How it Works
D-Link
Loading...
DWL-6620APS
operation manual
24 pgs1.13 Mb0
User guide
136 pgs4.67 Mb0
User Manual
5 pgs899.36 Kb0
User Manual
59 pgs3.17 Mb0
Table of contents
Loading...

D-Link DWL-6620APS, DWL-7620AP, DWL-8620AP, DWL-8620APE, DWL-6720AP User Manual

...
Download
UNIFIED ACCESS POINT ADMINISTRATOR’S GUIDE
PRODUCT MODEL: DWL-6620APS, DWL-7620AP, DWL-8620AP, DWL-8620APE,
DWL-6720AP, DWL-8720AP, DWL-X8630AP
UNIFIED WIRED & WIRELESS ACCESS SYSTEM RELEASE 7.00
© C
OPYRIGHT 2021. ALL RIGHTS RESERVED
Table of Contents
Section 1 - About This Document ............................................................................................6
Document Organization ......................................................................................................................................... 6
Additional Documentation ..................................................................................................................................... 6
Document Conventions ......................................................................................................................................... 6
Online Help, Supported Browsers, and Limitations ............................................................................................... 7
Section 2 - Getting Started ........................................................................................................8
Administrator’s Computer Requirements .............................................................................................................. 9
Wireless Client Requirements ............................................................................................................................... 9
Dynamic and Static IP Addressing on the AP ...................................................................................................... 10
Recovering an IP Address ............................................................................................................................. 10
Discovering a Dynamically Assigned IP Address .......................................................................................... 10
Installing the UAP ................................................................................................................................................ 10
Basic Settings ...................................................................................................................................................... 13
Connecting to the AP Web Interface by Using the IPv6 Address .................................................................. 14
Using the CLI to View the IP Address.................................................................................................................. 14
Conguring the Ethernet Settings ....................................................................................................................... 14
Using the CLI to Congure Ethernet Settings ............................................................................................... 15
Conguring IEEE 802.1X Authentication ............................................................................................................. 16
Verifying the Installation ......................................................................................................................................16
Conguring Security on the Wireless Access Point .............................................................................................17
Section 3 - Viewing Access Point Status ...............................................................................18
Viewing Interface Status ...................................................................................................................................... 18
Wired Settings (Internal Interface) ................................................................................................................ 18
Wireless Settings .......................................................................................................................................... 18
Viewing Events .................................................................................................................................................... 19
Conguring the Log Relay Host for Kernel Messages .................................................................................. 19
Enabling or Disabling the Log Relay Host on the Events Page .................................................................... 20
Viewing Transmit and Receive Statistics ............................................................................................................. 20
Viewing Associated Wireless Client Information ................................................................................................. 21
Viewing Managed AP DHCP Information ............................................................................................................ 22
Viewing Radio Statistics Information ................................................................................................................... 22
Section 4 - Managing the Access Point .................................................................................23
Ethernet Settings and Management IPv6 ............................................................................................................ 23
Ethernet Settings ................................................................................................................................................. 23
Wireless Settings ................................................................................................................................................. 25
Modifying Radio Settings ..................................................................................................................................... 26
Conguring Radio and VAP Scheduler................................................................................................................ 29
Scheduler Association Settings ........................................................................................................................... 31
Virtual Access Point Settings ............................................................................................................................... 32
None (Plain-text) ........................................................................................................................................... 35
WPA Personal ............................................................................................................................................... 35
WPA Enterprise ............................................................................................................................................. 36
Conguring Wireless Multicast Forwarding ......................................................................................................... 38
Conguring the Wireless Distribution System (WDS) ......................................................................................... 38
WPA/PSK on WDS Links .............................................................................................................................. 40
Controlling Access by MAC Authentication ......................................................................................................... 40
Conguring a MAC Filter and Station List on the AP..................................................................................... 41
Conguring MAC Authentication on the RADIUS Server .............................................................................. 42
Conguring Load Balancing ................................................................................................................................ 42
Managed Access Point Overview ........................................................................................................................ 43
Transition Between Modes ............................................................................................................................ 43
Conguring Managed Access Point Settings ................................................................................................43
Conguring 802.1X Authentication ...................................................................................................................... 44
Application Identication ...................................................................................................................................... 45
Section 5 - Conguring Access Point Services ....................................................................46
Web Server Settings ........................................................................................................................................... 46
Unied Access Point Administrator’s Guide
2021
Page 2
Setting the SSH Status ........................................................................................................................................ 46
Setting the Telnet Status ..................................................................................................................................... 47
Conguring Quality of Service ............................................................................................................................. 47
Conguring SNMP on the Access Point .............................................................................................................. 48
Enabling the Time Settings (NTP) ....................................................................................................................... 50
Section 6 - Conguring SNMPv3 ............................................................................................52
Conguring SNMPv3 Views ................................................................................................................................ 52
Conguring SNMPv3 Groups .............................................................................................................................. 53
Conguring SNMPv3 Users ................................................................................................................................ 54
Conguring SNMPv3 Targets .............................................................................................................................. 55
Section 7 - Maintaining the Access Point ..............................................................................56
Saving the Current Conguration to a Backup File ............................................................................................. 56
Restoring the Conguration from a Previously Saved File .................................................................................. 56
Resetting the Factory Default Conguration ................................................................................................. 57
Rebooting the Access Point ..........................................................................................................................57
Upgrading the Firmware ...................................................................................................................................... 57
Support Information Conguration and Settings ................................................................................................. 58
Section 8 - Conguring Client Quality of Service (QoS) ......................................................59
Conguring VAP QoS Parameters ...................................................................................................................... 59
2021
Unied Access Point Administrator’s Guide
Page 3
List of Figures
Figure 1 - Administrator UI Online Help ..................................................................................................................... 7
Figure 2 - Web UI Login Prompt .............................................................................................................................. 12
Figure 3 - Provide Basic Settings ............................................................................................................................ 12
Figure 4 - Command Line Interface (CLI) Connection ............................................................................................ 14
Figure 5 - Viewing Interface Status ......................................................................................................................... 18
Figure 6 - Viewing Events ........................................................................................................................................ 19
Figure 7 - Viewing Trafc Statistics ......................................................................................................................... 20
Figure 8 - Viewing Client Association Information ................................................................................................... 21
Figure 9 - Managed AP DHCP Information ............................................................................................................. 22
Figure 10 - View Radio Statistics ............................................................................................................................. 22
Figure 11 - Modify Ethernet (Wired) settings ........................................................................................................... 24
Figure 12 - Modify Wireless Settings ....................................................................................................................... 25
Figure 13 - Modify Radio Settings ........................................................................................................................... 27
Figure 14 - Scheduler Conguration ....................................................................................................................... 30
Figure 15 - Scheduler Conguration (Modify Rule) ................................................................................................. 31
Figure 16 - Scheduler Association Settings ............................................................................................................. 32
Figure 17 - Modify Virtual Access Point Settings ..................................................................................................... 33
Figure 18 - Modify Virtual Access Point Settings (WPA Personal) .......................................................................... 36
Figure 19 - Modify Virtual Access Point Settings (WPA Enterprise) ........................................................................ 36
Figure 20 - Wireless Multicast Forwarding .............................................................................................................. 38
Figure 21 - Congure WDS Bridges ........................................................................................................................ 39
Figure 22 - Congure MAC Authentication .............................................................................................................. 41
Figure 23 - Modify Load Balancing Settings ............................................................................................................ 42
Figure 24 - Congure Managed AP Wireless Switch Parameters ........................................................................... 44
Figure 25 - Modify 802.1X Supplicant Authentication Settings ................................................................................45
Figure 26 - Application Identication ....................................................................................................................... 45
Figure 27 - Congure Web Server Settings ............................................................................................................. 46
Figure 28 - Set SSH Status ..................................................................................................................................... 47
Figure 29 - Set Telnet Status ................................................................................................................................... 47
Figure 30 - Modify QoS Queue Parameters ............................................................................................................ 47
Figure 31 - SNMP Conguration ............................................................................................................................. 49
Figure 32 - Time Settings (NTP) .............................................................................................................................. 51
Figure 33 - SNMPv3 Views Conguration ............................................................................................................... 52
Figure 34 - SNMPv3 Groups Conguration ............................................................................................................. 53
Figure 35 - SNMPv3 User Conguration ................................................................................................................. 54
Figure 36 - SNMPv3 Targets Conguration ............................................................................................................. 55
Figure 37 - Manage this Access Point’s Conguration - Save................................................................................. 56
Figure 38 - Manage this Access Point’s Conguration - Restore (HTTP) ............................................................... 56
Figure 39 - Performing AP Maintenance ................................................................................................................. 57
Figure 40 - Manage Firmware (HTTP) .................................................................................................................... 58
Figure 41 - Support Information .............................................................................................................................. 58
Figure 42 - Congure Client QoS VAP Settings ...................................................................................................... 59
2021
Unied Access Point Administrator’s Guide
Page 4
List of Tables
Table 1 - Typographical Conventions ........................................................................................................................ 7
Table 2 - Requirements for the Administrator’s Computer ......................................................................................... 9
Table 3 - Requirements for Wireless Clients ........................................................................................................... 10
Table 4 - Basic Settings Page ................................................................................................................................. 13
Table 5 - CLI Commands for Ethernet Setting ........................................................................................................ 15
Table 6 - Logging Options ....................................................................................................................................... 19
Table 7 - Log Relay Host ......................................................................................................................................... 20
Table 8 - Transmit/Receive ...................................................................................................................................... 21
Table 9 - Associated Clients .................................................................................................................................... 21
Table 10 - Radio Statistics Information .................................................................................................................... 22
Table 11 - Ethernet Settings and Management IPv6 .............................................................................................. 25
Table 12 - Wireless Settings .................................................................................................................................... 26
Table 13 - Radio Settings ........................................................................................................................................ 29
Table 14 - Scheduler Conguration ......................................................................................................................... 30
Table 15 - Scheduler Association Settings .............................................................................................................. 32
Table 16 - Virtual Access Point Settings .................................................................................................................. 35
Table 17 - WPA Personal ......................................................................................................................................... 36
Table 18 - WPA Enterprise ....................................................................................................................................... 37
Table 19 - Wireless Multicast Forwarding ................................................................................................................ 38
Table 20 - WDS Settings ......................................................................................................................................... 40
Table 21 - WPA/PSK on WDS Links ........................................................................................................................ 40
Table 22 - MAC Authentication ................................................................................................................................ 42
Table 23 - RADIUS Server Attributes for MAC Authentication ................................................................................. 42
Table 24 - Load Balancing ....................................................................................................................................... 43
Table 25 - Managed Access Point ........................................................................................................................... 44
Table 26 - IEEE 802.1X Supplicant Authentication .................................................................................................. 45
Table 27 - Web Server Settings ............................................................................................................................... 46
Table 28 - SSH Settings .......................................................................................................................................... 47
Table 29 - Telnet Settings ........................................................................................................................................ 47
Table 30 - QoS Settings .......................................................................................................................................... 48
Table 31 - SNMP Settings ....................................................................................................................................... 50
Table 32 - NTP Settings ........................................................................................................................................... 51
Table 33 - SNMPv3 Views ....................................................................................................................................... 52
Table 34 - SNMPv3 Groups ..................................................................................................................................... 54
Table 35 - SNMPv3 Users ....................................................................................................................................... 54
Table 36 - SNMPv3 Targets ..................................................................................................................................... 55
Table 37 - Support Information ................................................................................................................................ 58
Table 38 - VAP QoS Parameters ............................................................................................................................. 59
2021
Unied Access Point Administrator’s Guide
Page 5

Section 1 - About This Document

Section 1 - About This Document
This guide describes setup, conguration, administration and maintenance for the D-Link Unied Access Point (UAP) on a wireless network.

Document Organization

The Unied Access Point Administrator’s Guide contains the following sections:
•) “Section 1 - About This Document” on page 6
•) “Section 2 - Getting Started” on page 8
•) “Section 3 - Viewing Access Point Status” on page 18
•) “Section 4 - Managing the Access Point” on page 23
•) “Section 5 - Conguring Access Point Services” on page 46
•) “Section 6 - Conguring SNMPv3” on page 52
•) “Section 7 - Maintaining the Access Point” on page 56
•) “Section 8 - Conguring Client Quality of Service (QoS)” on page 59

Additional Documentation

The following documentation provides additional information about Unied Access Point software:
•) The Unied Access Point CLI Command Reference describes the commands available from the command-line
interface (CLI) for managing, monitoring, and conguring the switch.
•) The User Manual for the D-Link Unied Wired and Wireless System provides information about setting up and
managing the Unied Wireless Switch (UWS), including information about how to use the switch to manage
multiple UAPs.
•) Release notes for the D-Link Unied Wired and Wireless System detail the platform-specic functionality of the
software packages, including issues and workarounds.

Document Conventions

This section describes the conventions this document uses.
Note: A note provides more information about a feature or technology and cross-references to related topics.
Caution! A caution provides information about critical aspects of AP conguration, combinations of settings, events, or procedures that can adversely affect network connectivity, security, and so on.
The following table describes the typographical conventions used in this guide.
Symbol Example Description
Bold Click Apply to save your settings. Menu titles, page names, and button names.
Blue Text See “Document Conventions” on
page 6
Courier Font WLAN-AP# show network
Courier Font Italics
Square Brackets [ ] [Value] Indicates an optional xed parameter.
Curly Braces {} {Choice1 | Choice2} Indicates that you must select a parameter from the
Value
Hyperlink text.
Screen text, le names, commands, user-typed
command-line entries.
Command parameter, which might be a variable or
xed value.
list of choices.
2021
Unied Access Point Administrator’s Guide
Page 6
Symbol Example Description
Vertical Bars | Choice1 | Choice2 Separates the mutually exclusive choices.
Braces within square
brackets [{}]
[{Choice1 | Choice2}] Indicate a choice within an optional element.

Table 1 - Typographical Conventions

Section 1 - About This Document

Online Help, Supported Browsers, and Limitations

Online help for the UAP Administration Web pages provides information about all elds and features available from
the user interface (UI). The information in the online help is a subset of the information available in the Unied Access Point Administrator’s Guide.
Online help information corresponds to each page on the UAP Administration UI.
For information about the settings on the current page, click the Help link on the upper right side of a page.
The following gure shows an example of the online help available from the links on the user interface.
2021

Figure 1 - Administrator UI Online Help

Unied Access Point Administrator’s Guide
Page 7

Section 2 - Getting Started

Section 2 - Getting Started
The D-Link Unied Access Point (UAP) provides continuous, high-speed access between wireless devices and Ethernet devices. It is an advanced, standards-based solution for wireless networking in businesses of any size. The UAP enables wireless local area network (WLAN) deployment while providing state-of-the-art wireless networking
features.
The UAP can operate in two modes: Standalone Mode or Managed Mode. In Standalone Mode, the UAP acts as an individual access point in the network, and you manage it by using the Administrator Web User Interface (UI), command-line interface (CLI), or SNMP. In Managed Mode, the UAP is part of the D-Link Unied Wired and Wireless System, and you manage it by using the D-Link Unied Wireless Switch. If an AP is in Managed Mode, the Administrator Web UI, Telnet, SSH, and SNMP services are disabled.
This document describes how to perform the setup, management, and maintenance of the UAP in Standalone Mode. For information about conguring the AP in Managed Mode by using the D-Link Unied Wireless Switch, see the User
Manual for the switch.
Before you power on a new UAP, review the following sections to check required hardware and software components, client congurations, and compatibility issues. Make sure you have everything you need for a successful launch and test of your new or extended wireless network.
This section contains the following topics:
•) “Administrator’s Computer Requirements” on page 9
•) “Wireless Client Requirements” on page 9
•) “Dynamic and Static IP Addressing on the AP” on page 10
•) “Installing the UAP” on page 10
•) “Basic Settings” on page 13
•) “Using the CLI to View the IP Address” on page 14
•) “Conguring the Ethernet Settings” on page 14
•) “Conguring IEEE 802.1X Authentication” on page 16
•) “Verifying the Installation” on page 16
•) “Conguring Security on the Wireless Access Point” on page 17
To manage the UAP by using the Web interface or by using the CLI through Telnet or SSH, the AP needs an IP
address. If you use VLANs or IEEE 802.1X Authentication (port security) on your network, you might need to congure additional settings on the AP before it can connect to the network.
Note: The WLAN AP is not designed to function as a gateway to the Internet. To connect your WLAN to other LANs or the Internet, you need a gateway device.
2021
Unied Access Point Administrator’s Guide
Page 8
Section 2 - Getting Started

Administrator’s Computer Requirements

The following table describes the minimum requirements for the administrator’s computer for conguration and
administration of the UAP through a Web-based user interface (UI).
Required Software or Component Description
Serial or Ethernet Connection to the
Access Point
Wireless Connection to the Network After initial conguration and launch of the rst access point on your
Web Browser and Operating System Conguration and administration of the UAP is provided through a Web-
The computer used to congure the rst access point must be connected to the access point by a serial cable or an Ethernet cable.
new wireless network, you can make subsequent conguration changes
through the Administration Web pages using a wireless connection to the
internal network.
For wireless connection to the access point, your administration device will need Wi-Fi capability similar to that of any wireless client:
•) Portable or built-in Wi-Fi client adapter that supports one or more of
the IEEE 802.11 modes in which you plan to run the access point.
•) Wireless client software congured to associate with the UAP.
based user interface hosted on the access point.
We recommend using one of the following supported Web browsers to access the access point Administration Web pages:
•) Microsoft level for either major version)
•) Mozilla® Firefox version 26.0 or later
•) Chrome on Windows (for AP only) version 32.0 or later
The administration Web browser must have JavaScript™ enabled to support the interactive features of the administration interface.
Security Settings Ensure that security is disabled on the wireless client used to initially
congure the access point.

Table 2 - Requirements for the Administrator’s Computer

®
Internet Explorer® version 8.x or 9.x (with up-to-date patch

Wireless Client Requirements

The UAP provides wireless access to any client with a properly congured Wi-Fi client adapter for the 802.11 mode
in which the access point is running. The UAP supports multiple client operating systems. Clients can be laptop or
desktop computers, personal digital assistants (PDAs), or any other hand-held, portable or stationary device equipped with a Wi-Fi adapter and supporting drivers.
To connect to the access point, wireless clients need the software and hardware described in the following table.
Required Component Description
Wi-Fi Client Adapter Portable or built-in Wi-Fi client adapter that supports one or more of the
IEEE 802.11 modes in which you plan to run the access point.
Wireless Client Software Client software, such as Microsoft Windows Supplicant, congured to
associate with the UAP.
Unied Access Point Administrator’s Guide
2021
Page 9
Required Component Description
Client Security Settings Security should be disabled on the client used to do initial conguration of
the access point.
If the Security mode on the access point is set to anything other than plain
text, wireless clients will need to set a prole to the authentication mode
used by the access point and provide a valid username and password,
certicate, or similar user identity proof. Security modes are WPA/WPA2/ WPA3-Enterprise, and WPA/WPA2/WPA3-Personal.
For information about conguring security on the access point, see “Virtual
Access Point Settings” on page 32

Table 3 - Requirements for Wireless Clients

Section 2 - Getting Started

Dynamic and Static IP Addressing on the AP

When you power on the access point, the built-in DHCP client searches for a DHCP server on the network in order to obtain an IP Address and other network information. If the AP does not nd a DHCP server on the network, the AP
continues to use its default Static IP Address (10.90.90.91) until you re-assign it a new static IP address (and specify a
static IP addressing policy) or until the AP successfully receives network information from a DHCP server.
To change the connection type and assign a static IP address by using the CLI, see “Conguring the Ethernet
Settings” on page 14 or, by using the Web UI, see “Ethernet Settings” on page 23 .
Caution! If you do not have a DHCP server on your internal network, and do not plan to use one, the rst thing you must do after powering on the access point is change the connection type from
DHCP to static IP. You can either assign a new static IP address to the AP or continue using the default address. We recommend assigning a new static IP address so that if you bring up another
WLAN AP on the same network, the IP address for each AP will be unique.

Recovering an IP Address

If you experience trouble communicating with the access point, you can recover a static IP address by resetting the AP
conguration to the factory defaults (see “Resetting the Factory Default Conguration” on page 57 ), or you can get a dynamically assigned address by connecting the AP to a network that has a DHCP server.

Discovering a Dynamically Assigned IP Address

If you have access to the DHCP server on your network and know the MAC address of your AP, you can view the new IP address associated with the MAC address of the AP.
If you do not have access to the DHCP server that assigned the IP address to the AP or do not know the MAC address of the AP, you might need to use the CLI to nd out what the new IP address is. For information about how to discover
a dynamically assigned IP address, see “Using the CLI to View the IP Address” on page 14 .

Installing the UAP

To access the Administration Web UI, you enter the IP address of the AP into a Web browser. You can use the default IP address of the AP (10.90.90.91) to log on to the AP and assign a static IP address, or you can use a DHCP server
on you network to assign network information to the AP. The DHCP client on the AP is enabled by default.
To install the UAP, use the following steps:
1.) Connect the AP to an administrative PC by using a LAN connection or a direct-cable connection.
Unied Access Point Administrator’s Guide
2021
Page 10
•) To use a LAN connection, connect one end of an Ethernet cable to the network port on the access point and
the other end to the same hub where your PC is connected, as shown in the following gure.
The hub or switch you use must permit broadcast signals from the access point to reach all other devices on
the network.
•) To use a direct-cable connection, connect one end of an Ethernet straight-through or crossover cable to the
network port on the access point and the other end of the cable to the Ethernet port on the PC, as shown in the following gure. You can also use a serial cable to connect the serial port on the AP to a serial port on the
administrative computer.
Section 2 - Getting Started
For initial conguration with a direct Ethernet connection and no DHCP server, be sure to set your PC to a
static IP address in the same subnet as the default IP address on the access point. (The default IP address for the access point is 10.90.90.91.)
If you use this method, you will need to recongure the cabling for subsequent startup and deployment of the
access point so that the access point is no longer connected directly to the PC but instead is connected to the LAN (either by using a hub or directly).
Note: It is possible to detect access points on the network with a wireless connection. However,
we strongly advise against using this method. In most environments you may have no way
of knowing whether you are actually connecting to the intended AP. Also, many of the initial conguration changes required will cause you to lose connectivity with the AP over a wireless
connection.
2.) Connect the power adapter to the power port on the back of the access point, and then plug the other end of the power cord into a power outlet.
3.) Use your Web browser to log on to the UAP Administration Web pages.
•) If the AP did not acquire an IP address from a DHCP server on your network, enter 10.90.90.91 in the address
eld of your browser, which is the default IP address of the AP.
•) If you used a DHCP server on your network to automatically congure network information for the AP, enter the
new IP address of the AP into the Web browser.
•) If you used a DHCP server and you do not know the new IP address of the AP, use the following procedures to
obtain the information:
•) Connect a serial cable from the administrative computer to the AP and use a terminal emulation program to
access the command-line interface (CLI).
•) At the login prompt, enter admin for the user name and admin for the password. At the command prompt,
enter get management.
•) The command output displays the IP address of the AP. Enter this address in the address eld of your browser.
For a more detailed explanation about how to log on to the CLI by using the console port, see “Using the CLI
to View the IP Address” on page 24.
4.) When prompted, enter admin for the user name and admin for the password, then click Logon.
Unied Access Point Administrator’s Guide
2021
Page 11
After you log in, the Basic Settings page for UAP administration is displayed, as the following gure shows.
Section 2 - Getting Started

Figure 2 - Web UI Login Prompt

Figure 3 - Provide Basic Settings

5.) Verify the settings on the Basic Settings page.
•) Review access point description and provide a new administrator password for the access point if you do not
want to use the default password, which is admin.
•) Click the Apply button to activate the wireless network with these new settings.
Note: The changes you make are not saved or applied until you click Apply. Changing some
access point settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that you change access point
settings when WLAN trafc is low.
For information about the elds and conguration options on the Basic Settings page, see “Basic Settings” on
page 13 .
6.) If you do not have a DHCP server on the management network and do not plan to use one, you must change the Connection Type from DHCP to Static IP.
You can either assign a new Static IP address to the AP or continue using the default address. We recommend
assigning a new Static IP address so that if you bring up another UAP on the same network, the IP address
for each AP will be unique. To change the connection type and assign a static IP address, see “Conguring the
Ethernet Settings” on page 14 (CLI) or “Ethernet Settings” on page 23 (Web).
7.) If your network uses VLANs, you might need to congure the management VLAN ID or untagged VLAN ID on
the UAP in order for it to work with your network.
For information about how to congure VLAN information, see “Conguring the Ethernet Settings” on page 14
(CLI) or “Ethernet Settings” on page 23 (Web).
8.) If your network uses IEEE 802.1X port security for network access control, you must congure the 802.1X
supplicant information on the AP.
For information about how to congure the 802.1X user name and password, see “Conguring IEEE 802.1X
Authentication” on page 16 .
Unied Access Point Administrator’s Guide
2021
Page 12
Section 2 - Getting Started

Basic Settings

From the Basic Settings page, you can view various information about the UAP, including IP and MAC address information, and congure the administrator password for the UAP. The following table describes the elds and conguration options on the Basic Settings page.
Field Description
IP Address Shows the IP address assigned to the AP. This eld is not editable on this page because
the IP address is already assigned (either by DHCP, or statically through the Ethernet
Settings page).
IPv6 Address Shows the IPv6 address assigned to the AP. This eld is not editable on this page because
the IP address is already assigned (either by DHCPv6, or statically through the Ethernet
Settings page).
IPv6 Address Status Shows the operational status of the static IPv6 address assigned to the management
interface of the AP. The possible values are Operational and Tentative.
IPv6 Auto­congured Global
Addresses
IPv6 Link Local
Address
MAC Address Shows the MAC address of the AP. The address shown here is the MAC address
Firmware Version Shows version information about the rmware currently installed on the AP. As new
Model Displays the AP model number.
Product Identier Identies the AP hardware model.
Hardware Version Identies the AP hardware version.
Serial Number Shows the AP serial number.
Device Name Generic name to identify the type of hardware.
Device Description Provides information about the product hardware.
New Password Enter a new administrator password. The characters you enter are displayed as bullet
Shows each automatically-congured global IPv6 address for the management interface of
the AP.
Shows the IPv6 Link Local address, which is the IPv6 address used by the local physical link. The link local address is not congurable and is assigned by using the IPv6 Neighbor
Discovery process.
associated with the management interface. This is the address by which the AP is known externally to other networks.
versions of the WLAN AP rmware become available, you can upgrade the rmware on
your APs.
characters to prevent others from seeing your password as you type.
The administrator password must be an alphanumeric string of up to 32 characters. The special characters are also supported.
Note: As an immediate rst step in securing your wireless network, we recommend that
you change the administrator password from the default.
Conrm New
Password
System Name Enter a name for the AP. This name appears only on the Basic Settings page and is a
System Contact Enter the name, e-mail address, or phone number of the person to contact regarding
System Location Enter the physical location of the AP, for example Conference Room A.
2021
Re-enter the new administrator password to conrm that you typed it as intended.
name to identify the AP to the administrator. Use up to 64 alphanumeric characters, for
example My AP.
issues related to the AP.

Table 4 - Basic Settings Page

Unied Access Point Administrator’s Guide
Page 13
Section 2 - Getting Started

Connecting to the AP Web Interface by Using the IPv6 Address

To connect to the AP by using the IPv6 global address or IPv6 link local address, you must enter the AP address into
your browser in a special format.
To connect to an IPv6 global address, add square brackets around the IPv6 address. For example, if the AP global IPv6 address is 2520::230:abff:fe00:2420, type the following address into the address eld: http:// [2520::230:abff:fe00:2420].

Using the CLI to View the IP Address

The DHCP client on the UAP is enabled by default. If you connect the UAP to a network with a DHCP server, the
AP automatically acquires an IP address. To manage the UAP by using the Administrator UI, you must enter the IP address of the access point into a Web browser.
If a DHCP server on your network assigns an IP address to the UAP, and you do not know the IP address, use the
following steps to view the IP address of the UAP:
1.) Using a null-modem cable, connect a VT100/ANSI terminal or a workstation to the console (serial) port.
If you attached a PC, Apple, or UNIX workstation, start a terminal-emulation program, such as HyperTerminal or
TeraTerm.
2.) Congure the terminal-emulation program to use the following settings:
•) Baud rate: 115200 bps
•) Data bits: 8
•) Parity: none
•) Stop bit: 1
•) Flow control: none
3.) Press the return key, and a login prompt should appear. The login name is admin. The default password is admin. After a successful login, the screen shows the (Access Point Name)# prompt.
4.) At the login prompt, enter Information similar to the following prints to the screen.
get management.

Figure 4 - Command Line Interface (CLI) Connection

Conguring the Ethernet Settings
The default Ethernet settings, which include DHCP and VLAN information, might not work for all networks.
Unied Access Point Administrator’s Guide
2021
Page 14
Section 2 - Getting Started
By default, the DHCP client on the UAP automatically broadcasts requests for network information. If you want to use a static IP address, you must disable the DHCP client and manually congure the IP address and other network
information.
The management VLAN is VLAN 1 by default. This VLAN is also the default untagged VLAN. If you already have
a management VLAN congured on your network with a different VLAN ID, you must change the VLAN ID of the
management VLAN on the access point.
For information about using the Web interface to congure the Ethernet settings, see “Ethernet Settings” on page
23. You can also use the CLI to congure the Ethernet settings, which the following section describes.
Using the CLI to Congure Ethernet Settings
Use the commands shown in the following table to view and set values for the Ethernet (wired) interface. For more information about each setting, see the description for the eld in the following table.
Action Commands
Get Current Settings for the Ethernet (Wired) Internal
Interface
Set the management VLAN ID
View untagged VLAN information
Enable the untagged VLAN
Disable the untagged VLAN
Set the untagged VLAN ID
View the connection type
Use DHCP as the connection type
Use a Static IP as the connection type
Set the Static IP address
Set a Subnet Mask
Set the Default Gateway

Table 5 - CLI Commands for Ethernet Setting

get management
set management vlan-id <1-4094>
get untagged-vlan
set untagged-vlan status up
set untagged-vlan status down
set untagged-vlan vlan-id <1-4094>
get management dhcp-status
set management dhcp-status up
set management dhcp-status down
set management static-ip <ip_address>
For example:
set management static-ip 10.10.12.221
set management static-mask <netmask>
For example:
set management static-mask 255.255.255.0
set static-ip-route gateway <ip_address>
For example:
set static-ip-route gateway 10.10.12.1
In the following example, the administrator uses the CLI to set the management VLAN ID to 123 and to disable the
untagged VLAN so that all trafc is tagged with a VLAN ID.
Unied Access Point Administrator’s Guide
2021
Page 15
DLINK-WLAN-AP# set management vlan-id 123 DLINK-WLAN-AP# set untagged-vlan status down DLINK-WLAN-AP# get management Property Value
-------------------------------------------­vlan-id 123 interface brtrunk static-ip 10.90.90.91 static-mask 255.0.0.0 ip 10.90.90.91 mask 255.0.0.0 mac 00:05:5E:80:70:00 dhcp-status down ipv6-status up
ipv6-autocong-status up
static-ipv6 ::
static-ipv6-prex-length 0
DLINK-WLAN-AP# get untagged-vlan Property Value
--------------­vlan-id 1 status down
DLINK-WLAN-AP#
Section 2 - Getting Started
Conguring IEEE 802.1X Authentication
On networks that use IEEE 802.1X, port-based network access control, a supplicant (client) cannot gain access to the network until the 802.1X authenticator grants access. If your network uses 802.1X, you must congure 802.1X
authentication information that the AP can supply to the authenticator.
If your network uses IEEE 802.1X see “Conguring IEEE 802.1X Authentication” on page 16 for information about how to congure 802.1X by using the Web interface.

Verifying the Installation

Make sure the access point is connected to the LAN and associate some wireless clients with the network. Once you have tested the basics of your wireless network, you can enable more security and ne-tune the AP by modifying advanced conguration features.
1.) Connect the access point to the LAN.
•) If you congured the access point and administrator PC by connecting both into a network hub, then your
access point is already connected to the LAN. The next step is to test some wireless clients.
•) If you congured the access point by using a direct cable connection from your computer to the access point,
do the following procedures:
•) Disconnect the cable from the computer and the access point.
•) Connect an Ethernet cable from the access point to the LAN.
•) Connect your computer to the LAN by using an Ethernet cable or a wireless card.
2.) Test LAN connectivity with wireless clients.
Test the UAP by trying to detect it and associate with it from some wireless client devices. For information about
requirements for these clients, see “Wireless Client Requirements” on page 9.
3.) Secure and congure the access point by using advanced features.
Once the wireless network is up and you can connect to the AP with some wireless clients, you can add in layers of security, create multiple virtual access points (VAPs), and congure performance settings.
2021
Note: The WLAN AP is not designed for multiple, simultaneous conguration changes. If more than one administrator is logged onto the Administration Web pages and making changes to the conguration, there is no guarantee that all conguration changes specied by multiple users will
be applied.
Unied Access Point Administrator’s Guide
Page 16
By default, no security is in place on the access point, so any wireless client can associate with it and access
your LAN. An important next step is to congure security, as described in “Virtual Access Point Settings” on page
32.
Section 2 - Getting Started
Conguring Security on the Wireless Access Point
You congure secure wireless client access by conguring security for each virtual access point (VAP) that you enable. You can congure up to 16 VAPs per radio that simulate multiple APs in one physical access point. By default, only one VAP is enabled. For each VAP, you can congure a unique security mode to control wireless client access.
Each radio has 16 VAPs, with VAP IDs from 0-15. By default, only VAP 0 on each radio is enabled. VAP0 has the
following default settings:
•) VLAN ID: 1
•) Broadcast SSID: Enabled
•) SSID: dlink1
•) Security: None
•) MAC Authentication Type: None
•) Redirect Mode: None
All other VAPs are disabled by default. The default SSID for VAPs 1–15 is ”dlinkx” where x is the VAP ID.
To prevent unauthorized access to the UAP, we recommend that you select and congure a security option other than
None for the default VAP and for each VAP that you enable.
For information about how to congure the security settings on each VAP, see “Virtual Access Point Settings” on page
32.
2021
Unied Access Point Administrator’s Guide
Page 17

Section 3 - Viewing Access Point Status

Section 3 - Viewing Access Point Status
This section describes the information you can view from the tabs under the Status heading on the Administration Web UI. This section contains the following subsections:
•) “Viewing Interface Status” on page 18
•) “Viewing Events” on page 19
•) “Viewing Transmit and Receive Statistics” on page 20
•) “Viewing Associated Wireless Client Information” on page 21
•) “Viewing Managed AP DHCP Information” on page 22
•) “Viewing Radio Statistics Information” on page 22

Viewing Interface Status

To monitor Ethernet LAN (wired) and wireless LAN (WLAN) settings, click the Interfaces tab.

Figure 5 - Viewing Interface Status

This page displays the current settings of the UAP. It displays the Wired Settings and the Wireless Settings.

Wired Settings (Internal Interface)

The Internal interface includes the Ethernet MAC Address, Management VLAN ID, IP Address (IPv4 and IPv6), Subnet Mask, and DNS information. To change any of these settings, click the Edit link. After you click Edit, you are
redirected to the Ethernet Settings page.
For information about conguring these settings, see “Conguring the Ethernet Settings” on page 14.

Wireless Settings

The Radio Interface includes the AeroScout™ Engine Communication status, Radio Mode and Channel. The Wireless Settings section also shows the MAC address (read-only) associated with each radio interface.
To change the Radio Mode or Channel settings, click the Edit link. After you click Edit, you are redirected to the
Modify Wireless Settings page.
For information about conguring these settings, see “Wireless Settings” on page 25 and “Modifying Radio Settings”
on page 26.
2021
Unied Access Point Administrator’s Guide
Page 18
Section 3 - Viewing Access Point Status

Viewing Events

The Events page shows real-time system events on the AP such as wireless clients associating with the AP and being authenticated.
To view system events, click the Events tab.

Figure 6 - Viewing Events

Table 6 - Logging Options

Note: To apply your changes, click Apply. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity.
We recommend that you change AP settings when WLAN trafc is low.
Conguring the Log Relay Host for Kernel Messages
The Kernel Log is a comprehensive list of system events (shown in the System Log) and kernel messages such as error conditions, like dropping frames.
You cannot view kernel log messages directly from the Administration Web UI for an AP. You must rst set up a remote server running a syslog process and acting as a syslog log relay host on your network. Then, you can congure the
UAP to send syslog messages to the remote server.
Remote log server collection for AP syslog messages provides the following features:
•) Allows aggregation of syslog messages from multiple APs
•) Stores a longer history of messages than kept on a single AP
•) Triggers scripted management operations and alerts
To use Kernel Log relaying, you must congure a remote server to receive the syslog messages. The procedure to congure a remote log host depends on the type of system you use as the remote host.
2021
Note: The syslog process will default to use port 514. We recommend keeping this default port. However, if you choose to recongure the log port, make sure that the port number you assign to
syslog is not being used by another process.
Unied Access Point Administrator’s Guide
Page 19
Section 3 - Viewing Access Point Status

Enabling or Disabling the Log Relay Host on the Events Page

To enable and congure Log Relaying on the Events page, set the Log Relay options as described in the following table, and then click Update.
Field Description
Relay Log Select Enabled to allow the UAP to send log messages to a remote host. Select Disabled
to keep all log messages on the local system.
Relay Host Specify the IPv4 Address or DNS name of the remote log server.
Relay Port Specify the Port number for the syslog process on the Relay Host.
The default port is 514.

Table 7 - Log Relay Host

Note: To apply your changes, click Apply. Changing some settings might cause the AP to stop
and restart system processes. If this happens, wireless clients will temporarily lose connectivity.
We recommend that you change AP settings when WLAN trafc is low.
If you enabled the Log Relay Host, clicking Apply will activate remote logging. The AP will send its kernel messages real-time for display to the remote log server monitor, a specied kernel log le, or other storage, depending on how you congured the Log Relay Host.
If you disabled the Log Relay Host, clicking Apply will disable remote logging.

Viewing Transmit and Receive Statistics

The Transmit/Receive page provides some basic information about the current AP and a real-time display of the
transmit and receive statistics for the Ethernet interface on the AP and for the VAPs on all supported radio interfaces. All transmit and receive statistics shown are totals since the AP was last started. If you reboot the AP, these gures
indicate transmit and receive totals since the reboot.
To view transmit and receive statistics for the AP, click the Transmit/Receive tab.
2021
Figure 7 - Viewing Tra󰀩c Statistics
Unied Access Point Administrator’s Guide
Page 20
Field Description
Interface The name of the Ethernet or VAP interface.
Status Shows whether the interface is up or down.
MAC Address MAC address for the specied interface. The UAP has a unique MAC address for each
interface. Each radio has a different MAC address for each interface on each of its two
radios.
VLAN ID Virtual LAN (VLAN) ID.
You can use VLANs to establish multiple internal and guest networks on the same AP.
The VLAN ID is set on the VAP page. (See “Conguring Load Balancing” on page 42)
Name (SSID) Wireless network name. Also known as the SSID, this alphanumeric key uniquely identies a
wireless local area network.
The SSID is set on the VAP page. (See “Conguring Load Balancing” on page 42)
Transmit and Receive Information
Total Packets Indicates total packets sent (in Transmit table) or received (in Received table) by this AP.
Total Bytes Indicates total bytes sent (in Transmit table) or received (in Received table) by this AP.
Total Drop Packets Indicates total number of packets sent (in Transmit table) or received (in Received table) by
this AP that were dropped.
Errors Indicates total errors related to sending and receiving data on this AP.

Table 8 - Transmit/Receive

Section 3 - Viewing Access Point Status

Viewing Associated Wireless Client Information

To view the client stations associated with a particular access point, click the Client Associations tab.

Figure 8 - Viewing Client Association Information

The associated stations are displayed along with information about packet trafc transmitted and received for each
station.
The following describes the elds on the Client Associations page.
Field Description
Network Shows which radio the client is associated with.
Station Shows the MAC address of the associated wireless client.
TxRate Shows the transmit data rates in Mbps.
RxRate Shows the receive data rates in Mbps.
RSSI Signal strength. Shows the measurement of how well the client can hear a signal from the
associated access point.
Mode Shows the signal strength
Assoc_time Shows the amount of time that has passed since the client associated to the access point.

Table 9 - Associated Clients

2021
Unied Access Point Administrator’s Guide
Page 21
Section 3 - Viewing Access Point Status

Viewing Managed AP DHCP Information

The UAP can learn about D-Link Unied Wireless Switches on the network through DHCP responses to its initial DHCP request. The Managed AP DHCP page displays the DNS names or IP addresses of up to four D-Link Unied Wireless Switches that the AP learned about from a DHCP server on your network.

Figure 9 - Managed AP DHCP Information

For information about how to congure a DHCP server to respond to AP DHCP requests with the switch IP address
information, see the User Manual for the switch.

Viewing Radio Statistics Information

The Radio Statistics page provides detailed information about the packets and bytes transmitted and received on the
radio interface of this access point.

Figure 10 - View Radio Statistics

The following table describes details about the Radio Statistics information.
Field Description
Radio Choose either 5GHz radio or 2.4GHz radio to view statistics for the selected radio.
WLAN Packets Received
WLAN Packets
Transmitted
WLAN Packets Receive Dropped
WLAN Packets
Transmit Dropped
WLAN Bytes Received
WLAN Bytes
Transmitted
Multicast Frames
Received
Total packets received by the AP on this radio interface.
Total packets transmitted by the AP on this radio interface.
Number of packets received by the AP on this radio interface that were dropped.
Number of packets transmitted by the AP on this radio interface that were dropped.
Total bytes received by the AP on this radio interface.
Total bytes transmitted by the AP on this radio interface.
Count of MSDU frames received with the multicast bit set in the destination MAC address.

Table 10 - Radio Statistics Information

2021
Unied Access Point Administrator’s Guide
Page 22

Section 4 - Managing the Access Point

Section 4 - Managing the Access Point
This section describes how to manage the UAP and contains the following subsections:
•) “Ethernet Settings and Management IPv6” on page 23
•) “Wireless Settings” on page 25
•) “Modifying Radio Settings” on page 26
•) “Conguring Radio and VAP Scheduler” on page 29
•) “Scheduler Association Settings” on page 31
•) “Virtual Access Point Settings” on page 32
•) “Conguring Wireless Multicast Forwarding” on page 38
•) “Conguring the Wireless Distribution System (WDS)” on page 38
•) “Controlling Access by MAC Authentication” on page 40
•) “Conguring Load Balancing” on page 42
•) “Conguring 802.1X Authentication” on page 44
•) “Application Identication” on page 45
The conguration pages for the features in this section are located under the Manage heading on the Administration Web UI.

Ethernet Settings and Management IPv6

The default wired interface settings, which include DHCP and VLAN information, might not work for all networks.

Ethernet Settings

The default wired interface settings, which include DHCP and VLAN information, might not work for all networks.
By default, the DHCP client on the UAP automatically broadcasts requests for network information. If you want to use a static IP address, you must disable the DHCP client and manually congure the IP address and other network
information.
The management VLAN is VLAN 1 by default. This VLAN is also the default untagged VLAN. If you already have
a management VLAN congured on your network with a different VLAN ID, you must change the VLAN ID of the
management VLAN on the AP.
Management IPv6 settings describe the IPv6 conguration of Management Interface. Use this page to congure the IPv6 admin mode, IPv6 auto-cong admin mode, connection type (DHCPv6 or Static IPv6 addressing) and DNS servers. By default, the DHCPv6 client on the UAP automatically broadcasts requests for network information. If you want to use a static IPv6 address, you must disable the DHCPv6 client and manually congure the Static IPv6 address and other network information.
To congure the LAN settings, click the Ethernet Settings tab.
2021
Unied Access Point Administrator’s Guide
Page 23

Figure 11 - Modify Ethernet (Wired) settings

Section 4 - Managing the Access Point
The following table describes the elds to view or congure on the Ethernet Settings page.
Field Description
Hostname Enter a hostname for the AP. The hostname appears in the CLI prompt.
•) The hostname has the following requirements:
•) The length must be between 1 – 63 characters.
•) Upper and lower case characters, numbers, and hyphens are accepted.
•) The rst character must be a letter (a – z or A – Z), and the last character cannot be a hyphen.
MAC Address Shows the MAC address for the LAN interface for the Ethernet port on this AP. This is a
read-only eld that you cannot change.
Management VLAN IDThe management VLAN is the VLAN associated with the IP address you use to access the
AP. The default management VLAN ID is 1. Provide a number between 1 and 4094 for the management VLAN ID.
Untagged VLAN If you disable the untagged VLAN, all trafc is tagged with a VLAN ID.
By default all trafc on the UAP uses VLAN 1, which is the default untagged VLAN. This means that all trafc is untagged until you disable the untagged VLAN, change the untagged trafc VLAN ID, or change the VLAN ID for a VAP or client using RADIUS.
Untagged VLAN ID Provide a number between 1 and 4094 for the untagged VLAN ID. Trafc on the VLAN that
you specify in this eld will not be tagged with a VLAN ID.
Connection Type If you select DHCP, the UAP acquires its IP address, subnet mask, DNS, and gateway
information from a DHCP server. If you select Static IP, you must enter information in the Static IP Address, Subnet Mask,
and Default Gateway elds.
Static IP Address Enter the static IP address in the text boxes. This eld is disabled if you use DHCP as the
connection type.
Subnet Mask Enter the Subnet Mask in the text boxes.
Default Gateway Enter the Default Gateway in the text boxes.
DNS Nameservers Select the mode for the DNS.
In Dynamic mode, the IP addresses for the DNS servers are assigned automatically via
DHCP. This option is only available if you specied DHCP for the Connection Type.
In Manual mode, you must assign static IP addresses to resolve domain names.
Link Aggregation Select the mode for the Link Aggregation.
In LACP mode, to negotiate LAG settings between the two connected devices. We
recommend using LACP mode instead of Static mode whenever both devices support LACP.
IPv6 Connection Type
If you select DHCPv6, the UAP acquires its IPv6 address, DNS, and gateway information from a DHCPv6 server. If you select Static IPv6, you must enter information in the Static IPv6 Address, Prex
length, and Default Gateway elds.
2021
Unied Access Point Administrator’s Guide
Page 24
Field Description
IPv6 Admin Mode Enable or disable IPv6 management access to the AP
IPv6 Auto Cong
Admin Mode
Static IPv6 Address Enter a static IPv6 address. The AP can have a static IPv6 address even if addresses have
Static IPv6 Address Prex Length
IPv6 Autocongured
Global Addresses
IPv6 Link Local
Address
Default IPv6 Gateway
IPv6 Domain Nameservers
Enable or disable IPv6 auto address conguration on the AP. When IPv6 Auto Cong Mode is enabled, automatic IPv6 address conguration and gateway conguration is allowed by processing the Router Advertisements received on the LAN port. The AP can have multiple auto congured IPv6 addresses.
already been congured automatically.
Enter the static IPv6 prex length, which is an integer in the range of 0 – 128.
If the AP has been assigned one or more IPv6 addresses automatically, the addresses are listed.
Shows the IPv6 Link Local address, which is the IPv6 address used by the local physical link. The link local address is not congurable and is assigned by using the IPv6 Neighbor
Discovery process.
Enter the default IPv6 gateway.
Select the mode for the DNS. In Dynamic mode, the IPv6 addresses for the DNS servers are assigned automatically via DHCPv6. This option is available only if DHCPv6 is selected for the Connection Type. In Manual mode, you must assign static IPv6 addresses to resolve domain names.

Table 11 - Ethernet Settings and Management IPv6

Section 4 - Managing the Access Point
Note: After you congure the wired settings, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that
you change AP settings when WLAN trafc is low.
Note: Management IPv6 is available as a separate tab in few models of DWL.

Wireless Settings

Wireless settings describe aspects of the local area network (LAN) related specically to the radio device in the access point (802.11 Mode and Channel) and to the network interface to the access point (MAC address for access point and Wireless Network name, also known as SSID).
To congure the wireless interface, click the Manage > Wireless Settings tab.

Figure 12 - Modify Wireless Settings

The following table describes the elds and conguration options available on the Wireless Settings page.
Unied Access Point Administrator’s Guide
2021
Page 25
Field Description
Radio Interface Specify whether you want the radio interface on or off.
MAC Address Indicates the Media Access Control (MAC) addresses for the interface. Dual-radio APs have
a unique MAC address for each radio. A MAC address is a permanent, unique hardware address for any device that represents an interface to the network. The MAC address is assigned by the manufacturer. You cannot change the MAC address. It is provided here for informational purposes as a unique identier for an interface.
Mode The Mode denes the Physical Layer (PHY) standard the radio uses.
Note: The modes available depend on the country code setting and the radio selected.
Select one of the following modes for 5GHz radio:
•) IEEE 802.11a
•) IEEE 802.11a/n
•) IEEE 802.11n
•) IEEE 802.11a/n/ac
•) IEEE 802.11n/ac
•) IEEE 802.11a/n/ac/ax (DWL-X8630AP) Select one of the following modes for 2.4GHz radio:
•) IEEE 802.11n
•) IEEE 802.11b/g
•) IEEE 802.11b/g/n
•) IEEE 802.11b/g/n/ax (DWL-X8630AP)
Channel Select the Channel.
The range of available channels is determined by the mode of the radio interface and the country code setting. If you select Auto for the channel setting, the AP scans available
channels and selects a channel where no trafc is detected. The Channel denes the portion of the radio spectrum the radio uses for transmitting and receiving. Each mode offers a number of channels, depending on how the spectrum is licensed by national and transnational authorities such as the Federal Communications Commission (FCC) or the International Telecommunication Union (ITU-R). When automatic channel assignment is enabled on the Channel Management page for
Clustering, the channel policy for the radio is automatically set to static mode, and the Auto
option is not available for the Channel eld. This allows the automatic channel feature to set
the channels for the radios in the cluster.
Station Isolation To enable Station Isolation, select the check box directly beside it.
When Station Isolation is disabled, wireless clients can communicate with one another
normally by sending trafc through the AP. When Station Isolation is enabled, the AP blocks communication between wireless clients on the same radio and VAP. The AP still allows data trafc between its wireless clients and wired devices on the network, across a WDS link, and with other wireless clients associated
with a different VAP, but not among wireless clients associated with the same VAP.

Table 12 - Wireless Settings

Section 4 - Managing the Access Point
Note: After you congure the wireless settings, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that
you change AP settings when WLAN trafc is low.

Modifying Radio Settings

Radio settings directly control the behaviour of the radio devices in the AP and its interaction with the physical medium; that is, how and what type of electromagnetic waves the AP emits.
To specify radio settings, click the Radio tab in the Manage section.
Different settings will be displayed depending on the mode you select. All settings are described in the table below.
Unied Access Point Administrator’s Guide
2021
Page 26
Section 4 - Managing the Access Point

Figure 13 - Modify Radio Settings

The following table describes the elds and conguration options for the Radio Settings page.
Field Description
Radio Select Radio 5GHz or 2.4GHz Radio to specify which radio to congure.
Status (On/O󰀨) Specify whether you want the radio on or off by clicking On or O󰀨.
If you turn off a radio, the AP sends disassociation frames to all the wireless clients it is currently supporting so that the radio can be gracefully shutdown and the clients can start the association process with other available APs.
MAC Address Indicates the Media Access Control (MAC) addresses for the interface. Dual-radio APs have
a unique MAC address for each radio.
Mode The Mode denes the Physical Layer (PHY) standard the radio uses.
Note: The modes available depend on the country code setting and the radio selected.
Select one of the following modes for 5GHz radio:
•) IEEE 802.11a
•) IEEE 802.11a/n
•) IEEE 802.11n
•) IEEE 802.11a/n/ac
•) IEEE 802.11n/ac
•) IEEE 802.11a/n/ac/ax (DWL-X8630AP) Select one of the following modes for 2.4GHz radio:
•) IEEE 802.11n
•) IEEE 802.11b/g
•) IEEE 802.11b/g/n
•) IEEE 802.11b/g/n/ax (DWL-X8630AP)
Channel Select the Channel.
The range of available channels is determined by the mode of the radio interface and the country code setting. If you select Auto for the channel setting, the AP scans available
channels and selects a channel where no trafc is detected. The channel denes the portion of the radio spectrum the radio uses for transmitting and receiving. Each mode offers a number of channels, depending on how the spectrum is licensed by national and transnational authorities such as the Federal Communications Commission (FCC) or the International Telecommunication Union (ITU-R). When automatic channel assignment is enabled on the Channel Management page for
Clustering, the channel policy for the radio is automatically set to static mode, and the Auto
option is not available for the Channel eld. This allows the automatic channel feature to set
the channels for the radios in the cluster.
2021
Unied Access Point Administrator’s Guide
Page 27
Field Description
Channel Bandwidth
(802.11n,
802.11ac and
802.11ax modes only)
Primary Channel (802.11n modes only)
Short Guard Interval
Supported
Protection The protection feature contains rules to guarantee that 802.11n transmissions do not cause
Beacon Interval Beacon frames are transmitted by an AP at regular intervals to announce the existence
DTIM Period Specify a DTIM period from 1 to 255 beacons.
RTS Threshold Specify a Request to Send (RTS) Threshold value between 0 and 2347.
The 802.11n specication allows a 40 MHz wide channel in addition to the legacy 20 MHz
channel available with other modes. The 40 MHz channel enables higher data rates but
leaves fewer channels available for use by other 2.4 GHz and 5 GHz devices. The 802.11ac/ax specication allows an 80 MHz-wide channel in addition to the 20 MHz and 40 MHz channels. Set the eld to 20 MHz to restrict the use of the channel bandwidth to a 20 MHz channel. For the 802.11ac/ax mode, set the eld to 40 MHz to prevent the radio from using the 80 MHz channel bandwidth.
This setting can be changed only when the channel bandwidth is set to 40 MHz. A 40 MHz channel can be considered to consist of two 20 MHz channels that are contiguous in the frequency domain. These two 20 MHz channels are often referred to as the Primary and Secondary channels. The Primary Channel is used for 802.11n clients that support only a 20 MHz channel bandwidth and for legacy clients.
Select one of the following options:
•) Lower — Set the Primary Channel as the lower 20 MHz channel in the 40 MHz band.
•) Upper — Set the Primary Channel as the upper 20 MHz channel in the 40 MHz band.
This eld is available only if the selected radio mode includes 802.11n. The guard interval is the dead time, in nanoseconds, between OFDM symbols. The guard interval prevents Inter-Symbol and Inter-Carrier Interference (ISI, ICI). The 802.11n mode allows for a reduction in this guard interval from the a and g denition of 800 nanoseconds
to 400 nanoseconds. Reducing the guard interval can yield a 10% improvement in data throughput. Select one of the following options:
•) Yes — The AP transmits data using a 400ns guard Interval when communicating with clients that also support the short guard interval.
•) No — The AP transmits data using an 800ns guard interval.
interference with legacy stations or APs. By default, these protection mechanisms are enabled (Auto). With protection enabled, protection mechanisms will be invoked if legacy devices are within range of the AP. This causes more overhead on every transmission, which will impact performance. However, there is no impact on performance if there are no legacy devices within range of the AP. You can disable (O󰀨) these protection mechanisms; however, when 802.11n protection is
off, legacy clients or APs within range can be affected by 802.11n transmissions. The 802.11 protection feature is also available when the mode is 802.11b/g. When protection is enabled in this mode, it protects 802.11b clients and APs from 802.11g transmissions.
Note: This setting does not affect the ability of the client to associate with the AP.
of the wireless network. The default behaviour is to send a beacon frame once every 100
milliseconds (or 10 per second).
Enter a value from 20 to 2000 milliseconds.
The Delivery Trafc Information Map (DTIM) message is an element included in some
Beacon frames. It indicates which client stations, currently sleeping in low-power mode,
have data buffered on the AP awaiting pick-up. The DTIM period you specify indicates how often the clients served by this AP should check for buffered data still on the AP awaiting pickup. The measurement is in beacons. For example, if you set this eld to 1, clients will check for buffered data on the AP at every beacon. If you set this eld to 10, clients will check on
every 10th beacon.
The RTS threshold indicates the number of octets in an MPDU, below which an RTS/CTS handshake is not performed. Changing the RTS threshold can help control trafc ow through the AP, especially one with a lot of clients. If you specify a low threshold value, RTS packets will be sent more frequently. This will consume more bandwidth and reduce the throughput of the packet. On the other hand, sending more RTS packets can help the network recover from interference or collisions which might occur on a busy network, or on a network experiencing
electromagnetic interference.
Section 4 - Managing the Access Point
2021
Unied Access Point Administrator’s Guide
Page 28
Field Description
Maximum Stations Specify the maximum number of stations allowed to access this AP at any one time.
You can enter a value between 0 and 200.
Transmit Power Enter a percentage value for the transmit power level for this AP.
The default value, which is 100%, can be more cost-efcient than a lower percentage since it gives the AP a maximum broadcast range and reduces the number of APs needed.
To increase capacity of the network, place APs closer together and reduce the value of the
transmit power. This helps reduce overlap and interference among APs. A lower transmit
power setting can also keep your network more secure because weaker wireless signals are less likely to propagate outside of the physical location of your network.
Fixed Multicast Rate Select the multicast trafc transmission rate you want the AP to support.
Legacy Rate Sets Check the transmission rate sets you want the AP to support and the basic rate sets you
want the AP to advertise:
•) Rates are expressed in megabits per second.
•) Supported Rate Sets indicate rates that the AP supports. You can check multiple rates
(click a check box to select or de-select a rate). The AP will automatically choose the most efcient rate based on factors like error rates and distance of client stations from
the AP.
•) Basic Rate Sets indicate rates that the AP will advertise to the network for the
purposes of setting up communication with other APs and client stations on the
network. It is generally more efcient to have an AP broadcast a subset of its
supported rate sets.
DHCP O󰀨er/ACK to
Unicast
Forced Roaming Enabling this feature will detect and disconnect wireless clients based on the client RSSI. If
Airtime Fairness The purpose of this is to enable/disable Airtime Fairness. This feature addresses the issue
Enabling this feature will convert BOOTP replies from DHCP server to Unicast and send to
the requesting wireless client.
the client RSSI falls below the roaming threshold value, the client will be disassociated.
Further association attempts will be monitored and disconnected 3 times if its RSSI is below
the threshold value. If still the client tries association 4th time, the association will be logged and allowed to connect.
of slower data transfers throttling the higher speed ones.
Section 4 - Managing the Access Point

Table 13 - Radio Settings

Use the Radio page to congure both Radio One and Radio Two. The settings on the page apply only to the radio that you choose from the Radio drop-down list. After you congure settings for one of the radios, click Apply and then select and congure the other radio. Be sure to click Apply to apply the second set of conguration settings for the
other radio.
Conguring Radio and VAP Scheduler
The Radio and VAP scheduler is a standalone AP feature. To congure the Radio and VAP scheduler, select the
Scheduler tab in the Manage section. The Radio and VAP Scheduler allows you to congure a rule with a specic time interval for VAPs or radios to be operational, thereby automating the enabling or disabling of the VAPs and Radios.
One of the ways you can use this feature is to schedule radios to operate only during the ofce working hours in order
to achieve security and reduce power consumption. You can also use the Scheduler to allow access to VAPs for
wireless clients only during specic times of day.
Each rule species the start time, end time and day (or days) of the week the radio or VAP can be operational. The rules are periodic in nature and are repeated every week.
A valid rule must contain all of the following parameters:
•) Days of the Week.
•) Start Time (hour and minutes).
•) End Time (hour and minutes).
2021
Unied Access Point Administrator’s Guide
Page 29
Section 4 - Managing the Access Point
Only valid rules are added to the prole. Up to 16 rules are grouped together to form a scheduling prole. Any two periodic rules time entries belonging to the same prole must not overlap. The time granularity for the schedules is one minute. The AP supports up to 16 proles.
Figure 14 - Scheduler Conguration
Field Description
Global Scheduler
A global switch to enable or disable the scheduler feature. The default is Disable.
Mode
Scheduler Operational Status
Status The operational status of the Scheduler. The range is Up or Down. The default is Down.
Reason Provides additional information about the status. The reason can be one or more of the
following:
•) IsActive – Operational status is up.
•) CongDown – Operational status is down because global conguration is disabled.
•) TimeNotSet – Operational status is down because the AP time has not been set,
either manually or by specifying an NTP server to use.
•) ManagedMode– Operational status is down because the AP is in managed mode.
Scheduler Prole The Scheduler prole denes the list of proles names that can be associated to the VAP or
Radio conguration. Rules are associated with a named scheduler prole. You can dene up to 16 scheduler prole names. By default, no proles are created. The prole name can be up to 32 alphanumeric characters. Click Add to add the prole
name.
Rule Conguration Each scheduler prole may have up to 16 periodic rules. The list of parameters for each
periodic rule are described below.
Select Prole Select the prole name from the menu.
Set Schedule The day of the week. Range is: Daily, Weekday (Monday to Friday), Weekend (Saturday
and Sunday), Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday. The default is Daily.
Start Time The time when the radio or VAP will be operationally enabled. The time is in HH:MM 24-hour
format. The range is <00-23>:<00-59>. The default is 00:00.
End Time The time when the radio or VAP will be operationally disabled. The time is in HH:MM 24-
hour format. The range is <00-23>:<00-59>. The default is 00:00.
Table 14 - Scheduler Conguration
After you select a prole from the Select Prole eld, the rules that have been added to the selected prole appear in the table below the Rule Conguration area. When you add a new rule to a prole, it appears in the table. Use the Modify Rule and Remove Rule buttons to manage the rules associated with a prole.
Use the following buttons to perform their respective tasks:
•) Add: To add a scheduler prole, specify the name of the prole in the appropriate eld and click Add.
Unied Access Point Administrator’s Guide
2021
Page 30
•) Remove: To remove a scheduler prole, select it from the Select Prole eld in the Rule Conguration table and
click Remove.
•) Add Rule: After you congure the rule settings, click Add Rule to add the rule to the selected prole.
•) Modify Rule: To change an existing rule, select the rule, update the values in the Rule Conguration area, and click Modify Rule.
•) Remove Rule: To delete a rule from a prole, select the rule and click Remove Rule.
•) Apply: After making any modications to the rules, click Apply to apply the changes and to save the settings.
Section 4 - Managing the Access Point
Figure 15 - Scheduler Conguration (Modify Rule)
Click Apply to save the new conguration settings.
Note: After making any modications, you must click Apply to apply the changes and to save the
settings.

Scheduler Association Settings

For a Scheduler prole to take effect, you must associate it with at least one radio or VAP interface. To associate the Scheduler proles, select the Scheduler Association tab in the Manage section. By default, there are no Scheduler proles created, so no prole is associated to any radio or VAP. The Scheduler prole needs to be explicitly associated to a radio or VAP conguration. Only one Scheduler prole can be associated to any radio or VAP conguration; however, a single prole can be associated to multiple radios or VAPs. If the Scheduler prole associated with a VAP or radio is deleted, then the associated prole to the VAP or radio is removed implicitly. If the radio is operationally
disabled, then all the VAPs associated to that radio are also operationally disabled irrespective of the VAP
conguration.
2021
Unied Access Point Administrator’s Guide
Page 31

Figure 16 - Scheduler Association Settings

Field Description
Radio Scheduler Prole Operational Status
5GHz or 2.4GHz From the menu, select the Scheduler prole to associate with 5GHz Radio or 2.4GHz Radio.
Scheduler Prole From the menu, select the Scheduler prole to associate with the Radio.
Status The operational status of the Scheduler, which is either Up or Down.
VAP Scheduler Prole Operational Status
Radio From the menu, select 5GHz Radio or 2.4GHz Radio to associate the VAP Scheduler
Prole.
VAP Identies the VAP associated with the rest of the information in the row.
0-15 or Scheduler Prole
Operational Status The operational status of the Scheduler. The range is Up or Down.
From the menu, select the Scheduler prole to associate with the respective VAP.

Table 15 - Scheduler Association Settings

Section 4 - Managing the Access Point
Note: After you associate a Scheduler prole with a Radio interface or a VAP interface, you must click Apply to apply the changes and to save the settings.

Virtual Access Point Settings

To change VAP 0 or to enable and congure additional VAPs, select the VAP tab in the Manage section.
VAPs segment the wireless LAN into multiple broadcast domains that are the wireless equivalent of Ethernet VLANs. VAPs simulate multiple APs in one physical AP. Each radio supports up to 16 VAPs.
For each VAP, you can customize the security mode to control wireless client access. Each VAP can also have a unique SSID. Multiple SSIDs make a single AP look like two or more APs to other systems on the network. By conguring VAPs, you can maintain better control over broadcast and multicast trafc, which affects network
performance.
You can congure each VAP to use a different VLAN, or you can congure multiple VAPs to use the same VLAN,
whether the VLAN is on the same radio or on a different radio. VAP0, which is always enabled on both radios, is assigned to the default VLAN 1.
The AP adds VLAN ID tags to wireless client trafc based on the VLAN ID you congure on the VAP page or by using the RADIUS server assignment. If you use an external RADIUS server, you can congure multiple VLANs on each
2021
Unied Access Point Administrator’s Guide
Page 32
Section 4 - Managing the Access Point
VAP. The external RADIUS server assigns wireless clients to the VLAN when the clients associate and authenticate.
You can congure up to four global IPv4 or IPv6 RADIUS servers. One of the servers always acts as a primary while the others act as backup servers. The network type (IPv4 or IPv6) and accounting mode are common across all congured RADIUS servers. You can congure each VAP to use the global RADIUS server settings, which is the default, or you can congure a per-VAP RADIUS server set. You can also congure separate RADIUS server settings for each VAP. For example, you can congure one VAP to use an IPv6 RADIUS server while other VAPs use the global IPv4 RADIUS server settings you congure.
If wireless clients use a security mode that does not communicate with the RADIUS server, or if the RADIUS server does not provide the VLAN information, you can assign a VLAN ID to each VAP. The AP assigns the VLAN to all wireless clients that connect to the AP through that VAP.
Note: Before you congure VLANs on the AP, be sure to verify that the switch and DHCP server the AP uses can support IEEE 802.1Q VLAN encapsulation.
To set up multiple VAPs, click Manage > VAP.

Figure 17 - Modify Virtual Access Point Settings

The following table describes the elds and conguration options on the VAP page.
Field Description
RADIUS IP Address
Type
Specify the IP version that the RADIUS server uses. You can toggle between the address types to congure IPv4 and IPv6 global RADIUS address settings, but the AP contacts only the RADIUS server or servers for the address
type you select in this eld.
RADIUS IP Address
Enter the IPv4 or IPv6 address for the primary global RADIUS server. By default, each VAP uses the global RADIUS settings that you dene for the AP at the top of the VAP page.
RADIUS IPv6
Address
When the rst wireless client tries to authenticate with the AP, the AP sends an
authentication request to the primary server. If the primary server responds to the authentication request, the AP continues to use this RADIUS server as the primary server, and authentication requests are sent to the address you specify. If the IPv4 RADIUS IP Address Type option is selected in the previous eld, enter the IP
address of the RADIUS server that all VAPs use by default, for example 192.168.10.23.
If the IPv6 RADIUS IP Address Type option is selected, enter the IPv6 address of the
primary global RADIUS server, for example 2001:0db8:1234::abcd.
2021
Unied Access Point Administrator’s Guide
Page 33
Field Description
RADIUS IP or IPv6
Address 1–3
RADIUS Key Enter the RADIUS key in the text box.
RADIUS Key 1–3 Enter the RADIUS key associated with the congured backup RADIUS servers. The server
Enable RADIUS Accounting
Enable RADIUS FailThrough
Radio Select the radio to congure. VAPs are congured independently on each radio.
VAP You can congure up to 16 VAPs for each radio. VAP0 is the physical radio interface, so to
Enabled You can enable or disable a congured network.
VLAN ID When a wireless client connects to the AP by using this VAP, the AP tags all trafc from the
SSID Enter a name for the wireless network. The SSID is an alphanumeric string of up to 32
Enter up to three IPv4 or IPv6 addresses to use as the backup RADIUS servers. The eld
label is RADIUS IP Address when the IPv4 RADIUS IP Address Type option is selected and RADIUS IPv6 Address when the IPv6 RADIUS IP Address Type option is selected.
If authentication fails with the primary server, each congured backup server is tried in
sequence. The IPv4 or IPv6 address must be valid in order for the AP to attempt to contact the server.
The RADIUS Key is the shared secret key for the global RADIUS server. You can use up to
63 standard alphanumeric and special characters. The key is case sensitive, and you must congure the same key on the AP and on your RADIUS server. The text you enter will be displayed as “*” characters to prevent others from seeing the RADIUS key as you type.
at RADIUS IP Address-1 uses RADIUS Key-1, RADIUS IP Address-2 uses RADIUS Key-2,
and so on.
Select this option to track and measure the resources a particular user has consumed
such as system time, amount of data transmitted and received, and so on. If you enable RADIUS accounting, it is enabled for the primary RADIUS server and all
backup servers.
Select this option to allow the secondary RADIUS server to authenticate wireless clients if the authentication with the primary RADIUS server is unsuccessful, or if the primary RADIUS server is unavailable.
disable VAP0, you must disable the radio.
•) To enable the specied network, select the Enabled option beside the appropriate VA P.
•) To disable the specied network, clear the Enabled option beside the appropriate VAP.
If you disable the specied network, you will lose the VLAN ID you entered.
wireless client with the VLAN ID you enter in this eld unless you enter the untagged VLAN
ID or use a RADIUS server to assign a wireless client to a VLAN. The range for the VLAN ID is 1 – 4094. If you use RADIUS-based authentication for clients, you can optionally add the following
attributes to the appropriate le in the RADIUS or AAA server to congure a VLAN for the
client:
•) “Tunnel-Type”
•) “Tunnel-Medium-Type”
•) “Tunnel-Private-Group-ID”
The RADIUS-assigned VLAN ID overrides the VLAN ID you congure on the VAP page. You congure the untagged and management VLAN IDs on the Ethernet Settings page. For
more information, see “Ethernet Settings” on page 23.
characters. You can use the same SSID for multiple VAPs, or you can choose a unique SSID for each VAP. Note: If you are connected as a wireless client to the same AP that you are administering, resetting the SSID will cause you to lose connectivity to the AP. You will need to reconnect to the new SSID after you save this new setting.
Section 4 - Managing the Access Point
2021
Unied Access Point Administrator’s Guide
Page 34
Field Description
Broadcast SSID Specify whether to allow the AP to broadcast the Service Set Identier (SSID) in its beacon
frames. The Broadcast SSID parameter is enabled by default. When the VAP does not
broadcast its SSID, the network name is not displayed in the list of available networks on a client station. Instead, the client must have the exact network name congured in the
supplicant before it is able to connect.
•) To enable the SSID broadcast, select the Broadcast SSID check box.
•) To prohibit the SSID broadcast, clear the Broadcast SSID check box.
Note: Disabling the broadcast SSID is sufcient to prevent clients from accidentally connecting to your network, but it will not prevent even the simplest of attempts by a hacker to connect or monitor unencrypted trafc. Suppressing the SSID broadcast offers a very minimal level of protection on an otherwise exposed network (such as a guest network) where the priority is making it easy for clients to get a connection and where no sensitive
information is available.
Security Select one of the following Security modes for this VAP:
•) None
•) WPA Personal
•) WPA Enterprise
•) OWE
If you select a security mode other than None, additional elds appear. These elds are
explained below.
Note: The Security mode you set here is specically for this VAP.
MAC Authentication
Type
You can congure a global list of MAC addresses that are allowed or denied access to the network. The drop-down menu for this feature allows you to select the type of MAC
Authentication to use:
•) Disabled: Do not use MAC Authentication.
•) Local: Use the MAC Authentication list that you congure on the MAC Authentication
page.
•) RADIUS: Use the MAC Authentication list on the external RADIUS server.
For more information about MAC Authentication, see “Controlling Access by MAC
Authentication” on page 40.

Table 16 - Virtual Access Point Settings

Section 4 - Managing the Access Point
Note: After you congure the VAP settings, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that you change
AP settings when WLAN trafc is low.

None (Plain-text)

If you select None as your security mode, no further options are congurable on the AP. This mode means that any data transferred to and from the UAP is not encrypted. This security mode can be useful during initial network conguration or for problem solving, but it is not recommended for regular use on the Internal network because it is
not secure.

WPA Personal

WPA Personal is a Wi-Fi Alliance IEEE 802.11i standard, which includes AES-CCMP and TKIP mechanisms. The Personal version of WPA employs a pre-shared key (instead of using IEEE 802.1X and EAP as is used in the Enterprise WPA security mode). The PSK is used for an initial check of credentials only.
This security mode is backwards-compatible for wireless clients that support the original WPA.
2021
Unied Access Point Administrator’s Guide
Page 35

Figure 18 - Modify Virtual Access Point Settings (WPA Personal)

Field Description
WPA Versions Select the types of client stations you want to support:
•) WPA. If all client stations on the network support the original WPA but none
support the newer WPA2/3, then select WPA.
•) WPA2. If all client stations on the network support WPA2, it provides the security per the IEEE 802.11i standard.
•) WPA3. If all client stations on the network support WPA3, we suggest using WPA3 which provides the cutting-edge security protocols, enables more robust authentication, delivers increased cryptographic strength for your network.
•) WPA2 and WPA3. If you have a mix of clients, some of which support WPA3 and others which support only the original WPA2, select both of the check boxes.
This lets both WPA2 and WPA3 client stations associate and authenticate, but uses the more robust WPA3 for clients who support it.
Key The Pre-shared Key is the shared secret key for WPA Personal. Enter a string of at least 8
characters to a maximum of 63 characters. Acceptable characters include upper and lower case alphabetic letters, the numeric digits, and special symbols such as @ and #.
Broadcast Key
Refresh Rate
Enter a value to set the interval at which the broadcast (group) key is refreshed for clients
associated to this VAP (the default is 3600).
The valid range is 0–86400 seconds. A value of 0 indicates that the broadcast key is not
refreshed.

Table 17 - WPA Personal

Section 4 - Managing the Access Point
Note: After you congure the security settings, you must click Apply to apply the changes and to save the settings.

WPA Enterprise

WPA Enterprise with RADIUS is an implementation of the Wi-Fi Alliance IEEE 802.11i standard, which includes CCMP (AES), and TKIP mechanisms. The Enterprise mode requires the use of a RADIUS server to authenticate users.
This security mode is backwards-compatible with wireless clients that support the original WPA.

Figure 19 - Modify Virtual Access Point Settings (WPA Enterprise)

2021
Unied Access Point Administrator’s Guide
Page 36
Section 4 - Managing the Access Point
Field Description
WPA Versions Select the types of client stations you want to support:
•) WPA. If all client stations on the network support the original WPA but none
support the newer WPA2/3, then select WPA.
•) WPA2. If all client stations on the network support WPA2, it provides the security per the IEEE 802.11i standard.
•) WPA3. If all client stations on the network support WPA3, we suggest using WPA3 which provides the cutting-edge security protocols, enables more robust authentication, delivers increased cryptographic strength for your network.
Use Global RADIUS
Server Settings
By default each VAP uses the global RADIUS settings that you dene for the AP at the top of the VAP page. However, you can congure each VAP to use a different set of RADIUS
servers.
To use the global RADIUS server settings, make sure the check box is selected. To use a separate RADIUS server for the VAP, clear the check box and enter the RADIUS server IP address and key in the following elds.
RADIUS IP Address
Type
Specify the IP version that the RADIUS server uses. You can toggle between the address types to congure IPv4 and IPv6 global RADIUS address settings, but the AP contacts only the RADIUS server or servers for the address
type you select in this eld.
RADIUS IP Address
Enter the IPv4 or IPv6 address for the primary RADIUS server for this VAP. If the IPv4 RADIUS IP Address Type option is selected in the previous eld, enter the IP
RADIUS IPv6
Address
address of the RADIUS server that all VAPs use by default, for example 192.168.10.23.
If the IPv6 RADIUS IP Address Type option is selected, enter the IPv6 address of the
primary global RADIUS server, for example 2001:0db8:1234::abcd.
RADIUS IP or IPv6
Address 1–3
Enter up to three IPv4 and/or IPv6 addresses to use as the backup RADIUS servers for this VAP. The eld label is RADIUS IP Address when the IPv4 RADIUS IP Address Type option
is selected and RADIUS IPv6 Address when the IPv6 RADIUS IP Address Type option is selected.
If authentication fails with the primary server, each congured backup server is tried in
sequence.
RADIUS Key Enter the RADIUS key in the text box.
The RADIUS Key is the shared secret key for the global RADIUS server. You can use up to 63 standard alphanumeric and special characters. The key is case sensitive, and you must congure the same key on the AP and on your RADIUS server. The text you enter will be displayed as “*” characters to prevent others from seeing the RADIUS key as you type.
RADIUS Key 1–3 Enter the RADIUS key associated with the congured backup RADIUS servers. The server
at RADIUS IP Address-1 uses RADIUS Key-1, RADIUS IP Address-2 uses RADIUS Key-2,
and so on.
Enable RADIUS Accounting
Select this option to track and measure the resources a particular user has consumed
such as system time, amount of data transmitted and received, and so on. If you enable RADIUS accounting, it is enabled for the primary RADIUS server and all
backup servers.
Active Server Specify which congured RADIUS server to use as the active RADIUS server.
Broadcast Key
Refresh Rate
Enter a value to set the interval at which the broadcast (group) key is refreshed for clients
associated to this VAP (the default is 3600).
The valid range is 0–86400 seconds. A value of 0 indicates that the broadcast key is not
refreshed.
Session Key
Refresh Rate
Enter a value to set the interval at which the AP will refresh session (unicast) keys for each
client associated to the VAP.
The valid range is 0–86400 seconds. A value of 0 indicates that the broadcast key is not
refreshed.

Table 18 - WPA Enterprise

2021
Note: After you congure the security settings, you must click Apply to apply the changes and to save the settings.
Unied Access Point Administrator’s Guide
Page 37
Section 4 - Managing the Access Point
Conguring Wireless Multicast Forwarding
The Wireless Multicast Forwarding provides an efcient way to forward the multicast trafc on the wireless medium
and overcomes the multicast transmission issues on WLAN using the repeated unicast of multicast frames. It
uses IGMP frames to keep track of participating group members, and multicast packets are transmitted only to the interested members after unicast MAC conversion . With WMF, the data transfer is more reliable as the frames are sent as unicast, and robust transmission is possible as dynamic per station rate control can be done based on the link errors and noise conditions. The multicast group
members can be a STA end point. Streaming between STA devices will also be supported. The multicast streaming server can be attached to any of the LAN ports.

Figure 20 - Wireless Multicast Forwarding

Field Description
VAP •) You can congure up to 16 VAPs for each radio.
•) VAP0 is the physical radio interface, so to disable VAP0, you must disable the radio.
Enabled You can enable or disable a congured network. If you disable the specied network, you
will lose the VLAN ID you enabled
WMF-Enable Enable/Disable the WMF status in a VAP.

Table 19 - Wireless Multicast Forwarding

Conguring the Wireless Distribution System (WDS)
The Wireless Distribution System (WDS) allows you to connect multiple UAPs. With WDS, APs communicate with one another without wires in a standardized way. This capability is critical in providing a seamless experience for roaming
clients and for managing multiple wireless networks. It can also simplify the network infrastructure by reducing the amount of cabling required. You can congure the AP in point-to-point or point-to-multipoint bridge mode based on the number of links to connect.
In the point-to-point mode, the AP accepts client associations and communicates with wireless clients and other
repeaters. The AP forwards all trafc meant for the other network over the tunnel that is established between the APs. The bridge does not add to the hop count. It functions as a simple OSI layer 2 network device.
In the point-to-multipoint bridge mode, one AP acts as the common link between multiple APs. In this mode, the
central AP accepts client associations and communicates with the clients and other repeaters. All other APs associate
only with the central AP that forwards the packets to the appropriate wireless bridge for routing purposes.
The UAP can also act as a repeater. In this mode, the AP serves as a connection between two APs that might be too far apart to be within cell range. When acting as a repeater, the AP does not have a wired connection to the LAN
Unied Access Point Administrator’s Guide
2021
Page 38
Section 4 - Managing the Access Point
and repeats signals by using the wireless connection. No special conguration is required for the AP to function as a
repeater, and there are no repeater mode settings. Wireless clients can still connect to an AP that is operating as a repeater.
Note: When you move an AP from Standalone Mode to Managed Mode, WDS is disabled. In Managed Mode, you congure the AP by using the D-Link Unied Wireless Switch. The Administrator UI, as well as Telnet, SSH, and SNMP access are disabled when the AP is in Managed Mode.
To specify the details of trafc exchange from this access point to others, click the WDS tab.
Figure 21 - Congure WDS Bridges
Before you congure WDS on the AP, note the following guidelines:
•) When using WDS, be sure to congure WDS settings on both APs participating in the WDS link.
•) You can have only one WDS link between any pair of APs. That is, a remote MAC address may appear only once on the WDS page for a particular AP.
•) Both APs participating in a WDS link must be on the same Radio channel and using the same IEEE 802.11 mode. (See “Modifying Radio Settings” on page 26 for information on conguring the Radio mode and channel.)
•) When 802.11h is operational, setting up two WDS links can be difcult.
To congure WDS on this AP, describe each AP intended to receive handoffs and send information to this AP. For each destination AP, congure the elds listed in the table below.
Field Description
Spanning Tree Mode
Spanning Tree Protocol (STP) prevents switching loops. STP is recommended if you
congure WDS links.
Select Enabled to use STP Select Disabled to turn off STP links (not recommended)
Radio For each WDS link on a two-radio AP, select 5GHz Radio or 2.4GHz Radio. The rest of the
settings for the link apply to the radio selected in this eld. The read-only Local Address will change depending on which Radio you select in this eld.
Local Address Indicates the MAC addresses for this AP.
For each WDS link on a two-radio AP, the Local Address reects the MAC address for the
internal interface on the selected radio (Radio One on wlan0 or Radio Two on wlan1).
2021
Unied Access Point Administrator’s Guide
Page 39
Field Description
Remote Address Specify the MAC address of the destination AP; that is, the AP on the other end of the WDS
link to which data will be sent or handed-off and from which data will be received. Click the drop-down arrow to the right of the Remote Address eld to see a list of all the available MAC Addresses and their associated SSIDs on the network. Select the appropriate MAC address from the list.
Note: The SSID displayed in the drop-down list is simply to help you identify the correct
MAC Address for the destination AP. This SSID is a separate SSID to that which you set for the WDS link. The two do not (and should not) be the same value or name.
Encryption You can use None or WPA on the WDS link.
If you are unconcerned about security issues on the WDS link you may decide not to set
any type of encryption.

Table 20 - WDS Settings

If you select None as your preferred WDS encryption option, you will not be asked to ll in any more elds on the
WDS page. All data transferred between the two APs on the WDS link will be unencrypted.
Note: To disable a WDS link, you must remove the value congured in the Remote Address eld.
Section 4 - Managing the Access Point

WPA/PSK on WDS Links

The following table describes the additional elds that appear when you select WPA/PSK as the encryption type.
Note: In order to congure WPA-PSK on any WDS link, VAP0 of the selected radio must be congured for WPA-PSK or WPA-Enterprise.
Field Description
Encryption WPA (PSK)
SSID Enter an appropriate name for the new WDS link you have created. This SSID should be
different from the other SSIDs used by this AP. However, it is important that the same SSID
is also entered at the other end of the WDS link. If this SSID is not the same for both APs on the WDS link, they will not be able to communicate and exchange data.
The SSID can be any alphanumeric combination.
Key Enter a unique shared key for the WDS bridge. This unique shared key must also be
entered for the AP at the other end of the WDS link. If this key is not the same for both APs,
they will not be able to communicate and exchange data.
The WPA-PSK key is a string of at least 8 characters to a maximum of 63 characters.
Acceptable characters include upper and lower case alphabetic letters, the numeric digits, and special symbols such as @ and #.

Table 21 - WPA/PSK on WDS Links

Note: After you congure the WDS settings, you must click Apply to apply the changes and
to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that
you change AP settings when WLAN trafc is low.

Controlling Access by MAC Authentication

A Media Access Control (MAC) address is a hardware address that uniquely identies each node of a network. All IEEE 802 network devices share a common 48-bit MAC address format, usually displayed as a string of 12 hexadecimal digits separated by colons, for example 00:DC:BA:09:87:65. Each wireless network interface card (NIC) used by a wireless client has a unique MAC address.
Unied Access Point Administrator’s Guide
2021
Page 40
You can use the Administrator UI on the AP or use an external RADIUS server to control access to the network through the AP based on the MAC address of the wireless client. This feature is called MAC Authentication or MAC Filtering. To control access, you congure a global list of MAC addresses locally on the AP or on an external RADIUS server. Then, you set a lter to specify whether the clients with those MAC addresses are allowed or denied access to the network. When a wireless client attempts to associate with an AP, the AP looks up the MAC address of the client
in the local Stations List or on the RADIUS server. If it is found, the global allow or deny setting is applied. If it is not found, the opposite is applied.
On the VAP page, the MAC Authentication Type setting controls whether the AP uses the station list congured locally on the MAC Authentication page or the external RADIUS server. The Allow/Block lter setting on the MAC
Authentication page determines whether the clients in the station list (local or RADIUS) can access the network through the AP. For more information about setting the MAC authentication type, see “Virtual Access Point Settings”
on page 32.
Section 4 - Managing the Access Point
Conguring a MAC Filter and Station List on the AP
The MAC Authentication page allows you to control access to UAP based on MAC addresses. Based on how you set the lter, you can allow only client stations with a listed MAC address or deny access to the stations listed.
When you enable MAC Authentication and specify a list of approved MAC addresses, only clients with a listed MAC address can access the network. If you specify MAC addresses to deny, all clients can access the network except for
the clients on the deny list.
To enable ltering by MAC address, click the MAC Authentication tab.
Figure 22 - Congure MAC Authentication
Note: Global MAC Authentication settings apply to all VAPs on all supported radios.
The following table describes the elds and conguration options available on the MAC Authentication page.
Field Description
Filter To set the MAC Address Filter, select one of the following options:
•) Allow only stations in the list. Any station that is not in the Stations List is denied
access to the network through the AP.
•) Block all stations in list. Only the stations that appear in the list are denied access to
the network through the AP. All other stations are permitted access.
Note: The lter you select is applied to the clients in the station list, regardless of whether
that station list is local or on the RADIUS server.
2021
Unied Access Point Administrator’s Guide
Page 41
Field Description
Stations List This is the local list of clients that are either permitted or denied access to the network
through the AP. To add a MAC Address to the local Stations List, enter its 48-bit MAC address into the lower text boxes, then click Add.
To remove a MAC Address from the Stations List, select its 48-bit MAC address, then click Remove.
The stations in the list will either be allowed or denied access based on how you set the lter in the previous eld. Note: If the MAC authentication type for the VAP is set to Local, the AP uses the Stations List to permit or deny the clients access to the network. If the MAC authentication type is set to RADIUS, the AP ignores the MAC addresses congured in this list and uses the list that is stored on the RADIUS server. The MAC authentication type is set on the VAP conguration
page.

Table 22 - MAC Authentication

Note: After you congure local MAC Authentication settings, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We
recommend that you change AP settings when WLAN trafc is low.
Section 4 - Managing the Access Point
Conguring MAC Authentication on the RADIUS Server
If you use RADIUS MAC authentication for MAC-based access control, you must congure a station list on the RADIUS server. The station list contains client MAC address entries, and the format for the list is described in the
following table.
RADIUS Server Attribute Description Value
User-Name (1) MAC address of the client station. Valid Ethernet MAC Address.
User-Password (2) A xed global password used to
lookup a client MAC entry.

Table 23 - RADIUS Server Attributes for MAC Authentication

NOPASSWORD
Conguring Load Balancing
You can set network utilization thresholds on the UAP to maintain the speed and performance of the wireless network
as clients associate and disassociate with the AP. The load balancing settings apply to all supported radios.
To congure load balancing and set limits and behaviour to be triggered by a specied utilization rate of the access point, click the Load Balancing tab and update the elds shown in the following gure.

Figure 23 - Modify Load Balancing Settings

Field Description
Load Balancing Enable or disable load balancing:
To enable load balancing on this AP, click Enable. To disable load balancing on this AP, click Disable.
Utilization for No New Associations
2021
Provide the percentage of network bandwidth utilization allowed on the radio before the AP
stops accepting new client associations. The default is 0, which means that all new associations will be allowed regardless of the utilization rate.
Unied Access Point Administrator’s Guide
Page 42

Table 24 - Load Balancing

Note: After you congure the load balancing settings, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that
you change AP settings when WLAN trafc is low.
Section 4 - Managing the Access Point

Managed Access Point Overview

The UAP can operate in two modes: Standalone Mode or Managed Mode. In Standalone Mode, the UAP acts as an individual AP in the network, and you manage it by using the Administrator Web User Interface (UI), CLI, or SNMP. In Managed Mode, the UAP is part of the D-Link Unied Wired and Wireless System, and you manage it by using the D-Link Unied Wireless Switch. If an AP is in Managed Mode, the Administrator Web UI, Telnet, SSH, and SNMP
services are disabled.
On the UAP, you can congure the IP addresses of up to four D-Link Unied Wireless Switches that can manage it. In
order to manage the AP, the switch and AP must discover each other. There are multiple ways for a switch to discover
an AP. Adding the IP address of the switch to the AP while it is in Standalone Mode is one way to enable switch-to-AP
discovery.

Transition Between Modes

Every 30 seconds, the D-Link Unied Wireless Switch sends a keepalive message to all of the access points it manages. Each AP checks for the keepalive messages on the SSL TCP connection. As long as the AP maintains communication with the switch through the keepalive messages, it remains in Managed Mode.
If the AP does not receive a message within 45 seconds of the last keepalive message, the AP assumes the switch has failed and terminates its TCP connection to the switch, and the AP enters Standalone Mode.
Once the AP transitions to Standalone Mode, it continues to forward trafc without any loss. The AP uses the conguration on the VAPs congured in VLAN Forwarding mode (the standard, non-tunneled mode).
While the AP is in Standalone Mode, you can manage it by using the Web interface or the CLI (through Telnet or
SSH).
For any clients that are connected to the AP through tunneled VAPs, the AP sends disassociate messages and
disables the tunneled VAPs.
As long as the Managed AP Administrative Mode is set to Enabled, the AP starts discovery procedures. If the AP
establishes a connection with a wireless switch, which may or may not be the same switch it was connected to
before, the switch sends the AP its conguration and the AP sends the wireless switch information about all currently
associated clients.
After the conguration from the switch is applied, the AP radio(s) restart. Client trafc is briey interrupted until the
radio(s) are up and the clients are re-associated.
Conguring Managed Access Point Settings
To add the IP address of a D-Link Unied Wireless Switch to the AP, click the Managed Access Point tab under the Manage heading and update the elds shown in the table below.
Unied Access Point Administrator’s Guide
2021
Page 43
Figure 24 - Congure Managed AP Wireless Switch Parameters
Field Description
Managed AP
Administrative
Mode
Switch IP Address
(1-4)
Base IP Port The starting IP port number used by the wireless feature (in a range of 10 consecutive port
Pass Phrase Select the Edit option and enter a passphrase to allow the AP to authenticate itself with the
Click Enabled to allow the AP and switch to discover each other. If the AP successfully authenticates itself with a wireless switch, you will not be able to access the Administrator UI.
Click Disabled to prevent the AP from contacting wireless switches.
Enter the IP address of up to four wireless switches that can manage the AP. You can
enter the IP address in dotted format or as an DNS name.
You can view a list of wireless switches on your network that were congured by using a
DHCP server.
The AP attempts to contact Switch IP Address 1 rst.
numbers). Only the rst number in the range is congurable. The default value is 57775 (through 57784).
Note: When the wireless Base IP Port number is changed on the switch, the wireless feature is automatically disabled and re-enabled. The new value is not sent as part of the
global switch conguration in the cluster conguration distribution command; every switch in the cluster must be congured independently with the new Wireless IP port number.
Note: When the wireless Base IP Port number is changed from its default value on the switch, it must also be changed on the Access Points.
wireless switch. The passphrase must be between 8 and 63 characters. To remove the password, select Edit, delete the existing password, and then click Apply. You must congure the same passphrase on the switch.

Table 25 - Managed Access Point

Section 4 - Managing the Access Point
Note: After you congure the settings on the Managed Access Point page, you must click Apply
to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity.
We recommend that you change AP settings when WLAN trafc is low.
If the UAP successfully authenticates with a D-Link Unied Wireless Switch, you will loose access to the AP through
the Administrator UI.
Conguring 802.1X Authentication
On networks that use IEEE 802.1X, port-based network access control, a supplicant (client) cannot gain access to the network until the 802.1X authenticator grants access. If your network uses 802.1X, you must congure 802.1X
authentication information that the AP can supply to the authenticator.
To congure the UAP 802.1X supplicant user name and password by using the Web interface, click the Authentication tab and congure the elds shown in the table below.
2021
Unied Access Point Administrator’s Guide
Page 44

Figure 25 - Modify 802.1X Supplicant Authentication Settings

Field Description
802.1X Supplicant Click Enabled to enable the Administrative status of the 802.1X Supplicant. Click Disabled to disable the Administrative status of the 802.1X Supplicant.
EAP Method MD5 as default.
Username Enter the user name for the AP to use when responding to requests from an 802.1X
authenticator. The user name can be 1 to 64 characters in length. ASCII printable characters are allowed, which includes upper and lower case alphabetic letters, the numeric digits, and special symbols such as @ and #.
Password Enter the password for the AP to use when responding to requests from an 802.1X
authenticator. The password can be 1 to 64 characters in length. ASCII printable characters are allowed, which includes upper and lower case letters, numbers, and special symbols such as @ and #.

Table 26 - IEEE 802.1X Supplicant Authentication

Section 4 - Managing the Access Point
Note: After you congure the settings on the Authentication page, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We
recommend that you change AP settings when WLAN trafc is low.
Application Identication
The library package auto upgrade settings, automatically check the latest application library version based on given
time interval. Note: In managed mode, the controller will still sync the latest library version and request AP to upgrade latest library even the auto upgrade is disabled in the standalone mode.
Figure 26 - Application Identication
2021
Unied Access Point Administrator’s Guide
Page 45
Section 5 - Conguring Access Point Services
Section 5 - Conguring Access Point Services
This section describes how to congure services on the UAP and contains the following subsections:
•) “Web Server Settings” on page 46
•) “Setting the SSH Status” on page 46
•) “Setting the Telnet Status” on page 47
•) “Conguring Quality of Service” on page 47
•) “Conguring SNMP on the Access Point” on page 48
•) “Enabling the Time Settings (NTP)” on page 50

Web Server Settings

The AP can be managed through HTTP or secure HTTP (HTTPS) sessions. By default both HTTP and HTTPS access
are enabled. Either access type can be disabled separately.
To congure Web server settings, click Web Server tab.
Figure 27 - Congure Web Server Settings
Field Description
HTTPS Server
Status
HTTP Server Status Enable or disable access through HTTP. This setting is independent of the HTTPS server
HTTP Port Specify the port number for HTTP trafc (default is 80).
HTTPS Port Specify the port number for HTTPS trafc (default is 443).
Maximum Sessions When a user logs on to the AP web interface, a session is created. This session is
Session Timeout Enter the maximum amount of time, in minutes, an inactive user remains logged on to the
Enable or disable access through a Secure HTTP Server (HTTPS).
status setting.
maintained until the user logs off or the session inactivity timer expires.
Enter the number web sessions, including both HTTP and HTTPs, that can exist at the same
time. The range is 1–10 sessions. If the maximum number of sessions is reached, the next user who attempts to log on to the AP web interface receives an error message about the session limit.
AP web interface. When the congured timeout is reached, the user is automatically logged
off the AP. The range is 1–1440 minutes (1440 minutes = 1 day).

Table 27 - Web Server Settings

Note: Click Apply to apply the changes and to save the settings. If you disable the protocol you
are currently using to access the AP management interface, the current connection will end and you will not be able to access the AP by using that protocol until it is enabled.

Setting the SSH Status

2021
Unied Access Point Administrator’s Guide
Page 46
Secure Shell (SSH) is a program that provides access to the AP CLI from a remote host. SSH is more secure than Telnet for remote access because it provides strong authentication and secure communications over insecure
channels. From the SSH page, you can enable or disable SSH access to the system.

Figure 28 - Set SSH Status

Field Description
SSH Status Choose to either enable or disable SSH access to the AP CLI:
•) To permit remote access to the AP by using SSH, click Enabled.
•) To prevent remote access to the AP by using SSH, click Disabled.

Table 28 - SSH Settings

Section 5 - Conguring Access Point Services

Setting the Telnet Status

Telnet is a program that provides access to the AP CLI from a remote host. From the Telnet page, you can enable or
disable Telnet access to the system.

Figure 29 - Set Telnet Status

Field Description
Telnet Status Choose to either enable or disable Telnet access to the AP CLI:
•) To permit remote access to the AP by using Telnet, click Enabled.
•) To prevent remote access to the AP by using Telnet, click Disabled.

Table 29 - Telnet Settings

Conguring Quality of Service
Quality of Service (QoS) provides you with the ability to specify parameters on multiple queues for increased throughput and better performance of differentiated wireless trafc like Voice-over-IP (VoIP), other types of audio,
video, and streaming media, as well as traditional IP data over the UAP.
Conguring QoS on the UAP consists of setting parameters on existing queues for different types of wireless trafc,
and effectively specifying minimum and maximum wait times (through Contention Windows) for transmission. The settings described here apply to data transmission behavior on the AP only, not to that of the client stations.
To set up queues for QoS, click the QoS tab under the Services heading and congure settings as described in the table below.
2021

Figure 30 - Modify QoS Queue Parameters

Unied Access Point Administrator’s Guide
Page 47
Field Description
Radio Select the radio with the QoS settings to view or congure
Wi-Fi MultiMedia
(WMM)
Wi-Fi MultiMedia (WMM) is enabled by default. With WMM enabled, QoS prioritization and coordination of wireless medium access is on. With WMM enabled, QoS settings on the UAP control downstream trafc owing from the AP to client station (AP EDCA parameters) and the upstream trafc owing from the station to the AP (station EDCA parameters). Disabling WMM deactivates QoS control of station EDCA parameters on upstream trafc owing from the station to the AP. With WMM disabled, you can still set some parameters on the downstream trafc owing from the AP to the client station (AP EDCA parameters). To disable WMM extensions, click Disabled. To enable WMM extensions, click Enabled.
Note: After you congure the QoS settings, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that you change
AP settings when WLAN trafc is low.

Table 30 - QoS Settings

Section 5 - Conguring Access Point Services
Conguring SNMP on the Access Point
Simple Network Management Protocol (SNMP) denes a standard for recording, storing, and sharing information about network devices. SNMP facilitates network management, troubleshooting, and maintenance. The AP supports SNMP versions 1, 2, and 3. Unless specically noted, all conguration parameters on this page apply to SNMPv1 and SNMPv2c only.
Key components of any SNMP-managed network are managed devices, SNMP agents, and a management system. The agents store data about their devices in Management Information Bases (MIBs) and return this data to the SNMP manager when requested. Managed devices can be network nodes such as APs, routers, switches, bridges, hubs,
servers, or printers.
The UAP can function as an SNMP managed device for seamless integration into network management systems such
as HP OpenView.
From the SNMP page under the Services heading, you can start or stop control of SNMP agents, congure community passwords, access MIBs, and congure SNMP Trap destinations.
From the pages under the SNMPv3 heading, you can manage SNMPv3 users and their security levels and dene access control to the SNMP MIBs. For information about how to congure SNMPv3 views, groups, users, and targets,
see “Section 6 - Conguring SNMPv3” on page 52.
To congure SNMP, click the SNMP tab under the Services heading and update the elds described in the table below.
2021
Unied Access Point Administrator’s Guide
Page 48
Field Description
SNMP Enabled/
Disabled
You can specify the SNMP administrative mode on your network. By default SNMP is enabled. To enable SNMP, click Enabled. To disable SNMP, click Disabled. After changing the mode, you must click Apply to save your conguration changes. Note: If SNMP is disabled, all remaining elds on the SNMP page are disabled. This is a global SNMP parameter which applies to SNMPv1, SNMPv2c, and SNMPv3.
Read-only community name (for permitted SNMP get operations)
Enter a read-only community name. The valid range is 1-256 characters. The community name, as dened in SNMPv2c, acts as a simple authentication mechanism to restrict the machines on the network that can request data to the SNMP agent. The name functions as a password, and the request is assumed to be authentic if the sender knows
the password. The community name can be in any alphanumeric format.
Port number the
SNMP agent will
listen to
By default an SNMP agent only listens to requests from port 161. However, you can congure this so the agent listens to requests on another port. Enter the port number on which you want the SNMP agents to listen to requests. The valid
range is 1025-65535.
Note: This is a global SNMP parameter that applies to SNMPv1, SNMPv2c, and SNMPv3.
Allow SNMP set
requests
You can choose whether or not to allow SNMP set requests on the AP. Enabling SNMP set requests means that machines on the network can execute conguration changes via the SNMP agent on the AP to the D-Link System MIB. To enable SNMP set requests, click
Enabled. To disable SNMP set requests, click Disabled.
Read-write
community name (for permitted SNMP set operations)
If you have enabled SNMP set requests you can set a read-write community name. The
valid range is 1-256 characters. Setting a community name is similar to setting a password. Only requests from the machines that identify themselves with this community name will be accepted. The community name can be in any alphanumeric format.
Restrict the source
of SNMP requests to only the designated
You can restrict the source of permitted SNMP requests. To restrict the source of permitted SNMP requests, click Enabled. To permit any source submitting an SNMP request, click Disabled.
hosts or subnets
Section 5 - Conguring Access Point Services
Figure 31 - SNMP Conguration
2021
Unied Access Point Administrator’s Guide
Page 49
Field Description
Hostname, address or subnet
of Network
Management
System
IPv6 Hostname or IPv6 subnet of Network
Management
System
Community name
for traps
Host Type Specify whether the enabled host is an IPv4 host or an IPv6 host.
Hostname or IP address
Specify the IPv4 DNS hostname or subnet of the machines that can execute get and set requests to the managed devices. The valid range is 1-256 characters.
As with community names, this provides a level of security on SNMP settings. The SNMP agent will only accept requests from the hostname or subnet specied here. To specify a subnet, enter one or more subnetwork address ranges in the form
mask_length
Both formats address/mask and address/mask_length are supported. Individual hosts
can be provided for this, i.e. IP Address or Hostname. For example, if you enter a range of
192.168.1.0/24 this species a subnetwork with address 192.168.1.0 and a subnet mask of
255.255.255.0.
The address range is used to specify the subnet of the designated NMS. Only machines
with IP addresses in this range are permitted to execute get and set requests on the
managed device. Given the example above, the machines with addresses from 192.168.1.1 through 192.168.1.254 can execute SNMP commands on the device. (The address identied by sufx .0 in a subnetwork range is always reserved for the subnet address, and the address identied by .255 in the range is always reserved for the broadcast address). As another example, if you enter a range of 10.10.1.128/25 machines with IP addresses from 10.10.1.129 through 10.10.1.254 can execute SNMP requests on managed devices. In this example, 10.10.1.128 is the network address and 10.10.1.255 is the broadcast address.
126 addresses would be designated.
Specify the IPv6 DNS hostname or subnet of the machines that can execute get and set requests to the managed devices.
Enter the global community string associated with SNMP traps. The valid range is 1-256
characters. Traps sent from the device will provide this string as a community name. The community name can be in any alphanumeric format. Special characters are not permitted.
Enter the DNS hostname of the computer to which you want to send SNMP traps. The valid
range is 1-256 characters.
An example of a DNS hostname is: snmptraps.foo.com. Since SNMP traps are sent randomly from the SNMP agent, it makes sense to specify where exactly the traps should be sent. You can add up to a maximum of three DNS hostnames. Ensure you select the Enabled check box beside the appropriate hostname.
where address is an IP address and mask_length is the number of mask bits.

Table 31 - SNMP Settings

Section 5 - Conguring Access Point Services
address/
Note: After you congure the SNMP settings, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that
you change AP settings when WLAN trafc is low.

Enabling the Time Settings (NTP)

Use the Time Settings page to specify the Network Time Protocol (NTP) server to use to provide time and date information to the AP or to congure the time and date information manually.
NTP is an Internet standard protocol that synchronizes computer clock times on your network. NTP servers transmit Coordinated Universal Time (UTC, also known as Greenwich Mean Time) to their client systems. NTP sends periodic time requests to servers, using the returned time stamp to adjust its clock. The timestamp is used to indicate the date
and time of each event in log messages.
See http://www.ntp.org for more information about NTP.
Unied Access Point Administrator’s Guide
2021
Page 50
Section 5 - Conguring Access Point Services
To set the system time either manually or by specifying the address of the NTP server for the AP to use, click the Services > Time Settings (NTP) tab and update the elds as described in the table below.

Figure 32 - Time Settings (NTP)

Field Description
Set System Time NTP provides a way for the AP to obtain and maintain its time from a server on the network.
Using an NTP server gives your AP the ability to provide the correct time of day in log messages and session information.
Choose to use a network time protocol (NTP) server to determine the system time, or set the
system time manually:
•) To permit the AP to poll an NTP server, click Using Network Time Protocol (NTP).
•) To prevent the AP from polling an NTP server, click Manually.
NTP Server (Use NTP)
If NTP is enabled, specify the NTP server to use. You can specify the NTP server by hostname, IPv4 or IPv6 address, although using the IPv4 or IPv6 address is not recommended as these can change more readily. If you specify a hostname, note the following requirements:
•) The length must be between 1 – 63 characters.
•) Upper and lower case characters, numbers, and hyphens are accepted.
•) The rst character must be a letter (a–z or A–Z), and the last character cannot be a hyphen.
System Date
Specify the current month, day, and year.
(Manual conguration)
System Time (Manual
Specify the current time in hours and minutes. The system uses a 24-hour clock, so 6:00 PM is congured as 18:00.
conguration)
Time Zone Select your local time zone from the menu. The default is USA (Pacic).
Adjust Time for
Daylight Savings
Select to have the system adjust the reported time for Daylight Savings Time (DST). When
this eld is selected, elds to congure Daylight Savings Time settings appear.
DST Start (24 HR) Congure the date and time to begin Daylight Savings Time for the System Time.
DST End (24 HR) Congure the date and time to end Daylight Savings Time for the System Time.
DST O󰀨set
Select the number of minutes to offset DST. The default is 60 minutes.
(minutes)

Table 32 - NTP Settings

2021
Note: After you congure the Time settings, you must click Apply to apply the changes and to save the settings. Changing some settings might cause the AP to stop and restart system processes. If this happens, wireless clients will temporarily lose connectivity. We recommend that
you change AP settings when WLAN trafc is low.
Unied Access Point Administrator’s Guide
Page 51
Section 6 - Conguring SNMPv3
Section 6 - Conguring SNMPv3
This section describes how to congure the SNMPv3 settings on the UAP and contains the following subsections:
•) “Conguring SNMPv3 Views” on page 52
•) “Conguring SNMPv3 Groups” on page 53
•) “Conguring SNMPv3 Users” on page 54
•) “Conguring SNMPv3 Targets” on page 55
Conguring SNMPv3 Views
A MIB view is a combination of a set of view subtrees or a family of view subtrees where each view subtree is a subtree within the managed object naming tree. You can create MIB views to control the OID range that SNMPv3
users can access.
A MIB view called “all” is created by default in the system. This view contains all management objects supported by
the system.
Note: If you create an excluded view subtree, create a corresponding included entry with the
same view name to allow subtrees outside of the excluded subtree to be included. For example, to
create a view that excludes the subtree 1.3.6.1.4, create an excluded entry with the OID 1.3.6.1.4. Then, create an included entry with OID .1 with the same view name.
Figure 33 - SNMPv3 Views Conguration
The following table describes the elds you can congure on the SNMPv3 Views page.
Field Description
View Name Enter a name to identify the MIB view.
View names can contain up to 32 alphanumeric characters.
Type Species whether to include or exclude the view subtree or family of subtrees from the MIB
view.
OID Enter an OID string for the subtree to include or exclude from the view.
For example, the system subtree is specied by the OID string .1.3.6.1.2.1.1.
Mask The OID mask is 47 characters in length. The format of the OID mask is xx.xx.xx (.)... or
xx:xx:xx.... (:) and is 16 octets in length. Each octet is 2 hexadecimal characters separated
by either . (period) or : (colon). Only hex characters are accepted in this eld. For example, OID mask FA.80 is 11111010.10000000. A family mask is used to dene a family of view subtrees. The family mask indicates which sub-identiers of the associated family OID string are signicant to the family’s denition. A family of view subtrees allows control access to one row in a table, in a more efcient
manner.
SNMPv3 Views This eld shows the MIB views on the UAP. To remove a view, select it and click Remove.

Table 33 - SNMPv3 Views

2021
Unied Access Point Administrator’s Guide
Page 52
Note: After you congure the SNMPv3 Views settings, you must click Apply to apply the changes and to save the settings.
Section 6 - Conguring SNMPv3
Conguring SNMPv3 Groups
SNMPv3 groups allow you to combine users into groups of different authorization and access privileges.
By default, the UAP has two groups:
•) RO — A read-only group using authentication and data encryption. Users in this group use an MD5 key/ password for authentication and a DES key/password for encryption. Both the MD5 and DES key/passwords must be dened. By default, users of this group will have read only access to the default all MIB view, which can be modied by the user.
•) RW — A read/write group using authentication and data encryption. Users in this group use an MD5 key/ password for authentication and a DES key/password for encryption. Both the MD5 and DES key/passwords must be dened. By default, users of this group will have read and write access to the default all MIB view, which can be modied by the user.
RW and RO groups are dened by default.
Note: The UAP supports maximum of eight groups.
To dene additional groups, navigate to the SNMPv3 Groups page and congure the settings that the table below
describes.
Figure 34 - SNMPv3 Groups Conguration
Field Description
Name Specify a name to use to identify the group. The default group names are RW and RO.
Group names can contain up to 32 alphanumeric characters.
Security Level Select one of the following security levels for the group:
•) noAuthentication-noPrivacy — No authentication and no data encryption (no
security).
•) Authentication-noPrivacy — Authentication, but no data encryption. With this security
level, users send SNMP messages that use an MD5 key/password for authentication, but not a DES key/password for encryption.
•) Authentication-Privacy — Authentication and data encryption. With this security level,
users send an MD5 key/password for authentication and a DES key/password for
encryption.
For groups that require authentication, encryption, or both, you must dene the MD5 and DES key/passwords on the SNMPv3 Users page.
Write Views Select the write access to management objects (MIBs) for the group:
•) write-all — The group can create, alter, and delete MIBs.
•) write-none — The group is not allowed to create, alter, or delete MIBS.
2021
Unied Access Point Administrator’s Guide
Page 53
Field Description
Read Views Select the read access to management objects (MIBs) for the group:
•) view-all — The group is allowed to view and read all MIBs.
•) view-none — The group cannot view or read MIBs.
SNMPv3 Groups This eld shows the default groups and the groups that you have dened on the AP. To
remove a group, select the group, and click Remove.

Table 34 - SNMPv3 Groups

Note: After you congure the SNMPv3 Groups settings, you must click Apply to apply the changes
and to save the settings.
Section 6 - Conguring SNMPv3
Conguring SNMPv3 Users
From the SNMPv3 Users page, you can dene multiple users, associate the desired security level to each user, and congure security keys.
For authentication, only MD5 type is supported, and for encryption only DES type is supported. There are no default SNMPv3 users on the UAP.
Figure 35 - SNMPv3 User Conguration
The following table describes the elds to congure SNMPv3 users.
Field Description
Name Enter the user name to identify the SNMPv3 user.
User names can contain up to 32 alphanumeric characters.
Group Map the user to a group. The default groups are RWAuth, RWPriv, and RO. You can dene
additional groups on the SNMPv3 Groups page.
Authentication Type Select the type of authentication to use on SNMP requests from the user:
•) MD5 — Require MD5 authentication on SNMPv3 requests from the user.
•) None — SNMPv3 requests from this user require no authentication.
Authentication Key If you specify MD5 as the authentication type, enter a password to enable the SNMP agent
to authenticate requests sent by the user.
The passphrase must be between 8 and 32 characters in length.
Encryption Type Select the type of privacy to use on SNMP requests from the user:
•) DES — Use DES encryption on SNMPv3 requests from the user.
•) None — SNMPv3 requests from this user require no privacy.
Encryption Key If you specify DES as the privacy type, enter a key to use to encrypt the SNMP requests.
The passphrase must be between 8 and 32 characters in length.
SNMPv3 Users This eld shows the users that you have dened on the AP. To remove a user, select the
user and click Remove.

Table 35 - SNMPv3 Users

2021
Unied Access Point Administrator’s Guide
Page 54
Use the buttons on the page to perform the following tasks:
•) Add: Add the new user to the SNMPv3 users table.
•) Remove: Remove the selected user from the SNMPv3 users table.
•) Update: Apply and save the changed SNMPv3 user settings.
Note: After you congure the SNMPv3 Users settings, you must click Apply to apply the changes
and to save the settings.
Section 6 - Conguring SNMPv3
Conguring SNMPv3 Targets
SNMPv3 Targets send “inform” messages to the SNMP manager. Each target is identied by a target name and associated with target IP address, UDP port, and SNMP user name.
Figure 36 - SNMPv3 Targets Conguration
Field Description
IPv4/IPv6 Address Enter the IP address of the remote SNMP manager to receive the target.
Port Enter the UDP port to use for sending SNMP targets.
Users Select the name of the SNMP user to associate with the target. To congure SNMP users,
see “Conguring SNMPv3 Users” on page 54.
SNMPv3 Targets This eld shows the SNMPv3 Targets on the UAP. To remove a target, select it, and click
Remove.

Table 36 - SNMPv3 Targets

Note: After you congure the SNMPv3 Target settings, you must click Apply to apply the changes
and to save the settings.
2021
Unied Access Point Administrator’s Guide
Page 55

Section 7 - Maintaining the Access Point

Section 7 - Maintaining the Access Point
This section describes how to maintain the UAP.
From the UAP Administrator UI, you can perform the following maintenance tasks:
•) “Performing AP Maintenance” on page 57
•) “Upgrading the Firmware” on page 57
•) “Support Information Conguration and Settings” on page 58
Saving the Current Conguration to a Backup File
The AP conguration le is in binary format and contains all of the information about the AP settings. You can download the conguration le to a management station to manually edit the content or to save as a back-up copy.
Click the Download button to save a copy of the current settings on an AP to a backup conguration le.
Click the Download button to save a copy of the current settings on an AP to a backup conguration le.
Figure 37 - Manage this Access Point’s Conguration - Save
Restoring the Conguration from a Previously Saved File
After you download a conguration le to the management station, you can manually edit the le, which is in binary format. Then, you can upload the edited conguration le to apply those conguration settings to the AP.
Use the following steps to save a copy of the current settings on an AP to a backup conguration le
Figure 38 - Manage this Access Point’s Conguration - Restore (HTTP)
1.) Use the Browse button to select the le to restore.
2.) Click the Restore button.
A File Upload or Choose File dialog box displays.
3.) Navigate to the directory that contains the le, then select the le to upload and click Open.
(Only those les created with the Backup function and saved as .bin backup conguration les are valid to use
with Restore; for example, WLAN-EAP_cong.bin.)
4.) Click the Restore button. A dialog box opens verifying the restore.
5.) Click OK to proceed.
The AP reboots. A reboot conrmation dialog and follow-on rebooting status message displays. Please wait for the reboot process to complete, which might take several minutes.
2021
Unied Access Point Administrator’s Guide
Page 56
The Administration Web UI is not accessible until the AP has rebooted.
Section 7 - Maintaining the Access Point
Performing AP Maintenance
From the Maintenance page, you can reset the AP to its factory default settings or reboot the AP.

Figure 39 - Performing AP Maintenance

Resetting the Factory Default Conguration
If you are experiencing problems with the UAP and have tried all other troubleshooting measures, click Reset. This restores factory defaults and clears all settings, including settings such as a new password or wireless settings. You
can also use the reset button on the back panel to reset the system to the default conguration.

Rebooting the Access Point

For maintenance purposes or as a troubleshooting measure, you can reboot the UAP. To reboot the AP, click the
Reboot button.
Turn O󰀨 all LEDs
Enable the LED off to turn off all LEDs.

Upgrading the Firmware

As new versions of the UAP rmware become available, you can upgrade the rmware on your devices to take
advantage of new features and enhancements.
After you upload new rmware and the system reboots, the newly added rmware becomes the primary image. If the upgrade fails, the original rmware remains as the primary image.
Note: When you upgrade the rmware, the access point retains the existing conguration
information.
Use the following steps to upgrade the rmware on an access point
2021
Unied Access Point Administrator’s Guide
Page 57

Figure 40 - Manage Firmware (HTTP)

1.) If you know the path to the new rmware image le, enter it in the Image Filename eld. Otherwise, click the Browse button and locate the rmware image le.
The rmware upgrade le supplied must be a tar le. Do not attempt to use bin les or les of other formats for the upgrade; these types of les will not work.
2.) Click Upgrade to apply the new rmware image. Upon clicking Upgrade for the rmware upgrade, a popup conrmation window is displayed that describes the
upgrade process.
3.) Click OK to conrm the upgrade and start the process.
Note: The rmware upgrade process begins once you click Upgrade and then OK in the popup conrmation window.
Section 7 - Maintaining the Access Point
The upgrade process may take several minutes during which time the access point will be unavailable. Do not
power down the access point while the upgrade is in process. When the upgrade is complete, the access point
restarts. The AP resumes normal operation with the same conguration settings it had before the upgrade.
4.) To verify that the rmware upgrade completed successfully, check the rmware version shown on the Upgrade page (or the Basic Settings page). If the upgrade was successful, the updated version name or number is indicated.
Support Information Conguration and Settings
The Support Information page provides a way to gather the diagnostic/troubleshooting information about the AP beyond what is available through the Web UI.

Figure 41 - Support Information

Field Description
Download To download the diagnostic information for support, click “Download” button.

Table 37 - Support Information

2021
Unied Access Point Administrator’s Guide
Page 58
Section 8 - Conguring Client Quality of Service (QoS)
Section 8 - Conguring Client Quality of Service (QoS)
This section describes how to congure QoS settings that affect trafc from the wireless clients to the AP. By using the UAP Client QoS features, you can limit bandwidth.
This section describes the following features:
•) “Conguring VAP QoS Parameters” on page 59
Conguring VAP QoS Parameters
The client QoS features on the UAP provide additional control over certain QoS aspects of wireless clients that connect to the network, such as the amount of bandwidth an individual client is allowed to send and receive.
To congure the Client QoS administrative mode and to congure the QoS settings for a VAP, click the VAP QoS
Parameters tab.
Figure 42 - Congure Client QoS VAP Settings
Field Description
Client QoS Global
Admin Mode
Radio For dual-radio APs, select 5GHz Radio or 2.4GHz Radio to specify which radio to congure.
VAP Specify the VAP that will have the Client QoS settings that you congure.
Client QoS Mode Enable or disable QoS operation on the VAP selected in the VAP menu.
Bandwidth Limit Down
Bandwidth Limit Up Enter the maximum allowed client transmission rate to the AP in bits per second. The valid
Enable or disable Client QoS operation on the AP.
Changing this setting will not affect the WMM settings you congure on the QoS page.
The QoS settings you congure for the selected VAP will not affect clients that access the network through other VAPs.
QoS must be enabled globally (from the Client QoS Global Admin Mode eld) and on the VAP ( QoS Mode eld) for the Client QoS settings to be applied to wireless clients.
Enter the maximum allowed transmission rate from the AP to the wireless client in bits per
second. The valid range is 0 – 429496000 bits/sec.
The value you enter must be a multiple of 8000 bits/sec, in other words, the value must be n × 8000 bits/sec, where n = 0, 1, 2, 3... If you attempt to set the limit to a value that is not a multiple of 8000 bits/sec, the conguration will be rejected. A value of 0 means that the
bandwidth maximum limit is not enforced in this direction.
range is 0 – 4294967295 bps. The value you enter must be n × 8000 bits/sec, where n = 0, 1, 2, 3... If you attempt to set
the limit to a value that is not a multiple of 8000 bits/sec, the conguration will be rejected. A
value of 0 means that the bandwidth maximum limit is not enforced in this direction.

Table 38 - VAP QoS Parameters

2021
Unied Access Point Administrator’s Guide
Page 59
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use