Allied Telesis AT-WA7400/NA User Manual

User’s Guide
Management Software
AT-WA7400/NA
613-000486 Rev. B
Copyright © 2007 Allied Telesynsyn, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc. Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Netscape Navigator is a registered
Allied Telesyn, Inc. reserves the right to make changes in specifications and other information contained in this document without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied Telesyn, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesyn, Inc. has been advised of, known, or should have known, the possibility of such damages.

Contents

Preface ................................................................................................................................................................................15
Where to Find Web-based Guides .......................................................................................................................................16
Contacting Allied Telesyn .....................................................................................................................................................17
Online Support ..............................................................................................................................................................17
Email and Telephone Support .......................................................................................................................................17
Warranty........................................................................................................................................................................17
Returning Products........................................................................................................................................................17
Sales or Corporate Information .....................................................................................................................................17
Management Software Updates ....................................................................................................................................17
Chapter 1: Preparing to Set Up the AT-WA7400 Wireless Access Point ......................................................................19
Setting Up the Administrator’s Computer .............................................................................................................................20
Setting Up the Wireless Client Computers ...........................................................................................................................22
Understanding Dynamic and Static IP Addressing on the AT-WA7400 Management Software ..........................................23
Dynamic IP Addressing .................................................................................................................................................23
Static IP Addressing ......................................................................................................................................................23
Recovering an IP Address.............................................................................................................................................24
Chapter 2: Setting up the AT-WA7400 Management Software ......................................................................................25
Running KickStart to Find Access Points on the Network ....................................................................................................26
Installing KickStart on the Administrator’s PC ...............................................................................................................30
Logging in to the AT-WA7400 Management Software ................................................................................
Navigating the Web Pages ...................................................................................................................................................36
Links ..............................................................................................................................................................................36
Menu .............................................................................................................................................................................36
Help ...............................................................................................................................................................................36
Configuring the Basic Settings and Starting the Wireless Network ......................................................................................37
Configuring the Basic Settings ......................................................................................................................................37
Default Configuration.....................................................................................................................................................40
Next Steps ............................................................................................................................................................................41
Make Sure the Access Point is Connected to the LAN .................................................................................................41
Test LAN Connectivity with Wireless Clients.................................................................................................................41
Secure and Fine-Tune the Access Point Using Advanced Features.............................................................................41
Logging in After the Initial Setup...........................................................................................................................................42
Chapter 3: Managing Access Points and Clusters .........................................................................................................43
Understanding Clustering .....................................................................................................................................................44
What is a Cluster? .........................................................................................................................................................44
How Many Access Points Can a Cluster Support? .......................................................................................................44
What Kinds of Access Points Can Cluster Together? ...................................................................................................44
What is the Relationship of the Master Access Point to Other Cluster Members?........................................................44
Which Settings are Shared as Part of the Cluster Configuration and Which Are Not? .................................................45
Settings Shared in the Cluster Configuration .........................................................................................................45
Settings Not Shared by the Cluster........................................................................................................................45
Cluster Mode .................................................................................................................................................................46
Standalone Mode ..........................................................................................................................................................46
Cluster Formation..........................................................................................................................................................47
Cluster Size and Membership .......................................................................................................................................47
Intra-Cluster Security.....................................................................................................................................................47
Auto-Synch of Cluster Configuration .............................................................................................................................47
Understanding and Changing Access Point Settings ...........................................................................................................48
.........................34
3
Contents
Modifying the Location Description................................................................................................................................49
Removing an Access Point from the Cluster .................................................................................................................49
Adding an Access Point to a Cluster .............................................................................................................................50
Navigating to Configuration Information for a Specific Access Point and Managing Standalone Access Points .................52
Navigating to an Access Point by Using its IP Address in a URL..................................................................................52
Configuring MAC Address Filtering.......................................................................................................................................53
MAC Filtering of Rogue Access Points .................................................................................................................................55
Chapter 4: Managing User Accounts ...............................................................................................................................57
Adding a User .......................................................................................................................................................................58
Editing a User Account .........................................................................................................................................................60
Enabling a User Account ...............................................................................................................................................60
Disabling a User Account ..............................................................................................................................................61
Removing a User Account.............................................................................................................................................61
Backing Up and Restoring a User Database ........................................................................................................................62
Backing Up the User Database .....................................................................................................................................62
Restoring a User Database from a Backup File ............................................................................................................63
Chapter 5: Session Monitoring .........................................................................................................................................65
Viewing Sessions Information...............................................................................................................................................66
Viewing Specific Session Information............................................................................................................................67
Sorting Session Information ..........................................................................................................................................68
Chapter 6: Channel Management .....................................................................................................................................69
Understanding Channel Management ..................................................................................................................................70
How it Works in a Nutshell.............................................................................................................................................70
Overlapping Channels ...................................................................................................................................................70
Example: A Network Before and After Channel Management.......................................................................................71
Displaying the Channel Management Settings .....................................................................................................................72
Configuring the Channel Management Settings ...................................................................................................................73
Stopping or Starting Automatic Channel Assignment....................................................................................................73
Viewing Current Channel Assignments and Setting Locks..........................................................................
Updating the Current Channel Settings Manually..........................................................................................................74
Viewing the Last Proposed Set of Changes ..................................................................................................................74
Configuring Advanced Settings (Customizing and Scheduling Channel Plans) ............................................................75
..................73
Chapter 7: Wireless Neighborhoods ................................................................................................................................79
Understanding Wireless Neighborhood Information .............................................................................................................80
Displaying the Wireless Neighborhood Information ..............................................................................................................81
Viewing Details of a Cluster Member....................................................................................................................................84
Chapter 8: Configuring Ethernet (Wired) Settings ..........................................................................................................87
Setting the DNS Name..........................................................................................................................................................88
Enabling or Disabling Guest Access.....................................................................................................................................90
Configuring an Internal LAN and a Guest Network........................................................................................................90
Enabling or Disabling Guest Access..............................................................................................................................90
Enabling or Disabling Virtual Wireless Networks on the Access Point ..........................................................................90
Enabling or Disabling Spanning Tree ...................................................................................................................................92
Configuring the Internal Interface Ethernet Settings.............................................................................................................93
Configuring the Guest Interface Settings..............................................................................................................................96
Chapter 9: Configuring the Wireless Settings ................................................................................................................97
Configuring 802.11d Regulatory Domain Support ................................................................................................................98
Configuring the Radio Interface ..........................................................................................................................................100
Configuring Internal Wireless LAN Settings........................................................................................................................102
Configuring the Guest Network Wireless Settings..............................................................................................................103
Chapter 10: Configuring Security ...................................................................................................................................105
Understanding Security Issues on Wireless Networks ......................................................................................................106
How Do I Know Which Security Mode to Use?............................................................................................................106
Comparison of Security Modes for Key Management, Authentication and Encryption Algorithms .............................107
When to Use Plain Text........................................................................................................................................107
When to Use Static WEP .....................................................................................................................................107
4
AT+WA7400 Management Software User’s Guide
When to Use IEEE 802.1x ...................................................................................................................................108
When to Use WPA/WPA2 Personal (PSK) ..........................................................................................................110
When to Use WPA/WPA2 Enterprise (RADIUS)..................................................................................................111
Does Prohibiting the Broadcast SSID Enhance Security? ..........................................................................................113
How Does Station Isolation Protect the Network?.......................................................................................................113
Configuring Security Settings .............................................................................................................................................114
Broadcast SSID, Station Isolation, and Security Mode ...............................................................................................114
Plain Text ....................................................................................................................................................................115
Guest Network .....................................................................................................................................................116
Static WEP ..................................................................................................................................................................116
Rules to Remember for Static WEP.....................................................................................................................119
Example of Using Static WEP..............................................................................................................................119
Static WEP with Transfer Key Indexes on Client Stations ........................................................................... 120
IEEE 802.1x ................................................................................................................................................................121
WPA/WPA2 Personal (PSK) .......................................................................................................................................123
WPA/WPA2 Enterprise (RADIUS)...............................................................................................................................125
Configuring the IAPP Mapping Table .................................................................................................................................129
Configuring SNMP..............................................................................................................................................................131
Chapter 11: Setting Up Guest Access ...........................................................................................................................133
Understanding the Guest Interface .....................................................................................................................................134
Configuring the Guest Interface................................................................................................
Configuring a Guest Network on a Virtual LAN ...........................................................................................................135
Configuring the Welcome Screen (Captive Portal)......................................................................................................136
Using the Guest Network as a Client..................................................................................................................................137
..........................................135
Chapter 12: VLANs ..........................................................................................................................................................139
Configuring VLANs .............................................................................................................................................................140
Configuring the Management VLAN ...................................................................................................................................143
Chapter 13: Configuring Radio Settings .......................................................................................................................145
Understanding Radio Settings............................................................................................................................................146
Configuring Radio Settings.................................................................................................................................................147
Configuring the Rate Sets ..................................................................................................................................................152
Chapter 14: Load Balancing ...........................................................................................................................................155
Understanding Load Balancing ..........................................................................................................................................156
Identifying the Imbalance: Overworked or Under-utilized Access Points ....................................................................156
Specifying Limits for Utilization and Client Associations .............................................................................................156
Load Balancing and QoS ............................................................................................................................................156
Configuring Load Balancing ...............................................................................................................................................157
Chapter 15: Configuring Quality of Service (QoS) .......................................................................................................161
Understanding QoS ............................................................................................................................................................162
QoS and Load Balancing ............................................................................................................................................162
802.11e and WMM Standards Support .......................................................................................................................162
QoS Queues and Parameters to Coordinate Traffic Flow ...........................................................................................162
QoS Queues and Type of Service (ToS) on Packets...........................................................................................163
EDCF Control of Data Frames and Arbitration Interframe Spaces ......................................................................164
Random Backoff and Minimum / Maximum Contention Windows........................................................................165
Packet Bursting for Better Performance...............................................................................................................166
Transmission Opportunity (TXOP) Interval for Client Stations ...................................................................
Configuring QoS Queues ...................................................................................................................................................167
Configuring AP EDCA Parameters..............................................................................................................................168
Enabling/Disabling Wi-Fi Multimedia...........................................................................................................................170
Configuring Station EDCA Parameters .......................................................................................................................171
..........166
Chapter 16: Configuring the Wireless Distribution System (WDS) .............................................................................173
Understanding the Wireless Distribution System................................................................................................................174
Using WDS to Bridge Distant Wired LANs ..................................................................................................................174
Using WDS to Extend the Network Beyond the Wired Coverage Area.......................................................................174
Backup Links and Unwanted Loops in WDS Bridges..................................................................................................175
5
Contents
Security Considerations Related to WDS Bridges.......................................................................................................175
WDS Guidelines ..........................................................................................................................................................176
Configuring WDS Settings ..................................................................................................................................................178
Example of Configuring a WDS Link ...........................................................................................................................181
Chapter 17: Maintenance and Monitoring .....................................................................................................................183
Monitoring Wired and Wireless LAN Settings.....................................................................................................................184
Viewing the Event Logs ......................................................................................................................................................186
Log Relay Host for Kernel Messages ..........................................................................................................................187
Setting Up the Log Relay Host .............................................................................................................................187
Enabling or Disabling the Log Relay Host ............................................................................................................188
Events Log...................................................................................................................................................................188
Viewing the Transmit/Receive Statistics.............................................................................................................................190
Viewing the Associated Wireless Clients............................................................................................................................192
Link Integrity Monitoring ..............................................................................................................................................192
What is the Difference Between an Association and a Session? ................................................................................192
Viewing the Status of Neighboring Access Points ..............................................................................................................193
Viewing System Information ...............................................................................................................................................197
Setting the Administrator Password....................................................................................................................................199
Enabling the Network Time Protocol (NTP) Server ............................................................................................................202
Setting the HTTP Timeout ..................................................................................................................................................204
Rebooting the Access Point................................................................................................................................................205
Resetting the Configuration to Factory Defaults .................................................................................................................206
Upgrading the Firmware .....................................................................................................................................................207
Verifying the Firmware Upgrade..................................................................................................................................208
SNMP Firmware Upgrade...................................................................................................................................................209
Chapter 18: Backing Up and Restoring a Configuration ..............................................................................................211
Backing up the Configuration Settings for an Access Point................................................................................................212
Restoring Access Point Settings to a Previous Configuration ............................................................................................213
Appendix A: Management Software Default Settings ..................................................................................................215
Appendix B: Configuring Security on Wireless Clients ...............................................................................................217
Network Infrastructure and Choosing Between the Built-in or External Authentication Server...........................................219
I Want to Use the Built-in Authentication Server (EAP-PEAP) ....................................................................................219
I Want to Use an External RADIUS Server with EAP-TLS Certificates or EAP-PEAP................................................21
Make Sure the Wireless Client Software is Up to Date.......................................................................................................220
Accessing the Microsoft Windows Wireless Client Security Settings .................................................................................221
Configuring a Client to Access an Unsecure Network (Plain Text mode)....................................................................223
Configuring Static WEP Security on a Client ...............................................................................................................224
Connecting to the Wireless Network with a Static WEP Client.............................................................................226
Configuring IEEE 802.1x Security on a Client .............................................................................................................227
IEEE 802.1x Client Using EAP/PEAP ..................................................................................................................227
IEEE 802.1x Client Using EAP/TLS Certificate ....................................................................................................231
Configuring WPA/WPA2 Enterprise (RADIUS) Security on a Client...................................................................................236
WPA/WPA2 Enterprise (RADIUS) Client Using EAP/PEAP........................................................................................236
WPA/WPA2 Enterprise (RADIUS) Client Using EAP-TLS Certificate .........................................................................241
Configuring WPA/WPA2 Personal (PSK) Security on a Client ...........................................................................................245
Configuring an External RADIUS Server to Recognize the AT-WA7400 Wireless Access Point .......................................248
Obtaining a TLS-EAP Certificate for a Client ......................................................................................................................253
Appendix C: Troubleshooting ........................................................................................................................................259
Wireless Distribution System (WDS) Problems and Solutions ...........................................................................................260
Cluster Recovery ................................................................................................................................................................261
Reboot or Reset the Access Point...............................................................................................................................261
Stop Clustering and Reset Each Access Point in the Cluster.....................................................................
.................261
9
Appendix D: Command Line Interface (CLI) for Access Point Configuration ............................................................265
Comparison of Settings Configurable with the CLI and Web UI .........................................................................................266
Accessing the CLI for an Access Point...............................................................................................................................269
Telnet Connection to the Access Point........................................................................................................................269
6
AT+WA7400 Management Software User’s Guide
SSH Connection to the Access Point ..........................................................................................................................270
Quick View of Commands and How to Get Help ................................................................................................................272
Commands and Syntax ...............................................................................................................................................272
Getting Help on Commands at the CLI........................................................................................................................275
Command Usage and Configuration Examples..................................................................................................................278
Understanding Interfaces as Presented in the CLI......................................................................................................278
Saving Configuration Changes....................................................................................................................................281
Basic Settings..............................................................................................................................................................282
Get the IP Address for the Internal Interface on an Access Point ........................................................................283
Get the MAC Address for an Access Point ..........................................................................................................283
Get Both the IP Address and MAC Address ........................................................................................................283
Get Common Information on All Interfaces for an Access Point ..........................................................................284
Get the Firmware Version for the Access Point ...................................................................................................284
Get the Location of the Access Point ...................................................................................................................284
Set the Location for an Access Point ...................................................................................................................285
Get the Current Password....................................................................................................................................285
Set the Password .................................................................................................................................................285
Get the Wireless Network Name (SSID) ..............................................................................................................285
Set the Wireless Network Name (SSID)...............................................................................................................285
Access Point and Cluster Settings ..............................................................................................................................285
Determine if the Access Point is a Cluster Member or in Standalone Mode........................................................286
Get MAC Addresses for all Access Points in the Cluster.....................................................................................286
Configure the Access Point as a Member of a Cluster.........................................................................................286
Configure the Access Point as a Standalone Device ...........................................................................................287
User Accounts .............................................................................................................................................................287
Get All User Accounts ..........................................................................................................................................287
Add Users ............................................................................................................................................................288
Remove a User Account ......................................................................................................................................289
Displaying Status.........................................................................................................................................................289
Get Common Information on the Internal Interface for the Access Point.............................................................291
Get Current Settings for the Ethernet (Wired) Internal Interface..........................................................................291
Get All Wired Settings for the Wired Internal Interface ................................................................................ 292
Get the MAC Address for the Wired Internal Interface................................................................................. 292
Get the Network Name (SSID) for the Wired Internal Interface ................................................................... 292
Get Current Settings for the Ethernet (Wired) Guest Interface ............................................................................292
Get Current Wireless (Radio) Settings.................................................................................................................293
Get the Current IEEE 802.11 Radio Mode................................................................................................... 293
Get the Channel the Access Point is Currently Using.................................................................................. 293
Get Basic Radio Settings for the Internal Interface ...................................................................................... 293
Get All Radio Settings on the Internal Interface ........................................................................................... 294
Get Status on Events ...........................................................................................................................................295
Enable Remote Logging and Specify the Log Relay Host for the Kernel Log......................................................295
Prerequisites for Remote Logging ............................................................................................................... 295
View Log Settings ........................................................................................................................................ 295
Enable / Disable Log Relay Host ................................................................................................................. 296
Specify the Relay Host................................................................................................................................. 296
Specify the Relay Port ................................................................................................................................. 297
Review Log Settings After Configuring Log Relay Host............................................................................... 297
Get Transmit / Receive Statistics .........................................................................................................................297
Get Client Associations ........................................................................................................................................299
Get Neighboring Access Points ...........................................................................................................................299
Ethernet (Wired) Interface ...........................................................................................................................................301
Get Summary View of Internal and Guest Interfaces ...........................................................................................302
Get the DNS Name ..............................................................................................................................................302
Set the DNS Name...............................................................................................................................................302
Get Wired Internal Interface Settings...................................................................................................................302
Get Wired Guest Interface Settings .....................................................................................................................302
Set DNS Nameservers to Use Static IP Addresses (Dynamic to Manual Mode) .................................................303
Set DNS Nameservers to Use DHCP IP Addressing (Manual to Dynamic Mode)...............................................303
Setting Up the Wireless Interface................................................................................................................................304
7
Contents
Setting Up Security......................................................................................................................................................304
Get the Current Security Mode.............................................................................................................................305
Get Detailed Description of Current Security Settings..........................................................................................305
Set the Broadcast SSID (Allow or Prohibit) ..........................................................................................................306
Enable/Disable Station Isolation...........................................................................................................................306
Set Security to Plain Text .....................................................................................................................................307
Set Security to Static WEP...................................................................................................................................307
Set the Security Mode.................................................................................................................................. 307
Set the Transfer Key Index .......................................................................................................................... 307
Set the Key Length....................................................................................................................................... 307
Set the Key Type.......................................................................................................................................... 308
Set the WEP Keys........................................................................................................................................ 308
Set the Authentication Algorithm.................................................................................................................. 309
Get Current Security Settings After Re-Configuring to Static WEP Security Mode...................................... 309
Set Security to IEEE 802.1x .................................................................................................................................312
Set the Security Mode.................................................................................................................................. 312
Set the Authentication Server ...................................................................................................................... 312
Set the RADIUS Key (For External RADIUS Server Only)........................................................................... 313
Enable RADIUS Accounting (External RADIUS Server Only)...................................................................... 313
Get Current Security Settings After Re-Configuring to IEEE 802.1x Security Mode.................................... 314
Set Security to WPA/WPA2 Personal (PSK)........................................................................................................315
Set Security to WPA/WPA2 Enterprise (RADIUS) ...............................................................................................318
Set the Security Mode.................................................................................................................................. 318
Set the WPA Versions.................................................................................................................................. 318
Enable Pre-Authentication ........................................................................................................................... 318
Set the Cipher Suites ................................................................................................................................... 319
Set the Authentication Server ...................................................................................................................... 320
Set the RADIUS Key (For External RADIUS Server Only)...........................................................................
Enable RADIUS Accounting (External RADIUS Server Only)...................................................................... 321
Allow Non-WPA Clients................................................................................................................................ 321
Get Current Security Settings After Reconfiguring to WPA/WPA2 Enterprise (RADIUS)............................ 321
Enabling and Configuring the Guest Login Welcome Page.........................................................................................323
View Guest Login Settings ...................................................................................................................................323
Enable/Disable the Guest Welcome Page ...........................................................................................................324
Set Guest Welcome Page Text ............................................................................................................................324
Review Guest Login Settings ...............................................................................................................................324
Configuring Multiple BSSIDs on Virtual Wireless Networks ........................................................................................325
Configuring Virtual Wireless Network “One” on Radio One..................................................................................325
Configure These Settings from the Web UI First.......................................................................................... 325
Use the CLI to Configure Security on the Interface...................................................................................... 325
Use the CLI to set the Network Name (SSID) for the New Virtual Wireless Network .................................. 326
Creating VWN “Two” on Radio One with WPA security .......................................................................................326
Radio Settings .............................................................................................................................................................326
Get IEEE 802.11 Radio Mode ..............................................................................................................................326
Get Radio Channel ...............................................................................................................................................327
Get Basic Radio Settings .....................................................................................................................................327
Get All Radio Settings ..........................................................................................................................................327
Get Supported Rate Set .......................................................................................................................................328
Get Basic Rate Set...............................................................................................................................................329
Configure Radio Settings .....................................................................................................................................329
Turn the Radio On or Off.............................................................................................................................. 329
Set the Radio Mode ..................................................................................................................................... 329
Enable or Disable Super AG ........................................................................................................................ 330
Set the Radio Channel ..........................................................................................................
Set the Beacon Interval................................................................................................................................ 330
Set the DTIM Period..................................................................................................................................... 330
Set the Fragmentation Threshold................................................................................................................. 331
Set the RTS Threshold................................................................................................................................. 331
Configure Basic and Supported Rate Sets .................................................................................................. 331
MAC Filtering...............................................................................................................................................................333
....................... 330
320
8
AT+WA7400 Management Software User’s Guide
Specify an Accept or Deny List ............................................................................................................................333
Add MAC Addresses of Client Stations to the Filtering List .................................................................................334
Remove a Client Station’s MAC Address from the Filtering List ..........................................................................334
Getting Current MAC Filtering Settings................................................................................................................335
Get the Type of MAC Filtering List Currently Set (Accept or Deny) ............................................................. 335
Get MAC Filtering List.................................................................................................................................. 335
Load Balancing............................................................................................................................................................335
Quality of Service ........................................................................................................................................................336
Enable/Disable Wi-Fi Multimedia .........................................................................................................................338
About Access Point and Station EDCA Parameters ............................................................................................338
Understanding the Queues for Access Point and Station ....................................................................................339
Distinguishing between Access Point and Station Settings in QoS Commands ..................................................339
Get QoS Settings on the Access Point ................................................................................................................339
Get QoS Settings on the Client Station................................................................................................................340
Set Arbitration Interframe Spaces (aifs) ...............................................................................................................340
Set AIFs on the Access Point ...................................................................................................................... 340
Set AIFs on the Client Station...................................................................................................................... 341
Set Minimum and Maximum Contention Windows (cwmin, cwmax)....................................................................341
Set cwmin and cwmax on the Access Point ................................................................................................ 342
Set cwmin and cwmax on the Station .......................................................................................................... 342
Set the Maximum Burst Length (burst) on the Access Point................................................................................343
Set Transmission Opportunity Limit (txop-limit) for WMM client stations .............................................................344
Wireless Distribution System.......................................................................................................................................344
Configure a WDS Link..........................................................................................................................................345
Enable the WDS interface (wlan0wds0) on the current access point: ......................................................... 345
Provide the MAC address of the remote access point to which you want to link: ........................................ 345
Get Details on a WDS Configuration....................................................................................................................345
Time Protocol ..............................................................................................................................................................347
Rebooting the Access Point ........................................................................................................................................348
Resetting the Access Point to the Factory Defaults ....................................................................................................348
Keyboard Shortcuts and Tab Completion Help ..................................................................................................................349
Keyboard Shortcuts.....................................................................................................................................................349
Tab Completion and Help............................................................................................................................................350
CLI Classes and Fields Reference .....................................................................................................................................354
Appendix E: Radio Bands ...............................................................................................................................................357
Index .................................................................................................................................................................................359
9
Contents
10

Figures

Figure 1. AT-WA7400 CD Main Page..................................................................................................................................27
Figure 2. KickStart Page......................................................................................................................................................27
Figure 3. KickStart Welcome Dialog Box.............................................................................................................................28
Figure 4. KickStart Search Results Dialog Box ...................................................................................................................28
Figure 5. Administration Dialog Box ....................................................................................................................................29
Figure 6. KickStart Setup Wizard Dialog Box ......................................................................................................................30
Figure 7. Select Installation Folder Dialog Box....................................................................................................................31
Figure 8. KickStart Setup Disk Space Dialog Box ...............................................................................................................31
Figure 9. KickStart Installation Confirmation Dialog Box .....................................................................................................32
Figure 10. Installing KickStart Dialog Box............................................................................................................................32
Figure 11. KickStart Installation Complete Dialog Box ........................................................................................................33
Figure 12. Login Dialog Box ................................................................................................................................................34
Figure 13. Basic Settings Page ...........................................................................................................................................35
Figure 14. Navigational Aids................................................................................................................................................36
Figure 15. Summary of Settings Page.................................................................................................................................40
Figure 16. Default Web Page ..............................................................................................................................................42
Figure 17. Access Points Page ...........................................................................................................................................48
Figure 18. Settings of Access Point that Joined the Cluster................................................................................................50
Figure 19. MAC Filtering Page ............................................................................................................................................53
Figure 20. Configure Rogue MAC Filtering of Access Point Page ......................................................................................55
Figure 21. User Management Page.....................................................................................................................................58
Figure 22. User Accounts Section .......................................................................................................................................60
Figure 23. Backup or Restore User Database Page ...........................................................................................................62
Figure 24. Sessions Page ...................................................................................................................................................66
Figure 25. Without Automatic Channel Management: Access Points Can Broadcast on Overlapping Channels ............... 71
Figure 26. With Channel Management Enabled: Access Points are Re-Assigned to Non-Interfering Channels ................71
Figure 27. Channel Management Page...............................................................................................................................72
Figure 28. Wireless Neighborhood Page.............................................................................................................................81
Figure 29. Neighbor Details Information ..............................................................................................................................84
Figure 30. Ethernet (Wired) Settings Page..........................................................................................................................88
Figure 31. Wireless Settings Page .............................................................................................
Figure 32. Security Page ...................................................................................................................................................114
Figure 33. Static WEP Security Mode Settings .................................................................................................................117
Figure 34. Setting the AP Transfer Key on the Access Point............................................................................................119
Figure 35. Providing a Wireless Client with a WEP Key....................................................................................................120
Figure 36. Example of Using Multiple WEP Keys and Transfer Key Index on Client Stations ..........................................121
Figure 37. IEEE 802.1x Security Mode Settings................................................................................................................122
Figure 38. WPA/WPA2 Personal (PSK) Security Mode Settings ......................................................................................124
Figure 39. WPA/WPA2 Enterprise (RADIUS) Security Mode Settings..............................................................................126
Figure 40. IAPP Map Table ...............................................................................................................................................129
Figure 41. SNMP Configuration Page ...............................................................................................................................131
Figure 42. Guest Login Configuration Page ......................................................................................................................136
Figure 43. Virtual Wireless Networks Page .......................................................................................................................140
Figure 44. VLAN Management Page.................................................................................................................................143
Figure 45. Radio One Page...............................................................................................................................................147
Figure 46. Radio One Rate Sets .......................................................................................................................................152
Figure 47. Radio Two Rate Sets........................................................................................................................................152
Figure 48. Load Balancing Page .......................................................................................................................................158
Figure 49. Quality of Service Page....................................................................................................................................168
Figure 50. Example Wireless Network...............................................................................................................................174
.........................................98
11
Figures
Figure 51. WDS Bridge......................................................................................................................................................175
Figure 52. Wireless Distribution System Page...................................................................................................................179
Figure 53. Interfaces Page ................................................................................................................................................184
Figure 54. Events Page .....................................................................................................................................................186
Figure 55. Transmit/Receive Statistics Page.....................................................................................................................190
Figure 56. Client Associations Page..................................................................................................................................192
Figure 57. Neighboring Access Points Page .....................................................................................................................193
Figure 58. System Information Page .................................................................................................................................197
Figure 59. Basic Settings Page..........................................................................................................................................200
Figure 60. Time Protocol Page ..........................................................................................................................................202
Figure 61. HTTP TImeout ..................................................................................................................................................204
Figure 62. Reboot Page.....................................................................................................................................................205
Figure 63. Reset Configuration Page.................................................................................................................................206
Figure 64. Upgrade Firmware Page...................................................................................................................................208
Figure 65. Configure SNMP Firmware Upgrade Page.......................................................................................................209
Figure 66. Backup/Restore Page.......................................................................................................................................212
Figure 67. Wireless Network Connections Properties Dialog Box .....................................................................................222
Figure 68. Wireless Network Properties Dialog Box ..........................................................................................................223
Figure 69. Wireless Network Properties Dialog Box ..........................................................................................................224
Figure 70. Security Settings Page .....................................................................................................................................225
Figure 71. Wireless Network Properties Dialog Box ..........................................................................................................226
Figure 72. Security Settings Page .....................................................................................................................................228
Figure 73. Association and Authentication Tabs................................................................................................................228
Figure 74. Protected EAP Properties Dialog Box and EAP Properties Dialog Box ...........................................................230
Figure 75. Security Settings Page .....................................................................................................................................232
Figure 76. Association and Authentication Tabs................................................................................................................233
Figure 77. Smart Card or other Certificate Properties Dialog Box.....................................................................................234
Figure 78. Security Settings Page .....................................................................................................................................237
Figure 79. User Management Accounts Page...................................................................................................................238
Figure 80. Wireless Network Properties Dialog Box ..........................................................................................................239
Figure 81. Protected AP Properties Dialog Box.................................................................................................................240
Figure 82. Security Settings Page .....................................................................................................................................242
Figure 83. Association and Authentication Tabs................................................................................................................243
Figure 84. Smart Card or other Certificate Properties Dialog Box.....................................................................................244
Figure 85. Security Settings Page .....................................................................................................................................245
Figure 86. Association Tab ................................................................................................................................................246
Figure 87. Security Settings Page .....................................................................................................................................249
Figure 88. Internet Authentication Service Window ...........................................................................................................250
Figure 89. New RADIUS Client Dialog Box, Name and Address Dialog Box ....................................................................251
Figure 90. New RADIUS Client Wizard Additional Information Dialog Box .......................................................................251
Figure 91. Internet Authentication Service Window Showing Access Point ......................................................................252
Figure 92. Security Alert Window.......................................................................................................................................254
Figure 93. Certificate Server Welcome Page.....................................................................................................................254
Figure 94. RADIUS Server Login Window .........................................................................................................................255
Figure 95. Request a Certificate Page...............................................................................................................................255
Figure 96. Security Warning Dialog Box............................................................................................................................256
Figure 97. User Certificate Dialog Box...............................................................................................................................256
Figure 98. Potential Scripting Violation Dialog Box............................................................................................................256
Figure 99. Certificate Issued Dialog Box............................................................................................................................257
Figure 100. Potential Scripting Error Dialog Box ...............................................................................................................257
Figure 101. Root Certificate Store Dialog Box...................................................................................................................257
Figure 102. Certificate Installed Confirmation Window......................................................................................................258
Figure 103. Stop Clustering Page......................................................................................................................................262
Figure 104. Reset Configuration Page...............................................................................................................................263
Figure 105. Cluster Management Page .............................................................................................................................263
Figure 106. PuTTY Configuration Dialog Box....................................................................................................................271
Figure 107. CLI Class Relationships..................................................................................................................................355
12

Tables

Table 1. Static WEP Configuration ...................................................................................................................................108
Table 2. IEEE 802.1x Configuration .................................................................................................................................109
Table 3. WPA/WPA2 Configuration ..................................................................................................................................110
Table 4. RADIUS Security ................................................................................................................................................111
Table 5. Worldwide Frequencies for 802.11g and 802.11b Radios ..................................................................................148
Table 6. Management Software Default Settings .............................................................................................................215
Table 7. Comparison of CLI to Web Browser Interface Settings ......................................................................................266
Table 8. Commands and Syntax ......................................................................................................................................273
Table 9. Interfaces in the CLI ...........................................................................................................................................279
Table 10. Basic Settings Commands ................................................................................................................................282
Table 11. Cluster Functions and Commands ...................................................................................................................286
Table 12. User Account Commands .................................................................................................................................287
Table 13. Status Commands ............................................................................................................................................290
Table 14. Wired Interface Commands ..............................................................................................................................301
Table 15. Security Commands .........................................................................................................................................304
Table 16. WEP Key Length Commands ...........................................................................................................................308
Table 17. Key Type Commands .......................................................................................................................................308
Table 18. Authentication Algorithm Commands ...............................................................................................................309
Table 19. Authentication Server Commands ....................................................................................................................312
Table 20. RADIUS Accounting Commands ......................................................................................................................313
Table 21. WPA Version ....................................................................................................................................................315
Table 22. Cipher Commands ............................................................................................................................................316
Table 23. WPA Version Command ...................................................................................................................................318
Table 24. Preauthentication Commands ..........................................................................................................................319
Table 25. Cipher Commands ............................................................................................................................................319
Table 26. Authentication Server Commands ....................................................................................................................320
Table 27. RADIUS Accounting Commands ......................................................................................................................321
Table 28. WPA Client Commands ....................................................................................................................................321
Table 29. Guest Login and Welcome Page Commands ...................................................................................................323
Table 30. Radio Settings Commands ...............................................................................................................................326
Table 31. Radio Operation Commands ............................................................................................................................329
Table 32. Radio Mode Commands ...................................................................................................................................330
Table 33. Rate Set Commands ........................................................................................................................................331
Table 34. Accept and Deny List Commands ....................................................................................................................334
Table 35. QoS Commands ...............................................................................................................................................337
Table 36. Queue Commands ...........................................................................................................................................339
Table 37. WDS Commands ..............................................................................................................................................345
Table 38. Keyboard Shortcuts .................................................................................................
.........................................349
13
Tables
14

Preface

This guide contains instructions on how to configure and maintain an AT-WA7400 Wireless Access Point using its management software and contains the following sections:
“Where to Find Web-based Guides” on page 16
“Contacting Allied Telesyn” on page 17
15
Preface

Where to Find Web-based Guides

The installation and user guides for all Allied Telesyn products are available in portable document format (PDF) on our web site at www.alliedtelesyn.com. You can view the documents online or download them onto a local workstation or server.
16
AT-WA7400 Management Software User’s Guide

Contacting Allied Telesyn

This section provides Allied Telesyn contact information for technical support as well as sales and corporate information.

Online Support You can request technical support online by accessing the Allied Telesyn

Knowledge Base: www.alliedtelesyn.com/support/kb.aspx. You can use the Knowledge Base to submit questions to our technical support staff and review answers to previously asked questions.
Email and Telephone
Support
For Technical Support via email or telephone, refer to the Support & Services section of the Allied Telesyn web site: www.alliedtelesyn.com. Select your country from the list displayed on the website. then select the appropriate menu tab.

Warranty For hardware warranty information, refer to the Allied Telesis web site:

www.alliedtelesis.com/support/warranty.
Returning
Products
Sales or
Corporate
Products for return or repair must first be assigned a return materials authorization (RMA) number. A product sent to Allied Telesyn without an RMA number will be returned to the sender at the sender’s expense.
To obtain an RMA number, contact Allied Telesyn Technical Support through our web site: www.alliedtelesyn.com/support/rma. Select your country from the list displayed on the website. then select the appropriate menu tab.
You can contact Allied Telesyn for sales or corporate information through our web site: www.alliedtelesyn.com. To find the contact information for your country, select Contact Us -> Worldwide Contacts.
Information
Management
Software Updates
New releases of management software for our managed products are available from either of the following Internet sites:
Allied Telesyn web site: www.alliedtelesyn.com
Allied Telesyn FTP server: ftp://ftp.alliedtelesyn.com
If you prefer to download new software from the Allied Telesyn FTP server from your workstation’s command prompt, you will need FTP client software and you must log in to the server. Enter “anonymous” for the user name and your email address for the password.
17
Preface
18

Chapter 1

Preparing to Set Up the AT-WA7400 Wireless Access Point

Before you plug in and boot a new AT-WA7400 Wireless Access Point, review the following sections for a quick check of required hardware components, software, client configurations, and compatibility issues. Make sure you have everything you need ready to go for a successful launch and test of your new (or extended) wireless network.
This chapter contains the following sections:
“Setting Up the Administrator’s Computer” on page 20
“Setting Up the Wireless Client Computers” on page 22
“Understanding Dynamic and Static IP Addressing on the AT-WA7400
Management Software” on page 23
19
Chapter 1: Preparing to Set Up the AT-WA7400 Wireless Access Point

Setting Up the Administrator’s Computer

You configure and administer the AT-WA7400 Wireless Access Point with the KickStart utility (which you run from the CD), through a web-based user interface (UI), or through the command line interface. In order to successfully start the management software, the administrator’s computer must be set up with the following hardware and software components:
Ethernet connection
The computer used to configure the first AT-WA7400 Wireless Access Point with KickStart must be connected to the access point, either directly or through a hub, by an Ethernet cable.
Wireless Connection to the Network
After you initially configure and launch the first AT-WA7400 Wireless Access Point, you can make further configuration changes through the management software using a wireless connection to the “internal” network. This configuration includes:
Portable or built-in Wi-Fi client adapter that supports one or more of the IEEE 802.11 modes in which you plan to run the access point. (IEEE 802.11a, 802.11b, 802.11g, and 802.11a Turbo modes are supported.)
Wireless client software such as Microsoft Windows XP or Funk Odyssey wireless client configured to associate with the AT-WA7400 Management Software.
For more details about the Wi-Fi client setup, see “Setting Up the Wireless Client Computers” on page 22.
Web browser/operating system
Configuration and administration of the AT-WA7400 Wireless Access Point is provided through a web-based user interface hosted on the access point. Allied Telesyn recommends using one of the following supported web browsers to access the AT-WA7400 management software:
Microsoft Internet Explorer version 5.5 or greater (with up-to-date patch level for either major version) on Microsoft Windows XP or Microsoft Windows 2000
Netscape Mozilla 1.7.x on Redhat Linux version 2.4
20
The administration web browser must have JavaScript enabled to support the interactive features of the administration interface. It must also support HTTP uploads to use the firmware upgrade feature.
AT-WA7400 Software and Documentation CD
This CD contains the KickStart utility and the software documentation. You can run the KickStart utility on any Windows laptop or computer
AT-WA7400 Management Software User’s Guide
that is connected to the access point (via wired or wireless connection). It detects AT-WA7400 Wireless Access Points on the network. The wizard steps you through initial configuration of new access points, and provides a link to the AT-WA7400 management software where you finish the basic setup process in a step-by-step mode and launch the network.
You can also download KickStart onto the administrator’s computer which makes it unnecessary to have the CD.
For more about using KickStart, see “Running KickStart to Find Access Points on the Network” on page 26.
CD-ROM Drive
The administrator’s computer must have a CD-ROM drive to run the KickStart application on the AT-WA7400 Wireless Access Point CD or to download it to their computer.
Security Settings
Ensure that security is disabled on the wireless client used to initially configure the access point.
21
Chapter 1: Preparing to Set Up the AT-WA7400 Wireless Access Point

Setting Up the Wireless Client Computers

The AT-WA7400 Wireless Access Point provides wireless access to any client with a properly configured Wi-Fi client adapter for the 802.11 mode in which the access point is running.
Multiple client operating systems are supported. Clients can be laptops or desktops, personal digital assistants (PDAs), or any other hand-held, portable or stationary device equipped with a Wi-Fi adapter and supporting drivers.
In order to connect to the access point, wireless clients need the following software and hardware:
Wi-Fi Client Adapter
Portable or built-in Wi-Fi client adapter that supports one or more of the IEEE 802.11 modes in which you plan to run the access point. (IEEE 802.11a, 802.11b, 802.11g, and 802.11a Turbo modes are supported.)
Wi-Fi client adapters vary considerably. The adapter can be a PC card built in to the client device, a portable PCMCIA or PCI card (types of
NICs), or an external device such as a USB or Ethernet adapter that
you connect to the client by means of a cable.
The AT-WA7400 Wireless Access Point supports 802.11a/g modes. The fundamental requirement for clients is that they all have configured adapters that match the 802.11 a/g mode.
Wireless Client Software
Client software such as Microsoft Windows Supplicant or Funk Odyssey wireless client configured to associate with the AT-WA7400 Management Software.
Client Security Settings
Security should be disabled on the client used to do initial configuration of the access point.
If the Security mode on the access point is set to anything other than plain text, wireless clients will need to set a profile to the authentication mode used by the access point and provide a valid username and password, certificate, or similar user identity proof. Security modes are Static WEP, IEEE 802.1x, WPA with RADIUS server, and WPA-PSK.
For information on configuring security on the access point, see Chapter 10, “Configuring Security” on page 105.
22
AT-WA7400 Management Software User’s Guide

Understanding Dynamic and Static IP Addressing on the AT-WA7400 Management Software

Very little setup is required for the first access point and no configuration required for additional access points subsequently joining a pre-configured cluster.
When you run KickStart, it discovers the AT-WA7400 Wireless Access Points on the network and lists their IP addresses and MAC addresses. KickStart also provides a link to the administration web pages of each access point using the IP address in the URL. (For more information about the KickStart utility, see “Running KickStart to Find Access Points on the Network” on page 26.)
Dynamic IP
Addressing
Static IP
Addressing
The AT-WA7400 Wireless Access Point generally expects that a DHCP server is running on the network where the access point is deployed. Most home and small business networks already have DHCP service provided either via a gateway device or a centralized server. However, if no DHCP server is present on the internal network, the access point will use the default static IP address in the Static IP address field for first time startup.
Similarly, wireless clients and other network devices (such as printers) will receive their IP addresses from the DHCP server, if there is one. If no DHCP server is present on the network, you must manually assign static IP addresses to your wireless clients and other network devices.
The AT-WA7400 Wireless Access Point is shipped with a default static IP
address of 192.168.1.230. (See Appendix A, “Management Software
Default Settings” on page 215.) If no DHCP server is found on the network, the access point retains this static IP address at first-time startup.
After the access point starts up, you have the option of specifying a static IP addressing policy on AT-WA7400 Wireless Access Point and assigning static IP addresses to access points on the internal network using the management software. (See information about the Connection Type field and related fields in “Enabling or Disabling Guest Access” on page 90.)
Caution
If you do not have a DHCP server on the internal network and do not plan to use one, the first thing you must do after bringing up the access point is to verify that the Connection Type is Static IP. You can either assign a new Static IP address to the access point or continue using the default address. Allied Telesyn recommends assigning a new Static IP address so that if later you bring up another AT-WA7400 Wireless Access Point on the same network, the IP address for each access point will be unique.
23
Chapter 1: Preparing to Set Up the AT-WA7400 Wireless Access Point
Recovering an IP
Address
If you experience trouble communicating with the access point, you can recover a static IP address by resetting the access point configuration to the factory defaults (see “Resetting the Configuration to Factory Defaults” on page 206), or you can get a dynamically assigned address by connecting the access point to a network that has DHCP.
24

Chapter 2

Setting up the AT-WA7400 Management Software

Setting up and deploying one or more AT-WA7400 Wireless Access Points is in effect creating and launching a wireless network. The KickStart utility and corresponding AT-WA7400 Management Software Basic Settings web page simplify this process. This chapter contains procedures for setting up your AT-WA7400 Wireless Access Points and the resulting wireless network. Have the AT-WA7400 Wireless Access Point CD handy, and familiarize yourself with the default settings described in Appendix A, “Management Software Default Settings” on page 215.
This chapter includes the following procedures:
“Running KickStart to Find Access Points on the Network” on page 26
“Logging in to the AT-WA7400 Management Software” on page 34
“Navigating the Web Pages” on page 36
“Configuring the Basic Settings and Starting the Wireless Network” on
page 37
“Next Steps” on page 41
“Logging in After the Initial Setup” on page 42
Section I: Basic Features 25
Chapter 2: Setting up the AT-WA7400 Management Software

Running KickStart to Find Access Points on the Network

KickStart is an easy-to-use utility for discovering and identifying new AT-WA7400 Wireless Access Points. KickStart scans the network looking for access points, displays ID details on those it finds, and provides access to the AT-WA7400 Management Software.
Note
KickStart (and the other AT-WA7400 tools) recognizes and configures only AT-WA7400 Wireless Access Points. KickStart will not find or configure non-AT-WA7400 Wireless Access Points and will not find any other devices.
Note
Run KickStart only in the subnet of the internal network (SSID).
Note
KickStart finds only those access points that have IP addresses. IP addresses are dynamically assigned to access points if you have a
DHCP server running on the network. If you deploy the access point
on a network with no DHCP server, the default static IP address (192.168.1.230) is used.
Caution
Use caution with non-DHCP enabled networks: Do not deploy more than one new access point on a non-DHCP network because they will use the same default static IP addresses and conflict with each other. (For more information, see “Understanding Dynamic and Static IP Addressing on the AT-WA7400 Management Software” on page 23.)
To start the discovery process, perform the following procedure:
1. Do one of the following to create an Ethernet connection between the access point and your computer:
Connect one end of an Ethernet cable to the LAN port on the
access point and the other end to the same hub where your PC is connected.
26
Connect one end of an Ethernet cable to the LAN port on the
access point and the other end of the cable to the Ethernet port on your PC.
AT-WA7400 Management Software User’s Guide
2. Insert the AT-WA7400 Wireless Access Point CD into the CD-ROM drive on your computer.
The CD’s main page is shown in Figure 1.
Figure 1. AT-WA7400 CD Main Page
3. Click KickStart Utility.
The KickStart page, as shown in Figure 3, provides two options: Open KickStart and Install KickStart.
Figure 2. KickStart Page
27
Chapter 2: Setting up the AT-WA7400 Management Software
For information about installing KickStart, refer to “Installing KickStart on the Administrator’s PC” on page 30. Otherwise, continue with this procedure.
4. Click Open KickStart.
The KickStart Welcome dialog box is displayed, as shown in Figure 3.
Figure 3. KickStart Welcome Dialog Box
5. Click Next to search for access points.
Wait for the search to complete, or until KickStart has found your new access points, as shown in Figure 4.
28
Figure 4. KickStart Search Results Dialog Box
AT-WA7400 Management Software User’s Guide
Note
The KickStart utility only finds other AT-WA7400 Wireless Access Points.
If KickStart does not find the AT-WA7400 Wireless Access Point you just installed, an informational window is displayed with troubleshooting information about your LAN and power connections.
6. Review the list of access points that KickStart found, as shown in the example in Figure 4 on page 28..
The access points are listed with their locations, media access control (MAC) addresses, and IP addresses. If you are installing the first access point on a single-access-point network, only one entry is displayed on this page.
7. Verify the MAC addresses against the hardware labels for each access point. This will be especially helpful later in providing or modifying the descriptive Location name for each access point.
8. Click Next.
The Administration dialog box opens, as shown in Figure 5.
Figure 5. Administration Dialog Box
Note
KickStart provides a link to the AT-WA7400 management software web pages via the IP address of the first access point of each model. (For more information about model types and clustering see “What Kinds of Access Points Can Cluster Together?” on page 44.)
29
Chapter 2: Setting up the AT-WA7400 Management Software
The AT-WA7400 management software is a centralized management tool that you can access through the IP address for any access point in a cluster.
After your other access points are configured, you can also link to the AT-WA7400 management software web pages using the IP address for any of the other AT-WA7400 Wireless Access Points, for example
http://
IPAddressOfAccessPoint
.
Installing
KickStart on the
Administrator’s
PC
To install the KickStart utility on the administrator’s PC, perform the following procedure:
1. Insert the AT-WA7400 Wireless Access Point CD into the CD-ROM drive on your computer.
The CD’s main page is shown in Figure 1 on page 27. Click KickStart Utility.
The KickStart page, as shown in Figure 2 on page 27, provides two options: Open KickStart and Install KickStart.
The Open KickStart option is described in “Running KickStart to Find Access Points on the Network” on page 26.
2. Click Install KickStart.
The KickStart Setup Wizard dialog box is shown in Figure 6.
30
Figure 6. KickStart Setup Wizard Dialog Box
3. Click Next.
Loading...
+ 332 hidden pages