all | frequencies |
|
exhibits | applications |
---|---|---|---|---|
manual |
app s | submitted / available | |||||||
---|---|---|---|---|---|---|---|---|
1 |
|
User Manual rev | Users Manual | 2.47 MiB | November 02 2015 / December 02 2015 | |||
1 | Cover Letter(s) | September 02 2015 / December 02 2015 | ||||||
1 | Cover Letter(s) | September 02 2015 / December 02 2015 | ||||||
1 | Cover Letter(s) | September 02 2015 / December 02 2015 | ||||||
1 | Cover Letter(s) | September 02 2015 / December 02 2015 | ||||||
1 | External Photos | September 02 2015 / December 02 2015 | ||||||
1 | Internal Photos | September 02 2015 / December 02 2015 | ||||||
1 | ID Label/Location Info | September 02 2015 / December 02 2015 | ||||||
1 | ID Label/Location Info | September 02 2015 / December 02 2015 | ||||||
1 | RF Exposure Info | September 02 2015 / December 02 2015 | ||||||
1 | Test Report | November 02 2015 / December 02 2015 | ||||||
1 | Test Setup Photos | November 02 2015 / December 02 2015 |
1 | User Manual rev | Users Manual | 2.47 MiB | November 02 2015 / December 02 2015 |
User Guide Wireless N Access Point EAP110/EAP120/EAP220 REV1.0.0 1910011184 EAP110 FCC STATEMENT This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
Reorient or relocate the receiving antenna. Increase the separation between the equipment and receiver. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. Consult the dealer or an experienced radio/ TV technician for help. This device complies with part 15 of the FCC Rules. Operation is subject to the following two conditions:
1 This device may not cause harmful interference. 2 This device must accept any interference received, including interference that may cause undesired operation. Any changes or modifications not expressly approved by the party responsible for compliance could void the users authority to operate the equipment. Note: The manufacturer is not responsible for any radio or TV interference caused by unauthorized modifications to this equipment. Such modifications could void the users authority to operate the equipment. FCC RF Radiation Exposure Statement:
This equipment complies with FCC RF radiation exposure limits set forth for an uncontrolled environment. This device and its antenna must not be co-located or operating in conjunction with any other antenna or transmitter. To comply with FCC RF exposure compliance requirements, this grant is applicable to only Mobile Configurations. The antennas used for this transmitter must be installed to provide a separation distance of at least 20 cm from all persons and must not be co-located or operating in conjunction with any other antenna or transmitter. CE Mark Warning This is a class B product. In a domestic environment, this product may cause radio interference, in which case the user may be required to take adequate measures. Canadian Compliance Statement This device complies with Industry Canada license-exempt RSS standard(s). Operation is subject to the following two conditions:
(1) This device may not cause interference, and
(2)This device must accept any interference, including interference that may cause undesired operation of the device. Cet appareil est conforme aux norms CNR exemptes de licence dIndustrie Canada. Le fonctionnement est soumis aux deux conditions suivantes:
(1) cet appareil ne doit pas provoquer dinterfrences et
(2) cet appareil doit accepter toute interfrence, y compris celles susceptibles de provoquer un fonctionnement non souhait de lappareil. Industry Canada Statement Complies with the Canadian ICES-003 Class B specifications. Cet appareil numrique de la classe B est conforme la norme NMB-003 du Canada. This device complies with RSS 210 of Industry Canada. This Class B device meets all the requirements of the Canadian interference-causing equipment regulations. Cet appareil numrique de la Classe B respecte toutes les exigences du Rglement sur le matriel brouilleur du Canada. Korea Warning Statements
. NCC Notice & BSMI Notice
,
. Safety Information When product has power button, the power button is one of the way to shut off the product;
when there is no power button, the only way to completely shut off power is to disconnect the product or the power adapter from the power source. Dont disassemble the product, or make repairs yourself. You run the risk of electric shock and voiding the limited warranty. If you need service, please contact us. Avoid water and wet locations. This product can be used in the following countries:
AT ES LT RU BG FI LV SE BY FR MT SK CA GB NL TR CZ GR NO UA DE HU PL US DK IE PT EE IT RO EAP120 and EAP220 FCC STATEMENT This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense. This device complies with part 15 of the FCC Rules. Operation is subject to the following two conditions:
1) This device may not cause harmful interference. 2) This device must accept any interference received, including interference that may cause undesired operation. Any changes or modifications not expressly approved by the party responsible for compliance could void the users authority to operate the equipment. Note: The manufacturer is not responsible for any radio or TV interference caused by unauthorized modifications to this equipment. Such modifications could void the users authority to operate the equipment. FCC RF Radiation Exposure Statement:
This equipment complies with FCC RF radiation exposure limits set forth for an uncontrolled environment. This device and its antenna must not be co-located or operating in conjunction with any other antenna or transmitter. To comply with FCC RF exposure compliance requirements, this grant is applicable to only Mobile Configurations. The antennas used for this transmitter must be installed to provide a separation distance of at least 20 cm from all persons and must not be co-located or operating in conjunction with any other antenna or transmitter. CE Mark Warning
(EAP120)
(EAP220) This is a class A product. In a domestic environment, this product may cause radio interference, in which case the user may be required to take adequate measures. National Restrictionsonly for EAP220 This device is intended for home and office use in all EU countries (and other countries following the EU directive 1999/5/EC) without any limitation except for the countries mentioned below:
Country Restriction Reason/remark Bulgaria None General authorization required for outdoor use and public service Outdoor use limited to Military Radiolocation use. Refarming of the 2.4 GHz band France 10 mW e.i.r.p. within the has been ongoing in recent years to allow current relaxed band 2454-2483.5 MHz regulation. Full implementation planned 2012 Italy None Luxembourg None If used outside of own premises, general authorization is required General authorization required for network and service supply(not for spectrum) Norway Implemented This subsection does not apply for the geographical area within a radius of 20 km from the centre of Ny-lesund Russian Federation None Only for indoor applications 5150-5250 MHz Country Bulgaria Croatia Italy Luxembourg None Restriction Reason/remark Not implemented Planned License required General authorization required if used outside own premises General authorization required for network and service supply (not for spectrum) Russian Federation No info Note: Please dont use the product outdoors in France. IC STATEMENT This Class A digital apparatus complies with Canadian ICES-003. Cet appareil numrique de la classe A est conforme la norme NMB-003 du Canada.
,
. Safety Information When product has power button, the power button is one of the way to shut off the product;
When there is no power button, the only way to completely shut off power is to disconnect the product or the power adapter from the power source. Dont disassemble the product, or make repairs yourself. You run the risk of electric shock and voiding the limited warranty. If you need service, please contact us. Avoid water and wet locations. NCC Notice & BSMI Notice This product can be used in the following countries:
AT ES LT RU BG FI LV SE BY FR MT SK CA GB NL TR CZ GR NO UA DE HU PL US DK IE PT EE IT RO About this User Guide This User Guide is for EAP110, EAP120 and EAP220. Chapter 4 to Chapter 8 are only suitable for the EAP in Standalone mode. Refer to the EAP Controller User Guide when the EAP is managed by the EAP Controller software. Convention Unless otherwise noted, the EAP or the device mentioned in this guide stands for 300Mbps Wireless N Access Point EAP110, Wireless N Gigabit Access Point EAP120 and EAP220. CONTENTS Chapter 1 Introduction ...................................................................................................................................... 3 1.1 1.2 Overview of the EAP ........................................................................................................................... 3 Hardware Overview ............................................................................................................................ 3 1.2.1 LED ................................................................................................................................................... 3 1.2.2 Interface Panel ............................................................................................................................. 4 1.2.3 Mounting Bracket ....................................................................................................................... 6 Chapter 2 Network Topology .......................................................................................................................... 7 Chapter 3 Management Mode ........................................................................................................................ 8 3.1 Standalone Mode ................................................................................................................................. 8 3.2 Managed Mode .................................................................................................................................... 8 3.3 Switch to Standalone Mode ............................................................................................................. 8 Chapter 4 Network .............................................................................................................................................. 9 Chapter 5 Wireless ............................................................................................................................................ 10 5.1 Wireless Settings ............................................................................................................................... 11 5.1.1 Wireless Basic Settings .......................................................................................................... 12 5.1.2 SSIDs ............................................................................................................................................. 13 5.1.3 Wireless Advanced Settings ................................................................................................ 17 5.1.4 Load Balance ............................................................................................................................. 18 5.2 Portal ...................................................................................................................................................... 18 5.2.1 Portal Configuration ............................................................................................................... 19 5.2.2 Free Authentication Policy ................................................................................................... 24 5.3 MAC Filtering ...................................................................................................................................... 26 5.4 5.5 Scheduler ............................................................................................................................................. 28 QoS ......................................................................................................................................................... 32 5.5.1 AP EDCA Parameters .............................................................................................................. 33 5.5.2 Station EDCA Parameters ..................................................................................................... 34 5.6 Rogue AP Detection ......................................................................................................................... 35 5.6.1 Settings ....................................................................................................................................... 36 5.6.2 Detected Rogue AP List ........................................................................................................ 36 5.6.3 Trusted AP List .......................................................................................................................... 37 1 5.6.4 Download/Backup Trusted AP List .................................................................................... 37 Chapter 6 Monitoring ...................................................................................................................................... 39 6.1 AP ............................................................................................................................................................ 39 6.1.1 AP List .......................................................................................................................................... 39 6.2 SSID ........................................................................................................................................................ 44 6.2.1 SSID List ....................................................................................................................................... 44 6.3 Client ...................................................................................................................................................... 45 6.3.1 User List ....................................................................................................................................... 45 6.3.2 Portal Authenticated Guest ................................................................................................. 46 Chapter 7 Management ................................................................................................................................. 48 7.1 System Log .......................................................................................................................................... 48 7.1.1 Log List ........................................................................................................................................ 48 7.1.2 Log Settings ............................................................................................................................... 49 7.2 Web Server .......................................................................................................................................... 50 7.3 Management Access ........................................................................................................................ 51 7.4 7.5 7.6 LED ON/OFF ........................................................................................................................................ 52 SSH .......................................................................................................................................................... 52 SNMP ..................................................................................................................................................... 53 Chapter 8 System .............................................................................................................................................. 56 8.1 8.2 8.3 8.4 8.5 User Account ....................................................................................................................................... 56 Time Settings ...................................................................................................................................... 56 8.2.1 Time Settings ............................................................................................................................ 57 8.2.2 Daylight Saving ........................................................................................................................ 58 Reboot/Reset ...................................................................................................................................... 59 Backup & Restore .............................................................................................................................. 60 Firmware Upgrade ............................................................................................................................ 60 Appendix A: Specifications .................................................................................................................................... 62 2 Chapter 1 Introduction 1.1 Overview of the EAP EAP series products provide wireless coverage solutions for small-medium business. They can either work independently as standalone APs or be centrally managed by the EAP Controller software, providing a flexible, richly-functional but easily-configured enterprise-grade wireless network for small and medium business. Celling lamp appearance and easily mounting design with chassis make EAP easy to be installed on a wall or ceiling and blend in with most interior decorations. EAP110 is provided with a passive PoE adapter for power supply. EAP120/EAP220 can be powered via a PSE* device or the provided power adapter. With two built-in omnidirectional antennas, both EAP110 and EAP120 work within the 2.4GHz frequency band and apply 802.11 standards and 2*2MIMO technology, allowing packet transmission at up to 300Mbps. EAP220 has four built-in omnidirectional antennas. Wireless network created by EAP220 can operate at both 2.4GHz and 5GHz. It applies 802.11n standard and two 2*2MIMO technology, allowing packet transmission at up to 600Mbps (300Mbps per radio).
*PSE: Power Sourcing Equipment, a device (switch or hub for instance) that will provide power in a PoE setup. 1.2 Hardware Overview 1.2.1 LED EAP110, EAP120 and EAP220 have the same LED status and corresponding indications. 3 Figure 1-1 Top View of the EAP LED Status Solid green Flashing red Flashing yellow Double-flashing red, green, yellow 1.2.2 Interface Panel EAP110:
Indication The device is working properly. System errors. RAM, flash, Ethernet, WLAN or firmware may be malfunctioning. Firmware update disconnect or power off the device. The device is being reset to its factory default settings. in progress. Do not is Figure 1-2 Interface Panel of EAP110 4 EAP120/EAP220:
Figure 1-3 Interface Panel of EAP120/EAP220 Please note that EAP110 does not have the CONSOLE port, POWER port and ON/OFF button. The interface panel components of the EAP, from left to right, are described in the following list. Kensington Security Slot: Secure the lock (not provided) into the security slot to prevent the device from being stolen. RESET: With the device powered on, press and hold the RESET button for about 8 seconds until the LED flashes red, then release the button. The device will restore to factory default settings. CONSOLE: This port is used to connect to the serial port of a computer or a terminal to check and monitor system information of the EAP120/EAP220. Note: CLI commands are not available in current software version. We will release a new version supporting CLI commands soon. Please pay close attention to our official website. ARROW 1: This arrow is used to align with ARROW 2 on the mounting bracket to lock the EAP into place. ETHERNET:
For EAP110, this port is used to connect to the POE port of the provided PoE adapter for both data transmission and power supply through Ethernet cabling. For EAP120/EAP220, this port is used to connect to a router to transmit data or to a PSE
(Power Sourcing Equipment), such as a PoE switch, for both data transmission and Power over Ethernet (PoE) through Ethernet cabling. ON/OFF: Press this button to turn on/off the EAP120/EAP220. POWER: The power port is used to connect the EAP120/EAP220 to an electrical wall outlet via power adapter. Please only use the provided power adapter. 5 Passive PoE Adapter:
Power LED: The Power LED indicates the status of the electric current: green (0-0.8A), red
(0.8A-1A). POE Port: This port is used to connect the ETHERNET port of the EAP110. LAN Port: This port is used to connect your LAN. 1.2.3 Mounting Bracket The following figure describes the structure of the mounting bracket. Figure 1-4 Layout of the Mounting Bracket 6 Chapter 2 Network Topology A typical network topology for the EAP is shown below. Figure 2-1 Typical Topology To deploy an EAP in your local network, a DHCP server is required to assign IP addresses to the EAP and clients. Typically, a router acts as the DHCP server. Ensure the EAPs are in the same subnet with the Controller Host in which the EAP Controller is installed. The EAP can be managed by the EAP Controller software, which is a management software specially designed for the TP-LINK EAP devices on a local wireless network, allowing you to centrally configure and monitor mass EAP devices using a web browser on your PC. The EAP can also work independently as a standalone device. 7 Chapter 3 Management Mode 300Mbps Wireless N Access Point EAP110 and Wireless N Gigabit Access Point EAP120/EAP220 can either work under the control of the EAP Controller software or work independently as a standalone access point. When user establishes a large-scale wireless network, the management of every single AP in the network is complex and complicated. With the EAP Controller software, you can centrally manage the mass APs simply in a web browser. The Standalone mode applies to a relatively small-sized wireless network. EAPs in the Standalone mode cannot be managed centrally by the EAP Controller software. 3.1 Standalone Mode By default, the EAP works independently as a standalone access point. By entering the IP address of the standalone EAP, you can log in to its web interface and perform configurations. 3.2 Managed Mode The EAP will become a managed AP once it is adopted via the EAP Controller software. Users can manage the AP via a web browser. Refer to the EAP Controller User Guide to know more about EAP Controller software. 3.3 Switch to Standalone Mode The web interface of a specific EAP is not available once this EAP is adopted by the EAP Controller. You can Forget the EAP via the EAP Controller to turn it back as a standalone AP. Refer to the EAP Controller User Guide to learn more. TIPS:
Proceed to the following chapters for information on using the EAP in standalone mode. EAP110 is taken as the example. 8 Chapter 4 Network On Network page you can configure the IP address of the standalone EAP. Figure 4-1 Network Page Dynamic/Static: By default, the EAP device obtains an IP address from a DHCP server (typically a router). Select Static to configure IP address manually. Fallback IP:
If the EAP fails to get a dynamic IP address from a DHCP server within ten seconds, the fallback IP will work as the IP address of the device. After that, however, the device will keep trying to obtain an IP address from the DHCP server until it succeeds. DHCP Fallback IP/IP MASK:
DHCP Fallback Gateway:
Enter the fallback IP/IP mask. Enter the fallback gateway. 9 Chapter 5 Wireless Wireless page, consisting of Wireless Settings, Portal, MAC Filtering, Scheduler, QoS and Rogue AP Detection, is shown below. Figure 5-1 Wireless Page 10 5.1 Wireless Settings Following is the page of Wireless Settings. Figure 5-2 Wireless Settings Page 11 5.1.1 Wireless Basic Settings Figure 5-3 Wireless Basic Settings 2.4GHz Wireless Radio:
Check the box to enable 2.4GHz Wireless Radio. Wireless Mode:
Select the protocol standard for the wireless network. Channel Width:
Wireless network created by the EAP is able to operate in the 2.4GHz frequency The EAP supports 802.11b/g/n, 802.11b/g, and 802.11n standards. It is recommended to select 802.11b/g/n, in which way clients supporting 11b, 11g or 11n mode can access your wireless network. EAP220 the wireless network can work within 2.4GHz and 5GHz frequency. Wireless network of EAP220 operating at 5GHz frequency band supports 802.11a/n, 802.11a and 802.11n standards. It is recommended to select 802.11a/n, in which way your wireless network can be connected by clients supporting 11a or 11n mode. Select the channel width of this device. Options include 20MHz, 40MHz and 20/40MHz (this device automatically selects 20MHz or 40MHz, and 20MHz will be used if 40MHz is not available). According to IEEE 802.11n standard, using a channel width of 40MHz can increase wireless throughput. However, users may choose lower bandwidth due to the following reasons:
1. To increase the available number of channels within the limited total bandwidth. 2. 3. To avoid interference from overlapping channels occupied by other devices in the environment. Lower bandwidth can concentrate higher transmit power, increasing stability of wireless links over long distances. Channel:
Select the channel used by this device to improve wireless performance. 1/2412MHz means the Channel is 1 and the frequency is 2412MHz. Tx power:
Enter the transmit power value. By default, the value is 20. 12 If the maximum transmit power is set to be larger than local regulation allows, the maximum Tx power regulated will be applied in actual situation. NOTE: In most cases, it is unnecessary to select maximum transmit power. Selecting larger transmit power than needed may cause interference to neighborhood. Also it consumes more power and will reduce longevity of the device. Select a certain transmit power is enough to achieve the best performance. 5.1.2 SSIDs SSIDs can work together with switches supporting 802.1Q VLAN. The EAP can build up to eight virtual wireless networks per radio for users to access. At the same time, it adds different VLAN tags to the clients which connect to the corresponding wireless network. It supports maximum 8 VLANs per radio. The clients in different VLAN cannot directly communicate with each other. Clients connected to the device via cable do not belong to any VLAN. Thus wired client can communicate with all the wireless clients despite the VLAN settings. Click in the Modify column, the following content will be shown. Figure 5-4 SSIDs Click to add up to 8 wireless networks per radio. SSID Name:
Enter up to 32 characters as the SSID name. Wireless VLAN ID:
Set a VLAN ID (ranges from 0 to 4094) for the wireless network. VLAN 0 means VLAN function is disabled. Wireless networks with the same VLAN ID are grouped to a VLAN. 13 SSID Broadcast:
Enable this function, AP will broadcast its SSID to hosts in the surrounding environment, as thus hosts can find the wireless network identified by this SSID. If SSID Broadcast is not enabled, hosts must enter the APs SSID manually to connect to this AP. Security Mode: Select the security mode of the wireless network. For the security of wireless network, you are suggested to encrypt your wireless network. This device provides three security modes: WPA-Enterprise, WPA-PSK (WPA Pre-Shared Key) and WEP (Wired Equivalent Privacy). WPA-PSK is recommended. Settings vary in different security modes as the details are in the following introduction. Select None and the hosts can access the wireless network without password. Portal:
Portal provides authentication service for the clients who want to access the wireless local area network. For more information, refer to 5.2 Portal. After Portal is enabled, the configurations in 5.2 Portal will be applied. SSID Isolation: After enabling SSID Isolation, the devices connected in the same SSID cannot communicate with each other. Modify:
Click to open the page to edit the parameters of SSID. Click to delete the SSID. Following is the detailed introduction of security mode: WEP, WPA-Enterprise and WPA-PSK. WEP WEP (Wired Equivalent Privacy), based on the IEEE 802.11 standard, is less safe than WPA-
Enterprise or WPA-PSK. NOTE:
WEP is not supported in 802.11n mode. If WEP is applied in 802.11n mode, the clients may not be able to access the wireless network. If WEP is applied in 11b/g/n mode (in the 2.4GHz frequency band) or 11a/n (in the 5GHz frequency band), the device may work at a low transmission rate. Figure 5-5 Security Mode_WEP Type:
Select the authentication type for WEP. Auto: The default setting is Auto, which can select Open System or Shared Key automatically based on the wireless station's capability and request. 14 Open System: After you select Open System, clients can pass the authentication and associate with the wireless network without password. However, correct password is necessary for data transmission. Shared Key: After you select Shared Key, clients has to input password to pass the authentication, or it cannot associate with the wireless network or transmit data. Key Selected:
You can configure four keys in advance and select one as the present valid key. Wep Key Format:
Select the wep key format ASCII or Hexadecimal. ASCII: ASCII format stands for any combination of keyboard characters in the specified length. Hexadecimal: Hexadecimal format stands for any combination of hexadecimal digits (0-9, a-f, A-F) in the specified length. Key Type:
Select the WEP key length (64-bit, or 128-bit, or 152-bit) for encryption. 64-bit: You can enter 10 hexadecimal digits (any combination of 0-9, a-f, A-F without null key) or 5 ASCII characters. 128-bit: You can enter 26 hexadecimal digits (any combination of 0-9, a-f, A-
F without null key) or 13 ASCII characters. 152-bit: You can enter 32 hexadecimal digits (any combination of 0-9, a-f, A-
F without null key) or 16 ASCII characters. Key Value:
Enter the key value. WPA-Enterprise Based on RADIUS server, WPA-Enterprise can generate different passwords for different users and it is much safer than WPA-PSK. However, it costs much to maintain and is more suitable for enterprise users. At present, WPA-Enterprise has two versions: WPA-PSK and WPA2-PSK. Figure 5-6 Security Mode_WPA-Enterprise Version:
Select one of the following versions:
Auto: Select WPA-PSK or WPA2-PSK automatically based on the wireless station's capability and request. 15 WPA-PSK: Pre-shared key of WPA. WPA2-PSK: Pre-shared key of WPA2. Select the encryption type, including Auto, TKIP, and AES. The default setting is Auto, which can select TKIP (Temporal Key Integrity Protocol) or AES
(Advanced Encryption Standard) automatically based on the wireless station's capability and request. AES is more secure than TKIP and TKIP is not supported in 802.11n mode. It is recommended to select AES as the encryption type. Enter the IP address/port of the RADIUS server. Enter the shared secret of RADIUS server to access the RADIUS server. Encryption:
RADIUS Server IP/Port:
RADIUS Password:
Group Key Update period:
Specify the group key update period in seconds. The value can be either 0 or at least 30. 0 means no update. NOTE:
Encryption type TKIP is not supported in 802.11n mode. If TKIP is applied in 802.11n mode, the clients may not be able to access the wireless network of the EAP. If TKIP is applied in 11b/g/n mode (in the 2.4GHz frequency band) or 11a/n (in the 5GHz frequency band), the device may work at a low transmission rate. WPA-PSK Based on pre-shared key, security mode WPA-PSK is characterized by high security and simple configuration, which suits for common households and small business. WPA-PSK has two versions: WPA-PSK and WPA2-PSK. Figure 5-7 Security Mode_WPA-PSK Version:
Auto: Select WPA or WPA2 automatically based on the wireless station's capability and request. WPA: Pre-shared key of WPA. WPA2: Pre-shared key of WPA2. 16 Encryption:
Select the encryption type, including Auto, TKIP, and AES. The default setting is Auto, which can select TKIP (Temporal Key Integrity Protocol) or AES (Advanced Encryption Standard) automatically based on the wireless station's capability and request. AES is more secure than TKIP and TKIP is not supported in 802.11n mode. It is recommended to select AES as the encryption type. Wireless Password:
Configure the WPA-PSK/WPA2-PSK password with ASCII or Hexadecimal characters. For ASCII, the length should be between 8 and 63 characters with combination of numbers, letters (case-sensitive) and common punctuations. For Hexadecimal, the length should be 64 characters (case-insensitive, 0-9, a-f, A-F). Group Key Update Period:
Specify the group key update period in seconds. The value can be either 0 or at least 30. 0 means no update. 5.1.3 Wireless Advanced Settings Beacon Interval:
DTIM Period:
Figure 5-8 Wireless Advanced Settings Beacons are transmitted periodically by the device to announce the presence of a wireless network for the clients. Beacon Interval value determines the time interval of the beacons sent by the device. You can specify a value from 40 to 100. The default value is 100 milliseconds. This value indicates the number of beacon intervals between successive Delivery Traffic Indication Messages (DTIMs) and this number is included in each Beacon frame. A DTIM is contained in Beacon frames to indicate whether the access point has buffered broadcast and/or multicast data for the client devices. Following a Beacon frame containing a DTIM, the access point will release the buffered broadcast and/or multicast data, if any exists. You can specify the value between 1-255 Beacon Intervals. The default value is 1, indicating the DTIM Period is the same as Beacon Interval. An excessive DTIM period may reduce the performance of multicast applications. It is recommended to keep it by default. RTS Threshold: When the RTS threshold is activated, all the stations and APs follow the Request to Send (RTS) protocol. When the station is to send packets, it will send a RTS to AP to inform the AP that it will send data. After receiving the RTS, the AP notices other stations in the same wireless network to delay their transmitting of data. At the same time, the AP inform the requesting station to send data. The value range is from 1 to 2347 bytes. The default value is 2347, which means that RTS is disabled. 17 Fragmentation Threshold:
Specify the fragmentation threshold for packets. If the size of the packet is larger than the fragmentation threshold, the packet will be fragmented into several packets. Too in poor wireless performance caused by the excessive packets. The recommended and default value is 2346 bytes. low fragmentation threshold may result 5.1.4 Load Balance By restricting the maximum number of clients accessing the EAPs, Load Balance helps to achieve rational use of network resources. Figure 5-9 Load Balance Load Balance:
Disable by default. Click ON to enable the function. After enabling it, you can set a number for maximum associated clients to control the wireless access. Maximum Associated Clients:
Enter the number of clients to be allowed for connection to the EAP. The number ranges from 1 to 99. 5.2 Portal Portal authentication enhances the network security by providing authentication service to the clients who want to access the wireless local network. Portal is also called web authentication. The users have to log in a web page to establish verification. Network resources can be classified into different types for different users. Part of them can be accessed for free by the clients; while some specific resources can only be accessed by authorized users. Whats more, you can customize the authentication login page and specify a URL which the newly authenticated client will be redirected to. Please refer to Portal Configuration or Free Authentication Policy according to your need. 18 Following is the page of Portal. Figure 5-10 Portal Page NOTE:
To apply Portal in a wireless network, please go to WirelessWireless SettingsSSIDs to enable Portal of a selected SSID. 5.2.1 Portal Configuration Three authentication types are available: No Authentication, Local Password and External RADIUS Server. 1. No AuthenticationUsers are required to finish only two steps: agree with the user protocol and click the Login button. 19 2. Local PasswordUsers are required to enter the preset user name and password, which are saved in the EAP. 3. External RADIUS ServerUsers are required to enter the preset user name and password, which are saved in the database of the RADIUS server. The RADIUS server acts as the authentication server, which allows you to set different user name and password for different users. Refer to the following content to configure Portal based on actual network situations. No Authentication Authentication Type:
Authentication Timeout:
Figure 5-11 Portal Configuration_No Authentication Select No Authentication. After successful verification, an authentication session is established. Authentication Timeout decides the active time of the session. Within the active time, the device keeps the authentication session open with the associated client. To reopen the session, the client needs to log in the web authentication page and enter the user name and password again once authentication timeout is reached. By default, authentication timeout is one hour. Select Custom from the drop-
down list to customize the parameter. Redirect:
Disable by default. Redirect specifies that the portal should redirect the newly authenticated clients to the configured URL. 20 Redirect URL:
Enter the URL that a newly authenticated client will be directed to. Portal Customization:
Select Local Web Portal, the authentication login page will be provided by the built-in portal server. The page configured below will be presented to users as the login page. Words can be filled in Input Box 1 and Input Box 2. Enter up to 31 characters as the title of the authentication login page in Input Box 1, like Guest Portal of TP-LINK. Enter the terms presented to users in Input Box 2. The terms can be 1 to 1023 characters long. 21 Local Password Figure 5-12 Portal Configuration_Local Password Authentication Type:
Select Local Password. Username:
Password:
Enter the user name for local authentication. Enter the password for local authentication. Please refer to No Authentication to configure Authentication Timeout, Redirect, Redirect URL, and Portal Customization. External RADIUS Server External RADIUS Server provides two types of portal customization: Local Web Portal and External Web Portal. The authentication login page of Local Web Portal is provided by the built-
in portal server of the EAP, as Figure 5-13 shown. The authentication login page of External Web Portal is provided by external portal server, as Figure 5-14 shown. 22 1. Local Web Portal Figure 5-13 Portal Configuration_External RADIUS Server_Local Web Portal Authentication Type:
Select External RADIUS Server. RADIUS Server IP:
Enter the IP address of the RADIUS server. Port:
Enter the port for authentication service. RADIUS Password:
Enter the shared secret of RADIUS server to log in to the RADIUS server. Please refer to No Authentication to configure Authentication Timeout, Redirect, Redirect URL, and Portal Customization. 23 2. External Web Portal Figure 5-14 Portal Configuration_External RADIUS Server_External Web Portal Authentication Type:
Select External RADIUS Server. RADIUS Server IP:
Enter the IP address of the RADIUS server. Port:
Enter the port for authentication service. RADIUS Password:
Enter the shared secret of RADIUS server to log in to the RADIUS server. Portal Customization:
Select External Web Portal. External Web Portal URL:
Enter the authentication login pages URL, which is provided by the remote portal server. Please refer to No Authentication to configure Authentication Timeout, Redirect and Redirect URL. 5.2.2 Free Authentication Policy Free Authentication Policy allows clients to access network resources for free. On the lower part of the Portal page you can configure and view free authentication policies. Figure 5-15 Free Authentication Policy 24 Click to add a new authentication policy and configure its parameters. Figure 5-16 Configure Free Authentication Policy Policy Name:
Enter a policy name. Source IP Range:
Enter the source IP address and subnet mask of the clients who can enjoy the free authentication policy. Leaving the field empty means all IP addresses can access the specific resources. Destination IP Range:
Enter the destination IP address and subnet mask for free authentication policy. Leaving the field empty means all IP addresses can be visited. When External Radius Server is configured and External Web Portal is selected, please set the IP address and subnet mask of your external web server as the Destination IP Range. Source MAC:
Enter the source MAC address of the clients who can enjoy the free authentication policy. Leaving the field empty means all MAC addresses can access the specific resources. Destination Port:
Enter the destination port for free authentication policy. Leaving the field empty means all ports can be accessed. Status:
Check the box to enable the policy. Click the button OK in Figure 5-16 and the policy is successfully added as Figure 5-17 shows. 25 Figure 5-17 Add Free Authentication Policy Here is the explanation of Figure 5-17: The policy name is Policy 1. Clients with IP address range 192.168.2.0/24 are able to visit IP range 10.10.10.0/24. Policy 1 is enabled. Click to edit the policy. Click to delete the policy. 5.3 MAC Filtering MAC Filtering uses MAC addresses to determine whether one host can access the wireless network or not. Thereby it can effectively control the user access in the wireless network. Figure 5-18 MAC Filtering Page Settings Enable MAC Filtering: Check the box to enable MAC Filtering. 26 Station MAC Group Follow the steps below to add MAC groups. Step 1:
Click Step 2:
Click Step 3:
Click
, two tables will be shown. Figure 5-19 Station MAC Group and fill in a name for the MAC group. Figure 5-20 Add a Group and input the MAC address you want to organize into this group. Figure 5-21 Add a Group Member 27 in Modify column to edit the MAC group name or MAC address. Click Click MAC group or group member. to delete the MAC Filtering Association Figure 5-22 MAC Filtering Association SSID Name:
Displays the SSID of the wireless network. Band:
Displays the frequency band the wireless network operates at. MAC Group Name:
Select a MAC group from the drop-down list to allow or deny its members to access the wireless network. Action:
Allow: Allow the access of the stations specified in the MAC group. Deny: Deny the access of the stations specified in the MAC group. 5.4 Scheduler Scheduler allows you to configure rules with specific time interval for radios to operate, which automates the enabling or disabling of the radio. 28 Figure 5-23 Scheduler Page Settings Scheduler:
Check the box to enable Scheduler. Association Mode:
Select Associated with SSID/AP, you can perform configurations on the SSIDs/AP. The display of Scheduler Association is based on your option here. Scheduler Profile Configuration Follow the steps below to add rules. Step 1:
Click
, two tables will be shown. Figure 5-24 Scheduler Profile Configuration 29 Step 2:
Click and input a profile name for the rule. Figure 5-25 Add a Profile Step 3:
Click and configure the recurring schedule for the rule. Figure 5-26 Add a Rule 30 Scheduler Association This zone will display different contents based on your selection of association mode in Settings. 1. Associated with SSID Figure 5-27 Scheduler Association_Associated with SSID SSID Name:
Displays the SSID of the standalone AP. Band:
Displays the frequency band which the wireless network operates at. Profile Name:
Select a profile name from the drop-down list. Profile name is configured in Scheduler Profile Configuration. Action:
Select Radio On/Off to turn on/off the wireless network during the time interval set for the profile. 2. Associated with AP Figure 5-28 Scheduler Association_Associated with AP AP:
Displays the name of the device. AP MAC:
Displays the MAC address of the device. Profile Name:
Select a profile name from the drop-down list. Profile name is configured in Scheduler Profile Configuration. Action:
Select Radio On/Off to turn on/off the wireless network during the time interval set for the profile. 31 5.5 QoS The EAP supports Quality of Service (QoS) to prioritize voice and video traffic over other traffic types. In normal use, the default values for the EAP device and station EDCA should not need to be changed. Changing these values affects the QoS provided. Figure 5-29 QoS Page Wi-Fi Multimedia
(WMM):
By default, WMM is enabled. After WMM is enabled, the device has the QoS function to guarantee the transmission of audio and video packets with high priority. 32 5.5.1 AP EDCA Parameters AP Enhanced Distributed Channel Access (EDCA) parameters affect traffic flowing from the EAP device to the client station. Figure 5-30 AP EDCA Parameters Queue:
Displays the transmission queues: Data 0>Data 1>Data 2>Data 3. Arbitration Inter-
Frame Space:
A wait time for data frames. The wait time is measured in slots. Valid values for AIFS are from 1 to 15. Minimum Contention Window:
Maximum Contention Window:
An input to the algorithm that determines the initial random backoff wait time (window) for retry of a transmission. The upper limit (in milliseconds) for the doubling of the random backoff value. Maximum Burst This parameter applies only to traffic flowing from EAP to the client station. This value specifies (in milliseconds) the maximum burst length allowed for packet bursts on the wireless network. A packet burst is a collection of multiple frames transmitted without header information. The decreased overhead results in higher throughput and better performance. Valid values for Maximum Burst are from 0 to 8192 and should be exactly divided by 32. 33 5.5.2 Station EDCA Parameters Station EDCA parameters affect traffic flowing from the client station to the EAP device. Figure 5-31 Station EDCA Parameters Queue Displays the transmission queues: Data 0>Data 1>Data 2>Data 3. Arbitration Inter-
Frame Space A wait time for data frames. The wait time is measured in slots. Valid values for AIFS are 1 through 15. Minimum Contention Window An input to the algorithm that determines the initial random backoff wait time (window) for retry of a transmission. Maximum Contention Window TXOP Limit The upper limit (in milliseconds) for the doubling of the random backoff value. The Transmission Opportunity (TXOP) in milliseconds, when a WME client station has the right to initiate transmissions onto the wireless medium towards the EAP device. Valid values for TXOP Limit are from 0 to 8192 and should be exactly divided by 32. interval of time, is an No Acknowledgement Select Enable to specify that the EAP device should not acknowledge frames with QosNoAck as the service class value. By default, it is disabled. Unscheduled Automatic Power Save Delivery Select Enable to enable APSD, which is a power management method. APSD is recommended if VoIP phones access the network through the EAP device. By default, it is enabled. 34 5.6 Rogue AP Detection A Rogue AP is an access point that has been installed on a secure network without explicit authorization from a system administrator. The EAP device can scan all channels to detect all APs in the vicinity of the network. If rogue APs are detected, they are shown on the Detected Rogue AP List. If an AP listed as a rogue is legitimate, you can add it to the Trusted AP List. Figure 5-32 Rogue AP Detection Page 35 5.6.1 Settings Figure 5-33 Enable Rogue AP Detection Rogue AP Detection:
Check the box to enable Rogue AP Detection, then click Save. 5.6.2 Detected Rogue AP List Information about the detected rogue APs is displayed in the list. By default, the status of the detected rogue AP is unknown. You can click Known in Action column to move the AP to the Trusted AP List. Figure 5-34 Detected Rogue AP List Click to scan rogue APs. Make sure you have enabled Rogue AP Detection and saved the setting before you click the button. Click Known to move the AP to the Trusted AP List. After the configurations are saved, the moved AP will not be displayed in the Detected Rogue AP List. The MAC address of the rogue AP. The SSID for the rogue AP. Displays the frequency band which the wireless network of the rogue AP operates at. Action:
MAC:
SSID:
Band:
Channel:
The channel on which the rogue AP is currently broadcasting. Security:
Displays the enabling or disabling of the security mode of the wireless network. 36 Beacon Interval:
The beacon interval used by the rogue AP. Beacon frames are transmitted by an AP at regular intervals to announce the existence of the wireless network. The default behavior is to send a beacon frame once every 100 milliseconds (or 10 per second). Signal:
The strength of the radio signal emitting from the rogue AP. 5.6.3 Trusted AP List Information about the trusted APs is displayed in the list. Figure 5-35 Trusted AP List Action:
Click Unknown to move the AP out of the Trusted AP List. MAC:
SSID:
Band:
The MAC address of the trusted AP. The SSID for the trusted AP. Displays the frequency band which the wireless network of the trusted AP operates at. Channel:
The channel on which the trusted AP is currently broadcasting. Security:
Displays the enabling or disabling of the security mode of the wireless network. 5.6.4 Download/Backup Trusted AP List You can import a list of trusted APs from a saved list which is acquired from another AP or created from a text file. The AP whose MAC address is in the Trusted AP List will not be detected as a rogue. You can also backup a list and save it in your PC. Figure 5-36 Download/Backup Trusted AP List 37 Save Action:
Select Download (PC to AP) to import a trusted AP list to the device. Select Backup (AP to PC) to copy the trusted AP list to your PC. Source File Name:
Click Browse and choose the path of a saved trusted AP list or to save a trusted AP list. File Management:
Select Replace to import the list and replace the contents of the Trusted AP List. Select Merge to import the list and add the APs in the imported file to the APs currently shown in the Trusted AP List NOTE:
EAP device does not have any control over the APs in the Detected Rogue AP List. 38 Chapter 6 Monitoring On Monitoring page, you can monitor the network running status and statistics based on AP, SSID and Client. 6.1 AP AP List on the Monitoring page displays the device name, its MAC address and the number of clients. Below the AP List the APs detailed information will be shown, including Device Information, Wireless Settings, LAN Information, Client, LAN Traffic and Radio Traffic. Figure 6-1 AP Monitoring 6.1.1 AP List Figure 6-2 AP List 39 Device Name:
Displays the device name. MAC:
Displays the MAC address of the EAP. Num of Clients:
Displays the number of clients connected to the EAP. Device Information Figure 6-3 Device Information Device Name:
Displays the device name. Device Model: Displays the model of the device. Firmware Version:
System Time:
Displays the firmware version of the device. If you want to upgrade the firmware, please refer to 8.5 Firmware Upgrade. Displays the system time of the device. If you want to adjust the system time, please refer to 8.2.1 Time Settings. Uptime:
Displays the time that has elapsed since the last reboot. CPU:
Memory:
Displays the CPU occupancy, which helps you to preliminarily judge whether the device functions properly. Displays the memory usage , which helps you to preliminarily judge whether the device functions properly. 40 Wireless Settings Figure 6-4 Wireless Settings Region:
Displays the region youve selected. Channel/Frequency:
Displays the channel number and the operating frequency. If you want to change them, please refer to 5.1.1 Wireless Basic Settings. Channel Width:
Displays the spectral width of the radio channel used by the device. If you want to change it, refer to 5.1.1 Wireless Basic Settings. IEEE802.11 Mode:
Displays the radio standard used for operation of your device. If you want to change it, refer to 5.1.1 Wireless Basic Settings. Max TX Rate:
Displays the maximum data rate at which the device should transmit wireless packets. Transmit Power:
Displays the maximum average transmit power of the device. If you want to change it, refer to 5.1.1 Wireless Basic Settings. LAN Information Figure 6-5 LAN Information MAC Address:
Displays the MAC address of the device. IP Address:
Displays the IP address of the device. Subnet Mask:
Displays the subnet mask of the device. 41 LAN Port:
Displays the maximum transmission rate and duplex mode (half-duplex or full-duplex) of the port. Client Figure 6-6 Client MAC:
SSID:
SNR(dB):
CCQ(%):
Displays the MAC address of the client of the AP selected in AP List. Displays the SSID the client is connected to. Signal to Noise Ratio, the power ratio between the received wireless signal strength and the environmental noise strength. The bigger the value of SNR, the better network performance the device provides. Displays the wireless Client Connection Quality (CCQ). CCQ refers to the ratio of current effective transmission bandwidth and the theoretically maximum available bandwidth. CCQ reflects the actual link condition. Rate(Mbps):
Displays the data rate at which the client transmits wireless packets. Down(Byte):
Displays the throughput of the downstream data. Up(Byte):
Displays the throughput of the upstream data. Active Time:
Displays the amount of time the client has been connected to the device. LAN Traffic Click LAN Traffic and you can monitor the data transmission status of the LAN port. Figure 6-7 LAN Traffic 42 Rx/Tx Packets:
Displays the total amount of packets received/sent on the LAN port. Rx/Tx Bytes:
Displays the total amount of data (in bytes) received/sent on the LAN port. Rx/Tx Dropped Packets:
Displays the total amount of dropped packets received/sent on the LAN port. Rx/Tx Errors:
Displays the total amount of error packets received/sent on the LAN port. Radio Traffic Click Radio Traffic and you can monitor the data transmission status of the wireless network. Figure 6-8 Radio Traffic Rx/Tx Packets:
Displays the total amount of packets received/sent by the wireless network. Rx/Tx Bytes:
Displays the total amount of data (in bytes) received/sent by the wireless network. Rx/Tx Dropped Packets:
Displays the total amount of dropped packets received/sent by the wireless network. Rx/Tx Errors:
Displays the total amount of error packets received/sent by the wireless network. 43 6.2 SSID Figure 6-9 SSID Monitoring 6.2.1 SSID List In SSID List you can monitor the related parameters of the wireless network. Figure 6-10 SSID List SSID Name:
Displays the SSID name. If you want to modify it, please refer to 5.1.2 SSIDs. VLAN ID:
Displays the VLAN which the SSID belongs to. If you want to change the VLAN ID, please refer to 5.1.2 SSIDs. Num of Clients:
Displays the number of clients connected to the SSID. If you want to get more information about these clients, please refer to 5.1.2 SSIDs. SSID Broadcast: Displays the enabling or disabling of SSID broadcast. If you want to modify it, please refer to 5.1.2 SSIDs. Band:
Security:
Portal:
Displays the frequency band the wireless network is operating at. Displays the security mode the wireless network is applying. If you want to modify it, please refer to 5.1.2 SSIDs. Displays the enabling or disabling of Portal. If you want to modify it, please refer to 5.1.2 SSIDs. MAC Filtering:
Displays the enabling or disabling of MAC Filtering. If you want to modify it, please refer to 5.1.2 SSIDs. 44 Isolation:
Displays the enabling or disabling of SSID Isolation. If you want to modify it, please refer to 5.1.2 SSIDs. Down(Byte):
Displays the throughput of the downstream data. Up(Byte):
Displays the throughput of the upstream data. 6.3 Client From User List, you can monitor the status of all the clients connected to the EAP including those who are authenticated. Figure 6-11 Client Monitoring 6.3.1 User List Figure 6-12 User List MAC:
Displays the MAC address of the client. Access Point: Displays the name of the device to which the client is connected. SSID:
Displays the SSID the client is connected to. 45 SNR(dB):
CCQ(%):
Signal to Noise Ratio, the power ratio between the received wireless signal strength and the environmental noise strength. The bigger the value of SNR, the better network performance the device provides. Displays the wireless Client Connection Quality (CCQ). CCQ refers to the ratio of current effective transmission bandwidth and the theoretically maximum available bandwidth. CCQ reflects the actual link condition. Rate(Mbps):
Displays the data rate at which the client transmits wireless packets. Down(Byte):
Displays the throughput of the downstream data. Up(Byte):
Displays the throughput of the upstream data. Active Time:
Displays the amount of time the client has been connected to the device. 6.3.2 Portal Authenticated Guest The Portal Authenticated Guest displays information about clients that have set up valid authentication. Figure 6-13 Portal Authenticated Guest MAC:
Displays the MAC address of the authenticated client. Access Point: Displays the name of the device to which the authenticated client is connected SSID:
Displays the SSID the authenticated client is connected to. SNR(dB):
CCQ(%):
Signal to Noise Ratio, the power ratio between the received wireless signal strength and the environmental noise strength. The bigger the value of SNR, the better network performance the device provides. Displays the Client Connection Quality (CCQ) of the authenticated client. CCQ refers to the ratio of current effective transmission bandwidth and the theoretically maximum available bandwidth. CCQ reflects the actual link condition. Rate(Mbps):
Displays the data rate at which the authenticated client transmits wireless packets. Down(Byte):
Displays the throughput of the downstream data. Up(Byte):
Displays the throughput of the upstream data. 46 Active Time:
Displays the amount of time the authenticated client has been connected to the root AP. Action:
Click Unauthorize to stop giving authorization to the clients connected to the wireless network. 47 Chapter 7 Management Management page is mainly used for device management and maintenance. 7.1 System Log System log records information about hardware, software as well as system issues and monitors system events. With the help of system log, you can get informed of system running status and detect the reasons for failure. Following is the page of System Log. Figure 7-1 System Log Page 7.1.1 Log List From Log List you can view detailed information about hardware, software, system issues and so on. 48 Figure 7-2 Log List 7.1.2 Log Settings You can choose the way to receive system logs in Log Settings zone, where these parameters can be configured: Enable Auto Mail, Enable Server and Enable Nvram. Figure 7-3 Log Settings Enable Auto Mail If Auto Mail is enabled, system logs will be sent to a mailbox. The following content will be shown. Figure 7-4 Enable Auto Mail Enter the senders email address. Enter the recipients email address, which will receive the system logs. 49 From:
To:
SMTP Server:
Enter the IP address of the SMTP server. Enable Authentication:
Generally users are required to log in to the SMTP server by entering user name and password. User Name: Enter the senders email address. Password: Enter the password of the senders email address. Confirm Password: Enter the password again for confirmation. Time Mode:
System logs can be sent at specific time or time interval. Fixation Time: Set a fixed time, for example, 15:00. The recipient will receive the system logs sent by the device at 15:00 every day. Period Time: Set a time interval, for example, 5 hours. The recipient will receive the system logs sent by the device every 5 hours. Enable Server System logs can also be sent to a server. After Auto Mail Feature is enabled, the following content will be shown. Figure 7-5 Enable Server System Log Server IP:
Enter the IP address of the remote server. System Log Server Port:
Enter the port of the remote server. Enable Nvram By default, Nvram is disabled. Check the box to enable Nvram, system logs will be saved after power supply is cut. 7.2 Web Server You can log in web management interface, thereby manage and maintain the device. 50 Following is the page of Web Server. Figure 7-6 Web Server Page HTTPS:
HTTPS (Hypertext Transfer Protocol Secure) is enabled by default. Secure Server Port:
Designate a secure server port for web server in HTTPS mode. By default the port is 443. Server Port:
Designate a server port for web server in HTTP mode. By default the port is 80. Session Timeout:
Set the session timeout time. If you do nothing with the web management page within the timeout time, the system will log out automatically. Please login again if you want to go back to web management page. 7.3 Management Access Management Access Control allows you to configure up to four MAC addresses of the hosts that are allowed to log in to the web management page of the EAP. Click Add PCs MAC and the MAC address of the current host will be added to MAC address list. 51 Following is the page of Management Access. Figure 7-7 Management Access Page MAC Authentication:
Check the box to enable MAC Authentication. After MAC Authentication is enabled, only the PCs in MAC address list can log in the devices web management page. By default this function is disabled. All PCs in LAN can log in and manage the device. MAC1~MAC4:
Enter the MAC addresses of the PCs which are authorized to log in the device. 7.4 LED ON/OFF Following is the page of LED ON/OFF. By default the LED is on. Figure 7-8 LED ON/OFF 7.5 SSH This device supports the SSH Server function that allows users to login and manage it through SSH connection on the SSH client software. 52 SSH (Secure Shell) is a security protocol established on application and transport layers. SSH-
encrypted-connection is similar to a telnet connection, but essentially the old telnet remote management method is not safe, because the password and data transmitted with plain-text can be easily intercepted. SSH can provide information security and powerful authentication when you login this device remotely through an insecure network environment. It can encrypt all the transmission data and prevent the information in remote management from being leaked. Following is the page of SSH. Figure 7-9 SSH Page Server Port:
Enter the server port. By default, it is port 22. SSH Login:
Check the box to enable SSH Server. By default, it is disabled. 7.6 SNMP The device can be configured as an SNMP agent. SNMP (Simple Network Management Protocol), the most widely applied network management protocol, provides a management framework to monitor and maintain Internet devices. Main functions of SNMP include monitoring network performance, detecting and analyzing network error, configuring network devices, and so on. When networks function properly, SNMP can perform the functions of statistics, configuration and testing. When networks have troubles, SNMP can detect and restore these troubles. An SNMP consists of three key components: manager, agent and MIB (Management Information Base). SNMP manager is a client program operating at workstation, assisting network administrators to accomplish most network device management tasks. An agent is a network-
management software module that resides on a managed device and responsible for receiving and dealing with data sent by managing device. Generally the managed devices are network devices including hosts, bridges, switches and routers. MIB is the collection of managed devices. It defines a series of properties of the managed devices. Every SNMP agent has its own MIB. 53 Once the device has become an SNMP agent, it is able to receive and process request messages from SNMP manager. Following is the page of SNMP. Figure 7-10 SNMP Page SNMP Agent:
Enable SNMP Agent and the SNMP Agent will collect the information of this device and respond to information requests from one or more management systems. SysContact:
Enter the textual identification of the contact person for this managed node. SysName:
Enter an administratively-assigned name for this managed node. SysLocation:
Enter the physical location of this managed node. Get Community:
Get Source:
Community refers to a host group aiming at network management. Get Community only has the read-only right of the device's SNMP information. The community name can be considered a group password. The default setting is public. Defines the IP address (for example, 10.10.10.1) or subnet for management systems that can serve as Get Community to read the SNMP information of this device. The format of subnet is IP address/bit (such as 10.10.10.0/24). The default is 0.0.0.0, which means all hosts can read the SNMP information of this device. Set Community:
Set Community has the read and write right of the device's SNMP information. Enter the community name that allows read/write access to the device's SNMP information. The community name can be considered a group password. The default setting is private. 54 Defines the IP address (for example, 10.10.10.1) or subnet for management systems that can serve as Set Community to read and write the SNMP information of this device. The format of subnet is IP address/bit (such as 10.10.10.0/24). The default is 0.0.0.0, which means all hosts can read and write the SNMP information of this device. Set Source:
NOTE:
Defining community can allow management systems in the same community to communicate with the SNMP Agent. The community name can be seen as the shared password of the network hosts group. Thus, for the security, we suggest modifying the default community name before enabling the SNMP Agent service. If the field of community is blank, the SNMP Agent will not respond to any community name. 55 Chapter 8 System System page is mainly used to configure some basic information like user account and time, and realize functions including reboot, reset, backup, restore and upgrade the device. 8.1 User Account You can change the username and password to protect your device from unauthorized login. We recommend that you change the default user password on the very first system setup. Figure 8-1 User Account Page Old User Name/Password:
Enter the present user name and password of the admin account to get the permission of modification. New User Name/Password:
Enter a new user name and password for the admin account. Both values are case-sensitive, up to 64 characters and with no space. Confirm New Password:
Enter the new password again. 8.2 Time Settings System time represents the device systems notion of the passing of time. System time is the standard time for Scheduler and other time-based functions. You can manually set the system time, configure the system to acquire its time settings from a preconfigured NTP server or synchronize the system time with the PCs clock. The device supports DST (daylight saving time). 56 Figure 8-2 Time Settings 8.2.1 Time Settings Figure 8-3 Time Settings Click the button and the device will obtain GMT time from NTP server. IP address of the NTP server has to be filled in. Click the button, your PCs time will be obtained as the devices system time. Time zone:
Select your local time zone from the drop-down list. Date:
Time:
Set the current date, in format MM/DD/YYYY. For example, for November 25, 2014, enter 11/25/2014 in the field. Specify the devices time. Select the number from the drop-down list in time format HH/MM/SS. 57 Primary/Secondary NTP Server:
If youve selected Get GMT from an NTP server, please input the primary NTP sever address and an alternative NTP server address. 8.2.2 Daylight Saving Figure 8-4 Daylight Saving Daylight Saving:
Enable or disable the DST. DST is disabled by default. Mode:
Options include Predefined Mode, Recurring Mode and Date Mode. Please refer to the following content for more information. Predefined Mode Figure 8-5 Predefined Mode Mode:
Select Predefined Mode. Predefine Country:
Select a predefined DST configuration. Europe is the predefined country by default. USA: Second Sunday in March, 02:00 ~ First Sunday in November, 02:00 European: Last Sunday in March, 01:00 ~ Last Sunday in October, 01:00 Australia: First Sunday in October, 02:00 ~ First Sunday in April, 03:00 New Zealand: Last Sunday in September, 02:00 ~ First Sunday in April, 03:00 58 Recurring Mode Figure 8-6 Recurring Mode Mode:
Select Recurring Mode. The configuration is recurring in use. Time Offset:
Specify the time adding in minutes when Daylight Saving Time comes. Start/End:
Select starting time and ending time of Daylight Saving Time. Date Mode Figure 8-7 Date Mode Mode:
Select Date Mode. Time Offset:
Specify the time adding in minutes when Daylight Saving Time comes. Start/End:
Select starting time and ending time of Daylight Saving Time. 8.3 Reboot/Reset Figure 8-8 Reboot & Reset Click Reboot to restart the device. Click Reset to restore the device to factory default settings. 59 8.4 Backup & Restore Figure 8-9 Backup & Restore You can save the current configuration of the EAP as a backup file and restore the configuration via a backup file. Back up the settings before you upgrade the device or upload a new configuration file can prevent it from being lost. Restore function helps you to restore the device to previous settings by uploading a backup file. 8.5 Firmware Upgrade Figure 8-10 Firmware Upgrade Please log in http://www.tp-link.com/en/support/download/ to download the latest system file. Click Browse to choose the firmware file. Click Upgrade to upgrade the devices. 60 NOTE:
1. Please select the proper software version that matches your hardware to upgrade. 2. To avoid damage, please do not turn off the device while upgrading. 3. After upgrading, the device will reboot automatically. 61 Appendix A: Specifications HARDWARE FEATURES Model Interface EAP110 Kensington lock slot RESET button ETHERNET:
10/100Mbps Ethernet port (RJ-
45) 24V/1A passive PoE adapter (included) EAP120 EAP220 ETHERNET: 10/100/1000Mbps Ethernet port (RJ-
45) CONSOLE port (RJ-45) Power connector (DC-2) PoE(802.3af-compliant, 36-57VDC, 0.2A Max) or external 12VDC/1A power supply 4.4W PoE (802.3af-compliant, 36-57VDC, 0.4A Max)or external 12VDC/1.5A power supply 9.6W 4*4dBi embedded 2.4GHz & 5GHz IEEE 802.11a/b/g/n Up to 600Mbps 2.4GHz:23dBm 5GHz:20dBm 2*4dBi embedded 2*3dBi embedded Ceiling/Wall mounting (kits included) CE, FCC, RoHS 0~40 (32~104) 10%~90% non-condensing Power Supply 7.7W Maximum Power Consumption Antenna Mounting Certification Operating Temperature Operating Humidity WIRELESS FEATURES Wireless Frequency Wi-Fi Standard Maximum Data Rate Max Transmission Power Multiple SSIDs Captive Authentication Wireless Security WEP Portal RF 2.4GHz IEEE 802.11b/g/n Up to 300Mbps 23dBm Up to eight per radio Support WPA/WPA2-personal WPA/WPA2-enterprise 62
frequency | equipment class | purpose | ||
---|---|---|---|---|
1 | 2015-02-12 | 2412 ~ 2462 | DTS - Digital Transmission System | Original Equipment |
app s | Applicant Information | |||||
---|---|---|---|---|---|---|
1 | Effective |
2015-02-12
|
||||
1 | Applicant's complete, legal business name |
TP-Link Technologies Co., Ltd.
|
||||
1 | FCC Registration Number (FRN) |
0013661145
|
||||
1 | Physical Address |
Building 24 (floors 1,3,4,5) and 28 (floors1-4)
|
||||
1 |
Shenzhen, N/A 518057
|
|||||
1 |
China
|
|||||
app s | TCB Information | |||||
1 | TCB Application Email Address |
h******@acbcert.com
|
||||
1 | TCB Scope |
A4: UNII devices & low power transmitters using spread spectrum techniques
|
||||
app s | FCC ID | |||||
1 | Grantee Code |
TE7
|
||||
1 | Equipment Product Code |
EAP110
|
||||
app s | Person at the applicant's address to receive grant or for contact | |||||
1 | Name |
J**** H******
|
||||
1 | Title |
Regulatory Compliance Manager
|
||||
1 | Telephone Number |
75521********
|
||||
1 | Fax Number |
75526********
|
||||
1 |
c******@tp-link.com
|
|||||
app s | Technical Contact | |||||
1 | Firm Name |
Bureau Veritas Consumer Products Services ltd
|
||||
1 | Name |
H****** R********
|
||||
1 | Physical Address |
No.19, Hwa Ya 2nd Rd., Kwei Shan Hsiang
|
||||
1 |
Taoyuan Hsien
|
|||||
1 |
Taiwan
|
|||||
1 | Telephone Number |
88633******** Extension:
|
||||
1 | Fax Number |
88633********
|
||||
1 |
R******@tw.bureauveritas.com
|
|||||
app s | Non Technical Contact | |||||
n/a | ||||||
app s | Confidentiality (long or short term) | |||||
1 | Does this application include a request for confidentiality for any portion(s) of the data contained in this application pursuant to 47 CFR § 0.459 of the Commission Rules?: | Yes | ||||
1 | Long-Term Confidentiality Does this application include a request for confidentiality for any portion(s) of the data contained in this application pursuant to 47 CFR § 0.459 of the Commission Rules?: | No | ||||
if no date is supplied, the release date will be set to 45 calendar days past the date of grant. | ||||||
app s | Cognitive Radio & Software Defined Radio, Class, etc | |||||
1 | Is this application for software defined/cognitive radio authorization? | No | ||||
1 | Equipment Class | DTS - Digital Transmission System | ||||
1 | Description of product as it is marketed: (NOTE: This text will appear below the equipment class on the grant) | 300Mbps Wireless N Access Point | ||||
1 | Related OET KnowledgeDataBase Inquiry: Is there a KDB inquiry associated with this application? | No | ||||
1 | Modular Equipment Type | Does not apply | ||||
1 | Purpose / Application is for | Original Equipment | ||||
1 | Composite Equipment: Is the equipment in this application a composite device subject to an additional equipment authorization? | No | ||||
1 | Related Equipment: Is the equipment in this application part of a system that operates with, or is marketed with, another device that requires an equipment authorization? | No | ||||
1 | Grant Comments | Power Output listed is conducted. Device is an 802.11n device in a 2x2 MIMO configuration as described in this filing. The antennas used for this transmitter must be installed to provide a separation distance of at least 20 cm from all persons and not be co-located with any other transmitters except in accordance with FCC multi-transmitter product procedures. End-users and installers must be provided with antenna installation instructions and transmitter operating conditions for satisfying RF exposure compliance. This devcie has a 20 MHz and 40 MHz bandwidth mode | ||||
1 | Is there an equipment authorization waiver associated with this application? | No | ||||
1 | If there is an equipment authorization waiver associated with this application, has the associated waiver been approved and all information uploaded? | No | ||||
app s | Test Firm Name and Contact Information | |||||
1 | Firm Name |
Bureau Veritas CPS(H.K.) Ltd., Taoyuan Branch
|
||||
1 | Name |
K****** L********
|
||||
1 | Telephone Number |
+886-******** Extension:
|
||||
1 | Fax Number |
+886-********
|
||||
1 |
k******@tw.bureauveritas.com
|
|||||
Equipment Specifications | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Line | Rule Parts | Grant Notes | Lower Frequency | Upper Frequency | Power Output | Tolerance | Emission Designator | Microprocessor Number | |||||||||||||||||||||||||||||||||
1 | 1 | 15C | MO | 2412.00000000 | 2462.00000000 | 0.4940000 |
some individual PII (Personally Identifiable Information) available on the public forms may be redacted, original source may include additional details
This product uses the FCC Data API but is not endorsed or certified by the FCC