Allied Telesis AT-WA7400/EU User Manual

Download

Page 1

User’s Guide

Management Software

AT-WA7400/EU

613-000485 Rev. B

Page 2

Copyright © 2007 Allied Telesyn, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc. Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Netscape Navigator is a registered

trademark of Netscape Communications Corporation. All other product names, company names, logos or other designations mentioned herein are trademarks or registered trademarks of their respective owners.

Allied Telesyn, Inc. reserves the right to make changes in specifications and other information contained in this document without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied Telesyn, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesyn, Inc. has been advised of, known, or should have known, the possibility of such damages.

Page 3

Preface ................................................................................................................................................................................15

Where to Find Web-based Guides .......................................................................................................................................16

Contacting Allied Telesyn .....................................................................................................................................................17

Online Support ..............................................................................................................................................................17

Email and Telephone Support .......................................................................................................................................17

Returning Products........................................................................................................................................................17

Sales or Corporate Information .....................................................................................................................................17

Management Software Updates ....................................................................................................................................17

Chapter 1: Preparing to Set Up the AT-WA7400 Wireless Access Point ......................................................................19

Setting Up the Administrator’s Computer .............................................................................................................................20

Setting Up the Wireless Client Computers ...........................................................................................................................22

Understanding Dynamic and Static IP Addressing on the AT-WA7400 Management Software ..........................................23

Dynamic IP Addressing .................................................................................................................................................23

Static IP Addressing ......................................................................................................................................................23

Recovering an IP Address.............................................................................................................................................24

Chapter 2: Setting up the AT-WA7400 Management Software ......................................................................................25

Running KickStart to Find Access Points on the Network ....................................................................................................26

Installing KickStart on the Administrator’s PC ...............................................................................................................30

Logging in to the AT-WA7400 Management Software .........................................................................................................34

Navigating the Web Pages .......................................................................................................

Links ..............................................................................................................................................................................36

Menu .............................................................................................................................................................................36

Help ...............................................................................................................................................................................36

Configuring the Basic Settings and Starting the Wireless Network ......................................................................................37

Configuring the Basic Settings ......................................................................................................................................37

Default Configuration.....................................................................................................................................................40

Next Steps ............................................................................................................................................................................41

Make Sure the Access Point is Connected to the LAN .................................................................................................41

Test LAN Connectivity with Wireless Clients.................................................................................................................41

Secure and Fine-Tune the Access Point Using Advanced Features.............................................................................41

Logging in After the Initial Setup...........................................................................................................................................42

Chapter 3: Managing Access Points and Clusters .........................................................................................................43

Understanding Clustering .....................................................................................................................................................44

What is a Cluster? .........................................................................................................................................................44

How Many Access Points Can a Cluster Support? .......................................................................................................44

What Kinds of Access Points Can Cluster Together? ...................................................................................................44

What is the Relationship of the Master Access Point to Other Cluster Members?........................................................44

Which Settings are Shared as Part of the Cluster Configuration and Which Are Not? .................................................45

Settings Shared in the Cluster Configuration .........................................................................................................45

Settings Not Shared by the Cluster........................................................................................................................45

Cluster Mode .................................................................................................................................................................46

Standalone Mode ..........................................................................................................................................................46

Cluster Formation..........................................................................................................................................................47

Cluster Size and Membership .......................................................................................................................................47

Intra-Cluster Security.....................................................................................................................................................47

Auto-Synch of Cluster Configuration .............................................................................................................................47

Understanding and Changing Access Point Settings ...........................................................................................................48

Modifying the Location Description ...............................................................................................................................49

............................................36

Page 4

Contents

Removing an Access Point from the Cluster .................................................................................................................49

Adding an Access Point to a Cluster .............................................................................................................................50

Navigating to Configuration Information for a Specific Access Point and Managing Standalone Access Points .................52

Navigating to an Access Point by Using its IP Address in a URL..................................................................................52

Configuring MAC Address Filtering.......................................................................................................................................53

MAC Filtering of Rogue Access Points .................................................................................................................................55

Chapter 4: Managing User Accounts ...............................................................................................................................57

Adding a User .......................................................................................................................................................................58

Editing a User Account .........................................................................................................................................................60

Enabling a User Account ...............................................................................................................................................60

Disabling a User Account ..............................................................................................................................................61

Removing a User Account.............................................................................................................................................61

Backing Up and Restoring a User Database ........................................................................................................................62

Backing Up the User Database .....................................................................................................................................62

Restoring a User Database from a Backup File ............................................................................................................63

Chapter 5: Session Monitoring .........................................................................................................................................65

Viewing Sessions Information...............................................................................................................................................66

Viewing Specific Session Information............................................................................................................................67

Sorting Session Information ..........................................................................................................................................68

Chapter 6: Channel Management .....................................................................................................................................69

Understanding Channel Management ..................................................................................................................................70

How it Works in a Nutshell.............................................................................................................................................70

Overlapping Channels ...................................................................................................................................................70

Example: A Network Before and After Channel Management.......................................................................................71

Displaying the Channel Management Settings .....................................................................................................................72

Configuring the Channel Management Settings ...................................................................................................................73

Stopping or Starting Automatic Channel Assignment....................................................................................................73

Viewing Current Channel Assignments and Setting Locks..........................................................................

Updating the Current Channel Settings Manually..........................................................................................................74

Viewing the Last Proposed Set of Changes ..................................................................................................................74

Configuring Advanced Settings (Customizing and Scheduling Channel Plans) ............................................................75

..................73

Chapter 7: Wireless Neighborhoods ................................................................................................................................79

Understanding Wireless Neighborhood Information .............................................................................................................80

Displaying the Wireless Neighborhood Information ..............................................................................................................81

Viewing Details of a Cluster Member....................................................................................................................................84

Chapter 8: Configuring Ethernet (Wired) Settings ..........................................................................................................87

Setting the DNS Name..........................................................................................................................................................88

Enabling or Disabling Guest Access.....................................................................................................................................90

Configuring an Internal LAN and a Guest Network........................................................................................................90

Enabling or Disabling Guest Access..............................................................................................................................90

Enabling or Disabling Virtual Wireless Networks on the Access Point ..........................................................................90

Enabling or Disabling Spanning Tree ...................................................................................................................................92

Configuring the Internal Interface Ethernet Settings.............................................................................................................93

Configuring the Guest Interface Settings..............................................................................................................................96

Chapter 9: Configuring the Wireless Settings ................................................................................................................97

Configuring 802.11d Regulatory Domain Support ................................................................................................................98

Configuring the Radio Interface ..........................................................................................................................................100

Configuring Internal Wireless LAN Settings........................................................................................................................102

Configuring the Guest Network Wireless Settings..............................................................................................................103

Chapter 10: Configuring Security ...................................................................................................................................105

Understanding Security Issues on Wireless Networks ......................................................................................................106

How Do I Know Which Security Mode to Use?............................................................................................................106

Comparison of Security Modes for Key Management, Authentication and Encryption Algorithms .............................107

When to Use Plain Text........................................................................................................................................107

When to Use Static WEP .....................................................................................................................................107

When to Use IEEE 802.1x....................................................................................................................................108

Page 5

AT+WA7400 Management Software User’s Guide

When to Use WPA/WPA2 Personal (PSK) ..........................................................................................................110

When to Use WPA/WPA2 Enterprise (RADIUS)..................................................................................................111

Does Prohibiting the Broadcast SSID Enhance Security? ..........................................................................................113

How Does Station Isolation Protect the Network?.......................................................................................................113

Configuring Security Settings .............................................................................................................................................114

Broadcast SSID, Station Isolation, and Security Mode ...............................................................................................114

Plain Text ....................................................................................................................................................................115

Guest Network .....................................................................................................................................................116

Static WEP ..................................................................................................................................................................116

Rules to Remember for Static WEP.....................................................................................................................119

Example of Using Static WEP..............................................................................................................................119

Static WEP with Transfer Key Indexes on Client Stations ........................................................................... 120

IEEE 802.1x ................................................................................................................................................................121

WPA/WPA2 Personal (PSK) .......................................................................................................................................123

WPA/WPA2 Enterprise (RADIUS)...............................................................................................................................125

Configuring the IAPP Mapping Table .................................................................................................................................129

Configuring SNMP..............................................................................................................................................................131

Chapter 11: Setting Up Guest Access ...........................................................................................................................133

Understanding the Guest Interface .....................................................................................................................................134

Configuring the Guest Interface..........................................................................................................................................135

Configuring a Guest Network on a Virtual LAN ...........................................................................................................135

Configuring the Welcome Screen (Captive Portal)......................................................................................................136

Using the Guest Network as a Client..................................................................................................................................137

Chapter 12: VLANs ..........................................................................................................................................................139

Configuring VLANs .............................................................................................................................................................140

Configuring the Management VLAN ...................................................................................................................................143

Chapter 13: Configuring Radio Settings .......................................................................................................................145

Understanding Radio Settings............................................................................................................................................146

Configuring Radio Settings.................................................................................................................................................147

Configuring the Rate Sets ..................................................................................................................................................152

Chapter 14: Load Balancing ...........................................................................................................................................155

Understanding Load Balancing ..........................................................................................................................................156

Identifying the Imbalance: Overworked or Under-utilized Access Points ....................................................................156

Specifying Limits for Utilization and Client Associations .............................................................................................156

Load Balancing and QoS ............................................................................................................................................156

Configuring Load Balancing ...............................................................................................................................................157

Chapter 15: Configuring Quality of Service (QoS) .......................................................................................................161

Understanding QoS ............................................................................................................................................................162

QoS and Load Balancing ............................................................................................................................................162

802.11e and WMM Standards Support .......................................................................................................................162

QoS Queues and Parameters to Coordinate Traffic Flow ...........................................................................................162

QoS Queues and Type of Service (ToS) on Packets...........................................................................................163

EDCF Control of Data Frames and Arbitration Interframe Spaces ......................................................................164

Random Backoff and Minimum / Maximum Contention Windows........................................................................165

Packet Bursting for Better Performance...............................................................................................................166

Transmission Opportunity (TXOP) Interval for Client Stations .............................................................................166

Configuring QoS Queues .........................................................................................................

Configuring AP EDCA Parameters..............................................................................................................................168

Enabling/Disabling Wi-Fi Multimedia...........................................................................................................................170

Configuring Station EDCA Parameters .......................................................................................................................171

..........................................167

Chapter 16: Configuring the Wireless Distribution System (WDS) .............................................................................173

Understanding the Wireless Distribution System................................................................................................................174

Using WDS to Bridge Distant Wired LANs ..................................................................................................................174

Using WDS to Extend the Network Beyond the Wired Coverage Area.......................................................................174

Backup Links and Unwanted Loops in WDS Bridges..................................................................................................175

Security Considerations Related to WDS Bridges.......................................................................................................175

Page 6

Contents

WDS Guidelines ..........................................................................................................................................................176

Configuring WDS Settings ..................................................................................................................................................178

Example of Configuring a WDS Link ...........................................................................................................................181

Chapter 17: Maintenance and Monitoring .....................................................................................................................183

Monitoring Wired and Wireless LAN Settings.....................................................................................................................184

Viewing the Event Logs ......................................................................................................................................................186

Log Relay Host for Kernel Messages ..........................................................................................................................187

Setting Up the Log Relay Host .............................................................................................................................187

Enabling or Disabling the Log Relay Host ............................................................................................................188

Events Log...................................................................................................................................................................188

Viewing the Transmit/Receive Statistics.............................................................................................................................190

Viewing the Associated Wireless Clients............................................................................................................................192

Link Integrity Monitoring ..............................................................................................................................................192

What is the Difference Between an Association and a Session? ................................................................................192

Viewing the Status of Neighboring Access Points ..............................................................................................................193

Viewing System Information ...............................................................................................................................................197

Setting the Administrator Password....................................................................................................................................199

Enabling the Network Time Protocol (NTP) Server ............................................................................................................202

Setting the HTTP Timeout ..................................................................................................................................................204

Rebooting the Access Point................................................................................................................................................205

Resetting the Configuration to Factory Defaults .................................................................................................................206

Upgrading the Firmware .....................................................................................................................................................207

Verifying the Firmware Upgrade..................................................................................................................................208

SNMP Firmware Upgrade...................................................................................................................................................209

Chapter 18: Backing Up and Restoring a Configuration ..............................................................................................211

Backing up the Configuration Settings for an Access Point................................................................................................212

Restoring Access Point Settings to a Previous Configuration ............................................................................................213

Appendix A: Management Software Default Settings ..................................................................................................215

Appendix B: Configuring Security on Wireless Clients ...............................................................................................217

Network Infrastructure and Choosing Between the Built-in or External Authentication Server...........................................219

I Want to Use the Built-in Authentication Server (EAP-PEAP) ....................................................................................219

I Want to Use an External RADIUS Server with EAP-TLS Certificates or EAP-PEAP................................................21

Make Sure the Wireless Client Software is Up to Date.......................................................................................................220

Accessing the Microsoft Windows Wireless Client Security Settings .................................................................................221

Configuring a Client to Access an Unsecure Network (Plain Text mode)....................................................................223

Configuring Static WEP Security on a Client ...............................................................................................................224

Connecting to the Wireless Network with a Static WEP Client.............................................................................226

Configuring IEEE 802.1x Security on a Client .............................................................................................................227

IEEE 802.1x Client Using EAP/PEAP ..................................................................................................................227

IEEE 802.1x Client Using EAP/TLS Certificate ....................................................................................................231

Configuring WPA/WPA2 Enterprise (RADIUS) Security on a Client...................................................................................236

WPA/WPA2 Enterprise (RADIUS) Client Using EAP/PEAP........................................................................................236

WPA/WPA2 Enterprise (RADIUS) Client Using EAP-TLS Certificate .........................................................................241

Configuring WPA/WPA2 Personal (PSK) Security on a Client ...........................................................................................245

Configuring an External RADIUS Server to Recognize the AT-WA7400 Wireless Access Point .......................................248

Obtaining a TLS-EAP Certificate for a Client ......................................................................................................................253

Appendix C: Troubleshooting ........................................................................................................................................259

Wireless Distribution System (WDS) Problems and Solutions ...........................................................................................260

Cluster Recovery ................................................................................................................................................................261

Reboot or Reset the Access Point...............................................................................................................................261

Stop Clustering and Reset Each Access Point in the Cluster.....................................................................

.................261

Appendix D: Command Line Interface (CLI) for Access Point Configuration ............................................................265

Comparison of Settings Configurable with the CLI and Web UI .........................................................................................266

Accessing the CLI for an Access Point...............................................................................................................................269

Telnet Connection to the Access Point........................................................................................................................269

SSH Connection to the Access Point ..........................................................................................................................270

Page 7

AT+WA7400 Management Software User’s Guide

Quick View of Commands and How to Get Help ................................................................................................................272

Commands and Syntax ...............................................................................................................................................272

Getting Help on Commands at the CLI........................................................................................................................275

Command Usage and Configuration Examples..................................................................................................................278

Understanding Interfaces as Presented in the CLI......................................................................................................278

Saving Configuration Changes....................................................................................................................................281

Basic Settings..............................................................................................................................................................282

Get the IP Address for the Internal Interface on an Access Point ........................................................................283

Get the MAC Address for an Access Point ..........................................................................................................283

Get Both the IP Address and MAC Address ........................................................................................................283

Get Common Information on All Interfaces for an Access Point ..........................................................................284

Get the Firmware Version for the Access Point ...................................................................................................284

Get the Location of the Access Point ...................................................................................................................284

Set the Location for an Access Point ...................................................................................................................285

Get the Current Password....................................................................................................................................285

Set the Password .................................................................................................................................................285

Get the Wireless Network Name (SSID) ..............................................................................................................285

Set the Wireless Network Name (SSID)...............................................................................................................285

Access Point and Cluster Settings ..............................................................................................................................285

Determine if the Access Point is a Cluster Member or in Standalone Mode........................................................286

Get MAC Addresses for all Access Points in the Cluster.....................................................................................286

Configure the Access Point as a Member of a Cluster.........................................................................................286

Configure the Access Point as a Standalone Device ...........................................................................................287

User Accounts .............................................................................................................................................................287

Get All User Accounts ..........................................................................................................................................287

Add Users ............................................................................................................................................................288

Remove a User Account ......................................................................................................................................289

Displaying Status.........................................................................................................................................................289

Get Common Information on the Internal Interface for the Access Point.............................................................291

Get Current Settings for the Ethernet (Wired) Internal Interface..........................................................................291

Get All Wired Settings for the Wired Internal Interface ........................................................................

Get the MAC Address for the Wired Internal Interface................................................................................. 292

Get the Network Name (SSID) for the Wired Internal Interface ................................................................... 292

Get Current Settings for the Ethernet (Wired) Guest Interface ............................................................................292

Get Current Wireless (Radio) Settings.................................................................................................................293

Get the Current IEEE 802.11 Radio Mode................................................................................................... 293

Get the Channel the Access Point is Currently Using.................................................................................. 293

Get Basic Radio Settings for the Internal Interface ...................................................................................... 293

Get All Radio Settings on the Internal Interface ........................................................................................... 294

Get Status on Events ...........................................................................................................................................295

Enable Remote Logging and Specify the Log Relay Host for the Kernel Log......................................................295

Prerequisites for Remote Logging ............................................................................................................... 295

View Log Settings ........................................................................................................................................ 295

Enable / Disable Log Relay Host ................................................................................................................. 296

Specify the Relay Host................................................................................................................................. 296

Specify the Relay Port ................................................................................................................................. 297

Review Log Settings After Configuring Log Relay Host............................................................................... 297

Get Transmit / Receive Statistics .........................................................................................................................297

Get Client Associations ........................................................................................................................................299

Get Neighboring Access Points ...........................................................................................................................299

Ethernet (Wired) Interface ...........................................................................................................................................301

Get Summary View of Internal and Guest Interfaces ...........................................................................................302

Get the DNS Name ..............................................................................................................................................302

Set the DNS Name...............................................................................................................................................302

Get Wired Internal Interface Settings...................................................................................................................302

Get Wired Guest Interface Settings .....................................................................................................................302

Set DNS Nameservers to Use Static IP Addresses (Dynamic to Manual Mode) .................................................303

Set DNS Nameservers to Use DHCP IP Addressing (Manual to Dynamic Mode)...............................................303

Setting Up the Wireless Interface................................................................................................................................304

Setting Up Security......................................................................................................................................................304

........ 292

Page 8

Contents

Get the Current Security Mode.............................................................................................................................305

Get Detailed Description of Current Security Settings..........................................................................................305

Set the Broadcast SSID (Allow or Prohibit) ..........................................................................................................306

Enable/Disable Station Isolation...........................................................................................................................306

Set Security to Plain Text .....................................................................................................................................307

Set Security to Static WEP...................................................................................................................................307

Set the Security Mode.................................................................................................................................. 307

Set the Transfer Key Index .......................................................................................................................... 307

Set the Key Length....................................................................................................................................... 307

Set the Key Type.......................................................................................................................................... 308

Set the WEP Keys........................................................................................................................................ 308

Set the Authentication Algorithm.................................................................................................................. 309

Get Current Security Settings After Re-Configuring to Static WEP Security Mode...................................... 309

Set Security to IEEE 802.1x .................................................................................................................................312

Set the Security Mode.................................................................................................................................. 312

Set the Authentication Server ...................................................................................................................... 312

Set the RADIUS Key (For External RADIUS Server Only)........................................................................... 313

Enable RADIUS Accounting (External RADIUS Server Only)...................................................................... 313

Get Current Security Settings After Re-Configuring to IEEE 802.1x Security Mode.................................... 314

Set Security to WPA/WPA2 Personal (PSK)........................................................................................................315

Set Security to WPA/WPA2 Enterprise (RADIUS) ...............................................................................................318

Set the Security Mode.................................................................................................................................. 318

Set the WPA Versions.................................................................................................................................. 318

Enable Pre-Authentication ........................................................................................................................... 318

Set the Cipher Suites ................................................................................................................................... 319

Set the Authentication Server ...................................................................................................................... 320

Set the RADIUS Key (For External RADIUS Server Only)........................................................................... 320

Enable RADIUS Accounting (External RADIUS Server Only)...................................................................... 32

Allow Non-WPA Clients................................................................................................................................ 321

Get Current Security Settings After Reconfiguring to WPA/WPA2 Enterprise (RADIUS)............................ 321

Enabling and Configuring the Guest Login Welcome Page.........................................................................................323

View Guest Login Settings ...................................................................................................................................323

Enable/Disable the Guest Welcome Page ...........................................................................................................324

Set Guest Welcome Page Text ............................................................................................................................324

Review Guest Login Settings ...............................................................................................................................324

Configuring Multiple BSSIDs on Virtual Wireless Networks ........................................................................................325

Configuring Virtual Wireless Network “One” on Radio One..................................................................................325

Configure These Settings from the Web UI First.......................................................................................... 325

Use the CLI to Configure Security on the Interface...................................................................................... 325

Use the CLI to set the Network Name (SSID) for the New Virtual Wireless Network .................................. 326

Creating VWN “Two” on Radio One with WPA security .......................................................................................326

Radio Settings .............................................................................................................................................................326

Get IEEE 802.11 Radio Mode ..............................................................................................................................326

Get Radio Channel ...............................................................................................................................................327

Get Basic Radio Settings .....................................................................................................................................327

Get All Radio Settings ..........................................................................................................................................327

Get Supported Rate Set .......................................................................................................................................328

Get Basic Rate Set...............................................................................................................................................329

Configure Radio Settings .....................................................................................................................................329

Turn the Radio On or Off.............................................................................................................................. 329

Set the Radio Mode ..................................................................................................................................... 329

Enable or Disable Super AG ........................................................................................................................ 330

Set the Radio Channel ..........................................................................................................

Set the Beacon Interval................................................................................................................................ 330

Set the DTIM Period..................................................................................................................................... 330

Set the Fragmentation Threshold................................................................................................................. 331

Set the RTS Threshold................................................................................................................................. 331

Configure Basic and Supported Rate Sets .................................................................................................. 331

MAC Filtering...............................................................................................................................................................333

Specify an Accept or Deny List ............................................................................................................................333

....................... 330

Page 9

AT+WA7400 Management Software User’s Guide

Add MAC Addresses of Client Stations to the Filtering List .................................................................................334

Remove a Client Station’s MAC Address from the Filtering List ..........................................................................334

Getting Current MAC Filtering Settings................................................................................................................335

Get the Type of MAC Filtering List Currently Set (Accept or Deny) ............................................................. 335

Get MAC Filtering List.................................................................................................................................. 335

Load Balancing............................................................................................................................................................335

Quality of Service ........................................................................................................................................................336

Enable/Disable Wi-Fi Multimedia .........................................................................................................................338

About Access Point and Station EDCA Parameters ............................................................................................338

Understanding the Queues for Access Point and Station ....................................................................................339

Distinguishing between Access Point and Station Settings in QoS Commands ..................................................339

Get QoS Settings on the Access Point ................................................................................................................339

Get QoS Settings on the Client Station................................................................................................................340

Set Arbitration Interframe Spaces (aifs) ...............................................................................................................340

Set AIFs on the Access Point ...................................................................................................................... 340

Set AIFs on the Client Station...................................................................................................................... 341

Set Minimum and Maximum Contention Windows (cwmin, cwmax)....................................................................341

Set cwmin and cwmax on the Access Point ................................................................................................ 342

Set cwmin and cwmax on the Station .......................................................................................................... 342

Set the Maximum Burst Length (burst) on the Access Point................................................................................343

Set Transmission Opportunity Limit (txop-limit) for WMM client stations .............................................................344

Wireless Distribution System.......................................................................................................................................344

Configure a WDS Link..........................................................................................................................................345

Enable the WDS interface (wlan0wds0) on the current access point: ......................................................... 345

Provide the MAC address of the remote access point to which you want to link: ........................................ 345

Get Details on a WDS Configuration....................................................................................................................345

Time Protocol ..............................................................................................................................................................347

Rebooting the Access Point ........................................................................................................................................348

Resetting the Access Point to the Factory Defaults ....................................................................................................348

Keyboard Shortcuts and Tab Completion Help ..................................................................................................................349

Keyboard Shortcuts.....................................................................................................................................................349

Tab Completion and Help............................................................................................................................................350

CLI Classes and Fields Reference .....................................................................................................................................354

Appendix E: Radio Bands ...............................................................................................................................................357

Index .................................................................................................................................................................................359

Page 10

Contents

Page 11

Figures

Figure 1. AT-WA7400 CD Main Page..................................................................................................................................27

Figure 2. KickStart Page......................................................................................................................................................27

Figure 3. KickStart Welcome Dialog Box.............................................................................................................................28

Figure 4. KickStart Search Results Dialog Box ...................................................................................................................28

Figure 5. Administration Dialog Box ....................................................................................................................................29

Figure 6. KickStart Setup Wizard Dialog Box ......................................................................................................................30

Figure 7. Select Installation Folder Dialog Box....................................................................................................................31

Figure 8. KickStart Setup Disk Space Dialog Box ...............................................................................................................31

Figure 9. KickStart Installation Confirmation Dialog Box .....................................................................................................32

Figure 10. Installing KickStart Dialog Box............................................................................................................................32

Figure 11. KickStart Installation Complete Dialog Box ........................................................................................................33

Figure 12. Login Dialog Box ................................................................................................................................................34

Figure 13. Basic Settings Page ...........................................................................................................................................35

Figure 14. Navigational Aids................................................................................................................................................36

Figure 15. Summary of Settings Page.................................................................................................................................40

Figure 16. Default Web Page ..............................................................................................................................................42

Figure 17. Access Points Page ...........................................................................................................................................48

Figure 18. Settings of Access Point that Joined the Cluster................................................................................................50

Figure 19. MAC Filtering Page ............................................................................................................................................53

Figure 20. Configure Rogue MAC Filtering of Access Point Page ......................................................................................55

Figure 21. User Management Page.....................................................................................................................................58

Figure 22. User Accounts Section .......................................................................................................................................60

Figure 23. Backup or Restore User Database Page ...........................................................................................................62

Figure 24. Sessions Page ...................................................................................................................................................66

Figure 25. Without Automatic Channel Management: Access Points Can Broadcast on Overlapping Channels ............... 71

Figure 26. With Channel Management Enabled: Access Points are Re-Assigned to Non-Interfering Channels ................71

Figure 27. Channel Management Page...............................................................................................................................72

Figure 28. Wireless Neighborhood Page.............................................................................................................................81

Figure 29. Neighbor Details Information ..............................................................................................................................84

Figure 30. Ethernet (Wired) Settings Page..........................................................................................................................88

Figure 31. Wireless Settings Page .............................................................................................

Figure 32. Security Page ...................................................................................................................................................114

Figure 33. Static WEP Security Mode Settings .................................................................................................................117

Figure 34. Setting the AP Transfer Key on the Access Point............................................................................................119

Figure 35. Providing a Wireless Client with a WEP Key....................................................................................................120

Figure 36. Example of Using Multiple WEP Keys and Transfer Key Index on Client Stations ..........................................121

Figure 37. IEEE 802.1x Security Mode Settings................................................................................................................122

Figure 38. WPA/WPA2 Personal (PSK) Security Mode Settings ......................................................................................124

Figure 39. WPA/WPA2 Enterprise (RADIUS) Security Mode Settings..............................................................................126

Figure 40. IAPP Map Table ...............................................................................................................................................129

Figure 41. SNMP Configuration Page ...............................................................................................................................131

Figure 42. Guest Login Configuration Page ......................................................................................................................136

Figure 43. Virtual Wireless Networks Page .......................................................................................................................140

Figure 44. VLAN Management Page.................................................................................................................................143

Figure 45. Radio One Page...............................................................................................................................................147

Figure 46. Radio One Rate Sets .......................................................................................................................................152

Figure 47. Radio Two Rate Sets........................................................................................................................................152

Figure 48. Load Balancing Page .......................................................................................................................................158

Figure 49. Quality of Service Page....................................................................................................................................168

Figure 50. Example Wireless Network...............................................................................................................................174

.........................................98

Page 12

Figures

Figure 51. WDS Bridge......................................................................................................................................................175

Figure 52. Wireless Distribution System Page...................................................................................................................179

Figure 53. Interfaces Page ................................................................................................................................................184

Figure 54. Events Page .....................................................................................................................................................186

Figure 55. Transmit/Receive Statistics Page.....................................................................................................................190

Figure 56. Client Associations Page..................................................................................................................................192

Figure 57. Neighboring Access Points Page .....................................................................................................................193

Figure 58. System Information Page .................................................................................................................................197

Figure 59. Basic Settings Page..........................................................................................................................................200

Figure 60. Time Protocol Page ..........................................................................................................................................202

Figure 61. HTTP TImeout ..................................................................................................................................................204

Figure 62. Reboot Page.....................................................................................................................................................205

Figure 63. Reset Configuration Page.................................................................................................................................206

Figure 64. Upgrade Firmware Page...................................................................................................................................208

Figure 65. Configure SNMP Firmware Upgrade Page.......................................................................................................209

Figure 66. Backup/Restore Page.......................................................................................................................................212

Figure 67. Wireless Network Connections Properties Dialog Box .....................................................................................222

Figure 68. Wireless Network Properties Dialog Box ..........................................................................................................223

Figure 69. Wireless Network Properties Dialog Box ..........................................................................................................224

Figure 70. Security Settings Page .....................................................................................................................................225

Figure 71. Wireless Network Properties Dialog Box ..........................................................................................................226

Figure 72. Security Settings Page .....................................................................................................................................228

Figure 73. Association and Authentication Tabs................................................................................................................228

Figure 74. Protected EAP Properties Dialog Box and EAP Properties Dialog Box ...........................................................230

Figure 75. Security Settings Page .....................................................................................................................................232

Figure 76. Association and Authentication Tabs................................................................................................................233

Figure 77. Smart Card or other Certificate Properties Dialog Box.....................................................................................234

Figure 78. Security Settings Page .....................................................................................................................................237

Figure 79. User Management Accounts Page...................................................................................................................238

Figure 80. Wireless Network Properties Dialog Box ..........................................................................................................239

Figure 81. Protected AP Properties Dialog Box.................................................................................................................240

Figure 82. Security Settings Page .....................................................................................................................................242

Figure 83. Association and Authentication Tabs................................................................................................................243

Figure 84. Smart Card or other Certificate Properties Dialog Box.....................................................................................244

Figure 85. Security Settings Page .....................................................................................................................................245

Figure 86. Association Tab ................................................................................................................................................246

Figure 87. Security Settings Page .....................................................................................................................................249

Figure 88. Internet Authentication Service Window ...........................................................................................................250

Figure 89. New RADIUS Client Dialog Box, Name and Address Dialog Box ....................................................................251

Figure 90. New RADIUS Client Wizard Additional Information Dialog Box .......................................................................251

Figure 91. Internet Authentication Service Window Showing Access Point ......................................................................252

Figure 92. Security Alert Window.......................................................................................................................................254

Figure 93. Certificate Server Welcome Page.....................................................................................................................254

Figure 94. RADIUS Server Login Window .........................................................................................................................255

Figure 95. Request a Certificate Page...............................................................................................................................255

Figure 96. Security Warning Dialog Box............................................................................................................................256

Figure 97. User Certificate Dialog Box...............................................................................................................................256

Figure 98. Potential Scripting Violation Dialog Box............................................................................................................256

Figure 99. Certificate Issued Dialog Box............................................................................................................................257

Figure 100. Potential Scripting Error Dialog Box ...............................................................................................................257

Figure 101. Root Certificate Store Dialog Box...................................................................................................................257

Figure 102. Certificate Installed Confirmation Window......................................................................................................258

Figure 103. Stop Clustering Page......................................................................................................................................262

Figure 104. Reset Configuration Page...............................................................................................................................263

Figure 105. Cluster Management Page .............................................................................................................................263

Figure 106. PuTTY Configuration Dialog Box....................................................................................................................271

Figure 107. CLI Class Relationships..................................................................................................................................355

Page 13

Tables

Table 1. Static WEP Configuration ...................................................................................................................................108

Table 2. IEEE 802.1x Configuration .................................................................................................................................109

Table 3. WPA/WPA2 Configuration ..................................................................................................................................110

Table 4. RADIUS Security ................................................................................................................................................111

Table 5. Worldwide Frequencies for 802.11g and 802.11b Radios ..................................................................................148

Table 6. Management Software Default Settings .............................................................................................................215

Table 7. Comparison of CLI to Web Browser Interface Settings ......................................................................................266

Table 8. Commands and Syntax ......................................................................................................................................273

Table 9. Interfaces in the CLI ...........................................................................................................................................279

Table 10. Basic Settings Commands ................................................................................................................................282

Table 11. Cluster Functions and Commands ...................................................................................................................286

Table 12. User Account Commands .................................................................................................................................287

Table 13. Status Commands ............................................................................................................................................290

Table 14. Wired Interface Commands ..............................................................................................................................301

Table 15. Security Commands .........................................................................................................................................304

Table 16. WEP Key Length Commands ...........................................................................................................................308

Table 17. Key Type Commands .......................................................................................................................................308

Table 18. Authentication Algorithm Commands ...............................................................................................................309

Table 19. Authentication Server Commands ....................................................................................................................312

Table 20. RADIUS Accounting Commands ......................................................................................................................313

Table 21. WPA Version ....................................................................................................................................................315

Table 22. Cipher Commands ............................................................................................................................................316

Table 23. WPA Version Command ...................................................................................................................................318

Table 24. Preauthentication Commands ..........................................................................................................................319

Table 25. Cipher Commands ............................................................................................................................................319

Table 26. Authentication Server Commands ....................................................................................................................320

Table 27. RADIUS Accounting Commands ......................................................................................................................321

Table 28. WPA Client Commands ....................................................................................................................................321

Table 29. Guest Login and Welcome Page Commands ...................................................................................................323

Table 30. Radio Settings Commands ...............................................................................................................................326

Table 31. Radio Operation Commands ............................................................................................................................329

Table 32. Radio Mode Commands ...................................................................................................................................330

Table 33. Rate Set Commands ........................................................................................................................................331

Table 34. Accept and Deny List Commands ....................................................................................................................334

Table 35. QoS Commands ...............................................................................................................................................337

Table 36. Queue Commands ...........................................................................................................................................339

Table 37. WDS Commands ..............................................................................................................................................345

Table 38. Keyboard Shortcuts .................................................................................................

.........................................349

Page 14

Tables

Page 15

Preface

This guide contains instructions on how to configure and maintain an AT-WA7400 Wireless Access Point using its management software and contains the following sections:

 “Where to Find Web-based Guides” on page 16

 “Contacting Allied Telesyn” on page 17

Page 16

Preface

Where to Find Web-based Guides

The installation and user guides for all Allied Telesyn products are available in portable document format (PDF) on our web site at www.alliedtelesyn.com. You can view the documents online or download them onto a local workstation or server.

Page 17

AT-WA7400 Management Software User’s Guide

Contacting Allied Telesyn

This section provides Allied Telesyn contact information for technical support as well as sales and corporate information.

Online Support You can request technical support online by accessing the Allied Telesyn

Knowledge Base: http://kb.alliedtelesyn.com. You can use the Knowledge Base to submit questions to our technical support staff and review answers to previously asked questions.

Email and Telephone

Support

Returning

Products

Sales or

Corporate

Information

Management

Software Updates

For Technical Support via email or telephone, refer to the Support & Services section of the Allied Telesyn web site: www.alliedtelesyn.com.

Products for return or repair must first be assigned a return materials authorization (RMA) number. A product sent to Allied Telesyn without an RMA number will be returned to the sender at the sender’s expense.

To obtain an RMA number, contact Allied Telesyn Technical Support through our web site: www.alliedtelesyn.com.

You can contact Allied Telesyn for sales or corporate information through our web site: www.alliedtelesyn.com. To find the contact information for your country, select Contact Us -> Worldwide Contacts.

New releases of management software for our managed products are available from either of the following Internet sites:

 Allied Telesyn web site: www.alliedtelesyn.com

 Allied Telesyn FTP server: ftp://ftp.alliedtelesyn.com

If you prefer to download new software from the Allied Telesyn FTP server from your workstation’s command prompt, you will need FTP client software and you must log in to the server. Enter “anonymous” for the user name and your email address for the password.

Page 18

Preface

Page 19

Chapter 1 Preparing to Set Up the AT-WA7400 Wireless Access Point

Before you plug in and boot a new AT-WA7400 Wireless Access Point, review the following sections for a quick check of required hardware components, software, client configurations, and compatibility issues. Make sure you have everything you need ready to go for a successful launch and test of your new (or extended) wireless network.

This chapter contains the following sections:

 “Setting Up the Administrator’s Computer” on page 20

 “Setting Up the Wireless Client Computers” on page 22

 “Understanding Dynamic and Static IP Addressing on the AT-WA7400

Management Software” on page 23

Page 20

Chapter 1: Preparing to Set Up the AT-WA7400 Wireless Access Point

Setting Up the Administrator’s Computer

You configure and administer the AT-WA7400 Wireless Access Point with the KickStart utility (which you run from the CD), through a web-based user interface (UI), or through the command line interface. In order to successfully start the management software, the administrator’s computer must be set up with the following hardware and software components:

 Ethernet connection

The computer used to configure the first AT-WA7400 Wireless Access Point with KickStart must be connected to the access point, either directly or through a hub, by an Ethernet cable.

 Wireless Connection to the Network

After you initially configure and launch the first AT-WA7400 Wireless Access Point, you can make further configuration changes through the management software using a wireless connection to the “internal” network. This configuration includes:

• Portable or built-in Wi-Fi client adapter that supports one or more of the IEEE 802.11 modes in which you plan to run the access point. (IEEE 802.11a, 802.11b, 802.11g, and 802.11a Turbo modes are supported.)

• Wireless client software such as Microsoft Windows XP or Funk Odyssey wireless client configured to associate with the AT-WA7400 Management Software.

For more details about the Wi-Fi client setup, see “Setting Up the Wireless Client Computers” on page 22.

 Web browser/operating system

Configuration and administration of the AT-WA7400 Wireless Access Point is provided through a web-based user interface hosted on the access point. Allied Telesyn recommends using one of the following supported web browsers to access the AT-WA7400 management software:

• Microsoft Internet Explorer version 5.5 or greater (with up-to-date patch level for either major version) on Microsoft Windows XP or Microsoft Windows 2000

• Netscape Mozilla 1.7.x on Redhat Linux version 2.4

The administration web browser must have JavaScript enabled to support the interactive features of the administration interface. It must also support HTTP uploads to use the firmware upgrade feature.

 AT-WA7400 Software and Documentation CD

This CD contains the KickStart utility and the software documentation. You can run the KickStart utility on any Windows laptop or computer

Page 21

AT-WA7400 Management Software User’s Guide

that is connected to the access point (via wired or wireless connection). It detects AT-WA7400 Wireless Access Points on the network. The wizard steps you through initial configuration of new access points, and provides a link to the AT-WA7400 management software where you finish the basic setup process in a step-by-step mode and launch the network.

You can also download KickStart onto the administrator’s computer which makes it unnecessary to have the CD.

For more about using KickStart, see “Running KickStart to Find Access Points on the Network” on page 26.

 CD-ROM Drive

The administrator’s computer must have a CD-ROM drive to run the KickStart application on the AT-WA7400 Wireless Access Point CD or to download it to their computer.

 Security Settings

Ensure that security is disabled on the wireless client used to initially configure the access point.

Page 22

Chapter 1: Preparing to Set Up the AT-WA7400 Wireless Access Point

Setting Up the Wireless Client Computers

The AT-WA7400 Wireless Access Point provides wireless access to any client with a properly configured Wi-Fi client adapter for the 802.11 mode in which the access point is running.

Multiple client operating systems are supported. Clients can be laptops or desktops, personal digital assistants (PDAs), or any other hand-held, portable or stationary device equipped with a Wi-Fi adapter and supporting drivers.

In order to connect to the access point, wireless clients need the following software and hardware:

 Wi-Fi Client Adapter

Portable or built-in Wi-Fi client adapter that supports one or more of the IEEE 802.11 modes in which you plan to run the access point. (IEEE 802.11a, 802.11b, 802.11g, and 802.11a Turbo modes are supported.)

Wi-Fi client adapters vary considerably. The adapter can be a PC card built in to the client device, a portable PCMCIA or PCI card (types of

NICs), or an external device such as a USB or Ethernet adapter that

you connect to the client by means of a cable.

The AT-WA7400 Wireless Access Point supports 802.11a/g modes. The fundamental requirement for clients is that they all have configured adapters that match the 802.11 a/g mode.

 Wireless Client Software

Client software such as Microsoft Windows Supplicant or Funk Odyssey wireless client configured to associate with the AT-WA7400 Management Software.

 Client Security Settings

Security should be disabled on the client used to do initial configuration of the access point.

If the Security mode on the access point is set to anything other than plain text, wireless clients will need to set a profile to the authentication mode used by the access point and provide a valid username and password, certificate, or similar user identity proof. Security modes are Static WEP, IEEE 802.1x, WPA with RADIUS server, and WPA-PSK.

For information on configuring security on the access point, see Chapter 10, “Configuring Security” on page 105.

Page 23

AT-WA7400 Management Software User’s Guide

Understanding Dynamic and Static IP Addressing on the AT-WA7400 Management Software

Very little setup is required for the first access point and no configuration required for additional access points subsequently joining a pre-configured cluster.

When you run KickStart, it discovers the AT-WA7400 Wireless Access Points on the network and lists their IP addresses and MAC addresses. KickStart also provides a link to the administration web pages of each access point using the IP address in the URL. (For more information about the KickStart utility, see “Running KickStart to Find Access Points on the Network” on page 26.)

Dynamic IP

Addressing

Static IP

Addressing

The AT-WA7400 Wireless Access Point generally expects that a DHCP server is running on the network where the access point is deployed. Most home and small business networks already have DHCP service provided either via a gateway device or a centralized server. However, if no DHCP server is present on the internal network, the access point will use the default static IP address in the Static IP address field for first time startup.

Similarly, wireless clients and other network devices (such as printers) will receive their IP addresses from the DHCP server, if there is one. If no DHCP server is present on the network, you must manually assign static IP addresses to your wireless clients and other network devices.

The AT-WA7400 Wireless Access Point is shipped with a default static IP

address of 192.168.1.230. (See Appendix A, “Management Software

Default Settings” on page 215.) If no DHCP server is found on the network, the access point retains this static IP address at first-time startup.

After the access point starts up, you have the option of specifying a static IP addressing policy on AT-WA7400 Wireless Access Point and assigning static IP addresses to access points on the internal network using the management software. (See information about the Connection Type field and related fields in “Enabling or Disabling Guest Access” on page 90.)

Caution

If you do not have a DHCP server on the internal network and do not plan to use one, the first thing you must do after bringing up the access point is to verify that the Connection Type is Static IP. You can either assign a new Static IP address to the access point or continue using the default address. Allied Telesyn recommends assigning a new Static IP address so that if later you bring up another AT-WA7400 Wireless Access Point on the same network, the IP address for each access point will be unique.

Page 24

Chapter 1: Preparing to Set Up the AT-WA7400 Wireless Access Point

Recovering an IP

Address

If you experience trouble communicating with the access point, you can recover a static IP address by resetting the access point configuration to the factory defaults (see “Resetting the Configuration to Factory Defaults” on page 206), or you can get a dynamically assigned address by connecting the access point to a network that has DHCP.

Page 25

Chapter 2 Setting up the AT-WA7400 Management Software

Setting up and deploying one or more AT-WA7400 Wireless Access Points is in effect creating and launching a wireless network. The KickStart utility and corresponding AT-WA7400 Management Software Basic Settings web page simplify this process. This chapter contains procedures for setting up your AT-WA7400 Wireless Access Points and the resulting wireless network. Have the AT-WA7400 Wireless Access Point CD handy, and familiarize yourself with the default settings described in Appendix A, “Management Software Default Settings” on page 215.

This chapter includes the following procedures:

 “Running KickStart to Find Access Points on the Network” on page 26

 “Logging in to the AT-WA7400 Management Software” on page 34

 “Navigating the Web Pages” on page 36

 “Configuring the Basic Settings and Starting the Wireless Network” on

page 37

 “Next Steps” on page 41

 “Logging in After the Initial Setup” on page 42

Section I: Basic Features 25

Page 26

Chapter 2: Setting up the AT-WA7400 Management Software

Running KickStart to Find Access Points on the Network

KickStart is an easy-to-use utility for discovering and identifying new AT-WA7400 Wireless Access Points. KickStart scans the network looking for access points, displays ID details on those it finds, and provides access to the AT-WA7400 Management Software.

Note

KickStart (and the other AT-WA7400 tools) recognizes and configures only AT-WA7400 Wireless Access Points. KickStart will not find or configure non-AT-WA7400 Wireless Access Points and will not find any other devices.

Note

Run KickStart only in the subnet of the internal network (SSID).

Note

KickStart finds only those access points that have IP addresses. IP addresses are dynamically assigned to access points if you have a

DHCP server running on the network. If you deploy the access point

on a network with no DHCP server, the default static IP address (192.168.1.230) is used.

Caution

Use caution with non-DHCP enabled networks: Do not deploy more than one new access point on a non-DHCP network because they will use the same default static IP addresses and conflict with each other. (For more information, see “Understanding Dynamic and Static IP Addressing on the AT-WA7400 Management Software” on page 23.)

To start the discovery process, perform the following procedure:

1. Do one of the following to create an Ethernet connection between the access point and your computer:

 Connect one end of an Ethernet cable to the LAN port on the

access point and the other end to the same hub where your PC is connected.

 Connect one end of an Ethernet cable to the LAN port on the

access point and the other end of the cable to the Ethernet port on your PC.

Page 27

AT-WA7400 Management Software User’s Guide

2. Insert the AT-WA7400 Wireless Access Point CD into the CD-ROM drive on your computer.

The CD’s main page is shown in Figure 1.

Figure 1. AT-WA7400 CD Main Page

3. Click KickStart Utility.

The KickStart page, as shown in Figure 3, provides two options: Open KickStart and Install KickStart.

Figure 2. KickStart Page

Page 28

Chapter 2: Setting up the AT-WA7400 Management Software

For information about installing KickStart, refer to “Installing KickStart on the Administrator’s PC” on page 30. Otherwise, continue with this procedure.

4. Click Open KickStart.

The KickStart Welcome dialog box is displayed, as shown in Figure 3.

Figure 3. KickStart Welcome Dialog Box

5. Click Next to search for access points.

Wait for the search to complete, or until KickStart has found your new access points, as shown in Figure 4.

Figure 4. KickStart Search Results Dialog Box

Page 29

AT-WA7400 Management Software User’s Guide

Note

The KickStart utility only finds other AT-WA7400 Wireless Access Points.

If KickStart does not find the AT-WA7400 Wireless Access Point you just installed, an informational window is displayed with troubleshooting information about your LAN and power connections.

6. Review the list of access points that KickStart found, as shown in the example in Figure 4 on page 28..

The access points are listed with their locations, media access control (MAC) addresses, and IP addresses. If you are installing the first access point on a single-access-point network, only one entry is displayed on this page.

7. Verify the MAC addresses against the hardware labels for each access point. This will be especially helpful later in providing or modifying the descriptive Location name for each access point.

8. Click Next.

The Administration dialog box opens, as shown in Figure 5.

Figure 5. Administration Dialog Box

Note

KickStart provides a link to the AT-WA7400 management software web pages via the IP address of the first access point of each model. (For more information about model types and clustering see “What Kinds of Access Points Can Cluster Together?” on page 44.)

Page 30

Chapter 2: Setting up the AT-WA7400 Management Software

The AT-WA7400 management software is a centralized management tool that you can access through the IP address for any access point in a cluster.

After your other access points are configured, you can also link to the AT-WA7400 management software web pages using the IP address for any of the other AT-WA7400 Wireless Access Points, for example

http://

IPAddressOfAccessPoint

Installing

KickStart on the

Administrator’s

To install the KickStart utility on the administrator’s PC, perform the following procedure:

1. Insert the AT-WA7400 Wireless Access Point CD into the CD-ROM drive on your computer.

The CD’s main page is shown in Figure 1 on page 27. Click KickStart Utility.

The KickStart page, as shown in Figure 2 on page 27, provides two options: Open KickStart and Install KickStart.

The Open KickStart option is described in “Running KickStart to Find Access Points on the Network” on page 26.

2. Click Install KickStart.

The KickStart Setup Wizard dialog box is shown in Figure 6.

Figure 6. KickStart Setup Wizard Dialog Box

3. Click Next.

Page 31

AT-WA7400 Management Software User’s Guide

The Select Installation Folder dialog box is shown in Figure 7.

Figure 7. Select Installation Folder Dialog Box

4. Do one of the following:

 To see how much disk space the files require, click Disk Cost.

The KickStart Setup Disk Space window is shown in Figure 8.

Figure 8. KickStart Setup Disk Space Dialog Box

Select the drive where you want to install KickStart, and then click OK.

 Click Browse to select a specific location for the KickStart utility.

The Browse for Folder window shows the default folder where the utility will be installed unless you select a different location. If this selection is OK, click OK. Otherwise, select a different folder and click OK.

5. Click Next.

Page 32

Chapter 2: Setting up the AT-WA7400 Management Software

The KickStart Setup confirmation dialog box is shown in Figure 9.

Figure 9. KickStart Installation Confirmation Dialog Box

6. Click Next to start the installation.

The Installing KickStart dialog box is shown in Figure 10.

Figure 10. Installing KickStart Dialog Box

Page 33

AT-WA7400 Management Software User’s Guide

When the installation is complete, the Installation Complete dialog box is displayed, as shown in Figure 11.

Figure 11. KickStart Installation Complete Dialog Box

7. Click Close.

You can now run KickStart from the Programs folder under Allied Te le sy n.

Page 34

Chapter 2: Setting up the AT-WA7400 Management Software

Logging in to the AT-WA7400 Management Software

To access the AT-WA7400 management software, perform the following procedure:

1. In the KickStart Administration dialog box, click Administration.

You are prompted for a user name and password, as shown in Figure 12.

Figure 12. Login Dialog Box

The defaults for user name and password are:

Username

manager

Password

friend

Note

You cannot modify the user name.

2. Enter the username and password and click OK.

When you log in for the first time, the Basic Settings page is displayed, as shown in Figure 13. This page displays the global settings for all access points that are members of the cluster and, if you specify automatic configuration, for any new access points that you add later.

Page 35

AT-WA7400 Management Software User’s Guide

Figure 13. Basic Settings Page

Page 36

Chapter 2: Setting up the AT-WA7400 Management Software

Navigating the Web Pages

The web pages provide several ways that you can navigate through the software, as shown in Figure 14.

Help

Figure 14. Navigational Aids

Links The three links at the top of all the pages allow you to navigate to the

following locations:

 Home - The home page for the access point showing the Basic

Settings page.

 Help - The entire help system for the access point.

 Logout - Opens the logout page so that you can log out from the

AT-WA7400 management software. The Logout page is also available on the Advanced menu, and is automatically displayed when your HTTP connection times out.

Menu The menu is located along the left side of the page. The Advanced section

is always collapsed until you click the plus sign (+) to make a selection from that menu. When you go to one of the other menus, the section is collapsed again.

Help The help text along the right side provides help related to the specific

management software function for the menu item you chose. Click one of the links within the help to display information about that topic. To see all the help topics, click the Help link at the top of the page.

Page 37

AT-WA7400 Management Software User’s Guide

Configuring the Basic Settings and Starting the Wireless Network

Provide a minimal set of configuration information by defining the basic settings for your wireless network. These settings are all available on the

Basic Settings page in the AT-WA7400 management software, and are

categorized into steps 1-4 on the web page.

Configuring the

Basic Settings

To configure initial settings, perform the following procedure:

1. In the Review Description of this Access Point section, configure the following parameters as necessary:

IP Address

The IP address assigned to this access point. You cannot edit this field because the IP address is already assigned (either through DHCP or statically through the Ethernet (wired)) settings as described in “Enabling or Disabling Guest Access” on page 90.

MAC Address

Shows the MAC address of the access point.

A MAC address is a permanent, unique hardware address for any device that represents an interface to the network. The MAC address is assigned by the manufacturer. You cannot change the MAC address. It is provided here for informational purposes as a unique identifier for an interface.

The address shown here is the MAC address for the bridge ( is the address by which the access point is known externally to other networks.

br0). This

Firmware Version

Version information about the firmware currently installed on the access point.

As new versions of the firmware become available, you can upgrade the firmware on your access points to take advantages of new features and enhancements.

For instructions on how to upgrade the firmware, see “Upgrading the Firmware” on page 207.

Location

Specify a location description for this access point.

2. In the Provide Network Settings section, configure the following parameters as necessary:

Current Password

As an immediate first step in securing your wireless network, Allied

Page 38

Chapter 2: Setting up the AT-WA7400 Management Software

Telesyn recommends that you change the administrator password from the default which is “friend.” Enter the current administrator password.

New Password

Enter a new administrator password. The characters you enter are displayed as “ password as you type.

The Administrator password must be an alphanumeric string of up to 8 characters. Do not use special characters or spaces.

Confirm New Password

Retype the new administrator password to confirm that you typed it as you intended.

Network Name (SSID)

Enter a name for the wireless network as a character string. This name will apply to all access points on this network. As you add more access points, they will share this SSID.

*” characters to prevent others from seeing your

The Service Set Identifier (SSID) is an alphanumeric string of up to 32 characters.

If you are connected as a wireless client to the same access point that you are administering, resetting the SSID causes you to lose connectivity to the access point. You will need to reconnect to using the new SSID after you save the new Network Name.

Note

The AT-WA7400 Management Software is not designed for multiple, simultaneous configuration changes. If you have a network that includes multiple access points, and more than one administrator is logged on to the AT-WA7400 Management Software’s web pages and making changes to the configuration, all access points in the cluster will stay in synch but there is no guarantee that all configuration changes specified by multiple users will be applied.

3. In the Set Configuration Policy for New Access Points section, configure the following parameter as necessary:

New Access Points

Choose the policy you want to put in effect for adding new access

points to the network.

If you choose “are configured automatically,” then when a new access point is added to the network it automatically joins the existing cluster. The cluster configuration is copied to the new access point, and no manual configuration is required to deploy it.

Page 39

AT-WA7400 Management Software User’s Guide

If you choose “are ignored,” new access points will not join the cluster; they will be considered standalone. You need to configure standalone access points manually using KickStart and the AT-WA7400 management software residing on the standalone access points. (To get to the web page for a standalone access point, use its IP address in a URL as follows: http

://IPAddressOfAccessPoint

Note

If you change the policy so that new access points “are ignored,” then any new access points you add to the network will not join the cluster. Existing clustered access points will not be aware of these standalone access points. Therefore, if you are viewing the ATWA7400 management software web pages through the IP address of a clustered access point, the new standalone access points will not show up in the list of access points on the Cluster > Access Points page. The only way to see a standalone access point is to browse to it directly by using its IP address in the URL.

If you later change the policy to cluster so that new access points “are configured automatically,” all subsequent new access points will automatically join the cluster. Standalone access points, however, will stay in standalone mode until you explicitly add them to the cluster.

For information on how to add standalone access points to the cluster, see “Adding an Access Point to a Cluster” on page 50

4. In the Settings section, click Update to apply these settings and deploy the access point as a wireless network.

Page 40

Chapter 2: Setting up the AT-WA7400 Management Software

A summary of the settings is shown in Figure 15.

Default

Configuration

Figure 15. Summary of Settings Page

At initial startup, no security is in place on the access point. An important next step is to configure security, as described in Chapter 10, “Configuring Security” on page 105.

At this point, if you click Basic Settings again, the summary of settings page is replaced by the standard Basic Settings configuration options.

If you chose to ignore new access points, then as you add new access points they will run in standalone mode. In standalone mode, an access point does not share the cluster configuration with other access points; it must be configured manually.

You can always update the settings on a standalone access point to have it join the cluster. You can also remove an access point from a cluster thereby switching it to run in standalone mode.

5. Click Update to activate the wireless network with these new settings.

If you follow the steps above and accept all the defaults, the access point will have the default configuration described in Appendix A, “Management Software Default Settings” on page 215.

Page 41

Next Steps

AT-WA7400 Management Software User’s Guide

To make sure the access point is connected to the LAN, bring up some wireless clients and connect the clients to the network. After you have tested the basics of your wireless network, you can enable more security and fine-tune the setup by modifying advanced configuration features on the access point.

Make Sure the Access Point is

Connected to the

LAN

Test LAN

Connectivity with

Wireless Clients

Secure and Fine-

Tune the Access

Point Using

Advanced

Features

If you configured the access point and administrator PC by connecting both into a network hub, then your access point is already connected to the LAN. That’s it—you’re up and running! The next step is to test some wireless clients.

If you configured the access point using a direct wired connection using a crossover cable from your computer to the access point, do the following:

1. Disconnect the crossover cable from the computer and the access point.

2. Connect a regular Ethernet cable from the access point to the LAN.

3. Connect your computer to the LAN either via an Ethernet cable or wireless client card.

Test the AT-WA7400 Wireless Access Point by trying to detect it and associate it with some wireless client devices.

After you have the wireless network up and running and have tested against the access point with some wireless clients, you can add in more layers of security, add users, configure a guest interface, and fine-tune performance settings. These features are described in the rest of this guide.

Page 42

Chapter 2: Setting up the AT-WA7400 Management Software

Logging in After the Initial Setup

When you log in again after you complete the initial setup, the default web page is the Interfaces page, as shown in Figure 16.

Figure 16. Default Web Page

Page 43

Chapter 3 Managing Access Points and Clusters

The AT-WA7400 Management Software shows current basic configuration settings for clustered access points (location, IP address, MAC address, status, and availability) and provides a way of navigating to the full configuration for specific access points if they are cluster members.

Standalone access points or those which are not members of this cluster do not show up in this listing. To configure standalone access points, you must discover (via KickStart) or know the IP address of the access point and by using its IP address in a URL (

Note

The AT-WA7400 Management Software is not designed for multiple, simultaneous configuration changes. If you have a network that includes multiple access points, and more than one administrator is logged on to the web pages and making changes to the configuration, all access points in the cluster will stay in synch but there is no guarantee that all configuration changes specified by multiple users will be applied.

http://

IPAddressOfAccessPoint

This chapter contains the following sections:

 “Understanding Clustering” on page 44

 “Understanding and Changing Access Point Settings” on page 48

 “Navigating to Configuration Information for a Specific Access Point

and Managing Standalone Access Points” on page 52

 “Configuring MAC Address Filtering” on page 53

 “MAC Filtering of Rogue Access Points” on page 55

Page 44

Chapter 3: Managing Access Points and Clusters

Understanding Clustering

A key feature of the AT-WA7400 Management Software is the ability to form a dynamic, configuration-aware group (called a cluster) with other AT-WA7400 Wireless Access Points in a network in the same subnet. Access points can participate in a self-organizing cluster which makes it easier for you to deploy, administer, and secure your wireless network. The cluster provides a single point of administration and lets you view the deployment of access points as a single wireless network rather than a series of separate wireless devices.

What is a

Cluster?

How Many

Access Points

Can a Cluster

Support?

What Kinds of

Access Points

Can Cluster

Together?

What is the

Relationship of

the Master Access

Point to Other

Cluster

Members?

A cluster is a group of access points which are coordinated as a single group through the AT-WA7400 Management Software. You cannot create multiple clusters on a single wireless network (SSIS). Only one cluster per wireless network is supported.

Up to eight access points are supported in a cluster at any one time. If a new access point is added to a network with a cluster that is already at full capacity, the new access point is added in standalone mode. Note that when the cluster is full, extra access points are added in standalone mode regardless of the configuration policy in effect for new access points.

For related information, see “Cluster Mode” on page 46 and “Standalone Mode” on page 46.

A single AT-WA7400 Wireless Access Point can form a cluster with itself (a “cluster of one”) and with other AT-WA7400 Wireless Access Points of the same model.

You use a master access point, which you choose from among the cluster members, to change the cluster configuration, share configuration updates, and track new access points joining or leaving the group. If a master access point becomes unavailable, a new cluster member is assigned master responsibilities. This process is fully automated based on a ruleset that takes into account seniority, cluster size, and other factors to determine which access point is best suited to the task at any given time.

There is no need to track or attend to which access point is the master because this status is subject to change at any time depending on the needs of the cluster. This concept is important because you may notice slight differences between configuration information displayed on AT-WA7400 Management Software web pages for a master access point versus other cluster members.

Page 45

AT-WA7400 Management Software User’s Guide

Which Settings

are Shared as

Part of the

Cluster

Configuration

and Which Are

Not?

Most configuration settings that you define using the AT-WA7400 Management Software are propagated to cluster members as a part of the cluster configuration.

Settings Shared in the Cluster Configuration

The cluster configuration includes:

 Network name (SSID)

 Administrator password

 Configuration policy

 User accounts and authentication

 Wireless interface settings

 Guest Welcome screen settings

 Network Time Protocol (NTP) settings

 Radio settings

Only Mode, Channel, Fragmentation Threshold, RTS Threshold and Rate Sets are synchronized across the cluster. Beacon Interval, DTIM Period, Maximum Stations, and Transmit Power do not cluster.

Note

When Channel Planning is enabled, the radio Channel is not synched across the cluster. See “Stopping or Starting Automatic Channel Assignment” on page 73.

 Security settings

 QoS queue parameters

 MAC address filtering

Settings Not Shared by the Cluster

The settings not shared among clustered access points are the following, most of which, by nature, must be unique:

 IP addresses

 MAC addresses

 Location descriptions

 Load balancing settings

 WDS bridges

 Ethernet (Wired) settings, including enabling or disabling guest access

 Guest interface configuration

Page 46

Chapter 3: Managing Access Points and Clusters

Settings that are not shared must be configured individually on the AT-WA7400 Management Software web pages for each access point. To access the AT-WA7400 Management Software web pages for an access point that is a member of the current cluster, click on its IP Address link on the Cluster > Access Points page of the current access point.

Cluster Mode When an access point is a cluster member, it is considered to be in cluster

mode. You define whether you want new access points to join the cluster or not via the configuration policy you set in the Basic Settings. You can re-set an access point in cluster mode to standalone mode. (See “Removing an Access Point from the Cluster” on page 49.)

Note

When the cluster is full (eight access points is the limit), extra access points are added in standalone mode regardless of the configuration policy in effect for new access points. See “How Many Access Points Can a Cluster Support?” on page 44.

Standalone Mode The AT-WA7400 Wireless Access Point can be configured in standalone

mode. In standalone mode, an access point is not a member of the cluster and does not share the cluster configuration, but rather requires manual configuration that is not shared with other access points. (See “Removing an Access Point from the Cluster” on page 49.)

Standalone access points are not listed on the Cluster > Access Points page in the web pages of access points that are cluster members. You need to know the IP address of a standalone access points in order to configure and manage it directly. (See “Navigating to an Access Point by Using its IP Address in a URL” on page 52.)

The Basic Settings page for a standalone access point indicates only that the current mode is standalone and provides a button for adding the access point to a cluster (group). If you click on any of the Cluster page in the web pages for an access point in standalone mode, you are redirected to the Join Cluster page because Cluster settings do not apply to standalone access points.

Note

You can re-enable cluster mode on a standalone access point. (See “Adding an Access Point to a Cluster” on page 50.)

Page 47

AT-WA7400 Management Software User’s Guide

Cluster

Formation

Cluster Size and

Membership

Intra-Cluster

Security

A cluster is formed when the first AT-WA7400 Wireless Access Point is configured. (See “Configuring the Basic Settings and Starting the Wireless Network” on page 37.)

If a cluster configuration policy is in place when a new access point is deployed, it attempts to rendezvous with an existing cluster.

If it is unable to locate a cluster, then it establishes a new cluster on its own.

If it locates a cluster but is rejected because the cluster is full, or the clustering policy is to ignore new access points, then the access point deploys in standalone mode.

The upper limit of a cluster is eight access points. The Cluster web administration pages provides a real-time, visual indicator of the number of access points in the current cluster and warn when the cluster has reached access point capacity.

If a cluster is present but is already full, new access points are deployed in standalone mode.

To ensure that the security of the cluster as a whole is equivalent to the security of a single access point, communication of certain data between access points in a cluster is done using Secure Sockets Layer with private key encryption.

Auto-Synch of

Cluster

Configuration

Both the cluster configuration file and the user database are transmitted among access points using SSL.

If you are making changes to the access point configuration that require a relatively large amount of processing (such as adding several new users), you may encounter a synchronization progress bar after clicking Update on any of the AT-WA7400 Management Software web pages. The progress bar indicates that the system is busy performing an auto-synch of the updated configuration to all access points in the cluster. The AT-WA7400 Management Software is not available during the auto-synch.

Note that auto-synchronization always occurs during configuration updates that affect the cluster, but the processing time is usually negligible. The auto-synch progress bar is displayed only for longer-thanusual wait times.

Page 48

Chapter 3: Managing Access Points and Clusters

Understanding and Changing Access Point Settings

The Access Points page provides information about all access points in the cluster.

From this page, you can view location descriptions, IP addresses, enable (activate) or disable (deactivate) clustered access points, and remove access points from the cluster. You can also modify the location description for an access point.

The IP address links provide a way to navigate to configuration settings and data on an access point.

Standalone access points (those which are not members of the cluster) are not shown on this page.

To view or edit information on access points in a cluster, perform the following procedure:

1. From the main menu, select Cluster > Access Points.

The Access Points page is shown in Figure 17. This page shows any access points that are connected to a cluster.

Figure 17. Access Points Page

2. Click Refresh to update the access points list.

The Access Points page provides the following information:

Location

Description of where the access point is physically located.

MAC Address

The media access control (MAC) address of the access point.

Page 49

AT-WA7400 Management Software User’s Guide

Modifying the

Location

Description

The address shown here is the MAC address for the bridge ( is the address by which the access point is known externally to other networks.

IP Address

The IP address of the access point. Each IP address is a link to the AT-WA7400 Management Software web pages for that access point. You can use the links to navigate to the web pages for a specific access point. This is useful for viewing data on a specific access point to make sure a cluster member is picking up cluster configuration changes, to configure advanced settings on a particular access point, or to switch a standalone access point to cluster mode.To see MAC addresses for guest and internal interfaces on the access point, see the Status > Interfaces page.

To change the location description for an access point:

1. From the main menu, select Basic Settings.

The Basic Settings page is shown in Figure 13 on page 35.

2. Update the Location description in section 1 under “Review Description of this Access Point.”

br0). This

Removing an

Access Point from

the Cluster

3. Click Update to apply the changes.

To remove an access point from the cluster, do the following.

1. From the main menu, select Cluster > Access Point.

The Access Points page is shown in Figure 17 on page 48.

2. Click the checkbox next to the access point so that the box is checked.

3. Click Remove.

The change is under Status for that access point; the access point will now show as standalone (instead of cluster).

Page 50

Chapter 3: Managing Access Points and Clusters

Note

In some situations it is possible for the cluster to become out of sync. If after removing an access point from the cluster, the access point list still reflects the deleted access point or shows an incomplete display; refer to the information on cluster recovery in

“Cluster Recovery” on page 261.

Adding an Access Point to a Cluster

To add an access point that is currently in standalone mode back into a cluster, do the following.

1. Go to the AT-WA7400 Management Software web pages for the standalone access point. (See “Navigating to an Access Point by Using its IP Address in a URL” on page 52.)

The web pages for the standalone access point are displayed.

2. From the main menu, select Cluster > Access Points.

3. Click Join Cluster.

The Summary of Settings page is redisplayed, as shown in Figure 18, with the settings of the access point that is now part of the cluster.

Figure 18. Settings of Access Point that Joined the Cluster

Page 51

AT-WA7400 Management Software User’s Guide

The access point is now a cluster member. Its Status (Mode) on the Cluster > Access Points page now indicates “Clustered.”

Note

In some situations it is possible for the cluster to become out of sync. If, after removing an access point from the cluster, the access point list still reflects the deleted access point or shows an incomplete display; refer to the information on cluster recovery in “Cluster

Recovery” on page 261.

Page 52

Chapter 3: Managing Access Points and Clusters

Navigating to Configuration Information for a Specific Access Point and Managing Standalone Access Points

In general, the AT-WA7400 Management Software is designed for central management of clustered access points. For access points in a cluster, all access points in the cluster reflect the same configuration. In this case, it does not matter which access point you actually connect to for administration.

There may be situations, however, when you want to view or manage information on a particular access point. For example, you might want to check status information such as client associations or events for an access point. Or you might want to configure and manage features on an access point that is running in standalone mode. In these cases, you can navigate to the AT-WA7400 Management Software web interface for individual access points by clicking the IP address links on the Access Points page.

Navigating to an

Access Point by

Using its IP

Address in a URL

All clustered access points are shown on the Cluster > Access Points page. To navigate to clustered access points, you can simply click on the IP address for a specific cluster member shown in the list.

You can also link to the web pages of a specific access point by entering the IP address for that access point as a URL directly into a web browser address bar in the following form:

http://

where IPAddressOfAccessPoint is the address of the particular access point you want to monitor or configure.

This is the only way to navigate to configuration information for a standalone access point.

If you do not know the IP address of a standalone access point, use KickStart to find all access points on the network and you should be able to derive which ones are standalone by comparing KickStart findings with access points listed on the Cluster > Access Points page. The access points that KickStart finds that are not shown on the this page are probably standalone access points. (For more information on using KickStart, see “Running KickStart to Find Access Points on the Network” on page 26.)

IPAddressOfAccessPoint

Page 53

Configuring MAC Address Filtering

A media access control (MAC) address is a hardware address that uniquely identifies each node of a network. All IEEE 802 network devices share a common 48-bit MAC address format, usually displayed as a string of 12 hexadecimal digits separated by colons, for example

FE:DC:BA:09:87:65

Each wireless network interface card (NIC) used by a wireless client has a unique MAC address.

You can control client access to your wireless network by switching on MAC filtering and specifying a list of approved MAC addresses. When MAC filtering is on, only clients with a listed MAC address can access the network.

Based on how you set the MAC filter, you can allow only client stations with a listed MAC address or prevent access to the stations listed. For the guest interface, MAC Filtering settings apply to both BSSes. On a tworadio access point, MAC Filtering settings apply to both radios.

AT-WA7400 Management Software User’s Guide

To set the DNS name, perform the following procedure:

1. From the main menu, select Advanced > MAC Filtering.

The MAC Filtering page is shown in Figure 19.

Figure 19. MAC Filtering Page

Page 54

Chapter 3: Managing Access Points and Clusters

2. Configure the following settings:

Filter

Click one of the following radio buttons:

 Allow only stations in the list

 Allow any station unless in list

Stations List

To add a MAC Address to Stations List, enter its 48-bit MAC address into the lower text boxes, then click Add.

The MAC Address is added to the Stations List.

To remove a MAC Address from the Stations List, select its 48-bit MAC address, then click Remove.

The stations in the list will either be allowed or prevented from accessing the access point based on how you set the Filter.

3. Click Update to save your settings.

Page 55

MAC Filtering of Rogue Access Points

When an access point is not listed in the access points list, the MAC filtering of rogue access points feature sends an SNMP trap to alert you to the unregistered (rogue) access point.

To enable MAC filtering of rogue access points, perform the following procedure:

1. From the main menu, select Advanced > Pre-Config Rogue AP.

The Configure MAC Filtering of Rogue Access Points page is shown in Figure 20.

AT-WA7400 Management Software User’s Guide

Figure 20. Configure Rogue MAC Filtering of Access Point Page

2. To add an access point to the list:

a. Type its MAC address in the fields above the Add button.

b. Click Add.

c. Click Update.

3. To remove an access point from the list:

a. Select the MAC address of the access point in the Access Points

List.

Page 56

Chapter 3: Managing Access Points and Clusters

b. Click Add.

c. Click Update.

Page 57

Chapter 4 Managing User Accounts

The AT-WA7400 Management Software includes user management capabilities for controlling client access to access points.

User management and authentication must always be used in conjunction with the following two security modes, which require use of a RADIUS server for user authentication and management.

 IEEE 802.1x mode

 WPA with RADIUS mode

You have the option of using either the internal RADIUS server embedded in the AT-WA7400 Wireless Access Point or an external RADIUS server that you provide. If you use the embedded RADIUS server, use the management software on the access point to set up and manage user accounts. If you are using an external RADIUS server, you will need to set up and manage user accounts on the Administrative interface for that server.

On the User Management page, you can create, edit, remove, and view client user accounts. Each user account consists of a user name and password. The set of users specified here represent approved clients that can log in and use one or more access points to access local and possibly external networks via your wireless network.

Note

Users specified here are clients of the access point(s) that use the access points as a connectivity hub, not administrators of the wireless network. Only those with the administrator username and password and knowledge of the administration URL can log in as an administrator and view or modify configuration settings.

This chapter contains the following sections:

 “Adding a User” on page 58

 “Editing a User Account” on page 60

 “Backing Up and Restoring a User Database” on page 62

Page 58

Chapter 4: Managing User Accounts

Adding a User

To add a new user, perform the following procedure:

1. From the main menu, select Cluster > User Management.

The User Management page is shown in Figure 21.

Figure 21. User Management Page

User accounts are shown at the top of the page under User Accounts The user name, real name and status (enabled or disabled) are shown.

2. In the Add a User section, provide the following information:

User Name

User names are alphanumeric strings of up to 237 characters. Do not use special characters or spaces.

Real Name

For information purposes, provide the user’s full name, up to 256 characters.

Page 59

AT-WA7400 Management Software User’s Guide

Password

Specify a password for this user. Passwords are alphanumeric strings of up to 256 characters. Do not use special characters or spaces. You must retype the password.

3. Click Add Account to add the account.

The new user is then displayed in the User Accounts list. The user account is enabled by default when you first create it.

Note

A limit of 100 user accounts per access point is imposed by the web user interface. Network usage may impose a more practical limit, depending upon the demand from each user.

Page 60

Chapter 4: Managing User Accounts

Editing a User Account

After you create a user account, it is displayed in the User Accounts section at the top of the Cluster > User Management page.

To edit an existing user account, perform the following procedure:

1. From the main menu, select Cluster > User Management.

The User Management page is shown in Figure 21 on page 58.

2. In the User Accounts section, click the checkbox next to the user name so that the box is checked, as shown in Figure 22.

Enabling a User

Account

Figure 22. User Accounts Section

A user account must be enabled for the user to log on as a client and use the access point.

You can enable or disable any user account. With this feature, you can maintain a set of user accounts and authorize or prevent users from accessing the network without having to remove or re-create accounts. This can come in handy in situations where users have an occasional need to access the network. For example, contractors who do work for your company on an intermittent but regular basis might need network access for 3 months at a time, then be off for 3 months, and back on for another assignment. You can enable and disable these user accounts as needed, and control access as appropriate.

To enable a user account, perform the following procedure:

1. From the main menu, select Cluster > User Management.

The User Management page is shown in Figure 21 on page 58.

Page 61

AT-WA7400 Management Software User’s Guide

2. In the User Accounts section, click the checkbox next to the user name you want to enable.

3. Click Enable.

A user with an account that is enabled can log on to the wireless access points in your network as a client.

Disabling a User

Account

Removing a User

Account

To disable a user account, perform the following procedure:

1. From the main menu, select Cluster > User Management.

The User Management page is shown in Figure 21 on page 58.

2. In the User Accounts section, click the checkbox next to the user name you want to disable.

3. Click Disable.

A user with an account that is disabled cannot log on to the wireless access points in your network as a client. However, the user remains in the database and can be enabled later as needed.

To remove a user account, perform the following procedure:

1. From the main menu, select Cluster > User Management.

The User Management page is shown in Figure 21 on page 58.

2. In the User Accounts section, click the checkbox next to the user name you want to remove.

3. Click Remove.

If you think you might want to add this user back in at a later date, consider disabling the user rather than removing the account altogether.

Page 62

Chapter 4: Managing User Accounts

Backing Up and Restoring a User Database

You can save a copy of the current set of user accounts to a backup configuration file. You can use the backup file at a later date to restore the user accounts on the access point to the previously saved configuration.

Backing Up the

User Database

To create a backup copy of the user accounts for this access point, perform the following procedure:

1. From the main menu, select Cluster > User Management.

The User Management page is shown in Figure 21 on page 58.

2. In the User Accounts section, click the backup or restore the user database link.

The Backup or restore the user database for this access point page is displayed, as shown in Figure 23.

Figure 23. Backup or Restore User Database Page

3. Choose the Save option in this first dialog box.

This opens a file browser.

4. Use the file browser to navigate to the directory where you want to save the file, and click OK to save the file.

You can keep the default file name ( the backup file, but be sure to save the file with a

wirelessUsers.ubk

.ubk

) or rename

extension.

Page 63

AT-WA7400 Management Software User’s Guide

Restoring a User

Database from a

Backup File

To restore a user database from a backup file, perform the following procedure:

1. From the main menu, select Cluster > User Management.

The User Management page is shown in Figure 21 on page 58.

2. In the User Accounts section, click the backup or restore the user database link.

The Backup or restore the user database for this access point page is displayed, as shown in Figure 23 on page 62.

3. Select the backup configuration file you want to use, either by typing the full path and file name in the Restore field or by clicking Browse and selecting the file.

(Only those files that were created with the User Database Backup

.ubk

function and saved as with Restore; for example,

4. Click Restore.

When the backup restore process is complete, a message is shown to indicate that the user database has been successfully restored. (This process is not time-consuming; the restore should complete almost immediately.)

backup configuration files are valid to use

wirelessUsers.ubk

From the main menu, select Cluster > User Management to see the restored user accounts.

Page 64

Chapter 4: Managing User Accounts

Page 65

Chapter 5 Session Monitoring

The AT-WA7400 Management Software provides real-time session monitoring information including which clients are associated with a particular access point, data rates, transmit/receive statistics, signal strength, and idle time.

A session in this context is the period of time in which a user on a client device (station) with a unique MAC address maintains a connection with the wireless network. The session begins when the client logs on to the network, and the session ends when the client either logs off intentionally or loses the connection for some other reason.

Note

A session is not the same as an association, which describes a client connection to a particular access point. A client network connection can shift from one clustered access point to another within the context of the same session. A client station can roam between access points and maintain the session.

Note

For information about monitoring associations and link integrity monitoring, see “Viewing the Associated Wireless Clients” on page 192.

Page 66

Chapter 5: Session Monitoring

Viewing Sessions Information

To view session monitoring information, perform the following procedure:

1. From the main menu, select Cluster > Sessions.

The Sessions page is shown in Figure 24 .

Figure 24. Sessions Page

The Sessions page displays the following information about client stations associated with access points in the cluster:

User Name

Indicates the client user name of IEEE 802.1x clients.

Note

This field is relevant only for clients that are connected to access points using IEEE 802.1x security mode and local authentication server. (For more information about this mode, see “IEEE 802.1x” on page 121.) No user name is shown for clients of access points using IEEE 802.1x with RADIUS server or other security modes.

AP Location

Indicates the location of the access point.

This is derived from the location description specified on the Basic Settings page.

User MAC Address

Indicates the MAC address of the user’s client device (station).

A MAC address is a hardware address that uniquely identifies each node of a network.

Idle Time

Indicates the amount of time this station has remained inactive.

Page 67

AT-WA7400 Management Software User’s Guide

A station is considered to be idle when it is not receiving or transmitting data.

Data Rate

The speed at which this access point is transferring data to the specified client.

The data transmission rate is measured in megabits per second (Mbps).

This value should fall within the range of the advertised rate set for the

IEEE 802.1x mode in use on the access point. For example, 6 to

54Mbps for 802.11a,

Signal

Indicates the strength of the radio frequency (RF) signal the client receives from the access point.

The measure used for this is an IEEE 802.1x value known as Received Signal Strength Indication (RSSI), and will be a value between 0 and

100.

Viewing Specific

Session

Information

RSSI is determined by a an IEEE 802.1x mechanism implemented on the network interface card (NIC) of the client station.

Utilization

Utilization rate for this station.

For example, if the station is active (transmitting and receiving data) 90% of the time and inactive 10% of the time, its utilization rate is 90%.

Receive Total

Indicates number of total packets received by the client during the current session.

Transmit Total

Indicates number of total packets transmitted to the client during this session.

Error Rate

Indicates the percentage of time frames are dropped during transmission on this access point.

To view only specific information about a session, perform the following procedure:

1. On the Sessions page, from the Display list, choose the field you want to display and click Go.

The page is refreshed and displays the User, AP Location, and User MAC information in addition to the field you selected.

Page 68

Chapter 5: Session Monitoring

Sorting Session

Information

To sort the information in the session list, perform the following procedure:

1. On the Sessions page, click the column label by which you want to sort the sessions.

The display is refreshed to show the sessions in the order you chose.

Page 69

Chapter 6 Channel Management

This chapter contains the following sections:

 “Understanding Channel Management” on page 70

 “Displaying the Channel Management Settings” on page 72

 “Configuring the Channel Management Settings” on page 73

Page 70

Chapter 6: Channel Management

Understanding Channel Management

When channel management is enabled, the AT-WA7400 Management Software automatically assigns radio channels used by clustered access points to reduce mutual interference (or interference with other access points outside of its cluster). This maximizes WiFi bandwidth and helps maintain the efficiency of communication over your wireless network.

Note

You must start channel management to get automatic channel assignments; it is disabled by default on a new access point. See “Stopping or Starting Automatic Channel Assignment” on page 73.

How it Works in

a Nutshell

Overlapping

Channels

At a specified interval (the default is one hour) or on demand (click Update), the Channel Manager maps access points to channel use and measures interference levels in the cluster. If significant channel interference is detected, the Channel Manager automatically reassigns some or all of the access points to new channels per an efficiency algorithm (or automated channel plan).

The radio frequency (RF) broadcast channel defines the portion of the radio spectrum that the radio on the access point uses for transmitting and receiving. The range of available channels for an access point is determined by the IEEE 802.11 mode (also referred to as band) of the access point.

IEEE 802.11b/802.11g modes (802.11 b/g) support use of channels 1 through 11 inclusive, while IEEE 802.11a mode supports a larger set of non-consecutive channels (36,40,44, 48, 52, 56, 60, 64, 149, 153, 157, 161, 165).

Interference can occur when multiple access points within range of each other are broadcasting on the same or overlapping channels. The impact of this interference on network performance can intensify during busy times when a large amount of data and media traffic competing for bandwidth.

The Channel Manager detects which bands (b/g or a) clustered access points are on, and uses a predetermined collection of channels that will not mutually interfere. For the “b/g” radio band, the classical set of noninterfering channels is 1, 6, 11. Channels 1, 4, 8, 11 produce minimal overlap. A similar set of non-interfering channels is used for the “a” radio band, which includes all channels for that mode since they are not overlapping.

Page 71

AT-WA7400 Management Software User’s Guide

Example: A

Network Before

and After

Channel

Management

Channel 6 (802.11b)

AP1

Client Station

Channel 6 (802.11b)

Without automated channel management, channel assignments to clustered access points might be made on consecutive channels, which would overlap and cause interference. For example, access point1 could be assigned to channel 6, access point2 to channel 6, and access point3 to channel 5 as shown in Figure 25.

Interference from APs on adjacent channels (5,6,7)

Interference from APs on same channel (6)

AP2

Channel 5 (802.11b)

AP3

Channel 6 (802.11b)

Channel 7 (802.11b)

AP4

AP5

Client Station

Figure 25. Without Automatic Channel Management: Access Points Can

Broadcast on Overlapping Channels

Channel 1 (802.11b)

AP1

Client Station

With automated channel management, access points in the cluster are automatically reassigned to noninterfering channels as shown in Figure

26.

Channel 6 (802.11b)

AP2

Channel 1 (802.11b)

Channel 11 (802.11b)

AP4

AP3

Client Station

Channel 6 (802.11b)

AP5

Figure 26. With Channel Management Enabled: Access Points are Re-

Assigned to Non-Interfering Channels

Page 72

Chapter 6: Channel Management

Displaying the Channel Management Settings

To view channel management information, perform the following procedure:

1. From the main menu, select Cluster > Channel Management.

The Channel Management page is displayed, as shown in.Figure 27.

Figure 27. Channel Management Page

The Channel Management page shows previous, current, and planned channel assignments for clustered access points. By default, automatic channel assignment is disabled. You can start channel management to optimize channel usage across the cluster on a scheduled interval.

From this page, you can view channel assignments for all access points in the cluster, stop/start automatic channel management, and manually update the current channel map (access points to channels). When you do a manual update, the Channel Manager assesses channel usage and, if necessary, reassigns access points to new channels to reduce interference based on the current Advanced settings.

Using the Advanced settings you can modify the interference reduction potential that triggers channel reassignment, change the schedule for automatic updates, and reconfigure the channel set used for assignments.

Page 73

Configuring the Channel Management Settings

This section contains the following procedures:

 “Stopping or Starting Automatic Channel Assignment,” next

 “Viewing Current Channel Assignments and Setting Locks” on page 73

 “Updating the Current Channel Settings Manually” on page 74

 “Viewing the Last Proposed Set of Changes” on page 74

 “Configuring Advanced Settings (Customizing and Scheduling

Channel Plans)” on page 75

AT-WA7400 Management Software User’s Guide

Stopping or

Starting

Automatic

Channel

Assignment

By default, automatic channel assignment is disabled (off).

To start or stop channel management, perform the following procedure:

1. From the main menu, select Cluster > Channel Management.

The Channels page is displayed, as shown in Figure 27 on page 72.

2. Click Start to resume automatic channel assignment.

When automatic channel assignment is enabled, the Channel Manager periodically maps radio channels used by clustered access points and, if necessary, reassigns channels on clustered access points to reduce interference (with cluster members or other access points outside the cluster).

Note

Channel Management overrides the default cluster behavior, which is to synchronize radio channels of all access points across a cluster. When Channel Management is enabled, the radio Channel is not synchronized across the cluster to other access points. See the note under Radio Settings in “Settings Shared in the Cluster Configuration” on page 45.

Viewing Current

Channel

Assignments and

Setting Locks

3. Click Stop to stop automatic channel assignment. (No channel usage maps or channel reassignments are made. Only manual updates affect the channel assignment.)

The Current Channel Assignments section displays a list of all access points in the cluster by IP address. The display provides the following information:

IP Address

Specifies the IP address for the access point.

Page 74

Chapter 6: Channel Management

Band

Indicates the band (b/g or a) on which the access point is broadcasting.

Current

Indicates the radio channel on which this access point is currently broadcasting.

Locked

Click Locked if you want to this access point to remain on the current channel.

When the Locked checkbox is checked (enabled) for an access point, automated channel management plans will not re-assign the access point to a different channel as a part of the optimization strategy. Instead, access points with locked channels are factored in as requirements for the plan.

If you click Update, you will see that locked access points show the same channel for Current Channel and Proposed Channel. Locked access points keep their current channels.

Updating the

Current Channel

Settings

Manually

Viewing the Last

Proposed Set of

Changes

To run a manual channel management update at any time, click Update in the Advanced section.

The Last Proposed Set of Channel Assignments section shows the last channel plan. The plan lists all access points in the cluster by IP Address, and shows the current and proposed channels for each access point. Locked channels are not reassigned and the optimization of channel distribution among access points takes into account the fact that locked access points must remain on their current channels. Access points that are not Locked may be assigned to different channels than they were previously using, depending on the results of the plan. The following information is displayed:

IP Address

Specifies the IP address for the access point.

Current

Indicates the radio channel on which this access point is currently broadcasting.

Proposed

Indicates the radio channel to which this access point would be reassigned if the Channel Plan is executed.

Page 75

AT-WA7400 Management Software User’s Guide

Configuring

Advanced

Settings

(Customizing and

Scheduling

Channel Plans)

If you use channel management as provided (without updating the Advanced settings), channels are automatically fine-tuned once every hour if interference can be reduced by 25 percent or more. Channels are reassigned even if the network is busy. The appropriate channel sets are used (b/g for access points using IEEE 802.11b/g and a for access points using IEEE 802.11a).

These defaults are designed to satisfy most scenarios where you would need to implement channel management.

You can use the Advanced settings to modify the interference reduction potential that triggers channel reassignment, change the schedule for automatic updates, and reconfigure the channel set used for assignments.

To configure the advanced settings, perform the following procedure:

1. From the main menu, select Cluster > Channel Management.

The Channel Management page is displayed, as shown in Figure 27 on page 72.

2. Click Advanced to show the advanced settings.

The advanced settings are shown at the bottom of

3. Configure the following settings as necessary:

Page 76

Chapter 6: Channel Management

Change channels if interference is reduced by at least

Specify the minimum percentage of interference reduction a proposed plan must achieve in order to be applied. The default is 25 percent.

Choose percentages ranging from 25 percent to 75 percent from the list.

This setting lets you set a gating factor for channel reassignment so that the network is not continually disrupted for minimal gains in efficiency.

For example, if channel interference must be reduced by 75 percent and the proposed channel assignments will only reduce interference by 30 percent, then channels are not reassigned. However; if you reset the minimal channel interference benefit to 25 percent and click Update, the proposed channel plan will be implemented and channels reassigned as needed.

Determine if there is better set of channels every

Select the schedule from the list. The range of intervals is from 1 Minute to 6 Months, and the default is 1 Hour (channel usage reassessed and the resulting channel plan applied every hour).

Use these channels when applying channel assignments

Choose a set of noninterfering channels on a particular band (b/g or a). The choices are:

 b/g channels 1-6-11

 b/g channels 1-4-8-11

 A

IEEE 802.11b/802.11g modes (802.11 b/g) support use of channels 1 through 11. For the b/g radio band, the classical set of non-interfering channels is 1, 6, 11. Channels 1, 4, 8, 11 produce minimal overlap.

IEEE 802.11a mode supports a larger set of non-consecutive channels (36,40,44, 48, 52, 56, 60, 64, 149, 153, 157, 161, 165). All “a” band channels are non-interfering.

Apply channel modifications even when the network is busy

Click to enable or disable this setting.

A checkmark indicates it is enabled and channel modifications are applied even when the network is busy.

If this is not checked, channel modifications are not applied on a busy network.

This setting (along with the interference reduction setting) is designed to help weigh the cost/benefit impact on network performance of reassigning channels against the inherent disruption it can cause to clients during a busy time.

Page 77

AT-WA7400 Management Software User’s Guide

4. Click Update to apply these settings.

Advanced settings take effect when they are applied, and influence how automatic channel management is performed. (The new interference reduction minimum, scheduled tuning interval, channel set, and network busy settings are taken into account for automated and manual updates.)

Page 78

Chapter 6: Channel Management

Page 79

Chapter 7 Wireless Neighborhoods

The wireless neighborhood view shows those access points within range of any access point in the cluster. This page provides a detailed view of neighboring access points including identifying information (SSIDs and MAC addresses) for each, cluster status (which are members and nonmembers), and statistical information such as the channel each access point is broadcasting on, signal strength, and so forth.

This chapter contains the following sections:

 “Understanding Wireless Neighborhood Information” on page 80

 “Displaying the Wireless Neighborhood Information” on page 81

 “Viewing Details of a Cluster Member” on page 84

Page 80

Chapter 7: Wireless Neighborhoods

Understanding Wireless Neighborhood Information

The wireless neighborhood shows all access points within range of every member of the cluster, shows which access points are within range of which cluster members, and distinguishes between cluster members and nonmembers.

For each neighbor access point, the Wireless Neighborhood view shows identifying information (SSID or Network Name, IP address, MAC address) along with radio statistics (signal strength, channel, beacon interval). You can click on an access point to get additional statistics about the access points in radio range of the currently selected access point.

The Wireless Neighborhood view can help you:

 Detect and locate unexpected (or rogue) access points in a wireless

domain so that you can take action to limit associated risks

 Verify coverage expectations. By assessing which access points are

visible at what signal strength from other access points, you can verify that the deployment meets your planning goals.

 Detect faults. Unexpected changes in the coverage pattern are evident

at a glance in the color coded table.

Page 81

AT-WA7400 Management Software User’s Guide

Displaying the Wireless Neighborhood Information

To view the Wireless Neighborhood page, perform the following procedure:

1. From the main menu, select Cluster > Wireless Neighborhood.

The Wireless Neighborhood page is shown in Figure 28.

Figure 28. Wireless Neighborhood Page

The Wireless Neighborhood page displays the following information:

Display neighboring APs

Click one of the following radio buttons to change the view:

In cluster - Shows only neighbor access points that are members of the

cluster

Not in cluster - Shows only neighbor access points that are not cluster

members

Page 82

Chapter 7: Wireless Neighborhoods

Both - Shows all neighbor access points (cluster members and

nonmembers)

Cluster

The Cluster list at the top of the table shows IP addresses for all access points in the cluster. (This is the same list of cluster members shown in the Cluster > Access Points page described in “Understanding and Changing Access Point Settings” on page 48.)

If there is only one access point in the cluster, only a single IP address column is displayed here, indicating that the access point is clustered with itself.

You can click on an IP address to view more details on a particular access point as shown in Figure 28 on page 81.

Neighbors

Access points which are neighbors of one or more of the clustered access points are listed in the left column by SSID (Network Name).

An access point which is detected as a neighbor of a cluster member can also be a cluster member itself. Neighbors who are also cluster members are always shown at the top of the list with a heavy bar above and include a location indicator.

The colored bars to the right of each access point in the Neighbors list shows the signal strength for each of the neighbor access points as detected by the cluster member whose IP address is shown at the top of the column

This access point (a cluster member) can be seen by the access point whose IP address is 10.10.100.246 (at a signal strength of 54) . . .

. . . but not by the access point whose address if 10.10.100.223

 Dark Blue Bar - A dark blue bar and a high signal strength number

(for example 50) indicates good signal strength detected from the

Page 83

AT-WA7400 Management Software User’s Guide

Neighbor seen by the access point whose IP address is listed above that column.

 Lighter Blue Bar - A lighter blue bar and a lower signal strength

number (for example 20 or lower) indicates medium or weak signal strength from the Neighbor seen by the access point whose IP address is listed above that column

 White Bar - A white bar and the number 0 indicates that a

neighboring access point that was detected by one of the cluster members cannot be detected by the access point whose IP address if listed above that column.

 Light Gray Bar - A light gray bar and no signal strength number

indicates a Neighbor that is detected by other cluster members but not by the access point whose IP address is listed above that column.

 Dark Gray Bar - A dark gray bar and no signal strength number

indicates this is the access point whose IP address is listed above that column (since it is not applicable to show how well the access point can detect itself).

Page 84

Chapter 7: Wireless Neighborhoods

Viewing Details of a Cluster Member

To view details on a cluster member access point, perform the following procedure:

1. From the main menu, select Cluster > Wireless Neighborhood.

The Wireless Neighborhood page is displayed, as shown in Figure 28 on page 81.

2. Click the IP address of a cluster member at the top of the page.

The Neighbor Details section is displayed at the bottom of the page, as shown in Figure 29.

Figure 29. Neighbor Details Information

The table displays the following information about the access point:

SSID

The Service Set Identifier (SSID) for the access point. The SSID is an alphanumeric string of up to 32 characters that uniquely identifies a wireless local area network. It is also referred to as the Network Name.

To set the SSID, refer to “Configuring the Basic Settings and Starting the Wireless Network” on page 37, “Configuring Internal Wireless LAN Settings” on page 102, or “Configuring the Guest Network Wireless Settings” on page 103.

A guest network and an internal network running on the same access point must always have two different network names.

MAC Address

Shows the MAC address of the neighboring access point. A MAC address is a hardware address that uniquely identifies each node of a network.

Page 85

AT-WA7400 Management Software User’s Guide

Channel

Shows the channel on which the access point is currently broadcasting. The channel defines the portion of the radio spectrum that the radio uses for transmitting and receiving.

The channel is set on the Advanced > Radio Settings page. (See Chapter 13, “Configuring Radio Settings” on page 145.)

Rate

Shows the rate (in megabits per second) at which this access point is currently transmitting. The current rate will always be one of the rates shown in Supported Rates.

Signal

Indicates the strength of the radio signal emitting from this access point as measured in decibels (Db).

Beacon Interval

Shows the beacon interval being used by this access point. Beacon frames are transmitted by an access point at regular intervals to announce the existence of the wireless network. The default behavior is to send a beacon frame once every 100 milliseconds (or 10 per second).

You set the Beacon Interval is set on the Advanced > Radio Settings page. (See Chapter 13, “Configuring Radio Settings” on page 145.)

Capability

A hexadecimal number which, when converted to binary, indicates each IEEE 802.11 feature or functionality and whether it is on or off on this access point.

Last Beacon

Shows the date and time of the most recent beacon was transmitted from the access point.

Page 86

Chapter 7: Wireless Neighborhoods

Page 87

Chapter 8 Configuring Ethernet (Wired) Settings

Ethernet (wired) settings describe the configuration of your Ethernet local area network (LAN).

Note

The Ethernet settings, including guest access, are not shared across the cluster. You must configure these settings on the web pages for each access point. To get to the web pages for an access point that is a member of the current cluster, click on its IP Address link on the Cluster > Access Points page of the current access point. For more information about which settings are shared by the cluster and which are not, see “Which Settings are Shared as Part of the Cluster Configuration and Which Are Not?” on page 45.

This chapter contains the following sections:

 “Setting the DNS Name” on page 88

 “Enabling or Disabling Guest Access” on page 90

 “Enabling or Disabling Spanning Tree” on page 92

 “Configuring the Internal Interface Ethernet Settings” on page 93

 “Configuring the Guest Interface Settings” on page 96

Page 88

Chapter 8: Configuring Ethernet (Wired) Settings

Setting the DNS Name

To set the DNS name, perform the following procedure:

1. From the main menu, select Advanced > Ethernet (Wired) Settings.

The Ethernet (Wired) Settings page is shown in Figure 30 .

Figure 30. Ethernet (Wired) Settings Page

Page 89

AT-WA7400 Management Software User’s Guide

2. In the Ethernet (Wired) Settings page, enter the DNS name.

The DNS name is the host name. It may be provided by your ISP or network administrator, or you can provide your own. The rules for DNS names are:

 The name can be up to 20 characters long.

 Only letters, numbers and dashes are allowed.

 The name must start with a letter and end with either a letter or a

number.

Page 90

Chapter 8: Configuring Ethernet (Wired) Settings

Enabling or Disabling Guest Access

You can provide controlled guest access over a secure internal LAN on the AT-WA7400 Wireless Access Point.

Configuring an

Internal LAN and

a Guest Network

Enabling or

Disabling Guest

Access

A local area network (LAN) is a communications network covering a limited area, for example, one floor of a building. A LAN connects multiple computers and other network devices like storage and printers.

Ethernet is the most common technology implementing a LAN. Wi-Fi

(IEEE) is another very popular LAN technology.

The AT-WA7400 Management Software allows you to configure two different LANs on the same access point: one for a secure internal LAN and another for a public guest network with no security and little or no access to internal resources. To configure these networks, you need to provide both wireless and Ethernet (wired) settings.

Information on how to configure the Ethernet (wired) settings is provided in the sections below.

The AT-WA7400 Management Software is shipped with the guest access feature disabled by default.

To provide guest access on your access point, perform the following procedure:

1. From the main menu, select Advanced > Ethernet (Wired) Settings.

Enabling or

Disabling Virtual

Wireless

Networks on the

Access Point

The Ethernet (Wired) Settings page is shown in Figure 30 on page 88.

2. For the Guest Access setting, choose one of the following:

 Click Enabled to enable guest access.

 Click Disabled to disable guest access.

3. Click Update to save your changes.

If you want to configure the internal network as a VLAN (whether or not you have a guest network configured), you must enable virtual wireless networks on the AT-WA7400 Wireless Access Point.

To enable or disable virtual wireless networks on the access point, perform the following procedure:

1. From the main menu, select Advanced > Ethernet (Wired) Settings.

The Ethernet (Wired) Settings page is shown in Figure 30 on page 88.

Page 91

AT-WA7400 Management Software User’s Guide

2. For the Virtual Wireless Networks setting, select one of the following:

 Select Enabled to enable VLANs for the internal network and for

additional networks. If you choose this option, you can run the internal network on a VLAN whether or not you have guest access configured and you can set up additional networks on VLANs using the Advanced > Virtual Wireless Networks page as described in Chapter 12, “VLANs” on page 139.

 Select Disabled to disable the VLAN for the internal network, and

for any additional virtual networks on this access point.

3. Click Update to save your changes.

Page 92

Chapter 8: Configuring Ethernet (Wired) Settings

Enabling or Disabling Spanning Tree

The AT-WA7400 Management Software allows you to enable or disable spanning tree through both the wired and wireless interfaces.

To enable or disable spanning tree, perform the following procedure:

1. From the main menu, select Advanced > Ethernet (Wired) Settings.

The Ethernet (Wired) Settings page is shown in Figure 30 on page 88.

2. For the Spanning Tree Protocol setting, choose one of the following:

 Click Enabled to enable spanning tree.

 Click Disabled to disable spanning tree.

Page 93

AT-WA7400 Management Software User’s Guide

Configuring the Internal Interface Ethernet Settings

To configure Ethernet (wired) settings for the internal LAN, perform the following procedure:

1. From the main menu, select Advanced > Ethernet (Wired) Settings.

The Ethernet (Wired) Settings page is shown in Figure 30 on page 88.

2. In the Internal Interface Settings section, configure the following settings:

MAC Address

Shows the MAC address for the internal interface for the Ethernet port on this access point. This is a read-only field that you cannot change.

VLAN ID

If you choose to configure internal and guest networks by VLANs, this field is enabled. Enter a number between 1 and 4094 for the internal VLAN.

This causes the access point to send DHCP requests with the VLAN tag. The switch and the DHCP server must support VLAN IEEE

802.1Q frames. The access point must be able to reach the DHCP

server.

Check with the Administrator regarding the VLAN and DHCP configurations.

PHY Type

The speed and duplex settings for the LAN (Ethernet) port. The options are: Auto -The speed and duplex are automatically selected. (recommended) 10Mbps Full - 10Mbps and full duplex. 10Mbps Half - 10Mbps and half duplex. 100Mbps Full - 100Mbps and full duplex. 100Mbps Half - 100Mbps and half duplex.

Secure Management

This selection enables or disables the Management IP Address field: Enabled - Only the client with the IP address specified in the next selection can manage the access point. Disabled - Even if an IP address for a wireless client is specified, no client can manage the AP.

Management IP Address

The IP address of a wireless client that can manage the access point.

Deny Management via WLAN

If checked, disables management access to the access point by a

Page 94

Chapter 8: Configuring Ethernet (Wired) Settings

wireless client associated with the AP, even if its IP address is defined in the Management IP Address field.

Connection Type

Select one of the following:

DHCP - The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows a centralized server to provide network configuration information to devices on the network. This information includes the IP address and netmask plus the address of its DNS servers and gateway.

Static IP - Static IP indicates that all network settings are provided manually. You must provide the IP address for the AT-WA7400 Wireless Access Point, its subnet mask, the IP address of the default gateway, and the IP address of at least one DNS nameserver.

If you select DHCP, the AT-WA7400 Wireless Access Point acquires its IP address, subnet mask, and DNS and gateway information from the DHCP Servers.

Caution

If you do not have a DHCP server on the internal network and do not plan to use one, the first thing you must do after you deploy the first access point is to verify that the connection type is set to Static IP. When you change the connection type to Static IP, you can either assign a new static IP address to the AT-WA7400 Wireless Access Point or continue using the default address. Allied Telesyn recommends assigning a new address so that if later you bring up another AT-WA7400 Access Point on the same network, the IP addresses for the two access points will be unique.

If you need to recover the default Static IP address, you can do so by resetting the access point to the factory defaults as described in “Resetting the Configuration to Factory Defaults” on page 206.

If you selected Static IP, configure the following settings:

Static IP Address

The static IP address.

Subnet Mask

The subnet mask. Obtain this information from your ISP or network administrator.

Default Gateway

The default gateway.

DNS Nameservers

The Domain Name Service (DNS) is a system that resolves the descriptive name (domainname) of a network resource (for example,

Page 95

AT-WA7400 Management Software User’s Guide

www.alliedtelesyn.com) to its numeric IP address (for example,

66.93.138.219). A DNS server is called a Nameserver.

There are usually two Nameservers; a Primary Nameserver and a Secondary Nameserver.

3. Choose Dynamic or Manual mode.

If you choose Manual, you should assign static IP addresses manually.

If you choose Dynamic, the IP addresses for the DNS servers is assigned automatically through DHCP. (This option is only available if you specified DHCP for the Connection Type.)

4. Click Update to save your changes.

Page 96

Chapter 8: Configuring Ethernet (Wired) Settings

Configuring the Guest Interface Settings

The guest interface settings allows a wireless client limited access to the network, for instance, to the Internet.

To configure the guest interface settings, perform the following procedure:

1. From the main menu, select Advanced > Ethernet (Wired) Settings.

The Ethernet (Wired) Settings page is shown in Figure 30 on page 88.

2. In the Guest Interface Settings section, configure the following settings:

MAC Address

Shows the MAC address for the internal interface for the Ethernet port on this access point. This is a read-only field that you cannot change.

VLAN ID

The ID number of the VLAN associated with the guest.

Subnet

The subnet mask of the subnetwork of which the guest is a member.

3. Click Update to save your changes.

Page 97

Chapter 9 Configuring the Wireless Settings

Wireless settings describe aspects of the local area network (LAN) related specifically to the radio device in the access point (802.11 mode and

channel) and to the network interface to the access point (MAC address

for access point and wireless network name, also known as SSID).

The following sections describe how to configure the wireless address and related settings on the AT-WA7400 Wireless Access Point:

 “Configuring 802.11d Regulatory Domain Support” on page 98

 “Configuring the Radio Interface” on page 100

 “Configuring Internal Wireless LAN Settings” on page 102

 “Configuring the Guest Network Wireless Settings” on page 103

Page 98

Chapter 9: Configuring the Wireless Settings

Configuring 802.11d Regulatory Domain Support

You can enable or disable IEEE 802.11d regulatory domain support to broadcast the access point country code information.

To configure the IEEE 802.11d regulatory domain support, perform the following procedure:

1. From the main menu, select Advanced > Wireless Settings.

The Wireless Settings page is shown in Figure 31.

Figure 31. Wireless Settings Page

2. Enable or disable the regulatory domain support setting:

Enabling support for IEEE 802.11d on the access point causes the access point to broadcast which country it is operating in as a part of its beacons:

 To enable 802.11d regulatory domain support click Enabled.

 To disable 802.11d regulatory domain support click Disabled.

Page 99

AT-WA7400 Management Software User’s Guide

3. Choose the regulatory domain from the Regulatory Domain (Country Code) list.

4. Click Update to save your settings

Page 100

Chapter 9: Configuring the Wireless Settings

Configuring the Radio Interface

The radio interface allows you to set the radio channel and 802.11 mode for each radio.

To configure the radio interface, perform the following procedure:

1. From the main menu, select Advanced > Wireless Settings.

The Wireless Settings page is shown in Figure 31 on page 98.

2. In the Radio Interface sections one and two, configure the following settings:

Mode

The Mode defines the Physical Layer (PHY) standard being used by the radio.

The AT-WA7400 Wireless Access Point is available as a single or dual band access point with one or two radios. The configuration options for Mode differ depending on which product you have.

Single-Band Access Point - For the single-band access point, select one of these modes:

 IEEE 802.11b

 IEEE 802.11g

 Atheros Turbo 2.4 GHz

 Atheros Dynamic Turbo 2.4 GHz

Dual-Band Access Point - For the dual band access point, select one of these modes for each Radio Interface.

 IEEE 802.11b

 IEEE 802.11g

 IEEE 802.11a

 Atheros Turbo 5 GHz (IEEE 802.11a Turbo)

Wireless Network Name (SSID)

The name for all wireless access points on this network. You cannot change this name on this page. To change this name, refer to “Configuring the Basic Settings and Starting the Wireless Network” on page 37.

100

Channel

Select the Channel. The range of channels and the default is determined by the Mode of the radio interface.

Allied Telesis AT-WA7400/EU User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

Figures

Tables

Preface

Where to Find Web-based Guides

Contacting Allied Telesyn

Online Support You can request technical support online by accessing the Allied Telesyn

Chapter 1

Preparing to Set Up the AT-WA7400 Wireless Access Point

Setting Up the Administrator’s Computer

Setting Up the Wireless Client Computers

Understanding Dynamic and Static IP Addressing on the AT-WA7400 Management Software

Chapter 2

Setting up the AT-WA7400 Management Software

Running KickStart to Find Access Points on the Network

Logging in to the AT-WA7400 Management Software

Navigating the Web Pages

Links

Menu

Help

Configuring the Basic Settings and Starting the Wireless Network

Next Steps

Logging in After the Initial Setup

Chapter 3

Managing Access Points and Clusters

Understanding Clustering

Settings Shared in the Cluster Configuration

Settings Not Shared by the Cluster

Cluster Mode When an access point is a cluster member, it is considered to be in cluster

Standalone Mode The AT-WA7400 Wireless Access Point can be configured in standalone

Understanding and Changing Access Point Settings

Adding an Access Point to a Cluster

Navigating to Configuration Information for a Specific Access Point and Managing Standalone Access Points

Configuring MAC Address Filtering

MAC Filtering of Rogue Access Points

Chapter 4

Managing User Accounts

Adding a User

Editing a User Account

Backing Up and Restoring a User Database

Chapter 5

Session Monitoring

Viewing Sessions Information

Chapter 6

Channel Management

Understanding Channel Management

Displaying the Channel Management Settings

Configuring the Channel Management Settings

Chapter 7

Wireless Neighborhoods

Understanding Wireless Neighborhood Information

Displaying the Wireless Neighborhood Information

Viewing Details of a Cluster Member

Chapter 8

Configuring Ethernet (Wired) Settings

Setting the DNS Name

Enabling or Disabling Guest Access

Enabling or Disabling Spanning Tree

Configuring the Internal Interface Ethernet Settings

Configuring the Guest Interface Settings

Chapter 9

Configuring the Wireless Settings

Configuring 802.11d Regulatory Domain Support

Configuring the Radio Interface