Cambium Networks XN4 Users Guide

October 28, 2009
Wi-Fi Array
XN16, XN12, XN8, XN4
XS-3900, XS-3700, XS-3500
All rights reserved. This document may not be reproduced or
disclosed in whole or in part by any means without the written
consent of Xirrus, Inc.
Part Number: 800-0006-001
(Revision W)
Trademarks
is a registered trademark of Xirrus, Inc. All other trademarks and brand
names are marks of their respective holders.
Please see Legal Notices, Warnings, Compliance Statements, and Warranty and License Agreements in “Appendix F: Notices” on page 433.
Xirrus, Inc. 2101 Corporate Center Drive Thousand Oaks, CA 91320 USA
Tel: 1.805.262.1600
1.800.947.7871 Toll Free in the US
Fax: 1.866.462.3980
www.xirrus.com
Wi-Fi Array
Table of Contents
List of Figures.................................................................................... xiii
Introduction ......................................................................................... 1
The Xirrus Family of Products ............................................................................... 2
Nomenclature .................................................................................................... 4
About this User’s Guide .......................................................................................... 4
Organization ...................................................................................................... 4
Notes and Cautions .......................................................................................... 6
Screen Images .................................................................................................... 6
Your User’s Guide as a PDF Document ........................................................ 6
Hyperlinks ......................................................................................................... 7
Window or Page? .............................................................................................. 7
Why Choose the Xirrus Wi-Fi Array? ................................................................... 7
Wi-Fi Array Product Overview ............................................................................. 9
Enterprise Class Security ................................................................................. 9
Wi-Fi Array Product Family ......................................................................... 10
XN Family of Arrays ............................................................................... 10
XS Family of Arrays ................................................................................ 11
Deployment Flexibility .................................................................................. 12
Power over Gigabit Ethernet (PoGE) (Optional) ................................ 13
Enterprise Class Management ...................................................................... 14
Key Features and Benefits ..................................................................................... 16
High Capacity and High Performance ........................................................ 16
Extended Coverage ......................................................................................... 17
Flexible Coverage Schemes .................................................................... 18
Non-Overlapping Channels .......................................................................... 18
Secure Wireless Access .................................................................................. 18
Applications Enablement .............................................................................. 19
SDMA Optimization ...................................................................................... 19
Fast Roaming ................................................................................................... 19
Easy Deployment ............................................................................................ 19
Product Specifications—XN16, XN12, and XN8 ............................................... 20
Product Specifications—XN4 ............................................................................... 27
Table of Contents i
Wi-Fi Array
Product Specifications—XS16/XS-3900, XS12, and
XS8/XS-3700 ........................................................................................................... 34
Product Specifications—XS4/XS-3500 ............................................................... 40
Installing the Wi-Fi Array ................................................................. 45
Installation Prerequisites ...................................................................................... 45
Optional Network Components ................................................................... 47
Client Requirements ....................................................................................... 47
Planning Your Installation .................................................................................... 48
General Deployment Considerations .......................................................... 48
Coverage and Capacity Planning ................................................................. 50
Placement .................................................................................................. 50
RF Patterns ................................................................................................ 51
Capacity and Cell Sizes ........................................................................... 52
Fine Tuning Cell Sizes ............................................................................. 53
Roaming Considerations ........................................................................ 54
Allocating Channels ................................................................................ 54
Deployment Examples ............................................................................ 57
IEEE 802.11n Deployment Considerations ................................................. 59
MIMO (Multiple-In Multiple-Out) ........................................................ 60
Multiple Data Streams—Spatial Multiplexing .................................... 62
Channel Bonding ..................................................................................... 63
Improved MAC Throughput ................................................................. 64
Short Guard Interval ............................................................................... 64
Obtaining Higher Data Rates ................................................................. 65
802.11n Capacity ...................................................................................... 66
Failover Planning ............................................................................................ 67
Port Failover Protection .......................................................................... 67
Switch Failover Protection ..................................................................... 68
Power Planning ............................................................................................... 69
AC Power .................................................................................................. 69
Power over Gigabit Ethernet ................................................................. 69
Security Planning ............................................................................................ 70
Wireless Encryption ................................................................................ 70
Authentication ......................................................................................... 70
Meeting PCI DSS Standards ................................................................... 71
Meeting FIPS Standards ......................................................................... 71
ii Table of Contents
Wi-Fi Array
Port Requirements .......................................................................................... 72
Network Management Planning .................................................................. 75
WDS Planning ................................................................................................. 76
Common Deployment Options .................................................................... 79
Installation Workflow ........................................................................................... 80
Unpacking the Wi-Fi Array .................................................................................. 81
Installing Your Wi-Fi Array .................................................................................. 83
Choosing a Location ....................................................................................... 83
Wiring Considerations ............................................................................ 84
Mounting the Array on a Ceiling ................................................................. 86
Attaching the T-Bar Clips to the Template .......................................... 86
Secure the T-Bar Clips to the Ceiling Support Grid ........................... 87
Installing the Mounting Plate ................................................................ 88
Connecting the Cables—AC Option ..................................................... 89
Connecting the Cables—PoGE Option ................................................ 90
Attaching the Array to the Mounting Plate ......................................... 92
Securing the Array ................................................................................... 94
Dismounting the Array ........................................................................... 95
Mounting Array on a Wall (All models except 4-port Arrays) ................ 96
Kit Contents (Wall Mount Assembly) .................................................. 96
Tools Required ......................................................................................... 96
Mark the Wall Position ........................................................................... 97
Install the SNAPTOGGLE™ Toggle Bolts ........................................... 98
Attach the Mounting Plate to the Wall Mounting Bracket ................ 99
Attach the Wall Mounting Bracket/Plate Assembly to the Wall ..... 99
Mount the Array .................................................................................... 100
Mounting the Wi-Fi Array on a Wall (XS4 and XS-3500) ....................... 101
Kit Contents (Wall Mount Assembly) ................................................ 101
Tools Required ....................................................................................... 101
Mark the Wall Position ......................................................................... 102
Install the SNAPTOGGLE™ Toggle Bolts ......................................... 102
Attach the Mounting Plate to the Wall Mounting Bracket .............. 104
Attach the Wall Mounting Bracket/Plate Assembly to the Wall ... 105
Mount the Array .................................................................................... 106
Removing the Array .............................................................................. 107
Powering Up the Wi-Fi Array ............................................................................ 107
Array LED Operating Sequences ............................................................... 108
Table of Contents iii
Wi-Fi Array
LED Boot Sequence ............................................................................... 108
LED Operation when Array is Running ............................................ 109
Establishing Communication with the Array .................................................. 110
Using the Serial Port ..................................................................................... 110
Using the Ethernet Ports .............................................................................. 110
Logging In ...................................................................................................... 111
Performing the Express Setup Procedure ......................................................... 112
Procedure for Performing an Express Setup ............................................ 113
The Web Management Interface ................................................ 119
An Overview ........................................................................................................ 120
Structure of the WMI ........................................................................................... 121
User Interface ....................................................................................................... 123
Utility Buttons ........................................................................................ 124
Logging In ............................................................................................................. 126
Applying Configuration Changes ..................................................................... 126
Viewing Status on the Wi-Fi Array............................................... 127
Array Status Windows ........................................................................................ 127
Array Summary ............................................................................................ 128
Content of the Array Summary Window .......................................... 128
Array Information ........................................................................................ 131
Array Configuration ..................................................................................... 132
Admin History .............................................................................................. 133
Network Status Windows ................................................................................... 133
Network Map ................................................................................................ 134
Content of the Network Map Window .............................................. 134
Spanning Tree Status .................................................................................... 136
Routing Table ................................................................................................ 138
ARP Table ...................................................................................................... 138
DHCP Leases ................................................................................................. 139
Connection Tracking/NAT ......................................................................... 140
CDP Neighbors ............................................................................................. 141
RF Monitor Windows .......................................................................................... 142
IAPs ................................................................................................................. 143
Spectrum Analyzer ...................................................................................... 144
Intrusion Detection ...................................................................................... 148
iv Table of Contents
Wi-Fi Array
Station Status Windows ...................................................................................... 150
Stations ........................................................................................................... 151
Location Map ................................................................................................. 152
RSSI ................................................................................................................. 158
Signal-to-Noise Ratio (SNR) ........................................................................ 160
Noise Floor ..................................................................................................... 162
Max by IAP .................................................................................................... 164
Statistics Windows ............................................................................................... 165
IAP Statistics Summary ................................................................................ 165
Per-IAP Statistics ........................................................................................... 166
Network Statistics ......................................................................................... 168
VLAN Statistics ............................................................................................. 169
WDS Statistics ................................................................................................ 170
Filter Statistics ............................................................................................... 171
Station Statistics ............................................................................................ 171
Per-Station Statistics ..................................................................................... 172
System Log Window ........................................................................................... 173
Configuring the Wi-Fi Array .......................................................... 175
Express Setup ........................................................................................................ 176
Network ................................................................................................................. 182
Network Interfaces ...................................................................................... 183
Network Interface Ports ........................................................................ 184
DNS Settings .................................................................................................. 190
CDP Settings .................................................................................................. 191
Services .................................................................................................................. 193
Time Settings (NTP) ..................................................................................... 194
NetFlow .......................................................................................................... 196
System Log ..................................................................................................... 197
SNMP .............................................................................................................. 200
DHCP Server ................................................................................................. 203
VLANs ................................................................................................................... 205
Understanding Virtual Tunnels .......................................................... 205
VLAN Management ..................................................................................... 207
Security .................................................................................................................. 209
Understanding Security ........................................................................ 210
Certificates and Connecting Securely to the WMI ............................ 213
Table of Contents v
Wi-Fi Array
Using the Array’s Default Certificate ................................................. 213
Using an External Certificate Authority ............................................. 214
Admin Management .................................................................................... 215
Admin RADIUS ............................................................................................ 216
About Creating Admin Accounts on the RADIUS Server .............. 217
Management Control ................................................................................... 219
Access Control List ....................................................................................... 223
Global Settings .............................................................................................. 225
External Radius ............................................................................................. 228
Internal Radius .............................................................................................. 231
Rogue Control List ........................................................................................ 233
SSIDs ...................................................................................................................... 235
Understanding SSIDs ............................................................................ 236
Understanding QoS Priority on the Wi-Fi Array .............................. 237
SSID Management ........................................................................................ 240
SSID List (top of page) .......................................................................... 240
SSID Limits ............................................................................................. 243
Web Page Redirect Configuration Settings ........................................ 244
Groups ................................................................................................................... 247
Understanding Groups ......................................................................... 247
Using Groups ......................................................................................... 248
Group Management ..................................................................................... 249
Group Limits .......................................................................................... 251
IAPs ........................................................................................................................ 253
Understanding Fast Roaming .............................................................. 254
IAP Settings ................................................................................................... 255
Global Settings (IAP) ................................................................................... 260
Beacon Configuration ........................................................................... 262
Station Management ............................................................................. 262
Advanced Traffic Optimization .......................................................... 263
Global Settings .11a ...................................................................................... 267
Global Settings .11bg .................................................................................... 269
Global Settings .11n ...................................................................................... 273
Advanced RF Settings .................................................................................. 275
About Standby Mode ............................................................................ 275
About Blocking Rogue APs .................................................................. 276
RF Intrusion Detection .......................................................................... 277
vi Table of Contents
Wi-Fi Array
RF Resilience .......................................................................................... 278
RF Power & Sensitivity ......................................................................... 279
RF Spectrum Management ................................................................... 280
LED Settings .................................................................................................. 283
WDS ....................................................................................................................... 285
About Configuring WDS Links ........................................................... 285
WDS Client Links .......................................................................................... 287
Filters ..................................................................................................................... 289
Filter Lists ...................................................................................................... 290
Filter Management ....................................................................................... 291
Using Tools on the Wi-Fi Array..................................................... 295
System Tools ......................................................................................................... 296
System ..................................................................................................... 297
Configuration ......................................................................................... 298
Diagnostics ............................................................................................. 299
Web Page Redirect ................................................................................. 300
Tools ........................................................................................................ 301
Progress and Status Frames ................................................................. 303
CLI ......................................................................................................................... 303
Logout .................................................................................................................... 305
The Command Line Interface...................................................... 307
Establishing a Secure Shell (SSH) Connection ................................................. 307
Getting Started with the CLI .............................................................................. 309
Inputting Commands ................................................................................... 309
Getting Help .................................................................................................. 309
Top Level Commands ......................................................................................... 311
Root Command Prompt ............................................................................... 311
configure Commands ................................................................................... 312
show Commands .......................................................................................... 315
statistics Commands ..................................................................................... 318
Configuration Commands .................................................................................. 320
acl .................................................................................................................... 320
admin .............................................................................................................. 321
cdp ................................................................................................................... 322
clear ................................................................................................................. 323
Table of Contents vii
Wi-Fi Array
contact-info .................................................................................................... 324
date-time ........................................................................................................ 325
dhcp-server .................................................................................................... 326
dns ................................................................................................................... 327
file .................................................................................................................... 328
filter ................................................................................................................. 331
fips ................................................................................................................... 333
group .............................................................................................................. 334
hostname ........................................................................................................ 334
https ................................................................................................................ 335
interface .......................................................................................................... 336
license ............................................................................................................. 337
load ................................................................................................................. 337
location ........................................................................................................... 338
management .................................................................................................. 338
more ................................................................................................................ 338
netflow ............................................................................................................ 339
no ..................................................................................................................... 340
pci-audit ......................................................................................................... 342
quit .................................................................................................................. 343
radius-server .................................................................................................. 343
reboot .............................................................................................................. 344
reset ................................................................................................................. 344
run-tests .......................................................................................................... 345
security ........................................................................................................... 347
snmp ............................................................................................................... 348
ssh .................................................................................................................... 348
ssid .................................................................................................................. 350
standby ........................................................................................................... 350
syslog .............................................................................................................. 351
telnet ............................................................................................................... 353
uptime ............................................................................................................. 353
vlan .................................................................................................................. 354
Sample Configuration Tasks .............................................................................. 355
Configuring a Simple Open Global SSID .................................................. 356
Configuring a Global SSID using WPA-PEAP ......................................... 357
Configuring an SSID-Specific SSID using WPA-PEAP ........................... 358
viii Table of Contents
Wi-Fi Array
Enabling Global IAPs ................................................................................... 359
Disabling Global IAPs .................................................................................. 360
Enabling a Specific IAP ................................................................................ 361
Disabling a Specific IAP ............................................................................... 362
Setting Cell Size Auto-Configuration for All IAPs .................................. 363
Setting the Cell Size for All IAPs ................................................................ 364
Setting the Cell Size for a Specific IAP ....................................................... 365
Configuring VLANs on an Open SSID ...................................................... 366
Configuring Radio Assurance Mode (Loopback Tests) .......................... 367
Appendices..................................................................................... 369
Appendix A: Servicing the Wi-Fi Array ............................................................. 371
Removing the Access Panel ................................................................................ 373
Reinstalling the Access Panel ............................................................................. 376
Replacing the FLASH Memory Module ........................................................... 378
Replacing the Main System Memory ................................................................ 380
Replacing the Integrated Access Point Radio Module ................................... 382
Replacing the Power Supply Module ............................................................... 385
Appendix B: Quick Reference Guide ............................................................... 387
Factory Default Settings ...................................................................................... 387
Host Name ..................................................................................................... 387
Network Interfaces ....................................................................................... 387
Serial ........................................................................................................ 387
Gigabit 1 and Gigabit 2 ......................................................................... 388
Fast Ethernet ........................................................................................... 388
Integrated Access Points (IAPs) .................................................................. 389
Server Settings ............................................................................................... 390
NTP .......................................................................................................... 390
Syslog ...................................................................................................... 390
SNMP ...................................................................................................... 390
DHCP .............................................................................................................. 391
Default SSID .................................................................................................. 391
Security .......................................................................................................... 392
Global Settings - Encryption ............................................................... 392
External RADIUS (Global) .................................................................. 392
Internal RADIUS .................................................................................... 393
Table of Contents ix
Wi-Fi Array
Administrator Account and Password ...................................................... 394
Management .................................................................................................. 394
Keyboard Shortcuts ............................................................................................. 394
Appendix C: Technical Support ........................................................................ 397
General Hints and Tips ....................................................................................... 397
Frequently Asked Questions .............................................................................. 398
Multiple SSIDs ............................................................................................... 398
Security ........................................................................................................... 400
VLAN Support .............................................................................................. 403
Array Monitor and Radio Assurance Capabilities .......................................... 406
Enabling Monitoring on the Array ..................................................... 406
How Monitoring Works ............................................................................... 406
Radio Assurance ........................................................................................... 407
Radio Assurance Options ..................................................................... 408
Upgrading the Array via CLI ............................................................................. 409
Sample Output for the Upgrade Procedure: ............................................. 410
Power over Gigabit Ethernet Compatibility Matrix ....................................... 414
Determining If an XS-3700 or XS-3900 is Modified for PoGE ......... 416
Contact Information ............................................................................................ 417
Appendix D: Implementing PCI DSS ............................................................... 419
Payment Card Industry Data Security Standard Overview .......................... 419
PCI DSS and Wireless .......................................................................................... 420
The Xirrus Array PCI Compliance Configuration .......................................... 421
The pci-audit Command ..................................................................................... 422
Additional Resources .......................................................................................... 423
Appendix E: Implementing FIPS Security ....................................................... 425
Appendix F: Notices ........................................................................................... 433
Notices ................................................................................................................... 433
EU Directive 1999/5/EC Compliance Information ........................................ 436
Safety Warnings ................................................................................................... 443
Translated Safety Warnings ............................................................................... 444
Software Warranty and License Agreement .................................................... 445
Hardware Warranty Agreement ....................................................................... 452
x Table of Contents
Wi-Fi Array
Glossary of Terms.......................................................................... 455
Index................................................................................................ 467
Table of Contents xi
Wi-Fi Array
xii Table of Contents
Wi-Fi Array
List of Figures
Figure 1. Xirrus Arrays............................................................................................... 2
Figure 2. The Xirrus Management System .............................................................. 3
Figure 3. Wi-Fi Array (XN16).................................................................................... 9
Figure 4. Wireless Coverage Patterns .................................................................... 12
Figure 5. XP8 - Power over Ethernet Usage .......................................................... 13
Figure 6. WMI: Array Status.................................................................................... 14
Figure 7. Layout of IAPs (XN16)............................................................................. 16
Figure 8. Naming of IAPs (XS16)............................................................................ 17
Figure 9. Coverage Schemes ................................................................................... 18
Figure 10. Wall Thickness Considerations .............................................................. 49
Figure 11. Unit Placement.......................................................................................... 50
Figure 12. Full (Normal) Coverage........................................................................... 51
Figure 13. Adjusting RF Patterns.............................................................................. 51
Figure 14. Custom Coverage ..................................................................................... 52
Figure 15. Connection Rate vs. Distance.................................................................. 52
Figure 16. Transmit Power......................................................................................... 53
Figure 17. Overlapping Cells..................................................................................... 54
Figure 18. Allocating Channels Manually............................................................... 56
Figure 19. Deployment Scenario (54 Mbps)—Per Sector ...................................... 57
Figure 20. Deployment Scenario (36 Mbps)—Per Sector ...................................... 57
Figure 21. Deployment Scenario (18 Mbps)—Per Sector ...................................... 58
Figure 22. Classic 802.11 Signal Transmission........................................................ 60
Figure 23. MIMO Signal Processing......................................................................... 61
Figure 24. Spatial Multiplexing................................................................................. 62
Figure 25. Channel Bonding...................................................................................... 63
Figure 26. MAC Throughput Improvements.......................................................... 64
Figure 27. Computing 802.11n Data Rates .............................................................. 65
Figure 28. 802.11n Increases Capacity...................................................................... 66
Figure 29. Port Failover Protection........................................................................... 67
Figure 30. Switch Failover Protection ...................................................................... 68
Figure 31. Port Requirements for XMS .................................................................... 72
Figure 32. WDS Link................................................................................................... 76
Figure 33. A Multiple Hop WDS Connection ......................................................... 77
Figure 34. WDS Failover Protection ......................................................................... 77
List of Figures xiii
Wi-Fi Array
Figure 35. Installation Workflow .............................................................................. 80
Figure 36. Array Placement ....................................................................................... 83
Figure 37. Attaching the T-Bar Clips to the Template ........................................... 86
Figure 38. Attaching the T-Bar Clips to the Ceiling Grid...................................... 87
Figure 39. Installing the Mounting Plate ................................................................. 88
Figure 40. Connecting the Cables ............................................................................. 89
Figure 41. Connecting the Cables (PoGE—XS8/XS12/XS16) .............................. 90
Figure 42. Connecting the Cable (PoGE—XS4) ...................................................... 91
Figure 43. Attaching the Unit (XS4 shown)............................................................. 92
Figure 44. Attaching the Unit (XS-3900) .................................................................. 93
Figure 45. Securing the Array.................................................................................... 94
Figure 46. IAP Positions (XS16 shown).................................................................... 95
Figure 47. Wall Mount—Marking the Holes........................................................... 97
Figure 48. Installing the Toggle Bolts....................................................................... 98
Figure 49. Attaching the Wall Mounting Plate ....................................................... 99
Figure 50. Mounting the Array on a Wall ............................................................. 100
Figure 51. Wall Mount—Marking the Holes......................................................... 102
Figure 52. Installing the Toggle Bolts..................................................................... 103
Figure 53. Attaching the Array Mounting Plate................................................... 104
Figure 54. Attaching the Wall Mounting Bracket to the Wall ............................ 105
Figure 55. Mounting the Array on a Wall ............................................................. 106
Figure 56. LED Locations (XS-3900) ....................................................................... 107
Figure 57. Network Interface Ports......................................................................... 110
Figure 58. Express Setup.......................................................................................... 112
Figure 59. LEDs are Switched On........................................................................... 117
Figure 60. Web Management Interface.................................................................. 120
Figure 61. WMI: Frames........................................................................................... 123
Figure 62. WMI: Utility Buttons.............................................................................. 124
Figure 63. Feedback Form........................................................................................ 125
Figure 64. Logging In to the Wi-Fi Array.............................................................. 126
Figure 65. Array Summary ...................................................................................... 128
Figure 66. Disabled IAP (Partial View).................................................................. 129
Figure 67. IAP Cells .................................................................................................. 130
Figure 68. Array Information .................................................................................. 131
Figure 69. Show Configuration ............................................................................... 132
Figure 70. Admin Login History............................................................................. 133
Figure 71. Network Map.......................................................................................... 134
xiv List of Figures
Wi-Fi Array
Figure 72. Spanning Tree Status.............................................................................. 137
Figure 73. Routing Table.......................................................................................... 138
Figure 74. ARP Table ................................................................................................ 138
Figure 75. DHCP Leases........................................................................................... 139
Figure 76. Connection Tracking.............................................................................. 140
Figure 77. CDP Neighbors....................................................................................... 141
Figure 78. RF Monitor—IAPs.................................................................................. 143
Figure 79. RF Spectrum Analyzer........................................................................... 145
Figure 80. Intrusion Detection/Rogue AP List..................................................... 148
Figure 81. Stations..................................................................................................... 151
Figure 82. Location Map........................................................................................... 153
Figure 83. Controls for Location Map.................................................................... 154
Figure 84. Minimizing stations................................................................................ 155
Figure 85. Setting Array location on a Custom Image......................................... 157
Figure 86. Station RSSI Values ................................................................................ 158
Figure 87. Station RSSI Values—Colorized Graphical View .............................. 159
Figure 88. Station Signal-to-Noise Ratio Values................................................... 160
Figure 89. Station SNR Values—Colorized Graphical View .............................. 161
Figure 90. Station Noise Floor Values.................................................................... 162
Figure 91. Station Noise Floor Values—Colorized Graphical View.................. 163
Figure 92. Max by IAP.............................................................................................. 164
Figure 93. IAP Statistics Summary Page................................................................ 166
Figure 94. Individual IAP Statistics Page (for IAP abg(n)1) ............................... 167
Figure 95. Network Statistics................................................................................... 168
Figure 96. VLAN Statistics....................................................................................... 169
Figure 97. WDS Statistics ......................................................................................... 170
Figure 98. Filter Statistics ......................................................................................... 171
Figure 99. Station Statistics ...................................................................................... 171
Figure 100. Individual Station Statistics Page......................................................... 172
Figure 101. System Log ............................................................................................. 173
Figure 102. WMI: Express Setup............................................................................... 176
Figure 103. LEDs are Switched On........................................................................... 181
Figure 104. Network Interfaces................................................................................. 182
Figure 105. Network Settings .................................................................................... 183
Figure 106. Network Interface Ports......................................................................... 184
Figure 107. Port Modes (a-b) ..................................................................................... 186
Figure 108. Port Modes (c-d) ..................................................................................... 187
List of Figures xv
Wi-Fi Array
Figure 109. Port Modes (e-f) ...................................................................................... 188
Figure 110. DNS Settings............................................................................................ 190
Figure 111. CDP Settings............................................................................................ 191
Figure 112. Services..................................................................................................... 193
Figure 113. Time Settings (Manual Time)................................................................ 194
Figure 114. Time Settings (NTP Time Enabled)...................................................... 195
Figure 115. NetFlow.................................................................................................... 196
Figure 116. System Log .............................................................................................. 197
Figure 117. SNMP ....................................................................................................... 200
Figure 118. DHCP Management............................................................................... 203
Figure 119. VLANs...................................................................................................... 205
Figure 120. VLAN Management............................................................................... 207
Figure 121. Security..................................................................................................... 209
Figure 122. Import Xirrus Certificate Authority..................................................... 214
Figure 123. Admin Management .............................................................................. 215
Figure 124. Admin RADIUS...................................................................................... 217
Figure 125. Management Control ............................................................................. 219
Figure 126. Access Control List................................................................................. 223
Figure 127. Global Settings (Security) ...................................................................... 225
Figure 128. External RADIUS Server ....................................................................... 228
Figure 129. Internal RADIUS Server ........................................................................ 231
Figure 130. Rogue Control List ................................................................................. 233
Figure 131. SSIDs......................................................................................................... 235
Figure 132. Four Traffic Classes................................................................................ 237
Figure 133. SSID Management.................................................................................. 240
Figure 134. WPR Internal Splash Page Fields (SSID Management)..................... 245
Figure 135. Groups...................................................................................................... 247
Figure 136. Group Management ............................................................................... 249
Figure 137. IAPs........................................................................................................... 253
Figure 138. IAP Settings ............................................................................................. 255
Figure 139. Global Settings (IAPs)............................................................................ 260
Figure 140. Global Settings .11a ................................................................................ 267
Figure 141. Global Settings .11bg.............................................................................. 269
Figure 142. Global Settings .11n................................................................................ 273
Figure 143. Advanced RF Settings............................................................................ 275
Figure 144. LED Settings............................................................................................ 283
Figure 145. WDS.......................................................................................................... 285
xvi List of Figures
Wi-Fi Array
Figure 146. .Configuring a WDS Link...................................................................... 286
Figure 147. WDS Client Links ................................................................................... 287
Figure 148. Filters........................................................................................................ 289
Figure 149. Filter Lists ................................................................................................ 290
Figure 150. Filter Management ................................................................................. 291
Figure 151. System Tools............................................................................................ 296
Figure 152. Saving the Diagnostic Log..................................................................... 299
Figure 153. Managing WPR Splash/Login page files............................................ 300
Figure 154. System Command (Ping)....................................................................... 301
Figure 155. Radius Ping Output................................................................................ 302
Figure 156. CLI Window............................................................................................ 304
Figure 157. Login Window ........................................................................................ 305
Figure 158. Logging In................................................................................................ 308
Figure 159. Help Window.......................................................................................... 309
Figure 160. Full Help .................................................................................................. 310
Figure 161. Partial Help.............................................................................................. 310
Figure 162. Configuring a Simple Open Global SSID............................................ 356
Figure 163. Configuring a Global SSID using WPA-PEAP................................... 357
Figure 164. Configuring an SSID-Specific SSID using WPA-PEAP..................... 358
Figure 165. Enabling Global IAPs............................................................................. 359
Figure 166. Disabling Global IAPs............................................................................ 360
Figure 167. Enabling a Specific IAP.......................................................................... 361
Figure 168. Disabling a Specific IAP......................................................................... 362
Figure 169. Setting the Cell Size for All IAPs.......................................................... 363
Figure 170. Setting the Cell Size for All IAPs.......................................................... 364
Figure 171. Setting the Cell Size for a Specific IAP ................................................ 365
Figure 172. Configuring VLANs on an Open SSID................................................ 366
Figure 173. Configuring Radio Assurance Mode (Loopback Testing)................ 368
Figure 174. Disconnecting Power from the Array.................................................. 371
Figure 175. Removing the Access Panel Screws..................................................... 373
Figure 176. Removing the Access Panel .................................................................. 374
Figure 177. Disconnecting the Power Supply and Fan.......................................... 374
Figure 178. Reconnecting the Fan and Power Supply ........................................... 376
Figure 179. Reinstalling the Access Panel................................................................ 376
Figure 180. Removing the FLASH Memory Module............................................. 378
Figure 181. Removing the DIMM Memory Module .............................................. 380
Figure 182. Removing the Chassis Cover Screws................................................... 382
List of Figures xvii
Wi-Fi Array
Figure 183. Removing the Chassis Cover................................................................ 382
Figure 184. Lifting the Integrated Access Point Module....................................... 383
Figure 185. Disconnect the Integrated Access Point Module ............................... 383
Figure 186. Installing a New Access Panel (with Power Supply)........................ 385
Figure 187. XN8/XN12/XN16/XS8/XS12/XS16: Integrated Splitter ................ 416
Figure 188. Determining if XS-37000/3900 is modified ........................................ 416
Figure 189. Sample output of pci-audit command................................................. 423
Figure 190. Applying Three Seals to XS16/XS12/XS8 or XS-3900/XS-3700...... 426
Figure 191. Applying Two Tamper-evident seals to the XS4 or XS-3500 ........... 427
Figure 192. SSID Management Window................................................................. 428
Figure 193. Security/Global Settings Window....................................................... 429
Figure 194. Security/Management Control Window............................................ 430
Figure 195. Services/SNMP Window ...................................................................... 430
Figure 196. IAPs/Global Settings Screen................................................................. 431
xviii List of Figures
Wi-Fi Array
z
z
z
z
z
z
z
z
z
Introduction
These topics introduce the Xirrus Wi-Fi Array, including an overview of its key features and benefits, and a detailed listing of the product’s physical, environmental, technology and regulatory specifications.
“The Xirrus Family of Products” on page 2. “About this User’s Guide” on page 4. “Why Choose the Xirrus Wi-Fi Array?” on page 7. “Wi-Fi Array Product Overview” on page 9. “Key Features and Benefits” on page 16. “Product Specifications—XN16, XN12, and XN8” on page 20. “Product Specifications—XN4” on page 27.
“Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700” on page 34.
“Product Specifications—XS4/XS-3500” on page 40.
Introduction 1
The Xirrus Family of Products
z
z
Figure 1. Xirrus Arrays
The Xirrus family of products includes the following:
Wi-Fi Array
The XS Series of Xirrus Wi-Fi Arrays (XS16 / XS12 / XS8 / XS4)
XS Arrays integrate multiple Integrated Access Points—radios with high­gain directional antennas for increased range and coverage. The Array also incorporates an onboard multi-gigabit switch, Wi-Fi controller, and firewall into a single device, along with a dedicated Wi-Fi threat sensor and an embedded spectrum analyzer. The Wi-Fi Array provides more than enough bandwidth, security, and control to replace switched Ethernet to the desktop as the primary network connection. The XS16 has 16 IAPs, the XS12 has 12 IAPs, the XS8 has 8 IAPs, and the XS4 has 4 IAPs.
The XN Series of Xirrus Wi-Fi Arrays (XN16 / XN12 / XN8 / XN4)
The newest Xirrus Wi-Fi Arrays add the speed and reach of IEEE 802.11n technology to the XS series of Arrays. The XN Series of Arrays feature the capacity and performance needed to replace switched Ethernet to the desktop. The XN16 has 16 IAPs, the XN12 has 12 IAPs, the XN8 has 8 IAPs, and the XN4 has 4 IAPs.
2 Introduction
Wi-Fi Array
z
z
Xirrus Management System (XMS)
XMS is used for managing large Array deployments from a centralized Web-based interface. The XMS server is available pre-installed on the Xirrus XM-33xx-CC Management Platform Series, or as a software package (XA-3300-CC) to be installed on your own server hardware.
Figure 2 illustrates the elements of the Xirrus Management System. Users
start the XMS client simply by entering the URL of the XMS server on a web browser. The XMS server manages a number of Wi-Fi Arrays via SNMP.
Figure 2. The Xirrus Management System
If you need detailed information about this product, refer to the XMS User’s Guide, part number 800-0007-001.
Xirrus Power over Gigabit Ethernet (PoGE)
The PoGE modules eliminate the need for running separate power cabling. Additionally, an eight port module provides distributed power to multiple Arrays, facilitating backup power when connected via a UPS.
Introduction 3
Wi-Fi Array
z
Nomenclature
Throughout this User’s Guide, the Xirrus Wi-Fi Array is also referred to as simply the Array. In some instances, the terms product and unit are also used. When discussing specific products from the Xirrus family, the product name is used (for example, XN16, XS12, or XS-3500). The Wi-Fi Array’s operating system is referred to as the ArrayOS. The Web Management Interface for browser-based management of the Array is referred to as WMI.
The XS series of Arrays have two types of radios—the 5 GHz 802.11a radios are named a1 to a12 (for 16-port models). The 802.11a/b/g radios are named abg1 to abg4, and they support both 2.4GHz and 5 GHz. The XN series of Arrays also have two types of radios—the 5 GHz 802.11a/n radios are named an1 through an12 (for 16-port models). The 802.11a/b/g/n radios are named abgn1 to abgn4, and they also support both 2.4GHz and 5 GHz. When referring to a port that may be on either an XN or XS model, the nomenclature abg(n) and a(n) will be used, e.g., abg(n)2 or a(n)6.
The Xirrus Management System is referred to as XMS. The Power over Gigabit Ethernet system may be referred to as PoGE.
About this User’s Guide
This User’s Guide provides detailed information and procedures that will enable wireless network administrators to install, configure and manage the Wi-Fi Array so that end users can take full advantage of the product’s features and functionality without technical assistance.
Organization
Topics and procedures are organized by function under the following chapter headings:
Introduction
Provides a brief introduction to wireless technology, an overview of the product, including its key features and benefits, and presents the product specifications.
4 Introduction
Wi-Fi Array
z
z
z
z
z
z
z
z
Installing the Wi-Fi Array
Defines prerequisites for deploying and installing the Array and provides instructions to help you plan and complete a successful installation.
The Web Management Interface
Offers an overview of the product’s embedded Web Management Interface, including its content and structure. It emphasizes what you need to do to ensure that any configuration changes you make are applied, and provides a list of restricted characters. It also includes instructions for logging in to the Array with your Web browser.
Viewing Status on the Wi-Fi Array
Describes the status and statistics displays available on the Array using its embedded Web Management Interface.
Configuring the Wi-Fi Array
Contains procedures for configuring the Array using its embedded Web Management Interface.
Using Tools on the Wi-Fi Array
Contains procedures for using utility tools provided in the Web Management Interface. It includes procedures for upgrading the system firmware, uploading and downloading configurations and other files, using diagnostic tools, and resetting the Array to its factory defaults.
The Command Line Interface
Includes the commands and the command structure used by the Wi-Fi Array’s Command Line Interface (CLI), and provides a procedure for establishing a Telnet connection to the Array. This chapter also includes some sample key configuration tasks using the CLI.
Appendix A: Servicing the Wi-Fi Array
Contains procedures for servicing the Array, including the removal and reinstallation of major hardware components.
Appendix B: Quick Reference Guide
Contains the product’s factory default settings.
Introduction 5
Wi-Fi Array
z
z
z
z
z
Appendix C: Technical Support
Offers guidance to resolve technical issues, including general hints and tips to enhance your product experience, and a procedure for isolating problems within an Array-enabled wireless network. Also includes Frequently Asked Questions (FAQs) and Xirrus contact information.
Appendix D: Implementing PCI DSS
Discusses meeting security standards with the Array, including FIPS and PCI DSS.
Appendix F: Notices
Contains the legal notices, licensing, and compliance statements for the Array. Please read this section carefully.
Glossary of Terms
Provides an explanation of terms directly related to Xirrus product technology, organized alphabetically.
Index
The index is a valuable information search tool. Use the index to locate specific topics discussed in this User’s Guide. Simply click on any page number in the index to jump to the referenced topic.
Notes and Cautions
The following symbols are used throughout this User’s Guide:
This symbol is used for general notes that provide useful supplemental
#
!
information.
This symbol is used for cautions. Cautions provide critical information that may adversely affect the performance of the product.
Screen Images
Some screen images of the Web Management Interface have been modified for clarity. For example, an image may have been cropped to highlight a specific area of the screen, and/or sample data may be included in some fields.
Your User’s Guide as a PDF Document
6 Introduction
Wi-Fi Array
This User’s Guide is also made available as a secure PDF (Portable Document Format) file and can be viewed using the Adobe® Acrobat Reader® product. It cannot be edited or modified. If you don’t have Acrobat Reader, you can downloaded it free-of-charge from: http://www.adobe.com.
Hyperlinks
If you click on body text that appears in the color TEAL (with the exception of headings or notes) the embedded hyperlink within the text will immediately take you to the referenced destination. All internal and external cross-references, including page numbers within the List of Figures and the Index, have associated hyperlinks. After “jumping” to a referenced topic, if you want to return to the previous page (reference source), simply click on Acrobat’s previous page button.
Window or Page?
Is a window a page, or is a page a window? There seems to be some dispute as to what the correct term should be. For the sake of consistency, this document uses the term Window when referring to how the Wi-Fi Array’s Web Management Interface is displayed on your monitor.
Why Choose the Xirrus Wi-Fi Array?
The deployment of wireless LANs is becoming increasingly common as businesses strive for greater flexibility in the workplace and the need for employee mobility rises. The only requirements for an effective wireless deployment are a power source, a couple of screws, and a little imagination.
Wireless LAN is also fully compatible with standard Ethernet protocols, so connectivity with existing wired infrastructures is transparent to users—they can still access and use the same applications and network services that they use when plugged into the company’s wired LAN infrastructure (it’s only the plug that no longer exists).
Wireless LAN has come a long way in the past few years and now offers the performance, reliability and security that Enterprise customers have come to expect from their networks. The technology is being driven by four major IEEE standards:
Introduction 7
Wi-Fi Array
z
z
z
z
802.11a
Operates in the 5 GHz range with a maximum speed of 54 Mbps.
802.11b
Operates in the 2.4 GHz range with a maximum speed of 11 Mbps.
802.11g
Supports a higher transmission speed of 54 Mbps in the 2.4 GHz range and is backwards compatible with 802.11b.
802.11n
Uses multiple antennas per radio to boost transmission speed as high as 300 Mbps, increasing throughput, range, and maximum number of users.
802.11n is backwards compatible with 802.11a/b/g.
Whether you have just a handful of users or thousands of users, wireless has the scalability and flexibility to serve your needs.
See Also
Key Features and Benefits Wi-Fi Array Product Overview Product Specifications—XN16, XN12, and XN8 Product Specifications—XS4/XS-3500 Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700 The Xirrus Family of Products
8 Introduction
Wi-Fi Array
Wi-Fi Array Product Overview
Part of the family of Xirrus products, the Wi-Fi Array is a high capacity, multi­mode device designed for the Enterprise market, with twice the range and up to eight times the capacity of competitive wireless products.
Figure 3. Wi-Fi Array (XN16)
The Wi-Fi Array (regardless of the product model) is Wi-Fi® compliant and simultaneously supports 802.11a, 802.11b and 802.11g clients. XN model arrays add the enhanced abilities of 802.11n to this combination. Enterprise class features such as VLAN support and multiple SSID capability enable robust network compatibility and a high level of scalability and system control. The optional Xirrus Management System (XMS) allows global management of hundreds of Arrays from a central location.
Multiple versions of the Array with different numbers of Integrated Access Points (IAPs) support a variety of deployment applications: 16 IAPs (XN16, XS16, XS-3900), 12 IAPs (XN12, XS12), 8 IAPs (XN8, XS8, XS-3700), and 4 IAPs (XN4, XS4, XS-3500).
Enterprise Class Security
The latest and most effective wireless encryption security standards, including WPA (Wi-Fi Protected Access) and WPA2 with 802.11i AES (Advanced Encryption Standard) are provided with the Wi-Fi Array. In addition, the use of an embedded RADIUS server (or 802.1x with an external RADIUS server) ensures user authentication—multiple Arrays can authenticate to the optional XMS, ensuring only authorized Arrays become part of the wireless network. Rogue AP
Introduction 9
Wi-Fi Array
detection, site monitoring, and RF spectrum analysis are performed in the background by the Array automatically.
Wi-Fi Array Product Family
The following tables provide an overview of the main features supported by the Wi-Fi Array product family.
XN Family of Arrays
Feature XN16 XN12 XN8 XN4
Number of
4444
802.11a/b/g/n radios
Number of
12840
802.11a/n radios
Tot al ra di os 16 12 8 4
Number of
48 36 24 12
integrated antennas
Integrated Wi-Fi switch ports 16 12 8 4
Integrated RF spectrum
Yes Yes Yes Yes
analyzer, threat sensors
Uplink Ports 2221
Wi-Fi bandwidth 4.8 Gbps 3.6 Gbps 2.4 Gbps 1.2 Gbps
Users supported 1,024 768 512 256
10 Introduction
Wi-Fi Array
XS Family of Arrays
Feature
Number of
802.11a/b/g radios
Number of
802.11a radios
Tot al ra di os 16 12 8 4
Integrated Wi-Fi switch ports
Integrated RF spectrum analyzer and threat sensors
Uplink Ports 2221
Wi-Fi bandwidth 864 Mb 648 Mb 432 Mb 216 Mb
Users supported 1,024 768 512 256
XS16,
XS-3900
4444
12840
16 12 8 4
Yes Yes Yes Yes
XS12
XS8,
XS-3700
XS4,
XS-3500
See Also
Key Features and Benefits Wi-Fi Array Product Overview Product Specifications—XN16, XN12, and XN8 Product Specifications—XS4/XS-3500 Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700 Power over Gigabit Ethernet (PoGE) (Optional) Why Choose the Xirrus Wi-Fi Array?
Introduction 11
Wi-Fi Array
z
z
Deployment Flexibility
Xirrus’ unique multi-radio architecture generates 360 degrees of sectored high­gain 802.11a/b/g/n or 802.11a/b/g coverage that provides extended range and the highest possible data rates for a large volume of clients. Each sector can be controlled automatically or manually, creating a pattern of wireless coverage perfectly tailored to individual customer needs. For example:
outside wall
Figure 4. Wireless Coverage Patterns
Figure 4 depicts the following two scenarios:
Full pattern coverage
All radios are activated with coverage spanning 360 degrees. If within range, clients will always receive coverage regardless of their geographic position relative to the Array.
Partial pattern coverage
If desired, the Wi-Fi Array can be deployed close to an exterior wall. In this case, half of all available radios have been deactivated to prevent redundant signals from “bleeding” beyond the site’s perimeter wall. This configuration may also be used in those cases where you want to restrict wireless coverage to selected areas of the building’s interior.
See also, “Flexible Coverage Schemes” on page 18.
12 Introduction
Wi-Fi Array
Power over Gigabit Ethernet (PoGE) (Optional)
The Xirrus XP1 and XP8 Power over Gigabit Ethernet modules provide power to your Arrays over the same Cat 5e or Cat 6 cable used for data, eliminating the need to run power cables and provide an AC power outlet in proximity to each unit.
Figure 5. XP8 - Power over Ethernet Usage
Specific models of the Array are compatible with specific PoGE modules. For details, please see “Power over Gigabit Ethernet Compatibility Matrix” on
page 414.
See Also
Key Features and Benefits Wi-Fi Array Product Overview Product Specifications—XN16, XN12, and XN8 Product Specifications—XS4/XS-3500 Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700 The Xirrus Family of Products Why Choose the Xirrus Wi-Fi Array?
Introduction 13
Wi-Fi Array
Enterprise Class Management
The Wi-Fi Array can be configured with its default RF settings, or the RF settings can be customized using the Array’s embedded Web Management Interface (WMI). The WMI enables easy configuration and control from a graphical console, along with a full compliment of troubleshooting tools and statistics.
Figure 6. WMI: Array Status
In addition, a fully featured Command Line Interface (CLI) offers IT professionals a familiar management and control environment. SNMP (Simple Network
14 Introduction
Wi-Fi Array
Management Protocol) is also supported to allow management from an SNMP compliant management tool, such as the optional Xirrus Management System.
For deployments of more than five Arrays, we recommend that you use the
#
See Also
Key Features and Benefits Product Specifications—XN16, XN12, and XN8 Product Specifications—XN4 Product Specifications—XS4/XS-3500 Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700 Power over Gigabit Ethernet (PoGE) (Optional) The Xirrus Family of Products Why Choose the Xirrus Wi-Fi Array?
Xirrus Management System (XMS). The XMS offers a rich set of features
for fine control over large deployments.
Introduction 15
Wi-Fi Array
an1
abgn1
an2
an3
an4
abgn2
an5
an6
an7
abgn3
an8
an9
an10
abgn4
an11
an12
Mode(s) IAP number
abgn2
(RF monitoring)
Key Features and Benefits
This section describes some of the key product features and the benefits you can expect when deploying the Wi-Fi Array (the XN16 product is highlighted in this section).
High Capacity and High Performance
The XN16 version of the Wi-Fi Array (Figure 7) easily handles time-sensitive
Figure 7. Layout of IAPs (XN16)
traffic such as voice, and can enable wireless connectivity for 1,024 users. The unit includes two Gigabit uplink ports for connection to the wired network. A total of sixteen IAPs provides a maximum wireless capacity of 4.8 Gbps, which offers ample reserves for the high demands of current and future applications. Of the sixteen IAPs, twelve operate as 802.11a/n radios (5 GHz band), and four operate as 802.11a/b/g/n radios (5 GHz or 2.4 GHz bands), providing backwards compatibility with 802.11b and 802.11g.
16 Introduction
Wi-Fi Array
z
z
z
z
a1
abg1
a2
a3
a4
abg2
a5
a6
a7
abg3
a8
a9
a10
abg4
a11
a12
Mode(s) IAP number
abg2
(RF monitoring)
In the recommended configuration, IAP (radio) abg(n)2 is configured in RF monitoring and rogue AP detection mode.
Figure 8. Naming of IAPs (XS16)
Extended Coverage
One XN16 solution enables you to replace up to sixteen access points (includes one omnidirectional IAP for monitoring the network). Fifteen IAP radios with integrated directional antennas provide increased wireless range and enhanced data rates in all directions. With a Wi-Fi Array deployed, far fewer access points are needed and wired-like resiliency is delivered throughout your wireless network. Your Wi-Fi Array deployment ensures:
Continuous connectivity if an IAP (radio) fails.
Introduction 17
Continuous connectivity if an Array fails. Continuous connectivity if a WDS link or switch fails. Continuous connectivity if a Gigabit uplink or switch fails.
Wi-Fi Array
z
z
z
802.11a/n
Monitor only
802.11a/b/g/n
Flexible Coverage Schemes
Your Wi-Fi Array offers flexible coverage schemes for each wireless technology.
Figure 9. Coverage Schemes
802.11a/n, 802.11a
Delivers 60° wireless coverage per IAP, with 6 dBi of gain.
802.11b/g/n, 802.11b/g
Delivers 180° wireless coverage, with 3 dBi of gain.
802.11a/b/g/n, 802.11a/b/g (monitor only)
Delivers 360° wireless coverage, with 2 dBi of gain.
Non-Overlapping Channels
Complete use of non-overlapping channels limits interference and delivers maximum capacity. On the XN16, up to 16 non-overlapping channels are fully utilized across the 5GHz and 2.4GHz spectrums (up to 12 across the 5GHz spectrum plus up to 3 across the 2.4 GHz spectrum—typically, one additional radio is used as a dedicated RF monitor).
Secure Wireless Access
Multiple layers of authentication and encryption ensure secure data transmissions. The Wi-Fi Array is 802.11i compliant with encryption support for 40 bit and 128 bit WEP, WPA and WPA2 with TKIP and AES encryption. Authentication support is provided via 802.1x, including PEAP, EAP-TLS, EAP­TTLS, and LEAP (Lightweight Extensible Authentication Protocol) passthrough.
18 Introduction
Wi-Fi Array
Applications Enablement
QoS (Quality of Service) functionality combined with true switch capabilities enable high density video and Voice over Wireless LAN deployments. Compliant with 802.1p and 802.1Q standards.
SDMA Optimization
SDMA (Spatial Division Multiple Access) technology provides full 360° coverage while allowing independent channel and power output customization. Also supports fast inter-zone handoffs for time-sensitive applications and roaming support.
Fast Roaming
Utilizes the Xirrus Roaming Protocol (XRP) ensuring fast and seamless roaming capabilities between IAPs or Arrays at both Layer 2 and Layer 3.
Easy Deployment
The Xirrus Management System (XMS) offers real time monitoring and management capabilities of the wireless network—ideal for the Enterprise market. It also allows you to import floor plans to help you plan your deployment. The Xirrus Wi-Fi Array chassis has a plenum rated, lockable and tamper resistant case.
See Also
Wi-Fi Array Product Overview Product Specifications—XN16, XN12, and XN8 Product Specifications—XS4/XS-3500) Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700 Power over Gigabit Ethernet (PoGE) (Optional) The Xirrus Family of Products Why Choose the Xirrus Wi-Fi Array?
Introduction 19
Product Specifications—XN16, XN12, and XN8
Element Specifications
Number of Users Maximum of 64 associated users per radio
XN16: 1024 users per Array XN12: 768 users per Array XN8: 512 users per Array
Physical Diameter: 18.65 inches (47.37 cm)
Height: 3.87 inches (9.83 cm) Weight: 10 lbs (3.63 kg)
Environmental Operating Temperature:
0°C to 55°C 0% to 90% relative humidity (non-condensing)
Wi-Fi Array
Storage Temperature:
-20°C to 60°C 5% to 95% relative humidity (non-condensing)
System 1 GHz CPU
1 GB RAM 1 GB system flash
Integrated Switch 2.1 Gbps integrated wireless switch
Chassis Lockable mounting plate, Kensington lock slot
20 Introduction
Wi-Fi Array
Element Specifications
Electrical Each Array supports both AC and PoGE
AC Input Power: 100-240VAC at 50-60 Hz PoGE (DC) Input Power: Power over Gigabit
Ethernet—no splitter required, 48VDC, Maximum 2A
Nominal Power:
XN16: 90W XN12: 75W XN8: 60W
All Models:
For PoGE, see “Power over Gigabit Ethernet
Compatibility Matrix” on page 414.
Interfaces Serial Console Port:
1 x RS232 – RJ45 connector, for local configuration
Ethernet Interfaces:
2 x Gigabit 100/1000 Mbps uplink ports for link aggregation, redundancy, or bridging
1 x Fast Ethernet 10/100 Mbps, for out of band management
Status LEDs:
System status, Ethernet, Radio
Networking DHCP client, DHCP server (multiple DHCP
pools), DNS Client, NTP client, NAT
Introduction 21
Wi-Fi Array
Element Specifications
Management Xirrus Management System (XMS)—Layer 3
Element Management System HTTPS Web Management Interface (WMI) CLI via SSHv2, Telnet, local serial Console Enable/disable management for any interface Read-write and read-only admin accounts may
be authenticated via RADIUS SNMP v2c, v3 Configuration Files—text-based files may be
imported, exported, or compared NetFlow—IP flow information (traffic statistics
may be sent to an external Collector FTP, TFTP Syslog reporting for alerts/alarms—messages
may be stored on internal Syslog server or sent to up to three external syslog servers.
Quality of Service (QoS) Support
Cisco Discovery Protocol (CDP)—obtain protocol addresses and platform information for neighboring devices
Multiple SSIDs:
16 unique SSIDs per Array Each SSID beacons a unique BSSID per radio VLAN and QoS settings for each SSID
VLANs:
Up to 16 VLANs, 802.1Q, 802.1p
Prioritization:
802.11e wireless prioritization
802.1p wired prioritization Fair queuing of downstream traffic
Wireless Voice Support:
Spectralink Voice Priority (SVP) protocol
22 Introduction
Wi-Fi Array
Element Specifications
Security Wireless Encryption
Line speed, hardware-accelerated encryption modes:
WPA TKIP WPA2 AES WEP 40/64 WEP 104/128
Wireless Authentication:
Open Pre-shared Key
802.1X EAP PEAP EAP-TLS EAP-TTLS EAP-LEAP Pass-through Web Page Redirect (Captive Portal) MAC Address Access Control List (ACL) CHAP, PAP
Firewall:
Integrated stateful-inspection, rules-based firewall
IDS/IPS:
Integrates with Xirrus XDM Intrusion Detection/ Prevention System for real-time wireless security protection
Rogue AP detection and blocking:
Integrated Rogue AP detection and alerting via dedicated internal RF Threat Sensor. Rogue AP can be shielded
Integrated RADIUS Server:
Integrated 802.1x Authentication Server supporting EAP-PEAP
Introduction 23
Element Specifications
Wi-Fi Array
Security (continued)
Wireless Wireless Standards:
Time of Day Access:
Specify when access is allowed, per SSID or User Group
Station-Station Blocking:
Station-to-Station traffic blocking option
802.11a
802.11b
802.11d
802.11g
802.11e
802.11h
802.11i
802.11j
802.11n
Number of Radios:
XN16: 12 x 802.11a/n radios
4 x 802.11a/b/g/n radios Only 12 radios should be used as 802.11a/n radios (i.e., 5 GHz band) concurrently.
48 integrated antennas XN12: 8 x 802.11a/n radios
4 x 802.11a/b/g/n radios
36 integrated antennas XN8: 4 x 802.11a/n radios
4 x 802.11a/b/g/n radios
Advanced RF design includes 36
integrated antennas
Spectrum Analyzer:
1 integrated into Array
24 Introduction
Wi-Fi Array
Element Specifications
Wireless (continued)
Frequency Bands:
11a/n: 4.945 – 4.985 (restricted Public Safety band)
11a/n: 5.15-5.25 GHz (UNII 1) 11a/n: 5.15-5.25 GHz (TELEC) 11a/n: 5.25-5.35 GHz (UNII 2) 11a/n: 5.470-5.725 (ETSI) 11a/n: 5.725-5.825 GHz (UNII 3) 11b/g/n: 2.412-2.462 GHz (FCC) 11b/g/n: 2.412-2.472 GHz (ETSI) 11b/g/n: 2.412-2.484 GHz (TELEC)
Channel Selection:
Manual and Automatic
802.11a/n Antennas
Integrated 6dBi, sectorized
802.11b/g/n Antennas
Integrated 3dBi, sectorized
Wi-Fi Monitoring:
1 Integrated Access Point can be set as a dedicated Wi-Fi Threat Sensor
2 dBi 360° omni-directional antenna
802.11a/b/g/n External Antenna Connectors:
3 RP-TNC connectors (NOTE: TNC antenna connection is not for outside plant connection.)
Performance Client Load Balancing
Automatic load balancing between system radios
Introduction 25
Wi-Fi Array
Element Specifications
Compliance Electromagnetic:
ICES-003 (Canada) EN 301.893 (Europe) EN 301.489-1 and -17 (Europe)
Safety:
EN 60950 EN 50371 to 50385 CE Mark
Certifications Wi-Fi Alliance: 802.11a/b/g, WPA, WPA2, and
extended EAP types. Our certifications may be
viewed here.
Warranty Hardware:
Five Year Standard (extendable)
Software:
90 Days Standard (extendable)
See Also
Key Features and Benefits Wi-Fi Array Product Overview Product Specifications—XN4 Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700 Product Specifications—XS4/XS-3500 Power over Gigabit Ethernet (PoGE) (Optional) The Xirrus Family of Products Why Choose the Xirrus Wi-Fi Array?
26 Introduction
Wi-Fi Array
Product Specifications—XN4
Element Specifications
Number of Users Maximum of 64 associated users per radio,
256 users per XN4
Physical Diameter: 12.58 inches (31.95 cm)
Height: 2.58 inches (6.55 cm) Weight: 4lbs (1.81 kg)
Environmental Operating Temperature:
0°C to 55°C 0% to 90% relative humidity (non-condensing)
Storage Temperature:
-20°C to 60°C 5% to 95% relative humidity (non-condensing)
System 825 MHz CPU
512 MB RAM 1 GB system flash
Integrated Switch 2.1 Gbps integrated wireless switch
Chassis Lockable mounting plate, Kensington lock slot
Electrical XN4 supports Power over Gigabit Ethernet
(PoGE) only, no splitter required PoGE (DC) Input Power: 48VDC, Maximum 2A Nominal Power: 35W For PoGE, see “Power over Gigabit Ethernet
Compatibility Matrix” on page 414.
Introduction 27
Wi-Fi Array
Element Specifications
Interfaces Serial Console Port:
1 x RS232 – RJ45 connector, for local configuration
Ethernet Interfaces:
1 x Gigabit 100/1000 Mbps uplink port
Status LEDs:
System status, Ethernet, Radio
Networking DHCP client, DHCP server (multiple DHCP
pools), DNS Client, NTP client, NAT
Management Xirrus Management System (XMS)—Layer 3
Element Management System HTTPS Web Management Interface (WMI) CLI via SSHv2, Telnet, local serial Console Enable/disable management for any interface Read-write and read-only admin accounts may
be authenticated via RADIUS SNMP v2c, v3 Configuration Files—text-based files may be
imported, exported, or compared NetFlow—IP flow information (traffic statistics
may be sent to an external Collector FTP, TFTP Syslog reporting for alerts/alarms—messages
may be stored on internal Syslog server or sent to up to three external syslog servers.
Cisco Discovery Protocol (CDP)—obtain protocol addresses and platform information for neighboring devices
28 Introduction
Wi-Fi Array
Element Specifications
Quality of Service (QoS) Support
Multiple SSIDs:
16 unique SSIDs per Array Each SSID beacons a unique BSSID per radio VLAN and QoS settings for each SSID
VLANs:
Up to 16 VLANs, 802.1Q, 802.1p
Prioritization:
802.11e wireless prioritization
802.1p wired prioritization Fair queuing of downstream traffic
Wireless Voice Support:
Spectralink Voice Priority (SVP) protocol
Introduction 29
Element Specifications
Security Wireless Encryption
Line speed, hardware-accelerated encryption modes:
WPA TKIP WPA2 AES WEP 40/64 WEP 104/128
Wireless Authentication:
Open Pre-shared Key
802.1X EAP PEAP EAP-TLS
Wi-Fi Array
EAP-TTLS EAP-LEAP Pass-through Web Page Redirect (Captive Portal) MAC Address Access Control List (ACL) CHAP, PAP
Firewall:
Integrated stateful-inspection, rules-based firewall
IDS/IPS:
Integrates with Xirrus XDM Intrusion Detection/ Prevention System for real-time wireless security protection
Rogue AP detection and blocking:
Integrated Rogue AP detection and alerting via dedicated internal RF Threat Sensor. Rogue AP can be shielded
Integrated RADIUS Server:
Integrated 802.1x Authentication Server supporting EAP-PEAP
30 Introduction
Wi-Fi Array
Element Specifications
Security (continued)
Wireless Wireless Standards:
Time of Day Access:
Specify when access is allowed, per SSID or User Group
Station-Station Blocking:
Station-to-Station traffic blocking option
802.11a
802.11b
802.11d
802.11g
802.11e
802.11h
802.11i
802.11j
802.11n
Number of Radios:
4 x 802.11a/b/g/n radios Advanced RF design includes 20 integrated
antennas
Spectrum Analyzer:
1 integrated into Array
Introduction 31
Element Specifications
Wi-Fi Array
Wireless (continued)
Frequency Bands:
11a/n: 4.945 – 4.985 (restricted Public Safety band)
11a/n: 5.15-5.25 GHz (UNII 1) 11a/n: 5.15-5.25 GHz (TELEC) 11a/n: 5.25-5.35 GHz (UNII 2) 11a/n: 5.470-5.725 (ETSI) 11a/n: 5.725-5.825 GHz (UNII 3) 11b/g/n: 2.412-2.462 GHz (FCC) 11b/g/n: 2.412-2.472 GHz (ETSI) 11b/g/n: 2.412-2.484 GHz (TELEC)
Channel Selection:
Manual and Automatic
802.11a/n Antennas
Integrated 6dBi, sectorized
802.11b/g/n Antennas
Integrated 3dBi, sectorized
Wi-Fi Monitoring:
1 Integrated Access Point can be set as a dedicated Wi-Fi Threat Sensor
2 dBi 360° omni-directional antenna
802.11a/b/g/n External Antenna Connectors:
1 RP-TNC connector (NOTE: TNC antenna connection is not for outside plant connection.)
Performance Client Load Balancing
Automatic load balancing between system radios
32 Introduction
Wi-Fi Array
Element Specifications
Compliance Electromagnetic:
ICES-003 (Canada) EN 301.893 (Europe) EN 301.489-1 and -17 (Europe)
Safety:
EN 60950 EN 50371 to 50385 CE Mark
Certifications Wi-Fi Alliance: 802.11a/b/g, WPA, WPA2, and
extended EAP types. Our certifications may be
viewed here.
Warranty Hardware:
Five Year Standard (extendable)
Software:
90 Days Standard (extendable)
See Also
Key Features and Benefits Wi-Fi Array Product Overview Product Specifications—XN16, XN12, and XN8 Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700 Product Specifications—XS4/XS-3500 Power over Gigabit Ethernet (PoGE) (Optional) The Xirrus Family of Products Why Choose the Xirrus Wi-Fi Array?
Introduction 33
Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700
Element Specifications
Number of Users Maximum of 64 associated users per radio
1024 users per Array (XS16/XS-3900) 768 users per Array (XS12) 512 users per Array (XS8/XS-3700)
Physical Diameter: 18.65 inches (47.37 cm)
Height: 3.87 inches (9.83 cm) Weight: 8lbs (3.63 kg)
Environmental Operating Temperature:
-10°C to 50°C 0% to 90% relative humidity (non-condensing)
Wi-Fi Array
Storage Temperature:
-20°C to 60°C 5% to 95% relative humidity (non-condensing)
System XS16/XS12/XS8:
1 GHz CPU 1 GB RAM 1 GB system flash Expansion slot for future options
XS-3900/XS-3700:
825 MHz CPU 512 MB RAM (XS-3900/XS-3700) 512 MB system flash Expansion slot for future options
34 Introduction
Wi-Fi Array
Element Specifications
Interfaces Serial:
1 x RS232 – RJ45 connector
Ethernet Interfaces:
2 x Gigabit 100/1000 Mbps w/failover 1 x Fast Ethernet 10/100 Mbps
Status LEDs:
System status, Ethernet, Radio
Electrical XS16/XS8:
Each Array supports both AC and PoGE AC Input Power: 90-265VAC at 47-63Hz PoGE Input Power: Power over Gigabit Ethernet—
no splitter required, 48VDC Nominal Power: XS16: 70W XS8: 45W
XS-3900/XS-3700:
Separate AC and DC versions Input Power (AC version): 90VAC to 265VAC at
47Hz to 63Hz Input Power (DC version): 48VDC PoGE: requires modified DC version and splitter.
All Models:
For PoGE, see “Power over Gigabit Ethernet
Compatibility Matrix” on page 414.
Networking DHCP client, DHCP server, NTP client, NAT
VLAN Support 802.1Q, 802.1p VLAN
Supports up to 16 VLANs
Multiple SSID Support
Allows up to 16 separate SSIDs to be defined with map security, VLAN and QoS settings for each SSID
Introduction 35
Element Specifications
Performance Client Load Balancing
Automatic load balancing between system radios
Quality of Service:
802.1p wired traffic prioritization Wireless packet prioritization MAP CoS to TCID Fair queuing of downstream traffic
Security Wireless Security:
WEP 40bit/128bit encryption WPA and WPA2 with TKIP and AES encryption Rogue AP detection, with alerts and classification
User and System Authentication:
Wi-Fi Array
WPA and WPA2 Pre-Shared Key authentication Internal RADIUS Server, supports EAP-PEAP only
802.1x EAP-TLS
802.1x EAP-TTLS/MSCHAPv2
802.1x PEAPv0/EAP-MSCHAPv2
802.1x PEAPv1/EAP-GTC
802.1x EAP-SIM
802.1x EAP-LEAP Passthrough External RADIUS servers Authentication of Wi-Fi Arrays to the Xirrus
Management System (XMS)
36 Introduction
Wi-Fi Array
Element Specifications
Wireless Number of Radios:
XS16/XS-3900: 12 x 802.11a radios
Only 12 radios should be used as 802.11a radios concurrently.
XS12: 8 x 802.11a radios
XS8/XS-3700: 4 x 802.11a radios
Wireless Standards:
802.11a/b/g and g-only mode
802.11e, 802.11i
Channel Selection:
Manual and Automatic
4 x 802.11a/b/g radios
4 x 802.11a/b/g radios
4 x 802.11a/b/g radios
Frequency Bands:
11a: 4.945 – 4.985 (restricted Public Safety band) 11a: 5.15-5.25 GHz (UNII 1) 11a: 5.15-5.25 GHz (TELEC) 11a: 5.25-5.35 GHz (UNII 2) 11a: 5.470-5.725 (ETSI) 11a: 5.725-5825 GHz (UNII 3) 11b/g: 2.412-2.462 GHz (FCC) 11b/g: 2.412-2.472 GHz (ETSI) 11b/g: 2.412-2.484 GHz (TELEC)
Antennas (XS16/XS-3900):
12 x internal 6 dBi 60° 802.11a sectorized 4 x internal 3 dBi 180° 802.11b/g sectorized 1 x internal 2 dBi 360° omni-directional (for RF
monitoring) 3 x external RP-TNC connectors for three 802.11a/
b/g radios
*
Introduction 37
Element Specifications
Wi-Fi Array
Wireless (continued)
Antennas (XS12):
8 x internal 6 dBi 60° 802.11a sectorized 4 x internal 3 dBi 180° 802.11b/g sectorized 1 x internal 2 dBi 360° omni-directional (for RF
monitoring) 3 x external RP-TNC connectors for three 802.11a/
b/g radios
Antennas (XS8/XS-3700):
4 x internal 6 dBi 60° 802.11a sectorized 4x internal 3 dBi 180° 802.11b/g sectorized 1 x internal 2 dBi 360° omni-directional (for RF
monitoring) 3 x external RP-TNC connectors for three 802.11a/
b/g radios
Radio Approvals:
FCC (United States) and EN 301.893 (Europe)
*
*
* Note: External RP-TNC antenna connectors are
not for outside plant connection.
Management Web-based HTTPS
SNMP v2c, v3 CLI via SSHv2 or Telnet FTP TFTP Serial Xirrus Management System (XMS) Syslog reporting for alerts/alarms
38 Introduction
Wi-Fi Array
Element Specifications
Compliance UL / cUL 60950 and EN 60950
FCC Part 15.107 and 15109, Class A EN 301.489 (Europe) EN60601 EU medical equipment directive for EMC
Certifications Wi-Fi Alliance: 802.11a/b/g, WPA, WPA2, and
extended EAP types. Our certifications may be
viewed here.
Federal Information Processing Standard (FIPS) Publication 140 -2, Level 2.
Warranty One year (hardware and software)
See Also
Key Features and Benefits Wi-Fi Array Product Overview Product Specifications—XN4 Product Specifications—XN16, XN12, and XN8 Product Specifications—XS4/XS-3500 Power over Gigabit Ethernet (PoGE) (Optional) The Xirrus Family of Products Why Choose the Xirrus Wi-Fi Array?
Introduction 39
Product Specifications—XS4/XS-3500
Element Specifications
Number of Users Maximum of 64 associated users per radio (256
users per Array)
Physical Diameter: 12.58 inches (31.95 cm)
Height: 2.58 inches (6.55 cm) Weight: 4lbs (1.81 kg)
Environmental Operating Temperature:
-10°C to 50°C 0% to 90% relative humidity (non-condensing)
Storage Temperature:
-20°C to 60°C 5% to 95% relative humidity (non-condensing)
Wi-Fi Array
System 825 MHz CPU (XS4)
666 MHz CPU (XS-3500) 512 MB RAM, expandable (XS4) 256 MB RAM, expandable (XS-3500) 512 MB system flash, expandable Expansion slot for future options
40 Introduction
Wi-Fi Array
Element Specifications
Electrical XS4:
Each Array supports both AC and PoGE AC Input Power: 90-265VAC at 47-63Hz Nominal power usage: 27W
XS-3500:
AC Input Power: 90-265VAC at 47-63Hz Input Power (DC version): 48VDC
All Models:
Power over Gigabit Ethernet (PoGE): all 4-port models work with all Xirrus PoGE modules, splitter required, 48VDC
See “Power over Gigabit Ethernet Compatibility
Matrix” on page 414.
Interfaces Serial:
1 x RS232 – RJ45 connector
Ethernet Interfaces:
1 x Gigabit 100/1000 Mbps
Status LEDs:
System status, Ethernet, Radio
Management Web-based HTTPS
SNMP v2c, v3 CLI via SSHv2 or Telnet FTP TFTP Serial Xirrus Management System (XMS) Syslog reporting for alerts/alarms
Networking DHCP client, DHCP server, NTP client, NAT
Introduction 41
Element Specifications
VLAN Support 802.1Q, 802.1p VLAN
Supports up to 16 VLANs
Wi-Fi Array
Multiple SSID Support
Performance Client Load Balancing
Security Wireless Security:
Allows up to 16 separate SSIDs to be defined with map security, VLAN and QoS settings for each SSID
Automatic load balancing between system radios
Quality of Service:
802.1p wired traffic prioritization Wireless packet prioritization MAP CoS to TCID Fair queuing of downstream traffic
WEP 40bit/128bit encryption WPA and WPA2 with TKIP and AES encryption Rogue AP detection, with alerts and classification
User and System Authentication:
WPA Pre-Shared Key authentication Internal RADIUS Server, supports EAP-PEAP only
802.1x EAP-TLS
802.1x EAP-TTLS/MSCHAPv2
802.1x PEAPv0/EAP-MSCHAPv2
802.1x PEAPv1/EAP-GTC
802.1x EAP-SIM
802.1x EAP-LEAP Passthrough External RADIUS servers Authentication of Wi-Fi Arrays to the Xirrus
Management System (XMS)
42 Introduction
Wi-Fi Array
Element Specifications
Wireless Number of Radios:
4 x 802.11a/b/g radios
Wireless Standards:
802.11a/b/g and g-only mode
802.11e, 802.11i
Channel Selection:
Manual and Automatic
Frequency Bands:
11a: 4.945 – 4.985 (restricted Public Safety band) 11a: 5.15-5.25 GHz (UNII 1) 11a: 5.15-5.25 GHz (TELEC) 11a: 5.25-5.35 GHz (UNII 2) 11a: 5.470-5.725 (ETSI) 11a: 5.725-5825 GHz (UNII 3) 11b/g: 2.412-2.462 GHz (FCC) 11b/g: 2.412-2.472 GHz (ETSI) 11b/g: 2.412-2.484 GHz (TELEC)
Antennas (XS-3500):
4 x internal 3 dBi 180° 802.11b/g sectorized 1 x internal 2 dBi 360° omni-directional (for RF
monitoring) 1 x external RP-TNC connector for one 802.11a/b/
g radio (NOTE: TNC antenna connection is not for outside plant connection.)
Radio Approvals:
FCC (United States) and EN 301.893 (Europe)
Compliance UL / cUL 60950 and EN 60950
FCC Part 15.107 and 15109, Class A EN 301.489 (Europe) EN60601 EU medical equipment directive for EMC
Introduction 43
Element Specifications
Certifications Wi-Fi Alliance: 802.11a/b/g, WPA, WPA2, and
extended EAP types. Our certifications may be
viewed here.
Federal Information Processing Standard (FIPS) Publication 140 -2, Level 2.
Warranty One year (hardware and software)
See Also
Key Features and Benefits Wi-Fi Array Product Overview Product Specifications—XN16, XN12, and XN8 Product Specifications—XN4 Product Specifications—XS16/XS-3900, XS12, and XS8/XS-3700 Power over Gigabit Ethernet (PoGE) (Optional)
Wi-Fi Array
The Xirrus Family of Products Why Choose the Xirrus Wi-Fi Array?
44 Introduction
Wi-Fi Array
z
z
z
z
z
z
z
z
z
Installing the Wi-Fi Array
The instructions for completing a successful installation include the following topics:
“Installation Prerequisites” on page 45. “Planning Your Installation” on page 48. “Installation Workflow” on page 80. “Unpacking the Wi-Fi Array” on page 81. “Installing Your Wi-Fi Array” on page 83. “Powering Up the Wi-Fi Array” on page 107. “Establishing Communication with the Array” on page 110. “Performing the Express Setup Procedure” on page 112.
Installation Prerequisites
Your Wi-Fi Array deployment requires the presence of hardware and services in the host wired/wireless network, including:
Power Source
Most Arrays are powered via Xirrus Power over Gigabit Ethernet. PoGE supplies power over the same Cat 5e or Cat 6 cable used for data, thus reducing cabling and installation effort. PoGE power injector modules are available in 1 port and 8 port configurations and are typically placed near your Gigabit Ethernet switch. An AC outlet is required for each injector module. Current Array models have integrated splitters, so no separate splitter is required.
Specific models of the Array are compatible with specific PoGE modules. For details, please see “Power over Gigabit Ethernet Compatibility
Matrix” on page 414.
If your Arrays are equipped to accept AC power (and you are not using PoGE), you need a dedicated power outlet to supply AC power to each unit deployed at the site.
Installing the Wi-Fi Array 45
Wi-Fi Array
z
z
z
z
Ethernet port
You need at least one 100/1000 BaseT port to establish wired Gigabit Ethernet connectivity (via the product’s Gigabit 1 or Gigabit 2 port) and one 10/100 BaseT port (if desired) for product management.
The Array’s Ethernet ports should be connected to an Ethernet switch, not
!
!
an Ethernet hub—if a hub is used, we recommend that you connect only one Ethernet port.
The Gigabit1 Ethernet interface is the primary port for both data and management traffic. If a single Ethernet connection is used, it must be connected to the Gigabit1 Ethernet interface. See also, “Port Failover
Protection” on page 67.
The 10/100 Ethernet Port may be used for managing the Array out of band from the Gigabit Ethernet ports. The 10/100 port will route only management traffic, using a static route that may be configured for this interface. See “interface” on page 336.
Secure Shell (SSH) utility
To establish secure remote command line access to the Array, you need a Secure Shell (SSH) utility, such as PuTTY. The utility must be configured to use SSH-2, since the Array will only allow SSH-2 connections.
Secure Web browser
Either Internet Explorer (version 6.0 or higher), Netscape Navigator (version 7.0 or higher), or Mozilla Firefox (version 1.01 or higher). A secure Web browser is required for Web-based management of the Array. The browser must be on the same subnet as the Array, or you must set a static route for management as described in the warning above.
Serial connection capability
To connect directly to the console port on the Array, your computer must be equipped with a male 9-pin serial port and terminal emulation software (for example, HyperTerminal). The Xirrus Array only supports serial cable lengths up to 25’ per the RS-232 specification.
46 Installing the Wi-Fi Array
Wi-Fi Array
z
z
Use the following settings when establishing a serial connection:
Bits per second 115,200 Data bits 8 Parity None Stop bits 1 Flow control None
Optional Network Components
The following network components are optional.
Xirrus Management System (XMS)
The optional XMS offers powerful management features for small or large Wi-Fi Array deployments.
External RADIUS server
Although your Array comes with an embedded RADIUS server, for
802.1x authentication in large deployments you may want to add an external RADIUS server.
Client Requirements
The Wi-Fi Array should only be used with Wi-Fi certified client devices.
See Also
Coverage and Capacity Planning Deployment Examples Failover Planning Planning Your Installation
Installing the Wi-Fi Array 47
Wi-Fi Array
z
z
z
z
z
z
z
z
z
z
Planning Your Installation
This section provides guidelines and examples to help you plan your Xirrus Wi-Fi Array deployment to achieve the best overall coverage and performance. We recommend you conduct a site survey to determine the best location and settings for each Array you install.
The following topics are discussed:
“General Deployment Considerations” on page 48 “Coverage and Capacity Planning” on page 50 “IEEE 802.11n Deployment Considerations” on page 59 “Failover Planning” on page 67 “Power Planning” on page 69 “Security Planning” on page 70 “Port Requirements” on page 72 “Network Management Planning” on page 75 “WDS Planning” on page 76 “Common Deployment Options” on page 79
For a complete discussion of implementing Voice over Wi-Fi on the Array,
#
see the Xirrus Voice over Wi-Fi Application Note in the Xirrus Library
.
General Deployment Considerations
The Wi-Fi Array’s unique multi-radio architecture generates 360 degrees of sectored high-gain 802.11a/b/g/n or 802.11a/b/g coverage that provides extended range. However, the number, thickness and location of walls, ceilings or other objects that the wireless signals must pass through may affect the range. Typical ranges vary depending on the types of materials and background RF (radio frequency) noise at your location. To maximize wireless range, follow these basic guidelines:
1. Keep the number of walls and ceilings between the Array and your
receiving devices to a minimum—each wall or ceiling can reduce the
48 Installing the Wi-Fi Array
Wi-Fi Array
90° 45°
1.5 feet/ .5 m
~ 3 feet/ 1 m
> 42 feet\ 14 m
wireless range from between 3 and 90 feet (1 to 30 meters). Position your devices so that the number of walls or ceilings is minimized.
2. Be aware of the direct line between each device. For example, a wall that
is 1.5 feet thick (half a meter) at 90° is actually almost 3 feet thick (or 1 meter) when viewed at a 45° angle. At an acute 2° degree angle the same wall is over 42 feet (or 14 meters) thick! For best reception, try to ensure that your wireless devices are positioned so that signals will travel straight through a wall or ceiling.
3. Try to position wireless client devices so that the signal passes through
drywall (between studs) or open doorways and not other materials that can adversely affect the wireless signal.
See Also
Coverage and Capacity Planning Deployment Examples Common Deployment Options Installation Prerequisites
Figure 10. Wall Thickness Considerations
Installing the Wi-Fi Array 49
Wi-Fi Array
100 ft/ 30m
100 ft/ 30 m
100 ft/ 30 m
Coverage and Capacity Planning
This section considers coverage and capacity for your deployment(s), including placement options, RF patterns and cell sizes, area calculations, roaming considerations, and channel allocations.
Placement
Use the following guidelines when considering placement options:
1. The best placement option for the Array is ceiling-mounted within an
open plan environment (cubicles rather than fixed walls).
2. Keep the Array away from electrical devices or appliances that generate
RF noise. Because the Array is generally mounted on ceilings, be aware of its position relative to lighting (especially fluorescent lighting)—we recommend maintaining a distance of at least 3 to 6 feet (1 to 2 meters).
3. If using multiple Arrays in the same area, maintain a distance of at least
100 ft/30m between Arrays if there is direct line-of-sight between the units, or at least 50 ft/15m if a wall or other barrier exists between the units.
Figure 11. Unit Placement
50 Installing the Wi-Fi Array
Wi-Fi Array
RF Patterns
The Wi-Fi Array allows you to control—automatically or manually—the pattern of wireless coverage that best suits your deployment needs. You can choose to operate with full coverage, half coverage, or custom coverage (by enabling or disabling individual sectors).
Full (Normal) Coverage
In normal operation, the Array provides a full 360 degrees of coverage.
Figure 12. Full (Normal) Coverage
Half Coverage
If installing a unit close to an exterior wall, you can deactivate half of the radios to prevent redundant signals from “bleeding” beyond the wall and extending service into public areas. The same principle applies if you want to restrict service to an adjacent room within the site.
outside wall
Figure 13. Adjusting RF Patterns
Installing the Wi-Fi Array 51
Wi-Fi Array
Custom Coverage
Where there are highly reflective objects in proximity to the Array, you can turn off specific radios to avoid interference and feedback.
reflective
object
Figure 14. Custom Coverage
Capacity and Cell Sizes
Cell sizes should be estimated based on the number of users, the applications being used (for example, data/video/voice), and the number of Arrays available at the location. The capacity of a cell is defined as the minimum data rate desired for each sector multiplied by the total number of sectors being used.
Figure 15. Connection Rate vs. Distance
Figure 15 shows relative connection rates for 802.11n vs. 802.11a/g and 802.11b,
and the effect of distance on the connection rates. Wireless environments can vary greatly so the actual rates may be different depending on the specific network deployment.
52 Installing the Wi-Fi Array
Wi-Fi Array
Large
Medium
Small
#
Fine Tuning Cell Sizes
Adjusting the transmit power allows you to fine tune cell sizes. There are four standard sizes—Small, Medium, Large, or Max (the default is Max). There is also an Auto setting that automatically determines the best cell size, and a Manual setting that allows you to choose your power settings directly.
The XS4 and XN4 have a smaller range than the larger Arrays.
Figure 16. Transmit Power
Auto Cell Size is an automatic, self-tuning mechanism that balances cell size between Arrays to guarantee coverage while limiting the RF energy that could extend beyond the organizational boundary. Auto Cell uses communication between Arrays to dynamically set radio power so that complete coverage is provided to all areas, yet at the minimum power level required. This helps to minimize potential interference with neighboring networks. Additionally, Arrays running Auto Cell automatically detect and compensate for coverage gaps caused by system interruptions. To enable the Auto Cell Size feature, go to “RF Power &
Sensitivity” on page 279. For a complete discussion of the Auto Cell size feature,
see the Xirrus Auto Cell Application Note in the Xirrus Library
Installing the Wi-Fi Array 53
.
Wi-Fi Array
10 - 15% overlap
If you are installing many units in proximity to each other, we recommend that you use Auto Cell Size; otherwise, reduce the transmit power using manual settings to avoid excessive interference with other Arrays or installed APs. See also, “Coverage and Capacity Planning” on page 50.
Sharp Cell
This patented Xirrus RF management option automatically creates more intelligently defined cells and improves performance by creating smaller, high­throughput cells. By dynamically limiting each cell to a defined boundary (cell size), the trailing edge bleed of RF energy is reduced, thus minimizing interference between neighboring Wi-Fi Arrays or other Access Points. To enable the Sharp Cell feature, go to “RF Power & Sensitivity” on page 279. For more information about this feature, see the Xirrus Sharp Cell Application Note in the
Xirrus Library
.
Roaming Considerations
Cells should overlap approximately 10 - 15% to accommodate client roaming.
ROAMING
Figure 17. Overlapping Cells
Allocating Channels
Because the Wi-Fi Array is a multi-channel device, allocating the best channels to radios is important if peak performance is to be maintained.
54 Installing the Wi-Fi Array
Wi-Fi Array
z
z
z
Automatic Channel Selection
We recommend that you allow the Array to make intelligent channel allocation decisions automatically. In the automatic mode, channels are allocated dynamically, driven by changes in the environment. Auto Channel assignment is performed by scanning the surrounding area for RF activity on all channels, then automatically selecting and setting channels on the Array to the best channels available. This function is typically executed when initially installing Arrays in a new location and may optionally be configured to execute periodically to account for changes in the RF environment over time. Auto Channel selection has significant advantages, including:
Allows the Array to come up for the first time and not interfere with existing equipment that may be already running, thereby limiting co­channel interference.
More accurately tunes the RF characteristics of a Wi-Fi installation than manual configuration since the radios themselves are scanning the environment from their physical location.
May be configured to run periodically.
To set up the automatic channel selection feature, go to “Advanced RF Settings”
on page 275. For more information about this feature, see the Xirrus Auto Channel
Application Note in the Xirrus Library
Manual Channel Selection
You can manually assign channels on a per radio basis, though manual selection is not recommended (and not necessary).
To avoid co-channel interference, do not select adjacent channels for radios
#
that are physically next to each other.
.
Installing the Wi-Fi Array 55
Figure 18. Allocating Channels Manually
Maintain channel separation
Wi-Fi Array
See Also
Deployment Examples Failover Planning Installation Prerequisites
56 Installing the Wi-Fi Array
Wi-Fi Array
Deployment Examples
The following examples employ 802.11a cells, each offering minimum throughputs of 54 Mbps, 36 Mbps, and 18 Mbps per sector respectively, and assume a floor plan covering a total area of about 60,000 square feet (5574 sq m).
Figure 19. Deployment Scenario (54 Mbps)—Per Sector
Figure 20. Deployment Scenario (36 Mbps)—Per Sector
Installing the Wi-Fi Array 57
Figure 21. Deployment Scenario (18 Mbps)—Per Sector
Wi-Fi Array
See Also
Coverage and Capacity Planning Failover Planning Planning Your Installation
58 Installing the Wi-Fi Array
Wi-Fi Array
z
z
z
z
z
z
z
z
z
z
z
z
z
IEEE 802.11n Deployment Considerations
IEEE 802.11n features are supported only on XN Array models, and this
#
The Xirrus XN Arrays support IEEE 802.11n on all IAPs, in both 2.4 GHz and 5 GHz bands. Use of 802.11n offers significant benefits:
These benefits result in better support for a wide range of applications such as voice and video, intensive usage such as CAD/CAM and backups, dense user environments, and for manufacturing and warehousing environments.
section applies only to those Arrays.
Higher data rates Higher throughput Supports more users More robust connections Increased coverage area More secure connections—supports WPA2 (Wi-Fi Protected Access 2)
While 802.11n increases coverage area by almost doubling the reach, you
#
The techniques that 802.11n uses to realize these performance improvements, and the results that can be expected are discussed in:
Two very important techniques to consider are Channel Bonding and Multiple
Data Streams—Spatial Multiplexing because they contribute a large portion of
must consider the legacy wireless devices in your network. Wireless stations connecting using 802.11a/b/g will still be subject to a reach of up to 100 feet, depending on the environment.
“MIMO (Multiple-In Multiple-Out)” on page 60 “Multiple Data Streams—Spatial Multiplexing” on page 62 “Channel Bonding” on page 63 “Improved MAC Throughput” on page 64 “Short Guard Interval” on page 64 “Obtaining Higher Data Rates” on page 65 “802.11n Capacity” on page 66
Installing the Wi-Fi Array 59
Wi-Fi Array
802.11n’s speed improvements and because they are optional and configurable, as opposed to the parts of 802.11n that are fixed. While the settings for 802.11n IAPs come pre-configured on the Array for robust performance in typical usage, you should review the settings for your deployment, especially channel bonding. A global setting is provided to enable or disable 802.11n mode. See “Global Settings
.11n” on page 273 to configure 802.11n operation.
MIMO (Multiple-In Multiple-Out)
MIMO (Multiple-In Multiple-Out) signal processing is one of the core technologies of 802.11n. It mitigates interference and maintains broadband performance even with weak signals.
Prior to 802.11n, a data stream was transmitted via one antenna. At the receiving end, the antenna with the best signal was selected to receive data. (Figure 22)
Figure 22. Classic 802.11 Signal Transmission
60 Installing the Wi-Fi Array
Wi-Fi Array
Frequency Across Subcarriers
Attenuation
Antenna 1 Signal
MIMO Processed Signal
Antenna 2 Signal
Antenna 3 Signal
Receiver
Figure 23. MIMO Signal Processing
MIMO signal processing uses multiple antennas to send and receive data. It takes advantage of multipath reflections to improve signal coherence and greatly increase receiver sensitivity (Figure 23). Multipath signals were considered to be interference by 802.11a/b/g radios, and degraded performance. In 802.11n, these signals are used to enhance performance. This extra sensitivity can be used for greater range or higher data rates. The enhanced signal is the processed sum of individual antennas. Signal processing eliminates nulls and fading that any one antenna would see. MIMO signal processing is sophisticated enough to discern multiple spatial streams (see Multiple Data Streams—Spatial Multiplexing). There are no settings to configure for MIMO.
Installing the Wi-Fi Array 61
Wi-Fi Array
%
Multiple Data Streams—Spatial Multiplexing
Spatial Multiplexing transmits completely separate data streams on different antennas (in the same channel) that are recombined to produce new 802.11n data rates. Higher data rates are achieved by splitting the original data stream into separate data streams. Each separate stream is transmitted on a different antenna (using its own RF chain). MIMO signal processing at the receiver can detect and recover each stream. Streams are then recombined, yielding higher data rates.
Tx 1
Tx 2
Data Stream Data Stream
Transmitter
%
Tx
N
Figure 24. Spatial Multiplexing
Rx 1
Rx 2
Rx
Receiver
M
Spatial multiplexing can double, triple, or quadruple the date rate, depending on the number of transmit antennas used. The Array uses three chains for transmitting and receiving.
62 Installing the Wi-Fi Array
Wi-Fi Array
Ch# Ch#
40
20 MHz 20 MHz
36
40 MHz
(40, -1)
Standard 802.11 channels are effectively 20MHz wide.
Channel bonding combines two adjacent 20MHz channels into a single 40MHz channel providing increased throughput.
Channel Bonding
Channel bonding increases data rates by combining two adjacent 20 MHz channels into one 40 MHz channel. This increases the data rate to slightly more than double.
A bonded 40 MHz channel is specified in terms of the Primary channel and the adjacent channel to Bond. The Bond channel is represented by +1 to use the channel above the Primary channel, or -1 to use the channel below. In the example shown, Channel 40 is the Primary channel and it is bonded to Channel 36, the channel below it, by specifying -1. Be aware that Channel Bonding can make channel planning more difficult, since you are using two channels for an IAP. We recommend the use of the 5 GHz band, since it has many more channels than the
2.4 GHz band, and thus more channels are available for bonding.
The Array provides an Automatic Channel Bonding setting that will automatically select the best channel for bonding on each IAP. If you enable this option, you may select whether bonding will be dynamic (the bonded channel changes in response to environmental conditions) or static (the bonded channel will not be changed. See “Global Settings .11n” on page 273. To configure channel bonding manually, on a per-IAP basis, see “IAP Settings” on page 255.
Figure 25. Channel Bonding
Installing the Wi-Fi Array 63
Wi-Fi Array
z
z
z
Legacy Operation
High Throughput Operation
Data Frame
sss
sss sss
1
Data Frame Block ACK Frame
1122NN
ACK Frame
1 2
ACK Frame
NN
Data Frame
SIFS
SIFS
SIFS
RIFS RIFS
Legacy Operation
High Throughput Operation
Data Frame ACK Frame
sss
ssssss
1
1 2
Data Frame Data Frame Data Frame
Block ACK
Request
Frame
Block ACK
Response
Frame
12 N
1 2 2
2
Data Frame ACK Frame
N
ACK Frame
RIFS Usage (Reduced Inter-Frame Spacing)
Frame Aggregation
Improved MAC Throughput
These changes make 802.11n transmission of MAC frames 40% more efficient than legacy transmission:
MAC data frames are combined and given a single PHY header. Implicit Block ACK acknowledges all data frames within a combined
frame. Spacing between frames is reduced.
Short Guard Interval
Data Frame
2
N
Figure 26. MAC Throughput Improvements
ACK Frame
PHY Header
MAC Header
Data Frame Payload
ACK Frame Payload
Data Frame
N
This option reduces the wait time between signals that are being sent out over the air. The guard interval provides immunity to propagation delays and reflections, and is normally 800 ns (long). By using a short guard interval (400 ns), the data rate is increased by approximately 11%. The short interval may be used in many environments (especially indoors). If the short guard interval is used in an
64 Installing the Wi-Fi Array
Wi-Fi Array
z
z
z
z
inappropriate environment, the signal quality will suffer and throughput will decrease. See “Global Settings .11n” on page 273 to configure the guard interval.
Obtaining Higher Data Rates
The data rate increase obtained by using 802.11n on an Array is incremental, based on the technologies that are applied and the options that you select:
Higher encoding rates (Mandatory in 802.11n) Spatial Streams (Mandatory, but multiplier varies directly with number of
streams selected.) Channel Bonding (Mandatory in 802.11n, apply multiplier to IAP if it is
bonded.) Short Guard Interval (Optional)
See Figure 27 to compute your 802.11n data rate increase for an IAP. Apply this increase to the 802.11 a, b or g data rates selected for the Array.
Choose New Base
Encoding + Modulation
BPSK (6.5)
QPSK (13, 19.5)
QAM-16 (26, 39)
QAM-64 (58.5, 65)
xxx =
Optionally Multiply by 2, 3, 4 for the Number of
Additional
Spatial Streams
Expected 802.11n Data Rates
802.11a 802.11g Rates
6
9
12
18
24
36
48
54
11n Mandatory
Data Rates
6.5
13
19.5
26
39
52
58.5
65
One Spatial Stream Two Spatial Streams
Figure 27. Computing 802.11n Data Rates
With Channel
Bonding (40MHz)
13.5
27
40.5
54
81
108
121.5
135
Optionally
Multiply By 2.077
to Bond
Two 20MHz
Channels
Expected First Generation Device Data Rates
With Short
Guard Interval
15
30
45
60
90
120
135
150
Optionally
Multiply by 1.11 for
Shorter Guard Interval
to Increase Symbol Rate
Two Spatial
Streams
13
26
39
52
78
104
117
130
With Channel
Bonding (40MHz)
27
54
81
108
162
216
243
270
New 11n
Data Rate
With Short
Guard Interval
30
60
90
120
180
240
270
300
Installing the Wi-Fi Array 65
Wi-Fi Array
802.11n Capacity
802.11n offers major increases in capacity over previous 802.11 standards, as shown in Figure 28. Note that this chart shows figures for 802.11n (with one spatial stream and channel bonding).
150
802.11a/n Capacity
802.11a/n Capacity
23 channels * 150Mbps = 3.4Gbps
23 channels * 150Mbps = 3.4Gbps
802.11a Capacity
802.11a Capacity
23 channels * 54Mbps = 1.2 Gbps
23 channels * 54Mbps = 1.2 Gbps
802.11g/n Capacity
802.11g/n Capacity
3 channels * 150Mbps = 450 Mbps
3 channels * 150Mbps = 450 Mbps
802.11g Capacity
802.11g Capacity
3 channels * 54Mbps = 162 Mbps
3 channels * 54Mbps = 162 Mbps
802.11b Capacity
802.11b Capacity
3 channels * 11Mbps = 33 Mbps
3 channels * 11Mbps = 33 Mbps
Figure 28. 802.11n Increases Capacity
66 Installing the Wi-Fi Array
Wi-Fi Array
z
Failover Planning
This section discusses failover protection at the unit and port levels.
Port Failover Protection
To ensure that service is continued in the event of a port failure, you can utilize the Gigabit 1 and Gigabit 2 ports simultaneously.
Multiple port connections
Ethernet switch
Figure 29. Port Failover Protection
In addition, the Array has full failover protection between the Gigabit 1 and Gigabit 2 Ethernet ports (see following table).
Bridges
Management
Traffic?
Fails Over To: IP address
Interface
Bridges
Data?
Fast Ethernet No Yes None DHCP or
static
Gigabit 1 Yes Yes Gigabit 2 DHCP or
static
Gigabit 2 Yes Yes Gigabit 1 Assumes the
IP address of
Gigabit 1
The Wi-Fi Array Gigabit Ethernet ports actually support a number of modes:
802.3ad Link Aggregation
Installing the Wi-Fi Array 67
Wi-Fi Array
z
z
z
z
z
Load Balancing Broadcast Link Backup Bridged Mirrored
For more details on Gigabit port modes and their configuration, please see
“Network Interface Ports” on page 184.
Switch Failover Protection
To ensure that service is continued in the event of a switch failure, you can connect Arrays to more than one Ethernet switch (not a hub).
Ethernet connections
Ethernet switch
Figure 30. Switch Failover Protection
#
See Also
Coverage and Capacity Planning Deployment Examples Installation Prerequisites Network Management Planning Planning Your Installation Power Planning Security Planning
68 Installing the Wi-Fi Array
Gigabit Ethernet connections must be on the same subnet.
Backup switch
Wi-Fi Array
Power Planning
All XN Series Array models and XS16/12/8/4 Arrays support Power over Gigabit Ethernet (PoGE) with an integrated splitter. AC power is also supported on all XN Arrays and some versions of the XS8, XS12, and XS16.
This section discusses the AC and PoGE power options.
AC Power
The AC power option requires a direct connection between the Array and a dedicated AC power outlet. The power cord is provided with the unit.
Power over Gigabit Ethernet
To deliver power to the Array, you may use the optional XP1 or XP8 Power over Gigabit Ethernet (PoGE) modules. They provide power over Cat 5e or Cat 6 cables to the Array without running power cables—see Figure 5 on page 13.
Specific models of the Array are compatible with specific PoGE modules. For details, please see “Power over Gigabit Ethernet Compatibility Matrix” on
page 414.
When using Cat 5e or Cat 6 cable, power can be provided up to a distance of
#
See Also
Coverage and Capacity Planning Deployment Examples Failover Planning Network Management Planning Security Planning
100m.
Installing the Wi-Fi Array 69
Wi-Fi Array
z
z
z
z
z
Security Planning
This section offers some useful guidelines for defining your preferred encryption and authentication method. For additional information, see “Understanding
Security” on page 210 and the Security section of “Frequently Asked Questions” on page 398.
Wireless Encryption
Encryption ensures that no user can decipher another user’s data transmitted over the airwaves. There are three encryption options available to you, including:
WEP-40bit or WEP-128bit
Because WEP is vulnerable to cracks, we recommend that you only use this for legacy devices that cannot support a stronger encryption type.
Wi-Fi Protected Access (WPA)
This is much more secure than WEP and uses TKIP for encryption.
Wi-Fi Protected Access (WPA2) with AES This is government-grade encryption—available on most new client adapters—and uses the AES–CCM encryption mode (Advanced Encryption Standard–Counter Mode).
Authentication
Authentication ensures users are who they say they are, and occurs when users attempt to join the wireless network and periodically thereafter. The following authentication methods are available with the Wi-Fi Array:
RADIUS 802.1x
802.1x uses a remote RADIUS server to authenticate large numbers of clients, and can handle different authentication methods (EAP-TLS, EAP­TTLS, EAP-PEAP, and EAP-LEAP Passthrough). Administrators may also be authenticated via RADIUS when preferred, or to meet particular security standards.
Xirrus Internal RADIUS server
Recommended for smaller numbers of users (about 100 or less). Supports EAP-PEAP only
70 Installing the Wi-Fi Array
Wi-Fi Array
z
z
Pre-Shared Key
Uses a pass-phrase or key that is manually distributed to all authorized users. The same passphrase is given to client devices and entered into each Array.
MAC Access Control Lists (ACLs)
MAC access control lists provide a list of client adapter MAC addresses that are allowed or denied access to the wireless network, and can be used in addition to any of the above authentication methods. ACLs are good for embedded devices, like printers and bar-code scanners (though MAC addresses can be spoofed). The Wi-Fi Array supports 1,000 ACL entries.
Meeting PCI DSS Standards
The Payment Card Industry (PCI) Data Security Standard (DSS) was developed by major credit card companies. It lays out a set of requirements that must be met in order to provide adequate security for sensitive data. The the Wi-Fi Array may be configured to satisfy PCI DSS standards. For details, please see Appendix D:
Implementing PCI DSS.
Meeting FIPS Standards
The Federal Information Processing Standard (FIPS) Publication 140-2 establishes a computer security standard used to accredit cryptographic modules. The standard is a joint effort by the U.S. and Canadian governments. To implement Level 2 security requirements of FIPS Level 2 on the Wi-Fi Array, see Appendix E:
Implementing FIPS Security.
See Also
Failover Planning Network Management Planning Power Planning
Installing the Wi-Fi Array 71
Wi-Fi Array
L2 Switching
Infrastructure
SMTP Server*
Internal
Resources
External Network /
Internet
Ports:
9090, 9091
Ports:
161, 162, 443
SSID Trafc on
VLANs A, B, etc.
Management over
Native VLAN
Trafc from Arrays
VLAN B
Trafc from Arrays
VLAN A
Trunked 802.1q
VLAN Connection
Ports:
25
Port Requirements
A number of ports are used by various Array features and by the Xirrus Management System (XMS). The Port Requirements table on page 73 lists ports and the features that require them (XMS port requirements are included in the table for your convenience). If you are using a feature, please make sure that the ports that it requires are not blocked by firewalls or other policies, and that they do not conflict with any other port assignments.
As an example, XMS port requirements are illustrated in Figure 31. XMS requires ports 161, 162, and 443 to be passed between Arrays and the XMS server. Similarly, ports 9090 and 9091 are required for communication between the XMS server and XMS clients, and port 25 is typically used by the XMS server to access an SMTP server to send email notifications.
72 Installing the Wi-Fi Array
* XMS Client and SMTP Server may be internal or external resources.
XMS Server
Figure 31. Port Requirements for XMS
XMS Client*
Firewall
Wi-Fi Array
The following table lists port requirements for the Array and for XMS, how they are used, and whether they may be changed
Port Application Peer Configurable
Array
20 tcp
21 udp
22 tcp SSH Client Yes
23 tcp Telnet Client Yes
25 tcp SMTP Mail Server No
69 tcp TFTP TFTP Server No
161 tcp/udp SNMP XMS Server No
SNMP Traphost Note -
162 tcp/udp
443 tcp HTTPS (WMI,WPR) Client Yes
Up to four Traphosts
may be configured.
FTP Client Yes
.
XMS Server
Yes - bu t
required by
XMS
514 udp Syslog Syslog Server No
1812, 1645
udp
1813, 1646
udp
2055 udp Netflow Client Yes
5000 tcp Virtual Tunnel VTUN Server Yes
RADIUS (some
servers use 1645)
RADIUS Accounting
(some servers still use
1646)
RADIUS Server Yes
RADIUS Accounting
Server
Yes
Installing the Wi-Fi Array 73
Wi-Fi Array
Port Application Peer Configurable
XMS
25 tcp SMTP Mail Server Yes
161 udp SNMP Arrays No
162 udp SNMP Traphost 1 Arrays
443 tcp
514 udp
1099 tcp RMI Registry Internal* No
2000 tcp XMS Back-end Server Internal* No
3306 tcp MySQL Database Internal* No
8001 tcp Status Viewer Internal* No
8007 tcp Tomcat Shutdown Internal*
8009 tcp Web Container Internal*
9090 tcp XMS Webserver XMS client
HTTPS Arrays No
Resident Syslog
server
Internal*
Via XMS
config file
Via XMS
config file
During
installation
During
installation
During
installation
9091 tcp XMS Client Server XMS client
* Internal to XMS Server, no ports need to be unblocked on other network devices
Via XMS
config file
See Also
Management Control External Radius Services VLAN Management
74 Installing the Wi-Fi Array
Wi-Fi Array
z
z
z
Network Management Planning
Network management can be performed using any of the following methods:
Command Line Interface, using an SSH (Secure Shell) utility, like PuTTY. The utility must be set up to use SSH-2, since the Array will only allow SSH-2 connections.
Web-based management, using the Array’s embedded Web Management Interface (WMI). This method provides configuration and basic monitoring tools, and is good for small deployments (one or two units).
Centralized Web-based management, using the optional Xirrus Management System (XMS), which can be run on a dedicated Xirrus appliance (XM-3300) or your own server. The XMS is used for managing large Wi-Fi Array deployments from a centralized Web-based interface and offers the following features:
Globally manage large numbers of Arrays (up to 500) Seamless view of the entire wireless network Easily configure large numbers of Arrays Rogue AP monitoring Easily manage system-wide firmware updates Monitor performance and trends Aggregation of alerts and alarms
See Also
Failover Planning Power Planning Security Planning
Installing the Wi-Fi Array 75
Wi-Fi Array
z
z
z
z
WDS Planning
WDS (Wireless Distribution System) creates wireless backhauls between arrays, allowing your wireless network to be expanded using multiple Arrays without the need for a wired backbone to link them (see Figure 32). WDS features include:
One to three IAPs may be used to form a single WDS link, yielding up to 900 Mbps bandwidth per link (up to 162 Mbps for XS model Arrays). Up to three different WDS links may be created on a single Array.
Automatic IAP Load Balancing If desired, you may allow clients to associate to a BSS on the same radio
interface used for a WDS Host Link. This will take bandwidth from the WDS link.
Figure 32. WDS Link
Multiple links per Array allow you to configure multi-hop connections.
76 Installing the Wi-Fi Array
Wi-Fi Array
z
Multiple WDS links can provide link redundancy (failover capability - see
Figure 34). A network protocol (Spanning Tree Protocol—STP) prevents
Arrays from forming network loops.
Figure 33. A Multiple Hop WDS Connection
Figure 34. WDS Failover Protection
Installing the Wi-Fi Array 77
Wi-Fi Array
z
z
WDS links have a Host/Client relationship similar to the usual IAP/station pattern for Arrays:
A WDS Client Link associates/authenticates to a host (target) Array in the same way that a station associates to an IAP. The client side of the link must be configured with the root MAC address of the target (host) Array.
A WDS Host Link acts like an IAP by allowing one WDS Client Link to associate to it. An Array may have both client and host links.
WDS configuration is performed only on the client-side Array. See “WDS” on
page 285. Note that both Arrays must be configured with the same SSID name.
78 Installing the Wi-Fi Array
Loading...