Cambium Networks XI-AC1300 Users Manual

USER’S GUIDE

Wireless Arrays and
Access Points

XR Series

March 10, 2014

Release 6.7

High Performance Wireless Networks

Wireless Arrays

™

and Access Points

XR Series

All rights reserved. This document may not be reproduced or

disclosed in whole or in part by any means without the written

consent of Xirrus, Inc.

Part Number: 800-0022-001

(Revision J)

Trademarks

is a registered trademark of Xirrus, Inc. All other trademarks and brand

names are marks of their respective holders.

Please see Legal Notices, Warnings, Compliance Statements, and Warranty and
License Agreements in “Appendix C: Notices (Arrays except XR-500/600 and -H

Models)” on page 511.

Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

Tel: 1.805.262.1600

1.800.947.7871 Toll Free in the US

Fax: 1.866.462.3980

www.xirrus.com

Wireless Array

Table of Contents

List of Figures.................................................................................... xiii

Introduction ......................................................................................... 1

The Xirrus Family of Products ............................................................................... 1

Nomenclature .................................................................................................... 2

Why Choose the Xirrus Wireless Array? .............................................................. 3

Wireless Array Product Overview ........................................................................ 4

XR Wireless Array Product Family ................................................................ 5

XR-500 Series Access Points ..................................................................... 5

XR-600 Series Access Points ..................................................................... 6

XR-1000 ....................................................................................................... 7

XR-2000/2005 Series Arrays .................................................................... 8

XR-4000 Series Arrays ............................................................................... 9

XR-6000 Series Arrays ............................................................................. 10

Enterprise Class Security ............................................................................... 11

Deployment Flexibility .................................................................................. 11

Power over Gigabit Ethernet (PoGE) .................................................... 12

Enterprise Class Management ...................................................................... 13

Key Features and Benefits ..................................................................................... 14

High Capacity and High Performance ........................................................ 14

Extended Coverage ......................................................................................... 15

Flexible Coverage Schemes .................................................................... 15

Non-Overlapping Channels .......................................................................... 16

SDMA Optimization ...................................................................................... 17

Fast Roaming ................................................................................................... 17

Ease of Deployment ........................................................................................ 17

Powerful Management ................................................................................... 17

Secure Wireless Access .................................................................................. 17

Applications Enablement .............................................................................. 17

Advanced Feature Sets .......................................................................................... 18

Xirrus Advanced RF Performance Manager (RPM) .................................. 18

Xirrus Advanced RF Security Manager (RSM) .......................................... 19

Xirrus Advanced RF Analysis Manager (RAM) ......................................... 20

i

Wireless Array

Xirrus Application Control ............................................................................ 21

About this User’s Guide ........................................................................................ 21

Organization .................................................................................................... 21

Notes and Cautions ........................................................................................ 23

Screen Images .................................................................................................. 23

Product Specifications ........................................................................................... 24

Installing the Wireless Array........................................................... 25

Installation Prerequisites ...................................................................................... 25

Optional Network Components ................................................................... 27

Client Requirements ....................................................................................... 27

Planning Your Installation .................................................................................... 28

General Deployment Considerations .......................................................... 28

Coverage and Capacity Planning ................................................................. 30

Placement .................................................................................................. 30

RF Patterns ................................................................................................ 31

Capacity and Cell Sizes ........................................................................... 32

Fine Tuning Cell Sizes ............................................................................. 33

Roaming Considerations ........................................................................ 34

Allocating Channels ................................................................................ 34

About IEEE 802.11ac ....................................................................................... 37

Up to Eight Simultaneous Data Streams — Spatial Multiplexing ..... 39

MIMO (Multiple-In Multiple-Out) ........................................................ 39

MU-MIMO (Multi-User Multiple-In Multiple-Out) ........................... 40

Higher Precision in the Physical Layer ................................................ 42

80 MHz and 160 MHz Channel Widths (Bonding) ............................ 43

802.11ac Data Rates ................................................................................. 44

ACExpress™ ............................................................................................ 45

802.11ac Deployment Considerations .......................................................... 45

Failover Planning ............................................................................................ 47

Switch Failover Protection ..................................................................... 48

Power Planning ............................................................................................... 49

Power over Gigabit Ethernet ................................................................. 49

Security Planning ........................................................................................... 50

Wireless Encryption ................................................................................ 50

Authentication ......................................................................................... 50

Port Requirements .......................................................................................... 52

ii

Wireless Array

Network Management Planning .................................................................. 56

WDS Planning ................................................................................................. 57

Common Deployment Options .................................................................... 60

Installation Workflow ........................................................................................... 61

Installing Your Wireless Array ............................................................................ 63

Choosing a Location ....................................................................................... 63

Wiring Considerations ............................................................................ 63

Mounting and Connecting the Array/AP ................................................. 66

Dismounting the Array .................................................................................. 66

Powering Up the Wireless Array ......................................................................... 66

Array LED Operating Sequences ................................................................. 67

LED Boot Sequence ................................................................................. 67

LED Operation when Array is Running .............................................. 68

Zero-Touch Provisioning and Ongoing Management .................................... 69

XMS Cloud Next Generation (XMS-9500-CL-x) .................................. 69

XMS Enterprise ........................................................................................ 69

If you are not using XMS ........................................................................ 70

Array/AP Management Interfaces ...................................................................... 71

User Interfaces (CLI, WMI) ........................................................................... 71

Using the Serial Port ....................................................................................... 73

Using the Ethernet Ports ................................................................................ 73

Starting the WMI ............................................................................................. 74

Logging In ........................................................................................................ 74

Licensing ................................................................................................................ 74

Performing the Express Setup Procedure ........................................................... 75

Securing Low Level Access to the Array ..................................................... 76

The Web Management Interface ................................................... 81

Managing Arrays Locally or via XMS ................................................................. 81

An Overview .......................................................................................................... 82

Structure of the WMI ............................................................................................. 83

User Interface ......................................................................................................... 85

Logging In ............................................................................................................... 88

Applying Configuration Changes ....................................................................... 89

Character Restrictions .................................................................................... 89

iii

Wireless Array

Viewing Status on the Wireless Array ........................................... 91

Array Status Windows .......................................................................................... 92

Array Summary .............................................................................................. 92

Content of the Array Summary Window ............................................ 93

Array Information .......................................................................................... 98

Array Configuration ....................................................................................... 99

Admin History .............................................................................................. 100

Network Status Windows ................................................................................... 100

Network ......................................................................................................... 101

Network Map ................................................................................................ 102

Content of the Network Map Window .............................................. 102

Spanning Tree Status .................................................................................... 105

Routing Table ................................................................................................ 106

ARP Table ...................................................................................................... 106

DHCP Leases ................................................................................................. 107

Connection Tracking/NAT ......................................................................... 107

CDP Neighbors ............................................................................................. 108

Network Assurance ...................................................................................... 109

Undefined VLANs ........................................................................................ 110

RF Monitor Windows .......................................................................................... 111

IAPs ................................................................................................................. 112

Spectrum Analyzer ..................................................................................... 113

Intrusion Detection ...................................................................................... 116

Channel History ............................................................................................ 118

Radio Assurance ........................................................................................... 120

Station Status Windows ...................................................................................... 122

Stations ........................................................................................................... 123

Location Map ................................................................................................. 125

RSSI ................................................................................................................. 128

Signal-to-Noise Ratio (SNR) ........................................................................ 130

Noise Floor ..................................................................................................... 131

Max by IAP .................................................................................................... 133

Station Assurance ......................................................................................... 134

Statistics Windows ............................................................................................... 135

IAP Statistics Summary ................................................................................ 135

Per-IAP Statistics ........................................................................................... 136

Network Statistics ......................................................................................... 138

iv

Wireless Array

VLAN Statistics ............................................................................................. 139

WDS Statistics ................................................................................................ 140

IDS Statistics .................................................................................................. 141

Filter Statistics ............................................................................................... 143

Station Statistics ............................................................................................ 144

Per-Station Statistics ..................................................................................... 145

Application Control Windows ........................................................................... 146

About Application Control ......................................................................... 146

Application Control ...................................................................................... 148

Stations (Application Control) .................................................................... 152

System Log Window ........................................................................................... 153

IDS Event Log Window ...................................................................................... 155

Configuring the 

Wireless Array................................................................................ 157

Express Setup ........................................................................................................ 159

Network ................................................................................................................. 165

Network Interfaces ...................................................................................... 166

Network Interface Ports ........................................................................ 167

Bonds and Bridging ...................................................................................... 169

DNS Settings .................................................................................................. 176

CDP Settings .................................................................................................. 177

Services .................................................................................................................. 179

Time Settings (NTP) ..................................................................................... 180

NetFlow .......................................................................................................... 182

Wi-Fi Tag ....................................................................................................... 183

Location .......................................................................................................... 184

System Log ..................................................................................................... 186

About Using the Splunk Application for Xirrus Arrays .................. 189

SNMP .............................................................................................................. 191

DHCP Server ................................................................................................. 194

Proxy Forwarding ......................................................................................... 196

About Proxy Forwarding ..................................................................... 196

Proxy Forwarding for HTTPS .............................................................. 197

Summary of Proxy Forwarding Behavior on the Array .................. 198

VLANs ................................................................................................................... 204

Understanding Virtual Tunnels .......................................................... 204

v

Wireless Array

VLAN Management ..................................................................................... 206

Tunnels .................................................................................................................. 209

About Xirrus Tunnels ........................................................................... 209

Tunnel Management .................................................................................... 210

SSID Assignments ......................................................................................... 211

Security .................................................................................................................. 213

Understanding Security ........................................................................ 214

Certificates and Connecting Securely to the WMI ............................ 217

Using the Array’s Default Certificate ................................................. 217

Using an External Certificate Authority ............................................. 218

Admin Management .................................................................................... 219

Admin Privileges .......................................................................................... 221

Admin RADIUS ............................................................................................ 223

About Creating Admin Accounts on the RADIUS Server ............. 223

Management Control ................................................................................... 226

Access Control List ....................................................................................... 234

Global Settings .............................................................................................. 236

External Radius ............................................................................................. 240

About Creating User Accounts on the RADIUS Server .................. 241

Internal Radius .............................................................................................. 244

Active Directory ............................................................................................ 246

Rogue Control List ........................................................................................ 250

OAuth 2.0 Management ............................................................................... 251

SSIDs ...................................................................................................................... 254

Understanding SSIDs ............................................................................ 255

Understanding QoS Priority on the Wireless Array ........................ 256

High Density 2.4G Enhancement—Honeypot SSID ......................... 261

SSID Management ........................................................................................ 262

SSID List (top of page) .......................................................................... 263

SSID Limits ............................................................................................. 267

Web Page Redirect (Captive Portal) Configuration ........................ 269

Whitelist Configuration for Web Page Redirect .............................. 273

WPA Configuration .............................................................................. 274

Authentication Service Configuration ............................................... 274

Active IAPs .................................................................................................... 275

Per-SSID Access Control List ...................................................................... 276

Honeypots ...................................................................................................... 278

vi

Wireless Array

Groups ................................................................................................................... 280

Understanding Groups ......................................................................... 280

Using Groups ......................................................................................... 281

Group Management ..................................................................................... 282

Group Limits .......................................................................................... 285

IAPs ........................................................................................................................ 287

Understanding Fast Roaming .............................................................. 288

IAP Settings ................................................................................................... 290

Global Settings (IAP) ................................................................................... 295

Beacon Configuration ........................................................................... 297

Station Management ............................................................................. 298

Advanced Traffic Optimization .......................................................... 300

Global Settings .11an .................................................................................... 311

Global Settings .11bgn .................................................................................. 316

Global Settings .11n ...................................................................................... 322

Global Settings .11ac ..................................................................................... 325

Global Settings .11u ...................................................................................... 327

Understanding 802.11u ......................................................................... 327

Advanced RF Settings .................................................................................. 333

About Standby Mode ............................................................................ 334

RF Monitor .............................................................................................. 334

RF Resilience .......................................................................................... 335

RF Power & Sensitivity ......................................................................... 336

RF Spectrum Management ................................................................... 337

Station Assurance .................................................................................. 340

Hotspot 2.0 ..................................................................................................... 342

Understanding Hotspot 2.0 .................................................................. 342

NAI Realms .................................................................................................... 344

Understanding NAI Realm Authentication ....................................... 344

NAI EAP ......................................................................................................... 346

Intrusion Detection ....................................................................................... 348

DoS Attacks ............................................................................................ 349

Impersonation Attacks .......................................................................... 350

About Blocking Rogue APs .................................................................. 351

RF Intrusion Detection and Auto Block Mode .................................. 352

DoS Attack Detection Settings ............................................................. 353

Impersonation Detection Settings ....................................................... 354

vii

Wireless Array

LED Settings .................................................................................................. 354

DSCP Mappings ............................................................................................ 355

Roaming Assist .............................................................................................. 356

WDS ....................................................................................................................... 358

About Configuring WDS Links ........................................................... 358

Long Distance Links .............................................................................. 360

WDS Client Links .......................................................................................... 361

Filters ..................................................................................................................... 365

Filter Lists ...................................................................................................... 366

Filter Management ....................................................................................... 368

Clusters .................................................................................................................. 374

Cluster Definition ........................................................................................ 375

Cluster Management ................................................................................... 376

Cluster Operation ........................................................................................ 377

Mobile .................................................................................................................... 380

AirWatch ........................................................................................................ 380

User Procedure for Wireless Access ................................................... 382

Using Tools on the Wireless Array............................................... 385

System Tools ......................................................................................................... 386

About Licensing and Upgrades ........................................................... 387

System ..................................................................................................... 388

Automatic Updates from Remote Image or Configuration File .... 390

Configuration ......................................................................................... 391

Diagnostics ............................................................................................. 394

Application Control Signature File Management ............................. 395

Web Page Redirect (Captive Portal) ................................................... 396

Network Tools ........................................................................................ 397

Progress and Status Frames ................................................................. 399

CLI ......................................................................................................................... 399

API Documentation ............................................................................................. 401

Status/Settings ....................................................................................... 402

GET Requests ......................................................................................... 402

Trying a GET Request ........................................................................... 403

API Documentation Toolbar ................................................................ 405

Options .................................................................................................................. 406

Logout .................................................................................................................... 407

viii

Wireless Array

The Command Line Interface...................................................... 409

Establishing a Secure Shell (SSH) Connection ................................................. 409

Getting Started with the CLI .............................................................................. 411

Inputting Commands ................................................................................... 411

Getting Help .................................................................................................. 411

Top Level Commands ......................................................................................... 413

Root Command Prompt ............................................................................... 413

configure Commands ................................................................................... 414

show Commands .......................................................................................... 417

statistics Commands ..................................................................................... 420

Configuration Commands .................................................................................. 422

acl .................................................................................................................... 422

admin .............................................................................................................. 423

auth ................................................................................................................. 424

cdp ................................................................................................................... 424

clear ................................................................................................................. 426

cluster ............................................................................................................. 428

contact-info .................................................................................................... 429

date-time ........................................................................................................ 430

dhcp-server .................................................................................................... 431

dns ................................................................................................................... 432

file .................................................................................................................... 433

filter ................................................................................................................. 437

Air Cleaner ............................................................................................. 438

group .............................................................................................................. 441

hostname ........................................................................................................ 441

interface .......................................................................................................... 442

load ................................................................................................................. 442

location ........................................................................................................... 443

location-reporting ......................................................................................... 444

management .................................................................................................. 445

mdm ................................................................................................................ 446

more ................................................................................................................ 447

netflow ............................................................................................................ 448

no ..................................................................................................................... 449

quick-config ................................................................................................... 451

quit .................................................................................................................. 452

ix

Wireless Array

authentication-server ................................................................................... 452

reboot .............................................................................................................. 453

reset ................................................................................................................. 453

restore ............................................................................................................. 454

roaming-assist ............................................................................................... 455

run-tests .......................................................................................................... 456

security ........................................................................................................... 458

snmp ............................................................................................................... 459

ssid .................................................................................................................. 460

syslog .............................................................................................................. 461

tunnel .............................................................................................................. 462

uptime ............................................................................................................. 463

vlan .................................................................................................................. 463

wifi-tag ........................................................................................................... 464

Sample Configuration Tasks .............................................................................. 466

Configuring a Simple Open Global SSID .................................................. 467

Configuring a Global SSID using WPA-PEAP ......................................... 468

Configuring an SSID-Specific SSID using WPA-PEAP ........................... 469

Enabling Global IAPs ................................................................................... 470

Disabling Global IAPs .................................................................................. 471

Enabling a Specific IAP ................................................................................ 472

Disabling a Specific IAP ............................................................................... 473

Setting Cell Size Auto-Configuration for All IAPs .................................. 474

Setting the Cell Size for All IAPs ................................................................ 475

Setting the Cell Size for a Specific IAP ....................................................... 476

Configuring VLANs on an Open SSID ...................................................... 477

Configuring Radio Assurance Mode (Loopback Tests) .......................... 478

Appendices..................................................................................... 481

Appendix A: Quick Reference Guide ............................................................... 483

Factory Default Settings ...................................................................................... 483

Host Name ..................................................................................................... 483

Network Interfaces ....................................................................................... 483

Serial ........................................................................................................ 483

Gigabit 1 and Gigabit 2 ......................................................................... 484

Server Settings ............................................................................................... 484

NTP .......................................................................................................... 484

x

Wireless Array

Syslog ...................................................................................................... 484

SNMP ...................................................................................................... 485

DHCP .............................................................................................................. 485

Default SSID .................................................................................................. 486

Security .......................................................................................................... 486

Global Settings - Encryption ............................................................... 486

External RADIUS (Global) .................................................................. 487

Internal RADIUS .................................................................................... 488

Administrator Account and Password ...................................................... 488

Management .................................................................................................. 488

Keyboard Shortcuts ............................................................................................. 489

Appendix B: FAQ and Special Topics ............................................................... 491

General Hints and Tips ....................................................................................... 491

Frequently Asked Questions .............................................................................. 492

Multiple SSIDs ............................................................................................... 492

Security ........................................................................................................... 494

VLAN Support .............................................................................................. 497

Array Monitor and Radio Assurance Capabilities .......................................... 500

Enabling Monitoring on the Array ..................................................... 500

How Monitoring Works ............................................................................... 500

Radio Assurance ........................................................................................... 501

Radio Assurance Options ..................................................................... 502

RADIUS Vendor Specific Attribute (VSA) for Xirrus ..................................... 503

Location Service Data Formats .......................................................................... 504

Euclid Location Server ................................................................................. 504

Non-Euclid Location Server ........................................................................ 504

Upgrading the Array via CLI ............................................................................. 506

Sample Output for the Upgrade Procedure: ............................................. 507

Appendix C: Notices (Arrays except XR-500/600 and -H Models) .............. 511

Notices ................................................................................................................... 511

EU Directive 1999/5/EC Compliance Information ........................................ 515

Compliance Information (Non-EU) ................................................................... 522

Safety Warnings ................................................................................................... 523

Translated Safety Warnings ............................................................................... 524

Software License and Product Warranty Agreement ..................................... 525

Hardware Warranty Agreement ....................................................................... 531

xi

Wireless Array

Appendix D: Notices (XR500/600 Series Only) ............................................. 533

Notices ................................................................................................................... 533

EU Directive 1999/5/EC Compliance Information ........................................ 537

Compliance Information (Non-EU) ................................................................... 544

Safety Warnings ................................................................................................... 545

Translated Safety Warnings ............................................................................... 546

Software License and Product Warranty Agreement ..................................... 547

Hardware Warranty Agreement ....................................................................... 553

Appendix E: Medical Usage Notices ................................................................ 555

Glossary of Terms.......................................................................... 561

Index................................................................................................ 573

xii

Wireless Array

List of Figures

Figure 1. Xirrus Arrays: XR Series ........................................................................... 1

Figure 2. Wireless Array (XR Series) ....................................................................... 4

Figure 3. Wireless Coverage Patterns .................................................................... 11

Figure 4. XP8 - Power over Ethernet Usage .......................................................... 12

Figure 5. WMI: Array Status ................................................................................... 13

Figure 6. Layout of IAPs (XR-7630)........................................................................ 14

Figure 7. Coverage Schemes (XR-7230 shown)..................................................... 16

Figure 8. Wall Thickness Considerations .............................................................. 29

Figure 9. Unit Placement.......................................................................................... 30

Figure 10. Full (Normal) Coverage........................................................................... 31

Figure 11. Adjusting RF Patterns.............................................................................. 31

Figure 12. Custom Coverage ..................................................................................... 32

Figure 13. Connection Rate vs. Distance ................................................................. 32

Figure 14. Transmit Power......................................................................................... 33

Figure 15. Overlapping Cells..................................................................................... 34

Figure 16. Allocating Channels Manually............................................................... 36

Figure 17. Spatial Multiplexing................................................................................. 39

Figure 18. MIMO Signal Processing......................................................................... 40

Figure 19. MU-MIMO with Four Antennas ............................................................ 41

Figure 20. Physical Layer Data Encoding................................................................ 42

Figure 21. Channel Bonding (Channels 36-64 shown)........................................... 44

Figure 22. Maximum 802.11ac Data Rates............................................................... 44

Figure 23. Port Failover Protection........................................................................... 47

Figure 24. Switch Failover Protection ..................................................................... 48

Figure 25. Port Requirements for XMS .................................................................... 52

Figure 26. WDS Link................................................................................................... 57

Figure 27. A Multiple Hop WDS Connection ......................................................... 58

Figure 28. WDS Failover Protection ......................................................................... 58

Figure 29. Installation Workflow .............................................................................. 61

Figure 30. Array Placement ....................................................................................... 63

Figure 31. LED Locations .......................................................................................... 66

Figure 32. Network Interface Ports—XR-520 (left); XR-1000 Series (right)........ 71

Figure 33. Network Interface Ports—XR-600 Series .............................................. 71

Figure 34. Network Interfaces—XR-2000 Series (left); XR-2005 Series (right) ... 72

List of Figures xiii

Wi-Fi Array

Figure 35. Network Interface Ports—XR-4000 Series ............................................ 72

Figure 36. Network Interface Ports—XR-6000 Series ............................................ 72

Figure 37. Web Management Interface ................................................................... 82

Figure 38. WMI: Frames ............................................................................................ 85

Figure 39. WMI Header ............................................................................................. 86

Figure 40. WMI Command Log ............................................................................... 87

Figure 41. WMI: Utility Buttons ............................................................................... 87

Figure 42. Logging In to the Wireless Array........................................................... 88

Figure 43. Array Summary ........................................................................................ 92

Figure 44. Disabled IAP (Partial View).................................................................... 95

Figure 45. IAP Cells .................................................................................................... 95

Figure 46. Network Assurance and Operating Status ........................................... 96

Figure 47. Array Information ................................................................................... 98

Figure 48. Show Configuration ................................................................................. 99

Figure 49. Admin Login History............................................................................. 100

Figure 50. Network Settings .................................................................................... 101

Figure 51. Network Map ......................................................................................... 102

Figure 52. Spanning Tree Status.............................................................................. 105

Figure 53. Routing Table.......................................................................................... 106

Figure 54. ARP Table ................................................................................................ 106

Figure 55. DHCP Leases........................................................................................... 107

Figure 56. Connection Tracking.............................................................................. 107

Figure 57. CDP Neighbors ....................................................................................... 108

Figure 58. Network Assurance................................................................................ 109

Figure 59. Undefined VLANs.................................................................................. 110

Figure 60. RF Monitor — IAPs ................................................................................ 112

Figure 61. RF Monitor — IAPs ................................................................................ 112

Figure 62. RF Spectrum Analyzer........................................................................... 114

Figure 63. Intrusion Detection/Rogue AP List..................................................... 116

Figure 64. RF Monitor — Channel History............................................................. 118

Figure 65. RF Monitor — Channel History (Rotated)........................................... 119

Figure 66. RF Monitor — Channel History (Text) ................................................. 119

Figure 67. Radio Assurance..................................................................................... 120

Figure 68. Stations..................................................................................................... 123

Figure 69. Location Map .......................................................................................... 125

Figure 70. Controls for Location Map .................................................................... 126

Figure 71. Station RSSI Values ............................................................................... 128

xiv List of Figures

Wireless Array

Figure 72. Station RSSI Values — Colorized Graphical View ............................. 129

Figure 73. Station Signal-to-Noise Ratio Values .................................................. 130

Figure 74. Station SNR Values — Colorized Graphical View.............................. 130

Figure 75. Station Noise Floor Values ................................................................... 131

Figure 76. Station Noise Floor Values — Colorized Graphical View................. 132

Figure 77. Max by IAP.............................................................................................. 133

Figure 78. Station Assurance ................................................................................... 134

Figure 79. IAP Statistics Summary Page................................................................ 135

Figure 80. Individual IAP Statistics Page ............................................................. 137

Figure 81. Network Statistics................................................................................... 138

Figure 82. VLAN Statistics....................................................................................... 139

Figure 83. WDS Statistics ......................................................................................... 140

Figure 84. IDS Statistics Page ................................................................................. 141

Figure 85. Filtered IDS Statistics ............................................................................. 142

Figure 86. Filter Statistics ......................................................................................... 143

Figure 87. Station Statistics ...................................................................................... 144

Figure 88. Individual Station Statistics Page......................................................... 145

Figure 89. Application Control ............................................................................... 148

Figure 90. Application Control (Pie Charts).......................................................... 150

Figure 91. Application Control (Station Traffic)................................................... 151

Figure 92. Stations (Application Control).............................................................. 152

Figure 93. System Log (Alert Level Highlighted) ................................................ 153

Figure 94. IDS Event Log ........................................................................................ 155

Figure 95. WMI: Express Setup .............................................................................. 159

Figure 96. LEDs are Switched On .......................................................................... 164

Figure 97. Network Interfaces................................................................................. 165

Figure 98. Network Settings .................................................................................... 166

Figure 99. Network Bonds and Bridging............................................................... 169

Figure 100. Bridging Traffic....................................................................................... 170

Figure 101. Port Modes (a, b) .................................................................................... 172

Figure 102. Port Modes (c, d) .................................................................................... 173

Figure 103. Mirroring Traffic .................................................................................... 175

Figure 104. DNS Settings............................................................................................ 176

Figure 105. CDP Settings............................................................................................ 177

Figure 106. Services..................................................................................................... 179

Figure 107. Time Settings (Manual Time)................................................................ 180

Figure 108. Time Settings (NTP Time Enabled)...................................................... 181

List of Figures xv

Wi-Fi Array

Figure 109. NetFlow.................................................................................................... 182

Figure 110. Wi-Fi Tag.................................................................................................. 183

Figure 111. Location.................................................................................................... 185

Figure 112. System Log .............................................................................................. 186

Figure 113. SNMP ....................................................................................................... 191

Figure 114. DHCP Management............................................................................... 194

Figure 115. Proxy Forwarding Example.................................................................. 196

Figure 116. Set up a Proxy Server on each Client (Windows) .............................. 199

Figure 117. Specify Proxy Servers (Windows)........................................................ 200

Figure 118. Set up a Proxy Server on each Client (Apple) .................................... 201

Figure 119. Specify Proxy Servers (Apple) ............................................................. 202

Figure 120. Proxy Forwarding................................................................................... 203

Figure 121. VLANs...................................................................................................... 204

Figure 122. VLAN Management............................................................................... 206

Figure 123. Tunnel Summary.................................................................................... 209

Figure 124. Tunnel Management .............................................................................. 210

Figure 125. Tunnel SSID Assignments..................................................................... 211

Figure 126. Security..................................................................................................... 213

Figure 127. Import Xirrus Certificate Authority .................................................... 217

Figure 128. Admin Management .............................................................................. 219

Figure 129. Admin Privileges.................................................................................... 221

Figure 130. Admin RADIUS...................................................................................... 224

Figure 131. Management Control ............................................................................ 226

Figure 132. Pre-login Banner ..................................................................................... 227

Figure 133. Access Control List................................................................................. 234

Figure 134. Global Settings (Security) ...................................................................... 236

Figure 135. External RADIUS Server ....................................................................... 240

Figure 136. Internal RADIUS Server ........................................................................ 244

Figure 137. Active Directory Server ......................................................................... 247

Figure 138. Finding the Domain Name from Active Directory............................ 248

Figure 139. Rogue Control List ................................................................................. 250

Figure 140. OAuth 2.0 Management - Token List .................................................. 252

Figure 141. SSIDs......................................................................................................... 254

Figure 142. Four Traffic Classes................................................................................ 257

Figure 143. Priority Level—IEEE 802.1p (Layer 2)................................................. 257

Figure 144. Priority Level—DSCP (DiffServ - Layer 3) ......................................... 258

Figure 145. SSID Management.................................................................................. 262

xvi List of Figures

Wireless Array

Figure 146. SSID Management—Encryption, Authentication, Accounting ....... 265

Figure 147. WPR Internal Splash Page Fields (SSID Management)..................... 269

Figure 148. Customizing an Internal Login or Splash Page ................................. 272

Figure 149. Whitelist Configuration for WPR......................................................... 273

Figure 150. Setting Active IAPs per SSID ................................................................ 275

Figure 151. Per-SSID Access Control List................................................................ 276

Figure 152. Honeypot Whitelist ................................................................................ 278

Figure 153. Groups...................................................................................................... 280

Figure 154. Group Management ............................................................................... 282

Figure 155. IAPs........................................................................................................... 287

Figure 156. Source of Channel Setting ..................................................................... 287

Figure 157. IAP Settings ............................................................................................. 290

Figure 158. Global Settings (IAPs)............................................................................ 295

Figure 159. Multicast Processing .............................................................................. 300

Figure 160. Additional Optimization Settings........................................................ 306

Figure 161. Global Settings .11an.............................................................................. 311

Figure 162. Global Settings .11bgn ........................................................................... 316

Figure 163. Global Settings .11n................................................................................ 322

Figure 164. Global Settings .11ac .............................................................................. 325

Figure 165. 802.11u Global Settings.......................................................................... 328

Figure 166. Advanced RF Settings............................................................................ 333

Figure 167. Station Assurance (Advanced RF Settings) ........................................ 341

Figure 168. Hotspot 2.0 Settings................................................................................ 343

Figure 169. NAI Realms ............................................................................................. 345

Figure 170. NAI EAP .................................................................................................. 346

Figure 171. Intrusion Detection Settings.................................................................. 348

Figure 172. LED Settings............................................................................................ 354

Figure 173. DSCP Mappings...................................................................................... 355

Figure 174. WDS.......................................................................................................... 358

Figure 175. Configuring a WDS Link....................................................................... 359

Figure 176. WDS Client Links ................................................................................... 361

Figure 177. Filters........................................................................................................ 365

Figure 178. Filter Lists ................................................................................................ 366

Figure 179. Filter Management ................................................................................. 368

Figure 180. Filter Category or Application.............................................................. 372

Figure 181. Clusters .................................................................................................... 374

Figure 182. Cluster Definition ................................................................................... 375

List of Figures xvii

Wi-Fi Array

Figure 183. Cluster Management.............................................................................. 376

Figure 184. Cluster Mode Operation........................................................................ 377

Figure 185. Cluster Mode Activation ....................................................................... 377

Figure 186. Viewing Statistics in Cluster Mode...................................................... 378

Figure 187. AirWatch Settings................................................................................... 380

Figure 188. System Tools............................................................................................ 386

Figure 189. Saving the Diagnostic Log..................................................................... 394

Figure 190. Managing Application Control Signature files .................................. 395

Figure 191. Managing WPR Splash/Login page files............................................ 396

Figure 192. System Command (Ping)....................................................................... 397

Figure 193. Radius Ping Output................................................................................ 398

Figure 194. CLI Window ........................................................................................... 399

Figure 195. API Documentation................................................................................ 401

Figure 196. API — GET Request Details ................................................................. 402

Figure 197. API — GET Request Response ............................................................ 404

Figure 198. API Documentation Toolbar................................................................. 405

Figure 199. WMI Display Options............................................................................ 406

Figure 200. Login Window ....................................................................................... 407

Figure 201. Logging In ............................................................................................... 410

Figure 202. Help Window ......................................................................................... 411

Figure 203. Full Help .................................................................................................. 412

Figure 204. Partial Help.............................................................................................. 412

Figure 205. Air Cleaner Filter Rules ......................................................................... 439

Figure 206. Configuring a Simple Open Global SSID ........................................... 467

Figure 207. Configuring a Global SSID using WPA-PEAP................................... 468

Figure 208. Configuring an SSID-Specific SSID using WPA-PEAP..................... 469

Figure 209. Enabling Global IAPs............................................................................. 470

Figure 210. Disabling Global IAPs............................................................................ 471

Figure 211. Enabling a Specific IAP.......................................................................... 472

Figure 212. Disabling a Specific IAP......................................................................... 473

Figure 213. Setting the Cell Size for All IAPs.......................................................... 474

Figure 214. Setting the Cell Size for All IAPs.......................................................... 475

Figure 215. Setting the Cell Size for a Specific IAP ................................................ 476

Figure 216. Configuring VLANs on an Open SSID................................................ 477

Figure 217. Configuring Radio Assurance Mode (Loopback Testing)................ 479

xviii List of Figures

Wireless Array

Introduction

These topics introduce the Xirrus Wireless Array, including an overview of its key
features and benefits.

 “The Xirrus Family of Products” on page 1.
 “Why Choose the Xirrus Wireless Array?” on page 3.
 “Wireless Array Product Overview” on page 4.
 “Key Features and Benefits” on page 14.

 “Advanced Feature Sets” on page 18.

 “About this User’s Guide” on page 21.

The Xirrus Family of Products

Figure 1. Xirrus Arrays: XR Series

The Xirrus family of products includes the following:

 The XR Series of Xirrus Wireless Arrays

The newest Xirrus Wireless Arrays have been completely redesigned to
provide distributed intelligence, integrated switching capacity,
application-level intelligence, increased bandwidth, and smaller size. The
radios support IEEE802.11 ac, a, b, g, and n clients, and feature the
capacity and performance needed to replace switched Ethernet to the
desktop. Modular radios allow you to increase the number of radios,
upgrade to more powerful radios, or even upgrade later to future
technologies like 802.11ac and 802.11.ad as they are introduced.

Introduction 1

Wireless Array

 Xirrus Management System (XMS)

XMS is used for managing large Array deployments from a centralized
Web-based interface. Xirrus offers XMS Cloud—a software as a service
option for XMS, providing zero-touch provisioning and initial startup for
new Array/AP deployments. XMS is capable of managing large numbers
of Arrays, including automated software and firmware upgrades for the
network.

Another option is XMS, hosted on your own server. It manages all aspects
of your Xirrus wireless network. For customers using the XMS-9000-CL-x
Cloud-hosted version, all Array management is performed via the cloud.
For detailed information about XMS, refer to the XMS User’s Guide.

 Xirrus-supplied Power over Gigabit Ethernet (PoGE) Injectors and

POE+ Switches

Xirrus offers 24- and 48-port enterprise-class L2+ gigabit managed access
switches with IEEE802.3at PoE+, four 1G/10G SFP+ ports, and stacking.
One-, two-, and eight-port PoGE injectors are also available for a range of
Array power requirements.

Nomenclature

Throughout this User’s Guide, Xirrus Wireless Arrays and Access Points are
referred to as simply Arrays. In some instances, the terms product and unit are
also used. When discussing specific products from the Xirrus family, the product
name is used (for example, XR-4830). The Wireless Array’s operating system is
referred to as the ArrayOS. The Web Management Interface for browser-based
management of the Array is referred to as WMI.

Arrays have very flexible radio capabilities — each of the radios may be
independently configured to support IEEE802.11a, 11b, 11g, or 11n clients or a
combination of client types. On Arrays featuring 802.11ac, this option is also
included. One radio is typically assigned as the RF monitor radio, supporting
intrusion detection and prevention, self-monitoring, and other services. Radios
support both 2.4GHz and 5 GHz, and are named iap1, iap2, ... iapn.

The Xirrus Management System is referred to as XMS. The Power over Gigabit
Ethernet system may be referred to as PoGE.

2 Introduction

Wireless Array

Why Choose the Xirrus Wireless Array?

The deployment of wireless is a necessity as businesses strive for greater
flexibility in the workplace and the need for employee mobility rises. The user
community is placing spiraling and often unanticipated demands on the wireless
network, with the rapid proliferation of devices such as iPads and wireless
enabled phones. Xirrus Wireless Arrays have the capability to support the large
number of user devices present in today’s environments, with superior range and
coverage.

Wireless has come a long way in the past few years and now offers the
performance, reliability and security that Enterprise customers have come to
expect from their networks. The technology is being driven by these major IEEE
standards:

 802.11ac

Operates in the 5 GHz range, using a number of advanced techniques to
achieve a maximum speed of 1.3 Gbps. These techniques include
improvements on the methods used for 802.11n, below.

 802.11n

Uses multiple antennas per radio to boost transmission speed as high as
450Mbps, increasing throughput, range, and maximum number of users.

802.11n is backwards compatible with 802.11a/b/g.

 802.11a

Operates in the 5 GHz range with a maximum speed of 54 Mbps.

 802.11b

Operates in the 2.4 GHz range with a maximum speed of 11 Mbps.

 802.11g

Supports a higher transmission speed of 54 Mbps in the 2.4 GHz range
and is backwards compatible with 802.11b.

Whether you have just a handful of users or thousands of users, the Xirrus Array
has the scalability and flexibility to serve your needs.

Introduction 3

Wireless Array

See Also

Key Features and Benefits
Wireless Array Product Overview
The Xirrus Family of Products

Wireless Array Product Overview

Part of the family of Xirrus products, the Wireless Array is a high capacity, multi­mode device designed with up to four times the coverage and eight times the
bandwidth and user density compared with legacy thin access point wireless
products. Its distributed intelligence eliminates the use of separate controllers and
their accompanying bottlenecks. Each radio, with its directional high-gain
antennas, can achieve up to 1.3 Gbps throughput.

Figure 2. Wireless Array (XR Series)

The Wireless Array (regardless of the product model) is Wi-Fi® compliant and
simultaneously supports 802.11ac, 802.11a, 802.11b, 802.11g, and 802.11n clients.
The multi-state design allows you to assign radios to 2.4 GHz and 5 GHz bands
(or both) in any desired arrangement. Integrated switching and active enterprise
class features such as VLAN support and multiple SSID capability enable robust
network compatibility and a high level of scalability and system control. The
Xirrus Management System (XMS) allows global management of hundreds of
Arrays from a central location.

Multiple versions of the Array with different numbers of Integrated Access Point
(IAPs) support a variety of deployment applications.

4 Introduction

Wireless Array

XR Wireless Array Product Family

XR-500 Series Access Points

These Access Points have one Gigabit Ethernet port and two radios—one multi­state radio (2.4GHz or 5GHz) and one 5GHz radio. They support 300Mbps,
connecting up to 240 users at one time.

The Access Point provides flexibility for delivering wireless service in low-to­medium user density scenarios, in challenging deployments in areas with high RF
attenuation, and in isolated or physically separated locations.

These models have an integrated controller, firewall, threat sensor and spectrum
analyzer. These models have omni-directional antennas rather than directional
antennas.



Feature

No. radios: 802.11 
a/b/g/n/monitor

Radio type 2x2
Integrated omni-directional

antennas
Integrated wireless switch ports 2
Integrated RF spectrum analyzer,

threat sensors
Gigabit Uplink Port 1
Wireless bandwidth 300 Mbps
Users supported 240

Some smaller Arrays/APs have less memory (XR-500/1000 Series and

XR-620) and are not able to run all ArrayOS features at the same time. You

will receive an error message if you attempt to configure a feature when there

is not enough memory left.

XR-520

2

4

Yes

Introduction 5

Wireless Array

XR-600 Series Access Points

These Access Points provide robust wireless service in low-to-medium user
density scenarios. These Access Points have two Gigabit Ethernet ports and two
multi-state radios (2.4GHz or 5GHz), so that as more of your clients migrate to

802.11ac, you can increase the number of radios operating at 5 GHz. Each of the
XR-630’s two 3x3 802.11ac radios supports 1.3Gbps, connecting up to 240 users at
one time with 2.6Gbps total Wi-Fi bandwidth.

These models have an integrated controller, firewall, threat sensor spectrum
analyzer, and application-level intelligence. These models have omni-directional
antennas rather than directional antennas.

The XR-630 supports a unique feature that optimizes wireless performance by
automatically segmenting faster 802.11ac clients from slower Wi-Fi clients. Since
Wi-Fi is a shared medium, this separation ensures slower 802.11a/b/g/n clients
do not slow down 802.11ac clients from achieving high performance.

Feature

No. radios: 802.11 
ac/a/b/g/n/monitor

Radio type 2x2 3x3
Integrated omni-directional

antennas
Integrated wireless switch ports 2 2
Integrated RF spectrum analyzer,

threat sensors
Gigabit Uplink Ports 2 2
Wireless bandwidth 1.7 Gbps 2.6 Gbps
Users supported 240 240



6 Introduction

Some smaller Arrays/APs have less memory (XR-500/1000 Series and

XR-620) and are not able to run all ArrayOS features at the same time. You

will receive an error message if you attempt to configure a feature when there

is not enough memory left.

XR-620 XR-630

22

46

Yes Yes

Wireless Array

XR-1000

These Arrays include models with one Gigabit Ethernet port and two multi-state
radios (2.4GHz or 5GHz) that can support 300Mbps or 450Mbps, connecting up to
480 users at one time.

The Xirrus XR-1000 Series Wireless Array is a two slot chassis available in a two
multi-state (2.4GHz or 5GHz) radio configuration with up to 900Mbps of
bandwidth (up to 450 Mbps per radio). The XR-1000 provides flexibility for
delivering wireless service in low user density scenarios, challenging
deployments in areas with high RF attenuation, and in isolated or physically
separated locations. The elliptical-shaped coverage pattern produced by its
directional antennas is ideal for covering facilities with central hallways and
adjacent rooms commonly found in office buildings, hotels, and dormitories.

Like larger XR Arrays, these models integrate multi-state radios with high gain
directional antennas, an onboard multi-gigabit switch, controller, firewall, threat
sensor and spectrum analyzer all built on a modular chassis designed for future
extensibility.

Feature

No. radios: 802.11 
a/b/g/n/monitor

Radio type 2x2 3x3
Integrated antennas 4 6
Integrated wireless

switch ports
Integrated RF spectrum

analyzer, threat sensors
Gigabit Uplink Port 1 1
Wireless bandwidth 600 Mbps 900 Mbps
Users supported 480 480

Introduction 7

XR-1220 XR-1230

22

22

Yes Yes

Wireless Array



XR-2000/2005 Series Arrays

These Arrays include models with one or two Gigabit Ethernet ports and two or
four multi-state radios (2.4GHz or 5GHz) that can support 300Mbps or 450Mbps,
connecting up to 960 users at one time.

The Xirrus XR-2000 Series Wireless Array is a four slot chassis available in a four
multi-state (2.4GHz or 5GHz) radio configuration supporting up to 1.8Gbps of
bandwidth. These models support a range of low to high-performance
applications, including offices, hospitals, campuses and classrooms, and hotels.

Like larger XR Arrays, these models integrate multi-state radios with high gain
directional antennas, an onboard multi-gigabit switch, controller, firewall, threat
sensor and spectrum analyzer on a modular chassis designed for extensibility.

No. radios: 802.11 
a/b/g/n/monitor

Some smaller Arrays/APs have less memory (XR-500/1000 Series and
XR-620) and can’t run all ArrayOS features simultaneously. You will see an
error message if you configure a feature when there is not enough memory.

XR-2220

Feature

22224444

XR-2225

XR-2230

XR-2235

XR-2420

XR-2425

XR-2430

XR-2435

Radio type 2x2 2x2 3x3 3x3 2x2 2x2 3x3 3x3
Integrated antennas 4 4 6 6 8 8 12 12
Integrated wireless

switch ports
Integrated RF

spectrum analyzer,
threat sensors

Gigabit Uplink Ports 12121212
Wireless bandwidth 600

Users supported 480 480 480 480 960 960 960 960

8 Introduction

44444444

Yes Yes Yes Yes Yes Yes Yes Yes

Mbps

600

Mbps

900

Mbps

900

Mbps

1.2

Gbps

1.2

Gbps

1.8

Gbps

1.8

Gbps