Enterprise-class 802.11ac Wave 2 Wireless Access Points
with 2.4GHz and 5GHz Radios
AT-TQ5403
AT-TQm5403
AT-TQ5403e
Management Software User’s Guide
613-002651 Rev.C
Copyright 2019 Allied Telesis, Inc.
All rights reserved.
This product includes software licensed under the BSD License. As such, the following language applies for those
portions of the software licensed under the BSD License:
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following
conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of Allied Telesis, Inc. nor the names of the respective companies above may be used to endorse or
promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Copyright (c) [dates as appropriate to package] by The Regents of the University of California - All rights reserved.
Copyright (c) 2000-2003 by Intel Corporation - All rights reserved. Copyright (c) 1997-2003, 2004 by Thomas E. Dickey
<dickey@invisible-island.net> - All rights reserved. Copyright (c) 2001-2009 by Brandon Long (ClearSilver is now
licensed under the New BSD License.) Copyright (c) 1984-2000 by Carnegie Mellon University - All rights reserved.
Copyright (c) 2002,2003 by Matt Johnston - All rights reserved. Copyright (c) 1995 by Tatu Ylonen <ylo@cs.hut.fi> - All
rights reserved. Copyright 1997-2003 by Simon Tatham. Portions copyright by Robert de Bath, Joris van Rantwijk,
Delian Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry, Justin Bradford, and CORE SDI S.A.
Copyright (c) 1989, 1991 by Free Software Foundation, Inc. (GNU General Public License, Version 2, June 1991).
Copyright (c) 2002-2005 by Jouni Malinen <jkmaline@cc.hut.fi> and contributors. Copyright (c) 1991, 1999 by Free
Software Foundation, Inc. (GNU Lesser General Public License, Version 2.1, February 1999). Copyright (c) 1998-2002
by Daniel Veillard - All rights reserved. Copyright (c) 1998-2004 by The OpenSSL Project - All rights reserved.
Copyright (c) 1995-1998 by Eric Young (eay@cryptsoft.com) - All rights reserved.
This product also includes software licensed under the GNU General Public License available from:
http://www.gnu.org/licenses/gpl2.html
Allied Telesis is committed to meeting the requirements of the open source licenses including the GNU General Public
License (GPL) and will make all required source code available.
If you would like a copy of the GPL source code contained in this product, please send us a request by registered mail
including a check for US$15 to cover production and shipping costs, and a CD with the GPL code will be mailed to you.
GPL Code Request
Allied Telesis Labs (Ltd)
PO Box 8011
Christchurch, New Zealand
No part of this publication may be reproduced without prior written permission from Allied Telesis, Inc.
Allied Telesis™ and the Allied Telesis logo are trademarks of Allied Telesis, Incorporated.
Ethernet™ is a trademark of the Xerox Corporation.
Wi-Fi®, Wi-Fi Alliance®, WMM®, Wi-Fi Protected Access® (WPA), the Wi-Fi CERTIFIED logo, the Wi-Fi logo, the
Wi-Fi ZONE logo, and the Wi-Fi Protected Setup logo are registered trademarks of the Wi-Fi Alliance. Wi-Fi
CERTIFIED™, Wi-Fi Multimedia™, WPA2™ and the Wi-Fi Alliance logo are trademarks of the Wi-Fi Alliance.
Microsoft is a registered trademark of Microsoft Corporation.
All other product names, company names, logos or other designations mentioned herein are trademarks or registered
trademarks of their respective owners.
Allied Telesis, Inc. reserves the right to make changes in specifications and other information contained in this document
without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied
Telesis, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited
to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesis, Inc. has
been advised of, known, or should have known, the possibility of such damages.
Chapter 1: Getting Started ............................................................................................................................ 17
Features ........................................................................................................................................................... 18
Web Browser.............................................................................................................................................. 20
Vista Manager EX and AWC Plug-in.......................................................................................................... 20
SNMPv1 and v2c........................................................................................................................................ 21
Starting the First Management Session ........................................................................................................... 22
Starting the First Management Session with a Direct Connection ............................................................. 23
Starting the First Management Session without a DHCP Server ............................................................... 23
Starting a Management Session ...................................................................................................................... 25
Management Windows ..................................................................................................................................... 27
Main Menu.................................................................................................................................................. 27
What to Configure First..................................................................................................................................... 31
Enabling or Disabling the LEDs........................................................................................................................ 51
Enabling or Disabling the Reset Button............................................................................................................ 52
Chapter 3: Web Browser Interface ............................................................................................................... 55
Configuring the Web Browser Interface............................................................................................................ 56
Changing the Manager’s Login Name and Password ...................................................................................... 58
Setting the Language of the Web Browser Interface........................................................................................ 60
Chapter 4: 2.4GHz and 5GHz Radios ........................................................................................................... 61
Configuring the Radios ..................................................................................................................................... 62
Configuring Basic Radio Settings............................................................................................................... 62
Configuring Advanced Radio Settings........................................................................................................ 66
Displaying Radio Status ................................................................................................................................... 71
Dynamic Frequency Selection.......................................................................................................................... 73
Setting the Country Code Setting ..................................................................................................................... 74
Selecting the Location ...................................................................................................................................... 75
5
Contents
Guidelines to Changing the Location..........................................................................................................75
Changing the Location to Outdoor..............................................................................................................76
Changing the Location to Indoor.................................................................................................................76
Port Numbers..............................................................................................................................................85
Requiring Wireless Clients to Click the Agree Button to Access to the Network ........................................85
Delegating a Proxy Server to Interact with Wireless Clients....................................................................... 87
Delegating RADIUS Servers and a Proxy Server.......................................................................................88
Delegating RADIUS Servers to Authenticate Wireless Clients...................................................................90
Creating Pages in HTML for a Proxy Server ..............................................................................................91
Requirements for the click_through_login.html and click_through_login_fail.html ........................92
HTML Code and Display Examples of Login Page .......................................................................92
Creating Login Pages in HTML When External RADIUS is Selected.........................................................92
Requirements for the radius_login.html and radius_login_fail.html ...............................................93
HTML Code and Display Examples of Login Page .......................................................................93
No Security .................................................................................................................................................94
Chapter 6: Quality of Service ......................................................................................................................113
Introduction to Quality of Service ....................................................................................................................114
Configuring AP EDCA Parameters .................................................................................................................117
Configuring Station EDCA Parameters...........................................................................................................120
Chapter 7: LAN1 and LAN2 Ports ...............................................................................................................123
Configuring the Management VLAN ...............................................................................................................124
Enabling or Disabling the LAN2 Port ..............................................................................................................126
Configuring PoE Negotiation with Link Layer Discovery Protocol................................................................... 128
Displaying the Status of LAN1 and LAN2 Ports..............................................................................................130
Chapter 8: Wireless Distribution System Bridges ....................................................................................133
Introduction to Wireless Distribution Bridges ..................................................................................................134
WDS Bridge Elements ....................................................................................................................................137
Radio ........................................................................................................................................................137
Radio Channel ..........................................................................................................................................137
Parents and Children ................................................................................................................................137
Displaying the System Log150
Sending Log Messages to a Syslog Server152
Chapter 11: Maintenance 155
Downloading the Configuration of the Access Point to Your Computer156
Restoring a Configuration to the Access Point158
Restoring the Default Settings to the Access Point159
Uploading New Management Software to the Access Point160
Rebooting the Access Point162
Sending Technical Support Information to Allied Telesis163
AT-TQ5403 Access Point User’s Guide
7
Contents
8
List of Figures
Figure 1: Log On Window................................................................................................................................ 25
Figure 3: Main Menu Button ............................................................................................................................ 28
Figure 11: LED Window................................................................................................................................... 51
Figure 13: Web Window .................................................................................................................................. 56
Figure 14: User Window .................................................................................................................................. 58
Figure 15: Language Window.......................................................................................................................... 60
Figure 16: Basic Radio Settings Window on AT-TQ5403and AT-TQm5403................................................... 62
Figure 17: Basic Radio Settings Window on AT-TQ5403e.............................................................................. 63
Figure 18: Advanced Radio Settings Window ................................................................................................. 67
Figure 19: Radio Status Window ..................................................................................................................... 71
Figure 20: Virtual Access Point Tab ................................................................................................................ 79
Figure 41: Example of Radio and Channel Assignments in a WDS Bridge .................................................. 135
Figure 42: Example of an Access Point as Both Parent and Child................................................................ 136
Figure 43: System Window............................................................................................................................ 144
Figure 44: Neighbor AP Window ................................................................................................................... 147
Table 31. Log Window for Syslog Client ....................................................................................................... 152
11
List of Tables
12
Preface
This guide contains instructions on how to manage the features of the
TQ5403 series access points with the web browser management interface.
The access point models included in this guide are:
AT-TQ5403
AT-TQm5403
AT-TQ5403e
This preface contains the following sections:
“Safety Symbols Used in this Document” on page 14
“Contacting Allied Telesis” on page 15
13
Preface
Safety Symbols Used in this Document
This document uses the following conventions.
Note
Notes provide additional information.
Caution
Cautions inform you that performing or omitting a specific action
may result in equipment damage or loss of data.
Warning
Warnings inform you that performing or omitting a specific action
may result in bodily injury.
Warning
Laser warnings inform you that an eye or skin hazard exists due to
the presence of a Class 1 laser device.
14
Contacting Allied Telesis
If you need assistance with this product, you can contact Allied Telesis
technical support by going to the Support & Services section of the Allied
Telesis web site at www.alliedtelesis.com/support. You can find links for
the following services on the page:
24/7 Online Support - Enter our interactive support center to
search for answers to your questions in our knowledge database,
check support tickets, learn about Return Merchandise
Authorizations (RMAs), and contact Allied Telesis technical
experts.
USA and EMEA phone support - Select the phone number that
best fits your location and customer type.
Hardware warranty information - Learn about Allied Telesis
warranties and register your product online.
Replacement Services - Submit an RMA request via our interactive
support center.
TQ5403 Series Access Points User’s Guide
Documentation - View the most recent installation guides, user
guides, software release notes, white papers and data sheets for
your product.
Software Updates - Download the latest software releases for your
product.
For sales or corporate contact information, select your region and country
and then go to www.alliedtelesis.com/contact.
15
Preface
16
Chapter 1
Getting Started
Here are the sections in this chapter:
“Features” on page 18
“Management Tools” on page 20
“Starting the First Management Session” on page 22
“Starting a Management Session” on page 25
“Management Windows” on page 27
“Saving and Applying Your Changes” on page 29
“Ending Management Sessions” on page 30
“What to Configure First” on page 31
17
Chapter 1: Getting Started
Features
The TQ5403 series wireless access points have the following features:
One 2.4GHz radio
Two 5GHz radios
Eight virtual access points per radio
WPA Personal and WPA Enterprise with WPA, WPA2, TKIP, and
CCMP authentication and encryption
Static WEP encryption
MAC address filter for wireless clients
Multicast rate limiting
Band steering
Automatic channel selection
Adjustable transmission power
Fast roaming
Airtime fairness
Quality of Service
Wireless Distribution System (WDS) bridges
Channel blankets (AT-TQ5403 and AT-TQ5403e only)
DHCP client
RADIUS accounting with external RADIUS server
Network Time Protocol client
HTTP and HTTPS web browser management
SNMPv1 and v2c management
Event log
Syslog client
LAN1 port: 10/100/1000Base-T Ethernet port with Power over
Ethernet (PoE), Auto-Negotiation, and auto MDI/MDIX (ATTQ5403 and AT-TQm5403 only)
LAN2 port: 10/100/1000Base-T Ethernet port with Auto-
Negotiation and auto MDI/MDIX (AT-TQ5403 and AT-TQm5403
only)
18
LAN(PoE) port: 10/100/1000Base-T Ethernet port with IEEE
802.3at PoE+, Auto-Negotiation, and auto MDI/MDIX
(AT-TQ5403e only)
Static link aggregation for LAN1 and LAN2 ports (AT-TQ5403 and
AT-TQm5403 only)
TQ5403 Series Access Points User’s Guide
IEEE 802.3 (10Base-T), IEEE 802.3u (100Base-TX), and IEEE
802.3ab (1000Base-T) compliance on LAN1, LAN2, LAN(PoE)
ports.
Outdoor installation on a wall or pole (AT-TQ5403e only)
Table 1 lists the differences among the TQ5403 series access points.
Table 1. TQ5403 Series Access Points Differences
Access PointChannel Blankets
AT-TQ5403
Supported
1
Maximum Number of
Wireless Clients
200
AT-TQm5403Not supported127
AT-TQ5403e
1. Requires Vista Manager EX and Autonomous Wireless Controller (AWC) plugin.
Supported
1
200
19
Chapter 1: Getting Started
Management Tools
The access points support the following management tools.
Web BrowserThe access point has a web browser management interface for
configuring the device from your management workstations. The web
browser interface allows you to manage one unit at a time and supports
both non-secure HTTP and secure HTTPS management sessions. The
default is HTTP.
Note
The product has been tested with Microsoft Windows Internet
Explorer Version 9 or later and Microsoft Edge.
Vista Manager
EX and AWC
Plug-in
The access point is supported with Vista Manager and the Autonomous
Wave Control (AWC) plug-in. Configuring and monitoring large numbers
of devices is simplified with AWC because you can add multiple devices to
management groups and manage them as one unit. The application can
also monitor the operations of the access points and automatically adjust
operating properties to optimize the performance of your wireless network.
Note
The AT-TQ5403 access point requires Vista Manager 2.4 or later.
The AT-TQm5403 and AT-TQ5403e access points require Vista
Manager 2.5 or later.
Note
The channel blanket feature of the AT-TQ5403 and AT-TQ5403e
access points requires Vista Manager EX and the AWC plug-in.
You cannot configure the following access point settings with Vista
Manager EX and the AWC plug-in. These settings require the web
browser interface:
Hostname
20
DHCP client or static IP address
Domain Name Server name
Timezone
Daylight savings time
System date or time
HTTP and HTTPS modes
System name, location, and contact
TQ5403 Series Access Points User’s Guide
LLDP PoE negotiation
Enable or disable the Reset button
SNMPv1 and v2cYou can use SNMPv1 or SNMPv2 to view the parameter settings of the
devices. The MIB is available from the Allied Telesis web site. For
instructions on how to configure the unit for SNMP, refer to “Configuring
SNMPv1 and v2c” on page 45 and “Configuring SNMP Traps” on page 49.
Note
You cannot use SNMP to change the parameter settings on the
access points.
Note
The access points do not support SNMPv3 or the AT-UWC Wireless
LAN Controller.
21
Chapter 1: Getting Started
Starting the First Management Session
Note
If you are using the AT-TQ5403 or AT-TQm5403 access point, use
the LAN1 port. If you are using the AT-TQ5403e access point, use
the LAN(PoE) port.
After you install and power on the access point, it queries the subnet on
the LAN1 or LAN(PoE) port for a DHCP server. If a DHCP server
responds to its query, the unit uses the IP address the server assigns to it.
If there is no DHCP server, the access point uses the default IP address
192.168.1.230.
If your network has a DHCP server, use the IP address the server assigns
it to it to start the management session. For directions, refer to “Starting a
Management Session” on page 25
If your network does not have a DHCP server, you can start the first
management session by establishing a direct connection between your
computer and the unit by connecting an Ethernet cable to the Ethernet
port on the computer and the LAN1 or LAN(PoE) port on the access point.
This procedure requires changing the IP address on your computer to
make it a member of the same subnet as the default IP address on the
access point.
The first management session can also be performed while the device is
connected to your network. However, If your network does not have a
DHCP server, you still have to change the IP address of your computer to
match the subnet of the default address of the access point. Furthermore,
if your network is divided into virtual LANs (VLANs), you have to be sure to
connect the access point and your computer to ports on an Ethernet
switch that are members of the same VLAN.
The instructions for starting the first management session are found in the
following sections:
“Starting the First Management Session with a Direct Connection” on
page 23. This section is for the AT-TQ5403 and AT-TQm5403 models
only.
“Starting the First Management Session without a DHCP Server” on
page 23
22
Note
The first management session of the access point has to be
conducted through the LAN1 or LAN(PoE) port because the default
setting for the radios is off.
TQ5403 Series Access Points User’s Guide
Starting the First
Management
Session with a
Direct
Connection
To start the management session with a direct Ethernet connection
between your computer and the LAN1 port on the access point, perform
the following procedure:
Note
This section is for the AT-TQ5403 and AT-TQm5403 models only.
Note
If the access point is using PoE, you cannot perform this procedure
because it requires a direct connection between your computer and
the LAN1 port on the access point. If you have the optional power
supply, you can connect it to the unit until after you have completed
the first management session, or you can perform “Starting the First
Management Session without a DHCP Server” on page 23.
1. Connect one end of a network cable to the LAN1 port on the access
point and the other end to the Ethernet network port on your computer.
2. Change the IP address on your computer to 192.168.1.n, where n is a
number from 1 to 254, but not 230. Refer to the documentation that
accompanies your computer for instructions on how to set the IP
address.
Starting the First
Management
Session without a
DHCP Server
3. Set the subnet mask on your computer to 255.255.255.0.
4. Power on the access point.
5. Start the web browser on your computer.
6. Enter the IP address 192.168.1.230 in the URL field of the browser and
press the Enter key.
You should now see the login window, shown in Figure 1 on page 25.
7. Enter “manager” for the user name and “friend” for the password. The
user name and password are case-sensitive.
8. Click the Login button.
This procedure explains how to start the first management session on the
access point when the LAN port is connected to an Ethernet switch on a
network that does not have a DHCP server. To start the management
session, perform the following procedure:
1. To use the PoE feature on the access point, be sure to connect the
LAN1 or LAN(PoE) port to a PoE source device.
23
Chapter 1: Getting Started
2. If your network has VLANs, check to be sure that your computer and
the access point are connected to ports on the Ethernet switch that are
members of the same VLAN. This might require accessing the
management software on the switch and listing the VLANS and their
port assignments. For example, if the access point is connected to a
port that is a member of the Sales VLAN, your computer must be
connected to a port that is also a member of that VLAN. If your
network is small and does not have VLANs or routers, you can
connect your computer to any port on the Ethernet switch.
3. Change the IP address on your computer to 192.168.1.n, where n is a
number from 1 to 254, but not 230. Refer to the documentation that
accompanies your computer for instructions on how to set the IP
address.
4. Set the subnet mask on your computer to 255.255.255.0.
5. Power on the access point.
6. Start the web browser on your computer.
7. Enter the IP address 192.168.1.230 in the URL field of the browser
and press the Return key.
You should now see the logon window, shown in Figure 1 on page 25.
8. Enter “manager” for the user name and “friend” for the password. The
user name and password are case-sensitive.
9. Click the Login button.
24
Starting a Management Session
This section explains how to start a management session on the access
point from your management workstation, using a web browser. The
procedure assumes that the access point has already been assigned an IP
address, either manually or from a DHCP server.
Note
If the access point is using its default address 192.168.1.230, refer
to “Starting the First Management Session” on page 22 for
instructions.
To start a management session on the access point, perform the following
procedure:
1. Open the web browser on your management workstation.
TQ5403 Series Access Points User’s Guide
2. Enter the IP address of the access point in the URL field of the web
browser.
Note
Precede the IP address with HTTPS:// if the access point is already
configured for HTTPS management. The default is HTTP
management.
See the log on window shown in Figure 1 as an example.
Figure 1. Log On Window
25
Chapter 1: Getting Started
Note
If you use HTTPS management, your web browser might display a
warning message stating that the site certificate is invalid. If this
occurs, select an appropriate option to continue to the web site. To
avoid the message in future management sessions, make the web
site a trusted site in your web browser.
3. Enter the user name and password for the unit. The default values are
“manager” for the user name and “friend” for the password. The user
name and password are case-sensitive.
4. Click the Login button.
26
Management Windows
This section has a brief overview of the management windows and menus.
The main parts of the management windows are identified in Figure 2.
TQ5403 Series Access Points User’s Guide
Main
Menu
Navigator
Sub-menu
Content
Figure 2. Sample Management Window
Note
The AT-TQ5403e does not have LAN2 on the sub-menu.
Main MenuThe main menu is displayed on the left side of the windows and consists of
the following selections:
Monitoring
Settings
Maintenance
Account
Clicking a main menu option expands it to display the sub-items. The
Monitoring option is expanded by default at the start of management
sessions.
27
Chapter 1: Getting Started
NavigationThe Navigator shows the menu path of the current window.
If the main menu is not displayed, the window might be too small to display
the menu and content together. To display the main menu, you can either
enlarge the window or click the main menu button, shown in Figure 3.
Clicking the main menu button displays the menu over the content
window. The menu is hidden again after you make a menu selection.
Main Menu Button
Figure 3. Main Menu Button
Sub-menuSub-menus are located across the tops of many management windows.
ContentThis is the main body of the windows. It displays parameters for you to
configure or status or statistics information.
28
Saving and Applying Your Changes
You need to click the SAVE & APPLY button to save and activate your
changes when you are finished configuring the parameters in a
management window. The button is located in the bottom of the windows.
When you click the button, the access point immediately activates your
changes and saves them in its configuration file. If you change the
parameter settings in a window and navigate to a different window without
clicking the button, the access point discards your changes.
The access point displays the following messages when you click the
SAVE & APPLY button:
Please wait...
Waiting for changes to be applied...
Changes applied.
TQ5403 Series Access Points User’s Guide
29
Chapter 1: Getting Started
Ending Management Sessions
You should always log off when you are finished managing the unit. To log
off, select Account > Logout. Click OK at the confirmation prompt. For
added security, close your web browser.
30
Loading...
+ 134 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.