parameter supports a range between 3600 and 86400 seconds. The default is 86400 seconds. If this field is left blank, the default (86400) is used. Maximum Lease Time (optional): The maximum time value for clients to retain the assigned IP address. DHCP automatically renews IP Addresses without client notification. This parameter supports a range between 3600 and 86400 seconds. The default is 86400 seconds. If this field is left blank, the default (86400) is used. 104 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide NOTE: The Default Lease Time cannot be larger than the Maximum Lease Time. If you set the Maximum Lease Time, you should also set the Default Lease Time to ensure that the Default Lease Time is less than the Maximum. Comment (optional) Status: IP Pools are enabled upon entry in the table. You can also disable or delete entries by changing this fields value. NOTE: You must reboot the AP before changes to any of these DHCP server parameters take effect. DHCP Relay Agent When enabled, the DHCP relay agent forwards DHCP requests to the set DHCP server. Click the Configure > Network > DHCP R A to configure DHCP relay agent servers and enable the DHCP relay agent. NOTE: At least one DHCP server must be enabled before DHCP Relay Agent can be enabled. NOTE: If the DHCP relay agent is unable to reach the external DHCP Server specified in the DHCP Server IP Address Table, the requesting client will receive an IP address from the IP Pool table of the APs internal DHCP Server, even if the internal DHCP Server is disabled. NOTE: If a client requests an available IP address from the IP Pool table of the APs internal DHPC Server, the client will receive this address, even if the DHCP server on the AP is disabled. To ensure that clients receive IP addresses only from the DHCP Relay Agent, disable all entries in the IP Pool table of the APs internal DHCP server. The DHCP Relay functionality of the AP supports Option 82 and sends the system name of the AP (as a NAS identifier) as a sub-option of Option 82. The AP makes a DHCP Request for lease renewal five minutes ahead of the expiration of the Rebinding time as specified in the DHCP Offer from the DHCP server obtained during the last renewal. Figure 6-5 DHCP Relay Agent 105 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide DHCP Server IP Address Table The AP supports the configuration of a maximum of 10 server settings in the DHCP Relay Agents server table. At least one server must be configured to enable DHCP Relay. To add entries to the table of DHCP Relay Agents, click Add in the DHCP Server IP Address Table; to edit existing entries, click Edit. The following window is displayed. Figure 6-6 DHCP Server IP Address Table - Edit Entries To add an entry, enter the IP Address of the DHCP Server and a comment (optional), and click OK. To edit an entry, make changes to the appropriate entry. Enable or disable the entry by choosing Enable or Disable from the Status drop-down menu, and click OK. Link Integrity The Link Integrity feature checks the link between the AP and any nodes on the backbone. These nodes are listed by IP address in the Link Integrity IP Address Table. The AP periodically pings the nodes listed within the table. If the AP loses network connectivity (that is, the ping attempts fail), the AP disables its wireless interface(s). Note that this feature does not affect WDS links (if WDS links are configured and enabled). NOTE: Link integrity cannot be configured when the AP is configured to function as a Mesh AP. You can configure and view the following parameters within the Link Integrity Configuration screen:
Enable Link Integrity: Place a check mark in the box provided to enable Link Integrity. Poll Interval (milliseconds): The interval between link integrity checks. Range is 500-15000 ms in increments of 500 ms; default is 500 ms. Poll Retransmissions: The number of times a poll should be retransmitted before the link is considered down. Range is 0 to 255; default is 5. Target IP Address Entry: This entry specifies the IP address of a host on the network that the AP will periodically poll to confirm connectivity. The table can hold up to five entries. By default, all five entries are set to 0.0.0.0. Click Edit to update one or more entries. Each entry contains the following field:
Target IP Address Comment (optional) Status: Set this field to Enable to specify that the Access Point should poll this device. You can also disable an entry by changing this fields value to Disable. 106 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-7 Link Integrity Configuration Screen SNTP (Simple Network Time Protocol) SNTP allows a network entity to communicate with time servers in the network/internet to retrieve and synchronize time of day information. When this feature is enabled, the AP will attempt to retrieve the time of day information from the configured time servers (primary or secondary), and, if successful, will update the relevant time objects in the AP. Requests are sent every 10 seconds. If the AP fails to retrieve the information after three attempts, the AP will use the system uptime and update the relevant time objects. If this feature is disabled, the user can manually configure the date and time parameters. 107 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-8 SNTP Configuration Screen You can configure and view the following parameters within the SNTP screen:
SNTP Status: Select Enable or Disable from the drop-down menu. The selected status will determine which of the parameters on the SNTP screen are configurable. NOTE: When SNTP is enabled, it will take some time for the AP to retrieve the time of day from the configured time servers and update the relevant date and time parameters. Addressing Format: If SNTP is enabled, choose whether you will use the host name or the IP address to configure the primary/secondary SNTP servers. If these servers are configured with the host name, the DNS client feature must be enabled and configured properly. Primary Server Name or IP Address: If SNTP is enabled, enter the host name or IP address of the primary SNTP server. Secondary Server Name or IP Address: If SNTP is enabled, enter the host name or IP address of the secondary SNTP server. Time Zone: Select the appropriate time zone from the drop down menu. Daylight Savings Time: Select the number of hours to adjust for daylight savings time. Time and Date Information: When SNTP is disabled, the following time-relevant objects are manually configurable. When SNTP is enabled, these objects are grayed out:
108 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Year: Enter the current year. Month: Enter the month in digits (1-12). Day: Enter the day in digits (1-31). Hour: Enter the hour in digits (0-23). Minutes: Enter the minutes in digits (0-59). Seconds: Enter the seconds in digits (0-59). Interfaces From the Interfaces tab, you configure the Access Points operational mode settings, power control settings, wireless interface settings and Ethernet settings. You may also configure a Wireless Distribution System for AP-to-AP communications. The Interfaces tab contains the following sub-tabs:
Operational Mode Wireless-A (802.11a or 4.9 GHz Radio) and Wireless-B (802.11b/g Radio) Ethernet Mesh NOTE: On APs with model numbers ending in -WD, the operating country must be selected on the System tab before any of these sub-tabs are available. Operational Mode From this tab, you can configure and view the operational mode for the Wireless-A (802.11a radio or 4.9 GHz radio) or Wireless-B (802.11b/g radio) interface. 109 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-9 Operational Mode Screen 110 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-10 Operational Mode Screen (AP-4900MR-LR) The Wireless-A interface operates in 802.11a mode on the Mesh and Access Point Module. The Wireless-B interface can be configured to operate in the following modes:
802.11b only mode: The radio uses the 802.11b standard only. 802.11g only mode: The radio is optimized to communicate with 802.11g devices. This setting will provide the best results if this radio interface will only communicate with 802.11g devices. 802.11b/g mode: This is the default mode. Use this mode if you want to support a mix of 802.11b and 802.11g devices. 802.11g-wifi mode: The 802.11g-wifi mode has been defined for Wi-Fi testing purposes. It is not recommended for use in your wireless network environment. In general, you should use either 802.11g only mode (if you want to support 802.11g devices only) or 802.11b/g mode to support a mix of 802.11b and 802.11g devices. 111 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Enable H Band Support In compliance with FCC regulations, Dynamic Frequency Selection is required in the middle frequency band (M band:
5.25 GHz - 5.25 Ghz) and high frequency band (H band: 5.470 GHz - 5.725 GHz). DFS is enabled automatically when you use one or both of these frequency bands. If the APs Wireless Card A is variant 2, 3, or 6, the M band channels are enabled by default, and DFS is performed automatically and cannot be disabled. To add H band channels to the list of available channels, select Enable H Band Support on the Op Mode page. When the H band is enabled, DFS is enabled automatically, and is performed on both M and H band channels. If the APs Wireless Card A is variant 8, 10, or 11, both M and H band channels are enabled automatically. DFS is performed on both M and H band channels and cannot be disabled. To identify your APs software variant, click Monitor > Version to view the Version tab. For a full discussion of Dynamic Frequency Selection, see Dynamic Frequency Selection/Radar Detection (DFS/RD). Super Mode and Turbo Mode Super mode improves throughput between the access point and wireless clients that support this capability. For wireless clients that support this capability the AP will negotiate and treat them accordingly, for other clients that do not support super mode, the AP will treat them as normal wireless clients. Super mode can be configured only when the wireless operational mode is one of the following:
802.11a only mode 802.11g only mode 802.11b/g mode NOTE: Super mode is not available in 802.11b and 802.11g-wifi operational modes. Super mode is supported in the 2.4 GHz and 5 GHz frequency bands in all regulatory domains. Turbo mode is not supported on the Mesh and Access Point Module. This option will be greyed out. IEEE 802.11d Support for Additional Regulatory Domains The IEEE 802.11d specification allows conforming equipment to operate in more than one regulatory domain over time. IEEE 802.11d support allows the AP to broadcast its radios regulatory domain information in its beacon and probe responses to clients. This allows clients to passively learn what country they are in and only transmit in the allowable spectrum. When a client enters a regulatory domain, it passively scans to learn at least one valid channel, i.e., a channel upon which it detects IEEE Standard 802.11 frames. The beacon frame contains information on the country code, the maximum allowable transmit power, and the channels to be used for the regulatory domain. The same information is transmitted in probe response frames in response to a clients probe requests. Once the client has acquired the information required to meet the transmit requirements of the regulatory domain, it configures itself for operation in the regulatory domain. On some AP models, the regulatory domain and associated parameters are automatically configured when a country is selected on the System tab. On APs in which country selection is not available on the system tab, the regulatory domain is pre-programmed into the AP prior to shipment. Depending on the regulatory domain, a default country code is chosen that is transmitted in the beacon and probe response frames. Configuring 802.11d Support Perform the following procedure to enable 802.11d support and select the country code:
1. Click Configure > Interfaces > Operational Mode. 2. Select Enable 802.11d. 112 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide 3. Select the Country Code from the ISO/IEC 3166-1 CountryCode drop-down menu. NOTE: On APs with model numbers ending in -WD, this object is not configurable. 4. Click OK. 5. Configure Transmit Power Control and Transmit Power Level if required. Transmit Power Control/Transmit Power Level Transmit Power Control uses standard 802.11d frames to control transmit power within an infrastructure BSS (Basic Service Set, or combination of AP and associated clients that can communicate to each other and/or to the backhaul connection via the AP). This method of power control is considered to be an interim way of controlling the transmit power of 802.11d enabled clients in lieu of implementation of 802.11h. When an AP comes online, it automatically uses the maximum TX power allowed in the regulatory domain. The Transmit Power Control feature lets the user manually lower the transmit power level by setting a back-off value between 0 and 9 dBm. When Transmit Power Control is enabled, the transmit power level of the card in the AP is set to the maximum transmit power level minus the back-off value. This power level is advertised in Beacon and Probe Response frames as the 802.11d maximum transmit power level. When an 802.11d-enabled client learns the regulatory domain related information from Beacon and Probe Response frames, it learns the power level advertised in Beacon and Probe response frames as the maximum transmit power of the regulatory domain and configures itself to operate with that power level. As a result, the transmit power level of the BSS is configured to the power level set in the AP (assuming that the BSS has only 802.11d enabled clients and an 802.11d enabled AP). NOTE: In FCC DFS-enabled bands, power control is adjusted from beacon information only. In addition, ATPC (Automatic Transmit Power Control) is a feature to automatically adapt transmit power when the quality of the link is more than sufficient to maintain a good communication with reduced transmit power. This feature is required for FCC DFS. It works by monitoring the quality of the link and reducing the output power of the radio by up to 6 dB when good link quality can still be achieved. When link quality reduces, the output power is automatically increased up to the original power level to maintain a good link. For a full discussion of DFS, see Dynamic Frequency Selection/Radar Detection (DFS/RD). Configuring TX Power Control 1. Click Configure > Interfaces > Operational Mode. 2. Select Enable Transmit Power Control. 3. Enter the desired backoff from the maximum Transmit Power level (between 0 and 9 dBm) in the Wireless-A:
Transmit Power Level Back-Off or Wireless-B: Transmit Power Level Back-Off field. 4. Click OK. 113 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Wireless-A (802.11a or 4.9 GHz Radio) and Wireless-B (802.11b/g Radio) Figure 6-11 Wireless Interface A 114 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide You can view and configure the following parameters for the Wireless-A and Wireless-B interfaces:
NOTE: You must reboot the Access Point before any changes to these parameters take effect. Physical Interface Type: For Wireless Interface A on the Mesh and Access Point Module, this field reports 802.11a
(OFDM 5 GHz). On the AP-4900MR-LR, this field reports Public Safety (OFDM 4.9 GHz). For Wireless Interface B, depending on the operational mode, this field reports:
For 802.11b mode only: "802.11b (DSSS 2.4 GHz)"
For 802.11g mode: "802.11g (OFDM/DSSS 2.4 GHz)"
For 802.11b/g mode: "802.11g (OFDM/DSSS 2.4 GHz)"
For 802.11g-wifi mode: "802.11g (OFDM/DSSS 2.4 GHz)"
NOTE: 802.11g-wifi has been defined for Wi-Fi testing purposes. It is not recommended for use in your wireless network environment. OFDM stands for Orthogonal Frequency Division Multiplexing; this is the name for the radio technology used by 802.11a/4.9 GHz devices. DSSS stands for Direct Sequence Spread Spectrum; this is the name for the radio technology used by 802.11b devices. MAC Address: This is a read-only field that displays the unique MAC (Media Access Control) address for the Access Points wireless interface. The MAC address is assigned at the factory. Regulatory Domain: Reports the regulatory domain for which the AP is certified. Not all features or channels are available in all countries. Network Name (SSID): Enter a Network Name (between 1 and 32 characters long) for the primary wireless network. You must configure each wireless client using this network to use this name as well. Additional SSIDs and VLANs may be configured under Configure > SSID/VLAN/Security. Up to 16 SSID/VLANs may be configured per wireless interface. NOTE: Do not use quotation marks (single or double) in the Network Name; this will cause the AP to misinterpret the name. Enable Auto Channel Select: When the Enable Auto Channel Select option is enabled, the AP scans the area for other Access Points and selects a free or relatively unused communication channel. This helps prevent interference problems and increases network performance. By default this feature is enabled. See Dynamic Frequency Selection/Radar Detection (DFS/RD) for more information and Available Channels for a list of available channels. NOTE: When an AP is configured to function as a Mesh AP, its channel will depend on the channel of its Mesh Portal. Frequency Channel: When Auto Channel Select is enabled, this field is read-only and displays the Access Points current operating Channel. When Auto Channel Select is disabled, you can specify the Access Points operating channel. If you decide to manually set the units Channel, ensure that nearby devices do not use the same frequency
(unless you are setting up WDS links). Available channels vary based on regulatory domain. See Dynamic Frequency Selection/Radar Detection (DFS/RD) for more information and Available Channels for a list of available channels. NOTE: When an AP is configured to function as a Mesh AP, its channel will depend on the channel of its Mesh Portal. Transmit Rate: Use the drop-down menu to select a specific transmit rate for the AP. The values depend on the Operational mode. Auto Fallback is the default setting; it allows the AP unit to select the best transmit rate based on the cell size. For 802.11a only -- Auto Fallback, 6, 9, 12, 18, 24, 36, 48, 54 Mbits/s. For 4.9 GHz Public Safety mode, the transmit rate depends on the channel bandwidth selected:
For operation in 10 MHz bandwidth: Auto Fallback, 3, 4.5, 6, 9, 12, 18, 24, 27 Mbits/s. For operation in 20 MHz bandwidth: Auto Fallback, 6, 9, 12, 18, 24, 36, 48, 54 Mbits/s. For 802.11b only -- Auto Fallback, 1, 2, 5.5, 11 Mbits/sec. For 802.11g only -- Auto Fallback, 6, 9, 12, 18, 24, 36, 48, 54 Mbits/sec For 802.11b/g -- Auto Fallback, 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbits/sec 115 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide For 802.11g-wifi -- Auto Fallback, 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbits/sec NOTE: 802.11g-wifi has been defined for Wi-Fi testing purposes. It is not recommended for use in your wireless network environment. DTIM Period: The Deferred Traffic Indicator Map (DTIM) Period determines when to transmit broadcast and multicast packets to all clients. If any clients are in power save mode, packets are sent at the end of the DTIM period. This parameter supports a range between 1 and 255; it is recommended to leave the DTIM at its default value unless instructed by technical support. Higher values conserve client battery life at the expense of network performance for broadcast or multicast traffic. RTS/CTS Medium Reservation: This parameter affects message flow control and should not be changed under normal circumstances. Range is 0 to 2347. When set to a value between 0 and 2347, the Access Point uses the RTS/CTS mechanism for packets that are the specified size or greater. When set to 2347 (the default setting), RTS/CTS is disabled. See RTS/CTS Medium Reservation for more information. Antenna Gain: This parameter modifies the sensitivity of the radio card when detecting radar signals in accordance with Dynamic Frequency Selection/Radar Detection (DFS/RD) requirements. Given that the radar detection threshold is fixed by the regulatory codes in the country of operation, and that a variety of antennas with different gains may be attached to the unit, adjust this threshold to account for higher than expected antenna gains and avoid false radar detection events. Set this parameter to a value between 0 and 35. The default value is 0. Wireless Service Status: Select Shutdown to shutdown the wireless service on a wireless interface, or to Resume to resume wireless service. See Wireless Service Status for more information. Load Balancing Max Clients: Load balancing distributes clients among available access points. Enter a number between 1 and 63 to specify the maximum number of clients to allow. Channel Blacklist Table: The Channel Blacklist table contains all available channels. It can be used to manually blacklist channels, and it also reflects channels that have been automatically blacklisted by the Dynamic Frequency Selection/Radar Detection (DFS/RD) function. See Channel Blacklist Table for configuration information. Wireless Distribution System: A Wireless Distribution system can be used to establish point-to-point (i.e. wireless backhaul) connections with other access points. See Wireless Distribution System (WDS) for configuration information. Dynamic Frequency Selection/Radar Detection (DFS/RD) In order to prevent interference with radar systems and other devices that occupy the 5 GHz band, 802.11a APs certified in the ETSI, TELEC, FCC, and IC regulatory domains (see Affected Countries) and operating in the middle and high frequency bands select an operating channel through a combination of Auto Channel Select (ACS) and Dynamic Frequency Selection (DFS)/Radar Detection (RD). During boot-up, ACS scans the available channels and selects the best channel. Once a channel is selected, the AP performs a channel availability check for 60 seconds to ensure that the channel is not busy or occupied by radar, and then commences normal operation. (In Canada, if the channel was previously blacklisted, the AP scans for 600 seconds before commencing normal operation if the selected channel frequency is in the 5600 - 5650 MHz range). When the AP enters normal operation, DFS works in the background to detect interference in that channel. If interference is detected, the AP sends a trap, disassociates all clients, blacklists the channel, and reboots. After it reboots, ACS re-scans and selects a better channel that is not busy and is free of radar interference. If ACS is disabled, only channels in the lower, upper, and ISM frequency bands are available for use:
36: 5.180 GHz (default) 40: 5.200 GHz 44: 5.220 GHz 48: 5.240 GHz 149: 5.745 GHz 153: 5.765 GHz 157: 5.785 GHz 116 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide 161: 5.805 GHz 165: 5.825 GHz If you are using the unit in a country and band that require DFS, keep in mind the following:
DFS is not a configurable parameter; it is always enabled and cannot be disabled. You cannot manually select the devices operating channel; you must let the unit select the channel. You may make channels unavailable by manually blacklisting them and preventing those channels being selected, in accordance with local regulations or interference. You can also display the Channel Blacklist Table to view the channels that have been blacklisted by the AP. In compliance with FCC regulations, the AP uses ATPC (Automatic Transmit Power Control) to automatically adapt transmit power when the quality of the link is more than sufficient to maintain a good communication with reduced transmit power. See Transmit Power Control/Transmit Power Level for more information. DFS is required for three purposes:
1. Radar avoidance both at startup and while operational. To meet these requirements, the AP scans available frequencies at startup. If a DFS enabled channel is busy or occupied with radar, the system will blacklist the channel for a period of 30 minutes in accordance with FCC, IC, ETSI, and TELEC regulations. Once fully operational on a frequency, the AP actively monitors the occupied frequency. If interference is detected, the AP blacklists the channel, logs a message and rescans to find a new frequency that is not busy and is free of radar interference. 2. Guarantee the efficient use of available frequencies by all devices in a certain area. To meet this requirement, the AP scans each available frequency upon startup and selects a frequency based upon the least amount of noise and interference detected. This lets multiple devices operate in the same area with limited interference. This procedure is done only at startup; if another UNII device comes up on the same frequency, the AP does not detect this or rescan because of it. It is expected that other devices using these frequencies also are in compliance with country regulations, so this should not happen. 3. Uniform Channel Spreading. To meet this requirement, the AP randomly selects its operating channel from the available channels with least interference. Affected Countries Japan is certified in the TELEC regulatory domain, Canada is certified in the IC regulatory domain, and the USA is certified in the FCC regulatory domain for operation in the 5 GHz band. The following countries are certified in the ETSI regulatory domain for operation in the 5 GHz band:
Austria Belgium Czech Republic Cyprus Denmark Estonia Finland France Germany Greece Hungary Ireland Italy Latvia Lithuania Luxembourg Malta Netherlands Norway Poland Portugal Spain Sweden Switzerland UK RTS/CTS Medium Reservation The 802.11 standard supports optional RTS/CTS communication based on packet size. Without RTS/CTS, a sending radio listens to see if another radio is already using the medium before transmitting a data packet. If the medium is free, the sending radio transmits its packet. However, there is no guarantee that another radio is not transmitting a packet at the same time, causing a collision. This typically occurs when there are hidden nodes (clients that can communicate with the Access Point but are out of range of each other) in very large cells. 117 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide When RTS/CTS occurs, the sending radio first transmits a Request to Send (RTS) packet to confirm that the medium is clear. When the receiving radio successfully receives the RTS packet, it transmits back a Clear to Send (CTS) packet to the sending radio. When the sending radio receives the CTS packet, it sends the data packet to the receiving radio. The RTS and CTS packets contain a reservation time to notify other radios (including hidden nodes) that the medium is in use for a specified period. This helps to minimize collisions. While RTS/CTS adds overhead to the radio network, it is particularly useful for large packets that take longer to resend after a collision occurs. RTS/CTS Medium Reservation is an advanced parameter and supports a range between 0 and 2347 bytes. When set to 2347 (the default setting), the RTS/CTS mechanism is disabled. When set to 0, the RTS/CTS mechanism is used for all packets. When set to a value between 0 and 2347, the Access Point uses the RTS/CTS mechanism for packets that are the specified size or greater. You should not need to enable this parameter for most networks unless you suspect that the wireless cell contains hidden nodes. Wireless Service Status The user can shut down (or resume) the wireless service on the wireless interface of the AP through the CLI, HTTP, or SNMP interface. When the wireless service on a wireless interface is shut down, the AP will:
Stop the AP services to wireless clients connected on that wireless interface by disassociating them Disable the associated BSS ports on that interface Disable the transmission and reception of frames on that interface Enable Ethernet interface so that it can receive a wireless service resume command through CLI/HTTP/SNMP Indicate the wireless service shutdown status of the wireless interface through LED and traps interface NOTE: WSS disables BSS ports. NOTE: The wireless service cannot be shutdown on an interface where Rogue Scan is enabled. NOTE: Wireless service can be shut down/resumed on each wireless interface individually. In shutdown state, AP will not transmit and receive frames from the wireless interface and will stop transmitting periodic beacons. Moreover, none of the frames received from the Ethernet interface will be forwarded to that wireless interface. Wireless service on a wireless interface of the AP can be resumed through CLI/HTTP/SNMP management interface. When wireless service on a wireless interface is resumed, the AP will:
Enable the transmission and reception of frames on that wireless interface Enable the associated BSS port on that interface Start the AP services to wireless clients After wireless service resumes, the AP resumes beaconing, transmitting and receiving frames to/from the wireless interface and bridging the frames between the Ethernet and the wireless interface. Indicate the wireless service resume status of the wireless interface through LED and traps Traps Generated During Wireless Service Shutdown (and Resume) The following traps are generated during wireless service shutdown and resume, and are also sent to any configured Syslog server. When the wireless service is shut down on a wireless interface, the AP generates a trap called oriTrapWirelessServiceShutdown. When the wireless service is resumed on a wireless interface, the AP generate a trap called oriTrapWirelessServiceResumed. Channel Blacklist Table The Channel Blacklist table contains all available channels (channels vary based on regulatory domain). It can be used to manually blacklist channels, and it also reflects channels that have been automatically blacklisted by the Dynamic 118 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Frequency Selection/Radar Detection (DFS/RD) function. In the IC, FCC, ETSI, and TELEC regulatory domains, a channel is blacklisted automatically if it is found to be busy or occupied by radar during a scan at start-up. When a channel has been automatically blacklisted, it will remain blacklisted for 30 minutes. Additionally, an administrator can blacklist channels manually to prevent them from being used when ACS is enabled. NOTE: Any change in channel-related parameters (e.g., country code, turbo mode, Operational mode, H-band operation) resets the channel blacklist table. The channel blacklist table can be configured only through the Web or SNMP interfaces. CLI configuration is not supported. To blacklist a channel manually:
1. Click on Configure > Interfaces > Wireless A or Wireless B. 2. Scroll down to the Channel Blacklist heading. Figure 6-12 Channel Blacklist Table 3. Click Edit in the Channel Blacklist Table 4. Set Blacklist Status to Enable. 119 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-13 Channel Blacklist Table - Edit Screen Wireless Distribution System (WDS) A Wireless Distribution System (WDS) creates a link between two 4.9 GHz, 802.11a, 802.11b, or 802.11b/g APs over their radio interfaces. This link relays traffic from one AP that does not have Ethernet connectivity to a second AP that has Ethernet connectivity. WDS allows you to configure up to six (6) ports per radio (up to 12 ports in all). In the WDS example below, AP 1 and AP 2 communicate over a WDS link (represented by the blue line). This link provides Client 2 with access to network resources even though AP 2 is not directly connected to the Ethernet network. Packets destined for or sent by the client are relayed between the Access Points over the WDS link. Figure 6-14 WDS Example Bridging WDS Each WDS link is mapped to a logical WDS port on the AP. WDS ports behave like Ethernet ports rather than like standard wireless interfaces: on a BSS port, an Access Point learns by association and from frames; on a WDS or Ethernet port, an Access Point learns from frames only. When setting up a WDS, keep in mind the following:
120 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide WDS and Mesh functionality cannot be enabled on the same radio when the AP is configured to function as a Mesh AP. There are separate security settings for clients and WDS links. The same WDS link security mode must be configured
(currently we only support none or WEP) on each Access Point in the WDS and the same WEP key must be configured. The WDS link shares the communication bandwidth with the clients. Therefore, while the maximum data rate for the Access Point's cell is 54 Mbits/second (802.11a, 4.9 GHz, 802.11g only, or 802.b/g modes) or 11 Mbits/second
(802.11b only mode), client throughput will decrease when traffic is passing over the WDS link. If there is no partner MAC address configured in the WDS table, the WDS port remains disabled. A WDS port on a single AP should have a unique partner MAC address. Do not enter the same MAC address twice in an APs WDS port list. Each Access Point that is a member of the WDS must have the same Channel setting to communicate with each other. If your network does not support spanning tree, be careful to avoid creating network loops between APs. For example, creating a WDS link between two Access Points connected to the same Ethernet network will create a network loop (if spanning tree is disabled). For more information, see the Spanning Tree section. When WDS is enabled, Spanning Tree protocol is automatically enabled. It may be manually disabled. If Spanning Tree protocol is enabled by WDS and WDS is subsequently disabled, Spanning tree will remain enabled until it is manually disabled. See Spanning Tree. WDS Setup Procedure NOTE: You must disable Auto Channel Select to create a WDS. Each Access Point that is a member of the WDS must have the same channel setting to communicate with each other. NOTE: WDS and Mesh functionality cannot be enabled on the same radio when the AP is configured to function as a Mesh AP. To setup a wireless backbone follow the steps below for each AP that you wish to include in the Wireless Distribution System. 1. Confirm that Auto Channel Select is disabled. 2. Write down the MAC Address of the radio that you wish to include in the Wireless Distribution System. 3. Click on Configure > Interfaces > Wireless A or Wireless B. 4. Scroll down to the Wireless Distribution System heading. Figure 6-15 WDS Configuration 121 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide 5. Click the Edit button to update the Wireless Distribution System (WDS) Table. Figure 6-16 Adding WDS Links 6. Select which encryption method to use (if any) from the WDS Security Mode drop-down menu. 7. If you selected a WDS Security Mode, do one of the following:
If you selected WEP: Enter an encryption key. If you selected AES: Enter a shared secret. 8. Enter the MAC Address that you wrote down in Step 2 in one of the Partner MAC Address field of the Wireless Distribution Setup window. 9. Set the Status of the device to Enable. 10.Click OK. 11.Reboot the AP. Ethernet Select the desired speed and transmission mode from the drop-down menu. Half-duplex means that only one side can transmit at a time and full-duplex allows both sides to transmit. When set to auto-duplex, the AP negotiates with its switch or hub to automatically select the highest throughput option supported by both sides. 122 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-17 Ethernet Sub-tab For best results, Proxim recommends that you configure the Ethernet setting to match the speed and transmission mode of the device the Access Point is connected to (such as a hub or switch). If in doubt, leave this setting at its default, auto-speed-auto-duplex. Choose between:
10 Mbit/s - half duplex or full duplex 100 Mbit/s - half duplex or full duplex Auto speed - auto duplex Mesh Mesh functionality can be enabled on only one of the APs wireless interfaces. When configured for Mesh, the APs wireless interface simultaneously functions as a Mesh link and as a radio to service clients. CAUTION: Mesh mis-configuration may cause problems in your wireless network. Before configuring an interface for Mesh functionality, see Mesh Network Configuration. 123 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Basic Mesh Parameters Figure 6-18 Basic Mesh Parameters Configure the following basic parameters for Mesh functionality, and click OK. NOTE: Changes to these parameters require a reboot in order to take effect. Mesh Mode: Use this drop down menu to enable/disable Mesh functionality on a wireless interface. When Mesh Mode is set to Disable, all other parameters on this tab will be grayed out. To enable Mesh functionality, choose one of the following:
Mesh Portal: Choose this option if the AP will be connected directly to the wired backbone. Mesh AP: Choose this option if the AP will connect to the portal and backbone wirelessly. NOTE: Proxim recommends enabling Auto Channel Select when configuring an AP as a Mesh AP. Auto Channel Select is configured on the Wireless A or Wireless B page. See Wireless-A (802.11a or 4.9 GHz Radio) and Wireless-B (802.11b/g Radio) for more information. Mesh Radio: Select the wireless interface on which to enable Mesh functionality. Select Wireless Interlace A (802.11a radio or 4.9 GHz radio) or Wireless Interface B (802.11b/g radio). Mesh SSID: Enter a unique Mesh Network Name (SSID) between 1 and 16 characters. NOTE: Do not use quotation marks (single or double) in the Network Name; this will cause the AP to misinterpret the name. Security Mode: Select None to use Mesh networking without security, or AES to enable AES encryption between Mesh links. Shared Secret: Enter a password between 6 and 32 characters. This is the password shared between a Mesh AP and the Portal to which it is connected when AES is selected as the security mode. 124 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Mesh Mobility: Set this parameter to Fixed if the AP is statically placed, or to Mobile if the AP is mobile. QoS Policy Index: The index number of the QoS policy to be used by the Mesh radio. For more information on QoS, see QoS. Disable Client Access on Mesh Radio: When this option is enabled, the AP will not accept clients on its Mesh radio. When disabled, clients can link to the Mesh radio. Advanced Mesh Parameters Figure 6-19 Advanced Mesh Parameters Click on the Advanced button on the Interfaces > Mesh page to access advanced Mesh parameters. The parameters on the Advanced Mesh Parameters page are preconfigured with default settings that optimize the type of network identified in the Mesh Mobility parameter on the previous page. Proxim recommends changing these values only if you have advanced knowledge of Mesh networking. Mesh Link Parameters To reset these parameters to their default settings, click the Default button. NOTE: Changes to these parameters require a reboot in order to take effect. Maximum Active Mesh Links: Select a number between 1 and 32 to configure the number of Mesh links that can be connected to a single Mesh portal or Mesh AP, as follows:
125 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Mesh Portal: This number represents the maximum downlinks to Mesh APs (up to 32). Mesh AP: This number includes one mandatory uplink to the Mesh Portal, with the remaining links (up to 6) available for downlinks to Mesh APs. A mobile Mesh AP should be configured to 1 to allow only uplinks. Proxim recommends a maximum of 30-40 APs total per portal (whether connected directly to the Portal or to another Mesh AP). See Mesh Network Configuration. Maximum Hops to Portal: Set the maximum number of hops (1 to 4) allowed to reach the Mesh portal. Hop Factor: This parameter specifies how much weight should be given to the number of hops (vs. RSSI and Medium Occupancy) when determining the best path to the Mesh Portal. The range is 0 to 10. Set the value to a higher number to give more weight to this factor; set this value to a lower number to give less weight to this factor. Setting this value to a lower number is beneficial in applications where an AP roams because of signal strength. RSSI Factor: This parameter specifies how much weight should be given to RSSI level (vs. number of hops and Medium Occupancy) when determining the best path to the Mesh Portal. The range is 0 to 10. Set the value to a higher number to give more weight to this factor; set this value to a lower number to give less weight to this factor. Medium Occupancy Factor: This parameter specifies how much weight should be given to Medium Occupancy level
(vs. number of hops and RSSI) when determining the best path to the Mesh Portal. The Medium Occupancy level is the amount of wireless traffic on the channel. The range is 0 to 10. Set the value to a higher number to give more weight to this factor; set this value to a lower number to give less weight to this factor. Receive Signal Strength Cut-Off: This parameter specifies the minimum level of received signal strength needed for the node to be considered a Mesh link. If the Receive Signal Strength at the node is below this level, it is not considered a link. Set this value to a number between 0 and 26 (dB). Roaming Threshold: The Roaming Threshold is the point at which the AP roams or chooses another link. The threshold number is the difference between two path costs; if the difference is larger than the roaming threshold, the AP roams; if the difference is smaller than the roaming threshold, the AP maintains its connection with the current link. The range is 1 to 100. In a static Mesh environment, set this parameter to a high value to avoid switching links too frequently. In a mobile Mesh environment, set this parameter to a lower value (1 - 20) to allow optimal link establishment. Note that this parameter has no effect in Mesh Portal mode. User Defined Cost: This parameter allows the user to manually add cost to the overall path cost, in order to force connection to one AP over another. Auto Switch Mode Parameters Auto Switch Mode parameters may be configured only for a Mesh Portal. Auto Switch mode allows an AP configured as a Mesh Portal to switch its mode to be a Mesh AP if it loses its uplink (Ethernet) connection. If the uplink connection is regained, the AP will switch back to Mesh Portal mode. NOTE: Depending on the Ethernet connection, if Auto Switch Mode is enabled, the displayed Current Mesh Mode may be different from the mode that was actually configured. NOTE: Changes to these parameters require a reboot in order to take effect. Enable Auto Switch Mesh Mode: When enabled, an AP configured as a Mesh Portal can dynamically switch to functioning as a Mesh AP if it loses its uplink connection. NOTE: When enabling Auto Switch Mode, Proxim recommends that you also enable Auto Channel Select. ACS is configured on the Wireless A or Wireless B page. See Wireless-A (802.11a or 4.9 GHz Radio) and Wireless-B (802.11b/g Radio) for more information. Current Mesh Mode: Displays the current Mesh mode of the AP (Mesh Portal or Mesh AP). Disable Client Access on No Uplink Connection: When this option is enabled, the AP will not provide wireless connections to clients on both radios if the unit does not have an uplink connection. Notify Clients on Uplink Change: When this option is enabled, the AP will send a deauthentication message to currently connected clients when its uplink changes. This allows clients to restart a fresh connection, renewing their IP addresses if necessary. For more information on Mesh, see Mesh Networking. 126 MeshMAX 5054 Series User Guide Configuration Advanced Configuration of Mesh and Access Point Module Management IP Access Table The Management tab contains the following sub-tabs:
Passwords Services Automatic Configuration (AutoConfig) Hardware Configuration Reset (CHRD) Passwords Passwords are stored in flash memory and secured using encryption. You can configure the following passwords:
SNMP Read Community Password: The password for read access to the AP using SNMP. Enter a password between 6 and 32 characters in both the Password field and the Confirm field. The default password is public. SNMP Read/Write Community Password: The password for read and write access to the AP using SNMP. Enter a password between 6 and 32 characters in both the Password field and the Confirm field. The default password is public. SNMPv3 Authentication Password: The password used when sending authenticated SNMPv3 messages. Enter a password in both the Password field and the Confirm field. This password must be between 6 and 32 characters, but a length of at least 8 characters is recommended. The default password is public. Secure Management (Services tab) must be enabled to configure SNMPv3. The default SNMPv3 username is administrator, with SHA authentication and DES privacy protocol. SNMPv3 Privacy Password: The password used when sending encrypted SNMPv3 data. Enter a password in both the Password field and the Confirm field. This password must be between 6 and 32 characters, but a length of at least 8 characters is recommended. The default password is public. Secure Management (Services tab) must be enabled to configure SNMPv3. Telnet (CLI) Password: The password for the CLI interface (via serial or Telnet). Enter a password between 6 and 32 characters in both the Password field and the Confirm field. The default password is public. HTTP (Web) Password: The password for the Web browser HTTP interface. Enter a password between 6 and 32 characters in both the Password field and the Confirm field. The default password is public. NOTE: For security purposes Proxim recommends changing ALL PASSWORDS from the default public immediately, to restrict access to your network devices to authorized personnel. If you lose or forget your password settings, you can always perform a Soft Reset to Factory Defaults or Hard Reset to Factory Defaults. 127 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide IP Access Table The Management IP Access table limits in-band management access to the IP addresses or range of IP addresses specified in the table. This feature applies to all management services (SNMP, HTTP, and CLI) except for CLI management over the serial port. To configure this table, click Add and set the following parameters:
IP Address: Enter the IP Address for the management station. IP Mask: Enter a mask that will act as a filter to limit access to a range of IP Addresses based on the IP Address you already entered. The IP mask 255.255.255.255 would authorize the single station defined by the IP Address to configure the Access Point. The AP would ignore commands from any other IP address. In contrast, the IP mask 255.255.255.0 would allow any device that shares the first three octets of the IP address to configure the AP. For example, if you enter an IP address of 10.20.30.1 with a 255.255.255.0 subnet mask, any IP address between 10.20.30.1 and 10.20.30.254 will have access to the APs management interfaces. Comment: Enter an optional comment, such as the station name. To edit or delete an entry, click Edit. Edit the information, or select Enable, Disable, or Delete from the Status pull-down menu. Services You can configure the following management services:
Secure Management Secure Management allows the use of encrypted and authenticated communication protocols such as SNMPv3, Secure Socket Link (SSL), and Secure Shell (SSH) to manage the Access Point. 128 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Secure Management Status: Enables the further configuration of HTTPS Access, SNMPv3, and Secure Shell
(SSH). After enabling Secure Management, you can choose to configure HTTPS (SSL) and Secure Shell access on the Services tab, and to configure SNMPv3 passwords on the Passwords tab. SNMP Settings SNMP Interface Bitmask: Configure the interface or interfaces (Ethernet, Wireless-Slot A, Wireless-Slot B, All Interfaces) from which you will manage the AP via SNMP. You can also select Disabled to prevent a user from accessing the AP via SNMP. HTTP Access HTTP Interface Bitmap: Configure the interface or interfaces (Ethernet, Wireless-Slot A, Wireless-Slot B, All Interfaces) from which you will manage the AP via the Web interface. For example, to allow Web configuration via the Ethernet network only, set HTTP Interface Bitmask to Ethernet. You can also select Disabled to prevent a user from accessing the AP from the Web interface. HTTP Port: Configure the HTTP port from which you will manage the AP via the Web interface. By default, the HTTP port is 80. You must reboot the Access Point if you change the HTTP Port. HTTP Wizard Status: The Setup Wizard appears automatically the first time you access the HTTP interface. If you exited out of the Setup Wizard and want to relaunch it, enable this option, click OK, and then close your browser or reboot the AP. The Setup Wizard will appear the next time you access the HTTP interface. HTTPS Access (Secure Socket Layer) NOTE: SSL requires Internet Explorer version 6, 128 bit encryption, Service Pack 1, and patch Q323308. NOTE: You need to reboot the AP after enabling or disabling SSL for the changes to take effect. HTTPS (Secure Web Status): The user can access the AP in a secure fashion using Secure Socket Layer (SSL) over port 443. The AP comes pre-installed with all required SSL files: default certificate and private key installed. Use the drop-down menu to enable/disable this feature. SSL Certificate Passphrase: After enabling SSL, the only configurable parameter is the SSL passphrase. The default SSL passphrase is proxim. The AP supports SSLv3 with a 128-bit encryption certificate maintained by the AP for secure communications between the AP and the HTTP client. All communications are encrypted using the server and the client-side certificate. If you decide to upload a new certificate and private key (using TFTP or HTTP File Transfer), you need to change the SSL Certificate Passphrase for the new SSL files. Accessing the AP through the HTTPS interface The user should use a SSL intelligent browser to access the AP through the HTTPS interface. After configuring SSL, access the AP using https:// followed by the APs management IP address. 129 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-20 Management Services Configuration Screen 130 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Telnet Configuration Settings Telnet Interface Bitmask: Select the interface (Ethernet, Wireless-Slot A, Wireless-Slot B, All Interfaces) from which you can manage the AP via telnet. This parameter can also be used to Disable telnet management. Telnet Port Number: The default port number for Telnet applications is 23. However, you can use this field if you want to change the Telnet port for security reasons (but your Telnet application also must support the new port number you select). You must reboot the Access Point if you change the Telnet Port. Telnet Login Idle Timeout (seconds): Enter the number of seconds the system will wait for a login attempt. The AP terminates the session when it times out. The range is 30 to 300 seconds; the default is 60 seconds. Telnet Session Idle Timeout (seconds): Enter the number of seconds the system will wait during a session while there is no activity. The AP will terminate the session on timeout. The range is 60 to 36000 seconds; the default is 900 seconds. Secure Shell (SSH) Settings The AP supports SSH version 2, for secure remote CLI (Telnet) sessions. SSH provides strong authentication and encryption of session data. The SSH server (AP) has host keys - a pair of asymmetric keys - a private key that resides on the AP and a public key that is distributed to clients that need to connect to the AP. As the client has knowledge of the server host keys, the client can verify that it is communicating with the correct SSH server. The client authentication is performed as follows:
Using a username/password pair if RADIUS Based Management is enabled; otherwise, using a password to authenticate the user over a secure channel created using SSH. SSH Session Setup An SSH session is setup through the following process:
The SSH server public key is transferred to the client using out-of-band or in-band mechanisms. The SSH client verifies the correctness of the server using the servers public key. The user/client authenticates to the server. An encrypted data session starts. The maximum number of SSH sessions is limited to two. If there is no activity for a specified amount of time (the Telnet Session Timeout parameter), the AP will timeout the connection. SSH Clients The following SSH clients have been verified to interoperate with the APs server. The following table lists the clients, version number, and the website of the client. Clients OpenSSH Putty Zoc Axessh Version V3.4-2 Rel 0.53b 5.00 V2.5 Website http://www.openssh.com http://www.chiark.greenend.org.uk http://www.emtec.com http://www.labf.com For key generation, OpenSSH client has been verified. Configuring SSH Perform the following procedure to set the SSH host key and enable or disable SSH:
1. Click Configure > Management > Services 2. Select the SSH Host Key Status from the drop down menu. NOTE: SSH Host Key Status can not be changed if SSH status or Secure Management is enabled. 3. To enable/disable SSH, select Enable/Disable from the SSH (Secure Shell) Status drop-down menu. 131 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide NOTE: When Secure Management is enabled on the AP, SSH will be enabled by default and cannot be disabled. Host keys must either be generated externally and uploaded to the AP (see Uploading Externally Generated Host Keys), generated manually, or auto-generated at the time of SSH initialization if SSH is enabled and no host keys are present. There is no key present in an AP that is in a factory default state. To manually generate or delete host keys on the AP:
CAUTION: SSH Host key creation may take 3 to 4 minutes during which time the AP may not respond. Select Create to generate a new pair of host keys. Select Delete to remove the host keys from the AP. If no host keys are present, the AP will not allows connections using SSH. When host keys are created or deleted, the AP updates the fingerprint information displayed on the Management > Services page. Uploading Externally Generated Host Keys Perform the following procedure to upload externally generated host keys to the AP. You must upload both the SSH public key and SSH private key for SSH to work. 1. Verify that the host keys have been externally generated. The OpenSSH client has been verified to interoperate with APs SSH server. 2. Click Commands > Update AP > via HTTP (or via TFTP). Figure 6-21 Uploading an Externally Generated SSH Public Key and SSH Private Key to initiate the file transfer, click the Update AP button. 3. Select SSH Public Key from the File Type drop-down menu. 4. Click Browse, select the SSH Public Key file on your local machine. 5. Click Open. 6. 7. Select SSH Private Key from the File Type drop-down menu. 8. Click Browse, select the SSH Private Key on your local machine. 9. Click Open. 10.To initiate the file transfer, click the Update AP button. The fingerprint of the new SSH public key will be displayed in the Management > Services page. 132 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Serial Configuration Settings The serial port interface on the AP is enabled at all times. See Setting IP Address using Serial Port for information on how to access the CLI interface via the serial port. You can configure and view the following parameters:
Serial Baud Rate: Select the serial port speed (bits per second). Choose between 2400, 4800, 9600, 19200, 38400, or 57600; the default Baud Rate is 9600. Serial Flow Control: Select either None (default) or Xon/Xoff (software controlled) data flow control. NOTE: To avoid potential problems when communicating with the AP through the serial port, Proxim recommends that you leave the Flow Control setting at None (the default value). Serial Data Bits: This is a read-only field and displays the number of data bits used in serial communication (8 data bits by default). Serial Parity: This is a read-only field and displays the number of parity bits used in serial communication (no parity bits by default). Serial Stop Bits: This is a read-only field that displays the number of stop bits used in serial communication (1 stop bit by default). NOTE: The serial port bit configuration is commonly referred to as 8N1. RADIUS Based Management Access User management of APs can be centralized by using a RADIUS server to store user credentials. The AP cross-checks credentials using RADIUS protocol and the RADIUS server accepts or rejects the user. HTTP/HTTPS and Telnet/SSH users can be managed with RADIUS. Serial CLI and SNMP cannot be managed by RADIUS. Two types of users can be supported using centralized RADIUS management:
Super User: The super user has access to all functionality of a management interface. A super user is configured in the RADIUS server by setting the filter ID attribute (returned in the RADIUS Accept packet) for the user to a value of super user (not case sensitive). A user is considered a super user if the value of the filter-id attribute returned in the RADIUS Accept packet for the user is super user (not case sensitive). Limited User: A limited user has access to only a limited set of functionality on a management interface. All users who are not super users are considered limited users. However, a limited user is configured in the RADIUS server by setting the filter-id attribute (returned in the RADIUS Accept packet) to limited user (not case sensitive). Limited users do not have access to the following configuration capabilities:
Update/retrieve files to and from APs Reset the AP to factory defaults Reboot the AP Change management properties related to RADIUS, management modes, and management passwords. NOTE: When a user has both limited user and super user filter-ids configured in the Radius server, the user has limited user privileges. When RADIUS Based Management is enabled, a local user can be configured to provide Telnet, SSH, and HTTP(S) access to the AP when RADIUS servers fail. The local user has super user capabilities. When secure management is enabled, the local user can only login using secure means (i.e., SSH or SSL). When the local user option is disabled the only access to the AP when RADIUS servers are down will be through serial CLI or SNMP. The Radius Based Management Access parameters allows you to enable HTTP or Telnet Radius Management Access, to configure a RADIUS Profile for management access control, and to enable or disable local user access, and configure the local user password. You can configure and view the following parameters:
HTTP RADIUS Access Control Status: Enable RADIUS management of HTTP/HTTPS users. Telnet RADIUS Access Control Status: Enable RADIUS management of Telnet/SSH users. 133 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide RADIUS Profile for Management Access Control: Specifies the RADIUS Profile to be used for RADIUS Based Management Access. Local User Status: Enables or disables the local user when RADIUS Based Management is enabled. The default local user ID is root. Local User Password and Confirm Password: The default local user password is public. Root cannot be configured as a valid user for Radius based management access when local user access is enabled. Automatic Configuration (AutoConfig) The Automatic Configuration feature which allows an AP to be automatically configured by downloading a specific configuration file from a TFTP server during the boot up process. Automatic Configuration is disabled by default. The configuration process for Automatic Configuration varies depending on whether the AP is configured for dynamic or static IP. When an AP is configured for dynamic IP, the Configuration filename and the TFTP server IP address are contained in the DHCP response when the AP gets its IP address dynamically from the DHCP server. When configured for static IP, these parameters are instead configured in the AP interface. After setting up automatic configuration you must reboot the AP. When the AP reboots it receives the new configuration information and must reboot one additional time. If Syslog is configured, a Syslog message will appear indicating the success or failure of the Automatic Configuration. Auto Configuration and the CLI Batch File The Auto Configuration feature allows download of the LTV (Length, Type, Value) format configuration file or the CLI Batch file. The LTV file contains parameters used by the AP; the CLI Batch file contains CLI executable commands used to set AP parameters. The AP detects whether the uploaded file is LTV format or a CLI Batch file. If the AP detects an LTV file, it stores the file in the APs flash memory. If the AP detects a CLI Batch file (a file with an extension of .cli), the AP executes the commands contained in the file immediately. The AP will reboot after executing the CLI Batch file. Auto Configuration will not result in repeated reboots if the CLI Batch file contains rebootable parameters. For more information, see the CLI Batch File section. Set up Automatic Configuration for Static IP Perform the following procedure to enable and set up Automatic Configuration when you have a static IP address for the TFTP server. 1. Click Configure > Management > AutoConfig. The Automatic Configuration Screen appears. 2. Check Enable Auto Configuration. 3. Enter the Configuration Filename. The default is config. 4. Enter the IP address of the TFTP server in the TFTP Server Address field. The default is 169.254.128.133. NOTE: The default filename is config. The default TFTP IP address is 169.254.128.133. 5. Click OK to save the changes. 6. Reboot the AP. When the AP reboots it receives the new configuration information and must reboot one additional time. If a Syslog server was configured, the following messages can be observed on the Syslog server:
AutoConfig for Static IP TFTP server address and configuration filename AutoConfig Successful 134 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-22 Automatic Configuration Screen Set up Automatic Configuration for Dynamic IP Perform the following procedure to enable and set up Automatic Configuration when you have a dynamic IP address for the TFTP server via DHCP. The Configuration filename and the TFTP server IP address are contained in the DHCP response when the AP gets its IP address dynamically from the DHCP server. A Syslog server address is also contained in the DHCP response, allowing the AP to send Auto Configuration success and failure messages to a Syslog server. NOTE: The configuration filename and TFTP server IP address are configured only when the AP is configured for Static IP. If the AP is configured for Dynamic IP these parameters are not used and obtained from DHCP. 1. Click Configure > Management > AutoConfig. The Automatic Configuration screen appears. 2. Check Enable Auto Configuration. When the AP is Configured with Dynamic IP, the DHCP server should be configured with the TFTP Server IP address
("Boot Server Host Name", option 66) and Configuration file ("Bootfile name", option 67) as follows (note that this example uses a Windows 2000 server):
3. Select DHCP Server > DHCP Option > Scope. The DHCP Options: Scope screen appears. 135 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-23 DHCP Options: Setting the Boot Server Host Name 4. Add the Boot Server Hostname and Boot Filename parameters to the Available Options list. 5. Set the value of the Boot Server Hostname Parameter to the hostname or IP Address of the TFTP server. For example: 11.0.0.7. Figure 6-24 DHCP Options: Setting the Bootfile Name 6. Set the value of the Bootfile Name parameter to the Configuration filename. For example: AP-Config. 7. 8. Reboot the AP. When the AP reboots it receives the new configuration information and must reboot one additional If using Syslog, set the Log server IP address (option 7, Log Servers). time. If a Syslog server was configured, the following messages can be observed on the Syslog server:
AutoConfig for Dynamic IP TFTP server address and configuration filename AutoConfig Successful Hardware Configuration Reset (CHRD) Hardware Configuration Reset Status is a parameter that defines the hardware configuration reset behavior of the AP. If a user loses or forgets the APs HTTP/Telnet/SNMP password, the Reload button on the power injector provides a way to reset the AP to default configuration values and gain access to the AP. However, in AP deployments where physical access to the AP is not protected, an unauthorized person could reset the AP to factory defaults and thus gain control of the AP. The user can disable the hardware configuration reset functionality to prevent unauthorized access. 136 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide The hardware configuration reset feature operates as follows:
When hardware configuration reset is enabled, the user can press the Reload button on the power injector for 10 seconds when the AP is in normal operational mode in order to delete the AP configuration. When hardware configuration reset is disabled, pressing the Reload button when the AP is in normal operational mode does not have any effect on the AP. The hardware configuration reset parameter does not have any effect on the functionality of the reload button to delete the AP image during AP boot loader execution. The default hardware configuration reset status is enabled. When disabling hardware configuration reset, the user is recommended to configure a configuration reset password. A configuration reset option appears on the serial port during boot up, before the AP reads its configuration and initializes. Whenever the AP is reset to factory default configuration, hardware configuration reset status is enabled and the configuration reset password is set to the default, public. If secure mode is enabled in the AP, only secure (SSL, SNMPv3, SSH) users can modify the values of the Hardware Configuration Reset Status and the configuration reset password. Configuration Reset via Serial Port During Bootup If hardware configuration reset is disabled, the user gets prompted by a configuration reset option to reset the AP to factory defaults during boot up from the serial interface. By pressing a key sequence (ctrl-R), the user gets prompted to enter a configuration reset password before the configuration is reset. NOTE: It is important to safely store the configuration reset password. If a user forgets the configuration reset password, the user will be unable to reset the AP to factory default configuration if the AP becomes inaccessible and the hardware configuration reset functionality is disable. Configuring Hardware Configuration Reset Perform the following procedure to configure Hardware Configuration Reset and to set the Configuration Reset Password. See Figure 6-25. 1. Click Configure > Management > CHRD. Figure 6-25 Hardware Configuration Reset 2. Check (enable) or uncheck (disable) the Enable Hardware Configuration Reset checkbox. 3. Change the default Configuration Reset Password in the Configuration Reset Password and Confirm fields. 137 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide 4. Click OK. 5. Reboot the AP. NOTE: It is important to safely store the configuration reset password. If a user forgets the configuration reset password, the user will be unable to reset the AP to factory default configuration if the AP becomes inaccessible and the hardware configuration reset functionality is disable. Procedure to Reset Configuration via the Serial Interface 1. During boot up, observe the message output on the serial interface. The AP prompts the user with the message: Press ctrl-R in 3 seconds to choose configuration reset option. 2. Enter ctrl-R within 3 seconds after being prompted. The AP prompts the user with Press ctrl-Z to continue with normal boot up or enter password to reset configuration. If the user enters ctrl-Z, the AP continues to boot with the stored configuration. 3. Enter the configuration reset password. The default configuration reset password is public. When the correct configuration reset password is entered, the AP gets reset to factory defaults and displays the message AP has been reset to Factory Default Settings. The AP continues to boot up. If an incorrect configuration reset password is entered, the AP shows an error message and reprompts the user. If the incorrect password is entered three times in a row, the AP proceeds to boot up. Filtering The Access Points Packet Filtering features help control the amount of traffic exchanged between the wired and wireless networks. There are four sub-tabs under the Filtering heading:
Ethernet Protocol Static MAC Advanced TCP/UDP Port Ethernet Protocol The Ethernet Protocol Filter blocks or forwards packets based on the Ethernet protocols they support. Follow these steps to configure the Ethernet Protocol Filter:
1. Select the interface or interfaces that will implement the filter from the Ethernet Protocol Filtering drop-down menu. Ethernet: Packets are examined at the Ethernet interface Wireless-Slot A or Wireless-Slot B: Packets are examined at the Wireless A or B interfaces All Interfaces: Packets are examined at both interfaces Disabled: The filter is not used 2. Select the Filter Operation Type. If set to Passthru, only the enabled Ethernet Protocols listed in the Filter Table will pass through the bridge. If set to Block, the bridge will block enabled Ethernet Protocols listed in the Filter Table. 138 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-26 Ethernet Protocol Filter Configuration 3. Configure the Ethernet Protocol Filter Table. This table is pre-populated with existing Ethernet Protocol Filters, however, you may enter additional filters by specifying the appropriate parameters. To add an entry, click Add, and then specify the Protocol Number and a Protocol Name. Protocol Number: Enter the protocol number. See http://www.iana.org/assignments/ethernet-numbers for a list of protocol numbers. Protocol Name: Enter related information, typically the protocol name. Figure 6-27 Ethernet Protocol Filter Table - Add Entries To edit or delete an entry, click Edit and change the information, or select Enable, Disable, or Delete from the Status drop-down menu. NOTE: An entrys status must be enabled in order for the protocol to be subject to the filter. 139 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-28 Ethernet Protocol Filter Table - Edit Entries Static MAC The Static MAC Address filter optimizes the performance of a wireless (and wired) network. When this feature is properly configured, the AP can block traffic between wired devices and wireless devices based on MAC address. For example, you can set up a Static MAC filter to prevent wireless clients from communicating with a specific server on the Ethernet network. You can also use this filter to block unnecessary multicast packets from being forwarded to the wireless network. NOTE: The Static MAC Filter is an advanced feature. You may find it easier to control wireless traffic via other filtering options, such as Ethernet Protocol Filtering. Figure 6-29 Static MAC Filter Configuration 140 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Each static MAC entry contains the following fields:
Wired MAC Address Wired Mask Wireless MAC Address Wireless Mask Comment: This field is optional. Each MAC Address or Mask is comprised of 12 hexadecimal digits (0-9, A-F) that correspond to a 48-bit identifier. (Each hexadecimal digit represents 4 bits (0 or 1).) Taken together, a MAC Address/Mask pair specifies an address or a range of MAC addresses that the AP will look for when examining packets. The AP uses Boolean logic to perform an AND operation between the MAC Address and the Mask at the bit level. However, for most users, you do not need to think in terms of bits. It should be sufficient to create a filter using only the hexadecimal digits 0 and F in the Mask (where 0 is any value and F is the value specified in the MAC address). A Mask of 00:00:00:00:00:00 corresponds to all MAC addresses, and a Mask of FF:FF:FF:FF:FF:FF applies only to the specified MAC Address. For example, if the MAC Address is 00:20:A6:12:54:C3 and the Mask is FF:FF:FF:00:00:00, the AP will examine the source and destination addresses of each packet looking for any MAC address starting with 00:20:A6. If the Mask is FF:FF:FF:FF:FF:FF, the AP will only look for the specific MAC address (in this case, 00:20:A6:12:54:C3). When creating a filter, you can configure the Wired parameters only, the Wireless parameters only, or both sets of parameters. Which parameters to configure depends upon the traffic that you want block:
To prevent all traffic from a specific wired MAC address from being forwarded to the wireless network, configure only the Wired MAC Address and Wired Mask (leave the Wireless MAC Address and Wireless Mask set to all zeros). To prevent all traffic from a specific wireless MAC address from being forwarded to the wired network, configure only the Wireless MAC address and Wireless Mask (leave the Wired MAC Address and Wired Mask set to all zeros). To block traffic between a specific wired MAC address and a specific wireless MAC address, configure all four parameters. A maximum of 200 entries can be created in the Static MAC filter table. To create an entry, click Add and enter the appropriate MAC addresses and Masks to setup a filter. The entry is enabled automatically when saved. Figure 6-30 Static MAC Filter Table - Add Entries To edit an entry, click Edit. To disable or remove an entry, click Edit and change the Status field from Enable to Disable or Delete. 141 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Static MAC Filter Examples Consider a network that contains a wired server and three wireless clients. The MAC address for each unit is as follows:
Wired Server: 00:40:F4:1C:DB:6A Wireless Client 1: 00:02:2D:51:94:E4 Wireless Client 2: 00:02:2D:51:32:12 Wireless Client 3: 00:20:A6:12:4E:38 Prevent Two Specific Devices from Communicating Configure the following settings to prevent the Wired Server and Wireless Client 1 from communicating:
Wired MAC Address: 00:40:F4:1C:DB:6A Wired Mask: FF:FF:FF:FF:FF:FF Wireless MAC Address: 00:02:2D:51:94:E4 Wireless Mask: FF:FF:FF:FF:FF:FF Result: Traffic between the Wired Server and Wireless Client 1 is blocked. Wireless Clients 2 and 3 can still communicate with the Wired Server. Prevent Multiple Wireless Devices from Communicating with a Single Wired Device Configure the following settings to prevent Wireless Clients 1 and 2 from communicating with the Wired Server:
Wired MAC Address: 00:40:F4:1C:DB:6A Wired Mask: FF:FF:FF:FF:FF:FF Wireless MAC Address: 00:02:2D:51:94:E4 Wireless Mask: FF:FF:FF:00:00:00 Result: When a logical AND is performed on the Wireless MAC Address and Wireless Mask, the result corresponds to any MAC address beginning with the 00:20:2D prefix. Since Wireless Client 1 and Wireless Client 2 share the same prefix (00:02:2D), traffic between the Wired Server and Wireless Clients 1 and 2 is blocked. Wireless Client 3 can still communicate with the Wired Server since it has a different prefix (00:20:A6). Prevent All Wireless Devices from Communicating with a Single Wired Device Configure the following settings to prevent all three Wireless Clients from communicating with Wired Server 1:
Wired MAC Address: 00:40:F4:1C:DB:6A Wired Mask: FF:FF:FF:FF:FF:FF Wireless MAC Address: 00:00:00:00:00:00 Wireless Mask: 00:00:00:00:00:00 Result: The Access Point blocks all traffic between Wired Server 1 and all wireless clients. Prevent a Wireless Device from Communicating with the Wired Network Configure the following settings to prevent Wireless Client 3 from communicating with any device on the Ethernet:
Wired MAC Address: 00:00:00:00:00:00 Wired Mask: 00:00:00:00:00:00 Wireless MAC Address: 00:20:A6:12:4E:38 Wireless Mask: FF:FF:FF:FF:FF:FF Result: The Access Point blocks all traffic between Wireless Client 3 and the Ethernet network. 142 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Prevent Messages Destined for a Specific Multicast Group from Being Forwarded to the Wireless LAN If there are devices on your Ethernet network that use multicast packets to communicate and these packets are not required by your wireless clients, you can set up a Static MAC filter to preserve wireless bandwidth. For example, if routers on your network use a specific multicast address (such as 01:00:5E:00:32:4B) to exchange information, you can set up a filter to prevent these multicast packets from being forwarded to the wireless network:
Wired MAC Address: 01:00:5E:00:32:4B Wired Mask: FF:FF:FF:FF:FF:FF Wireless MAC Address: 00:00:00:00:00:00 Wireless Mask: 00:00:00:00:00:00 Result: The Access Point does not forward any packets that have a destination address of 01:00:5E:00:32:4B to the wireless network. Advanced You can configure the following advanced filtering options:
Enable Proxy ARP: Place a check mark in the box provided to allow the Access Point to respond to Address Resolution Protocol (ARP) requests for wireless clients. When enabled, the AP answers ARP requests for wireless stations without actually forwarding them to the wireless network. If disabled, the Access Point will bridge ARP requests for wireless clients to the wireless LAN. Enable IP/ARP Filtering: Place a check mark in the box provided to allow IP/ARP filtering based on the IP/ARP Filtering Address and IP Mask. Leave the box unchecked to prevent filtering. If enabled, you should also configure the IP/ARP Filtering Address and IP/ARP IP Mask. IP/ARP Filtering Address: Enter the Network filtering IP Address. IP/ARP IP Mask: Enter the Network Mask IP Address. 143 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-31 Advanced Filter Configuration The following protocols are listed in the Advanced Filter Table:
Deny IPX RIP Deny IPX SAP Deny IPX LSP Deny IP Broadcasts Deny IP Multicasts The AP can filter these protocols in the wireless-to-Ethernet direction, the Ethernet-to-wireless direction, or in both directions. Click Edit and use the Status field to Enable or Disable the filter. 144 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-32 Static MAC Filter Table - Edit Entries TCP/UDP Port Port-based filtering enables you to control wireless user access to network services by selectively blocking TCP/UDP protocols through the AP. A user specifies a Protocol Name, Port Number, Port Type (TCP, UDP, or TCP/UDP), and filtering interfaces (Wireless radio A or B only, Ethernet only, a combination of Wireless radio A or B and Ethernet, or all interfaces) in order to block access to services, such as Telnet and FTP, and traffic, such as NETBIOS and HTTP. For example, an AP with the following configuration would discard frames received on its Ethernet interface with a UDP destination port number of 137, effectively blocking NETBIOS Name Service packets. Protocol Type
(TCP/UDP) Destination Port Number UDP 137 Protocol Name Interface Status (Enable/Disable) NETBIOS Name Service Ethernet Enable Adding TCP/UDP Port Filters 1. Place a check mark in the box labeled Enable TCP/UDP Port Filtering. 145 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-33 TCP/UDP Port Filter Configuration 2. Click Add under the TCP/UDP Port Filter Table heading. 3. 4. Set the destination Port Number (a value between 1 and 65535) to filter. See the IANA Web site at In the TCP/UDP Port Filter Table, enter the Protocol Names to filter. http://www.iana.org/assignments/port-numbers for a list of assigned port numbers and their descriptions. 5. Set the Port Type for the protocol: TCP, UDP, or both (TCP/UDP). 6. Set the Interface to filter:
Ethernet and Wireless Slot A Ethernet Wireless Slot A Wireless Slot B Wireless Slot A and B All interfaces Ethernet and Wireless Slot B 7. Click OK. 146 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-34 TCP/UDP Port Filter Table - Add Entries Editing TCP/UDP Port Filters 1. Click Edit under the TCP/UDP Port Filter Table heading. 2. Make any changes to the Protocol Name or Port Number for a specific entry, if necessary. 3. 4. Select OK. In the row that defines the port, set the Status to Enable, Disable, or Delete, as appropriate. Figure 6-35 TCP/UDP Port Filter Table - Edit Entries Alarms The Alarms tab has the following sub-tabs:
Groups Alarm Host Table Syslog Rogue Scan 147 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Groups Alarm groups can be enabled or disabled via the Web interface. Place a check mark in the box provided to enable a specific group. Remove the check mark from the box to disable the alarms. Alarm severity levels are as follows:
Critical alarms will often result in severe disruption in network activity or an automatic reboot of the AP. Major alarms are usually activated due to a breach in the security of the system. Clients cannot be authenticated because an attempt at unauthorized access into the AP has been detected. Informational alarms provide the network administrator with some general information about the activities the AP is performing. Configuration Trap Group Trap Name oriTrapDNSIPNotConfigured oriTrapRADIUSAuthenticationNotConfigured oriTrapRADIUSAccountingNotConfigured oriTrapDuplicateIPAddressEncountered Description DNS IP address not configured RADIUS Authentication not configured RADIUS Accounting not configured Another network device with the same IP address exists Severity Level Major Major Major Major oriTrapDHCPRelayServerTableNotConfigured The DHCP relay agent server table is empty or oriTrapVLANIDInvalidConfiguration oriTrapAutoConfigFailure oriTrapBatchExecFailure oriTrapBatchFileExecStart oriTrapBatchFileExecEnd Security Trap Group not configured A VLAN ID configuration is invalid Auto configuration failed The CLI Batch execution fails for the following reasons:
Illegal Command is parsed in the CLI Batch file Execution error is encountered while executing CLI Batch file Bigger file size than 100 Kbytes The CLI Batch execution begins after file is uploaded The execution of CLI Batch file ends. Major Major Minor Minor Minor Minor Trap Name oriTrapInvalidEncryptionKey Description Invalid encryption key has been detected. Severity Level Critical 148
| 1 | Users Manual 2 part 2 | Users Manual | 2.57 MiB |
Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Trap Name oriTrapAuthenticationFailure Severity Level Major Description Client authentication failure has occurred. Authentication failures can range from:
MAC Access Control table RADIUS MAC authentication 802.1x authentication specifying the EAP-Type WORP mutual authentication SSID authorization failure specifying the SSID VLAN ID authorization failure specifying the VLAN ID oriTrapUnauthorizedManagerDetected oriTrapRADScanComplete oriTrapRADScanResults oriTrapRogueScanStationDetected oriTrapRogueScanCycleComplete Unauthorized manager has attempted to view and/or modify parameters RAD scan is successfully completed Provides information on the RAD Scan results Rogue station detected Rogue scan successfully completed Major Informational Informational Informational Informational Wireless Interface/Card Trap Group Trap Name oriTrapWLCFailure oriTrapWLCRadarInterferenceDetected MIC Attack Detected MIC Attack Report Detected Operational Trap Group Description General failure wireless interface/card failure. Radar interference detected on the channel being used by the wireless interface Supported in Web interface only Supported in Web interface only Trap Name Description oriTrapUnrecoverableSoftwareErrorDetected oriTrapRADIUSServerNotResponding oriTrapModuleNotInitialized oriTrapDeviceRebooting oriTrapTaskSuspended oriTrapBootPFailed Unrecoverable software error detected. Causes software watch dog timer to expire, which in turn causes the device to reboot. RADIUS server not responding to authentication requests sent from the RADIUS client in the device Module (hardware or software) not initialized Device rebooting Task suspended Response to the BootP request not received;
device not dynamically assigned an IP address Severity Level Critical Major Major Major Severity Level Critical Major Major Informational Critical Major 149 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Trap Name oriTrapDHCPFailed oriTrapDNSClientLookupFailure oriTrapSSLInitializationFailure oriTrapWirelessServiceShutdown oriTrapWirelessServiceResumed oriTrapSSHInitializationStatus oriTrapVLANIDUserAssignment oriTrapDHCPLeaseRenewal oriTrapTemperatureAlert Flash Memory Trap Group Description Severity Level Major Major Response to the DHCP client request not received; device not dynamically assigned an IP address DNS client attempts to resolve a specified hostname (DNS lookup) and a failure occurs because either the DNS server is unreachable or there is an error for the hostname lookup. Trap specifies the hostname that was being resolved. SSL initialization failure Wireless interface has shutdown services for wireless clients Wireless interface has resumed service and is ready for wireless client connections SSH initialization status User is assigned a VLAN ID from the RADIUS server AP requests DHCP renewal and receives new information from the DHCP server. Information includes the DHCP server IP address that replied to the DHCP client request, and the IP address, subnet mask, and gateway IP address returned from the DHCP server. Temperature is above or below acceptable operating margin. Temperature is within 5C of upper or lower limit. Major Critical Major Informational Informational Major Informational Informational Trap Name Description oriTrapFlashMemoryEmpty Flash Memory Corrupted oriTrapFlashMemoryRestoringLastKnownGoo dConfiguration No data present in flash memory Flash memory corrupted Current/original configuration data file is found to be corrupted, and the device loads the last known good configuration file Severity Level Informational Critical Informational TFTP Trap Group Trap Name oriTrapTFTPFailedOperation oriTrapTFTPOperationInitiated oriTrapTFTPOperationCompleted Description TFTP operation failed TFTP operation Initiated TFTP operation completed Severity Level Major Informational Informational 150 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Image Trap Group Trap Name Description oriTrapZeroSizeImage oriTrapInvalidImage oriTrapImageTooLarge oriTrapIncompatibleImage oriTrapInvalidImageDigitalSignature Zero size image loaded onto device Invalid image loaded onto device Image loaded on the device exceeds the size limitation of flash Incompatible image loaded onto device Image with invalid digital signature is loaded onto device SNTP Trap Group Trap Name oriTrapSNTPFailure oriTrapSNTPFailure Generic Trap Group Description SNTP time retrieval failure SNTP sync-up failure Trap Name Description oriTrapGenericNotification (see following table) Generic SNMP Trap A generic SNMP trap may be sent for any of the following reasons:
Trap Reason/Type Mesh Connection Failure Link Integrity Failure Topology Change System Feature/License Group Trap Name oriTrapIncompatibleLicenseFile oriTrapInvalidLicenseFile Additional Trap Information Connection failure reason Target IP address of down link Ethernet MAC address of Mesh AP causing change; Mesh SSID Description Incompatible license file Invalid license file In addition, the AP supports these standard traps, which are always enabled:
Severity Level Major Major Major Major Major Severity Level Minor Minor Severity Level Variable Severity Level Major Major Informational Severity Level Major Major 151 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide RFC 1215-Trap coldStart linkUp linkDown Trap Name Description AP is on or rebooted AP's Ethernet interface link is up (working) AP's Ethernet interface link is down (not working) Bridge MIB (RFC 1493) Alarms Trap Name Description New Root topologyChange AP has become the new root in the Spanning Tree network Trap is not sent if a newRoot trap is sent for the same transition Severity Level Informational Informational Informational Severity Level Informational Informational All these alarm groups correspond to System Alarms that are displayed in the System Status, including the traps that are sent by the AP to the SNMP managers specified in the Alarm Host Table. Alarm Host Table To add an entry and enable the AP to send SNMP trap messages to a Trap Host, click Add, and then specify the IP Address and Password for the Trap Host. NOTE: Up to 10 entries are possible in the Alarm Host table. Password: Enter the password in the Password field and the Confirm field. Comment: Enter an optional comment, such as the alarm (trap) host station name. To edit or delete an entry, click Edit. Edit the information, or select Enable, Disable, or Delete from the Status drop-down menu. IP Address: Enter the Trap Host IP Address. Syslog The Syslog messaging system enables the AP to transmit event messages to a central server for monitoring and troubleshooting. The access point logs Session Start (Log-in) and Session Stop (Log-out) events for each wireless client as an alternative to RADIUS accounting. See RFC 3164 at http://www.rfc-editor.org for more information on the Syslog standard. 152 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-36 Syslog Configuration Screen Setting Syslog Event Notifications Syslog Events are logged according to the level of detail specified by the administrator. Logging only urgent system messages will create a far smaller, more easily read log than a log of every event the system encounters. Determine which events to log by selecting a priority defined by the following scale:
Event Priority 0 LOG_EMERG 1 LOG_ALERT 2 LOG_CRIT LOG_ERR 3 LOG_WARNING 4 LOG_NOTICE 5 6 LOG_INFO LOG_DEBUG 7 Description System is unusable Action must be taken immediately Critical conditions Error conditions Warning conditions Normal but significant condition Informational Debug-level messages Configuring Syslog Event Notifications You can configure the following Syslog settings from the HTTP interface:
Enable Syslog: Place a check mark in the box provided to enable system logging. Syslog Port Number: This field is read-only and displays the port number (514) assigned for system logging. Syslog Lowest Priority Logged: The AP will send event messages to the Syslog server that correspond to the selected priority number and any priority numbers below it. For example, if set to 6, the AP will transmit event messages labeled priority 1 to 6 to the Syslog server. This parameter supports a range between 1 and 7; 6 is the default. Syslog Heartbeat Status: When Heartbeat is enabled, the AP periodically sends a message to the Syslog server to indicate that it is active. 153 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Syslog Heartbeat Interval: If Syslog Heartbeat Status is enabled this field provides the interval for the heartbeat in seconds (between 1 and 604800). The default is 900 seconds. Syslog Host Table: This table specifies the IP addresses of a network servers that the AP will send Syslog messages IP Address: Enter the IP Address for the management host. to. Click Add to create a new entry. Click Edit to change an existing entry. Each entry contains the following field:
Comment: Enter an optional comment such as the host name. Status: The entry is enabled automatically when saved (so the Status field is only visible when editing an entry). You can also disable or delete entries by changing this fields value. Syslog Messages The following messages are supported in the AP:
Priority Syslog Message Name Auto Configuration using DHCP 6 Severity Informational Auto Configuration using Static IP 6 Informational TFTP Server IP and configuration filename not present in DHCP response TFTP Server IP Address used in AutoConfig feature TFTP Server filename used in AutoConfig feature Auto Configuration TFTP Download Failure Image Compatibility Check, Invalid Image AP Heartbeat Status 4 6 6 4 2 5 Description Configuration filename and TFTP server address are obtained from DHCP when dynamic IP is configured on the device. Configured TFTP server address and configuration filename is used when Static IP is configured on the device. Configuration filename and/or TFTP server address is not present in the DHCP response when using DHCP. TFTP server IP address used for AutoConfig. Minor Informational Informational TFTP filename used for AutoConfig. Minor TFTP download of a configuration file for AutoConfig fails for the following reasons:
Incorrect or non-reachable TFTP server address Incorrect or unavailable configuration filename TFTP transfer timeout. Major One of the following failures occurs:
Invalid Signature Zero File Size Large File Non VxWork Image Incompatible Image Informational AP syslog keep alive message. 154 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Syslog Message Name Client Login Authentication Status Priority 6 Severity Informational Client De-Authentication Status 6 Informational Description Client logs in/authenticates. Message includes:
Client MAC Address Authentication Type = None, ACL, RADIUS MAC, 802.1X Cipher Type = None, WEP, TKIP, AES Status = Allow, Deny SSID to which client is connecting Sample Message:
<client mac address> | Status = <value> | SSID =
<value> | Auth Type = <value> | Cipher Type =
<value>
Client de-authenticates. Message includes:
Client MAC Address Cipher Type = None, WEP, TKIP, AES Status = De-authentication reason, which can be any of the following:
Unknown reason Stale authentication information Authenticated STA leaving BSS Association error Class 2 frame received from Inactivity non-authenticated STA Class 3 frame received from non-associated STA Associated STA leaving BSS STA requesting information, but not yet authenticated Enhanced security (RSN) required Enhanced security (RSN) used inconsistently Invalid Information Element MIC Failure WPA module de-auth RADIUS Accounting Start and Stop Messages CLI Configuration File Start Execution CLI Configuration File End Execution 6 6 6 SSID to which client was connected Sample Message:
<client mac address> | Status = <value> | SSID =
<value> | Cipher Type = <value>
Start and Stop accounting messages for wireless clients. CLI configuration file execution starts. Informational Informational Informational CLI configuration file execution ends. 155 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Syslog Message Name Priority Severity Description CLI Configuration File Execution Errors SSH Initialization Failure SSH Key Generation Successful Wireless Service Shutdown Wireless Service Resume MIC Attack Occurred 4 3 6 6 6 4 MIC Attack from Wireless Station 4 4 SNTP Time Retrieval Failure SNTP Time Sync-Up Failure Incompatible license file Invalid license file Mesh Connection Failure Link Integrity Failure Topology Change 4 3 3 3 3 6 Minor Major Minor Minor Minor Major Major Major Major There is an error in execution of the CLI configuration file. The message specifies the filename, line number, and error reason. One of the following failures occurs:
Keys not present Keys cannot be generated Internal error (no available resources) SSH Key generation is successful. Informational Informational Wireless service is shutdown. Informational Wireless service resumes. Minor MIC attack occurred; wireless interface is shut down for 60 seconds A MIC attack is detected from a wireless station. SNTP Client in the AP fails to retrieve time information from the configured SNTP servers. Also included in message: IP Address of SNTP server. SNTP Client in the AP fails to synchronize the time with the SNTP server it was communicating with. Also included in message: IP Address of SNTP server. Incompatible license file is stored in flash memory during initialization or license file download. Also included in message: incompatibility reason. Invalid license file is stored in flash memory during initialization or license file download. The license file is found to be invalid if the signed checksum verification fails. AP fails to connect with an uplink Mesh AP or Mesh portal. Also included in message: uplink Mesh portal/AP MAC address, Mesh SSID, and reason for connection failure. Link integrity feature determines that link integrity target is down. Also included in message: Link Integrity target IP address. Informational Mesh AP changes its uplink Mesh connection. Also included in message: uplink Mesh AP/portal MAC address and Mesh SSID. Rogue Scan The Rogue Scan feature provides an additional security level for wireless LAN deployments. Rogue Scan uses the selected wireless interface(s) for scanning its coverage area for Access Points and clients. A centralized Network Manager receives MAC address information from the AP on all wireless clients detected by the AP. The Network Manager then queries all wired switches to find out the inbound switch/port of these wireless clients. If the switch/port does not have a valid Access Point connected to it as per a pre-configured database, the Network Manager proceeds to block that switch/port and prevent the Rogue AP from connecting to the wired network. 156 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-37 Preventing Rogue AP Attacks The figure above shows Client 1 connected to a Trusted AP and Client 2 connected to a Rogue AP. The Trusted AP scans the networks, detects Client 2, and notifies the Network Manager. The Network Manager uses SNMP/CLI to query the wired switch to find the inbound switch port of Client 2s packets. The Network Manager verifies that this switch/router and port does not have a valid Access Point as per the administrators database. Thus it labels Client 2s AP as a Rogue AP and proceeds to prevent the Rogue AP attack by blocking this switchs port. APs can be detected either by active scanning using 802.11 probe request frames or passively by detecting periodic beacons, or both. Wireless clients are detected by monitoring 802.11 connection establishment messages such as association/authentication messages or data traffic to or from the wireless clients. There are two scanning modes available per wireless interface: continuous scanning mode and background scanning mode. Continuous Scanning Mode The continuous scanning mode is a dedicated scanning mode where the wireless interface performs scanning alone and does not perform the normal AP operation of servicing client traffic. In continuous scanning mode the AP scans each channel for a channel scan time of one second and then moves to the next channel in the scan channel list. With a channel scan time of one second, the scan cycle time will take less than a minute (one second per channel). Once the entire scan channel list has been scanned the AP restarts scanning from the beginning of the scan channel list. Background Scanning Mode In background scanning mode the AP performs background scanning while performing normal AP operations on the wireless interface. You can configure the scan cycle time between 1-1440 minutes (24 hours). The scan cycle time indicates how frequently a channel is sampled and defines the minimum attack period that can go unnoticed. In background scanning mode the AP will scan one channel then wait for a time known as channel scan time. The channel scan time affects the amount of data collected during scanning and defines the maximum number of samples
(possible detections) in one scan. This is increased to improve scanning efficiency; the tradeoff is that it decreases throughput. The optimum value for this parameter during background scanning mode is 20ms.The channel scan time is calculated from the scan cycle time parameter and the number of channels in the scan channel list as follows:
intra-channel scan time = (scan cycle time - (channel scan time * number of channels in the scan list))/number of channels in the scan list. NOTE: If the AP is configured as a Mesh AP, the background scanning interval will be the same as the Mesh scanning interval (20 ms if there is no uplink, or 180 ms if there is an uplink). NOTE: In Background Scanning mode, the Mesh AP may not immediately detect all APs entering the network. To ensure immediate detection of all APs entering the network, select Continuous Scanning mode. 157 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Rogue Scan Data Collection The AP stores information gathered about detected stations during scanning in a Rogue Scan result table. The Rogue Scan result table can store a maximum of 2000 entries. When the table fills, the oldest entry gets overwritten. The Rogue Scan result table lists the following information about each detected station:
Station Type: indicates one of the following types of station:
Unknown station AP station Infrastructure Client Station IBSS Client Station MAC Address of the detected station Channel: the working channel of the detected station SNR: the SNR value of the last frame from the station as received by the AP BSSID: the BSSID field stores the:
MAC address of the associated Access Point in the case of a client. Zero MAC address or MAC address of the partner Access Point if the AP is a partner of a WDS link The AP ages out older entries in the Rogue Scan result table if a detected station is inactive for more than the Scan Result Table Ageing Time. Rogue Scan Perform this procedure to enable Rogue Scan on a particular interface or interfaces and define the Scan Interval and Scan Interface. See Figure 6-38. The Rogue Scan screen also displays the number of new access points and clients detected in the last scan on each wireless interface. 1. Enable the Security Alarm Group. Select the Security Alarm Group link from the Rogue Scan screen. Configure a Trap Host to receive the list of access points (and clients) detected during the scan. 2. Click Configure > Alarms > Rogue Scan. 3. Enable Rogue Scan on the wireless interface by checking Enable Rogue Scan. NOTE: Rogue Scan cannot be enabled on a wireless interface when the Wireless Service Status on that interface is shutdown. First, resume service on the wireless interface. NOTE: Enabling Rogue Scan simultaneously with Broadcast Unique Beacon will cause a drift in the beacon interval and the occasional missing of beacons. 4. Enter the Scan Mode. Select Background Scanning or Continuous Scanning. In Continuous Scanning mode the AP stops normal operation and scans continuously on that interface. In Background Scanning mode, the AP performs background scanning while doing normal AP operation on that interface. If the Scan Mode is Background Scanning, then enter the Scan Interval. The Scan Interval specifies the time period in minutes between scans in Background Scanning mode and can be set to any value between 1 and 1440 minutes. 5. 6. Configure the Scan Result Table Ageing Time. The AP ages out older entries in the Rogue Scan result table if a detected station is inactive for more than this time. The valid range is from 60-7200 minutes, the default is 60 minutes. 7. Configure the Scan Results Trap Notification Mode to control the notification behavior when APs or stations are detected in a scan:
No Notification Notify AP Notify Client 158 Configuration Advanced Configuration of Mesh and Access Point Module Notify All (Notify both AP and Client detection) MeshMAX 5054 Series User Guide 8. Configure the Scan Results Trap Report Style to control the way detected stations are reported in the notification:
Report all detected stations since last scan (default) Report all detected stations since start of scan 9. Configure the second wireless interface, if required. 10.Click OK. The results of the Rogue Scan can be viewed in the Status page in the HTTP interface. Figure 6-38 Rogue Scan Screen Bridge The AP is a bridge between your wired and wireless networking devices. As a bridge, the functions performed by the AP include:
MAC address learning Forward and filtering decision making Spanning Tree protocol used for loop avoidance 159 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Once the AP is connected to your network, it learns which devices are connected to it and records their MAC addresses in the Learn Table. The table can hold up to 10,000 entries. To view the Learn Table, click on the Monitor button in the web interface and select the Learn Table tab. The Bridge tab has four sub-tabs:
Spanning Tree Packet Forwarding Intra BSS Spanning Tree A Spanning Tree is used to avoid redundant communication loops in networks with multiple bridging devices. Bridges do not have any inherent mechanism to avoid loops, because having redundant systems is a necessity in certain networks. However, redundant systems can cause Broadcast Storms, multiple frame copies, and MAC address table instability problems. Complex network structures can create multiple loops within a network. The Spanning Tree configuration blocks certain ports on AP devices to control the path of communication within the network, avoiding loops and following a spanning tree structure. For more information on Spanning Tree protocol, please see Section 8.0 of the IEEE 802.1d standard. The Spanning Tree configuration options are advanced settings. Proxim recommends that you leave these parameters at their default values unless you are familiar with the Spanning Tree protocol. NOTE: Spanning Tree protocol does not run on Mesh ports. NOTE: Spanning Tree protocol is disabled by default. When WDS is enabled, Spanning Tree protocol is automatically enabled. It may be manually disabled. If Spanning Tree protocol is enabled by WDS and WDS is subsequently disabled, Spanning tree will remain enabled until it is manually disabled. 160 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-39 Spanning Tree Sub-Tab Storm Threshold Storm Threshold is an advanced Bridge setup option that you can use to protect the network against data overload by:
Specifying a maximum number of frames per second as received from a single network device (identified by its MAC address). Specifying an absolute maximum number of messages per interface. The Storm Threshold parameters allow you to specify a set of thresholds for each interface of the AP, identifying separate values for the number of broadcast messages/second and Multicast messages/second. When the number of frames for an interface or from a single network device exceeds the maximum value per second, the AP will ignore all subsequent messages in that second received on that interface or from that network device. Address Threshold: Enter the maximum allowed number of packets per second. Ethernet Threshold: Enter the maximum allowed number of packets per second. 161 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Wireless Threshold: Enter the maximum allowed number of packets per second. Intra BSS The wireless clients (or subscribers) that associate with a certain AP form the Basic Service Set (BSS) of a network infrastructure. By default, wireless subscribers in the same BSS can communicate with each other. However, some administrators (such as wireless public spaces) may wish to block traffic between wireless subscribers that are associated with the same AP to prevent unauthorized communication and to conserve bandwidth. This feature enables you to prevent wireless subscribers within a BSS from exchanging traffic. Although this feature is generally enabled in public access environments, Enterprise LAN administrators use it to conserve wireless bandwidth by limiting communication between wireless clients. For example, this feature prevents peer-to-peer file sharing or gaming over the wireless network. To block Intra BSS traffic, set Intra BSS Traffic Operation to Block. To allow Intra BSS traffic, set Intra BSS Traffic Operation to Passthru. Packet Forwarding The Packet Forwarding feature enables you to redirect traffic generated by wireless clients that are all associated to the same AP to a single MAC address. This filters wireless traffic without burdening the AP and provides additional security by limiting potential destinations or by routing the traffic directly to a firewall. You can redirect to a specific port (Ethernet or WDS) or allow the bridges learning process (and the forwarding table entry for the selected MAC address) to determine the optimal port. NOTE: The gateway to which traffic will be redirected should be node on the Ethernet network. It should not be a wireless client. Configuring Interfaces for Packet Forwarding Configure your AP to forward packets by specifying port(s) to which packets are redirected and a destination MAC address. 1. Within the Packet Forwarding Configuration screen, check the box labeled Enable Packet Forwarding. 2. Specify a destination Packet Forwarding MAC Address. The AP will redirect all unicast, multicast, and broadcast packets received from wireless clients to the address you specify. 3. Select a Packet Forwarding Interface Port from the drop-down menu. You can redirect traffic to:
Ethernet A WDS connection (see Wireless Distribution System (WDS) for details) Any (traffic is redirected to a port based on the bridge learning process) 4. Click OK to save your changes. QoS Wi-Fi Multimedia (WMM)/Quality of Service (QoS) Introduction The AP supports Wi-Fi Multimedia (WMM), which is a solution for QoS functionality based on the IEEE 802.11e specification. WMM defines enhancements to the MAC for wireless LAN applications with Quality of Service requirements, which include transport of voice traffic over IEEE 802.11 wireless LANs. The enhancement are in the form of changes in protocol frame formats (addition of new fields and information elements), addition of new messages, definition of new protocol actions, channel access mechanisms (differentiated control of access to medium) and network elements (QoS/WME aware APs, STAs), and configuration management. WME supports Enhanced Distributed Channel Access (EDCA) for prioritized QoS services. The WME/QoS feature can be enabled or disabled per wireless interface. For more information on QoS, see Technical Bulletin 69504 Revision 2 at
<http://keygen.proxim.com/support/orinoco/tb/tb69504_3wmm.pdf>. 162 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Policy Perform the following procedure to enable QoS and add QoS policies:
1. Click Configure > QoS > Policy. Figure 6-40 QoS Policy Sub-Tab 2. To enable QoS, check the Enable Quality of Service checkbox. 3. Configure the QoS Maximum Medium Threshold for all Admission Controls. Admission will be granted if the new requested traffic stream and already admitted time is less than the medium maximum threshold. 4. To add a QoS Policy, click the Add button in the QoS Policies Table box. The Add Entries box appears. 163 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-41 Add QoS Policy 5. Enter the Policy Name. 6. Select the Policy Type:
inlayer2: inbound traffic direction, Layer 2 traffic type inlayer3: inbound traffic direction, Layer 3 traffic type outlayer2: outbound traffic direction, Layer 2 traffic type outlayer3: inbound traffic direction, Layer 3 traffic type spectralink: SpectraLink traffic 7. Enter the Priority Mapping Index. For layer 2 policies, an index from the 802.1p to 802.1d mapping table should be specified. For layer 3 policies, an index from the 802.1p to IP DSCP mapping table should be specified. No mapping index is required for SpectraLink. 8. Select whether to Enable QoS Marking. 9. Click OK. 164 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Priority Mapping Use this page to configure QoS 802.1p to 802.1d priority mappings (for layer 2 policies) and IP DSCP to 802.1d priority mappings (for layer 3 policies). The first entry in each table contains the recommended priority mappings. Custom entries can be added to each table with different priority mappings. 1. Click Configure > QoS > Priority Mapping. Figure 6-42 Priority Mapping 2. Click Add in the 802.1p and 802.1d priority mapping table. 165 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-43 Add Priority Mapping Entry 3. Select the 802.1p Priority (from 0-7) for 802.1d Priorities 0-7. 4. Click OK. 5. Click Add in the IP Precedence/DSCP ranges and 802.1d Priority table. 6. Select the IP DSCP Range for each 802.1d Priority. 7. Click OK. NOTE: Changes to Priority Mapping require a reboot of the AP to take effect. Enhanced Distributed Channel Access (EDCA) WME uses Enhanced Distributed Channel Access, a prioritized CSMA/CA access mechanism used by WME-enabled clients/AP in a WME enabled BSS to realize different classes of differentiated Channel Access. A wireless Entity is defined as all wireless clients and APs in the wireless medium contending for the common wireless medium. EDCA uses a separate channel access function for each of the Access Categories (Index) within a wireless entity. Each channel access function in a wireless entity that contends for the wireless medium as if it were a separate client contending for the wireless medium. Different channel access functions in a given Wireless Entity contend among themselves for access to the wireless medium in addition to contending with other clients. STA EDCA Table and AP EDCA Table This page is used to configure the client (STA) and AP Enhanced Distributed Channel Access (EDCA) parameters. You can modify the EDCA values for both Wireless A and Wireless B. The EDCA parameter set provides information needed by the client stations for proper QoS operation during the wireless contention period. These parameters are used by the QoS enabled AP to establish policy, to change policies when accepting new stations or new traffic, or to adapt to changes in the offered load. The EDCA parameters assign priorities to traffic types where higher priority packets gain access to the wireless medium more frequently than lower priority packets. NOTE: Default recommended values for EDCA parameters have been defined; Proxim recommends not modifying EDCA parameters unless strictly necessary. 166 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Perform the following procedure to configure the Station and AP EDCA tables. 1. Click Configure > QoS > EDCA. Figure 6-44 EDCA Tables 2. Click Edit and configure the following parameters in each table:
167 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide NOTE: Changes to EDCA parameters require a reboot of the AP to take effect. Index: read-only. Indicates the index of the Access Category (1-4) being defined:
1 = Best Effort 2 = Background 3 = Video 4 = Voice CWMin: minimum Contention Window. Configurable range is 0 to 255. CWMax: maximum Contention Window. Configurable range is 0 to 65535. AIFSN: Arbitration IFS per access category. Configurable range is 2 to 15. Tx OP Limit: The Transmission Opportunity Limit. The Tx OP is an interval of time during which a particular QoS enhanced client has the right to initiate a frame exchange sequence onto the wireless medium. The Tx OP Limit defines the upper limit placed on the value of Tx OP a wireless entity can obtain for a particular access category. Configurable range is 0 to 65535. MSDU Lifetime: specifies the maximum elapsed time between a MSDU transfer request and delivery to the destination, beyond which delivery becomes unnecessary. Configurable range is 0 to 500 seconds. Admission Control Mandatory: Possible values are True or False. Admission control defines if an Access Point accepts or rejects a requested traffic stream with certain QoS specifications, based on available channel capacity and link conditions. Admission control can be configured for each Access Category (Index). On the Policy sub-tab, the user can also configure a medium maximum threshold for all Admission Controls. Admission will be granted if the new requested traffic stream and already admitted time is less than the medium maximum threshold. Radius Profiles Configuring Radius Profiles on the AP allows the administrator to define a profile for RADIUS Servers used by the system or by a VLAN. The network administrator can define RADIUS Servers per Authentication Mode and per VLAN. The AP communicates with the RADIUS server defined in a profile to provide the following features:
MAC Access Control Via RADIUS Authentication 802.1x Authentication using RADIUS RADIUS Accounting Also, RADIUS Based Management Access allows centralized user management. The network administrator can configure default RADIUS authentication servers to be used on a system-wide basis, or in networks with VLANs enabled the administrator can also configure separate authentication servers to be used for MAC authentication, EAP authentication, or Accounting in each VLAN. You can configure the AP to communicate with up to six different RADIUS servers per VLAN/SSID:
Primary Authentication Server (MAC-based authentication) Back-up Authentication Server (MAC-based authentication) Primary Authentication Server (EAP/802.1x authentication) Back-up Authentication Server (EAP/802.1x authentication) Primary Accounting Server Back-up Accounting Server The back-up servers are optional, but when configured, the AP will communicate with the back-up server if the primary server is off-line. After the AP has switched to the backup server, it will periodically check the status of the primary RADIUS server every five (5) minutes. Once the primary RADIUS server is again online, the AP automatically reverts from the backup RADIUS server back to the primary RADIUS server. All subsequent requests are then sent to the primary RADIUS server. 168 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide You can view monitoring statistics for each of the configured RADIUS servers. RADIUS Servers per Authentication Mode and per VLAN The user can configure separate RADIUS authentication servers for each authentication mode and for each SSID
(VLAN). For example:
The user can configure separate RADIUS servers for RADIUS MAC authentication and 802.1x authentication The user can configure separate RADIUS servers for each VLAN: VLAN1 could support only WEP clients, whereas VLAN2 could support 802.1x and WEP clients. Figure 6-45 RADIUS Servers per VLAN This figure shows a network with separate authentication servers for each authentication type and for each VLAN. The clients in VLAN 1 are authenticated using the authentication servers configured for VLAN 1. The type of authentication server used depends on whether the authentication is done for an 802.1x client or a non-802.1x client. The clients in VLAN 2 are authenticated using a different set of authentication servers configured for authenticating users in VLAN 2. Authentication servers for each VLAN are configured as part of the configuration options for that VLAN. RADIUS profiles are independent of VLANs. The user can define any profile to be the default and associate all VLANs to that profile. Four profiles are created by default, MAC Authentication, EAP Authentication, Accounting, and Management. RADIUS Servers Enforcing VLAN Access Control A RADIUS server can be used to enforce VLAN access control in two ways:
Authorize the SSID the client uses to connect to the AP. The SSID determines the VLAN that the client gets assigned to. Assigning the user to a VLAN by specifying the VLAN membership information of the user. Configuring Radius Profiles A RADIUS server Profile consists of a Primary and a Secondary RADIUS server that get assigned to act as either MAC Authentication servers, 802.1x/EAP Authentication servers, or Accounting Servers in the VLAN Configuration. See Configuring Security Profiles. The RADIUS Profiles tab allows you to add new RADIUS profiles or modify or delete existing profiles. 169 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-46 RADIUS Server Profiles Adding or Modifying a RADIUS Server Profile Perform the following procedure to add a RADIUS server profile and to configure its parameters. 1. Click Add to create a new profile. To Modify an existing profile, select the profile and click Edit. To delete an existing profile, select the profile and click Delete. You cannot delete a RADIUS server profile if it is applied to an SSID. 2. Configure the following parameters for the RADIUS Server profile (see Figure 6-47):
NOTE: This page configures only the Primary RADIUS Server associated with the profile. After configuring these parameters, save them by clicking OK. Then, to configure the Secondary RADIUS Server, edit the profile from the main page. 170 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-47 Add RADIUS Server Profile Server Profile Name: the profile name. This is the name used to associated a VLAN to the profile. See Configuring Security Profiles. The Server Profile Name is also used in the Configure > Management > Services page to specify the RADIUS profile to be used for RADIUS Based Management Access. MAC Address Format Type: This parameter should correspond to the format in which the clients 12-digit MAC addresses are listed within the RADIUS server and the way passwords are sent to the RADIUS server. Available options are:
Dash delimited/SS: MAC addresses are formatted with a dash between each pair of digits (xx-yy-zz-aa-bb), and the password sent to the RADIUS server is the shared secret (configured below). Colon delimited/SS: MAC addresses are formatted with a colon between each pair of digits (xx:yy:zz:aa:bb:cc) and the password sent to the RADIUS server is the shared secret (configured below). Single dash delimited/SS: MAC addresses are formatted with a dash between the sixth and seventh digits
(xxyyzz-aabbcc) and the password sent to the RADIUS server is the shared secret (configured below). No delimiters/SS: MAC addresses are formatted with no characters or spaces between pairs of hexadecimal digits (xxyyzzaabbcc) and the password sent to the RADIUS server is the shared secret (configured below). Dash delimited/MAC: MAC addresses are formatted with a dash between each pair of digits (xx-yy-zz-aa-bb), and the password sent to the RADIUS server is the MAC address of the client. Colon delimited/MAC: MAC addresses are formatted with a colon between each pair of digits
(xx:yy:zz:aa:bb:cc) and the password sent to the RADIUS server is the MAC address of the client. 171 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Single dash delimited/MAC: MAC addresses are formatted with a dash between the sixth and seventh digits
(xxyyzz-aabbcc) and the password sent to the RADIUS server is the MAC address of the client. No delimiters/MAC: MAC addresses are formatted with no characters or spaces between pairs of hexadecimal digits (xxyyzzaabbcc) and the password sent to the RADIUS server is the MAC address of the client. Accounting update interval: Enter the time interval (in minutes) for sending Accounting Update messages to the RADIUS server. A value of 0 (default) means that the AP will not send Accounting Update messages. Accounting inactivity timer: Enter the accounting inactivity timer. This parameter supports a value from 1-60 minutes. The default is 5 minutes. Authorization lifetime: Enter the time, in seconds, each client session may be active before being automatically re-authenticated. This parameter supports a value between 900 and 43200 seconds. The default is 0 (disabled). Server Addressing Format: select IP Address or Name. If you want to identify RADIUS servers by name, you must configure the AP as a DNS Client. See DNS Client for details. Server Name/IP Address: Enter the servers name or IP address. Destination Port: Enter the port number which the AP and the server will use to communicate. By default, RADIUS servers communicate on port 1812. Server VLAN ID: Indicates the VLAN that uses this RADIUS server profile. If VLAN is disabled, this field will be grayed out. Shared Secret and Confirm Shared Secret: Enter the password shared by the RADIUS server and the AP. The same password must also be configured on the RADIUS server. The default password is public. Response Time (seconds): Enter the maximum time, in seconds, that the AP should wait for the RADIUS server to respond to a request. The range is 1-10 seconds; the default is 3 seconds. Maximum Retransmissions (0-4): Enter the maximum number of times an authentication request may be transmitted. The range is 0 to 4, the default is 3. Server Status: Select Enable from the drop-down box to enable the RADIUS Server Profile. 3. Click OK. 4. Select the Profile and click Edit to configure the Secondary RADIUS Server, if required. MAC Access Control Via RADIUS Authentication If you want to control wireless access to the network and if your network includes a RADIUS Server, you can store the list of MAC addresses on the RADIUS server rather than configure each AP individually. You can define a RADIUS Profile that specifies the IP Address of the server that contains a central list of MAC Address values identifying the authorized stations that may access the wireless network. You must specify information for at least the primary RADIUS server. The back-up RADIUS server is optional. NOTE: Each VLAN can be configured to use a separate RADIUS server (and backup server) for MAC authentication. MAC access control can be separately enabled for each VLAN. NOTE: Contact your RADIUS server manufacturer if you have problems configuring the server or have problems using RADIUS authentication. 802.1x Authentication using RADIUS You must configure a primary EAP/802.1x Authentication server to use 802.1x security. A back-up server is optional. NOTE: Each VLAN can be configured to use a separate RADIUS server (and backup server) for 802.1x authentication. 802.1x authentication (EAP authentication) can be separately enabled for each VLAN. RADIUS Accounting Using an external RADIUS server, the AP can track and record the length of client sessions on the access point by sending RADIUS accounting messages per RFC2866. When a wireless client is successfully authenticated, RADIUS 172 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide accounting is initiated by sending an Accounting Start request to the RADIUS server. When the wireless client session ends, an Accounting Stop request is sent to the RADIUS server. NOTE: Each VLAN can be configured to use a separate RADIUS accounting server (and backup accounting server). Session Length Accounting sessions continue when a client reauthenticates to the same AP. Sessions are terminated when:
A client disassociates. A client does not transmit any data to the AP for a fixed amount of time. A client is detected on a different interface. If the client roams from one AP to another, one session is terminated and a new session is begun. NOTE: This feature requires RADIUS authentication using MAC Access Control or 802.1x. Wireless clients configured in Idle-Timeout or Session-Timeout attributes are configured in the Radius server. the Access Points static MAC Access Control list are not tracked. Authentication and Accounting Attributes Additionally, the AP supports a number of Authentication and Accounting Attributes defined in RFC2865, RFC2866, RFC2869, and RFC3580. Authentication Attributes State: Received in Access-Accept Packet by the AP during Authentication and sent back as-is during Re-Authentication. Class: Received in Access-Accept Packet by the AP during Authentication and back as in Accounting Packets. Session-Timeout If the RADIUS server does not send a Session-Timeout, the AP will set the subscriber expiration time to 0, which means indefinite access. The Termination Action attribute defines how the Session-Timeout attribute will be interpreted. If the Termination Action is DEFAULT, then the session is terminated on expiration of the Session-Timeout time interval. If Termination Action is RADIUS-Request, then re-authentication is done on expiration on the session. If the RADIUS server sends a Session-Timeout, the value specified by the Session-Timeout attribute will take precedence over the configured Authorization Lifetime value. Termination-Action Valid values are: Default (0), RADIUS-Request (1). When the value is default, the Termination-Action attribute sends an accounting stop message and then reauthenticates. If the value is RADIUS-Request, the Termination-Action attribute reauthenticates without sending an accounting stop. Idle Timeout The AP internally maintains the Idle-Timeout attribute obtained for each of the users during their authentication process, and uses this time interval in place of accounting inactivity time for timing out clients. Calling Station Id MAC address of the client being authenticated. Called Station Id The AP sends the MAC address of its own wireless interface with which the client getting authenticated is getting associated, appended with the SSID. If VLAN is enabled, the SSID and corresponding VLAN ID get appended. Acct-Interim-Interval Obtained during the Authentication process and used for determining the time interval for sending Accounting Update messages. This attribute value takes precedence over the value of the Accounting Update Interval. 173 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Accounting Attributes Acct-Delay-Time Indicates how many seconds the AP has been trying to send a particular packet related to a particular user. This time can be used at the server to determine the approximate time of the event generating this accounting request. Acct-Session-Id Unique accounting ID that aids in tracking client accounting records. This attribute is sent in Start and Stop RADIUS accounting messages, and contains the client MAC address appended with the unique session ID. Acct-Session-Time Acct-Session-Time is calculated the following way (for each transmitted/retransmitted Acct-Stop):
Acct-Session-Time = time of last sent packet - subscriber login time. Acct-Input-Octets Number of octets (bytes) received by subscriber. Acct-Output-Octets Number of octets (bytes) sent by subscriber. Acct-Input-Packets Number of packets received by subscriber. Acct-Output-Packets Number of packets sent by subscriber. Acct-Terminate Cause Indicates how the session was terminated. Vendor Specific Attributes SSID/VLAN/Security The AP provides several security features to protect your network from unauthorized access. This section gives an overview of VLANs and then discusses the SSID/VLAN/Security configuration options in the AP:
VLAN Overview Management VLAN Security Profile MAC Access Wireless-A or Wireless-B The AP also provides Broadcast Unique Beacon/Closed System and Rogue Scan to protect your network from unauthorized access. See the Wireless-A or Wireless-B and Rogue Scan sections from more information. VLAN Overview Virtual Local Area Networks (VLANs) are logical groupings of network hosts. Defined by software settings, other VLAN members or resources appear (to clients) to be on the same physical segment, no matter where they are attached on the logical LAN or WAN segment. They simplify traffic flow between clients and their frequently-used or restricted resources. VLANs now extend as far as the reach of the access point signal. Clients can be segmented into wireless sub-networks via SSID and VLAN assignment. A Client can access the network by connecting to an AP configured to support its assigned SSID/VLAN. AP devices are fully VLAN-ready; however, by default VLAN support is disabled. Before enabling VLAN support, certain network settings should be configured, and network resources such as a VLAN-aware switch, a RADIUS server, and possibly a DHCP server should be available. Once enabled, VLANs are used to conveniently, efficiently, and easily manage your network in the following ways:
174 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Manage adds, moves, and changes from a single point of contact Define and monitor groups Reduce broadcast and multicast traffic to unnecessary destinations Improve network performance and reduce latency Increase security Secure network restricts members to resources on their own VLAN Clients roam without compromising security VLAN tagged data is collected and distributed through an AP's wireless interface(s) based on Network Name (SSID). An Ethernet port on the access point connects a wireless cell or network to a wired backbone. The access points communicate across a VLAN-capable switch that analyzes VLAN-tagged packet headers and directs traffic to the appropriate ports. On the wired network, a RADIUS server authenticates traffic and a DHCP server manages IP addresses for the VLAN(s). Resources like servers and printers may be present, and a hub may include multiple APs, extending the network over a larger area. Figure 6-48 Components of a Typical VLAN VLAN Workgroups and Traffic Management Access Points that are not VLAN-capable typically transmit broadcast and multicast traffic to all wireless Network Interface Cards (NICs). This process wastes wireless bandwidth and degrades throughput performance. In comparison, a VLAN-capable AP is designed to efficiently manage delivery of broadcast, multicast, and unicast traffic to wireless clients. The AP assigns clients to a VLAN based on a Network Name (SSID). The AP can support up to 16 SSIDs per radio, with a unique VLAN configurable per SSID. The AP matches packets transmitted or received to a network name with the associated VLAN. Traffic received by a VLAN is only sent on the wireless interface associated with that same VLAN. This eliminates unnecessary traffic on the wireless LAN, conserving bandwidth and maximizing throughput. In addition to enhancing wireless traffic management, the VLAN-capable AP supports easy assignment of wireless users to workgroups. In a typical scenario, each user VLAN represents a workgroup; for example, one VLAN could be used for an EMPLOYEE workgroup and the other for a GUEST workgroup. 175 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide In this scenario, the AP would assign every packet it accepted to a VLAN. Each packet would then be identified as EMPLOYEE or GUEST, depending on which wireless NIC received it. The AP would insert VLAN headers or tags with identifiers into the packets transmitted on the wired backbone to a network switch. Finally, the switch would be configured to route packets from the EMPLOYEE workgroup to the appropriate corporate resources such as printers and servers. Packets from the GUEST workgroup could be restricted to a gateway that allowed access to only the Internet. A member of the GUEST workgroup could send and receive e-mail and access the Internet, but would be prevented from accessing servers or hosts on the local corporate network. Typical User VLAN Configurations VLANs segment network traffic into workgroups, which enable you to limit broadcast and multicast traffic. Workgroups enable clients from different VLANs to access different resources using the same network infrastructure. Clients using the same physical network are limited to those resources available to their workgroup. The AP can segment users into a maximum of 16 different workgroups per radio, based on an SSID/VLAN grouping (also referred as a VLAN Workgroup or a Sub-network). NOTE: VLAN must be enabled to configure security per SSID. Management VLAN Figure 6-49 Mgmt VLAN VLAN Tagging Management Control Access to the AP Management access to the AP can easily be secured by making management stations or hosts and the AP itself members of a common VLAN. Simply configure a non-zero management VLAN ID and enable VLAN to restrict management of the AP to members of the same VLAN. CAUTION: If a non-zero management VLAN ID is configured then management access to the AP is restricted to wired or wireless hosts that are members of the same VLAN. Ensure your management platform or host is a member of the same VLAN before attempting to manage the AP. NOTE: When VLAN is enabled, ensure that all devices in the network share the same VLAN ID. 1. Click Configure > SSID/VLAN/Security > Mgmt VLAN. 176 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide 2. Set the VLAN Management ID to a value of between 1 and 4094. (A value of -1 disables VLAN Tagging). 3. Place a check mark in the Enable VLAN Tagging box. Provide Access to a Wireless Host in the Same Workgroup The VLAN feature can allow wireless clients to manage the AP. If the VLAN Management ID matches a VLAN User ID, then those wireless clients who are members of that VLAN will have AP management access. CAUTION: Once a VLAN Management ID is configured and is equivalent to one of the VLAN User IDs on the AP, all members of that User VLAN will have management access to the AP. Be careful to restrict VLAN membership to those with legitimate access to the AP. NOTE: When VLAN is enabled, ensure that all devices in the network share the same VLAN ID. 1. Click Configure > SSID/VLAN/Security > Mgmt VLAN. 2. Set the VLAN Management ID to use the same VLAN ID as one of the configured SSIDs. 3. Place a check mark in the Enable VLAN Tagging box. Disable VLAN Tagging 1. Click Configure > SSID/VLAN/Security > Mgmt VLAN. 2. Remove the check mark from the Enable VLAN Tagging box (to disable all VLAN functionality) or set the VLAN Management ID to -1 (to disable VLAN Tagging only). NOTE: If you disable VLAN Tagging, you will be unable to configure security per SSID. Security Profile See the following sections:
Security Features Authentication Protocol Hierarchy VLANs and Security Profiles Configuring Security Profiles Security Features The AP supports the following security features:
WEP Encryption: The original encryption technique specified by the IEEE 802.11 standard. 802.1x Authentication: An IEEE standard for client authentication. Wi-Fi Protected Access (WPA/802.11i [WPA2]): A new standard that provides improved encryption security over WEP. NOTE: The AP does not support shared key 802.11 MAC level authentication. Clients with this MAC level feature must disable it. WEP Encryption The IEEE 802.11 standards specify an optional encryption feature, known as Wired Equivalent Privacy or WEP, that is designed to provide a wireless LAN with a security level equal to what is found on a wired Ethernet network. WEP encrypts the data portion of each packet exchanged on an 802.11 network using an Encryption Key (also known as a WEP Key). When Encryption is enabled, two 802.11 devices must have the same Encryption Keys and both devices must be configured to use Encryption in order to communicate. If one device is configured to use Encryption but a second device is not, then the two devices will not communicate, even if both devices have the same Encryption Keys. 177 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide 802.1x Authentication IEEE 802.1x is a standard that provides a means to authenticate and authorize network devices attached to a LAN port. A port in the context of IEEE 802.1x is a point of attachment to the LAN, either a physical Ethernet connection or a wireless link to an Access Point. 802.1x requires a RADIUS server and uses the Extensible Authentication Protocol
(EAP) as a standards-based authentication framework, and supports automatic key distribution for enhanced security. The EAP-based authentication framework can easily be upgraded to keep pace with future EAP types. Popular EAP types include:
EAP-Message Digest 5 (MD5): Username/Password-based authentication; does not support automatic key distribution EAP-Transport Layer Security (TLS): Certificate-based authentication (a certificate is required on the server and each client); supports automatic key distribution EAP-Tunneled Transport Layer Security (TTLS): Certificate-based authentication (a certificate is required on the server; a clients username/password is tunneled to the server over a secure connection); supports automatic key distribution PEAP - Protected EAP with MS-CHAP: Secure username/password-based authentication; supports automatic key distribution Different servers support different EAP types and each EAP type provides different features. See the documentation that came with your RADIUS server to determine which EAP types it supports. NOTE: The AP supports the following EAP types when Security Mode is set to 802.1x, WPA, or 802.11i (WPA2):
EAP-TLS, PEAP, EAP-TTLS, EAP-MD5, and EAP-SIM. Authentication Process There are three main components in the authentication process. The standard refers to them as:
1. Supplicant (client PC) 2. Authenticator (Access Point) 3. Authentication server (RADIUS server) When the Security Mode is set to 802.1x Station, WPA Station, or 802.11i Station you need to configure your RADIUS server for authentication purposes. Prior to successful authentication, an unauthenticated client PC cannot send any data traffic through the AP device to other systems on the LAN. The AP inhibits all data traffic from a particular client PC until the client PC is authenticated. Regardless of its authentication status, a client PC can always exchange 802.1x messages in the clear with the AP (the client begins encrypting data after it has been authenticated). Figure 6-50 RADIUS Authentication Illustrated The AP acts as a pass-through device to facilitate communications between the client PC and the RADIUS server. The AP (2) and the client (1) exchange 802.1x messages using an EAPOL (EAP Over LAN) protocol (A). Messages sent from the client station are encapsulated by the AP and transmitted to the RADIUS (3) server using EAP extensions (B). Upon receiving a reply EAP packet from the RADIUS, the message is typically forwarded to the client, after translating it back to the EAPOL format. Negotiations take place between the client and the RADIUS server. After the client has been 178 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide successfully authenticated, the client receives an Encryption Key from the AP (if the EAP type supports automatic key distribution). The client uses this key to encrypt data after it has been authenticated. For 802.11a, 4.9 GHz, and 802.11b/g clients that communicate with an AP, each client receives its own unique encryption key; this is known as Per User Per Session Encryption Keys. Wi-Fi Protected Access (WPA/802.11i [WPA2]) Wi-Fi Protected Access (WPA) is a security standard designed by the Wi-Fi Alliance in conjunction with the Institute of Electrical and Electronics Engineers (IEEE). The AP supports 802.11i (WPA2), based on the IEEE 802.11i security standard. WPA is a replacement for Wired Equivalent Privacy (WEP), the encryption technique specified by the original 802.11 standard. WEP has several vulnerabilities that have been widely publicized. WPA addresses these weaknesses and provides a stronger security system to protect wireless networks. WPA provides the following new security measures not available with WEP:
Improved packet encryption using the Temporal Key Integrity Protocol (TKIP) and the Michael Message Integrity Check (MIC). Per-user, per-session dynamic encryption keys:
Each client uses a different key to encrypt and decrypt unicast packets exchanged with the AP A client's key is different for every session; it changes each time the client associates with an AP The AP uses a single global key to encrypt broadcast packets that are sent to all clients simultaneously Encryption keys change periodically based on the Re-keying Interval parameter WPA uses 128-bit encryption keys Dynamic Key distribution The AP generates and maintains the keys for its clients The AP securely delivers the appropriate keys to its clients Client/server mutual authentication 802.1x Pre-shared key (for networks that do not have an 802.1x solution implemented) The AP supports the following WPA security modes:
WPA: The AP uses 802.1x to authenticate clients and TKIP for encryption. You should only use an EAP that supports mutual authentication and session key generation, such as EAP-TLS, EAP-TTLS, and PEAP. See 802.1x Authentication for details. WPA-PSK (Pre-Shared Key): For networks that do not have 802.1x implemented, you can configure the AP to authenticate clients based on a Pre-Shared Key. This is a shared secret that is manually configured on the AP and each of its clients. The Pre-Shared Key must be 256 bits long, which is either 64 hexadecimal digits or 32 alphanumeric characters. The AP also supports a PSK Pass Phrase option to facilitate the creation of the TKIP Pre-Shared Key (so a user can enter an easy-to-remember phrase rather than a string of characters). 802.11i (also known as WPA2): The AP provides security to clients according to the 802.11i draft standard, using 802.1x authentication, a CCMP cipher based on AES, and re-keying. 802.11i-PSK (also known as WPA2 PSK): The AP uses a CCMP cipher based on AES, and encrypts frames to clients based on a Pre-Shared Key. The Pre-Shared Key must be 256 bits long, which is either 64 hexadecimal digits or 32 alphanumeric characters. The AP also supports a PSK Pass Phrase option to facilitate the creation of the Pre-Shared Key (so a user can enter an easy-to-remember phrase rather than a string of characters). NOTE: For more information on WPA, see the Wi-Fi Alliance Web site at http://www.wi-fi.org. Authentication Protocol Hierarchy There is a hierarchy of authentication protocols defined for the AP. The hierarchy is as follows, from highest to lowest:
179 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide 802.1x authentication (including 802.1x, WPA, WPA-PSK, 802.11i, 802.11i-PSK) MAC Access Control via RADIUS Authentication MAC Access Control through individual APs' MAC Access Control Lists If you have both 802.1x and MAC Access Control authentication enabled, the 802.1x authentication takes precedence because it is higher in the authentication protocol hierarchy. This is required in order to propagate the WEP/TKIP/AES keys to the clients in such cases. If you disable 802.1x on the AP, you will see the effects of MAC authentication. In addition, setting MAC Access Control status to Strict will cause both MAC ACL settings and 802.1x settings to be applied. For example, assume that the MAC Access Control List contains MAC addresses to block, and that WPA-PSK is configured to allow access to clients with the appropriate PSK Passphrase. If the MAC ACL status is set to Enable, WPA-PSK will take precedence, and clients in the MAC ACL with the correct PSK passphrase will be allowed. Only the WPA-PSK setting is taken into consideration. If the MAC ACL status is set to Strict, then clients in the MAC ACL will be blocked even if they have the correct PSK passphrase. Clients will only be allowed if they have the correct passphrase and are NOT listed in the MAC ACL. In this way, both MAC and WPA-PSK settings are taken into consideration. VLANs and Security Profiles The AP allows you to segment wireless networks into multiple sub-networks based on Network Name (SSID) and VLAN membership. A Network Name (SSID) identifies a wireless network. Clients associate with Access Points that share an SSID. During installation, the Setup Wizard prompts you to configure a Primary Network Name for each wireless interface. After initial setup and once VLAN is enabled, the AP can be configured to support up to 16 SSIDs per wireless interface to segment wireless networks based on VLAN membership. Each VLAN can associated to a Security Profile and RADIUS Server Profiles. A Security Profile defines the allowed wireless clients, and authentication and encryption types. See the following sections for configuration details. Configuring Security Profiles Security policies can be configured and applied on the AP as a whole, or on a per VLAN basis. When VLAN is disabled on the AP, the user can configure a security profile for each interface of the AP. When VLANs are enabled and Security per SSID is enabled, the user can configure a security profile for each VLAN. The user defines a security policy by specifying one or more values for the following parameters:
Wireless STA types (WPA station, 802.11i (WPA2) station, 802.1x station, WEP station, WPA-PSK, and 802.11i-PSK) that can associate to the AP. Authentication mechanisms (802.1x, RADIUS MAC authentication) that are used to authenticate clients for each type of station. Cipher Suites (CCMP, TKIP, WEP, None) used for encapsulating the wireless data for each type of station. Up to 16 security profiles can be configured per wireless interface. NOTE: Mesh security is configured on the Mesh tab. 1. Click Configure > SSID/VLAN/Security > Security Profile. 180 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-51 Security Profile Configuration 2. Click Add in the Security Profile Table to create a new entry. To modify an existing profile, select the profile and click Edit. To delete an existing profile, select the profile and click Delete. You cannot delete a Security Profile used in an SSID. Also, the first Security Profile cannot be deleted. 3. Configure one or more types of wireless stations (security modes) that are allowed access to the AP under the security profile. The WEP/PSK parameters are separately configurable for each security mode. To enable a security mode in the profile (Non Secure Station, WEP Station, 802.1x Station, WPA Station, WPA-PSK Station, 802.11i
(WPA2) Station, 802.11i-PSK Station), check the box next to the mode. See Figure 6-52. If the security mode selected in a profile is WEP, WPA-PSK, or 802.11i-PSK, then you must configure the WEP or Pre-Shared Keys. NOTE: If an 802.1x client that has already been authenticated attempts to switch to WEP, or if a WEP client that has already been connected attempts to switch to 802.1x, the AP will not allow the client to switch immediately. If this happens, either reboot the AP or disable the client/roam to a new AP for five minutes, and then attempt to reconnect to the AP. If the client is still unable to connect after waiting five minutes, reboot the AP. 4. Configure the parameters as follows for each enabled security mode. See Figure 6-52. Non Secure Station:
Authentication Mode: None. The AP allows access to Stations without authentication. Non secure station should be used only with WEP or 802.1x security mode. Cipher: None WEP Station:
Authentication Mode: None Cipher: WEP Encryption Key 0, Encryption Key 1, Encryption Key 2, Encryption Key 3 NOTE: When VLAN tagging is enabled, only Key 0 can be configured. Encryption Key Length: 64, 128, or 152 Bits. 181 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide For 64-bit encryption, an encryption key is 10 hexadecimal characters (0-9 and A-F) or 5 ASCII characters
(see ASCII Chart for Mesh and Access Point Module). For 128-bit encryption, an encryption key is 26 hexadecimal characters or 13 ASCII characters. For 152-bit encryption, an encryption key is 32 hexadecimal characters or 16 ASCII characters. Encryption Transmit Key: select Key 0, Key 1, Key 2, or Key 3 NOTE: When VLAN tagging is enabled, only Key 0 can be configured. Encryption Key Length: 64 or 128 Bits. If 802.1x is enabled simultaneously with WEP, the 802.1x Stations encryption key length is determined by Authentication Mode: 802.1x 802.1x Station:
Cipher: WEP the WEP encryption key. WPA Station:
Authentication Mode: 802.1x Cipher: TKIP WPA-PSK Station:
Authentication Mode: PSK Cipher: TKIP PSK Passphrase: an 8-63 character user-defined phrase. It is recommended a passphrase of at least 13 characters, including both letters and numbers, and upper and lower case characters, be used to ensure that the generated key cannot be easily deciphered by network infiltrators. 802.11i Station:
Authentication Mode: 802.1x Cipher: CCMP based on AES 802.11i-PSK Station:
Cipher: CCMP based on AES Authentication Mode: PSK PSK Passphrase: an 8-63 character user-defined phrase. It is recommended a passphrase of at least 13 characters, including both letters and numbers, and upper and lower case characters, to ensure that the generated key cannot be easily deciphered by network infiltrators. 5. When finished configuring all parameters, click OK. 6. If you selected a Security Mode of 802.1x Station, WPA Station, or 802.11i Station, you must configure a RADIUS 802.1x/EAP server. Security Profile 1 will be used by default for all wireless interfaces. 7. Reboot the AP. 182 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-52 Security Profile Table - Add Entries 183 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide MAC Access The MAC Access sub-tab allows you to build a list of stations, identified by their MAC addresses, authorized to access the network through the AP. The list is stored inside each AP within your network. Note that you must reboot the AP for any changes to the MAC Access Control Table to take effect. Up to 1000 entries can be made in the table. The MAC ACL Status parameter (configurable on the SSID/VLAN/Security > Wireless A or B sub-tab) is per VLAN if VLAN Management is enabled. All other parameters besides MAC ACL Status are configured per AP, even if VLAN is enabled. The following list details the configurable MAC Access parameters. NOTE: MAC Access Control status is controlled on the SSID/VLAN/Security > Wireless A or B sub-tab. When set to Strict, changes to the MAC ACL table will take effect immediately, without a unit reboot. When not set to Strict, changes will not take effect until the unit is rebooted. Operation Type: Choose between Passthru and Block. This determines how the stations identified in the MAC Access Control Table are filtered. If set to Passthru, only the addresses listed in the Control Table will pass through the bridge. If set to Block, the bridge will block traffic to or from the addresses listed in the Control Table. MAC Access Control Table: Click Add to create a new entry. Click Edit to change an existing entry. Each entry contains the following field:
MAC Address: Enter the wireless clients MAC address. Comment: Enter an optional comment such as the clients name. Status: The entry is enabled automatically when saved (so the Status field is only visible when editing an entry). You can also disable or delete entries by changing this fields value. NOTE: For larger networks that include multiple Access Points, you may prefer to maintain this list on a centralized location using the MAC Access Control Via RADIUS Authentication. Figure 6-53 MAC Access Configuration Screen 184 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Wireless-A or Wireless-B Each SSID can have its own Security Profile that defines its security mode, authentication mechanism, and encryption, so that customers can have multiple types of clients (non-WEP, WEP, 802.1x, WPA, WPA-PSK, 802.11i, 802.11i-PSK) on the same system separated per VLAN. See the Security Profile section for more information. Each SSID can support a unique VLAN. In order for the AP to support multiple SSID/VLANs, VLAN Tagging must be enabled. These parameters are configurable on the Wireless-A and Wireless-B screens. Configuring an SSID/VLAN with VLAN Tagging Disabled With VLAN tagging disabled (from the SSID/VLAN/Security > Mgmt VLAN tab), only one SSID can be configured per interface. All parameters set on the Wireless-A or Wireless-B tab will be applied to that SSID. 1. Click SSID/VLAN/Security > Wireless-A or Wireless-B. The SSID, VLAN, and Security Configuration page is displayed. Figure 6-54 SSID, VLAN, and Security Configuration (VLAN Tagging Disabled) 2. Enable or disable RADIUS accounting on the VLAN/SSID by selecting Enable or Disable from the Accounting Status drop-down menu. 3. Control the functionality of RADIUS MAC Authentication on the VLAN/SSID by selecting one of the following from the the RADIUS Authentication Status drop-down menu. 185 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Enable: MAC addresses in the MAC Access Control List stored on the RADIUS server are blocked or allowed, based on the MAC ACL settings. If a higher priority authentication protocol is also enabled, the higher-priority settings will override the MAC ACL settings. Disable: RADIUS MAC ACL settings are disabled. Strict: RADIUS MAC ACL settings are enabled. If a higher-priority authentication protocol is also enabled, RADIUS MAC ACL settings will be applied in addition to the higher priority authentication protocol settings. 4. Control the functionality of the MAC Access Control List on the VLAN/SSID by selecting one of the following from the MAC ACL Status drop-down menu:
Enable: MAC addresses in the MAC Access Control List are blocked or allowed, based on the MAC ACL settings. If a higher priority authentication protocol is also enabled, the higher-priority settings will override the MAC ACL settings. Disable: MAC ACL settings are disabled. Strict: MAC ACL settings are enabled. If a higher-priority authentication protocol is also enabled, MAC ACL settings will be applied in addition to the higher priority authentication protocol settings. When MAC ACL Status is set to Strict, changes to the MAC ACL table will take effect without a device reboot. 5. Enter Rekeying Interval in seconds (between 300 and 65525). When set to 0, this parameter is disabled. The default is 900 seconds. 6. Enter the Security Profile used by the VLAN in the Security Profile field. 7. Define the RADIUS Server Profile Configuration for the VLAN/SSID:
RADIUS MAC Authentication Profile RADIUS EAP Authentication Profile RADIUS Accounting Profile If 802.1x, WPA, or 802.11i security mode is used, the RADIUS EAP Authentication Profile must have a value. A RADIUS Server Profile for authentication for each VLAN shall be configured as part of the configuration options for that VLAN. RADIUS profiles are independent of VLANs. The user can define any profile to be the default and associate all VLANs to that profile. Four profiles are created by default, MAC Authentication, EAP Authentication, Accounting, and Management 8. If desired, scroll down to the scroll down to the SSID and VLAN Table and click Edit to modify the Network Name, VLAN ID, or QoS profile of the SSID/VLAN. NOTE: Because VLAN tagging is disabled, attempting to add a new SSID/VLAN will produce an error message. The Edit Entries screen will be displayed. 186 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 6-55 SSID/VLAN Edit Entries Screen (VLAN Tagging Disabled) 9. Enter a unique Network Name (SSID) between 1 and 32 characters. This parameter is mandatory. NOTE: Do not use quotation marks (single or double) in the Network Name; this will cause the AP to misinterpret the name. 10.Enter a unique VLAN ID. This parameter is mandatory. A VLAN ID is a number from -1 to 4094. A value of -1 means that an entry is untagged. You can set the VLAN ID to -1 or untagged if you do not want clients that are using a specific SSID to be members of a VLAN workgroup. The VLAN ID must match an ID used by your network; contact your network administrator if you need assistance defining the VLAN IDs. 11.Specify a QoS profile. 12.Specify a 802.1p Priority. 13.Set the Maximum TX Bandwidth in Kbps. If this parameter is set to 0, full bandwidth is available. 14.Set the Maximum RX Bandwidth in Kbps. If this parameter is set to 0, full bandwidth is available. 15.Select the status of Closed System to control whether the SSID is advertised in the beacon and manage the way probe requests are handled, as follows:
Enable: The SSID is not advertised in the beacon, and the AP will respond to probe requests with an SSID only if the client has specified the SSID in the probe request. If the client sends a probe request with a null or ANY SSID, the AP will not respond. Partial: The SSID is advertised in the beacon, and the AP will not respond to "ANY" SSID requests. The Partial setting reduces network traffic by eliminating the repeated broadcast of SSIDs in probe responses. Disable: The SSID is advertised in the beacon, and the AP will respond with each configured SSID, whether or not an SSID has been specified in the probe request. 187 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide 16.Enable Broadcast Unique Beacon using the drop-down menu. When enabled, Broadcast Unique Beacon allows the broadcast of a up to four unique beacons when the AP is configured for multiple SSIDs. If Closed System (above) is set to Partial or Disable, each beacon (up to four) will be broadcast a single SSID. If more than four SSIDs are configured, then three SSIDs will be broadcast in individual beacons; the fourth and subsequent SSIDs will be combined in one beacon and will not be broadcast. If Closed System is set to Enable, the SSID will not be broadcast in the beacon. If Broadcast Unique Beacon is disabled, a combined beacon will be broadcast. NOTE: Enabling Broadcast Unique Beacon will lower the total throughput of the AP by 2-4%. Enabling Broadcast Unique Beacon simultaneously with Rogue Scan will cause a drift in the beacon interval and the occasional missing of beacons. 17.Set the 802.1p Priority given to packets tagged with this VLAN ID. Enter a number between 0-7. 18.If editing an entry, enable or disable the parameters on this page by electing Enable or Disable from the Status drop-down menu. If adding a new entry, this drop-down menu will not appear. 19.Click OK to return to Wireless-A or Wireless-B Security Configuration Screen. 20.Reboot the AP. Configuring SSID/VLANs with VLAN Tagging Enabled With VLAN Tagging enabled (from the SSID/VLAN/Security > Mgmt VLAN tab), multiple SSID/VLANs are supported. Parameters set on the Wireless-A or Wireless-B tab can be enabled per SSID by choosing the Enable Security per SSID option. 1. Click SSID/VLAN/Security > Wireless-A or Wireless-B. 2. Select the Enable Security Per SSID option. The screen will update to the following:
188 Configuration Advanced Configuration of Mesh and Access Point Module Figure 6-56 SSID/VLAN Configuration (VLAN Tagging Enabled) MeshMAX 5054 Series User Guide NOTE: If you disable (uncheck) the Enable Security per SSID option, you will be able to add multiple SSID/VLANs, but the same configuration parameters (described below) will applied to all of them. 3. Click Add to configure additional SSIDs, VLANs, and their associated security profiles and RADIUS server profiles, or click Edit to modify existing SSIDs. The Add Entries or Edit Entries screen appears. Figure 6-57 SSID/VLAN Edit Entries Screen (VLAN Tagging Enabled) 4. Enter a unique Network Name (SSID) between 1 and 32 characters. This parameter is mandatory. NOTE: Do not use quotation marks (single or double) in the Network Name; this will cause the AP to misinterpret the name. 5. Enter a unique VLAN ID. This parameter is mandatory. 189 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide A VLAN ID is a number from -1 to 4094. A value of -1 means that an entry is untagged. You can set the VLAN ID to -1 or untagged if you do not want clients that are using a specific SSID to be members of a VLAN workgroup. Only one untagged VLAN ID is allowed per interface. The VLAN ID must match an ID used by your network; contact your network administrator if you need assistance defining the VLAN IDs. 6. Select the status of Closed System to control whether the SSID is advertised in the beacon and manage the way probe requests are handled, as follows:
Enable: The SSID is not advertised in the beacon, and the AP will respond to probe requests with an SSID only if the client has specified the SSID in the probe request. If the client sends a probe request with a null or ANY SSID, the AP will not respond. Partial: The SSID is advertised in the beacon, and the AP will not respond to "ANY" SSID requests. The Partial setting reduces network traffic by eliminating the repeated broadcast of SSIDs in probe responses. Disable: The SSID is advertised in the beacon, and the AP will respond with each configured SSID, whether or not an SSID has been specified in the probe request. 7. Enable Broadcast Unique Beacon using the drop-down menu. When enabled, Broadcast Unique Beacon allows the broadcast of a up to four unique beacons when the AP is configured for multiple SSIDs. If Closed System (above) is set to Partial or Disable, each beacon (up to four) will be broadcast a single SSID. If more than four SSIDs are configured, then three SSIDs will be broadcast in individual beacons; the fourth and subsequent SSIDs will be combined in one beacon and will not be broadcast. If Closed System is set to Enable, the SSID will not be broadcast in the beacon. If Broadcast Unique Beacon is disabled, a combined beacon will be broadcast. NOTE: Enabling Broadcast Unique Beacon will lower the throughput of the AP by 2-4%. Enabling Broadcast Unique Beacon simultaneously with Rogue Scan will cause a drift in the beacon interval and the occasional missing of beacons. 8. Enable or disable the SSID Authorization status from the drop-down menu. SSID Authorization is the RADIUS-based authorization of the SSID for a particular client. The authorized SSIDs are sent as the tunnel attributes. 9. Enable or disable RADIUS accounting on the VLAN/SSID under the Accounting Status drop-down menu. 10.Enable or disable RADIUS MAC authentication status on the VLAN/SSID under the RADIUS Authentication Status drop-down menu. 11.Enable or disable MAC Access Control List status on the VLAN/SSID under the MAC ACL Status drop-down menu. 12.Enter the Rekeying Interval in seconds (between 300 and 65525). When set to 0, this parameter is disabled. The default is 900 seconds. 13.Enter the Security Profile used by the VLAN in the Security Profile field. NOTE: If you have two or more SSIDs per interface using a Security Profile with a security mode of Non Secure, be aware that security being applied in the VLAN is not being applied in the wireless network. 14.Define the RADIUS Server Profile Configuration for the VLAN/SSID:
RADIUS MAC Authentication Profile RADIUS EAP Authentication Profile RADIUS Accounting Profile If 802.1x, WPA, or 802.11i security mode is used, the RADIUS EAP Authentication Profile must have a value. A RADIUS Server Profile for authentication for each VLAN shall be configured as part of the configuration options for that VLAN. RADIUS profiles are independent of VLANs. The user can define any profile to be the default and associate all VLANs to that profile. Four profiles are created by default, MAC Authentication, EAP Authentication, Accounting, and Management. 15.Specify a QoS Profile. 16.Set the 802.1p Priority given to packets tagged with this VLAN ID. Enter a number between 0-7. 17.Set the Maximum TX Bandwidth in Kbps. If this parameter is set to 0, full bandwidth is available. 18.Set the Maximum RX Bandwidth in Kbps. If this parameter is set to 0, full bandwidth is available. 190 Configuration Advanced Configuration of Mesh and Access Point Module MeshMAX 5054 Series User Guide 19.If editing an entry, enable or disable the parameters on this page using Status drop-down menu. If adding a new entry, this drop-down menu will not appear. 20.Reboot the AP. 191 Monitoring This chapter has the following information:
Monitoring Options for Subscriber Module Wireless MeshMAX 5054 Series User Guide 7 General WORP ICMP Per Station Features Link Test Interfaces IP ARP Table IP Routes Learn Table RIP Monitoring Options for Mesh and Access Point Module Version Learn Table RADIUS Interfaces Description of Interface Statistics ICMP IP/ARP Table IAPP Station Statistics Description of Station Statistics Mesh Statistics Topology Neighbors Link Statistics Link Test Monitoring Options for Subscriber Module This section describes using the Web interface to obtain detailed information about the settings and performance of the Subscriber module. Click the Monitor button to access this information. NOTE: The RIP tab is relevant only in Routing mode. Help and Exit buttons also appear on each page of the Web interface; click the Help button to access online help; click the Exit button to exit the application. 192 Monitoring Monitoring Options for Subscriber Module MeshMAX 5054 Series User Guide For an introduction to the basics of management, see Basic Management of Subscriber Module. Wireless General Click Monitor > General to monitor the general performance of the wireless interface. WORP Click Monitor > Wireless > WORP to monitor the performance of the WORP interface. Possible values for the Registration Last Reason field are as follows:
193 MeshMAX 5054 Series User Guide Monitoring Monitoring Options for Subscriber Module None (successful registration) Maximum number of SUs reached Authentication failure Roaming No response from SU within the Registration Timeout Period Low Signal Quality ICMP Click Monitor > ICMP to view the number of ICMP messages sent and received by the Subscriber unit. It includes ping, route, and host unreachable messages. Per Station Click Monitor > Per Station to view station statistics. The SU Per Station tab contains Site Survey function. When Site Survey is activated, the SU scans all the available channels and channel bandwidths, and collects information about all the BSUs on those channels/bandwidths. Features Click Monitor > Features to view the features supported on the unit. 194 Monitoring Monitoring Options for Subscriber Module MeshMAX 5054 Series User Guide NOTE: The Subscriber unit shows how many Ethernet hosts it supports on its Ethernet port as the Max Users on Satellite parameter. Link Test Click Monitor > Link Test to find out which wireless stations are in range and to check their link quality. NOTE: Link Test requires Internet Explorer version 6.0 or later. Earlier versions do not support Link Test. Link Test for the unit reports the Signal-to-Noise Ratio (SNR) value in dB; the higher this number, the better the signal quality. Furthermore, it reports the signal level and noise level in dBm. The latter two are approximations of the level at which the unit receives the signal of the peer unit and the background noise. Clicking Explore from a BSU displays all its registered SUs. Clicking Explore from an SU displays only the BSU with which it is registered. All stations displayed after Explore come up Disabled. Select a station by changing Disabled to Start and click the Link Test button. You can change multiple stations to Start, but only the last station in the list is displayed as the remote partner when you click the Link Test button. The Link Test provides SNR, Signal, and Noise information for both, the local and the remote units levels. Link Test stops when you close the Link Test page. 195 Monitoring Monitoring Options for Subscriber Module MeshMAX 5054 Series User Guide Interfaces Click Monitor > Interfaces to view detailed information about the IP-layer performance of the units interfaces. There are two sub-tabs: Wireless and Ethernet. The following figures show both interfaces. 196 Monitoring Monitoring Options for Subscriber Module MeshMAX 5054 Series User Guide IP ARP Table Click Monitor > IP ARP Table to view the mapping of the IP and MAC addresses of all radios registered at the Subscriber unit. This information is based upon the Address Resolution Protocol (ARP). IP Routes Click Monitor > IP Routes to view all active IP routes of the Subscriber unit. These can be either static or dynamic
(obtained through RIP). This tab is available only in Routing mode, and you can add routes only when in Routing mode. 197 Monitoring Monitoring Options for Mesh and Access Point Module Learn Table MeshMAX 5054 Series User Guide Click Monitor > Learn Table to view all MAC addresses the Subscriber unit has detected on an interface. The Learn Table displays information relating to network bridging. It reports the MAC address for each node that the device has learned is on the network and the interface on which the node was detected. There can be up to 10,000 entries in the Learn Table. This tab is only available in Bridge mode. RIP Click Monitor > RIP to view Routing Internet Protocol data for the Ethernet and Wireless interfaces. Monitoring Options for Mesh and Access Point Module To monitor the AP using the HTTP/HTTPS interface, you must first log in to a web browser. See Logging In for instructions. You may also monitor the AP using the command line interface. See Command Line Interface (CLI) for more information To monitor the AP via HTTP/HTTPS:
1. Click the Monitor button located on the left-hand side of the screen. The main Monitor screen will be displayed. 198 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 7-1 Monitor Main Screen 2. Click the tab that corresponds to the statistics you want to review. For example, click Learn Table to see the list of nodes that the AP has discovered on the network. If necessary, click the Refresh 3. Each Monitor tab is described in the remainder of this chapter. button to update the statistics. Version From the HTTP interface, click the Monitor button and select the Version tab. The list displayed provides you with information that may be pertinent when calling Technical Support. With this information, your Technical Support representative can verify compatibility issues and make sure the latest software are loaded. This screen displays the following information for each Access Point component:
Serial Number: The components serial number, if applicable. Name/ID: The AP identifies a system component based on its name or ID. Each component has a unique identifier. Variant: Several variants may exist of the same component (for example, a hardware component may have two variants, one with more memory than the other). Version: Specifies the components version or build number. The Software Image version is the most useful information on this screen for the typical end user. 199 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 7-2 Version Monitoring Tab ICMP This tab provides statistical information for both received and transmitted messages directed to the AP. Not all ICMP traffic on the network is counted in the ICMP (Internet Control Message Protocol) statistics. Figure 7-3 ICMP Monitoring Tab IP/ARP Table This tab provides information based on the Address Resolution Protocol (ARP), which relates MAC Address and IP Addresses. 200 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 7-4 IP/ARP Table Monitoring Tab Learn Table This tab displays information relating to network bridging. It reports the MAC address for each node that the device has learned is on the network and the interface on which the node was detected. There can be up 10,000 entries in the Learn Table. Figure 7-5 Learn Table Monitoring Tab IAPP This tab displays statistics relating to client handovers and communications between Access Points. 201 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 7-6 IAPP Monitoring Tab RADIUS This tab provides RADIUS authentication, EAP/802.1x authentication, and accounting information for both the Primary and Backup RADIUS servers for each RADIUS Server Profile. NOTE: Separate RADIUS servers can be configured for each RADIUS Server Profile. Select the RADIUS Server Profile to view statistics on from the Select Server Profile drop-down menu. 202 Monitoring Monitoring Options for Mesh and Access Point Module Figure 7-7 RADIUS Monitoring Tab Interfaces This tab displays statistics for the Ethernet and wireless interfaces. MeshMAX 5054 Series User Guide Figure 7-8 Interface Monitoring Tab (Ethernet) Description of Interface Statistics The following statistics are displayed for the Ethernet interface only, either of the wireless interfaces only, or for all interfaces:
Admin Status (Ethernet/Wireless-Slot A/B): The desired state of the interface: Up (ready to pass packets), Down (not ready to pass packets, or Testing (testing and unable to pass packets). Alignment Error (Ethernet): The number of frames received that are not an integral number of octets in length and do not pass the Frame Check Sequence check. Carrier Sense Errors (Ethernet): The number of times that the carrier sense condition was lost or never asserted when attempting to transmit a frame. The count increments at most once per transmission attempt. Deferred Transmission (Ethernet): The number of frames for which the first transmission attempt is delayed because the medium is busy.This number does not include frames involved in collisions. 203 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Description (Ethernet/Wireless-Slot A/B): Information about the interface (e.g., the name of the manufacturer, the product name and the version of the hardware interface). Duplicate Frame Count (Wireless-Slot A/B): The number of duplicate frames received. Ethernet Chipset (Ethernet): Identifies the chipset used to realize the interface. Excessive Collisions (Ethernet): The number of frames for which transmission fails due to excessive collisions. Failed ACK Count (Wireless-Slot A/B): The number of times an acknowledgment (or ACK) is not received when expected. Failed Count (Wireless-Slot A/B): The number of packets not transmitted successfully due to too many transmit attempts. Failed RTS Count (Wireless-Slot A/B): The number of times a Clear to Send (CTS) is not received in response to a Request to Send (RTS). FCS Error (Wireless-Slot A/B): The number of Frame Check Sequence errors detected in received MAC Protocol Data Units (MPDUs). FCS Errors (Ethernet): The number of frames received that are an integral number of octets in length but do not pass the Frame Check Sequence check. Frames Too Long (Ethernet): The number of frames received that exceed the maximum permitted frame size. In Discards (Ethernet/Wireless-Slot A/B): The number of error-free inbound packets that were chosen to be discarded to prevent their being deliverable to a higher-layer protocol. One possible reason for discarding such a packet could be to free up buffer space. In Errors (Ethernet/Wireless-Slot A/B): The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. In Non-unicast Packets (Ethernet/Wireless-Slot A/B): The number of non-unicast (i.e., subnetwork-broadcast or subnetwork-multicast) packets delivered to a higher-layer protocol. In Octets (bytes) (Ethernet/Wireless-Slot A/B): The total number of octets received on the interface, including framing characters. In Unicast Packets (Ethernet/Wireless-Slot A/B): The number of subnetwork unicast packets delivered to a higher-layer protocol. Internal MAC Receive Errors (Ethernet): The number of frames for which reception fails due to an internal MAC sublayer transmit error. A frame is only counted if it is not counted by the Frames Too Long, Alignment Error, or FCS Error counters. Internal MAC Transmit Errors (Ethernet): The number of frames for which transmission fails due to an internal MAC sublayer transmit error. A frame is only counted if it is not counted by Late Collision, Excession Collision, or Carrier Sense Error counters. Last Change (Ethernet/Wireless-Slot A/B): The value of the sysUpTime object at the time the interface entered its current operational state. Late Collisions (Ethernet): The number of times that a collision is detected on a particular interface later than 512 bit-times into the transmission of a packet MAC Address (Wireless-Slot A/B): The station's assigned, unique MAC address, Maximum Packet Size (Ethernet/Wireless-Slot A/B): The size (in octets) of the largest datagram which can be sent/received MIB Specific Definition (Ethernet/Wireless-Slot A/B): A reference to MIB definitions specific to the particular media being used to realize the interface. For example, if the interface is an Ethernet interface, then this field refers to a document defining objects specific to ethernet. Multicast Received Frame Count (Wireless-Slot A/B): The number of multicast packets received. Multicast Transmitted Frame Count (Wireless-Slot A/B): The number of multicast packets transmitted. Multiple Collision Frames (Ethernet): The number of successfully transmitted frames for which transmission is inhibited by more than one collision. 204 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Multiple Retry Count (Wireless-Slot A/B): The number of packets successfully transmitted after more than one retransmission. Operational Status (Ethernet/Wireless-Slot A/B): The current state of the interface: Up (ready to pass packets), Down (not ready to pass packets, or Testing (testing and unable to pass packets). Out Discards (Ethernet/Wireless-Slot A/B): The number of error-free outbound packets chosen to be discarded to prevent their being transmitted. One possible reason for discarding such a packet could be to free up buffer space. Out Errors (Ethernet/Wireless-Slot A/B): The number of outbound packets that could not be transmitted because of errors. Out Non-unicast Packets (Ethernet/Wireless-Slot A/B): The total number of packets that higher-level protocols requested be transmitted to a non-unicast (i.e., a subnetwork-broadcast orsubnetwork-multicast) address, including those that were discarded or not sent. Out Octets (bytes) (Ethernet/Wireless-Slot A/B): The total number of octets transmitted out of the interface, including framing characters. Out Unicast Packets (Ethernet/Wireless-Slot A/B): The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent. Output Queue Length (Ethernet/Wireless-Slot A/B): The length of the output packet queue (in packets). Physical Address (Ethernet): The interface's address at the protocol layer immediately below the network layer in the protocol stack. Received Fragment Count (Wireless-Slot A/B): The number of successfully received Data or Management MAC Protocol Data Units (MPDUs). Retry Count (Wireless-Slot A/B): The number of packets successfully transmitted after one or more retransmissions. Single Collision Frames (Ethernet): The number of successfully transmitted frames for which transmission is inhibited by exactly one collision Speed (Ethernet/Wireless-Slot A/B): An estimate of the interface's current bandwidth in bits per second. SQE Test Errors (Ethernet): The number of times that the Signal Quality Error (SQE) Test Error message is generated by the physical layer signalling (PLS) sublayer. Successful RTS Count (Wireless-Slot A/B): The number of times a Clear to Send (CTS) is received in response to an Request to Send (RTS). Transmitted Fragment Count (Wireless-Slot A/B): The number of transmitted fragmented packets. Transmitted Frame Count (Wireless-Slot A/B): This number of successfully transmitted packets. Type (Ethernet/Wireless-Slot A/B): The type of interface, distinguished according to the physical/link protocol(s) immediately below the network layer in the protocol stack. Unknown Protocols (Ethernet/Wireless-Slot A/B): The number of packets received that were discarded because of an unknown or unsupported protocol. WEP Undecryptable Count (Wireless-Slot A/B): The number of undecryptable WEP frames received. Station Statistics This tab displays information on wireless clients attached to the AP and on Wireless Distribution System. Enable the Monitoring Station Statistics feature (Station Statistics are disabled by default) by checking Enable Monitoring Station Statistics and click OK. You do not need to reboot the AP for the changes to take effect. If clients are connected to the device or WDS links are configured for the device, the statistics will now be shown on the screen. Click Select to view the more detailed statistics for a client. Click on the Refresh button in the browser window to view the latest statistics. If any new clients associate to the AP, you can see the statistics of the new clients after you click the refresh button. 205 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 7-9 Station Statistics Monitoring Tab Description of Station Statistics The following stations statistics are displayed:
MAC Address: The MAC address of the wireless client for which the statistics are gathered. For WDS links, this is the partner MAC address of the link. IP Address: The IP address of the associated wireless station for which the Statistics are gathered. (0.0.0.0 for WDS links) Interface to which the Station is connected: The interface number on which the client is connected with the AP. For WDS links this is the interface on which the link is configured. Type: The type of wireless client (STA or WDS). MAC Protocol: The MAC protocol for this wireless client (or WDS link partner). The possible values are 802.11a, 4.9 GHz, 802.11b, 802.11g. Signal / Noise: The Signal /Noise Level measured at the AP when frames are received from the associated wireless station (or WDS link partner). Time since Last Frame Received: The time elapsed since the last frame from the associated wireless station (or WDS link partner) was received. Number of Stations and WDS Links: The number of stations and WDS links monitored. The following stations statistics are available through SNMP:
Octets Received: The number of octets received from the associated wireless station (or WDS link partner) by the AP. Unicast Frames Received: The number of Unicast frames received from the associated wireless station (or WDS link partner) by the AP. Non-Unicast Frames Received: The number of Non-Unicast frames received (i.e. broadcast or multicast) from the associated wireless station (or WDS link partner) by the AP. 206 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Octets Transmitted: The number of octets sent to the associated wireless station (or WDS link partner) from the AP. Unicast Frames Transmitted: The number of Unicast frames transmitted to the associated wireless station (or WDS link partner) from the AP. Mesh Statistics This Mesh tab and its related sub-tabs display statistics relating to Mesh functionality. See the following sections:
Topology Neighbors Link Statistics Link Test Topology The Topology sub-tab displays the network topology of the Mesh network. Figure 7-10 Mesh Statistics Topology Sub-Tab Neighbors The Neighbors sub-tab displays the system name, IP address, channel, path cost, number of hops to portal, Mesh type, and status of all Mesh APs within range of the AP. Figure 7-11 Mesh Statistics Neighbors Sub-Tab Link Statistics The Link Statistics sub-tab displays the MAC address, IP address, receive rate, transmit rate, receive errors, transmit errors, and SNR for each Mesh link. 207 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 7-12 Mesh Statistics Link Statistics Sub-Tab Link Test The Link Test tab allows you to run two types of Mesh link tests: Tree Type or Neighbor Type. The Tree Type link test is initiated from the Portal to any point on the Mesh tree. The Mesh units involved in the test must be in the "Active" state The Neighbor Type link test is initiated from any Mesh unit and to any other Mesh unit in its neighbor list the is in the
"Connected"/"Active" state. The Mesh units involved in the test must be on the same channel. 208 Monitoring Monitoring Options for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 7-13 Mesh Statistics Link Test Sub-Tab To execute a Link Test, set the following parameters:
Test Type: Tree Type or Neighbor Type Destination System Name: The destination Mesh unit. Test Traffic Rate: The number of frames per second to test. Frame Size: The size of each frame in test. Test Duration: The duration for the entire whole test When a test is running, it will appear in the Currently RUnning Mesh Link Test section of the page. The Time to Finish field updates on each page refresh. Upon completion of a test, the test will appear under the Mesh Link Test Results section of the page. To view full results, select radio button of the desired test; results will be displayed in a new window., new window will open. NOTES:
No more 10 tests can be running and complete simultaneously. (For instance, if there are 5 tests running and 5 tests finished, when a sixth test begins to run, the oldest result will be deleted.) Any topology change will delete all Tree Type tests (running or complete). 209 Commands MeshMAX 5054 Series User Guide 8 This chapter has following information:
Command Functions for Subscriber Module Download Upload Reboot Reset Help Link Downgrade Command Function for Mesh and Access Point Module Introduction to File Transfer via TFTP or HTTP TFTP File Transfer Guidelines HTTP File Transfer Guidelines Image Error Checking During File Transfer Update AP Update AP via TFTP Update AP via HTTP Retrieve File Retrieve File via TFTP Retrieve File via HTTP Reboot Reset Reset Command Functions for Subscriber Module This section describes the commands that you can issue with the Web Interface. Click the Commands button to access available commands. See the following:
Help and Exit buttons also appear on each page of the Web interface; click the Help button to access online help; click the Exit button to exit the application. For an introduction to the basics of management, see Basic Management of Subscriber Module. Download Click Commands > Download to download configuration, image and license files to the unit via a TFTP server. 210 Commands Command Functions for Subscriber Module MeshMAX 5054 Series User Guide The following parameters may be configured or viewed:
Server IP address: Enter the TFTP Server IP address. File Name: Enter the name of the file to be downloaded. If you are using the SolarWinds TFTP server software located on your product installation CD, the default directory for downloading files is C:\TFTP-Root. File Type: Choose either Config, image, BspBl, or license. File Operation: Choose either Download or Download and Reboot. Click OK to start the download. Upload Click Commands > Upload to upload a configuration or log file from the unit to a TFTP server. The following parameters may be configured or viewed:
Server IP address: Enter the TFTP Server IP address. File Name: Enter the name of the file to be uploaded. If you are using the SolarWinds TFTP server software located on your product installation CD, the default directory for uploading files is C:\TFTP-Root. File Type: Choose either Config or Eventlog. Click OK to start the upload. Reboot Click Commands > Reboot to reboot the embedded software of the Subscriber unit. Configuration changes are saved and the unit is reset. 211 Commands Command Functions for Subscriber Module MeshMAX 5054 Series User Guide CAUTION: Rebooting the unit causes all users currently connected to lose their connection to the network until the Subscriber unit has completed the reboot process and resumed operation. Reset Click Commands > Reset to restore the configuration of the Subscriber unit to the factory default values. You can also reset the Subscriber unit by pressing the RESET button located on the side of the unit. Because this resets the units current IP address, a new IP address must be assigned. CAUTION: Resetting the unit to its factory default configuration permanently overwrites all changes made to the unit. The unit reboots automatically after this command has been issued. Help Link Click Commands> Help Link to set the location of the help files of the Web Interface. Upon installation, the help files are installed in the C:\Program Files\Tsunami\[Model Name]\Help folder. If you want to place these files on a shared drive, copy the Help folder to the new location and specify the new path in the Help Link box. Downgrade Click Commands > Downgrade to downgrade to a previous release. Downgrade currently is supported only to release 2.0.1 and later. Once you enter this command, the unit is downgraded to the specified release and is automatically rebooted. The filename specified and the filename of the image selected for downgrade must be the same version. The unit will download the file, re-format the configuration to match the version, and reboot to put the image into effect. 212 Commands Command Function for Mesh and Access Point Module MeshMAX 5054 Series User Guide Command Function for Mesh and Access Point Module To perform commands using the HTTP/HTTPS interface, you must first log in to a web browser. See Logging In for instructions. You may also perform commands using the command line interface. See CLI for Mesh and Access Point Module for more information. To perform commands via HTTP/HTTPS:
1. Click the Commands button located on the left-hand side of the screen. Figure 8-1 Commands Main Screen 2. Click the tab that corresponds to the command you want to issue. For example, click Reboot to restart the unit. Following a brief introduction to TFTP and HTTP file transfer, each Commands tab is described in the remainder of this chapter. Introduction to File Transfer via TFTP or HTTP There are two methods of transferring files to or from the AP: TFTP or HTTP (or HTTPS if enabled):
213 Commands Command Function for Mesh and Access Point Module MeshMAX 5054 Series User Guide Downloading files (Configuration, AP Image, Bootloader, License, Private Key, Certificate, CLI Batch File) to the AP using one of these two methods is called Updating the AP. Uploading files (Configuration, CLI Batch File, etc) from the AP is called Retrieving Files. TFTP File Transfer Guidelines A TFTP server must be running and configured to point to the directory containing the file. If you do not have a TFTP server installed on your system, install the TFTP server from the installation CD. HTTP File Transfer Guidelines HTTP file transfer can be performed either with or without SSL enabled. HTTP file transfers with SSL require enabling Secure Management and Secure Socket Layer. HTTP transfers that use SSL may take additional time. NOTE: SSL requires Internet Explorer version 6, 128 bit encryption, Service Pack 1, and patch Q323308. Image Error Checking During File Transfer The Access Point performs checks to verify that an image downloaded through HTTP or TFTP is valid. The following checks are performed on the downloaded image:
Zero Image size Large image size Non VxWorks image AP image Digital signature verification If any of the above checks fail on the downloaded image, the Access Point deletes the downloaded image and retains the old image. Otherwise, if all checks pass successfully, the AP deletes the old image and retains the downloaded image. These checks are to ensure that the AP does not enter an invalid image state. The storage of the two images is only temporary to ensure the proper verification; the two images will not be stored in the AP permanently. Image error checking functions automatically in the background. No user configuration is required. Update AP Update AP via TFTP Use the Update AP via TFTP tab to download Configuration, AP Image, License file, Bootloader files, Certificate and Private Key files, and CLI Batch File to the AP. A TFTP server must be running and configured to point to the directory containing the file. 214 Commands Command Function for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 8-2 Update AP via TFTP Command Screen If you do not have a TFTP server installed on your system, install the TFTP server from the installation CD. You can either install the TFTP server from the CD Wizard or run OEM-TFTP-Server.exe found in the CDs Xtras/SolarWinds sub-directory. The Update AP via TFTP tab shows version information and allows you to enter TFTP information as described below. Server IP Address: Enter the TFTP server IP Address. Double-click the TFTP server icon on your desktop and locate the IP address assigned to the TFTP server. NOTE: This is the IP address that will be used to point the Access Point to the AP Image file. File Name: Enter the name of the file to be downloaded (including the file extension). Copy the file to the TFTP servers root folder. File Type: Select the proper file type. Choices include:
Config: configuration information, such as System Name, Contact Name, and so on. NOTE: The AP will reboot automatically when downloading a Config file. Image: AP Image (executable program). Upgrade BspBl: Bootloader software. SSL Certificate: the digital certificate for authentication in SSL communications. SSL Private Key: the private key for encryption in SSL communications. SSH Public Key: the public key in SSH communications. SSH Private Key: the private key in SSH communications. CLI Batch File: a CLI Batch file that contains CLI commands to configure the AP. This file will be executed by the AP immediately after being uploaded. License File File Operation: Select either Update AP or Update AP & Reboot. You should reboot the AP after downloading files. 215 Commands Command Function for Mesh and Access Point Module Update AP via HTTP MeshMAX 5054 Series User Guide Use the Update AP via HTTP tab to download Configuration, AP Image, Bootloader files, and Certificate and Private Key files to the AP. Once on the Update AP screen, click on the via HTTP tab. Figure 8-3 Update AP via HTTP Command Screen The Update AP via HTTP tab shows version information and allows you to enter HTTP information as described below. 1. Select the File Type that needs to be updated from the drop-down box. Choices include:
Image for the AP Image (executable program). Config for configuration information, such as System Name, Contact Name, and so on. NOTE: The AP will reboot automatically when downloading a Config file. SSL Certificate: the digital certificate for authentication in SSL communications. SSL Private Key: the private key for encryption in SSL communications. Upgrade BSPBL: the Bootloader software. CLI Batch File: a CLI Batch file that contains CLI commands to configure the AP. This file will be executed by the AP immediately after being uploaded. SSH Public Key: the public key in SSH communications. SSH Private Key: the private key in SSH communications. License File 2. Use the Browse button or manually type in the name of the file to be downloaded (including the file extension) in the File Name field. If typing the file name, you must include the full path and the file extension in the file name text box. 3. To initiate the HTTP Update operation, click the Update AP button. A warning message gets displayed that advises the user that a reboot of the device will be required for changes to take effect. 216 Commands Command Function for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 8-4 Warning Message 4. Click OK to continue with the operation or Cancel to abort the operation. NOTE: An HTTP file transfer using SSL may take extra time. If the operation completes successfully the following screen appears. Figure 8-5 Update AP Successful If the operation did not complete successfully the following screen appears, and the reason for the failure is displayed. Figure 8-6 Update AP Unsuccessful Retrieve File Retrieve File via TFTP Use the Retrieve File via TFTP tab to upload files from the AP to the TFTP server. The TFTP server must be running and configured to point to the directory to which you want to copy the uploaded file. We suggest you assign the file a meaningful name, which may include version or location information. If you dont have a TFTP server installed on your system, install the TFTP server from the installation CD. You can either install the TFTP server from the CD Wizard or run OEM-TFTP-Server.exe found in the CDs Xtras/SolarWinds sub-directory. The Retrieve AP via TFTP tab shows version information and allows you to enter TFTP information as described below. Server IP Address: Enter the TFTP server IP Address. Double-click the TFTP server icon on your desktop and locate the IP address assigned to the TFTP server. File Name: Enter the name of the file to be uploaded. File Type: Select the type of file to be uploaded: Config file, CLI Batch File, or CLI Batch (Error) Log. 217 Commands Command Function for Mesh and Access Point Module MeshMAX 5054 Series User Guide Use the following procedure to retrieve a file from an AP to a TFTP server:
1. 2. Retrieve and store the file. Click the Retrieve File button to initiate the upload of the file from the AP to the TFTP If retrieving a Config file, configure all the required parameters in their respective tabs. Reboot the device. server. If you retrieved a Configuration file, update the file as necessary. If you retrieved a CLI Batch File or CLI Batch Log, you can examine the file using a standard text editor. For more information on CLI Batch Files. 3. 4. Figure 8-7 Retrieve File via TFTP Command Screen Retrieve File via HTTP Use the Retrieve File via HTTP tab to retrieve configuration files, CLI Batch Files, or CLI Batch Logs from the AP. For more information on CLI Batch Files and CLI Batch Logs. 1. Select the type of file (Config, CLI Batch File, CLI Batch Log) from the File Type drop-down menu. 2. Click on the Retrieve File button to initiate the operation. 218 Commands Command Function for Mesh and Access Point Module MeshMAX 5054 Series User Guide Figure 8-8 Retrieve File via HTTP Command Screen A confirmation message is displayed, asking if the user wants to proceed with retrieving the file. Figure 8-9 Retrieve File Confirmation Dialog 3. Click OK to continue with the operation or Cancel to abort the operation. On clicking OK, the File Download window appears. Figure 8-10 File Download Dialog Box 4. On clicking the Save button the Save As window displays. Select an appropriate filename and location and click OK. 219 Commands Command Function for Mesh and Access Point Module Reboot MeshMAX 5054 Series User Guide Use the Reboot tab to save configuration changes (if any) and reset the AP. Enter a value between 0 and 65535 seconds; entering a value of 0 (zero) seconds causes an immediate reboot. Note that Reset, described below, does not save configuration changes. CAUTION: Rebooting the AP will cause all users who are currently connected to lose their connection to the network until the AP has completed the restart process and resumed operation. Figure 8-11 Reboot Command Screen Reset Use the Reset tab to restore the AP to factory default conditions. Since this will reset the APs current IP address, a new IP address must be assigned. See Logging In for more information. CAUTION: Resetting the AP to its factory default configuration will permanently overwrite all changes that have made to the unit. The AP will reboot automatically after this command has been issued. Figure 8-12 Reset to Factory Defaults Command Screen Help Link Use the Help tab to configure the location of the AP Help files. During initialization, the AP on-line help files are downloaded to the default location:
C:/Program Files/ORiNOCO/AP-4x00MR-LR/HTML/index.htm. To enable the Help button on each page of the Web interface to access the help files, however, copy the entire Help folder to a web server, then specify the new HTTP path in the Help Link box. NOTE: The configured Help Link must point to an HTTP address in order to enable the Help button on each page of the Web interface. 220 Commands Command Function for Mesh and Access Point Module MeshMAX 5054 Series User Guide NOTE: Use the forward slash character ("/") rather than the backslash character ("\") when configuring the Help Link location. NOTE: Add the APs management IP address into the Internet Explorer list of Trusted Sites. Figure 8-13 Help Link Configuration Screen 221 Procedures for Subscriber Module MeshMAX 5054 Series User Guide 9 This chapter describes the following procedures:
TFTP Server Setup: Prepares the TFTP server for transferring files to and from the Subscriber unit. This procedure is used by the other procedures that transfer files. Web Interface Image File Download: Upgrades the embedded software. Configuration Backup: Saves the configuration of the Subscriber unit. Configuration Restore: Restores a previous configuration through configuration file download. Soft Reset to Factory Default: Resets the Subscriber unit to the factory default settings through the Web or Command Line Interface. Hard Reset to Factory Default: In some cases, it may be necessary to revert to the factory default settings (for example, if you cannot access the Subscriber unit or you lost the password for the Web Interface). Forced Reload: Completely resets the Subscriber unit and erases the embedded software. Use this procedure only as a last resort if the Subscriber unit does not boot and the Hard Reset to Factory Default procedure did not help. If you perform a Forced Reload, you must download a new image file as described in Image File Download with the Bootloader. Image File Download with the Bootloader: If the Subscriber unit does not contain embedded software, or the embedded software is corrupt, you can use this procedure to download a new image file. TFTP Server Setup A Trivial File Transfer Protocol (TFTP) server lets you transfer files across a network. You can upload files from the unit for backup or copying, and you can download the files for configuration and image upgrades. The SolarWinds TFTP server software is located on the product installation CD, or can be downloaded from http://support.proxim.com. You can also download the latest TFTP software from SolarWinds Web site at http://www.solarwinds.net. The instructions that follow assume that you are using the SolarWinds TFTP server software; other TFTP servers may require different configurations. NOTE: If a TFTP server is not available in the network, you can perform similar file transfer operations using the HTTP interface. To download or upload a file, you must connect to the computer with the TFTP server through the Subscriber unit. For information about installing the TFTP server, see Step 12: Install Documentation and Software. Ensure that:
1. The upload or download directory is correctly set (the default directory is C:\TFTP-Root). 2. The required image file is present in the directory. 3. The TFTP server is running. The TFTP server must be running only during file upload and download. You can check the connectivity between the Subscriber unit and the TFTP server by pinging the Subscriber unit from the computer that hosts the TFTP server. The ping program should show replies from the Subscriber unit. 4. The TFTP server is configured to both Transmit and Receive files (on the Security tab under File Configure), with no automatic shutdown or time-out (on the Auto-Close tab). Web Interface Image File Download In some cases, it may be necessary to upgrade the embedded software of the Subscriber unit by downloading an image file. To download an image file through the Web Interface:
1. Set up the TFTP server as described in TFTP Server Setup. 222 Procedures for Subscriber Module MeshMAX 5054 Series User Guide 2. Access the Subscriber unit as described in Logging in to the Web Interface. 3. Click the Commands button and the Download tab. 4. Fill in the following details:
Server IP Address <IP address TFTP server>
File Name <image file name>
File Type Image File Operation Download 5. Click OK to start the file transfer. The Subscriber unit downloads the image file. The TFTP server program should show download activity after a few seconds. When the download is complete, the Subscriber unit is ready to start the embedded software upon reboot. Configuration Backup You can back up the Subscriber unit configuration by uploading the configuration file. You can use this file to restore the configuration or to configure another Subscriber unit (see Configuration Restore). To upload a configuration file through the Web Interface:
1. Set up the TFTP server as described in TFTP Server Setup. 2. Access the Subscriber unit as described in Logging in the Web Interface. 3. Click the Commands button and the Upload tab. 4. Fill in the following details:
Server IP Address <IP address TFTP server>
File Name <configuration file name>
File Type Config File Operation Upload 5. Click OK to start the file transfer. The Subscriber unit uploads the configuration file. The TFTP server program should show upload activity after a few seconds. When the upload is complete, the configuration is backed up. Configuration Restore You can restore the configuration of the Subscriber unit by downloading a configuration file. The configuration file contains the configuration information of an Subscriber unit. To download a configuration file through the Web Interface:
1. Set up the TFTP server as described in TFTP Server Setup. 2. Access the Subscriber unit as described in Logging in Web Interface. 3. Click the Commands > Download. 4. Fill in the following details:
Server IP Address <IP address TFTP server>
File Name <configuration file name>
File Type Config File Operation Download Click OK to start the file transfer. The Subscriber unit downloads the configuration file. The TFTP server program should show download activity after a few seconds. When the download is complete and the system rebooted, the configuration is restored. 223 Procedures for Subscriber Module MeshMAX 5054 Series User Guide Soft Reset to Factory Default If necessary, you can reset the Subscriber unit to the factory default settings. Resetting to default settings means that you must configure the Subscriber unit anew. To reset to factory default settings using the Web Interface:
1. Click Commands > Reset. 2. Click the Reset to Factory Default button. The device configuration parameter values are reset to their factory default values. If you do not have access to the Subscriber unit, you can use the procedure described in Hard Reset to Factory Default below as an alternative. Hard Reset to Factory Default If you cannot access the unit or you have lost its password, you can reset the Subscriber unit to the factory default settings. Resetting to default settings means you must configure the Subscriber unit anew. To reset to Subacriber unit, refer Reboot and Reset Functionality for Subscriber Module. Forced Reload With Forced Reload, you reset the Subscriber unit to the factory default settings and erase the embedded software. Use this procedure only as last resort if the Subscriber unit does not boot. If you perform a Forced Reload, refer .Reboot and Reset Functionality for Subscriber Module Image File Download with the Bootloader The following procedures download an image file to the unit after the embedded software has been erased with Forced Reload or when the embedded software cannot be started by the Bootloader. A new image file can be downloaded to the unit with ScanTool, or the Command Line Interface through the units serial port. In both cases, the file is transferred through Ethernet with TFTP. Because the CLI serial port option requires a serial RS-232C cable, Proxim recommends the ScanTool option. Download with ScanTool To download an image file with the ScanTool:
1. Set up the TFTP server as described in TFTP Server Setup. 2. Download the latest software from http://support.proxim.com. 3. Copy the latest software updates to your TFTP servers root directory. 4. Run ScanTool on a computer that is connected to the same LAN subnet as the unit. ScanTool scans the subnet for units and displays the found units in the main window. If in Forced Reload, ScanTool does not find the device until the unit Bootloader times out from its default operation to download an image. Click Rescan to re-scan the subnet and update the display until the unit shows up in Bootloader mode. 5. Select the unit to which you want to download an image file and click Change. 6. Ensure that IP Address Type Static is selected and fill in the following details:
Password IP Address and Subnet Mask of the unit. TFTP Server IP Address and, if necessary, the Gateway IP Address of the TFTP server. Image File Name of the file with the new image. 7. Click OK to start the file transfer. 224 Procedures for Subscriber Module MeshMAX 5054 Series User Guide The unit downloads the image file. The TFTP server program should show download activity after a few seconds. When the download is complete, the LED pattern should return to reboot state. The unit is ready to start the embedded software. After a Forced Reload procedure, the unit returns to factory default settings and must be reconfigured. ScanTool can be used to set the system name and IP address. To access the Subscriber unit see Logging in to the Web Interface. Download with CLI To use the CLI through the serial port of the unit, you need a standard serial connector and an ASCII terminal program such as HyperTerminal. Proxim recommends you switch off the unit and the computer before connecting or disconnecting the serial RS-232C cable. To download an image file:
1. Set up the TFTP server as described in TFTP Server Setup. 2. Download the latest software from http://support.proxim.com. 3. Copy the latest software updates to your TFTP servers root directory. 4. Use a straight-through serial cable to connect the units serial port to your computers serial port. 5. Start the terminal program (such as HyperTerminal), set the following connection properties, and then connect:
Connect using: Com Port: <COM1, COM2, etc., depending on your computer>
Port Settings:
Baud rate: 9600 Data Bits: 8 Stop bits: 1 Flow Control: None Parity: None Under File > Properties > Settings > ASCII Setup, enable the Send line ends with line feeds option. 6. Press the RESET button on the unit. The terminal display shows Power On Self Tests (POST) activity. After approximately 30 seconds, a message indicates: Sending Traps to SNMP manager periodically. After this message appears, the bootloader prompt appears. 7. The command prompt is displayed; enter the following commands:
set ipaddr <IP address nit>
set ipsubmask <subnet mask>
set ipaddrtype static set tftpipaddr <IP address TFTP server>
set tftpfilename <image file name>
set ipgw <gateway IP address>
reboot For example:
set ipaddr 10.0.0.12 set ipsubmask 255.255.255.0 set ipaddrtype static set tftpipaddr 10.0.0.20 set tftpfilename image.bin set ipgw 10.0.0.30 reboot 225 Procedures for Subscriber Module MeshMAX 5054 Series User Guide The unit reboots and downloads the image file. The TFTP server program should show download activity after a few seconds. When the download is complete, the unit is ready for configuration. After a Forced Reload procedure, the unit returns to factory default settings and must be reconfigured. ScanTool can be used to set the system name and IP address. To access the Subscriber unit see Logging in to the Web Interface. 226 Troubleshooting This chapter has following information:
Troubleshooting for Power-Over-Ethernet (PoE) Troubleshooting Concepts for Subscriber Module Connectivity Issues Subscriber Module Does Not Boot Cannot use the Web Interface Communication Issues Two Units Are Unable to Communicate Wirelessly Setup and Configuration Issues Lost Password The Subscriber Module Responds Slowly TFTP Server Does Not Work Online Help Is Not Available Changes Do Not Take Effect VLAN Operation Issues What if network traffic is being directed to a nonexistent host?
Link Problems General Check Statistics Check Analyzing the Spectrum Troubleshooting Concepts for Mesh and Access Point Module Troubleshooting Concepts Symptoms and Solutions Connectivity Issues Basic Software Setup and Configuration Problems Client Connection Problems VLAN Operation Issues Recovery Procedures Soft Reset to Factory Defaults Hard Reset to Factory Defaults Forced Reload Setting IP Address using Serial Port Related Applications RADIUS Authentication Server TFTP Server MeshMAX 5054 Series User Guide 10 227 Troubleshooting Troubleshooting for Power-Over-Ethernet (PoE) Troubleshooting for Power-Over-Ethernet (PoE) MeshMAX 5054 Series User Guide The PoE Does Not Work 1. Verify that you are using a standard UTP Category 5 cable. 2. Try a different port on the same PoE hub (remember to move the input port accordingly) if it works, there is probably a faulty port or bad RJ-45 port connection. If possible, try to connect the MeshMAX unit to a different PoE hub. 3. 4. Try using a different Ethernet cable if it works, there is probably a faulty connection over the long cable, or a bad RJ-45 connection. 5. Check power plug and hub. 6. If the Ethernet link goes down, check the cable, cable type, switch, and hub. Troubleshooting Concepts for Subscriber Module This section helps you to isolate and solve problems with your Subscriber Module. In the event this chapter does not provide a solution, or the solution does not solve your problem, check our support website at http://support.proxim.com. Before you start troubleshooting, check the details in the product documentation. For details about RADIUS, TFTP, terminal and telnet programs, and Web browsers, refer to their appropriate documentation. In some cases, rebooting the Subscriber Module clears the problem. If nothing else helps, consider a Soft Reset to Factory Default or a Forced Reload. The Forced Reload option requires you to download a new image file to the Subscriber Module. Connectivity Issues Subscriber Module Does Not Boot The Subscriber Module shows no activity (the power LED is off). 1. Ensure that the power supply is properly working and correctly connected. 2. Ensure that all cables are correctly connected. 3. Check the power source. 4. If you are using an Active Ethernet splitter, ensure that the voltage is correct. Cannot use the Web Interface 1. Open a command prompt window and enter ping <ip address unit> (for example ping 10.0.0.1). If the unit does not respond, make sure that you have the correct IP address. If the unit responds, the Ethernet connection is working properly, continue with this procedure. 2. Ensure that you are using Microsoft Internet Explorer 5.0 or later (version 6.0 or later recommended) or Netscape 6.0 or later. 3. Ensure that you are not using a proxy server for the connection with your Web browser. 4. Ensure that you have not exceeded the maximum number of Web Interface or CLI sessions. 5. Double-check the physical network connections. Use a well-known unit to ensure the network connection is properly functioning. 6. Perform network infrastructure troubleshooting (check switches, routers, and so on). 228 Troubleshooting Troubleshooting Concepts for Subscriber Module Communication Issues Two Units Are Unable to Communicate Wirelessly MeshMAX 5054 Series User Guide If a wireless link is possible after testing two units within close distance of each other, then there are two possible reasons why wireless connectivity is not possible while the MP.11 units are at their desired locations:
There may be a problem in the RF path, for example, a bad connector attachment (this is the most common problem in installations) or a bad cable (water ingress). NOTE: The cables can be swapped with known good ones as a temporary solution to verify cable quality. Another reason may be related to an interference problem caused by a high signal level from another radio. This can be checked by changing the frequency and then verifying whether another channel works better or by changing the polarization as a way of avoiding the interfering signal. To know in advance how much interference is present in a given environment, a Spectrum Analyzer can be attached to a (temporary) antenna for measuring the signal levels on all available Channels. NOTE: The antennas are usually not the problem, unless mounted upside down causing the drain hole to be quickly filled with radome. If a wireless link is not possible after testing two units within close distance of each other, then the problem is either hardware or configuration related, such as a wrong Network name, Encryption key, Network Secret or Base Station Name. To eliminate these issues from being a factor, resetting the both units to factory defaults is the recommended solution. If a wireless link is not possible after resetting the units and verifying that one unit is a BSU with WORP Base interface configured and the other is a Satellite, then the problem is not configuration related and the only remaining reason is a possible hardware problem. Acquiring a third unit and then testing it amongst the existing units will help pinpoint the broken unit. Setup and Configuration Issues The following issues relate to setup and configuration problems. Lost Password If you lost your password, you must reset the Subscriber unit to the default settings. See Hard Reset to Factory Default. The default password is public. If you record your password, keep it in a safe place. The Subscriber Module Responds Slowly If the Subscriber unit takes a long time to become available, it could mean that:
No DHCP server is available. The IP address of the Subscriber unit is already in use. Verify that the IP address is assigned only to the Subscriber unit. Do this by switching off the Subscriber unit and then pinging the IP address. If there is a response to the ping, another device in the network is using the same IP address. If the Subscriber unit uses a static IP address, switching to DHCP mode could remedy this problem. There is too much network traffic. TFTP Server Does Not Work With TFTP, you can transfer files to and from the Subscriber unit. Also see TFTP Server Setup. If a TFTP server is not properly configured and running, you cannot upload and download files. The TFTP server:
Can be situated either local or remote Must have a valid IP address Must be set for send and receive without time-out 229 Troubleshooting Troubleshooting Concepts for Subscriber Module MeshMAX 5054 Series User Guide Must be running only during file upload and download If the TFTP server does not upload or download files, it could mean:
The TFTP server is not running The IP address of the TFTP server is invalid The upload or download directory is not correctly set The file name is not correct Online Help Is Not Available Online help is not available:
1. Make sure that the Help files are installed on your computer or server. See Step 12: Install Documentation and Software. 2. Verify whether the path of the help files in the Web Interface refers to the correct directory. See Help Link. Changes Do Not Take Effect Changes made in the Web Interface do not take effect:
1. Restart your Web browser. 2. Log into the radio unit again and make changes. 3. Reboot the radio unit when prompted to do so. Wait until the reboot is completed before accessing the Subscriber unit again. VLAN Operation Issues The correct VLAN configuration can be verified by pinging wired hosts from both sides of the device and the network switch. Traffic can be sniffed on the wired (Ethernet) network. Packets generated by hosts and viewed on one of the backbones should contain IEEE 802.1Q compliant VLAN headers when in Transparent mode. The VLAN ID in the headers should correspond to one of the VLAN Management IDs configured for the unit in Trunk mode. The correct VLAN assignment can be verified by pinging:
The unit to ensure connectivity The switch to ensure VLAN properties Hosts past the switch to confirm the switch is functional Ultimately, traffic can be sniffed on the Ethernet interface using third-party packages. Most problems can be avoided by ensuring that 802.1Q compliant VLAN tags containing the proper VLAN ID have been inserted in the bridged frames. The VLAN ID in the header should correspond to the assigned VLAN. What if network traffic is being directed to a nonexistent host?
All sessions are disconnected, traffic is lost, and a manual override is necessary. Workaround: You can configure the switch to mimic the nonexistent host. Link Problems While wireless networking emerges more and more, the number of wireless connections to networks grows every day. The Tsunami MP.11 Subscriber unit is one of the successful product families used by customers today who enjoy the day after day high-speed, cost-effective connections. To successfully use the connections, technicians must be able to troubleshoot the system effectively. This section gives hints on how a Subscriber unit network could be analyzed in the case of no link, a situation in which the customer thinks that the link is down because there is no traffic being passed. The four general reasons that a wireless link may not work are related to:
230 Troubleshooting Troubleshooting Concepts for Subscriber Module MeshMAX 5054 Series User Guide Hardware Configuration Path issues (such as distance, cable loss, obstacles) Environment (anything that is outside the equipment and not part of the path itself) You have tested the equipment in the office and have verified that the hardware and configurations are sound. The path calculation has been reviewed, and the path has been double-checked for obstacles and canceling reflections. Still, the user reports that the link does not work. Most likely, the problem reported is caused by the environment or by improper tests to verify the connection. This article assumes that the test method, cabling, antennas, and antenna alignment have been checked. Always do this before checking the environment. General Check Two general checks are recommended before taking any action:
Check whether the software version at both sides is the most current Check for any reported alarm messages in the Event Log Statistics Check Interference and other negative environment factors always have an impact on the number of correctly received frames. The Tsunami MP.11 models give detailed information about transmission errors in the Web interface, under Monitor. The windows that are important for validating the health of the link are:
Monitor / Wireless / General (Lowest level of the wireless network): Check FCS errors: Rising FCS errors indicate interference or low fade margin. So does Failed count. If only one of those is high, this indicates that a source of interference is significant near one end of the link. Monitor / Interfaces / Wireless (One level higher than Wireless / General): The information is given after the wireless Ethernet frame is converted into a normal Ethernet frame. The parameters shown are part of the MIB-II. Both operational and admin status should be up. An admin status of down indicates that the interface is configured to be down. In Discards and Out Discards indicate overload of the buffers, likely caused by network traffic, which is too heavy. In Errors and Out Errors should never happen; however, it might happen if a frames FCS was correct while the content was still invalid. Monitor / Wireless / WORP (Statistics on WORP): WORP runs on top of normal Ethernet, which means that the WORP frame is in fact the data field of the Ethernet frame. Send Failure or Send Retries must be low in comparison to Send Success. Low is about 1%. The same applies for Receive Success versus Receive Retries and Receive Failures. Note that the Receive Failures and Retries can be inaccurate. A frame from the remote site might have been transmitted without even being received; therefore, the count of that frame might not have been added to the statistics and the receiver simply could not know that there was a frame. Remote Partners indicates how many SUs are connected (in case of a BSU) or whether a Base is connected (in case of a Subscriber). Base Announces should increase continuously. Registration Requests and Authentication Requests should be divisible by 3. WORP is designed in a way that each registration sequence starts with 3 identical requests. It is not a problem if, once in a while, one of those requests is missing. Missing requests frequently is to be avoided. 231 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module MeshMAX 5054 Series User Guide Monitor / Per Station (Information per connected remote partner): Check that the received signal level (RSL) is the same on both sides; this should be the case if output power is the same. Two different RSLs indicate a broken transmitter or receiver. A significant difference between Local Noise and Remote Noise could indicate a source of interference near the site with the highest noise. Normally, noise is about 80 dBm at 36 Mbps. This number can vary from situation to situation, of course, also in a healthy environment. Monitor / Link Test (Information used by Administrators for on-the-spot checking): Check the received signal level (RSL) and noise level. Compare the RSL with the values from path analysis. If the figures differ significantly from the values recorded at the Per Station window, check for environment conditions that change over time. Analyzing the Spectrum The ultimate way to discover whether there is a source of interference is to use a spectrum analyzer. Usually, the antenna is connected to the analyzer when measuring. By turning the antenna 360 degrees, one can check from which direction the interference is coming. The analyzer will also display the frequencies and the level of signal is detected. Proxim recommends performing the test at various locations to find the most ideal location for the equipment. Avoiding Interference When a source of interference is identified and when the level and frequencies are known, the next step is to avoid the interference. Some of the following actions can be tried:
Changing the channel to a frequency away from the interference is the first step in avoiding interference. The installer can select a DFS Preferred Channel. Each antenna has a polarization; try to change to a polarization different from the interferer. A small beam antenna looks only in one particular direction. Because of the higher gain of such an antenna, lowering the output power or adding extra attenuation might be required to stay legal. This solution cannot help when the source of interference is right behind the remote site. Lowering the antennas can help avoid seeing interference from far away. Move the antennas to a different location on the premises. This causes the devices to look from a different angle, causing a different pattern in the reception of the signals. Use obstructions such as buildings, when possible, to shield from the interference. Conclusion A spectrum analyzer can be a great help to identify whether interference might be causing link problems on Tsunami MP.11 systems. Before checking for interference, the link should be verified by testing in an isolated environment, to make sure that hardware works and your configurations are correct. The path analysis, cabling and antennas should be checked as well. Statistics in the web interface under Monitor tell if there is a link, if the link is healthy, and a continuous test can be done using the Link Test. Troubleshooting Concepts for Mesh and Access Point Module NOTE: This section helps you locate problems related to the AP device setup. For details about RADIUS, TFTP, serial communication programs (such as HyperTerminal), Telnet applications, or web browsers, please see the documentation that came with the respective application for assistance. 232 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module Troubleshooting Concepts MeshMAX 5054 Series User Guide The following list identifies important troubleshooting concepts and topics. The most common initialization and installation problems relate to IP addressing. For example, you must have valid IP addresses for both the AP and the management computer to access the units HTTP interface. IP Address management is fundamental. Factory default units are set for Dynamic (DHCP) IP Address assignment. The default IP address for the AP is 169.254.128.132 if your network does not have a DHCP server. If you connect the AP to a network with an active DHCP server, then use ScanTool to locate the IP address of your unit. If a DHCP server is not active on your subnet, then use ScanTool to assign a static IP address to the unit. The Trivial File Transfer Protocol (TFTP) provides a means to download and upload files. These files include the AP Image (executable program) and configuration files. If the AP password is lost or forgotten, you will need to reset to default values. The Soft Reset to Factory Default or Hard Reset to Factory Default procedures reset the configuration, but do not change the current AP Image. The AP Supports a Command Line Interface (CLI). If you are having trouble locating your AP on the network, connect to the unit directly using the serial interface and see CLI for Mesh and Access Point Module for CLI command syntax and parameter names. ScanTool does not work over routers. You must be connected to the same subnet/physical LAN segment to use ScanTool. Note that ScanTool also works over the wireless interface; you can run it on a wireless client connected to the target AP or an AP connected to the same LAN segment/subnet. If all else fails Use the Forced Reload procedure to erase the current AP Image and configuration file and then download a new image. Symptoms and Solutions Connectivity Issues Connectivity issues include any problem that prevents you from powering up or connecting to the AP. AP Unit Will Not Boot - No LED Activity 1. Make sure your power source is operating. 2. Make sure all cables are connected to the AP correctly. 3. If you are using PoE, make sure you are using a Category 5, foiled, twisted pair cable to power the AP. Serial Link Does Not Work 1. Make sure you are using a standard, straight-through, 9-pin serial cable. 2. Double-check the physical network connections. 3. Make sure your PC terminal program (such as HyperTerminal) is active and configured to the following values:
Com Port: (COM1, COM2, etc. depending on your computer);
Baud rate: 9600; Data bits: 8; Stop bits: 1; Flow Control: None; Parity: None;
Line Feeds with Carriage Returns
(In HyperTerminal select: File > Properties > Settings > ASCII Setup > Send Line Ends with Line Feeds) Basic Software Setup and Configuration Problems Lost AP, Telnet, or SNMP Password 1. Perform the Soft Reset to Factory Default in this guide. This procedure resets system and network parameters, but does not affect the AP Image. The default AP HTTP, Telnet, and SNMP passwords are all public. 233 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module MeshMAX 5054 Series User Guide Client Computer Cannot Connect 1. Client computers should have the same Network Name and security settings as the AP. 2. Network Names should be allocated and maintained by the Network Administrator. 3. See the documentation that came with your client card for additional troubleshooting suggestions. AP Has Incorrect IP Address 1. Default IP Address Assignment mode is dynamic (DHCP). If you do not have a DHCP server on your network, the default IP Address is 169.254.128.132. If you have more than one unintialized AP connected to the network, they will all have the same default IP address and you will not be able to communicate with them (due to an IP address conflict). In this case, assign each AP a static IP address via the serial cable or turn off all units but one and change the IP address using ScanTool one at a time. 2. The AP only contacts a DHCP server during boot-up. If your networks DHCP server is not available while the AP is booting, the device will use the default IP address (169.254.128.132). Reboot the AP once your DHCP server is on-line again or use the ScanTool to find the Access Points current IP address. 3. To find the units current IP address if using DHCP, open the IP Client Table in the DHCP Server and match the Access Points IP address to its MAC address (found on the product label). Alternatively, use ScanTool to identify an Access Points current IP address. 4. Once you have the current IP address, use the HTTP or CLI Interface to change the units IP settings, if necessary. 5. If you use static IP Address assignments, and cannot access the unit over Ethernet, use the Initializing the IP Addess using CLI procedure. Once the IP Address is set, you can use the Ethernet Interface to complete configuration. 6. Perform the Soft Reset to Factory Default in this guide. This will reset the unit to DHCP mode. If there is a DHCP Server on the network, the DHCP Server will assign an IP Address to the AP. HTTP Interface or Telnet Interface Does Not Work 1. Make sure you are using a compatible browser:
Microsoft Internet Explorer 6 with Service Pack 1 or later Netscape 7.1 or later 2. Make sure you have the proper IP address. Enter your Access Points IP Address in the browser address bar, similar to this example:
http://192.168.1.100 When the Enter Network Password window appears, leave the User Name field empty and enter the HTTP password in the Password field. The default HTTP password is public. 3. Use the CLI over the serial port to check the IP Access Table, which can be restricting access to Telnet and HTTP. HTML Help Files Do Not Appear 1. Verify that the HTML Help files are installed in the default directory:
C:/Program Files/ORiNOCO/AP-4x00MR-LR/HTML. If the Help files are not located in this folder, contact your network administrator to find out where the Help files are located on your server. 2. Copy the entire folder to your Web server. 3. Perform the following steps to specify the path for the Help files:
a. Click the Commands button in the HTTP interface. b. Select the Help tab located at the top of the screen. c. Enter the pathname where the Help files are located in the Help Link box. This must be an HTTP address. d. Click OK. 234 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module MeshMAX 5054 Series User Guide Telnet CLI Does Not Work 1. Make sure you have the proper IP Address. Enter your AP IP address in the Telnet connection dialog, from a DOS prompt, type:
C:\> telnet <AP IP Address>
2. Use the CLI over the serial port to check the IP Access Table, which can be restricting access to Telnet and HTTP. TFTP Server Does Not Work 1. Make sure the TFTP Server has been started. 2. Verify the IP address of the TFTP Server. The server may be local or remote, so long as it has a valid IP address. 3. Configure the TFTP Server to point to the folder containing the file to be downloaded (or to the folder in which the file is to be uploaded). 4. Verify that you have entered the proper AP Image file name (including the file extension) and directory path (if needed). If you have a problem uploading a file, verify that the TFTP server is configured to allow uploads (typically the default setting is to allow only downloads). 5. Client Connection Problems Client Software Finds No Connection Make sure you have configured your client software with the proper Network Name and Security settings. Network Names and WEP Keys are typically allocated and maintained by your network administrator. Client PC Card Does Not Work 1. Make sure you are using the latest PC Card driver software. 2. Download and install the latest ORiNOCO client software from http://support.proxim.com. Intermittent Loss of Connection 1. Make sure you are within range of an active AP. 2. You can check the signal strength using the signal strength gauge on your client software. Client Does Not Receive an IP Address - Cannot Connect to Internet 1. If the AP is configured as a DHCP server, open the Web-browser Interface and select the Configure button and then the Network tab to make sure the proper DHCP settings are being used. If you are not using the DHCP server feature on the AP, then make sure that your local DHCP server is accessible from the Access Points subnet. If using PoE, make sure you are not using a crossover Ethernet cable between the AP and the hub. 2. 3. VLAN Operation Issues Verifying Proper Operation of the VLAN Feature The correct VLAN configuration can be verified by pinging both wired and wireless hosts from both sides of the AP device and the network switch. Traffic can be sniffed on both the wired (Ethernet) and wireless (WDS) backbones (if configured). Bridge frames generated by wireless clients and viewed on one of the backbones should contain IEEE 802.1Q compliant VLAN headers or tags. The VLAN ID in the headers should correspond to one of the VLAN User IDs configured for the AP. NOTE: The Mesh and Access Point Module supports 16 VLAN/SSID pairs per wireless interface, each with a configured security profile. 235 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module MeshMAX 5054 Series User Guide VLAN Workgroups The correct VLAN assignment can be verified by pinging the AP to ensure connectivity, by pinging the switch to ensure VLAN properties, and by pinging hosts past the switch to confirm the switch is functional. Ultimately, traffic can be sniffed on the Ethernet or WDS interfaces (if configured) using third-party packages. Most problems can be avoided by ensuring that 802.1Q compliant VLAN tags containing the proper VLAN ID have been inserted in the bridged frames. The VLAN ID in the header should correspond to the users assigned network name. What if network traffic is being directed to a nonexistent host?
All sessions are disconnected, traffic is lost, and a Forced Reload is necessary. Workaround: you can configure the switch to mimic the nonexistent host. I have just configured the Management ID and now I can't manage the AP?
Check to ensure your password is correct. If your password is incorrect or all inbound packets do NOT have the correct tag, then a Forced Reload is necessary. CAUTION: The Forced Reload procedure disconnects all users and resets all values to factory defaults. There Is No Data Link 1. Verify that the indicator for the port is on. 2. Verify that the PoE hub is connected to the Ethernet network with a good connection. 3. Verify that the Ethernet cable is Category 5 or better and is less than 100 meters (approximately 325 feet) in length from the Ethernet source to the AP. 4. Try to connect a different device to the same port on the PoE hub if it works and a link is established, there is probably a faulty data link in the AP. 5. Try to re-connect the AP to a different output port (remember to move the input port accordingly) if it works, there is probably a faulty output or input port in the PoE hub or a bad RJ-45 connection. Overload Indications 1. Verify that you are not using a cross-over cable between the PoE output port and the AP. 2. Verify that there is no short over any of the twisted pair cables. 3. Move the device into a different output port (remember to move the input port accordingly); if it works, there is probably a faulty port or bad RJ-45 connection. Recovery Procedures The most common installation problems relate to IP addressing. For example, without the TFTP server IP Address, you will not be able to download a new AP Image to the AP. IP Address management is fundamental. We suggest you create a chart to document and validate the IP addresses for your system. If the password is lost or forgotten, you will need to reset the AP to default values. The Soft Reset to Factory Default and Hard Reset to Factory Default procedures reset configuration settings, but do not change the current AP Image. If the AP has a corrupted software image, follow the Forced Reload procedure to erase the current AP Image and download a new image. Soft Reset to Factory Defaults Use this procedure to reset the network configuration values, including the password, IP address, and subnet mask. The current AP Image is not deleted. 1. Click Commands > Reset. 2. Click Reset to Factory Default; the device is reset to its factory default state. 236 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module MeshMAX 5054 Series User Guide 3. If not using DHCP, use the ScanTool or use CLI over a serial connection to set the IP address, subnet mask, and other IP parameters. See CLI for Mesh and Access Point Module for CLI information. If you do not have access to the HTTP or CLI interfaces, use the procedure described in Hard Reset to Factory Default. Hard Reset to Factory Defaults If you cannot access the unit or you have lost its password, you can reset the unit to the factory default settings using the Reload button on the power injector, as described below. NOTE: This option is not available on FC versions of the hardware. 1. Using the end of a paper clip or pin, depress and hold the Reload button on the side of the units power injector for a minimum of 5 seconds but no more than 10 seconds. The configuration is deleted from the unit and the unit reboots, using a factory default configuration. NOTE: You need to use a pin or the end of a paperclip to press the button. CAUTION: If you hold the Reload button for longer than 20 seconds, you may go into Forced Reload mode, which erases the units embedded software. This software must be reloaded through an Ethernet connection with access to a TFTP server. See Forced Reload below for instructions. 2. If not using DHCP, use the ScanTool or use CLI over a serial connection to set the IP address, subnet mask, and other IP parameters. See CLI for Mesh and Access Point Module for CLI information. Forced Reload With Forced Reload, you bring the unit into bootloader mode by erasing the embedded software. Use this procedure only as a last resort if the unit does not boot and the procedure did not help. CAUTION: By completing this procedure, the embedded software in the AP will be erased. You will need to reload the software before the unit is operational. To do a forced reload:
1. Disconnect and reconnect power to the unit. 2. Using the end of a paper clip or pin, immediate press and hold the Reload button on the side of the units power injector for about 20 seconds. Image and configuration are deleted from the unit. 3. Follow one of the procedures below to load a new AP Image to the Access Point:
Download a New Image Using ScanTool Download a New Image Using the Bootloader CLI Because the CLI option requires a physical connection to the units serial port, Proxim recommends the ScanTool option. Download a New Image Using ScanTool To download the AP Image, you will need an Ethernet connection to the computer on which the TFTP server resides and to a computer that is running ScanTool (this is either two separate computers connected to the same network or a single computer running both programs). ScanTool detects if an Access Point does not have a valid software image installed. In this case, the TFTP Server and Image File Name parameters are enabled in the ScanTools Change screen so you can download a new image to the unit. (These fields are grayed out if ScanTool does not detect a software image problem.) Preparing to Download the AP Image Before starting, you need to know the Access Points IP address, subnet mask, the TFTP Server IP Address, and the AP Image file name. Make sure the TFTP server is running and configured to point to the folder containing the image to be downloaded. 237 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module MeshMAX 5054 Series User Guide Download Procedure Follow these steps to use ScanTool to download a software image to an Access Point with a missing image:
1. Download the latest software from http://support.proxim.com. 1. Copy the latest software updates to your TFTP server. 2. Launch ScanTool. 3. Highlight the entry for the AP you want to update and click Change. 4. Set IP Address Type to Static. NOTE: You need to assign static IP information temporarily to the Access Point since its DHCP client functionality is not available when no image is installed on the device. 5. Enter an unused IP address that is valid on your network in the IP Address field. You may need to contact your network administrator to get this address. 6. Enter the networks Subnet Mask in the field provided. 7. Enter the networks Gateway IP Address, if necessary. You may need to contact your network administrator to get this address. You should only need to enter the default gateway address (169.254.128.133) if the Access Point and the TFTP server are separated by a router. 8. Enter the IP address of your TFTP server in the field provided. 9. Enter the Image File Name (including the file extension). Enter the full directory path and file name. If the file is located in the default TFTP directory, you need enter only the file name. 10.Click OK. The Access Point will reboot and the download will begin automatically. You should see downloading activity begin after a few seconds within the TFTP servers status screen. 11.Click OK when prompted that the device has been updated successfully to return to the Scan List screen. 12.Click Cancel to close the ScanTool. 13.When the download process is complete, configure the AP. Download a New Image Using the Bootloader CLI To download the AP Image, you will need an Ethernet connection to the computer on which the TFTP server resides. This can be any computer on the LAN or connected to the AP with a cross-over Ethernet cable. You must also connect the AP to a computer with a standard serial cable and use a terminal client, such as HyperTerminal. From the terminal, enter CLI Commands to set the IP address and download an AP Image. Preparing to Download the AP Image Before starting, you need to know the Access Points IP address, subnet mask, the TFTP Server IP Address, and the AP Image file name. Make sure the TFTP server is running and configured to point to the folder containing the image to be downloaded. Download Procedure 1. Download the latest software from http://support.proxim.com. 2. Copy the latest software updates to your TFTP servers default directory. 3. Use a straight-through serial cable to connect the Access Points serial port to your computers serial port. 4. Open your terminal emulation program (like HyperTerminal) and set the following connection properties:
Baud rate: 9600 Com Port: <COM1, COM2, etc., depending on your computer>
Data Bits: 8 Stop bits: 1 238 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module MeshMAX 5054 Series User Guide Flow Control: None Parity: None 5. Under File > Properties > Settings > ASCII Setup, enable the Send line ends with line feeds option. HyperTerminal sends a line return at the end of each line of code. 6. Press the RESET button on the AP. The terminal display shows Power On Self Tests (POST) activity. After approximately 30 seconds, a message indicates: Sending Traps to SNMP manager periodically. After this message appears, press the ENTER key repeatedly until the following prompt appears:
[Device name]>
7. Enter only the following statements:
[Device name]> show (to view configuration parameters and values)
[Device name]> set ipaddrtype static
[Device name]> set ipaddr <Access Point IP Address>
[Device name]> set ipsubmask <IP Mask>
[Device name]> set tftpipaddr <TFTP Server IP Address>
[Device name]> set tftpfilename <AP Image File Name, including file extension>
[Device name]> set ipgw <Gateway IP Address>
[Device name]> show (to confirm your new settings)
[Device name]> reboot Example:
[Device name]> show
[Device name]> set ipaddrtype static
[Device name]> set ipaddr 10.0.0.12
[Device name]> set ipsubmask 255.255.255.0
[Device name]> set tftpipaddr 10.0.0.20
[Device name]> set tftpfilename MyImage.bin
[Device name]> set ipgw 10.0.0.30
[Device name]> show
[Device name]> reboot The AP will reboot and then download the image file. You should see downloading activity begin after a few seconds within the TFTP servers status screen. 8. When the download process is complete, configure the AP. Setting IP Address using Serial Port Use the following procedure to set an IP address over the serial port using the CLI. The network administrator typically provides the AP IP address. Hardware and Software Requirements Standard straight-through serial data (RS-232) cable with one DB9 connector and one RJ11 connector (not included with FC units). ASCII Terminal software, such as HyperTerminal. Attaching the Serial Port Cable 1. Connect one end of the serial cable to the AP and the other end to a serial port on your computer. 2. Power on the computer and AP, if necessary. 239 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module MeshMAX 5054 Series User Guide Initializing the IP Address using CLI After installing the serial port cable, you may use the CLI to communicate with the AP. CLI supports most generic terminal emulation programs, such as HyperTerminal (which is included with the Windows operating systems). In addition, many web sites offer shareware or commercial terminal programs you can download. Once the IP address has been assigned, you can use the HTTP interface or the CLI over Telnet to complete configuration. Follow these steps to assign the AP an IP address:
1. Open your terminal emulation program (like HyperTerminal) and set the following connection properties:
Baud rate: 9600 Com Port: <COM1, COM2, etc., depending on your computer>
Data Bits: 8 Stop bits: 1 Flow Control: None Parity: None 2. Under File > Properties > Settings > ASCII Setup, enable the Send line ends with line feeds option. HyperTerminal sends a line return at the end of each line of code. 3. Press the RESET button on the AP. The terminal display shows Power On Self Tests (POST) activity, and then displays a CLI prompt, similar to the example below. This process may take up to 90 seconds.
[Device name]> Please enter password:
4. Enter the CLI password (default is public). The terminal displays a welcome message and then the CLI Prompt:
[Device name]>
5. Enter show ip. Network parameters appear:
6. Change the IP address and other network values using set and reboot CLI commands, similar to the example below
(use your own IP address and subnet mask). Note that IP Address Type is set to Dynamic by default. If you have a DHCP server on your network, you should not need to manually configure the Access Points IP address; the Access Point will obtain an IP address from the networks DHCP server during boot-up. After each entry the CLI reminds you to reboot; however wait to reboot until all commands have been entered.
[Device name]> set ipaddrtype static
[Device name]> set ipaddr <IP Address>
[Device name]> set ipsubmask <IP Subnet Mask>
[Device name]> set ipgw <Default Gateway IP Address>
[Device name]> show ip (to confirm your new settings)
[Device name]> reboot 0 7. After the AP reboots, verify the new IP address by reconnecting to the CLI and enter a show ip command. Alternatively, you can ping the AP from a network computer to confirm that the new IP address has taken effect. 8. When the proper IP address is set, use the HTTP interface or CLI over Telnet to configure the rest of the units operating parameters. Related Applications RADIUS Authentication Server If you enabled RADIUS Authentication on the AP, make sure that your networks RADIUS servers are operational. Otherwise, clients will not be able to log in. There are several reasons the authentication server services might be unavailable, here are two typical things to check:
240 Troubleshooting Troubleshooting Concepts for Mesh and Access Point Module MeshMAX 5054 Series User Guide Make sure you have the proper RADIUS authentication server information setup configured in the AP. Check the RADIUS Authentication Servers Shared Secret and Destination Port number (default is 1812; for RADIUS Accounting, the default is 1813). Make sure the RADIUS authentication server RAS setup matches the AP. TFTP Server The Trivial File Transfer Protocol (TFTP) server allows you to transfer files across a network. You can upload configuration files from the AP for backup or copying, and you can download configuration files or new software images. The TFTP software is located on the installation CD. If a TFTP server is not configured and running, you will not be able to download and upload images and configuration files to/from the AP. Remember that the TFTP server does not have to be local, so long as you have a valid TFTP IP address. Note that you do not need a TFTP server running unless you want to transfer files to or from the AP. After the TFTP server is installed:
Check to see that TFTP is configured to point to the directory containing the AP Image. Make sure you have the proper TFTP server IP Address, the proper AP Image file name, and that the TFTP server is connected. Make sure the TFTP server is configured to both Transmit and Receive files (on the TFTP servers Security tab), with no automatic shutdown or time-out (on the Auto Close tab). 241 Country Codes for Subscriber Module MeshMAX 5054 Series User Guide A In the CLI and MIB browser, the country code is set using the string code, as shown in the following example. Example: To set Taiwan as the country:
set syscountrycode TW NOTE: The country code must be entered in capital letters. 242 Country Codes for Subscriber Module Channels/Frequencies by Country Channels/Frequencies by Country MeshMAX 5054 Series User Guide Allowed Channels (Center Freq) 20 MHz 10 MHz 5 MHz All 20 MHz channels. All 10 MHz channels. All 5 MHz channels. Country (Code) All Channels - 5 GHz (A5) Argentina (AR) Frequency Bands All 5 GHz bands 5.25 - 5.35 GHz and 5.725 - 5.825 GHz DFS No No Australia (AU) 5.725 - 5.85 GHz No Austria (AT) 5.47 - 5.725 GHz Yes Belgium (BE) 5.47 - 5.725 GHz Yes 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805) 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Belize (BZ) 5.725 - 5.85 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 243 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Bolivia (BO) 5.725 - 5.85 GHz No Brazil (BR) 5.47 - 5.725 GHz Yes Brazil 5.8 GHz (B1) 5.725 - 5.85 GHz No Brunei Darussalam (BN) 5.725 - 5.85 GHz No Bulgaria (BG) 5.47 - 5.725 GHz Yes 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Canada (CA) 5.725 - 5.85 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 244 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Canada DFS (C1) 5.25 - 5.35 GHz and 5.47 - 5.725 GHz Yes China (CN) 5.725 - 5.85 GHz No Colombia (CO) 5.25 - 5.35 GHz and 5.725 - 5.85 GHz No Cyprus (CY) 5.47 - 5.725 GHz Yes MeshMAX 5054 Series User Guide 20 MHz 56 (5280), 60 (5300), 64 (5320), 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Allowed Channels (Center Freq) 10 MHz 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 5 MHz 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 245 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Czech Republic 5.47 - 5.725 GHz Yes Denmark (DK) 5.47 - 5.725 GHz Yes 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Dominican Republic (DO) 5.25 - 5.35 GHz and 5.725 - 5.85 GHz No 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) Estonia (EE) 5.47 - 5.725 GHz Yes 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 246 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Finland (FI) 5.47 - 5.725 GHz Yes France (FR) 5.47 - 5.725 GHz Yes Germany (DE) 5.47 - 5.725 GHz Yes Greece (GR) 5.47 - 5.725 GHz Yes MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 247 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Guatemala (GT) 5.25 - 5.35 GHz and 5.725 - 5.85 GHz No Hong Kong (HK) 5.725 - 5.85 GHz No Hungary (HU) 5.47 - 5.725 GHz Yes Iceland (IS) 5.47 - 5.725 GHz Yes MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 248 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS India (IN) 5.15 - 5.35 GHz and 5.725 - 5.870 GHz No Iran (IR) 5.725 - 5.85 GHz No Ireland (IE) 5.47 - 5.725 GHz Yes 36 (5180), 40 (5200), 44 (5220), 48 (5240), 52 (5260), 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825), 169 (5845), 173 (5865) 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Ireland 5.8 GHz (I1) 5.725 - 5.85 GHz Yes 147 (5735), 151 (5755), 155 (5775), 167 (5835) MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 36 (5180), 38 (5190), 40 (5200), 42 (5210), 44 (5220), 46 (5230), 48 (5240), 50 (5250), 52 (5260), 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835), 169 (5845), 171 (5855), 173 (5865) 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 145 (5725), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 163 (5815), 165 (5825), 167 (5835), 169 (5845) 36 (5180), 37 (5185), 38 (5190), 39 (5195), 40 (5200), 41 (5205), 42 (5210), 43 (5215), 44 (5220), 45 (5225), 46 (5230), 47 (5235), 48 (5240), 49 (5245), 50 (5250), 51 (5255), 52 (5260), 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835), 168 (5840), 169 (5845), 170 (5850), 171 (5855), 172 (5860), 173 (5865), 174 (5870) 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 145 (5725), 146 (5730), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835), 168 (5840), 169 (5845), 170 (5850) 249 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Italy (IT) 5.47 GHz Yes MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Japan (JP) 5.25 - 5.35 GHz Yes Japan2 (J2) 5.15 - 5.25 GHz No 56 (5280), 60 (5300), 64 (5320) 34 (5170), 38 (5190), 42 (5210), 46 (5230) Korea Republic (KR) 5.725 - 5.825 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805) Korea Republic2 (K2) 5.725 - 5.825 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805) Latvia (LV) 5.47 - 5.725 GHz Yes 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330) 32 (5160),34 (5170), 36 (5180), 38 (5190), 40 (5200), 42 (5210), 44 (5220), 46 (5230), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335) 32 (5160), 33 (5165), 34 (5170), 35 (5175), 36 (5180), 37 (5185), 38 (5190), 39 (5195), 40 (5200), 41 (5205), 42 (5210), 43 (5215), 44 (5220), 45 (5225), 46 (5230) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 250 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Liechtenstein (LI) 5.47 - 5.725 GHz Yes Lithuania (LT) 5.47 - 5.725 GHz Yes Luxembourg (LU) 5.47 - 5.725 GHz Yes 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Macau (MO) 5.725 - 5.85 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 251 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Malaysia (MY) 5.25 - 5.35 GHz and 5.725 - 5.85 GHz No Malta (MT) 5.47 - 5.725 GHz Yes Mexico (MX) 5.725 - 5.85 GHz No Netherlands (NL) 5.47 - 5.725 GHz Yes 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) New Zealand (NZ) 5.725 - 5.85 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 252 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS North Korea (KP) 5.725 - 5.825 GHz No Norway (NO) 5.47 - 5.725 GHz Yes 149 (5745), 153 (5765), 157 (5785), 161 (5805) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Panama (PA) 5.25 - 5.35 GHz and 5.725 - 5.85 GHz No 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) Philippines (PH) 5.25 - 5.35 GHz and 5.725 - 5.85 GHz No 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) Poland (PL) 5.47 - 5.725 GHz Yes 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 253 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Portugal (PT) 5.47 - 5.725 GHz Yes 20 MHz 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Puerto Rico (PR) 5.25 - 5.35 GHz and 5.725 - 5.85 GHz No 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) MeshMAX 5054 Series User Guide Allowed Channels (Center Freq) 10 MHz 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 5 MHz 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 254 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Russia (RU) Frequency Bands 5.15 - 6.08 GHz DFS No 20 MHz 30 (5150), 34 (5170), 38 (5190), 42 (5210), 46 (5230), 50 (5250), 54 (5270), 58 (5290), 62 (5310), 66 (5330), 70 (5350), 74 (5370), 78 (5390), 82 (5410), 86 (5430), 90 (5450), 94 (5470), 98 (5490), 102 (5510), 106 (5530), 110 (5550), 114 (5570), 118 (5590), 122 (5610), 126 (5630), 130 (5650), 134 (5670), 138 (5690), 142 (5710), 146 (5730), 150 (5750), 154 (5770), 158 (5790), 162 (5810), 166 (5830), 170 (5850), 174 (5870), 178 (5890), 182 (5910), 186 (5930), 190 (5950), 194 (5970), 198 (5990), 202 (6010), 206 (6030), 210 (6060), 214 (6070) MeshMAX 5054 Series User Guide Allowed Channels (Center Freq) 10 MHz 30 (5150), 32 (5160), 34 (5170), 36 (5180) 38 (5190), 40 (5200), 42 (5210), 44 (5220), 46 (5230), 48 (5240), 50 (5250), 52 (5260), 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 68 (5340), 70 (5350), 72 (5360), 74 (5370), 76 (5380), 78 (5390), 80 (5400), 82 (5410), 84 (5420), 86 (5430), 88 (5440), 90 (5450), 92 (5460), 94 (5470), 96 (5480), 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710), 144 (5720), 146 (5730), 148 (5740), 150 (5750), 152 (5760), 154 (5770), 156 (5780), 158 (5790), 160 (5800), 162 (5810), 164 (5820), 166 (5830), 168 (5840), 170 (5850), 172 (5860), 174 (5870), 176 (5880) 178 (5890), 180 (5900), 182 (5910), 184 (5920), 186 (5930), 188 (5940), 190 (5950), 192 (5960), 194 (5970), 196 (5980), 198 (5990), 200 (6000), 202 (6010), 204 (6020), 206 (6030), 208 (6040), 210 (6050), 212 (6060), 214 (6070) 5 MHz 30 (5150), 31 (5155), 32 (5160), 33 (5165), 34 (5170), 35 (5175), 36 (5180), 37 (5185), 38 (5190), 39 (5195), 40 (5200), 41 (5205), 42 (5210), 43 (5215), 44 (5220), 45 (5225), 46 (5230), 47 (5235), 48 (5240), 49 (5245), 50 (5250), 51 (5255), 52 (5260), 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 68 (5340), 69 (5345), 70 (5350), 71 (5355), 72 (5360), 73 (5365), 74 (5370), 75 (5375), 76 (5380), 77 (5385), 78 (5390), 79 (5395), 80 (5400), 81 (5405), 82 (5410), 83 (5415), 84 (5420), 85 (5425), 86 (5430), 87 (5435), 88 (5440), 89 (5445), 90 (5450), 91 (5455), 92 (5460), 93 (5465), 94 (5470), 95 (5475), 96 (5480), 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710), 143 (5715), 144 (5720), 145 (5725), 146 (5730), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835), 168 (5840), 169 (5845), 170 (5850), 164 (5820), 165 (5825), 166 (5830), 167 (5835), 168 (5840), 169 (5845), 170 (5850), 171 (5855), 172 (5860), 173 (5865), 174 (5870), 175 (5875), 176 (5880), 177 (5885), 178 (5890), 179 (5895), 180 (5900), 181 (5905), 182 (5910), 183 (5915), 184 (5920), 185 (5925), 186 (5930), 187 (5935), 188 (5940), 189 (5945), 190 (5950), 191 (5955), 192 (5960), 193 (5965), 194 (5970), 195 (5975), 196 (5980), 197 (5855), 198 (5990), 199 (5995), 200 (6000), 201 (6005), 202 (6010), 203 (6015), 204 (6020), 205 (6025), 206 (6030), 207 (6035), 208 (6040), 209 (6045), 210 (6050), 211 (6055), 212 (6060), 213 (6065), 214 (6070) 215 (6075) 255 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Saudi Arabia (SA) 5.15 - 5.35 GHz and 5.725 - 5.825 GHz No Singapore (SG) 5.15 - 5.25 GHz and 5.725 - 5.85 GHz No Slovak Republic (SK) 5.47 - 5.725 GHz Yes Slovenia (SI) 5.47 - 5.725 GHz Yes MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 36 (5180), 40 (5200), 44 (5220), 48 (5240), 52 (5260), 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805) 36 (5180), 40 (5200), 44 (5220), 48 (5240), 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 36 (5180), 38 (5190), 40 (5200), 42 (5210), 44 (5220), 46 (5230), 48 (5240), 50 (5250), 52 (5260), 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815) 36 (5180), 38 (5190), 40 (5200), 42 (5210), 44 (5220), 46 (5230), 48 (5240), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 36 (5180), 37 (5185), 38 (5190), 39 (5195), 40 (5200), 41 (5205), 42 (5210), 43 (5215), 44 (5220), 45 (5225), 46 (5230), 47 (5235), 48 (5240), 49 (5245), 50 (5250), 51 (5255), 52 (5260), 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815) 36 (5180), 37 (5185), 38 (5190), 39 (5195), 40 (5200), 41 (5205), 42 (5210), 43 (5215), 44 (5220), 45 (5225), 46 (5230), 47 (5235), 48 (5240), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 256 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS South Africa (ZA) 5.47 - 5.725 GHz Yes Spain (ES) 5.47 - 5.725 GHz Yes Sweden (SE) 5.47 - 5.725 GHz Yes Switzerland (CH) 5.47 - 5.725 GHz Yes MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 257 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS Taiwan (158) 5.25 - 5.35 GHz and 5.725 - 5.825 GHz No 56 (5280), 60 (5300), 64 (5320), 149 (5745), 153 (5765), 157 (5785), 161 (5805) MeshMAX 5054 Series User Guide 20 MHz 10 MHz 5 MHz Allowed Channels (Center Freq) Thailand (TH) 5.725 - 5.825 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805) United Kingdom (GB) 5.47 - 5.725 GHz Yes 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) United Kingdom 5.8 GHz (G1) 5.725 - 5.85 GHz Yes 147 (5735), 151 (5755), 155 (5775), 167 (5835) United States (US) 5.725 - 5.85 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805), 165 (5825) 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815) 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 145 (5725), 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 163 (5815), 165 (5825), 167 (5835), 169 (5845) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815), 165 (5825), 167 (5835) 53 (5265), 54 (5270), 55 (5275), 56 (5280), 57 (5285), 58 (5290), 59 (5295), 60 (5300), 61 (5305), 62 (5310), 63 (5315), 64 (5320), 65 (5325), 66 (5330), 67 (5335), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815) 97 (5485), 98 (5490), 99 (5495), 100 (5500), 101 (5505), 102 (5510), 103 (5515), 104 (5520), 105 (5525), 106 (5530), 107 (5535), 108 (5540), 109 (5545), 110 (5550), 111 (5555), 112 (5560), 113 (5565), 114 (5570), 115 (5575), 116 (5580), 117 (5585), 118 (5590), 119 (5595), 120 (5600), 121 (5605), 122 (5610), 123 (5615), 124 (5620), 125 (5625), 126 (5630), 127 (5635), 128 (5640), 129 (5645), 130 (5650), 131 (5655), 132 (5660), 133 (5665), 134 (5670), 135 (5675), 136 (5680), 137 (5685), 138 (5690), 139 (5695), 140 (5700), 141 (5705), 142 (5710) 145 (5725), 146 (5730), 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835), 168 (5840), 169 (5845), 170 (5850) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815), 164 (5820), 165 (5825), 166 (5830), 167 (5835) 258 Country Codes for Subscriber Module Channels/Frequencies by Country Country (Code) Frequency Bands DFS United States DFS (U1) 5.25 - 5.35 GHz and 5.47 - 5.725 GHz Yes 20 MHz 56 (5280), 60 (5300), 64 (5320), 100 (5500), 104 (5520), 108 (5540), 112 (5560), 116 (5580), 120 (5600), 124 (5620), 128 (5640), 132 (5660), 136 (5680), 140 (5700) Uruguay (UY) 5.725 - 5.825 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805) Venezuela (VE) 5.725 - 5.825 GHz No 149 (5745), 153 (5765), 157 (5785), 161 (5805) MeshMAX 5054 Series User Guide Allowed Channels (Center Freq) 10 MHz 54 (5270), 56 (5280), 58 (5290), 60 (5300), 62 (5310), 64 (5320), 66 (5330), 98 (5490), 100 (5500), 102 (5510), 104 (5520), 106 (5530), 108 (5540), 110 (5550), 112 (5560), 114 (5570), 116 (5580), 118 (5590), 120 (5600), 122 (5610), 124 (5620), 126 (5630), 128 (5640), 130 (5650), 132 (5660), 134 (5670), 136 (5680), 138 (5690), 140 (5700), 142 (5710) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815) 147 (5735), 149 (5745), 151 (5755), 153 (5765), 155 (5775), 157 (5785), 159 (5795), 161 (5805), 163 (5815) 5 MHz NA 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815) 147 (5735), 148 (5740), 149 (5745), 150 (5750), 151 (5755), 152 (5760), 153 (5765), 154 (5770), 155 (5775), 156 (5780), 157 (5785), 158 (5790), 159 (5795), 160 (5800), 161 (5805), 162 (5810), 163 (5815) 259 CLI for Mesh and Access Point Module MeshMAX 5054 Series User Guide B This section discusses the following:
General Notes Command Line Interface (CLI) Variations CLI Command Types Using Tables and Strings Configuring the AP using CLI commands CLI Monitoring Parameters Parameter Tables CLI Batch File CLI commands can be used to initialize, configure, and manage the Access Point. CLI commands may be entered in real time through a keyboard or submitted with CLI scripts. A CLI Batch file is a user-editable configuration file that provides a user-friendly way to change the AP configuration through a file upload. The CLI Batch file is an ASCII file that facilitates Auto Configuration because it does not require the user to access one of the APs management interfaces to make configuration changes as is required with the proprietary LTV format configuration file. The CLI is available through both the Serial Port interface and over the Ethernet interface using Telnet. NOTE: All CLI commands and parameters are case-sensitive. 260 CLI for Mesh and Access Point Module User Guide General Notes Prerequisite Skills and Knowledge MeshMAX 5054 Series User Guide To use this document effectively, you should have a working knowledge of Local Area Networking (LAN) concepts, network access infrastructures, and client-server relationships. In addition, you should be familiar with software setup procedures for typical network operating systems and servers. Notation Conventions Computer prompts are shown as constant width type. For example: [Device-Name]>
Information that you input as shown is displayed in bold constant width type. For example:
[Device name]> set ipaddr 10.0.0.12 The names of keyboard keys, software buttons, and field names are displayed in bold type. For example: Click the Configure button. Screen names are displayed in bold italics. For example, the System Status screen. Important Terminology Configuration Files - Database files containing the current Access Point configuration. Configuration items include the IP Address and other network-specific values. Config files may be downloaded to the Access Point or uploaded for backup or troubleshooting. Download vs. Upload - Downloads transfer files to the Access Point. Uploads transfer files from the Access Point. The TFTP server performs file transfers in both directions. Group - A logical collection of network parameter information. For example, the System Group is composed of several related parameters. Groups can also contain Tables. All items for a given Group can be displayed with a show
<Group> CLI Command. Image File - The Access Point software executed from RAM. To update an Access Point you typically download a new Image File. This file is often referred to as the AP Image. Parameter - A fundamental network value that can be displayed and may be changeable. For example, the Access Point must have a unique IP Address and the Wireless interface must be assigned an SSID. Change parameters with the CLI set Command, and view them with the CLI show Command. Table - Tables hold parameters for several related items. For example, you can add several potential managers to the SNMP Table. All items for a given Table can be displayed with a show <Table> CLI Command. TFTP - Refers to the TFTP Server, used for file transfers. Navigation and Special Keys This CLI supports the following navigation and special key functions to move the cursor along the prompt line. Key Combination Delete or Backspace Ctrl-A Ctrl-E Ctrl-F Ctrl-B Ctrl-D Ctrl-U Ctrl-P Ctrl-N Ctrl-W Operation Delete previous character Move cursor to beginning of line Move cursor to end of line Move cursor forward one character Move cursor back one character Delete the character the cursor is on Delete all text to left of cursor Go to the previous line in the history buffer Go to the next line in the history buffer Delete the previous word 261 CLI for Mesh and Access Point Module User Guide Key Combination Operation Tab
Complete the command line List available commands CLI Error Messages MeshMAX 5054 Series User Guide The following table describes the error messages associated with improper inputs or expected CLI behavior. Error Message Description Invalid syntax entered at the command prompt. A non-existent command has been entered at the command prompt. An invalid parameter name has been entered at the command prompt. An invalid parameter value has been entered at the command prompt. An invalid table index has been entered at the command prompt. An invalid table parameter has been entered at the command prompt. Syntax Error Invalid Command Invalid Parameter Name Invalid Parameter Value Invalid Table Index Invalid Table Parameter Invalid Table Parameter Value An invalid table parameter value has been entered at the command prompt. Read Only Parameter Incorrect Password Download Unsuccessful User is attempting to configure a read-only parameter. An incorrect password has been entered in the CLI login prompt. The download operation has failed due to incorrect TFTP server IP Address or file name. The upload operation has failed due to incorrect TFTP server IP Address or file name. Upload Unsuccessful 262 CLI for Mesh and Access Point Module User Guide Command Line Interface (CLI) Variations MeshMAX 5054 Series User Guide Administrators use the CLI to control Access Point operation and monitor network statistics. The AP supports two types of CLI: the Bootloader CLI and the normal CLI. The Bootloader CLI provides a limited command set, and is used when the current AP Image is bad or missing. The Bootloader CLI allows you to assign an IP Address and download a new image. Once the image is downloaded and running, the Access Point uses the normal CLI. This guide covers the normal CLI unless otherwise specified. Bootloader CLI reboot command to reboot the device configuration of initial device parameters using the set command The Bootloader CLI is a minimal subset of the normal CLI used to perform initial configuration of the AP. This interface is only accessible via the serial interface if the AP does not contain a software image or a download image command over TFTP has failed. The Bootloader CLI provides you with the ability to configure the initial setup parameters as well as download a software image to the device. The following functions are supported by the Bootloader CLI:
show command to view the devices configuration parameters help command to provide additional information on all commands supported by the Bootloader CLI The parameters supported by the Bootloader CLI (for viewing and modifying) are:
System Name Gateway IP Address TFTP Server IP Address The following lists display the results of using the help command in the Bootloader CLI:
IP Address Assignment Type IP Address IP Mask Image File Name (including the file extension) Figure B-1 Results of help bootloader CLI command The following lists display the results of using the show command in the Bootloader CLI:
263 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Figure B-2 Results of show bootloader CLI command 264 CLI for Mesh and Access Point Module User Guide CLI Command Types MeshMAX 5054 Series User Guide This guide divides CLI Commands into two categories: Operational and Parameter Controls. Operational CLI Commands These commands affect Access Point behavior, such as downloading, rebooting, and so on. After entering commands
(and parameters, if any) press the Enter key to execute the Command Line. Operational commands include:
?: Typing a question mark lists CLI Commands or parameters, depending on usage (you do not need to type Enter after typing this command) done, exit, quit: Terminates the CLI session download: Uses a TFTP server to download image files, config files, bootloader upgrade files, a license file, SSL certificates, SSL private keys, SSH public keys, SSH private keys, or CLI Batch Files to the Access Point help: Displays general CLI help information or command help information, such as command usage and syntax history: Remembers commands to help avoid re-entering complex statements passwd: Sets the Access Points CLI password search: Lists the parameters in a specified Table upload: Uses TFTP server to upload config files from Access Point to TFTP default directory or specified path reboot: Reboots the Access Point in the specified time
? (List Commands) This command can be used in a number of ways to display available commands and parameters. The following table lists each operation and provides a basic example. Following the table are detailed examples and display results for each operation. Operation Display the Command List (Example 1) Display commands that start with specified letters
(Example 2) Display parameters for set and show Commands
(Examples 3a and 3b) Prompt to enter successive parameters for Commands (Example 4) Basic Example
[Device-Name]>?
[Device-Name]>s?
[Device-Name]>set ?
[Device-Name]>show ipa?
[Device-Name]>download ?
Example 1. Display Command list To display the Command List, enter ?.
[Device-Name]>?
Figure B-3 Result of ? CLI command 265 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Example 2. Display specific Commands To show all commands that start with specified letters, enter one or more letters, then ? with no space between letters and ?.
[Device-Name]>s?
Figure B-4 Result of s? CLI command Example 3. Display parameters for set and show Example 3a allows you to see every possible parameter for the set (or show) commands. Notice from example 3a that the list is very long. Example 3b shows how to display a subset of the parameters based on initial parameter letters. Example 3a. Display every parameter that can be changed
[Device-Name]>set ?
. Figure B-5 Result of set ? CLI command Example 3b. Display parameters based on letter sequence This example shows entries for parameters that start with the letter i. The more letters you enter, the fewer the results returned. Notice that there is no space between the letters and the question mark.
[Device-Name]> show ipa?
Figure B-6 Result of show ipa? CLI command
[Device-Name]> show iparp?
266 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Figure B-7 Result of show iparp? CLI command Example 4. Display Prompts for Successive Parameters Enter the command, a space, and then ?. Then, when the parameter prompt appears, enter the parameter value. The parameter is changed and a new CLI line is echoed with the new value (in the first part of the following example, the value is the IP Address of the TFTP server). After entering one parameter, you may add another ? to the new CLI line to see the next parameter prompt, and so on until you have entered all of the required parameters. The following example shows how this is used for the download Command. The last part of the example shows the completed download Command ready for execution.
[Device-Name]> download ?
<TFTP IP Address>
[Device-Name]> download 192.168.0.101 ?
<File Name>
[Device-Name]> download 192.168.0.101 apimage ?
<file type (config/img/bootloader)>
[Device-Name]> download 192.168.0.101 apimage img <CR>
done, exit, quit Each of the following commands ends a CLI session:
[Device-Name]> done
[Device-Name]> exit
[Device-Name]> quit download Downloads the specified file from a TFTP server to the Access Point. Executing download in combination with the asterisks character (*) will make use of the previously set TFTP parameters. Executing download without parameters will display command help and usage information. 1. Syntax to download a file:
[Device-Name]>download <tftp server address> <path and filename> <file type>
Example:
[Device-Name]>download 192.168.1.100 APImage2 img 2. Syntax to display help and usage information:
[Device-Name]>download 3. Syntax to execute the download Command using previously set (stored) TFTP Parameters:
[Device-Name]>download *
267 CLI for Mesh and Access Point Module User Guide help MeshMAX 5054 Series User Guide Displays instructions on using control-key sequences for navigating a Command Line and displays command information and examples. 1. Using help as the only argument:
[Device-Name]>help Figure B-8 Results of help CLI command 2. Complete command description and command usage can be provided by:
[Device-Name]>help <command name>
[Device-Name]><command name> help history Shows content of Command History Buffer. The Command History Buffer stores command statements entered in the current session. To avoid re-entering long command statements, use the keyboard up arrow (Ctrl-P) and down arrow
(Ctrl-N) keys to recall previous statements from the Command History Buffer. When the desired statement reappears, press the Enter key to execute, or you may edit the statement before executing it.
[Device-Name]> history passwd Changes the CLI Password.
[Device-Name]> passwd oldpassword newpassword newpassword reboot Reboots Access Point after specified number of seconds. Specify a value of 0 (zero) for immediate reboot.
[Device-Name]> reboot 0
[Device-Name]> reboot 30 268 CLI for Mesh and Access Point Module User Guide search MeshMAX 5054 Series User Guide Lists the parameters supported by the specified table. This list corresponds to the table information displayed in the HTTP interface. In this example, the CLI returns the list of parameters that make up an entry in the IP Access Table.
[Device-Name]> search mgmtipaccesstbl Figure B-9 Results of search mgmtipaccesstbl CLI command upload Uploads a text-based configuration file from the AP to the TFTP Server. Executing upload with the asterisk character
(*) will make use of the previously set/stored TFTP parameters. Executing upload without parameters will display command help and usage information. 1. Syntax to upload a file:
[Device-Name]>upload <tftp server address> <path and filename> <filetype>
Example:
[Device-Name]>upload 192.168.1.100 APconfig.sys config 2. Syntax to display help and usage information:
[Device-Name]>help upload 3. Syntax to execute the upload command using previously set (stored) TFTP Parameters:
[Device-Name]>upload *
Parameter Control Commands The following sections cover the two Parameter Control Commands (show and set) and include several tables showing parameter properties. These commands allow you to view (show) all parameters and statistics and to change (set) parameters. show: To see any Parameter or Statistic value, you can specify a single parameter, a Group, or a Table. set: Use this CLI Command to change parameter values. You can use a single CLI statement to modify Tables, or you can modify each parameter separately. show CLI Command Displays the value of the specified parameter, or displays all parameter values of a specified group (parameter table). Groups contain Parameters and Tables. Tables contain parameters for a series of similar entities. To see a definition and syntax example, type only show and then press the Enter key. To see a list of available parameters, enter a question mark (?) after show (example: show ?). Syntax:
[Device-Name]>show <parameter>
[Device-Name]>show <group>
[Device-Name]>show <table>
Examples:
[Device-Name]>show ipaddr 269 CLI for Mesh and Access Point Module User Guide
[Device-Name]>show network
[Device-Name]>show mgmtipaccesstbl set CLI Command MeshMAX 5054 Series User Guide Sets (modifies) the value of the specified parameter. To see a definition and syntax example, type only set and then press the Enter key. To see a list of available parameters, enter a space, then a question mark (?) after set (example: set?). Syntax:
[Device-Name]>set <parameter> <value>
[Device-Name]>set <table> <index> <argument 1> <value 1> ... <argument N> <value N>
Example:
[Device-Name]>set sysloc Main Lobby
[Device-Name]>set mgmtipaccesstbl 0 ipaddr 10.0.0.10 ipmask 255.255.0.0 Configuring Objects that Require Reboot Certain objects supported by the Access Point require a device reboot in order for the changes to take effect. In order to inform the end-user of this behavior, the CLI provides informational messages when the user has configured an object that requires a reboot. The following messages are displayed as a result of the configuring such object or objects. Example 1: Configuring objects that require the device to be rebooted The following message is displayed every time the user has configured an object that requires the device to be rebooted.
[Device-Name]>set ipaddr 135.114.73.10 The following elements require reboot ipaddr Example 2: Executing the exit, quit, or done commands when an object that requires reboot has been configured In addition to the above informational message, the CLI also provides a message as a result of the exit, quit, or done command if changes have been made to objects that require reboot. If you make changes to objects that require reboot and execute the exit command the following message is displayed:
[Device-Name]>exit<CR> OR quit<CR> OR done<CR>
Modifications have been made to parameters that require the device to be rebooted. These changes will only take effect after the next reboot. set and show Command Examples In general, you will use the CLI show Command to view current parameter values and use the CLI set Command to change parameter values. As shown in the following examples, parameters may be set individually or all parameters for a given table can be set with a single statement. Example 1 - Set the Access Point IP Address Parameter Syntax:
[Device-Name]>set <parameter name> <parameter value>
Example:
[Device-Name]> set ipaddr 10.0.0.12 IP Address will be changed when you reboot the Access Point. The CLI reminds you when rebooting is required for a change to take effect. To reboot immediately, enter reboot 0 (zero) at the CLI prompt. 270 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Example 2 - Create a table entry or row Use 0 (zero) as the index to a table when creating an entry. When creating a table row, only the mandatory table elements are required (comment is usually an optional table element). For optional table elements, the default value is generally applied if you do not specify a value. Syntax:
[Device-Name]>set <table name> <table index> <element 1> <value 1>
<element n> <value n>
Example:
[Device-Name]> set mgmtipaccesstbl 0 ipaddr 10.0.0.10 ipmask 255.255.0.0 A new table entry is created for IP address 10.0.0.10 with a 255.255.0.0 subnet mask. Example 3 - Modify a table entry or row Use the index to be modified and the table elements you would like to modify. For example, suppose the IP Access Table has one entry and you wanted to modify the IP address:
[Device-Name]>set mgmtipaccesstbl 1 ipaddr 10.0.0.11 You can also modify several elements in the table entry. Enter the index number and specific table elements you would like to modify. (Hint: Use the search Command to see the elements that belong to the table.)
[Device-Name]>set mgmtipaccesstbl 1 ipaddr 10.0.0.12 ipmask 255.255.255.248 cmt First Row Example 4 - Enable, Disable, or Delete a table entry or row The following example illustrates how to manage the second entry in a table. Syntax:
[Device-Name]>set <Table> index status <enable, disable, delete>
[Device-Name]>set <Table> index status <1=enable, 2=disable, 3=delete>
Example:
[Device-Name]>set mgmtipaccesstbl 2 status enable
[Device-Name]>set mgmtipaccesstbl 2 status disable
[Device-Name]>set mgmtipaccesstbl 2 status delete
[Device-Name]>set mgmtipaccesstbl 2 status 2 NOTE: You may need to enable a disabled table entry before you can change the entrys elements. Example 5 - Show the Group Parameters This example illustrates how to view all elements of a group or table. Syntax:
[Device-Name]> show <group name>
Example:
[Device-Name]>show network The CLI displays network group parameters. Note show network and show ip return the same data. 271 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Figure B-10 Results of show network and show ip CLI Commands Example 6 - Show Individual and Table Parameters 1. View a single parameter. Syntax:
[Device-Name]>show <parameter name>
Example:
[Device-Name]> show ipaddr Displays the Access Point IP address. Figure B-11 Result of show ipaddr CLI Command 2. View all parameters in a table. Syntax:
[Device-Name]> show <table name>
Example: [Device-Name]> show mgmtipaccesstbl The CLI displays the IP Access Table and its entries. 272 CLI for Mesh and Access Point Module User Guide Using Tables and Strings Working with Tables MeshMAX 5054 Series User Guide Each table element (or parameter) must be specified, as in the example below.
[Device-Name]>set mgmtipaccesstbl 0 ipaddr 10.0.0.10 ipmask 255.255.0.0 Below are the rules for creating, modifying, enabling/disabling, and deleting table entries. Creation The table name is required. The table index is required for table entry/instance creation the index is always zero (0). The order in which the table arguments or objects are entered in not important. Parameters that are not required can be omitted, in which case they will be assigned the default value. Modification The table name is required. The table index is required to modify the table, index must be the index of the entry to be modified. Only the table objects that are to be modified need to be specified. Not all the table objects are required. If multiple table objects are to be modified the order in which they are entered is not important. If the entire table entry is to be modified, all the table objects have to be specified. Enabling/Disabling The table name is required. The table index is required for table enabling/disabling the index should be the index of the entry to be enabled/disabled. The entrys new state (either enable or disable) is required. Deletion The table name is required. The table index is required for table deletion the index should be the index of the entry to be deleted. The word delete is required. Using Strings Since there are several string objects supported by the AP, a string delimiter is required for the strings to be interpreted correctly by the command line parser. For this CLI implementation, the single quote or double quote character can be used at the beginning and at the end of the string. For example:
[Device-Name]> set sysloc Lobby - Does not need quote marks
[Device-Name]> set sysloc Front Lobby - Requires quote marks. The scenarios supported by this CLI are:
My Desk in the office My Desk in the office My Desk in the office My Desk in the office Daniels Desk in the office Daniels Desk in the office Double Quotes Single Quotes Single Quotes within Double Quotes Double Quotes within Single Quotes One Single Quote within Double Quotes One Double Quote within Single Quotes 273 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide The string delimiter does not have to be used for every string object. The single quote or double quote only has to be used for string objects that contain blank space characters. If the string object being used does not contain blank spaces, then the string delimiters, single or double quotes, mentioned in this section are not required. 274 CLI for Mesh and Access Point Module User Guide Configuring the AP using CLI commands Log into the AP using HyperTerminal MeshMAX 5054 Series User Guide 1. Open your terminal emulation program (like HyperTerminal) and set the following connection properties:
Baud rate: 9600 Com Port: <COM1, COM2, etc., depending on your computer>
Data Bits: 8 Stop bits: 1 Flow Control: None Parity: None 2. Under File > Properties > Settings > ASCII Setup, enable the Send line ends with line feeds option. HyperTerminal sends a line return at the end of each line of code. 3. Enter the CLI password (default is public). NOTE: Proxim recommends changing your default passwords immediately. To perform this operation using CLI commands, see Change Passwords. Log into the AP using Telnet The CLI commands can be used to access, configure, and manage the AP using Telnet. Follow these steps:
1. Confirm that your computers IP address is in the same IP subnet as the AP. NOTE: If you have not previously configured the Access Points IP address and do not have a DHCP server on the network, the Access Point will default to an IP address of 169.254.128.132. 2. Go to the DOS command prompt on your computer. 3. Type telnet <IP Address of the unit>. 4. Enter the CLI password (default is public). NOTE: Proxim recommends changing your default passwords immediately. To perform this operation using CLI commands, see Change Passwords. 275 CLI for Mesh and Access Point Module User Guide Set Basic Configuration Parameters using CLI Commands MeshMAX 5054 Series User Guide There are a few basic configuration parameters that you may want to setup right away when you receive the AP. For example:
Set System Name, Location and Contact Information Set Static IP Address for the AP Download an AP Configuration File from your TFTP Server Set up Auto Configuration Set Network Names for the Wireless Interface Enable 802.11d Support and Set the Country Code Enable and Configure TX Power Control for the Wireless Interface(s) Configure SSIDs (Network Names), VLANs, and Profiles Download an AP Configuration File from your TFTP Server Backup your AP Configuration File Set System Name, Location and Contact Information NOTE: System name must:
Contain only letters, numbers, and hyphens. Be limited to 31 characters. Not begin with a number or hyphen. Not contain blank spaces.
[Device-Name]>set sysname <Name> sysloc <Unit Location>
[Device-Name]>set sysctname <Contact Name>
[Device-Name]>set sysctphone <Contact Phone Number> sysctemail <Contact E-mail address>
[Device-Name]>show system Figure B-12 Result of show system CLI Command Set Static IP Address for the AP NOTE: The IP Subnet Mask of the AP must match your networks Subnet Mask.
[Device-Name]>set ipaddrtype static
[Device-Name]>set ipaddr <fixed IP address of unit>
[Device-Name]>set ipsubmask <IP Mask>
[Device-Name]>set ipgw <gateway IP address>
[Device-Name]>show network Change Passwords
[Device-Name]>passwd <Old Password> <New Password> <Confirm Password> (CLI password)
[Device-Name]>set httppasswd <New Password> (HTTP interface password) 276 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide
[Device-Name]>set snmprpasswd <New Password> (SNMP read password)
[Device-Name]>set snmprwpasswd <New Password> (SNMP read/write)
[Device-Name]>set snmpv3authpasswd <New Password> (SNMPv3 authentication password)
[Device-Name]>set snmpv3privpasswd <New Password> (SNMPv3 privacy password)
[Device-Name]>reboot 0 CAUTION: Proxim strongly urges you to change the default passwords to restrict access to your network devices to authorized personnel. If you lose or forget your password settings, you can always perform the Soft Reset to Factory Defaults. Set Network Names for the Wireless Interface
[Device-Name]>set wif <3 (Wireless Interface A) or 4 (Wireless Interface B)> netname
<Network Name (SSID) for wireless interface>
[Device-Name]>show wif Figure B-13 Results of show wif CLI command for an AP Enable 802.11d Support and Set the Country Code NOTE: On APs with model numbers ending in -WD, these commands are not available. Perform the following command to enable 802.11d IEEE 802.11d support for additional regulatory domains.
[Device-Name]>set wif <3 (Wireless Interface A) or 4 (Wireless Interface B)> dot11dstatus
<enable/disable>
Perform the following command to set a country code:
[Device-Name]>set syscountrycode <country code>
Select a country code from the following table, derived from ISO 3166. Available countries will vary based on regulatory domain. Refer to the ISO/IEC 3166-1 CountryCode drop-down menu on the Configure > Interfaces > Operational Mode page; this menu contains a list of all the available countries in your regulatory domain. NOTE: If you select a country code that is not supported in your regulatory domain, clients may attempt to connect to a channel that is not supported by your AP. Country Algeria Albania Code DZ AL Country Honduras Hong Kong Code HN HK Country Panama Papua New Guinea Code PA PG 277 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Country Argentina Armenia Australia Austria Azerbaijan Bahrain Belarus Belgium Belize Bolivia Brazil Brunei Darussalam Bulgaria Canada Chile China Colombia Costa Rica Croatia Cyprus Czech Republic Denmark Dominican Republic Ecuador Egypt El Salvador Estonia Finland France Georgia Germany Greece Guam Guatemala Code AR AM AU AT AZ BH BY BE BZ BO BR BN BG CA CL CN CO CR HR CY CZ DK DO EC EG SV EE FI FR GE DE GR GU GT Country Hungary Iceland India Indonesia Ireland 5.8 GHz Israel Italy Jamaica Japan Japan2 Jordan Kazakhstan North Korea Korea Republic Korea Republic2 Kuwait Latvia Lebanon Liechtenstein Lithuania Luxembourg Macau Macedonia Malaysia Malta Mexico Monaco Morocco Netherlands New Zealand Nicaragua Norway Oman Pakistan Country Peru Philippines Poland Portugal Puerto Rico Qatar Romania Russia Samoa Saudi Arabia Singapore Slovak Republic Slovenia South Africa South Korea Spain Sweden Switzerland Syria Taiwan Thailand Turkey Ukraine United Arab Emirates United Kingdom United Kingdom 5.8 GHz United States United States World United States DFS Uruguay Venezuela Vietnam Code HU IS IN ID I1 IL IT JM JP J2 JO KZ KP KR K2 KW LV LB LI LT LU MO MK MY MT MX MC MA NL NZ NI NO OM PK Code PE PH PL PT PR QA RO RU WS SA SG SK SI ZA KR ES SE CH SY TW TH TR UA AE GB G1 US UW U1 UY VE VN 278 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Enable and Configure TX Power Control for the Wireless Interface(s) The TX Power Control feature lets the user configure the transmit power level of the card in the AP. Perform the following commands to enable TX Power Control and set the transmit power level:
[Device-Name]>set txpowercontrol enable
[Device-Name]>set wif <interface number> currentbackofftpcvalue <0-9 dBm1-35 dBm>
Configure SSIDs (Network Names), VLANs, and Profiles Perform the following command to configure SSIDs and VLANS, and to assign Security and RADIUS Profiles.
[Device-Name]>set wifssidtbl <Wireless Interface Index.SSID Index> ssid <Network Name>
vlanid <-1 to 1094> ssidauth <enable/disable> acctstatus <enable/disable> secprofile
<Security Profile Nmuber> radmacprofile <MAC Authentication Profile Name> radeapprofile
<EAP Authentication Profile Name> radacctprofile <Accounting Profile Name>
radmacauthstatus <enable/disable> aclstatus <enable/disable>
Examples:
[Device-Name]>set wifssidtbl 3.1 ssid accesspt1 vlanid 22 ssidauth enable acctstatus enable secprofile 1 radmacprofile "MAC Authentication" radeapprofile "EAP Authentication"
radacctprofile "Accounting" radmacauthstatus enable aclstatus enable
[Device-Name]>set wifssidtbl 4.1 ssid accesspt1 vlanid 22 ssidauth enable acctstatus enable secprofile 1 radmacprofile "MAC Authentication" radeapprofile "EAP Authentication"
radacctprofile "Accounting" radmacauthstatus enable aclstatus enable Download an AP Configuration File from your TFTP Server Start the Solarwinds TFTP program (available on the installation CD), and click on the Security tab to verify that the TFTP server is configured to both transmit and receive files. (Note that TFTP programs other than Solarwinds may also require this setting.) Then enter the following commands:
[Device-Name]>set tftpfilename <file name> tftpfiletype config tftpipaddr <IP address of your TFTP server>
[Device-Name]>show tftp (to ensure the filename, file type, and the IP address are correct)
[Device-Name]>download *
[Device-Name]>reboot 0 After following the complete process (above) once, you can download a file of the same name (so long as all the other parameters are the same), with the following command:
[Device-Name]>download *
Backup your AP Configuration File Start the Solarwinds TFTP program (available on the installation CD), and click on the Security tab to verify that the TFTP server is configured to both transmit and receive files. (Note that TFTP programs other than Solarwinds may also require this setting.) Then enter the following commands:
[Device-Name]>upload <TFTP Server IP address> <tftpfilename (such as config.sys)> config
[Device-Name]>show tftp (to ensure the filename, file type, and the IP address are correct) After setting the TFTP parameters, you can backup your current file (so long as all the other parameters are the same), with the following command:
[Device-Name]>upload *
279 CLI for Mesh and Access Point Module User Guide Set up Auto Configuration MeshMAX 5054 Series User Guide The Auto Configuration feature which allows an AP to be automatically configured by downloading a specific configuration file from a TFTP server during the boot up process. Perform the following commands to enable and set up automatic configuration:
NOTE: The configuration filename and TFTP server IP address are configured only when the AP is configured for Static IP. If the AP is configured for Dynamic IP these parameters are not used and obtained from DHCP. The default filename is config. The default TFTP IP address is 169.254.128.133.
[Device-Name]>set autoconfigstatus <enable/disable>
[Device-Name]>set autoconfigfilename <configuration file name>
[Device-Name]>set autoconfigTFTPaddr <TFTP IP address>
280 CLI for Mesh and Access Point Module User Guide Other Network Settings MeshMAX 5054 Series User Guide There are other configuration settings that you may want to set for the AP. Some of them are listed below. Configure the AP as a DHCP Server Configure the DNS Client Configure DHCP Relay and Configure DHCP Relay Servers Maintain Client Connections using Link Integrity Change Wireless Interface Settings Set Ethernet Speed and Transmission Mode Set Interface Management Services Configure Wireless Distribution System Configure MAC Access Control Set RADIUS Parameters Set Rogue Scan Parameters Set Hardware Configuration Reset Parameters Set VLAN/SSID Parameters Set Security Profile Parameters NOTE: See Advanced Configuration for more information on these settings. Configure the AP as a DHCP Server NOTE: You must have at least one entry in the DHCP Server IP Address Pool Table before you can set the DHCP Server Status to Enable. endipaddr <end ip address>
[Device-Name]>set dhcpstatus disable
[Device-Name]>set dhcpippooltbl 0 startipaddr <start ip address>
[Device-Name]>set dhcpgw <gateway ip address>
[Device-Name]>set dhcppridnsipaddr <primary dns ip address>
[Device-Name]>set dhcpsecdnsipaddr <secondary dns ip address>
[Device-Name]>set dhcpstatus enable
[Device-Name]>reboot 0 CAUTION: Before enabling this feature, confirm that the IP address pools you have configured are valid addresses on the network and do not overlap the addresses assigned by any other DHCP server on the network. Enabling this feature with incorrect address pools will cause problems on your network. Configure the DNS Client
[Device-Name]>set dnsstatus enable
[Device-Name]>set dnsprisvripaddr <IP address of primary DNS server>
[Device-Name]>set dnssecsvripaddr <IP address of secondary DNS server>
[Device-Name]>set dnsdomainname <default domain name>
[Device-Name]>show dns Figure B-14 Results of show dns CLI command 281 CLI for Mesh and Access Point Module User Guide Configure DHCP Relay MeshMAX 5054 Series User Guide Perform the following command to enable or disable DHCP Relay Agent Status. NOTE: You must have at least one entry in the DHCP Relay Server Table before you can set the DHCP Relay Status to Enable.
[Device-Name]>set dhcprelaystatus enable Configure DHCP Relay Servers Perform the following command to configure and enable a DHCP Relay Server. The AP allows the configuration of a maximum of 10 server settings in the DHCP Relay Agents server table.
[Device-Name]>set dhcprlyindex 1 dhcprlyipaddr <ip address> dhcprlycmt <comment>
dhcprlystatus 1 (1 to enable, 2 to disable, 3 to delete, 4 to create) Maintain Client Connections using Link Integrity
[Device-Name]>show linkinttbl (this shows the current links)
[Device-Name]>set linkinttbl <15 (depending on what table row you wish to address)>
ipaddr <ip address of the host computer you want to check>
[Device-Name]>set linkintpollint <the interval between link integrity checks>
[Device-Name]>set linkintpollretx <number of times to retransmit before considering the link down>
[Device-Name]>set linkintstatus enable
[Device-Name]>show linkinttbl (to confirm new settings)
[Device-Name]>reboot 0 Change Wireless Interface Settings See Interfaces for information on the parameters listed below. The AP uses index 3 for Wireless Interface A (802.11a radio or 4.9 GHz radio) and index 4 for Wireless Interface B (802.11b/g radio). Operational Mode
[Device-Name]>set wif <index> mode <see table>
Mode Operational Mode 1 2 3 4 5 6 dot11b-only dot11g-only dot11bg dot11a-only dot11g-wifi publicsafety Autochannel Select (ACS) ACS is enabled by default. Reboot after disabling or enabling ACS.
[Device-Name]>set wif <index> autochannel <enable/disable>
[Device-Name]>reboot 0 282 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Enable/Disable Closed System
[Device-Name]>set wif <index> closedsys <enable/disable>
Shutdown/Resume Wireless Service
[Device-Name]>set wif <index> wssstatus <1 (resume)/2 (shutdown)>
Set Load Balancing Maximum Number of Clients
[Device-Name]>set wif <index> lbmaxclients <163>
Set the Multicast Rate (802.11a or 4.9 GHz)
[Device-Name]>set wif 3 multrate <6, 12, 24 (Mbits/sec)>
Set the Multicast Rate (802.11b/g)
[Device-Name]>set wif 4 multrate <1, 2, 5.5, 11 (Mbits/sec)>
Enable/Disable Super Mode (802.11a/g only)
[Device-Name]>set wif <index> supermode <enable/disable>
Set the Distance Between APs
[Device-Name]>set wif <index> distaps <15> (see below)
[Device-Name]>reboot 0 Value Distance Between APs 1 2 3 4 5 Large Medium Small Mini Micro Set Ethernet Speed and Transmission Mode
[Device-Name]>set etherspeed <value> (see below)
[Device-Name]>reboot 0 Ethernet Speed and Transmission Mode 10 Mbits/sec - half duplex 10 Mbits/sec - full duplex 10 Mbits/sec - auto duplex Value 10halfduplex 10fullduplex 10autoduplex 283 MeshMAX 5054 Series User Guide CLI for Mesh and Access Point Module User Guide Ethernet Speed and Transmission Mode 100 Mbits/sec - half duplex 100 Mbits/sec - full duplex Auto Speed - half duplex Auto Speed - auto duplex Value 100halfduplex 100fullduplex autohalfduplex autoautoduplex (default) Set Interface Management Services Edit Management IP Access Table
[Device-Name]>set mgmtipaccesstbl <index> ipaddr <IP address> ipmask <subnet mask>
Configure Management Ports
[Device-Name]>set snmpifbitmask <(see below)>
[Device-Name]>set httpifbitmask <(see below)>
[Device-Name]>set telifbitmask <(see below)>
Choose from the following values:
Interface Bitmask Description 0 or 2 = Disable (all interfaces) All management channels disabled 1 or 3 = Ethernet only 4 or 6 = Wireless A only 8 or 10 = Wireless B only 12 = Wireless A and Wireless B Wireless A and Wireless B enabled 13 or 15 = Enable all interfaces All management channels enabled Ethernet only enabled Wireless A only enabled Wireless B only enabled Set Communication Ports
[Device-Name]>set httpport <HTTP port number (default is 80)>
[Device-Name]>set telport <Telnet port number (default is 23)>
Configure Secure Socket Layer (HTTPS) Enabling SSL and configuring a passphrase allows encrypted Secure Socket Layer communications to the AP through the HTTPS interface.
[Device-Name]>set sslstatus <enable/disable>
The user must change the SSL passphrase when uploading a new certificate/private key pair, which will have a corresponding passphrase.
[Device-Name]>set sslpassphrase <SSL certificate passphrase>
[Device-Name]>show http (to view all HTTP configuration information including SSL.) Set Telnet Session Timeouts
[Device-Name]>set tellogintout <time in seconds between 1 and 300 (default is 30)>
[Device-Name]>set telsessiontout <time in seconds between 1 and 36000 (default is 900)>
284 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Configure Serial Port Interface NOTE: To avoid unexpected performance issues, leave Flow Control at the default setting (none) unless you are sure what this setting should be.
[Device-Name]>set serbaudrate <2400, 4800, 9600, 19200, 38400, 57600>
[Device-Name]>set serflowctrl <none, xonxoff>
[Device-Name]>show serial Figure B-15 Result of show serial CLI Command Configure Syslog
[Device-Name]>set syslogpriority <17 (default is 6)>
[Device-Name]>set syslogstatus <enable/disable>
[Device-Name]>set sysloghbstatus <enable/disable> (default is disable)
[Device-Name]>set sysloghbinterval <1604800> (default is 900 seconds)
[Device-Name]>set sysloghosttbl <index> ipaddr <ipaddress> cmt <comment> status
<enable/disable>
Configure Intra BSS
[Device-Name]>set intrabssoptype <passthru (default)/block)>
Configure Wireless Distribution System Create/Enable WDS
[Device-Name]>set wdstbl <Index> partnermacaddr <MAC Address> status enable Enable/Disable WDS
[Device-Name]>set wdstbl <Index> status <enable/disable>
NOTE: <Index> is 3.13.6 (Wireless A) or 4.14.6 (Wireless B). To determine the index, type show wdstbl at the prompt. NOTE: When WDS is enabled, spanning tree protocol is automatically enabled. It may be manually disabled. If Spanning Tree protocol is enabled by WDS and WDS is subsequently disabled, Spanning tree will remain enabled until it is manually disabled. See Spanning Tree Parameters. Configure MAC Access Control Setup MAC (Address) Access Control
[Device-Name]>set wifssidtbl <index> aclstatus enable/disable
[Device-Name]>set macacloptype <passthru, block>
[Device-Name]>reboot 0 Add an Entry to the MAC Access Control Table
[Device-Name]>set macacltbl 0 macaddr <MAC Address> status enable
[Device-Name]>show macacltbl 285 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Disable or Delete an Entry in the MAC Access Control Table
[Device-Name]>set macacltbl <index> status <disable/delete>
[Device-Name]>show macacltbl NOTE: For larger networks that include multiple Access Points, you may prefer to maintain this list on a centralized location using the RADIUS parameters (see Set RADIUS Parameters). Set RADIUS Parameters Configure RADIUS Authentication servers Perform the following command to configure a RADIUS Server and assign it to a VLAN. The RADIUS Server Profile index is specified by the index parameter and the subindex parameter specifies whether you are configuring a primary or secondary RADIUS server.
[Device-Name]>set radiustbl <Index> profname <Profile Name> seraddrfmt <1 - IP Address 2
- Name> sernameorip <IP Address or Name> port <value> ssecret <value> responsetm <value>
maxretx <value> acctupdtintrvl <value> macaddrfmt <value> authlifetm <value>
radaccinactivetmr <value> vlanid <vlan id -1 to 4094> status enable NOTE: To create a new RADIUS profile, use 0 for <Index>. Examples of Configuring Primary and Secondary RADIUS Servers and Displaying the RADIUS Configuration Primary server configuration:
[Device-Name]>set radiustbl 1.1 profname "MAC Authentication" seraddrfmt 1 sernameorip 20.0.0.20 port 1812 ssecret public responsetm 3 maxretx 3 acctupdtintrvl 0 macaddrfmt 1 authlifetm 900 radaccinactivetmr 5 vlanid 22 status enable Secondary server configuration:
[Device-Name]>set radiustbl 1.2 profname "MAC Authentication" seraddrfmt 1 sernameorip 20.0.0.30 port 1812 ssecret public responsetm 3 maxretx 3 acctupdtintrvl 0 macaddrfmt 1 authlifetm 900 radaccinactivetmr 5 vlanid 33 status enable
[Device-Name]>show radiustbl Index : 1 Primary/Backup : Primary Profile Name : MAC Authentication Server Status : notReady Server Addressing Format : ipaddr IP Address/Host Name : 0.0.0.0 Destination Port : 1812 VLAN Identifier : -1 MAC Address Format : dashdelimited Response Time : 3 Maximum Retransmission : 3 Authorization Lifetime : 0 Accounting Update Interval : 0 Accounting Inactivity Timer : 5 Index : 1 Primary/Backup : Backup Profile Name : MAC Authentication 286 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Server Status : notReady Server Addressing Format : ipaddr IP Address/Host Name : 0.0.0.0 Destination Port : 1812 VLAN Identifier : -1 MAC Address Format : dashdelimited Response Time : 3 Maximum Retransmission : 3
. Index : 4 Primary/Backup : Backup Profile Name : Management Access Server Status : notReady Server Addressing Format : ipaddr IP Address/Host Name : 0.0.0.0 Destination Port : 1812 VLAN Identifier : -1 MAC Address Format : dashdelimited Response Time : 3 Maximum Retransmission : 3 Authorization Lifetime : 0 Accounting Update Interval : 0 Accounting Inactivity Timer : 5 Figure B-16 Result of showradiustbl CLI Command Set Rogue Scan Parameters Perform the following command to enable or disable Rogue Scan on a wireless interface and configure the scanning parameters. The cycletime parameter is only configured for background scanning mode.
[Device-Name]>set rscantbl <3 or 4> mode <1 for background scanning, 2 for continuous scanning> cycletime <cycletime from 11440 minutes> status <enable/disable>
NOTE: Rogue Scan cannot be enabled on a wireless interface when the Wireless Service Status on that interface is shutdown. First, resume service on the wireless interface. Set Hardware Configuration Reset Parameters The Hardware Configuration Reset commands allows you to enable or disable the hardware reset functionality and to change the password to be used for configuration reset during boot up. To disable hardware configuration reset, enter:
[Device-Name]>set hwconfigresetstatus disable To enable hardware configuration reset, enter:
[Device-Name]>set hwconfigresetstatus enable To define the Configuration Reset Password to be used for configuration reset during boot up, enter the following command
[Device-Name]>set configresetpasswd <password>
287 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide It is important to safely store the NOTE: It is important to safely store the configuration reset password. If a user forgets the configuration reset password, the user will be unable to reset the AP to factory default configuration if the AP becomes inaccessible and the hardware configuration reset functionality is disable. Set VLAN/SSID Parameters Enable VLAN Management
[Device-Name]>set vlanstatus enable
[Device-Name]>set vlanmgmtid <14094>
[Device-Name]>show wifssidtbl (to review your settings)
[Device-Name]>reboot 0 Disable VLAN Management
[Device-Name]>set vlanstatus disable or
[Device-Name]>set vlanmgmtid -1
[Device-Name]>reboot 0 Add a Entry to the WIFSSID Table
[Device-Name]>set wifssidtbl <index> ssid <Network Name> vlanid <-1 (untagged) or 14094>
status enable Set Security Profile Parameters Configure a Security Profile with Non Secure Security Mode
[Device-Name]>set secprofiletbl <index> secmode nonsecure status enable Example:
[Device-Name]>set secprofiletbl 2 secmode nonsecure status enable Configure a Security Profile with WEP Security Mode
[Device-Name]>set secprofiletbl <index> secmode wep encryptkey<0-3> <value>
encryptkeylength <value> encryptkeytx <value> status enable Example:
[Device-Name]>set secprofiletbl 3 secmode wep encryptkey0 12345 encryptkeylength 1 encryptkeytx 0 status enable Configure a Security Profile with 802.1x Security Mode
[Device-Name]>set secprofiletbl <index> secmode 802.1x encryptkeylength <value> status enable Example:
[Device-Name]>set secprofiletbl 4 secmode 802.1x encryptkeylength 1 status enable Configure a Security Profile with WPA Security Mode
[Device-Name]>set secprofiletbl <index> secmode wpa status enable Example:
[Device-Name]>set secprofiletbl 5 secmode wpa status enable 288 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Configure a Security Profile with WPA-PSK Security Mode
[Device-Name]>set secprofiletbl <index> secmode wpa-psk passphrase <value> status enable Example:
[Device-Name]>set secprofiletbl 6 secmode wpa-psk passphrase 12345678 status enable Configure a Security Profile with 802.11i Security Mode
[Device-Name]>set secprofiletbl <index> secmode 802.11i status enable Example:
[Device-Name]>set secprofiletbl 7 secmode 802.11i status enable Configure a Security Profile with 802.11i-PSK Security Mode
[Device-Name]>set secprofiletbl <index> secmode 802.11i-psk passphrase <value> status enable Example:
[Device-Name]>set secprofiletbl 8 secmode 802.11i-psk passphrase 12345678 status enable 289 CLI for Mesh and Access Point Module User Guide CLI Monitoring Parameters MeshMAX 5054 Series User Guide Using the show command with the following table parameters will display operating statistics for the AP (these are the same statistics that are described in the Monitoring section). staticmp: Displays the ICMP statistics. statarptbl: Displays the IP ARP Table statistics. statbridgetbl: Displays the Learn Table. statiapp: Displays the IAPP statistics. statradius: Displays the RADIUS Authentication statistics. statif: Displays information and statistics about the Ethernet and wireless interfaces. stat802.11: Displays additional statistics for the wireless interfaces. statethernet: Displays additional statistics for the Ethernet interface. statmss: Displays station statistics and Wireless Distribution System links. statmesh: Displays statistics about the Mesh network. 290 CLI for Mesh and Access Point Module User Guide Parameter Tables MeshMAX 5054 Series User Guide Objects contain groups that contain both parameters and parameter tables. Use the following Tables to configure the Access Point. Columns used on the tables include:
Name - Parameter, Group, or Table Name Type - Data type Value - Value range, and default value, if any Access = access type, R = Read Only (show), RW = Read-Write (can be set), W = Write Only CLI Parameter - Parameter name as used in the Access Point Access Point network objects are associated with Groups. The network objects are listed below and associated parameters are described in the following Parameter Tables:
System Parameters - Access Point system information Inventory Management Information - Hardware, firmware, and software version information Network Parameters - IP and Network Settings IP Configuration Parameters - Configure the Access Points IP settings DNS Client for RADIUS Name Resolution - Configure the Access Point as a DNS client DHCP Server Parameters - Enable or disable dynamic host configuration SNTP Parameters - Configure Interface Parameters - Configure Wireless and Ethernet settings Wireless Interface Parameters Link Integrity Parameters - Monitor link status Wireless Distribution System (WDS) Parameters - Configure the WDS partnerships Wireless Interface SSID/VLAN/Profile Parameters - Configure the SSIDs, VLANs, and security modes for each interface. Up to 16 SSIDs per wireless interface are supported; different security settings can be applied to each SSID, and a unique VLAN can be configured per SSID. Ethernet Interface Parameters - Set the speed and duplex of the Ethernet port. Mesh Parameters - Configure the Mesh network. Management Parameters - Control access to the APs management interfaces SNMP Parameters - Set read and read/write passwords HTTP Parameters - Set up the graphical web browser interface. If required, enable SSL and configure the SSL certificate passphrase. Telnet Parameters - Telnet Port setup Serial Port Parameters - Serial Port setup RADIUS Based Management Access Parameters - Configure RADIUS Based Management Access for HTTP and Telnet access. SSH Parameters - Enable SSH and configure the host key. TFTP Server Parameters - Set up for file transfers; specify IP Address, file name, and file type Auto Configuration Parameters - Configure the Auto Configuration feature which allows an AP to be automatically IP Access Table Parameters - Configure range of IP addresses that can access the AP configured by downloading a configuration file from a TFTP server during boot up. Filtering Parameters Ethernet Protocol Filtering Parameters - Control network traffic based on protocol type Static MAC Address Filter Table - Enable and disable specific addresses Proxy ARP Parameters - Enable or disable proxy ARP for wireless clients IP ARP Filtering Parameters - Control which ARP messages are sent to wireless clients based on IP settings 291 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Broadcast Filtering Table - Control the type of broadcast packets forwarded to the wireless network TCP/UDP Port Filtering - Filter IP packets based on TCP/UDP port Alarms Parameters SNMP Table Host Table Parameters - Enter the list of IP addresses that will receive alarms from the AP Syslog Parameters - Configure the AP to send Syslog information to network servers Bridge Parameters Spanning Tree Parameters - Used to help prevent network loops Storm Threshold Parameters - Set threshold for number of broadcast packets Packet Forwarding Parameters - Redirect traffic from wireless clients to a specified MAC address Intra BSS Subscriber Blocking - Enable or disable peer to peer traffic on the same AP RADIUS Parameters Set RADIUS Parameters - Configure RADIUS Servers and assign them to VLANs. Security Parameters - Access Point security settings MAC Access Control Parameters - Control wireless access based on MAC address Rogue Scan Configuration Table - Enable and configure Rogue Scan to detect Rogue APs and clients. Hardware Configuration Reset - Disable or enable hardware configuration reset and configure a configuration 802.1x Parameters - Configure 802.1X Supplicant Timeout parameter reset password. Other Parameters - Configure Security Profiles that define allowed security modes (wireless clients), and encryption and authentication mechanisms. VLAN/SSID Parameters - Enable the configuration of multiple subnetworks based on VLAN ID and SSID. Other Parameters IAPP Parameters - Enable or disable the Inter-Access Point Protocol Wireless Multimedia Enhancements (WME)/Quality of Service (QoS) parameters - Enable and configure Wireless Multimedia Enhancement/Quality of Service parameters, QoS policies, mapping priorities, and EDCA parameters. Apply a configured QoS policy to a particular SSID. 292 CLI for Mesh and Access Point Module User Guide System Parameters Name System Name Location Country Identifier*
Contact Name Contact E-mail Contact Phone Type Group DisplayString DisplayString DisplayString DisplayString DisplayString DisplayString FLASH Backup Interval Flash Update Integer System OID Descriptor DisplayString DisplayString Up Time Integer MeshMAX 5054 Series User Guide Value Access CLI Parameter system sysname sysloc sysworldcountrycode sysctname sysctemail sysctphone sysflashbckint sysflashupdate sysoid sysdescr sysuptime R RW RW RW RW RW RW RW RW N/A User Defined User Defined See Country Identifiers below User Defined User Defined User Defined max 254 characters 0 - 65535 seconds 0 1 N/A System Name, flash version, S/N, bootloader version dd:hh:mm:ss dd - days hh - hours mm - minutes ss - seconds Retrieved from flash ID R Resets all parameters to default factory values R R R DisplayString System Security ID Emergency Restore to defaults sysinvmgmtsecurityid sysresettodefaults Note: You must enter the following command twice to reset to defaults:
set sysresettodefaults 1
* Available only on APs with model numbers ending in -WD. When available, this object must be configured before any interface parameters RW can be set. Country Identifiers NOTE: All countries may not be available on your AP. Country Indoor/Outdoor Identifier Austria Belgium Cyprus Czech Republic Denmark Estonia Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor AT1 AT2 BE1 BE2 CY1 CY2 CZ1 CZ2 DK1 DK2 EE1 EE2 293 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Country Indoor/Outdoor Identifier Finland France Germany Greece Hungary Ireland Italy Latvia Lithuania Luxembourg Malta Netherlands Norway Poland Portugal Puerto Rico Russia Spain Sweden Switzerland United Kingdom/
Great Britain Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor/Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor Indoor Outdoor FI1 FI2 FR1 FR2 DE1 DE2 GR1 GR2 HU1 HU2 IE1 IE2 IT1 IT2 LV1 LV2 LT1 LT2 LU1 LU2 MT1 MT2 NL1 NL2 NO1 NO2 PL1 PL2 PT1 PT2 PR1 PR2 RU ES1 ES2 SE1 SE2 CH1 CH2 GB1 GB2 294 CLI for Mesh and Access Point Module User Guide Inventory Management Information MeshMAX 5054 Series User Guide The inventory management commands display advanced information about the APs installed components. You may be asked to report this information to a representative if you contact customer support. Type Value Access CLI Parameter Subgroup Subgroup Subgroup N/A N/A N/A Name System Inventory Management Component Table Component Interface Table Network Parameters IP Configuration Parameters Name Network IP Configuration IP Address IP Mask Default Router IP Address Default TTL Address Type Type Value Group Group IpAddress IpAddress IpAddress Integer Integer N/A N/A User Defined User Defined User Defined User Defined (seconds) 0 - 255, 64 (default) static dynamic (default) R R R R R RW RW RW RW RW sysinvmgmt sysinvmgmtcmptbl sysinvmgmtcmpiftbl Access CLI Parameter network ip (Note: The network and ip parameters display the same information) ipaddr ipmask ipgw ipttl ipaddrtype NOTE: The IP Address Assignment Type (ipaddrtype) must be set to static before the IP Address (ipaddr), IP Mask
(ipmask) or Default Gateway IP Address (ipgw) values can be entered. 295 CLI for Mesh and Access Point Module User Guide DNS Client for RADIUS Name Resolution Type Name DNS Client DNS Client status Group Integer Primary DNS Server IP Address Secondary DNS Server IP Address Default Domain Name IpAddress IpAddress Integer32 DHCP Server Parameters MeshMAX 5054 Series User Guide Value N/A enable disable (default) User Defined User Defined User Defined (up to 254 characters) Access CLI Parameter R RW RW RW RW dns dnsstatus dnspridnsipaddr dnssecdnsipaddr dnsdomainname Name Type Value Access CLI Parameter DHCP Server DHCP Server Status*
Group Integer Gateway IP Address IpAddress Primary DNS IP Address IpAddress Secondary DNS IP IpAddress Address Number of IP Pool Table Entries Integer32 N/A enable (1) (default) disable (2) delete (3) User Defined User Defined User Defined N/A R RW RW RW RW R dhcp dhcpstatus dhcpgw dhcppridnsipaddr dhcpsecdnsipaddr dhcpippooltblent
* The DHCP Server (dhcpstatus) can only be enabled after a DHCP IP Pool table entry has been created. DHCP Server table for IP pools Name Type Value Access CLI Parameter DHCP Server IP Address Pool Table Table Index Start IP Address*
End IP Address*
Width Default Lease Time
(optional) Maximum Lease Time
(optional) Comment (optional) Status (optional) Table Integer IpAddress IpAddress Integer Integer32 Integer32 DisplayString Integer N/A User Defined User Defined User Defined User Defined 3600 - 86400 sec
(default) 3600 - 86400 sec
(default) User Defined enable (1) disable (2) delete (3) R N/A RW RW RW RW RW RW RW dhcpippooltbl index startipaddr endipaddr width defleasetm maxleasetm cmt status
* IP addresses must be from within the same subnet as the AP. Set End IP Address or Width, but not both. 296 CLI for Mesh and Access Point Module User Guide DHCP Relay Group MeshMAX 5054 Series User Guide The DHCP Relay Group allows you to enable or disable DHCP Relay Agent Status. Name DHCP Relay Group Status DHCP Relay Server Table Group Integer Table Type Value Access CLI Parameter N/A enable disable N/A R RW R dhcprelay dhcprelaystatus dhcprelaytbl DHCP Relay Server Table The DHCP Relay Server Table contains the commands to set the table entries. The AP supports the configuration of a maximum of 10 server settings in the DHCP Relay Agents server table. Name Type Value Access CLI Parameter DHCP Relay Server Table DHCP Relay Server Table Entry Index DHCP Relay Server Table Entry IP Address DHCP Relay Server Table Entry Comment DHCP Relay Server Table Entry Status Table Integer32 IpAddress N/A 1 - 10 User Defined DisplayString User Defined Integer enable (1) disable (2) delete (3) create (4) R R RW RW RW dhcprelaytbl dhcprlyindex dhcprlyipaddr dhcprlycmt dhcprlystatus 297 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide SNTP Parameters Name SNTP Group SNTP Status Primary Server Name or IP Address Secondary Server Name or IP Address Time Zone Type Group Integer DisplayString Value N/A enable disable 0 - 255 characters DisplayString 0 - 255 characters Integer Daylight Savings Time Integer Year Month Day Hour Minutes Seconds Addressing Format Integer32 Integer32 Integer32 Integer32 Integer32 Integer32 Integer See MIB for requirements
-2
-1 0
+1
+2 N/A 1 - 12 1 - 31 0 - 23 0 - 59 0 - 59 ipaddress name Access R RW CLI Parameter sntp sntpstatus RW RW RW RW RW RW RW RW RW RW RW sntpprisvr sntpsecsvr sntptimezone sntpdaylightsaving sntpyear sntpmonth sntpday sntphour sntpmins sntpsecs sntpaddrfmt Link Integrity Parameters Name Link Integrity Link Integrity Status*
Type Group Integer Link Integrity Poll Interval Integer Link Integrity Poll Retransmissions Integer Value N/A enable disable (default) 500 - 15000 ms
(in increments of 500ms) 500 ms (default) 0 - 255 5 (default) Access R RW CLI Parameter linkint linkintstatus RW RW linkintpollint linkintpollretx
* Link integrity cannot be configured when the AP is configured to function as a Mesh AP. Link Integrity IP Target Table Name Type Value Access CLI Parameter Link Integrity IP Target Table Table Integer Table Index Target IP Address IpAddress DisplayString Comment (optional) Status (optional) Integer N/A 1 - 5 User Defined User Defined (up to 254 characters) enable disable (default) delete R N/A RW RW RW linkinttbl index ipaddr cmt status 298 CLI for Mesh and Access Point Module User Guide Interface Parameters Wireless Interface Parameters MeshMAX 5054 Series User Guide The wireless interface group parameter is wif. Wireless Interface A (802.11a radio or 4.9 GHz radio) uses table index 3 and Wireless Interface B (802.11b/g radio) uses table index 4. Common Parameters to 802.11a, 4.9 GHz, and 802.11b/g DisplayString Depends on Operational Mode Name Wireless Interfaces Table Index Type Group Integer Operational Mode Integer Supported Channel Bandwidth Channel Bandwidth Integer32 Network Name DisplayString Auto Channel Select
(ACS)*
DTIM Period RTS/CTS Medium Reservation MAC Address Wireless Service Status Supported Frequency Channels Load Balancing Max Clients Distance Between APs Integer Integer Integer PhyAddress Integer Octet String Integer Integer AP Link Length**
Transmit Power Control Transmit Power Control Back-Off Integer Integer Integer Value N/A 3 (Wireless Interface A) or 4
(Wireless Interface B) 1 = dot11b-only 2 = dot11g-only 3 = dot11bg 4 = dot11a 5 = dot11g-wifi 6 = publicsafety 10 20 1 - 32 characters My Wireless Network (default) enable (default) disable 1 - 255 1 = default 0 - 2347 Default is 2347 (off) 12 hex digits 1 = resume 2 = shutdown Depends on Regulatory Domain 1 - 63 1 (large) (default) 2 (medium) 3 (small) 4 (minicell) 5 (microcell) 200 - 45000 enable disable 0 - 9 (dBm) Access R R CLI Parameter wif index RW mode R RW RW RW RW RW R RW R RW RW RW RW RW supportedchannelband width channelbandwidth netname autochannel dtimperiod medres macaddr wssstatus suppchannels lbmaxclients distaps aplinklength txpowercontrol currentbackofftpcvalue
* For 802.11a APs certified in the ETSI and TELEC regulatory domains and operating in the middle frequency band, disabling Auto Channel Select will limit the available channels to those in the lower frequency band. Wireless Service Status cannot be shut down on an interface where Rogue Scan is enabled. Distance Between APs allows the AP to perform better in high noise environments by increasing the receive sensitivity and transmit defer threshold, as follows:
299 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Distance Between APs Receive Sensitivity Threshold (dBm) Transmit Defer Threshold
(dBm) Large Medium Small Mini Micro
-96
-86
-78
-70
-62
-62
-62
-52
-42
-36
** Each 802.11 packet is acknowledged by the receiving station. On links longer than about 100m, the time that it takes for the ACK to get back to the sending station is long enough to cause the sending station to believe that the packet was not properly received. This problem can be corrected by adjusting the AP Link Length parameter to a value that is larger than the length in meters of the longest link being serviced by that AP. 300 CLI for Mesh and Access Point Module User Guide 4.9 GHz Specific Parameters Name Operating Frequency Channel Type Integer Supported Data Rates Octet String Transmit Rate Integer32 MeshMAX 5054 Series User Guide Value Access CLI Parameter channel suppdatarates txrate RW R RW Varies by regulatory domain and country. See Available Channels See Transmit Rate, below 10 MHz:
0 (Auto Fallback) 3 Mbits/s 4.5 Mbits/s 6 Mbits/s 9 Mbits/s 12 Mbits/s 18 Mbits/s 24 Mbits/s 27 Mbits/s. Physical Layer Type Integer Super Mode Integer 802.11a Specific Parameters Name Operating Frequency Channel Supported Data Rates Transmit Rate Type Integer Octet String Integer32 Physical Layer Type Integer 20 MHz:
0 (Auto Fallback) 6 Mbits/sec 9 Mbits/sec 12 Mbits/sec 18 Mbits/sec 24 Mbits/sec 36 Mbits/sec 48 Mbits/sec 54 Mbits/sec ofdm (orthogonal frequency division multiplexing) enable disable (default) R phytype RW supermode Value Access Varies by regulatory domain and country. See Available Channels See Transmit Rate, below 0 (Auto Fallback) 6 Mbits/sec 9 Mbits/sec 12 Mbits/sec 18 Mbits/sec 24 Mbits/sec 36 Mbits/sec 48 Mbits/sec 54 Mbits/sec ofdm (orthogonal frequency division multiplexing) RW R RW CLI Parameter channel suppdatarates txrate R phytype 301 CLI for Mesh and Access Point Module User Guide Type Regulatory Domain List DisplayString Name Super Mode Integer MeshMAX 5054 Series User Guide Access R CLI Parameter regdomain RW supermode Value Varies by regulatory domain:
USA -- FCC Hong Kong -- HK Australia -- AU Europe -- ETSI Russia -- RU Japan -- TELEC Singapore -- IDA Taiwan -- TW China -- CN Asia Brazil Argentina Saudi Arabia World Mode -- WO Undefined enable disable (default) 302 CLI for Mesh and Access Point Module User Guide 802.11b Specific Parameters Name Operating Frequency Channel Type Integer Multicast Rate Integer Closed Wireless System Integer MAC Address Supported Data Rates PhyAddress Octet String Transmit Rate Integer32 Physical Layer Type Integer Regulatory Domain List DisplayString 802.11b/g Specific Parameters Name Operating Frequency Channel Type Integer Supported Data Rates Octet String MeshMAX 5054 Series User Guide Value Access CLI Parameter 1 - 14; available channels vary by regulatory domain/country; see Available Channels 1 Mbits/sec (1) 2 Mbits/sec (2) (default) 5.5 Mbits/sec (3) 11 Mbits/sec (4) enable disable (default) 12 hex digits 1 Mbits/sec 2 Mbits/sec 5.5 Mbits/sec 11 Mbits/sec 0 (auto fallback; default) 1 Mbits/sec 2 Mbits/sec 5.5 Mbits/sec 11 Mbits/sec dsss (direct sequence spread spectrum) for 802.11b Varies by regulatory domain:
U.S./Canada -- FCC Europe -- ETSI Japan -- TELEC RW RW RW R R channel multrate closedsys macaddr suppdatarates RW txrate R R phytype regdomain Value 1 - 14; available channels vary by regulatory domain/country; see Available Channels See Transmit Rate, below Access CLI Parameter RW channel R suppdatarates 303 CLI for Mesh and Access Point Module User Guide Name Transmit Rate Type Integer32 Physical Layer Type Regulatory Domain List DisplayString Integer Super Mode Integer MeshMAX 5054 Series User Guide Access CLI Parameter RW txrate R R phytype regdomain RW supermode Value For 802.11b-only mode:
0 (auto fallback; default) 1 Mbits/sec 2 Mbits/sec 5.5 Mbits/sec 11 Mbits/sec For 802.11g-only mode:*
0 (auto fallback; default) 6 Mbits/sec 9 Mbits/sec 12 Mbits/sec 18 Mbits/sec 24 Mbits/sec 36 Mbits/sec 48 Mbits/sec 54 Mbits/sec For 802.11b/g mode:
0 (auto fallback; default) 1 Mbits/sec 2 Mbits/sec 5.5 Mbits/sec 11 Mbits/sec 6 Mbits/sec 9 Mbits/sec 12 Mbits/sec 18 Mbits/sec 24 Mbits/sec 36 Mbits/sec 48 Mbits/sec 54 Mbits/sec ERP (Extended Rate Protocol) Varies by regulatory domain:
USA -- FCC Europe -- ETSI Russia -- RU Japan -- TELEC Brazil Argentina Saudi Arabia Israel -- IL World Mode -- WO Undefined enable disable (default)
* Also for 802.11g-wifi mode. 802.11g-wifi has been defined for Wi-Fi testing purposes; it is not recommended for use in your wireless network environment. Available in 802.11b/g or 802.11g modes only. 304 CLI for Mesh and Access Point Module User Guide Wireless Distribution System (WDS) Parameters MeshMAX 5054 Series User Guide Name WDS Table Port Index Status Partner MAC Address Type Table Integer Integer PhysAddress Value Access CLI Parameter N/A 3.1 - 3.6 (Wireless) enable, disable User Defined R R RW RW wdstbl portindex status partnermacaddr Wireless Distribution System (WDS) Security Table Parameters The WDS Security Table manages WDS related security objects. Value Name Type WDS Security Table Table Index Table Integer Security Mode Integer Shared Secret Encryption Key 0 DisplayString WEPKeyType Wireless Interface SSID/VLAN/Profile Parameters N/A Primary wireless interface = 3 Secondary wireless interface = 4 1 or none 2 or wep 3 or aes 632 characters N/A Access CLI Parameter R R wdssectbl index RW secmode W W sharedsecret encryptkey0 The Wireless Interface SSID table manages the SSIDs, VLANs, Security Profiles, and RADIUS Profiles associated to each SSID. For configuration examples, see Configure SSIDs (Network Names), VLANs, and Profiles. Name Type Value Access CLI Parameter Wireless Interface SSID Table Table Index Table Integer SSID Table Index SSID Broadcast Unique Beacon Closed System VLAN ID Rekeying Interval Integer32 DisplayString Integer Integer VlanId Integer32 Table Row Status RowStatus SSID Authorization Status per VLAN Integer N/A Primary wireless interface = 3 Secondary wireless interface = 4 1 - 16 (SSID index) 2 - 32 characters enable disable enable, disable
-1 - 4094 or untagged 0 (disabled) 300 - 65535 Default = 900 enable disable delete enable disable R R R RW RW RW RW RW RW RW wifssidtbl index ssidindex ssid bcastbeacon denybcastprobereq vlanid reykeyint status ssidauth 305 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Name RADIUS Accounting Status per VLAN MAC ACL Status per VLAN Security Profile RADIUS MAC Profile RADIUS EAP Profile RADIUS Accounting Profile QoS Policy Type Value Access CLI Parameter Integer Integer Integer32 DisplayString DisplayString DisplayString enable disable enable disable User defined User defined User defined User defined Integer32 User defined RW RW RW RW RW RW RW acctstatus aclstatus secprofile radmacprofile radeapprofile radacctprofile qospolicy Ethernet Interface Parameters Name Ethernet Interface Speed Group Integer Type Value Access CLI Parameter N/A 1 (10halfduplex) 2 (10fullduplex) 3 (10autoduplex) 4 (100halfduplex) 5 (100fullduplex) 6 (autohalfduplex) 7 (autoautoduplex)
(default) N/A N/A 1 or disable (default) 2 or meshportal 3 or meshap 3 (Wireless Interface A;
802.11a radio or 4.9 GHz radio) 4 (Wireless Interface B;
802.11b/g radio) 116 characters 1 or none 2 or aes (default) 632 characters Default: public 132 Default: 6 for Mesh AP;
32 for Mesh Portal 0100 1 or enable 2 or disable 010 010 R RW ethernet etherspeed R ethermacaddr Access R RW CLI Parameter mesh meshmode RW meshwif RW RW W meshssid meshsecurity meshsecret RW meshmaxlinks RW RW RW RW meshroamingthreshold meshbeacononuplink meshhopfactor meshsignalstrengthfactor 306 MAC Address PhyAddress Mesh Parameters
. Name Mesh Group Mesh Mode Group Integer Type Value Mesh Interface Number Integer32 Mesh SSID Security Mode DisplayString Integer Shared Secret DisplayString Maximum Active Mesh Links Integer32 Roaming Threshold*
Beacon on Uplink Integer32 ObjStatus Hop Factor Signal Strength Factor Integer32 Integer32 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Name Type Value Access CLI Parameter Medium Occupancy Factor Signal Strength Cutoff Max Hops to Portal Mesh Mobility Mode
(Mesh AP only) Reset Mesh Parameters to Defaults Mesh QoS Profile Mesh Link Only (no client access on Mesh radio) Mesh Auto Switch Mode
(Mesh Portal only) Current Mesh Mode Integer32 Integer32 Integer32 Integer Integer32 Integer32 Integer Integer Integer 010 026 14 1 (static) 2 (roaming) 1 or 2 110 1 (enable) 2 (disable) 1 (enable) 2 (disable) 1 (Disabled) (default) 2 (Mesh Portal) 3 (Mesh AP) RW RW RW RW RW RW RW RW meshmedocfactor meshsignalstrengthcutoff meshmaxhops meshmobility meshadvresettodefault meshqosprofile meshlinkonly meshautoswitchmode R meshcurrentmode
* Higher roaming threshold value creates a more static Mesh environment. Lower roaming threshold value creates a more dynamic Mesh environment. A QoS profile corresponding to this index number must exist. This command resets the following parameters to their default values: Maximum Active Mesh Links, Maximum Hops to Portal, Hop Factor, RSSI Factor, Medium Occupancy Factor, Receive Signal Strength Cut-off, and Roaming Threshold. 307 CLI for Mesh and Access Point Module User Guide Management Parameters Secure Management Parameters MeshMAX 5054 Series User Guide Name Type Value Secure Management Integer 1 (enable) 2 (disable) Access RW CLI Parameter securemgmtstatus SNMP Parameters Name SNMP SNMP Management Interface Bitmask Type Group Interface Bitmask Read Password DisplayString Read/Write Password DisplayString SNMPv3 Authentication Password DisplayString SNMPv3 Privacy Password DisplayString HTTP Parameters Name HTTP HTTP Management Interface Bitmask Type Group Interface Bitmask HTTP Password DisplayString HTTP Port Integer Help Link*
SSL Status SSL Certificate Passphrase DisplayString Integer DisplayString Value N/A 0 or 2 = No interfaces
(disable) 1 or 3 = Ethernet 4 or 6 = Wireless A 8 or 10 = Wireless B 12 = Wireless A & B 13 or 15 = All interfaces
(default is 15) User Defined public (default) 6 - 32 characters User Defined public (default) 6 - 32 characters User Defined public (default) 6 - 32 characters User Defined public (default) 6 - 32 characters Value N/A 0 or 2 = No interfaces
(disable) 1 or 3 = Ethernet 4 or 6 = Wireless A 8 or 10 = Wireless B 12 = Wireless A & B 13 or 15 = All interfaces
(default is 15) User Defined (6 - 32 characters) User Defined Default = 80 User Defined enable/disable User Defined Access R RW CLI Parameter snmp snmpifbitmask W W W W snmprpasswd snmprwpasswd snmpv3authpasswd snmpv3privpasswd Access R RW CLI Parameter http httpifbitmask W RW RW RW W httppasswd httpport httphelplink sslstatus sslpassphrase
* The help link must be set to an HTTP address. Use the forward slash character ("/") rather than the backslash character ("\") when configuring the Help Link location. 308 CLI for Mesh and Access Point Module User Guide Telnet Parameters Name Telnet Telnet Management Interface Bitmask Type Group Interface Bitmask Telnet Port Telnet Login Inactivity Time-out Telnet Session Idle Time-out Serial Port Parameters Name Serial Baud Rate Data Bits Parity Stop Bits Flow Control Integer Integer Integer Group Integer Integer Integer Integer Value MeshMAX 5054 Series User Guide Value Access CLI Parameter N/A 0 or 2 = No interfaces
(disable) 1 or 3 = Ethernet 4 or 6 = Wireless A 8 or 10 = Wireless B 12 = Wireless A & B 13 or 15 = All interfaces
(default is 15) User Defined 23 (default) 30 - 300 seconds 60 sec (default) 60 - 36000 seconds 900 sec (default) R RW telnet telifbitmask RW RW RW telport tellogintout telsessiontout Type Value Access CLI Parameter N/A 2400, 4800,9600
(default), 19200, 38400, 57600 8 none 1 none (default) xonxoff R RW R R R RW serial serbaudrate serdatabits serparity serstopbits serflowctrl RADIUS Based Management Access Parameters The RADIUS Based Management Access parameters allow you to enable HTTP or Telnet Radius Management Access, enable or disable local user access, and configure the local user password. The default local user ID is root and the default local user password is public. Root cannot be configured as a valid user for RADIUS based management access when local user access is enabled. Name Type Value Access CLI Parameter Radius Local User Status Integer Radius Local User Password HTTP Radius Management Access Telnet Radius Management Access DisplayString Integer Integer enable disable User Defined enable disable enable disable RW RW RW RW radlocaluserstatus radlocaluserpasswd httpradiusmgmtaccess telradiusmgmtaccess 309 CLI for Mesh and Access Point Module User Guide SSH Parameters MeshMAX 5054 Series User Guide The following commands enable or disable SSH and set the SSH host key. Name SSH Status SSH Public Host Key Fingerprint SSH Host Key Status Type Integer DisplayString Integer Value Access CLI Parameter enable disable AP Generated create delete RW RW RW sshstatus sshkeyfprint sshkeystatus The AP SSH feature, open-SSH, confirms to the SSH protocol, and supports SSH version 2. The following SSH clients have been verified to interoperate with the APs server. The following table lists the clients, version number, and the website of the client. Clients Website Version OpenSSH Putty Zoc Axessh http://www.openssh.com http://www.chiark.greenend.org.uk http://www.emtec.com http://www.labf.com For key generation, only the OpenSSH client has been verified. V3.4-2 Rel 0.53b 5.00 V2.5 Auto Configuration Parameters These parameters relate to the Auto Configuration feature which allows an AP to be automatically configured by downloading a specific configuration file from a TFTP server during the boot up process. Access CLI Parameter Name Value Type Auto Configuration Group Auto Configuration Status Integer Auto Config File Name Auto Config TFTP Server IP Address DisplayString IpAddress N/A enable (default) disable User Defined User Defined R RW RW RW autoconfig autoconfigstatus autoconfigfilename autoconfigTFTPaddr TFTP Server Parameters These parameters relate to upload and download commands. When you execute an upload and/or download Command, the specified arguments are stored in TFTP parameters for future use. If nothing is specified in the command line when issuing subsequent upload and/or download commands, the stored arguments are used. Name Type Value Access CLI Parameter TFTP TFTP Server IP Address IpAddress TFTP File Name Group DisplayString N/A User Defined User Defined R RW RW tftp tftpipaddr tftpfilename 310 MeshMAX 5054 Series User Guide Access RW CLI Parameter tftpfiletype CLI for Mesh and Access Point Module User Guide Name TFTP File Type Type Integer IP Access Table Parameters Value img config bootloader sslcertificate sslprivatekey sshprivatekey sshpublickey clibatchfile (CLI Batch File) cbflog (CLI Batch Error Log) When creating table entries, you may either specify the argument name followed by argument value or simply enter the argument value. When only the argument value is specified, then enter the values in the order depicted by the following table. CLI applies default values to the omitted arguments. Due to the nature of the information, the only argument that can be omitted is the comment argument. Type CLI Parameter Access Value Name IP Access Table Table Index IP Address IP Mask Comment (optional) Status (optional) Table Integer IpAddress IpAddress DisplayString Integer N/A User Defined User Defined User Defined User Defined enable (default) disable delete R N/A RW RW RW RW mgmtipaccesstbl index ipaddr ipmask cmt status Filtering Parameters Ethernet Protocol Filtering Parameters Name Ethernet Filtering Filtering Interface Bitmask Type Group Interface Bitmask Operation Type Ethernet Filtering Table Identify the different filters by using the table index. Value Access CLI Parameter N/A 0 or 2 = No interfaces
(disable) 1 or 3 = Ethernet 4 or 6 = Wireless A 8 or 10 = Wireless B 12 = Wireless A & B 13 or 15 = All interfaces
(default is 15) passthru block R RW etherflt etherfltifbitmask RW etherfltoptype Name Type Value Access CLI Parameter Ethernet Filtering Table Table Index Table N/A N/A N/A R R etherflttbl index 311 CLI for Mesh and Access Point Module User Guide Name Type Octet String Protocol Number Protocol Name (optional) DisplayString Status (optional) Integer MeshMAX 5054 Series User Guide Value Access CLI Parameter N/A enable (1) disable (2) delete (3) RW RW RW protonumber protoname status NOTE: The filter Operation Type (passthru or block) applies only to the protocol filters that are enabled in this table. Static MAC Address Filter Table Name Type Value Access CLI Parameter Static MAC Address Filter Table Table Index Static MAC Address on Wired Network Static MAC Address Mask on Wired Network Static MAC Address on Wireless Network Static MAC Address Mask on Wireless Network Comment (optional) Status (optional) Table N/A N/A PhysAddress N/A User Defined PhysAddress User Defined PhysAddress User Defined PhysAddress User Defined DisplayString Integer max 255 characters enable (default) disable delete R R RW RW RW RW RW RW staticmactbl index wiredmacaddr wiredmask wirelessmacaddr wirelessmask cmt status 312 CLI for Mesh and Access Point Module User Guide Proxy ARP Parameters Name Type Proxy ARP Status Group Integer IP ARP Filtering Parameters Name IP ARP Filtering Status IP Address Subnet Mask Type Group Integer IpAddress IpAddress Broadcast Filtering Table Name Type Broadcast Filtering Table Table Index Integer DisplayString Protocol Name Direction Integer Status Integer TCP/UDP Port Filtering MeshMAX 5054 Series User Guide Value N/A enable disable (default) Value N/A enable disable (default) User Defined User Defined Value N/A 1 - 5 N/A ethertowireless wirelesstoether both (default) enable disable (default) Access CLI Parameter R RW parp parpstatus Access CLI Parameter R RW RW RW iparp iparpfltstatus iparpfltipaddr iparpfltsubmask Access CLI Parameter R N/A R RW RW broadcastflttbl index protoname direction status The following parameters are used to enable/disable the Port filter feature. Name Port Filtering Port Filter Status Type Group Integer Value N/A enable (default) disable Access CLI Parameter R RW portflt portfltstatus TCP/UDP Port Filtering Table The following parameters are used to configure TCP/UDP Port filters. Value Name Type Port Filtering Table Table Index Table N/A Port Type Octet String N/A User Defined
(there are also 4 pre-defined indices, see Port Number below for more information) tcp udp tcp/udp Access CLI Parameter R R portflttbl index RW porttype 313 CLI for Mesh and Access Point Module User Guide Name Port Number Type Octet String Protocol Name DisplayString Interface Bitmask Integer32 Status (optional) Integer Alarms Parameters SNMP Table Host Table Parameters Value User Defined
(there are also 4 pre-defined protocols:
Index 1: NetBios Name Service - 137, Index 2:
NetBios Datagram Service - 138, Index 3:
NetBios Session Service
- 139, Index 4: SNMP Service - 161) User Defined
(there are also 4 pre-defined protocols, see Port Number above) 0 or 2 = No interfaces
(disable) 1 or 3 = Ethernet 4 or 6 = Wireless A 8 or 10 = Wireless B 12 = Wireless A & B 13 or 15 = All interfaces
(default is 15) enable (default for new entries) disable (default for pre-defined entries) delete MeshMAX 5054 Series User Guide Access RW CLI Parameter portnum RW protoname RW ifbitmask RW status When creating table entries, you may either specifying the argument name followed by argument value. CLI applies default values to the omitted arguments. Due to the nature of the information, the only argument that can be omitted is the comment argument. Name SNMP Trap Host Table Table Index IP Address Password Type Table Integer IpAddress DisplayString Comment (optional) DisplayString Status (optional) Integer Value Access CLI Parameter N/A User Defined User Defined User Defined (up to 64 characters) User Defined (up to 254 characters) enable (default) disable delete R N/A RW W RW RW snmptraphosttbl index ipaddr passwd cmt status 314 CLI for Mesh and Access Point Module User Guide Syslog Parameters The following parameters configure the Syslog settings. MeshMAX 5054 Series User Guide Type Value Access CLI Parameter Name Syslog Syslog Status Syslog Port Syslog Lowest Priority Logged Group Integer Octet String Integer Heartbeat Status Heartbeat Interval
(seconds) Integer Integer N/A enable disable (default) 514 1 = LOG_ALERT 2 = LOG_CRIT 3 = LOG_ERR 4 = LOG_WARNING 5 = LOG_NOTICE 6 = LOG_INFO (default) 7 = LOG_DEBUG enable (1) disable (2) (default) 1 - 604800 seconds;
900 sec. (default) R RW R RW RW RW syslog syslogstatus syslogport syslogpritolog sysloghbstatus sysloghbinterval NOTE: When Heartbeat is enabled, the AP periodically sends a message to the Syslog server to indicate that it is active. The frequency with which the heartbeat message is sent depends upon the setting of the Heartbeat Interval. Syslog Host Table The table described below configures the Syslog hosts that will receive message from the AP. You can configure up to ten Syslog hosts. Name Syslog Host Table Table Index IP Address Comment (optional) Status (optional) Type Table Integer IpAddress DisplayString Integer Value Access CLI Parameter N/A 1 - 10 User Defined User Defined enable disable delete R N/A RW RW RW sysloghosttbl index ipaddr cmt status 315 CLI for Mesh and Access Point Module User Guide Bridge Parameters MeshMAX 5054 Series User Guide Type Value Access CLI Parameter Spanning Tree Parameters Name Spanning Tree Spanning Tree Status Bridge Priority Maximum Age Group Integer Integer Integer Hello Time Integer Forward Delay Integer Spanning Tree Priority and Path Cost Table Name Spanning Tree Table Table Index (Port) Priority Path Cost State Table N/A Integer Integer Integer Status Integer Storm Threshold Parameters Name Storm Threshold Broadcast Threshold Multicast Threshold Type Group Integer Integer N/A enable disable (default) 0 - 65535 32768 (default) 600 - 4000
(in 0.01 sec intervals;
i.e., 6 to 40 seconds) 2000 (default) 100 - 1000 (1/100 second; i.e., 1 to 10 seconds); enter values in increments of 100 200 (default) 400 - 3000
(in 0.01 sec intervals;
i.e., 4 to 30 seconds) 1500 (default) R RW RW RW stp stpstatus stppriority stpmaxage RW stphellotime RW stpfwddelay Type Value Access CLI Parameter N/A 1 - 15 0 - 255 128 (default) 1 - 65535 100 (default) disable blocking listening learning forwarding broken enable disable R R RW RW R stpbl index priority pathcost state RW status Value N/A (see below) 0 - 255 packets/sec
(default is 0) 0 - 255 packets/sec
(default is 0) Access CLI Parameter N/A RW RW stmthres stmbrdthres stmmultithres 316 CLI for Mesh and Access Point Module User Guide Storm Threshold Table MeshMAX 5054 Series User Guide Name Type Value Access CLI Parameter Storm Threshold Table Table Index Table Integer Broadcast Threshold Integer Multicast Threshold Integer Intra BSS Subscriber Blocking N/A 1 = Ethernet 3 = Wireless 0 - 255 packets/sec
(default is 0) 0 - 255 packets/sec
(default is 0) R R RW RW stmthrestbl index bcast mcast The following parameters control the Intra BSS traffic feature, which prevent wireless clients that are associated with the same AP from communicating with each other:
Name Intra BSS Traffic Intra BSS Traffic Operation Type Group Integer Value N/A passthru (default) block Access R RW CLI Parameter intrabss intrabssoptype Packet Forwarding Parameters The following parameters control the Packet Forwarding feature, which redirects wireless traffic to a specific MAC address:
Name Type Value Access CLI Parameter Group Packet Forwarding MAC Address Packet Forwarding MAC Address Packet Forwarding Status Integer MacAddress Packet Forwarding Interface Port Integer N/A R pktfwd RW RW RW pktfwdmacaddr pktfwdstatus pktfwdif User Defined enable disable (default) 0 (any) (default) 1 (Ethernet) 2 (WDS 1) 3 (WDS 2) 4 (WDS 3) 5 (WDS 4) 6 (WDS 5) 7 (WDS 6) 317 CLI for Mesh and Access Point Module User Guide RADIUS Parameters General RADIUS Parameters MeshMAX 5054 Series User Guide Name RADIUS Client Invalid Server Address Type Group Counter32 N/A N/A Value Access CLI Parameter R R radius radcliinvsvradd RADIUS Server Configuration Parameters NOTE: Use a server name only if you have enabled the DNS Client functionality. See DNS Client for RADIUS Name Resolution. Name Type Value Access CLI Parameter RADIUS Authentication Table Index (Profile Index) Primary/Secondary Index Integer Table Integer Status Integer Server Address Format Integer Server IP Address or Name IpAddress DisplayString Port (optional) Integer Shared Secret DisplayString Response Time (optional) Integer Maximum Retransmissions
(optional) RADIUS MAC Address Format Integer Integer RADIUS Accounting Inactivity Timer Authorization Lifetime RADIUS Accounting Update Interval VLAN ID Integer32 Integer32 Integer32 vlanID N/A N/A Primary (1) Secondary (2) enable disable Ipaddr Name User defined (enter an IP address if seraddrfmt is ipaddr or a name if set to name; up to 254 characters if using a name) User Defined 1812 (default) User Defined 6 - 32 characters 1 - 10 seconds 3 (default) 0 - 4 3 (default) dashdelimited colondelimited singledashdelimited nodelimiter 1 - 60 minutes 900 - 43200 seconds 10 - 3600 minutes
-1 (untagged) 1 - 4094 R R R RW RW RW radiustbl index subindex status seraddrfmt ipaddr RW port W RW RW ssecret responsetm maxretx RW radmacaddrformat RW W RW RW radaccinactivetmr radauthlifetm radacctupdinterval radvlanid 318 CLI for Mesh and Access Point Module User Guide Security Parameters MAC Access Control Parameters MeshMAX 5054 Series User Guide Name MAC Address Control Status Operation Type Group Integer Integer Type Value Access CLI Parameter N/A enable disable (default) passthru (default) block R RW RW macacl aclstatus macacloptype Type Value Access CLI Parameter MAC Access Control Table Name MAC Address Control Table Table Index MAC Address Comment (optional) Table N/A N/A PhysAddress DisplayString Status (optional) Integer Rogue Scan Configuration Table N/A User Defined User Defined max 254 characters enable (default) disable delete R macacltbl R RW RW RW index macaddr cmt status The Rogue Scan Configuration Table allows you to enable or disable Rogue Scan and configure the scanning parameters. Name Rogue Scan Configuration Table Rogue Scan Mode Table Integer Rogue Scan Cycle Time Integer Rogue Scan Integer Configuration Table Index Rogue Scan Status Integer Type Value Access CLI Parameter N/A Bkscan (1) Contscan (2) 1 - 1440 3 or 4 enable disable R rscantbl RW RW RW RW mode cycletime index status 802.1x Parameters Name 802.1x Group 802.1x Supplicant Timeout Hardware Configuration Reset Type Group Integer32 Value N/A 3 - 60 seconds
(recommended range) Access R RW CLI Parameter dot1xauthcfg dot1xsupptimeout The Hardware Configuration Reset commands allows you to enable or disable the feature and to change the password to be used for configuration reset during boot up. 319 CLI for Mesh and Access Point Module User Guide Name Hardware Configuration Reset Status Configuration Reset Password Type Integer DisplayString Security Profile Table MeshMAX 5054 Series User Guide Value enable (1) disable (2) User Defined Access CLI Parameter R hwconfigresetstatus RW configresetpasswd The Security Profile Table allows you to configure security profiles. A maximum of 16 security profiles are supported per wireless interface. Each security profile can contain one or more enabled security modes (Non-secure station, WEP station, 802.1x station, WPA station, WPA-PSK station, 802.11i, 802.11i-PSK). The WEP/PSK parameters are separately configurable for each security mode. See the command examples in Set Security Profile Parameters. Name Security Profile Table Table Index Security Mode Table Integer Integer Authentication Mode Integer Cipher Encryption Key 0 Encryption Key 1 Encryption Key 2 Encryption Key 3 Integer Integer Integer Integer Integer Encryption Transmit Key Integer Encryption Key Length Integer PSK Passphrase Integer Type Value Access CLI Parameter N/A 1 - 16 (up to 16 per interface) nonsecure wep 802.1x wpa wpa-psk 802.11i 802.11i-psk none 802.1x psk none wep tkip aes See Encryption Key Format See Encryption Key Format See Encryption Key Format See Encryption Key Format 0 - 3 1 (64 bits) 2 (128 bits) 3 (152 bits) 8 - 64 characters R RW RW secprofiletbl index secmode R R W W W W authmode ciphersuite encryptkey0 encryptkey1 encryptkey2 encryptkey3 RW RW encryptkeytx encryptkeylength W passphrase 320 CLI for Mesh and Access Point Module User Guide MeshMAX 5054 Series User Guide Encryption Key Format If WEP security mode is configured, then the appropriate key size must be configured. The AP supports 63-, 128-, and 152-bit encryption keys. Encryption keys may be configured using either hexadecimal or ASCII values, as described in the following table. Key Length ASCII 64-bit 128-bit 152-bit Hexadecimal 10 characters (0 - F) 26 characters (0 - F) 32 characters (0 - F) 5 alphanumeric characters 13 alphanumeric characters 16 alphanumeric characters Each ASCII character corresponds to two hexadecimal digits. See ASCII Character Chart for ASCII/Hexadecimal correspondence. VLAN/SSID Parameters Name Type VLAN Status Management ID Group Integer VlanId Other Parameters IAPP Parameters Name IAPP IAPP Status Periodic Announce Interval (seconds) Type Group Integer Integer Announce Response Time Handover Time-out Integer Integer Max. Handover Retransmissions Send Announce Request on Startup Integer Integer Value N/A enable disable (default)
-1 (untagged) or 1 - 4094 Value N/A enable (default) disable 80 120 (default) 160 200 2 seconds 410 ms 512 ms (default) 614 ms 717 ms 819 ms 1 - 4 (default 4) enable (default) disable Access CLI Parameter R RW RW vlan vlanstatus vlanmgmtid Access CLI Parameter R RW RW iapp iappstatus iappannint R iappannresp RW iapphandtout RW RW iapphandretx iappannreqstart NOTE: These parameters configure the Inter Access Point Protocol (IAPP) for roaming. Leave these settings at their default value unless a technical representative asks you to change them. 321 CLI for Mesh and Access Point Module User Guide Wireless Multimedia Enhancements (WME)/Quality of Service (QoS) parameters MeshMAX 5054 Series User Guide The Wireless Multimedia Enhancements commands enable and configure Wireless Multimedia Enhancement/Quality of Service parameters per wireless interface. The following two commands are part of the Wireless Interface Properties table. Enabling QoS Name QoS Status Type Object Status QoS Maximum Medium Threshold Integer Value enable disable (default) 50 - 90 Access CLI Parameter RW RW qosstatus qosmaximummediumthresh old Configuring QoS Policies The QoS group manages the QoS policies:
Type Name QoS Group QoS Policy Table Table Primary Index Table Secondary Index Policy Name Policy Type Group Table Integer Integer Display String Integer Priority Mapping Index Apply QoS Marking Integer Object Status Table Row Status Row Status Value N/A N/A N/A N/A 0 - 32 characters inlayer2, inlayer3, outlayer2, outlayer3, spectralink*
See Note . enable disable enable disable delete Access CLI Parameter N/A N/A R R RW RW RW RW RW qos qospolicytbl index secindex policyname type mapindex markstatus status
* QoS must be enabled on a wireless interface before spectralink can be enabled. A priority mapping needs to be specified for a QoS Policy. The priority mapping depends on the type of policy configured. For Layer 2 policy types (inbound or outbound) a mapping index from the 802.1p to 802.1D table should be specified. For Layer 3 policy types (inbound or out-
bound) a mapping index from the IP DSCP to 802.1D table should be specified. The mapping index, in both cases, depends on the number of mappings configured by the user. For SpectraLink policy type a mapping is not required. Specifying the Mapping between 802.1p and 802.1D Priorities The QoS 802.1p to 802.1D Mapping Table specifies the mapping between 802.1P and 802.1D priorities. Name QoS 802.1p to 802.1D Mapping Table Table Index (Primary Index) 802.1D Priority
(Secondary Index) 802.1p Priority Table Integer Integer Integer Type Value N/A 0 - 7 0 - 7 0 - 7 Access N/A CLI Parameter qos1pto1dtbl R R index 1dpriority RW 1ppriority 322 CLI for Mesh and Access Point Module User Guide Name Table Row Status Type Row Status MeshMAX 5054 Series User Guide Value Access RW status CLI Parameter enable disable delete Specifying the Mapping between IP Precedence/DSCP Ranges and 802.1D Priorities The QoS IP DSCP to 802.1D Mapping Table specifies the mapping between IP Precedence/DSCP Ranges and 802.1D priorities. Name Type Value QoS IP DSCP to 802.1D Mapping Table Table Index (Primary Index) 802.1D Priority IP DSCP Lower Limit IP DSCP Upper Limit Table Row Status Table Integer Integer Integer Integer Row Status N/A 0 - 7 0 - 7 0 - 62 1 - 63 enable disable delete Access N/A CLI Parameter qosdscpto1dtbl R index R RW RW RW 1dpriority dscplower dscpupper status QoS Enhanced Distributed Channel Access (EDCA) Parameters The following commands configure the client (STA) and AP Enhanced Distributed Channel Access (EDCA) parameters. You can modify the EDCA values for both Wireless A and Wireless B. The EDCA parameter set provides information needed by the client stations for proper QoS operation during the wireless contention period. These parameters are used by the QoS enabled AP to establish policy, to change policies when accepting new stations or new traffic, or to adapt to changes in the offered load. The EDCA parameters assign priorities to traffic types where higher priority packets gain access to the wireless medium more frequently than lower priority packets. NOTE: We have defined default recommended values for EDCA parameters; we recommend not modifying EDCA parameters unless strictly necessary. Name STA EDCA Table Table Index Type Table Integer QoS Access Category Integer CWmin CWmax AIFSN Tx OP Limit MSDU Lifetime AC Mandatory Integer Integer Integer Integer Integer Truth Value AP EDCA Table Table Value N/A 3 (Wireless A) 4 (Wireless B) 1 (Best Effort) 2 (Background) 3 (Video) 4 (Voice) 0 - 255 0 - 65535 2 - 15 0 - 65535 0 - 500 1 (Enable) 2 (Disable) N/A Access CLI Parameter N/A R R RW RW RW RW RW RW N/A qosedcatbl cwmin cwmax aifsn txoplimit msdulifetime acmandatory qosqapedcatbl 323 CLI for Mesh and Access Point Module User Guide Name Table Index Type Integer QoS Access Category Integer CWmin CWmax AIFSN Tx OP Limit MSDU Lifetime AC Mandatory Integer Integer Integer Integer Integer Truth Value Value 3 (Wireless A) 4 (Wireless B) 1 (Best Effort) 2 (Background) 3 (Video) 4 (Voice) 0 - 255 0 - 65535 2 - 15 0 - 65535 0 - 500 true false MeshMAX 5054 Series User Guide Access CLI Parameter R R RW RW RW RW RW RW cwmin cwmax aifsn txoplimit msdulifetime acmandatory Examples:
show qosedcatbl (or qosqapedcatbl) set qosedcatbl (or qosqapedcatbl) <Index>.<Access Category> <EDCA parameter> <value>
For example: set qosedcatbl 3.1 cwmin 15 Defining the QoS Policy used for a Wireless Interface SSID The QoS Policy object configures the QoS policy to be used per wireless interface SSID. This object is part of the Wireless Interface SSID Table; the CLI command for this table is wifssidtbl. Name Type Value QoS Policy Integer See Note*
Access RW CLI Parameter qospolicy
* A QoS Policy number needs to be specified in the SSID table. This depends on the QoS policies configured by the user. Once the user has configured QoS policies, the user should specify the policy to be used for that SSID. 324 CLI for Mesh and Access Point Module User Guide CLI Batch File MeshMAX 5054 Series User Guide A CLI Batch file is a user-editable file that lists a series of CLI set commands, that can be uploaded to the Access Point to change its configuration. The Access Point executes the CLI commands specified in the CLI Batch file after upload and the configuration gets changed accordingly. A CLI Batch file can also be used for Auto Configuration. The CLI Batch file does not replace the existing LTV format configuration file, which continues to define the configuration of the AP. The CLI Batch file contains a list of CLI commands that the AP will execute. The AP performs the commands in the file immediately after the file is uploaded to the AP manually or during Auto Configuration. The AP parses the file and executes the CLI commands. Commands that do not require a reboot take effect immediately, while commands that require a reboot (typically commands affecting a wireless interface) will take effect after reboot. Auto Configuration and the CLI Batch File The Auto Configuration feature allows download of the LTV format configuration file or the CLI Batch file. The AP detects whether the file uploaded is LTV format or a CLI Batch file. If the AP detects a CLI Batch file (a file with extension .cli), the AP executes the file immediately. The AP will reboot after executing the CLI Batch file. Auto Configuration will not result in repeated reboots if the CLI Batch file contains rebootable parameters. CLI Batch File Format and Syntax The CLI Batch file must be named with a .cli extension to be recognized by the AP. The maximum file size allowed is 100 Kbytes, and files with larger sizes cannot be uploaded to the AP. The CLI commands supported in the CLI Batch File are a subset of the legal AP CLI commands. The follow commands are supported:
Set commands Reboot command (the reboot command ignores the argument (time) Each command must be separated by a new line. NOTE: The following commands are not supported: Show command, Debug command, Undebug command, Upload command, Download command, Passwd command, Kill command, and the Exit, Quit, and Done commands. Sample CLI Batch File The following is a sample CLI Batch File:
set sysname system1 set sysloc sunnyvale set sysctname contact1 set sysctphone 1234567890 set sysctemail email@domain.com set ipaddr 11.0.0.66 set ipaddrtype static set ipsubmask 255.255.255.0 set ipgw 11.0.0.1 set wif 3 autochannel disable set wif 3 mode 1 set syslogstatus enable set sysloghbstatus enable set sysloghbinterval 5 set wif 3 netname london reboot 325 CLI for Mesh and Access Point Module User Guide Reboot Behavior MeshMAX 5054 Series User Guide When a CLI Batch file contains a reboot command, the reboot will occur only after the entire CLI Batch file has been executed. There are two methods of uploading the CLI Batch File:
Upload Upload and reboot (this option is to be used for a CLI Batch file containing the configuration parameters that require a reboot) CLI Batch File Error Log If there is any error during the execution of the CLI Batch file, the AP will stop executing the file. The AP generates traps for all errors and each trap contains the following information:
Start of execution Original filename of the uploaded file End of execution (along with the status of execution) Line number and description of failures that occurred during execution The AP logs all the errors during execution and stores them in the Flash memory in a CLI Batch File Error Log named CBFERR.LOG. The CLI Batch File Error Log can be downloaded though TFTP, HTTP, or CLI file transfer to a specified host. 326 ASCII Chart for Mesh and Access Point Module MeshMAX 5054 Series User Guide C You can configure WEP Encryption Keys in either Hexadecimal or ASCII format. Hexadecimal digits are 0-9 and A-F (not case sensitive). ASCII characters are 0-9, A-F, a-f (case sensitive), and punctuation marks. Each ASCII character corresponds to two hexadecimal digits. The table below lists the ASCII characters that you can use to configure WEP Encryption Keys. It also lists the Hexadecimal equivalent for each ASCII character. ASCII Charact er
0 1 2 3 4 5 6 7 8 Hex Equival ent 21 22 23 24 25 26 27 28 29 2A 2B 2C 2D 2E 2F 30 31 32 33 34 35 36 37 38 ASCII Charact er 9
A B C D E F G H I J K L M N O P Hex Equival ent 39 3A 3B 3C 3D 3E 3F 40 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F 50 ASCII Charact er Q R S T U V W X Y Z
a b c d e f g h Hex Equival ent 51 52 53 54 55 56 57 58 59 5A 5B 5C 5D 5E 5F 60 61 62 63 64 65 66 67 68 ASCII Charact er i j k l m n o p q r s t u v w x y z
Hex Equival ent 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 75 76 77 78 79 7A 7B 7C 7D 7E 327 MeshMAX 5054 Series User Guide D Technical Specifications See the following:
Part Numbers Regulatory Approval and Frequency Ranges Radio and Transmission Specifications Receive Sensitivity Maximum Throughput Transmit Power Settings Software Features Mesh and Wi-Fi Features LEDs Other Specifications Electrical Physical and Environmental Specifications MTBF and Warranty Interfaces 328 Technical Specifications Part Numbers Part Numbers MeshMAX 5054 Series Part Number 9200-xx 9201-xx MeshMAX 5054 Series User Guide MeshMAX 5054WM Tri-radio, WiMAAX subscriber and Wi-Fi Mesh access point MeshMAX 5054W Tri-radio, WiMAX subscriber and WiFi access point Description Regulatory Approval and Frequency Ranges Region/Country Country GHz Number of Channels North America USA EU Countries Canada Mexico Austria Belgium Cyprus Czech Republic Denmark Estonia Finland France Germany Greece Hungary Ireland Italy Latvia Lithuania Luxemburg Malta Netherlands Poland Portugal Slovakia Slovenia Spain Sweden United Kingdom 5.25 - 5.35 5.47 - 5.725 5.725 - 5.85 5.25 - 5.35 5.47 - 5.725 5.725 - 5.85 5.725 - 5.85 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.725 - 5.85 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.725 - 5.85 5 MHz NA NA Up to 21 Up to 61 Up to 61 Up to 21 Up to 21 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 23 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 46 Up to 23 10 MHz Up to 30 Up to 30 Up to 11 Up to 30 Up to 30 Up to 11 Up to 11 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 11 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 23 Up to 11 20 MHz Up to 14 Up to 14 Up to 5 Up to 14 Up to 14 Up to 5 Up to 5 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 4 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 11 Up to 4 329 Technical Specifications Radio and Transmission Specifications Regulatory Approval and Frequency Ranges (continued) MeshMAX 5054 Series User Guide Region/Country Country GHz Number of Channels Other European Countries South America APAC Iceland Liechtenstein Norway Russia Switzerland Argentina Brazil Colombia Australia China Hong Kong India New Zealand S. Korea Singapore Taiwan 5.47 - 5.70 5.47 - 5.70 5.47 - 5.70 5.15 - 6.08 5.47 - 5.70 5.25 - 5.35 5.725 - 5.85 5.47 - 5.70 5.725 - 5.85 5.25 - 5.35 5.725 - 5.85 5.725 - 5.85 5.725 - 5.85 5.725 - 5.85 5.15 - 5.35 5.725 - 5.85 5.725 - 5.85 5.725 - 5.85 5.15 - 5.25 5.725 - 5.85 5.25 - 5.35 5.725 - 5.85 10 MHz 5 MHz Up to 23 Up to 46 Up to 23 Up to 46 Up to 23 Up to 46 Up to 193 Up to 93 Up to 23 Up to 46 Up to 5 Up to 9 Up to 19 Up to 10 Up to 23 Up to 46 Up to 10 Up to 19 Up to 7 Up to 15 Up to 21 Up to 11 Up to 11 Up to 21 Up to 9 Up to 17 Up to 21 Up to 11 Up to 16 Up to 32 Up to 14 Up to 28 Up to 11 Up to 21 Up to 17 Up to 9 Up to 7 Up to 13 Up to 9 Up to 17 Up to 15 Up to 7 Up to 9 Up to 17 20 MHz Up to 11 Up to 11 Up to 11 Up to 47 Up to 11 Up to 3 Up to 5 Up to 11 Up to 5 Up to 3 Up to 5 Up to 5 Up to 5 Up to 5 Up to 8 Up to 7 Up to 5 Up to 5 Up to 4 Up to 5 Up to 3 Up to 5
* FCC DFS in process. IC DFS in process. Radio and Transmission Specifications Category Modulation Method Radio Speed OFDM 54, 48, 36, 18, 12, 9, 6 Specification Receive Sensitivity Modulation 5 GHz band 2.4 GHz band 64-QAM 16-QAM QPSK BPSK 48 and 54 Mbps 24 and 36 Mbps 12 and 18 Mbps 6 and 9 Mbps Maximum Throughput NOTE: Actual throughput performance in the field may vary. 48 and 54 Mbps 12 and 18 Mbps 12 and 18 Mbps 6 and 9 Mbps 330 Technical Specifications Receive Sensitivity Transmit Power Settings 5.0GHz: +18dBm 2.4GHz: +20dBm Output Power Attenuation: 0 - 12 dB, in 1 dB steps Output Power Values will have a tolerance of +- 1.5 dB MeshMAX 5054 Series User Guide Software Features Category Key Features Satellite Density Filtering Services VLAN Security Features Redundancy Bridging and Routing QoS Specification IP address Integrity Check for Software Upload WORP protocol Dynamic Data Rate Selection Transmit Power Control Antenna Alignment 5, 10 and 20 MHz channels Dynamic Frequency Selection Ethernet protocol (Ethertype) Static MAC Storm threshold Broadcast protocol DHCP Server (RFC 2131) DHCP Client (RFC 2131) DHCP Relay (RFC 2131) NAT (RFC 3022) Bi-Directional Bandwidth Control 802.1Q VLAN tagging and filtering protocol Transparent passing of 802.1Q-compliant VLAN tagged frame MAC Authentication RADIUS MAC Access Control RADIUS (RFC 2138) WEP/AES-OCB encryption Spanning Tree (802.1D) Bridge (802.1d) CIDR (RFC 1519) ARP(RFC 826) Asymmetric bandwidth support Packet Classification capabilties - 801.1D/802.1Q/802.1p priority; IPTOS;VLAN ID; IP IP/RIPv1 (RFC 1058) IP/RIPv2 (RFC 1388) IP (RFC 791) Addess;source/Destination port; Ethernet Source Destination Address; IP Protocol and Source/Destination Ethertype Scheduling - Best Effort; Universal Grant Services; per srvice flow scheduling; priority, jitter and latency control for voice, video and data; min/max bandwidth enabling Mobility Local Monitoring Subscriber Roaming Serial CLI 331 Technical Specifications Receive Sensitivity Category Remote Monitoring MeshMAX 5054 Series User Guide Specification Telnet CLI HTTP TFTP SNMPv1, SNMPv2 MIB-II, Proxim MIBs, Bridge MIB, RIPv2 MIB, Etherlike MIB Mesh and Wi-Fi Features Category Authentication Encryption Message Authentication Intrusion Detection 802.11 MAC Level Functionality Bridging and Filtering Specification 802.1X support including PEAP, EAP-TLs, EAP-TTLS, EAP-SIM, and other EAP methods that conform to RFC 3748 to yield mutual authentication and dynamic per-user, per-session encryption keys RADIUS-based MAC address authentication Dynamic MAC address conrol list, automatically updated without rebooting AP 802.11i support for CCMP/AES keys of 128 bits (WPA2) TKIP encryption WEP keys of 64 and 128 bits AES encryption 802.11i AES message authenitication with 128 bits keys TKIP with 128 bit Michael Message Integrity Check Rogue AP and client detection Detect switch port of rogue access point when used in conjuction with ProximVisionTM Multiple SSID and BSSID Auto Channel Selection Dynamic Frequency Selection (DFS) 802.1d support Transmit power control Qo support for mesh backhaul and access Closed system Channel Blacklist Turbo mode Super mode VLAN Support WDS Relay Protocol Filtering Modified Proxy ARP Support Multicast/Broadcast Storm Filtering TCP/UDP Port Filtering Packet Forwarding VPN filtering Intra-BSS Clients blocking IEEE 802.1d Bridging 332 Technical Specifications Receive Sensitivity Category Network Layer Remote Management Secure Configuration Support LEDs Category Types MeshMAX 5054 Series User Guide Specification Inter Access Point Protocol (IAPP) DHCP Client DHCP Server DHCP Relay Agent Link Integrity Syslog RADIUS Autheication RADIUD Accounting Support DNS Client SNTP TFTP Client Telnet Server HTTP Server SNMPv1/SNMPv2/SNMPv3 Scan and Change SNMPv1; SNMPv2c and SNMPv3 MIBs Supported; ORiNOCO-Mesh; ORiNOCO-Subscriber; rfc 1213; rfc 1643; 802.11i-
D3; IANAifType-MIB; MIB802 DHCP Telnet HTTP TFTP BootP SNMPv3 HTTPS SSH RADIUS Based Management Access authentication Encrypted storage for security and management parameters Specification Power Mesh Activity Ethernet Activity 333 Technical Specifications Receive Sensitivity Interfaces Category Wired Ethernet Antenna Connector Other Specifications Category Wireless Protocol MeshMAX 5054 Series User Guide Specification Auto-sensing 10/100BASE-TX ethernet 1 Standard Type-N female 5 GHz Mesh and Wi-Fi Radio 1 Standard Type-N female 5 GHz WiMAX Radio 1 Standard Type-N female 2.4 GHz Wi-Fi Radio Specification WORP (Wireless Outdoor Routing Protocol) for Subscriber backaul 802.11a, 802.11b and 802.11g for Wi-Fi Access Proxim ORiNOCO Mesh CreationProtocol (OMCP) for mesh backhaul extension Bands Supported 5.15-6.08 GHz for WORP radio 5.15-5.85 GHz and 2.412-2.472 GHz mesh backhaul extension Channel Bandwidth 5,10 and 20 MHz for WORP radio 20MHz for Mesh bacjhaul and Wi-Fi Access Infrastructure Electrical Category PoE Power Injector AC Power Support Specification Input: Voltage 110 to 250 VAC (47-63 Hz) Custom Power over Ethernet (802.3af compatible) Output: 48V@420mA MAX (injected into the Cat-5 cable) Pin for reset to factory defaults 110/240 VAC light pole power tap (purchased separately) Physical and Environmental Specifications Category Physical Dimensions (W x D x H) Weight Environmental Specification Packaged: 14.57 x 13.70 x 8.19 in (370 x 348 x 208 mm) Unpackaged: 10.5 x 10.5 x 3.25 in (267 x 267 x 83mm) Packaged: 12 Ibs (5.44 Kg) Unpackaged: 5.5 Ibs (2.49 Kg) Storage Temperature Operating Temperature Humidity Wind Loading Water and Dust proof
-55C to 80C (-41 to 176 Fahrenheit)
-35C to 60C Max 100% relative humidity (non-condensing) 125 mph NEMA4E MTBF and Warranty Category Specification MTBF 100,000 hours 334 Technical Specifications Receive Sensitivity Category Warranty MeshMAX 5054 Series User Guide Specification 1 year parts and labor Extended Warranty and enchanced Service and Support options available with Servpak 335 Specifications for Mesh and Access Point Module Software Features Available Channels MeshMAX 5054 Series User Guide E 336 Specifications for Mesh and Access Point Module MeshMAX 5054 Series User Guide Software Features The tables below list the software features available on the Mesh and Access Point Module. Number of Stations per BSS Management Functions Advanced Bridging Functions Medium Access Control (MAC) Functions Security Functions Network Functions Number of Stations per BSS Feature Supported by Mesh and Access Point Module Without security With security*
* Number may vary based on combination of security methods used. 124 120 337 Specifications for Mesh and Access Point Module MeshMAX 5054 Series User Guide Management Functions Feature Web User Interface Telnet / CLI SNMP Agent Serial CLI Secure Management SSH RADIUS Based Management Access Advanced Bridging Functions Feature IEEE 802.1d Bridging WDS Relay Roaming Protocol Filtering Multicast/Broadcast Storm Filtering Proxy ARP TCP/UDP Port Filtering Blocking Intra BSS Clients Packet Forwarding Supported by Mesh and Access Point Module 3 3 3 3 3 3 3 Supported by Mesh and Access Point Module 3 3 3 3 3 3 3 3 3 Medium Access Control (MAC) Functions Feature Supported by Mesh and Access Point Module Automatic Channel Selection (ACS) Dynamic Frequency Selection (DFS)/Radar Detection
(RD)*
Wireless Service Shutdown 802.11d Support TX Power Control Wireless Multimedia Enhancements/Quality of Service
(QoS) Channel Blacklist Closed System 3 3 3 3 3 3 3 3 338 Specifications for Mesh and Access Point Module MeshMAX 5054 Series User Guide Broadcast Unique Beacon Super Mode Support
* DFS is required for 802.11a APs certified in the ETSI, TELEC, FCC, and IC regulatory domains and operating in the middle frequency band. 3 3 When ACS is disabled, available channels are limited to those in the lower frequency band. Security Functions Feature Supported by Mesh and Access Point Module Security Profiles per VLAN RADIUS Profiles per VLAN IEEE 802.11 WEP*
MAC Access Control RADIUS MAC-based Access Control IEEE 802.1x Authentication Multiple Authentication Server Support per VLAN Rogue Scanning to Detect Rogue Access Points and Clients Per User Per Session (PUPS) Encryption Wi-Fi Protected Access (WPA)/802.11i (WPA2) Hardware Configuration Reset Disable
* Key lengths supported by 802.11a/4.9 GHz: 64-bit, 128-bit, and 152-bit. Key lengths supported by 802.11b: 64-bit and 128-bit. Key lengths supported by 802.11b/g: 64-bit, 128-bit, and 152-bit. 3 3 3 3 3 3 3 3 3 3 3 EAP-MD5, EAP-TLS, EAP-TTLS, and PEAP client supplicant supported. Support is provided for a primary and backup RADIUS authentication server for both MAC-based authentication and 802.1x authentication per VLAN. Use in conjunction with WPA or 802.1x Authentication. 339 Specifications for Mesh and Access Point Module MeshMAX 5054 Series User Guide Network Functions Feature Supported by Mesh and Access Point Module DHCP Client DHCP Server DHCP Relay Agent and IP Lease Renewal Inter Access Point Protocol (IAPP) Link Integrity System Logging (Syslog) RADIUS Accounting Support*
DNS Client TCP/IP Protocol Support Virtual LAN Support 3 3 3 3 3 3 3 3 3 Up to 16 SSID/VLAN pairs per wireless interface, with specific Security and RADIUS profiles. For more information, see the Advanced Configuration chapter. Mesh Networking
* Includes Fallback to Primary RADIUS Server, RADIUS Session Timeout, RADIUS Multiple MAC Address Formats, RADIUS DNS Host Name 3 Support, RADIUS Start/Stop Accounting. DHCP client requests and IP lease renewals are sent on the Ethernet interface only, not on Mesh links. 340 Specifications for Mesh and Access Point Module MeshMAX 5054 Series User Guide Available Channels 2.4 GHz (802.11b/g) Frequencies and Bandwidths Channel Center Frequency (MHz) 20 MHz 1 2 3 4 5 6 7 8 9 10 11 2412 2417 2422 2427 2432 2437 2442 2447 2452 2457 2462 3 3 3 3 3 3 3 3 3 3 3 5.0 GHz (802.11a) Frequencies and Bandwidhs Channel Center Frequency (MHz) 20 MHz 149 153 157 161 165 5745 5765 5785 5805 5825 3 3 3 3 3 341 MeshMAX 5054 Series User Guide F Technical Services and Support See the following sections:
Obtaining Technical Services and Support Support Options Proxim eService Web Site Support Telephone Support ServPak Support 342 Technical Services and Support Obtaining Technical Services and Support Obtaining Technical Services and Support MeshMAX 5054 Series User Guide If you are having trouble utilizing your Proxim product, please review this manual and the additional documentation provided with your product. If you require additional support and would like to use Proxims free Technical Service to help resolve your issue, please be ready to provide the following information before you contact Proxims Technical Services:
Product information Part number of suspected faulty unit Serial number of suspected faulty unit Trouble/error information:
Trouble/symptom being experienced Activities completed to confirm fault Network information (what kind of network are you using?) Circumstances that preceded or led up to the error Message or alarms viewed Steps taken to reproduce the problem Servpak information (if a Servpak customer):
Servpak account number Registration information:
If the product is not registered, date when you purchased the product If the product is not registered, location where you purchased the product NOTE: If you would like to register your product now, visit the Proxim eService Web Site at http://support.proxim.com and click on New Product Registration. 343 Technical Services and Support Support Options Support Options Proxim eService Web Site Support MeshMAX 5054 Series User Guide The Proxim eService Web site is available 7x24x365 at http://support.proxim.com. On the Proxim eService Web Site, you can access the following services:
New Product Registration: Register your product for free support. Open a Ticket or RMA: Open a ticket or RMA and receive an immediate reply. Search Knowledgebase: Locate white papers, software upgrades, and technical information. ServPak (Service Packages): Receive Advanced Replacement, Extended Warranty, 7x24x365 Technical Support, Priority Queuing, and On-Site Support. Your Stuff: Track status of your tickets or RMAs and receive product update notifications. Provide Feedback: Submit suggestions or other types of feedback. Customer Survey: Submit an On-Line Customer Survey response. Repair Tune-Up: Have your existing Proxim equipment inspected, tested, and upgraded to current S/W and H/W revisions, and extend your warranty for another year. Telephone Support Contact technical support via telephone as follows:
US-Canada: 408-383-7700, 866-674-6626 (Toll Free) Hours of Operations: 8:00 AM - 6:00 PM APAC Countries: 040-23115490 Hours of Operations: 9:00 AM - 6:00 PM International: 408-383-7700 Hours of Operations: 8:00 AM - 6:00 PM ServPak Support Proxim understands that service and support requirements vary from customer to customer. It is our mission to offer service and support options that go above-and-beyond normal warranties to allow you the flexibility to provide the quality of service that your networks demand. In recognition of these varying requirements we have developed a support program called ServPak. ServPak is a program of Enhanced Service Options that can be purchased individually or in combinations to meet your needs. Advanced Replacement: This service offers customers an advance replacement of refurbished or new hardware.
(Available in the U.S., Canada, and select countries. Please inquire with your authorized Proxim distributor for availability in your country.) Extended Warranty: This service provides unlimited repair of your Proxim hardware for the life of the service contract. 7x24x365 Technical Support: This service provides unlimited, direct access to Proxims world-class technical support 24 hours a day, 7 days a week, 365 days a year. Priority Queuing: This service allows your product issue to be routed to the next available Customer Service Engineer. To purchase ServPak support services, please contact your authorized Proxim distributor. To receive more information or for questions on any of the available ServPak support options, please call Proxim Support at 408-383-7700 or send an email to servpak@proxim.com. 344 Statement of Warranty Warranty Coverage MeshMAX 5054 Series User Guide G Proxim Wireless Corporation warrants that its Products are manufactured solely from new parts, conform substantially to specifications, and will be free of defects in material and workmanship for a Warranty Period of 1 year from the date of purchase. Repair or Replacement In the event a Product fails to perform in accordance with its specification during the Warranty Period, Proxim offers return-to-factory repair or replacement, with a thirty (30) business-day turnaround from the date of receipt of the defective Product at a Proxim Wireless Corporation Repair Center. When Proxim Wireless has reasonably determined that a returned Product is defective and is still under Warranty, Proxim Wireless shall, at its option, either: (a) repair the defective Product; (b) replace the defective Product with a refurbished Product that is equivalent to the original; or (c) where repair or replacement cannot be accomplished, refund the price paid for the defective Product. The Warranty Period for repaired or replacement Products shall be ninety (90) days or the remainder of the original Warranty Period, whichever is longer. This constitutes Buyers sole and exclusive remedy and Proxim Wirelesss sole and exclusive liability under this Warranty. Limitations of Warranty The express warranties set forth in this Agreement will not apply to defects in a Product caused; (i) through no fault of Proxim Wireless during shipment to or from Buyer, (ii) by the use of software other than that provided with or installed in the Product, (iii) by the use or operation of the Product in an application or environment other than that intended or recommended by Proxim Wireless, (iv) by modifications, alterations, or repairs made to the Product by any party other than Proxim Wireless or Proxim Wirelesss authorized repair partners, (v) by the Product being subjected to unusual physical or electrical stress, or (vii) by failure of Buyer to comply with any of the return procedures specified in this Statement of Warranty. Support Procedures Buyer should return defective LAN Products within the first 30 days to the merchant from which the Products were purchased. Buyer can contact a Proxim Wireless Customer Service Center either by telephone or via web. Calls for support for Products that are near the end of their warranty period should be made not longer than seven (7) days after expiration of warranty. Repair of Products that are out of warranty will be subject to a repair fee. Contact information is shown below. Additional support information can be found at Proxim Wirelesss web site at http://support.proxim.com. Telephone Support Contact technical support via telephone as follows:
US-Canada: 408-383-7700, 866-674-6626 (Toll Free) Hours of Operations: 8:00 AM - 6:00 PM APAC Countries: 040-23115490 Hours of Operations: 9:00 AM - 6:00 PM International: 408-383-7700 Hours of Operations: 8:00 AM - 6:00 PM When contacting the Customer Service for support, Buyer should be prepared to provide the Product description and serial number and a description of the problem. The serial number should be on the product. 345 Statement of Warranty Other Information MeshMAX 5054 Series User Guide In the event the Customer Service Center determines that the problem can be corrected with a software update, Buyer might be instructed to download the update from Proxim Wirelesss web site or, if thats not possible, the update will be sent to Buyer. In the event the Customer Service Center instructs Buyer to return the Product to Proxim Wireless for repair or replacement, the Customer Service Center will provide Buyer a Return Material Authorization (RMA) number and shipping instructions. Buyer must return the defective Product to Proxim Wireless, properly packaged to prevent damage, shipping prepaid, with the RMA number prominently displayed on the outside of the container. Calls to the Customer Service Center for reasons other than Product failure will not be accepted unless Buyer has purchased a Proxim Wireless Service Contract or the call is made within the first thirty (30) days of the Products invoice date. Calls that are outside of the 30-day free support time will be charged a fee of $25.00 (US Dollars) per Support Call. If Proxim Wireless reasonably determines that a returned Product is not defective or is not covered by the terms of this Warranty, Buyer shall be charged a service charge and return shipping charges. Other Information Search Knowledgebase Proxim Wireless stores all resolved problems in a solution database at the following URL: http://support.proxim.com. Ask a Question or Open an Issue Submit a question or open an issue to Proxim Wireless technical support staff at the following URL:
http://support.proxim.com/cgi-bin/proxim.cfg/php/enduser/ask.php. Other Adapter Cards Proxim Wireless does not support internal mini-PCI devices that are built into laptop computers, even if identified as
"ORiNOCO" devices. Customers having such devices should contact the laptop vendor's technical support for assistance. For support for a PCMCIA card carrying a brand name other than Proxim, ORiNOCO, Lucent, Wavelan, or Skyline, Customer should contact the brand vendor's technical support for assistance. 346
| 1 | Users Manual 3 | Users Manual | 3.04 MiB |
ORiNOCO Series System Recommended Antennas ORiNOCO Series System Recommended Antennas Copyright 2008 Proxim Wireless Corporation, San Jose, CA. All rights reserved. Covered by one or more of the following U.S. patents: 5,231,634;
5,875,179; 6,006,090; 5,809,060; 6,075,812; 5,077,753. This manual and the software described herein are copyrighted with all rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form by any means without the written permission of Proxim Wireless Corporation.Trademarks Trademarks Tsunami, Proxim, and the Proxim logo are trademarks of Proxim Wireless Corporation. All other trademarks mentioned herein are the property of their respective owners. Safety and Regulatory Information See the MeshMAX 5054 Series product CD for important Safety and Regulatory information. ORiNOCO Series System Recommended Antennas P/N 73923, August 2008 4 ORiNOCO Series System Recommended Antennas 1 Introduction. 7 Who Should Use This Guide . 7 Antenna Types . 9 Omni-Directional Antennas . 9 Flat Panel Directional Antennas. 10 Sector Antennas. 10 Parabolic Dish Antennas . 11 Summary . 11 2 Recommended 900 MHz Antennas and Accessories . 12 Omni Antennas . 12 Sector Antennas . 12 Panel Antennas . 13 Cavity Filters . 13 3 Recommended 2.4 GHz Antennas . 14 Omni Antennas . 14 5 dBi Omni-Directional Vehicle Antenna (848 515 722). 14 7 dBi Omni-Directional Base Station Antenna (848 312 591) . 16 10 dBi Omni-Directional Base Station Antenna (848 515 698) . 18 Sector Antennas . 20 12 dBi Directional Wide Angle Antenna (120) (848 515 706). 20 14 dBi Sector Antenna (60) (2400-SA60-14) . 22 Panel Antennas . 24 14 dBi Directional Panel Antenna (1086-PA24-14) . 24 Parabolic Antennas . 26 24 dBi Directional Parabolic Grid Antenna (848 515 714) . 26 4 Recommended 4.9 GHz Antennas . 28 Omni Antennas . 28 8 dBi Omni-Directional Antenna (1086-OA49-8) . 28 10 dBi Omni-Directional Antenna (1086-OA49-10) . 30 Panel Antennas . 32 10 dBi Panel Antenna (1086-PA49-10) . 32 21 dBi Panel Antenna (1086-PA49-21) . 34 Sector Antennas . 36 14 dBi Sector Antenna (120) (5054-SA120-14) . 36 17 dBi Sector Antenna (60) (5054-SA60-17) . 38 5 Recommended 5 GHz Antennas . 40 Omni-Directional Antennas . 40 8 dBi Omni-Directional Antenna (5054-OA-8) . 40 5 ORiNOCO Series System Recommended Antennas 10 dBi Omni-Directional Antenna (5054-OA-10) . 42 Other Recommended Omni-Antennas. 44 Sector Antennas . 45 14 dBi Sector Antenna (120) (5054-SA120-14) . 45 17 dBi Sector Antenna (60) (5054-SA60-17) . 47 Other Recommended Sector Antennas . 49 Panel Antennas . 50 15 dBi Window Antenna (5054-WA-15-STN). 50 18 dBi Panel Antenna (5054-PA-18) . 52 23 dBi Panel Antenna (5054-PA50-23) . 54 Other Recommended Panel Antennas . 56 Parabolic Antennas . 57 6 Technical Services and Support . 58 Obtaining Technical Services and Support . 58 Support Options . 59 Proxim eService Web Site Support . 59 Telephone Support. 59 ServPak Support . 59 6 Introduction ORiNOCO Series System Recommended Antennas 1 This Recommended Antennas guide supplements the Tsunami MP.11 Antenna Installation Guide. The Antenna Installation Guide explains how to install and set up an outdoor antenna with the Tsunami MP.11 hardware devices. This guide does not explain how to erect antenna masts, nor how to install a safety grounding system. These prerequisites must be in place before installing the directional antenna. See the following sections:
Who Should Use This Guide Antenna Types Who Should Use This Guide The installation of outdoor wireless links requires technical expertise. At the very least, you should be able to:
Install and configure the network components, such as the radio hardware. Understand, or have a working knowledge of, installation procedures for network operating systems using Microsoft Windows. Mount the outdoor antenna and surge arrestor. Antenna installation must be provided by professional installers. NOTE: A basic rule for selecting a combination of cables and antennas is that no combination is allowed unless explicitly approved in the Tsunami MP.11 Antenna Installation Guide for your MP.11 model. Therefore, always use Tsunami MP.11 Recommended Antennas in combination with Chapter 4. Determining Range and Clearance of the Antenna Installation Guide to select the correct type of antenna equipment and to inform your antenna installer and LAN administrator about the impact of regulatory constraints on their job or activities. WARNING: The outdoor antennas to be used with these products are intended for mounting on an antenna tower, on a roof, or on the side of a building. Installation is not to be attempted by someone not trained or experienced in this type of work. The antenna must be installed by a suitably trained professional installation technician or by a qualified antenna installation service. The site prerequisites must be checked by a person familiar with the national electrical code and with other regulations governing this type of installation. 7 Introduction Who Should Use This Guide ORiNOCO Series System Recommended Antennas IMPORTANT!
Local radio regulations or legislation may impose restrictions on the use of specific combinations of:
Low-loss antenna cables and outdoor antennas Radio channels selected at the radios that are connected to specific outdoor antennas At all times, it is the customers responsibility to ensure that an outdoor antenna installation complies with local radio regulations. The customer must verify that:
The antenna installer is aware of these regulations The correct cable type and surge arrestor have been used Proxim Wireless Corporation and its resellers or distributors are not liable for any damage or violation of government regulations that may arise from failing to comply with these guidelines. If you are not certain about the regulations that apply in your country, consult your local Proxim Wireless Corporation Sales Office. 8 Introduction Antenna Types Antenna Types ORiNOCO Series System Recommended Antennas Wireless radios generate signals on a given frequency. Antennas distribute that signal through the air in a particular pattern. Antennas take a given power output and make it reach further by reducing directions along which the signal is radiated. Concentrating the signal on your workspace makes better use of your wireless radios power output. Stations inside your workspace get stronger coverage and, therefore, higher speed. Directing the signal where you want it also means less signal where you dont want it; stations outside your workspace get little or no coverage. Directional antennas (omni, sector, parabolic, flat) provide maximum range, but due to their narrow beamwidth, these antennas require precise antenna alignment to achieve optimal performance. The higher the antenna gain, the more precise the alignment should be. Directional antennas are typically used to connect:
A Base Station and a Subscriber Station in a point-to-point link A Subscriber Station in a point-to-multipoint network See the following sections:
Omni-Directional Antennas Flat Panel Directional Antennas Sector Antennas Parabolic Dish Antennas Omni-Directional Antennas Omni antennas radiate the signal 360 degrees horizontally; however, they increase gain by flattening the radiated signal pattern, producing a vertical beam between 80 degrees (modest gain) and 7 degrees (high gain). Gain makes the signal travel further. These antennas have an omni-directional azimuth pattern that makes them easy to install. There is also a gain-to-beamwidth relation for omni-directional antennas: the higher the gain of the omni-antenna, the narrower the vertical beamwidth. In a hilly terrain, an 8 dBi omni-directional antenna can be a better solution than the 10 dBi omni-directional antenna, because the lower gain antenna has a larger vertical beamwidth. The larger vertical beamwidth allows signal coverage to a greater elevation, which in turn allows coverage higher up hillsides. This effect could be useful when the antenna is located at a low elevation such as a valley floor. Figure 1-1 Omni-Directional Antenna Coverage 9 Introduction Antenna Types Flat Panel Directional Antennas ORiNOCO Series System Recommended Antennas Flat panel directional antennas produce hemispherical coverage, spreading away from the mount point at a width of 30 to 180 degrees typically. Concentrating the signal on this smaller area increases system range. Figure 1-2 Flat Panel Antenna Coverage Sector Antennas Sector antennas are high-gain directional antennas. These cylinders contain a boom supporting thin vertical rods. The signal propagates off the front of the boom. Note that some signal (back lobes) fall behind the boom. Sector antennas create higher gain by producing narrower beams (20 80 H, 14 64 V). The wide-angle sector antenna is a good Base Station antenna for hilly terrain. It combines a wide opening angle sector with relatively high gain. The mounting brackets allow tilting of the antenna. This antenna also is used when the amount of traffic in a cell is too high for a single Base Station with an omni-directional antenna. The wide-angle antenna allows dividing the cell into three sectors that each can be serviced by a Base Station. Horizontal and Vertical Figure 1-3 Sector Antenna Coverage 10 Introduction Antenna Types Parabolic Dish Antennas ORiNOCO Series System Recommended Antennas Parabolic antennas are concave panels or bowls that produce an extremely narrow beam (4 25 degrees horizontal /
vertical). Horizontal and Vertical Figure 1-4 Parabolic Dish Antenna Coverage Summary Omni Directional Antenna An omni-directional antenna may be used in an outdoor environment to provide coverage to areas where it is not practical to use an antenna system that takes advantage of sectorized coverage. As an example, if an area needing coverage is a hillside and the base station is located on a valley floor, an omni-directional antenna could be a better choice than a more traditional sector antenna such as a panel antenna. The omni-directional antenna would allow valley floor coverage with coverage extending up a hillside. Such coverage is likely not possible with a panel antenna because of the reduced radiation at high elevation angles from the antenna. This is a result of the shape of the antenna beam radiating from the panel antenna design. Flat Panel Directional Antenna A flat panel antenna is frequently used for sectorized base station installations where it is desirable to provide coverage in a limited azimuthal direction. This is useful in providing reduced interference from out of coverage areas and increasing throughput by increased signal strength inside in coverage areas. Since a reduced azimuth area is covered, the radio sees fewer subscribers and can provide increased bandwidth to each. Sector Sector antennas are better for corridors, hallways, tunnels, long narrow buildings, and point-to-point medium range connections between outdoor bridges (for example, connecting two buildings in an office park or campus). Be wary of back lobes, but the sectors narrow beam will reduce unwanted peripheral exposure in the focal direction. Parabolic Parabolic antennas are better for long-range outdoor point-to-point connectors, such as bridges that are miles apart. They require more precise installation to aim signal where you want it, but have the very high gain necessary to reach such distances. NOTE:
All Proxim radios require professional installation. Antennas with gain less than 8 dBi are not allowed. Antennas of other makes can be used with the, but must be of the same type, dimensions, and gain as those listed. 11 ORiNOCO Series System Recommended Antennas 2 Recommended 900 MHz Antennas and Accessories Omni Antennas Sector Antennas Panel Antennas Omni Antennas The following 900 MHz omni antenna has been certified with the Tsunami 954-R BSU. See the manufacturers web site for more information. Manufacturer Model Number Maximum Gain Antel BCD-87010 12 In addition, following 900 MHz omni antennas are available for use with the Tsunami 954-R BSU. See the manufacturers web site for more information. Type Manufacturer Model Number Frequency Range (MHz) Mid-Band Gain Vertical polarization omni antenna Vertical polarization omni antenna Horizon polarization omni antenna Horizon polarization omni antenna Mars MTI MTI MTI MA-W091-8X MT-262003/NV MT-262012/NH MT-243003/NH 902-928 902-928 902-928 902-928 8 8 10.5 11.5 Sector Antennas The following 900 MHz sector antenna has been certified with the Tsunami 954-R BSU. See the manufacturers web site for more information. Manufacturer Model Number Maximum Gain Antel RWA-80017 19 In addition, following 900 MHz sector antennas are available for use with the Tsunami 954-R BSU. See the manufacturers web site for more information. Type Manufacturer Model Number Frequency Range (MHz) Mid-Band Gain Vertical polarization 60 sector antenna Horizon polarization 60 sector antenna Vertical polarization 90 sector antenna Mars Mars Mars MA-WC90-5X MA-WC91-5H MA-WD90-6X 902-928 902-928 902-928 14.5 14 13 12 Recommended 900 MHz Antennas and Accessories ORiNOCO Series System Recommended Antennas Panel Antennas Type Manufacturer Model Number Frequency Range (MHz) Mid-Band Gain Horizon polarization 90 sector antenna Vertical polarization 120 sector antenna Horizon polarization 120 sector antenna Dual polarization 120 sector antenna Horizon polarization 90 sector antenna Horizon polarization 120 sector antenna Horizon polarization 180 sector antenna Mars Mars Mars Mars MTI MTI MTI MA-WD91-6H MA-WE90-7X MA-WE91-7H MA-WE91-2D MT-264003/NH MT-263004/NH MT-243015/NH 902-928 902-928 902-928 902-928 902-928 902-928 902-928 12 11.5 11 11.5 13.5 12.5 10 Panel Antennas The following 900 MHz panel antenna has been certified with the Tsunami 954-R SU. See the manufacturers web site for more information. Manufacturer Model Number Maximum Gain MTI MT-263006 12.5 In addition, following 900 MHz panel antennas are available for use with the Tsunami 954-R SU. See the manufacturers web site for more information. Type Manufacturer 1-foot panel antenna 1-foot panel antenna 1-foot panel antenna 1-foot panel antenna ARC wireless Mars MTI MTI Model Number ANT-A-1714 MA-IS91 MT-262001 MT-263003 Frequency Range (MHz) Mid-Band Gain 902-928 902-928 902-928 902-928 10 10 8 10 Cavity Filters 900 MHz outdoor cavity filters provide a high-performance filtering solution by offer ing low insertion loss and great rejection characteristics; they are capable of blocking out interference at the 900 MHz ISM band edges (902 MHz and 928 MHz). This is especially crucial when colocating 954-R equipment in urban or omni deployments in the presence of strong interferers operating at these frequencies. The following cavity filters are available for use with the 954-R. See the manufacturers web site for more information. Type Manufacturer 912 MHz (Center Frequency) Cavity Filter 917 MHz (Center Frequency) Cavity Filter Ubiquiti Ubiquiti Model Number CF912 CF917 13 ORiNOCO Series System Recommended Antennas 3 Recommended 2.4 GHz Antennas Omni Antennas Sector Antennas Panel Antennas Parabolic Antennas Omni Antennas 5 dBi Omni-Directional Vehicle Antenna (848 515 722) 7 dBi Omni-Directional Base Station Antenna (848 312 591) 10 dBi Omni-Directional Base Station Antenna (848 515 698) 5 dBi Omni-Directional Vehicle Antenna (848 515 722) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization HPBW/Horizontal HPBW/Vertical Power Handling Connector Type 2400 MHz to 2500 MHz Less than 2:1 50 Ohms 5 dBi Linear, Vertical 360 25 10 W (cw) N Jack Environmental and Mechanical Specifications Temperature Range Size Cable Color
-10 to +55 C 80 x 80 x 250 mm White 14 Recommended 2.4 GHz Antennas Omni Antennas ORiNOCO Series System Recommended Antennas 5 dBi Omni-Directional Antenna (848 515 722) (continued) Antenna Patterns 15 Recommended 2.4 GHz Antennas Omni Antennas ORiNOCO Series System Recommended Antennas 7 dBi Omni-Directional Base Station Antenna (848 312 591) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization HPBW/Horizontal HPBW/Vertical Handling Connector Type 2400 MHz 2500 MHz Less than 2:1 50 Ohms 8 dBi Linear, Vertical 360 15 10 W Standard N Female Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Size Color Weight 216 km/hr
-40 to +80 C 95% @ 25 C 19 x 19 x 520 mm Gray-White
.34 kg 16 Recommended 2.4 GHz Antennas Omni Antennas ORiNOCO Series System Recommended Antennas 7 dBi Omni-Directional Base Station Antenna (848 312 591) (continued) Antenna Patterns 17 Recommended 2.4 GHz Antennas Omni Antennas ORiNOCO Series System Recommended Antennas 10 dBi Omni-Directional Base Station Antenna (848 515 698) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type Power Handling 2400 - 2500 MHz Less than 2:1 nominal 50 Ohms 10 dBi Linear, Vertical Standard N Female 10 W Environmental and Mechanical Specifications Wind Survival Temperature Range Size At least 240 km/hr with 1.25 cm ice
-40 to +60 C 91.4 cm 18 Recommended 2.4 GHz Antennas Omni Antennas ORiNOCO Series System Recommended Antennas 10 dBi Omni-Directional Base Station Antenna (848 515 698) (continued) Antenna Patterns 19 Recommended 2.4 GHz Antennas Sector Antennas Sector Antennas ORiNOCO Series System Recommended Antennas 12 dBi Directional Wide Angle Antenna (120) (848 515 706) 14 dBi Sector Antenna (60) (2400-SA60-14) 12 dBi Directional Wide Angle Antenna (120) (848 515 706) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type HPBW/Horizontal HPBW/Vertical Power Handling 2400 MHz to 2500 MHz Less than 2 : 1 nominal 50 Ohms 12 dBi Linear, Vertical Standard N Female 125 13 10 W Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Size 200 km/hr
-40 to +60 C 100% at 25 C 181 x 537 x76 mm 20 Recommended 2.4 GHz Antennas Sector Antennas ORiNOCO Series System Recommended Antennas 12 dBi Directional Wide Angle Antenna (120) (848 515 706) (continued) Antenna Patterns Azimuth Plane (Horizontal) Elevation Plane (Vertical) 21 Recommended 2.4 GHz Antennas Sector Antennas 14 dBi Sector Antenna (60) (2400-SA60-14) ORiNOCO Series System Recommended Antennas Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type Power Handling HPBW/Horizontal HPBW/Vertical Front to Back Ratio Downtilt 2400 MHz to 2500 MHz 1.8 : 1 maximum 50 Ohms 14 dBi Linear, Vertical N Jack 5 W (cw) 65 13 25 dB 0 Environmental and Mechanical Specifications Wind Survival Temperature range Humidity Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 100% at 25 C 620 x 88 x 70 mm Gray-White ABS, UV Resistant 5.55 kg 22 Recommended 2.4 GHz Antennas Sector Antennas ORiNOCO Series System Recommended Antennas 14 dBi Sector Antenna (60) (2400-SA60-14) (continued) Antenna Patterns 23 Recommended 2.4 GHz Antennas Panel Antennas Panel Antennas ORiNOCO Series System Recommended Antennas 14 dBi Directional Panel Antenna (1086-PA24-14) Parabolic Antennas 14 dBi Directional Panel Antenna (1086-PA24-14) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type HPBW/Horizontal HPBW/Vertical Front to Back Ratio Downtilt Power Handling 2400 MHz - 2500 MHz 1.5 : 1 maximum 50 Ohms 14 dBi Linear, Vertical Standard N Female 30 30 15 dB 0 50 W (cw) Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Lightning Protection Radome Color Radome Material Weight Size 216 km/hr
-40 to +80 C 95% at 25 C DC Ground Gray-White ABS 407 g 200 x 200 x 50 mm 24 Recommended 2.4 GHz Antennas Panel Antennas ORiNOCO Series System Recommended Antennas 14 dBi Directional Panel Antenna (1086-PA24-14) (continued) Antenna Patterns 25 Recommended 2.4 GHz Antennas Parabolic Antennas Parabolic Antennas ORiNOCO Series System Recommended Antennas 24 dBi Directional Parabolic Grid Antenna (848 515 714) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization HPBW/Horizontal HPBW/Vertical Connector Type Power Handling 2400 MHz - 2484 MHz Less than 2 : 1 nominal 50 Ohms 24 dBi Linear, vertical for standard mounting Horizontal when mounted differently 6.5 10 Standard N, Female 50 W Environmental and Mechanical Specifications Wind Survival Temperature Range Color Weight Size At least 200 km/h
-40 to +60 C White 0.6 kg 610 x 914 x 381 cm 26 Recommended 2.4 GHz Antennas Parabolic Antennas ORiNOCO Series System Recommended Antennas 24 dBi Directional Parabolic Grid Antenna (848 515 714) (continued) Antenna Patterns 27 ORiNOCO Series System Recommended Antennas 4 Recommended 4.9 GHz Antennas Omni Antennas Sector Antennas Omni Antennas 8 dBi Omni-Directional Antenna (1086-OA49-8) 10 dBi Omni-Directional Antenna (1086-OA49-10) 8 dBi Omni-Directional Antenna (1086-OA49-8) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type HPBW/Horizontal HPBW/Vertical Downtilt Power Handling 4900 MHz - 5200 MHz 2.0 : 1 maximum 50 Ohms 8 dBi Linear, Vertical N-type Jack 360 12 0 5 W (cw) 28 Recommended 4.9 GHz Antennas Omni Antennas ORiNOCO Series System Recommended Antennas 8 dBi Omni-Directional Antenna (1086-OA49-8) (continued) Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Size Radome Color Radome Material Weight Antenna Patterns 216 km/hr
-40 to +80 C 95% at 25 C 80 x 78 x 373 mm Gray-White Fiber Glass 227 g 29 Recommended 4.9 GHz Antennas Omni Antennas ORiNOCO Series System Recommended Antennas 10 dBi Omni-Directional Antenna (1086-OA49-10) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type HPBW/Horizontal HPBW/Vertical Downtilt Power Handling 4900 MHz - 5000 MHz 1.7 : 1 maximum 50 Ohms 10 dBi Linear, Vertical N-type Jack 360 7 2 5 W (cw) Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 95% at 25 C 80 x 78 x 511 mm Gray-White Fiber Glass, UV Resistant 265 g 30 Recommended 4.9 GHz Antennas Omni Antennas ORiNOCO Series System Recommended Antennas 10 dBi Omni-Directional Antenna (1086-OA49-10) (continued) Antenna Patterns 31 Recommended 4.9 GHz Antennas Panel Antennas Panel Antennas 10 dBi Panel Antenna (1086-PA49-10) ORiNOCO Series System Recommended Antennas Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type HPBW/Horizontal HPBW/Vertical Downtilt Power Handling 4900 MHz - 5800 MHz 2.0 : 1 maximum 50 Ohms 10 dBi Linear, Vertical N-type Jack 45 45 0 2 W (cw) Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 95% at 25 C 114 x 114 x 40 mm Light Gray ABS 107 g 32 Recommended 4.9 GHz Antennas Panel Antennas ORiNOCO Series System Recommended Antennas 10 dBi Panel Antenna (1086-PA49-10) (continued) Antenna Patterns 33 Recommended 4.9 GHz Antennas Panel Antennas 21 dBi Panel Antenna (1086-PA49-21) ORiNOCO Series System Recommended Antennas Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type HPBW/Horizontal HPBW/Vertical Front to Back Ratio Power Handling 4900 MHz - 5000 MHz 1.7 : 1 maximum 50 Ohms 21 dBi Linear, Vertical N-type Jack 10 12 30 1 W (cw) Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 95% at 25 C 320 x 320 x 18 mm Gray-White PC, UV Resistant 1.2 kg 34 Recommended 4.9 GHz Antennas Panel Antennas ORiNOCO Series System Recommended Antennas 21 dBi Panel Antenna (1086-PA49-21) (continued) Antenna Patterns 35 Recommended 4.9 GHz Antennas Sector Antennas Sector Antennas 14 dBi Sector Antenna (120) (5054-SA120-14) ORiNOCO Series System Recommended Antennas Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type HPBW/Horizontal HPBW/Vertical Front to Back Ratio Downtilt 4945 MHz - 5875 MHz 2.0 : 1 maximum 50 Ohms 12.5 dBi (max) Linear, Vertical N-type Female 120 6 30 0 Environmental and Mechanical Specifications Wind Survival (per EIA-222-F at 100 height) Temperature Range Humidity Lightning Protection Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 95% at 25 C DC Ground 620 x 88 x 70 mm Gray ABS 555 g 36 Recommended 4.9 GHz Antennas Sector Antennas ORiNOCO Series System Recommended Antennas 14 dBi Sector Antenna (120) (5054-SA120-14) (continued) Antenna Patterns 37 Recommended 4.9 GHz Antennas Sector Antennas 17 dBi Sector Antenna (60) (5054-SA60-17) ORiNOCO Series System Recommended Antennas Electrical Specifications Frequency Range VSWR Nominal Impedance Gain Polarization Connector Type HPBW/Horizontal HPBW/Vertical Power Handling Downtilt 4945 MHz - 5875 MHz 2.0 : 1 maximum 50 Ohms 16.5 dBi Linear, Vertical N-type Female 60 6 5 W (cw) 0 Environmental and Mechanical Specifications Wind Survival (per EIA-222-F at 100 height) Temperature Range Humidity Lightning Protection Size Radome Color Radome Material Weight 216 km/hr
-40 to +90 C 95% at 25 C DC Ground 620 x 88 x 70 mm Gray ABS 565 g 38 Recommended 4.9 GHz Antennas Sector Antennas ORiNOCO Series System Recommended Antennas 17 dBi Sector Antenna (60) (5054-SA60-17) (continued) Antenna Patterns 39 ORiNOCO Series System Recommended Antennas 5 Recommended 5 GHz Antennas Omni-Directional Antennas Sector Antennas Panel Antennas Parabolic Antennas Omni-Directional Antennas 8 dBi Omni-Directional Antenna (5054-OA-8) 10 dBi Omni-Directional Antenna (5054-OA-10) Other Recommended Omni-Antennas 8 dBi Omni-Directional Antenna (5054-OA-8) Electrical Specifications Frequency Range VSWR Nominal Impedance Average/Peak Gain HPBW/Horizontal HPBW/Vertical Polarization Electrical Downtilt Power Handling Connector Type 5470 MHz 5875 MHz 2.0 : 1 maximum 50 Ohms 7.8/9.0 dBi @ 5.5 GHz 8.1/9.4 dBi @ 5.7 GHz 360 12 Linear, Vertical 0 5 W (cw) Standard N Female 40 Recommended 5 GHz Antennas Omni-Directional Antennas ORiNOCO Series System Recommended Antennas 8 dBi Omni-Directional Antenna (5054-OA-8) (continued) Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Lightning Protection Size Radome Color Radome Material Weight Antenna Patterns 216 km/hr
-40 to +90 C 95% @ 25 C DC ground 78 x 80 x 373 mm Gray-White Fiberglass 245 g 41 Recommended 5 GHz Antennas Omni-Directional Antennas ORiNOCO Series System Recommended Antennas 10 dBi Omni-Directional Antenna (5054-OA-10) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain HPBW/Horizontal HPBW/Vertical Polarization Downtilt Power Handling Connector Type 5470 MHz 5875 MHz 2.0 : 1 maximum 50 Ohms 10 dBi 360 7 Linear, Vertical 2 5 W (cw) Standard N Female Environmental and Mechanical Specifications Wind Survival (per EIA-222-F at 100 height) Temperature Range Humidity Lightning Protection Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 95% @ 25 C DC ground 78 x 80 x 511 mm Gray-White Fiberglass 265 g 42 Recommended 5 GHz Antennas Omni-Directional Antennas ORiNOCO Series System Recommended Antennas 10 dBi Omni-Directional Antenna (5054-OA-10) (continued) Antenna Patterns 43 Recommended 5 GHz Antennas Omni-Directional Antennas Other Recommended Omni-Antennas ORiNOCO Series System Recommended Antennas Manufacturer Model Number Frequency Range Mid-Band Gain Mars MTI MTI MTI Stella Doradus Stella Doradus Stella Doradus Stella Doradus Stella Doradus Stella Doradus Telex Radio Waves MA-WO58-9X MT-482003/N MT-482009/N MT-483003/N 52 1360 52 2360 52 3360 58 1360 58 2360 58 3360 5830 OMN-H-5-8 5.47 5.875 5.15 5.875 5.725-5.875 5.725-5.875 5.1-5.3 5.1-5.3 5.1-5.3 5.7-5.8 5.7-5.8 5.7-5.8 5.725-5.85 5.725-5.85 9 9 12 12 7 10 13 7 10 13 7.5 8 (hor pol) 44 ORiNOCO Series System Recommended Antennas Recommended 5 GHz Antennas Sector Antennas Sector Antennas 14 dBi Sector Antenna (120) (5054-SA120-14) 17 dBi Sector Antenna (60) (5054-SA60-17) Other Recommended Sector Antennas 14 dBi Sector Antenna (120) (5054-SA120-14) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain HPBW/Horizontal HPBW/Vertical Polarization Downtilt Power Handling Connector Type 5150 MHz 5875 MHz 2.0 : 1 maximum 50 Ohms 13.5 dBi 120 6 Linear, Vertical 0 5 W (cw) Standard N Female Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Lightning Protection Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 95% @ 25 C DC Ground 620 x 80 x 70 mm Gray ABS 555 g 45 Recommended 5 GHz Antennas Sector Antennas ORiNOCO Series System Recommended Antennas 14 dBi Sector Antenna (120) (5054-SA120-14) (continued) Antenna Patterns 46 Recommended 5 GHz Antennas Sector Antennas 17 dBi Sector Antenna (60) (5054-SA60-17) ORiNOCO Series System Recommended Antennas Electrical Specifications Frequency Range VSWR Nominal Impedance Gain HPBW/Horizontal HPBW/Vertical Polarization Downtilt Power Handling Connector Type 5150 MHz 5875 MHz 2.0 : 1 maximum 50 Ohms 16.5 dBi 60 6 Linear, Vertical 0 5 W (cw) N-type Female Environmental and Mechanical Specifications Wind Survival (per EIA-222-F at 100 height) Temperature Range Humidity Lightning Protection Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 95% @ 25 C DC Ground 620 x 88 x 70 mm Gray ABS 530 g 47 Recommended 5 GHz Antennas Sector Antennas ORiNOCO Series System Recommended Antennas 17 dBi Sector Antenna (60) (5054-SA60-17) (continued) Antenna Patterns 48 Recommended 5 GHz Antennas Sector Antennas Other Recommended Sector Antennas ORiNOCO Series System Recommended Antennas Beamwidth Manufacturer Model Number Frequency Range Mid-Band Gain 60 90 120 Mars MTI MTI MTI RadioWaves RadioWaves Mars MTI MTI MTI RadioWaves RadioWaves Telex Telex Mars MTI MTI RadioWaves RadioWaves MA-WC50-5X MT-484026/NV MT-484026/NH MT-484033/NV SEC-55H-60-17 SEC-55V-60-17 MA-WD50-6X MT-484027/NV MT-484027/NH MT-484032/NV SEC-55H-90-16 SEC-55V-90-16 5801 5840 MA-WE50-7X MT-484034/NV MT-484034/NH SEC-5V-120-14 SEC-5V-120-16 5.15 5.85 5.15 5.875 5.15 5.875 5.15 5.875 5.25 5.85 5.25 5.85 5.15 5.875 5.15 5.875 5.15 5.875 5.15 5.85 5.25 5.85 5.25 5.85 5.725 5.825 5.725 5.825 5.15 5.875 5.15 5.875 5.15 5.875 5.725 5.85 5.725 5.85 17 16 (Null-Fill) 15 (h pol, NF) 16.5 17 (hor pol) 17 16 14 (Null-Fill) 14 (h pol, NF) 17 16 (hor pol) 16 12 15 14.5 16.5 16.5 (hor pol) 14 16 49 ORiNOCO Series System Recommended Antennas Recommended 5 GHz Antennas Panel Antennas Panel Antennas 15 dBi Window Antenna (5054-WA-15-STN) 18 dBi Panel Antenna (5054-PA-18) 23 dBi Panel Antenna (5054-PA50-23) Other Recommended Panel Antennas 15 dBi Window Antenna (5054-WA-15-STN) Electrical Specifications Frequency Range VSWR Nominal Impedance Gain*
HPBW/Horizontal HPBW/Vertical Polarization Downtilt Power Handling Connector Type Front-to-Back Ratio Impedance 5150 MHz 5850 MHz 2.0 : 1 maximum 50 Ohms 15 dBi 45 10 Linear, Vertical 0 20 W (cw) Standard N Female 18 dB 50 Ohms Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Lightning Protection Size Radome Color Radome Material Weight 180 km/hr
-40 to +80 C 95% @ 25 C DC ground 330 x 93 x 21 mm White ABS, UV Resistant 0.6 kgw 50 Recommended 5 GHz Antennas Panel Antennas ORiNOCO Series System Recommended Antennas 15 dBi Window Antenna (5054-WA-15-STN) (continued) Antenna Patterns Vertical Horizontal 51 Recommended 5 GHz Antennas Panel Antennas 18 dBi Panel Antenna (5054-PA-18) ORiNOCO Series System Recommended Antennas Electrical Specifications Frequency Range VSWR Nominal Impedance Gain HPBW/Horizontal HPBW/Vertical Polarization Downtilt Power Handling Connector Type Front-to-Back Ratio 5250 MHz 5785 MHz 1.5 : 1 maximum 50 Ohms 18 dBi 18 18 Linear, Vertical 0 10 W (cw) Standard N Female 30 dB Environmental and Mechanical Specifications Wind Survival (per EIA-222-F at 100 height) Temperature Range Humidity Lightning Protection Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 95% @ 25 C DC ground 200 x 200 x 50 mm Light Gray ABS, UV Resistant 0.825 kgw 52 Recommended 5 GHz Antennas Panel Antennas 18 dBi Panel Antenna (5054-PA-18) (continued) Antenna Patterns ORiNOCO Series System Recommended Antennas 53 Recommended 5 GHz Antennas Panel Antennas 23 dBi Panel Antenna (5054-PA50-23) ORiNOCO Series System Recommended Antennas Electrical Specifications Frequency Range VSWR Nominal Impedance Gain HPBW/Horizontal HPBW/Vertical Polarization Power Handling Connector Type Front-to-Back Ratio 5150 MHz 5875 MHz 2:0: 1 maximum 50 Ohms 23 dBi 9 9 Linear 5 W N Jack 30 dB Environmental and Mechanical Specifications Wind Survival Temperature Range Humidity Lightning Protection Size Radome Color Radome Material Weight 216 km/hr
-40 to +80 C 95% @ 55 C DC Ground 320 x 320 x 18 mm Gray-White PC, UV Resistant 1.2 kg 54 Recommended 5 GHz Antennas Panel Antennas Antenna Patterns ORiNOCO Series System Recommended Antennas 55 Recommended 5 GHz Antennas Panel Antennas Other Recommended Panel Antennas ORiNOCO Series System Recommended Antennas Type Manufacturer Model Number Frequency Range Mid-Band Gain Panel 1-Foot Flat Panel 2-Foot Flat Panel SmartAnt Gabriel MTI MTI MTI Mars RadioWaves Gabriel Andrew MTI Mars RadioWaves MTI Gabriel Andrew RSI RadioWaves R0320-056 DFPS.5-52 MT-485001/N MT-485028/N MT-486004/N MA-WA57-3X FP .5-5-18 DFPD1-52 FPA5250D12-N 485002/N MA-WA58-1X FP1 5-24 MT-486001/N DFPD2-52 FPA5250D24-N A57A24-U FP2 5-28 5.15 5.875 5.25 5.85 5.15 5.875 5.15 5.875 5.15 5.875 5.15 5.875 5.25 5.85 5.25 5.85 5.25 5.85 5.15 5.875 5.15 5.875 5.25 5.85 5.15 5.875 5.25 5.85 5.25 5.85 5.725 5.85 5.25 5.85 8 18 18 22 26 17.5 18 23.5 23.6 23 23 24 28 28 28.2 26.5 28 56 Recommended 5 GHz Antennas Parabolic Antennas Parabolic Antennas ORiNOCO Series System Recommended Antennas Recommended parabolic antennas for 5 GHz are listed in the following table. Type Manufacturer Model Number Frequency Range Mid-Band Gain 2-Foot Parabolic 3-Foot Parabolic Gabriel Gabriel Gabriel Radio Waves Radio Waves Andrew Andrew RSI Radio Waves Radio Waves Andrew Andrew SSP2-52B SSD2-52A HSSP2-52 SP2-5.2 SPD2-5.2 P2F-52 PX2F-52 P-57C24 SP3-5.2 SPD3-5.2 P3F-52 PX3F-52 5.25 5.85 5.25 5.85 5.25 5.85 5.25 5.85 5.25 5.85 5.25 5.85 5.25 5.85 5.25 5.85 5.25 5.85 5.25 5.85 5.25 5.85 28.5 28.4 28.1 28.3 28.1 29.4 29.4 29 31.4 31.1 33.4 33.4 57 Technical Services and Support Obtaining Technical Services and Support ORiNOCO Series System Recommended Antennas 6 If you are having trouble utilizing your Proxim product, please review this manual and the additional documentation provided with your product. If you require additional support and would like to use Proxims free Technical Service to help resolve your issue, please be ready to provide the following information before you contact Proxims Technical Services:
Product information:
Part number of suspected faulty unit Serial number of suspected faulty unit Trouble/error information:
Trouble/symptom being experienced Activities completed to confirm fault Network information (what kind of network are you using?) Circumstances that preceded or led up to the error Message or alarms viewed Steps taken to reproduce the problem Servpak information (if a Servpak customer):
Servpak account number Registration information:
If the product is not registered, date when you purchased the product If the product is not registered, location where you purchased the product NOTE: If you would like to register your product now, visit the Proxim eService Web Site at http://support.proxim.com and click on New Product Registration. 58 Technical Services and Support Support Options Support Options Proxim eService Web Site Support ORiNOCO Series System Recommended Antennas The Proxim eService Web site is available 7x24x365 at http://support.proxim.com. On the Proxim eService Web Site, you can access the following services:
New Product Registration: Register your product for free support. Open a Ticket or RMA: Open a ticket or RMA and receive an immediate reply. Search Knowledgebase: Locate white papers, software upgrades, and technical information. ServPak (Service Packages): Receive Advanced Replacement, Extended Warranty, 7x24x365 Technical Support, Priority Queuing, and On-Site Support. Your Stuff: Track status of your tickets or RMAs and receive product update notifications. Provide Feedback: Submit suggestions or other types of feedback. Customer Survey: Submit an On-Line Customer Survey response. Repair Tune-Up: Have your existing Proxim equipment inspected, tested, and upgraded to current S/W and H/W revisions, and extend your warranty for another year. Telephone Support Contact technical support via telephone as follows:
US and Canada: 408-383-7700, 866-674-6626 (Toll Free) Hours of Operations: 8AM - 6PM APAC Countries: +91 40-23115490 Hours of Operations: 9AM - 6PM International: 408-383-7700 Hours of Operations: 8AM - 6PM ServPak Support Proxim understands that service and support requirements vary from customer to customer. It is our mission to offer service and support options that go above-and-beyond normal warranties to allow you the flexibility to provide the quality of service that your networks demand. In recognition of these varying requirements we have developed a support program called ServPak. ServPak is a program of Enhanced Service Options that can be purchased individually or in combinations to meet your needs. Advanced Replacement: This service offers customers an advance replacement of refurbished or new hardware.
(Available in the U.S., Canada, and select countries. Please inquire with your authorized Proxim distributor for availability in your country.) Extended Warranty: This service provides unlimited repair of your Proxim hardware for the life of the service contract. 7x24x365 Technical Support: This service provides unlimited, direct access to Proxims world-class technical support 24 hours a day, 7 days a week, 365 days a year. Priority Queuing: This service allows your product issue to be routed to the next available Customer Service Engineer. To purchase ServPak support services, please contact your authorized Proxim distributor. To receive more information or for questions on any of the available ServPak support options, please call Proxim Support at 408-383-7700 or send an email to servpak@proxim.com. 59
| 1 | Users Manual 4 | Users Manual | 607.89 KiB |
Visit http://support.proxim.com for the latest safety and regulatory compliance information for this product. IMPORTANT!
MeshMAX 5054 Series Safety and Regulatory Compliance Guide
(August 2008) Safety and Regulatory Information Copyright 2008 Proxim Wireless Corporation. All rights reserved. Covered by one or more of the following U.S. patents: 5,231,634; 5,875,179;
6,006,090; 5,809,060; 6,075,812; 5,077,753. This users guide and the software described in it are copyrighted with all rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form by any means without the written permission of Proxim Wireless Corporation. Trademarks Tsunami, ORiNOCO, Proxim, and the Proxim logo are trademarks of Proxim Wireless Corporation. All other trademarks mentioned herein are the property of their respective owners. MeshMAX 5054 Series Safety and Regulatory Guide P/N 75606 August 2008 2 Safety and Regulatory Information Products Covered in the Guide . 2 Safety Information (USA, Canada, & European Union) . 3 Federal Communications Commission (FCC) Compliance . 4 Modifications . 4 Warnings . 4 Information for Professional Installers . 5 Adjusting Tx Output Power . 5 Antenna Types and Maximum Gain . 6 Separation Distance. 6 Regulatory Compliance Certifications Summary . 6 1 Products Covered in the Guide Safety and Regulatory Information Visit http://support.proxim.com for the latest safety and regulatory compliance information for this product. IMPORTANT!
Please read this document before installing and using your product, and save these instructions. Products Covered in the Guide This document contains important safety and regulatory compliance information for the following products:
Product Model Numbers MeshMAX 5054WM Tri-radio, WiMAX subscriber and Wi-Fi mesh access point MeshMAX 5054W Tri-radio, WiMAX subscriber and Wi-Fi access point 9200-XX 9201-XX Please see the following sections for more information:
Safety Information (USA, Canada, & European Union) Federal Communications Commission (FCC) Compliance Modifications Warnings Information for Professional Installers Regulatory Compliance Certifications Summary 2 Safety Information (USA, Canada, & European Union) Safety and Regulatory Information Safety Information (USA, Canada, & European Union) This product has been evaluated to, and comply with IEC60950-1:2001, the Standard for the Safety of Information Technology Equipment. When using this device, basic safety precautions should always be followed to reduce the risk of fire, electrical shock, and injury to persons, including the following:
The product is intended to be installed, used, and maintained by experienced telecommunications personnel only. WARNING: These units are intended for installation in accordance with Articles 110 18, 110-26, and 110-27, 725, 800, and 810 of the United States National Electric Code ANSINFPA 70, and per the applicable Articles in the Canadian National Electric Code. Operate and install these products as described in this manual. Equipment must be installed and used in strict accordance with the manufacturer's instructions as described in the user documentation provided. Installation of these products must conform to local regulations and codes. Products are to be used with and powered by only the power injector provided. A 15-amp circuit breaker is required at the power source. Use only the AC/DC power supply adapter provided. For replacement, contact your local supplier and distributor. WARNING: This equipment is intended to be grounded. A 10 AWG earthing conductor at a minimum is to be used for this purpose. Do not connect or disconnect the power cable to the equipment when the power injector is plugged into an AC power outlet. Servicing of these products should be performed only by trained personnel. Do not disassemble. By opening or removing any covers, you may expose yourself to hazardous energy parts. Incorrect reassembly of these products can cause a malfunction and/or electric shock when the units are subsequently used. No user serviceable parts; all repairs and service must be handled by a qualified service center. Do not insert any objects of any shape or size inside these products while powered on. Object may contact hazardous energy parts that could result in a risk of fire or personal injury. Do not remove or alter the Marking label provided on these products. To avoid the risk of electric shock from lightning, do not use these products during an electrical storm. When using these products with an external antenna, see the installation documentation provided with the antenna. These products have been evaluated for outdoor use. No user serviceable parts; all repairs and service must be handled by a qualified service center. 3 Federal Communications Commission (FCC) Compliance Safety and Regulatory Information Federal Communications Commission (FCC) Compliance The MeshMAX 5054 operates at the following frequencies in complainace with Part 15 of the FCC Rules:
5.15 - 6.08 GHz for WORP radio 5.15 - 5.85 GHz and 2.412 - 2.472 GHz for Mesh and Wi-Fi radios Operation is subject to the following two conditions:
this device may not cause harmful interference, 1. 2. this device must accept any interference received, including that may cause undesired operation. To comply with the FCC radio frequency exposure requirements, the following antenna installation and device operating configurations must be satisfied:
Product models using external antennas require professional installation. The antennas used for professional installation must be fixed-mounted on indoor/outdoor permanent structures with a separation distance 20 and 380 cm depending on the antennas selected and the simultaneous trasmission operation. Antennas must not be co-located and must not operate in conjunction with any other antenna or transmitter. Modifications The FCC requires the user to be notified that any changes or modifications to this device that are not expressly approved by the manufacturer may void the users authority to operate the equipment. The correction of interference caused by unauthorized modification, substitution or attachment will be the responsibility of the user. The manufacturer and its authorized resellers or distributors are not liable for any damage or violation of government regulations that may arise from failing to comply with these guidelines. Changes or modifications to this device that are not expressly approved by the manufacturer of the product could void the users authority to operate the equipment. Warnings This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection again harmful interference in a residential installation. This equipment generates, uses, and can radiate radio frequency energy, and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try and correct the interference by one or more of the following measures:
Reorient or relocate the receiving antenna Connect the equipment to an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio/TV technician for help In some situations or environments, the use of wireless devices may be restricted by the proprietor of the building or responsible representatives of the organization. These situations may, for example, include the use of wireless equipment on board airplanes, or in any other environment where the risk of interference to other devices or services is perceived or identified as harmful. If you are uncertain of the policy that applies on the use of wireless equipment in a specific organization or environment
(such as airports), you are encouraged to ask for authorization to use this device prior to turning on the equipment. Increase the separation between the equipment and the receiver 4 Information for Professional Installers Safety and Regulatory Information Information for Professional Installers The product must be installed professionally, and the transmit power of the system must be adjusted by the professional installers to ensure that the system EIRP is in compliance with the limit specified by the regulatory authority of the country of application. See the following sections for more information:
Adjusting Tx Output Power Antenna Types and Maximum Gain Separation Distance Adjusting Tx Output Power Use the following formula in combination with the table of EIRP limits to calculate system transmit power (based on EIRP limits):
Tx Power Allowed (dBm) = EIRP Limit (dBm) + CL (dB) G (dB) where:
Tx Power = Output power measured at the antenna input EIRP Limit = EIRP limits specified below CL = Coax cable loss including loss of connectors G = Antenna Gain Adjusting Tx Output Power for Subscriber Module Band 5.15 - 5.25 GHz*
5.25 - 5.35 GHz*
5.47 - 5.725 GHz 5.725 - 5.850 GHz 23 30 30 36 EIRP Limit (dBm)
(USA and Canada) EIRP Limit (dBm)
(EU) 23 23 30 14 Adjusting Tx Output Power for Mesh and Access Point Module Band EIRP Limit (dBm) 2.4 GHz 5.15 - 5.25 GHz*
5.25 - 5.35 GHz*
5.47 - 5.725 GHz 20 23 23 30 5 Regulatory Compliance Certifications Summary Safety and Regulatory Information Antenna Types and Maximum Gain Professional installers should select only the antenna types listed in the following table, with gain not exceeding the listed maximum gain for each type. Frequency Band Antenna Type Maximum Gain (dBi) 2.4 GHz 5.0 GHz Separation Distance 10 Omni Directional 10 Omni Directional Flat Panel 28.2 Parabolic 33.4 The product models using external antennas must be fixed-mounted on indoor/outdoor permanent structures with separation distance depending on the antenna configuration:
For MeshMAX AP: 380 cm For MeshMAX Subscriber: 264 cm Regulatory Compliance Certifications Summary Country Certification/Reference No.
* European Union includes the following countries: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slove-
nia, Spain, Sweden, and the United Kingdom; also applies to Iceland, Liechtenstein, Norway, and Switzerland. 6
| frequency | equipment class | purpose | ||
|---|---|---|---|---|
| 1 | 2008-11-14 | 5765 ~ 5800 | DTS - Digital Transmission System | Original Equipment |
| app s | Applicant Information | |||||
|---|---|---|---|---|---|---|
| 1 | Effective |
2008-11-14
|
||||
| 1 | Applicant's complete, legal business name |
Proxim Wireless Corporation
|
||||
| 1 | FCC Registration Number (FRN) |
0005850607
|
||||
| 1 | Physical Address |
47633 Westinghouse Drive
|
||||
| 1 |
Fremont, California 94539
|
|||||
| 1 |
United States
|
|||||
| app s | TCB Information | |||||
| 1 | TCB Application Email Address |
m******@ccsemc.com
|
||||
| 1 | TCB Scope |
A4: UNII devices & low power transmitters using spread spectrum techniques
|
||||
| app s | FCC ID | |||||
| 1 | Grantee Code |
HZB
|
||||
| 1 | Equipment Product Code |
MESHMAXMP11R
|
||||
| app s | Person at the applicant's address to receive grant or for contact | |||||
| 1 | Name |
C****** v****
|
||||
| 1 | Title |
Sr. Regulatory and Compliance Manager
|
||||
| 1 | Telephone Number |
408 3********
|
||||
| 1 | Fax Number |
408 3********
|
||||
| 1 |
c******@proxim.com
|
|||||
| app s | Technical Contact | |||||
| n/a | ||||||
| app s | Non Technical Contact | |||||
| n/a | ||||||
| app s | Confidentiality (long or short term) | |||||
| 1 | Does this application include a request for confidentiality for any portion(s) of the data contained in this application pursuant to 47 CFR § 0.459 of the Commission Rules?: | Yes | ||||
| 1 | Long-Term Confidentiality Does this application include a request for confidentiality for any portion(s) of the data contained in this application pursuant to 47 CFR § 0.459 of the Commission Rules?: | No | ||||
| if no date is supplied, the release date will be set to 45 calendar days past the date of grant. | ||||||
| app s | Cognitive Radio & Software Defined Radio, Class, etc | |||||
| 1 | Is this application for software defined/cognitive radio authorization? | No | ||||
| 1 | Equipment Class | DTS - Digital Transmission System | ||||
| 1 | Description of product as it is marketed: (NOTE: This text will appear below the equipment class on the grant) | 802.11 a/b/g Access Point | ||||
| 1 | Related OET KnowledgeDataBase Inquiry: Is there a KDB inquiry associated with this application? | No | ||||
| 1 | Modular Equipment Type | Does not apply | ||||
| 1 | Purpose / Application is for | Original Equipment | ||||
| 1 | Composite Equipment: Is the equipment in this application a composite device subject to an additional equipment authorization? | No | ||||
| 1 | Related Equipment: Is the equipment in this application part of a system that operates with, or is marketed with, another device that requires an equipment authorization? | No | ||||
| 1 | Grant Comments | Power output listed is conducted. Some antennas listed in this application are for Point-to-Point operations. Operation other than Point-to-Point may require power reduction according to the documents in the application. The antennas require professional installation and must be fixed-mounted on indoor/outdoor permanent structures with a separation distance from all persons as documented in the filing (between 20 cm and 380 cm depending on antenna and mode). All the antennas must not be co-located or operating in conjunction with any other antenna or transmitter. End-users and installers must be provided with antenna installation instructions and transmitter operating conditions for satisfying RF exposure compliance. | ||||
| 1 | Is there an equipment authorization waiver associated with this application? | No | ||||
| 1 | If there is an equipment authorization waiver associated with this application, has the associated waiver been approved and all information uploaded? | No | ||||
| app s | Test Firm Name and Contact Information | |||||
| 1 | Firm Name |
Compliance Certification Services
|
||||
| 1 | Name |
T**** C******
|
||||
| 1 | Telephone Number |
510-7********
|
||||
| 1 | Fax Number |
510-6********
|
||||
| 1 |
t******@ccsemc.com
|
|||||
| Equipment Specifications | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Line | Rule Parts | Grant Notes | Lower Frequency | Upper Frequency | Power Output | Tolerance | Emission Designator | Microprocessor Number | |||||||||||||||||||||||||||||||||
| 1 | 1 | 15C | 2412 | 2462 | 0.38905 | ||||||||||||||||||||||||||||||||||||
| 1 | 2 | 15C | 5745 | 5825 | 0.93972 | ||||||||||||||||||||||||||||||||||||
| 1 | 3 | 15C | 5765 | 5800 | 0.56494 | ||||||||||||||||||||||||||||||||||||
| 1 | 4 | 15C | 5745 | 5825 | 0.60534 | ||||||||||||||||||||||||||||||||||||
| 1 | 5 | 15C | 5760 | 5780 | 0.64565 | ||||||||||||||||||||||||||||||||||||
some individual PII (Personally Identifiable Information) available on the public forms may be redacted, original source may include additional details
This product uses the FCC Data API but is not endorsed or certified by the FCC