Enterasys 802.11, RoamAbout R2, RoamAbout AP 2000, RoamAbout PC Card, RoamAbout AP Classic Networking Manual

Download

802.11 Wireless Networking Guide

P/N 9034042-08

ENJOY THE FREEDOM OF WIRELESS NETWORKING

ENTERASYS.COM

™

NOTICE

Enterasys Networks reserves the righ t to make changes in specifications and other information contai ned in this document and its web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such changes have been made.

The hardware, firmware, or software described in this document is subject to change without notice. IN NO EVENT SHALL ENTERASYS NETWORKS BE LIABLE FOR ANY INCIDENTAL, INDIRECT, SPECIAL,

OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED TO LOST PROFITS) ARISING OUT OF OR RELATED TO THIS DOCUMENT, WEB SITE, OR THE INFORMATION CONTAINED IN THEM, EVEN IF ENTERASYS NETW ORKS HAS BEEN ADVISE D OF, KNEW OF, OR SHOULD HAVE KNOWN OF, THE POSSIBILITY OF SUCH DAMAGES.

500 Spaulding Turnpike Portsmouth, NH 03801

Part Number: 9034042-08

Web Site: http://www.enterasys.com/wireless

Enterasys, Enterasys Networks, RoamAbout, and the RoamAbout logo are trademarks of Enterasys Networks, Inc. Apple, the Apple logo, Macintosh, and PowerBook are trademarks or registere d t ra demarks of Apple Computer, Inc. IPX/SPX is a trademark of Novell, Inc. LINUX is a trademark of Linus Torvalds. Microsoft, Windows, and Windows NT are trademarks or registered trademarks of Microsoft Corporation. Novell an d N etWare ar e r egistered tr ademarks of Nov e l l , I nc. PC Card is a trademark of PCMCIA. All other trademarks and registered trademarks are the property of their resp ective holders.

Contents

Preface

Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

Associated Documents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xii

Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii

Getting Help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv

1 Wireless Network Configurations

In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

RoamAbout AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2

RoamAbout PC Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4

Operating System Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5

Wireless Infrastructure Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6

Single AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6

Multiple APs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6

Wireless Client Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8

LAN-to-LAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9

Point-to-Point . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9

Point-to-Multipoint. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10

RoamAbout R2 Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-13

Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-13

Workgroup Mode (both slots) Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-13

Workgroup Mode and LAN-to-LAN Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-14

Ad-Hoc Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-15

Optional Antennas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-16

Vehicle-Mount Antenna . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-16

Range Extender Antenna . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-17

Outdoor Antenna Kit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-18

iii

Contents

2 Understanding Wireless Network Characteristics

In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1

Wireless Network Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2

Access Point MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3

RoamAbout R2 MAC Addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3

Channel Frequencies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4

Transmit Rate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5

Auto Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6

Fixed Rate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6

Communications Quality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7

Signal Level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7

Noise Level. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7

Data Throughput Efficiency. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8

AP Density and Roaming. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8

RTS/CTS Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9

RTS Threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9

Hidden Station . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10

802.11 Power Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11

RoamAbout AP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11

RoamAbout Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11

Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12

Network Operating System Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12

RoamAbout AP Secure Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12

Wired Equivalent Privacy (WEP) Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13

Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14

802.1X Rapid Rekeying . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-16

SNMP Community Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-19

Console Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-19

Network Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-20

Wireless Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-20

Beacons. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-20

Message Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-21

Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-21

Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-22

Using the Access Point 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-22

Using the RoamAbout R2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-22

VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-23

Access Point 2000. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-23

R2 Access Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-23

Network Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-24

Static and Dynamic VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-25

RoamAbout SNMP Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-26

Access Point 2000. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-26

RoamAbout R2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-27

3 Designing and Implementing a Wireless Network

In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1

Infrastructure Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2

Determining the Coverage Area and Supported Users. . . . . . . . . . . . . . . . . . . . . . . . . . 3-3

Selecting the Location for a Single AP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4

Selecting the Locations for Multiple APs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5

RoamAbout R2 Mezzanine Special Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6

Using Multiple Wireless Infrastructure Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6

Using an Outdoor Antenna. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6

LAN-to-LAN Network Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7

Ad-Hoc Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 -8

Wireless Network Hardware Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9

Wireless Infrastructure Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9

LAN-to-LAN Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9

Ad-Hoc Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10

Contents

4 Wireless Network Tools

In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

RoamAbout AP Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2

Installing the RoamAbout AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4

Other SNMP Management Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

RoamAbout Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6

Web Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6

RoamAbout Client Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7

Contents

5 Configuring the Wireless Network

In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1

Configuring APs in an Infrastructure Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3

Required Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3

Wireless Parameters Used in an Infrastructure Network . . . . . . . . . . . . . . . . . . . . . . . . 5-3

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7

Configuring APs in a Point-to-Point Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8

Required Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8

Wireless Parameters Used in a Point-to-Point Network. . . . . . . . . . . . . . . . . . . . . . . . . 5-9

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12

Configuring the AP for Point-to-Multipoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-13

Required Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-13

Wireless Parameters Used in a Point-to-Multipoint Network . . . . . . . . . . . . . . . . . . . 5-14

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-17

Viewing Current AP Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-18

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-18

Using the RoamAbout R2 Console. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-18

Using the Access Point 2000 Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-18

Modifying the IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-19

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-19

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21

Setting the Cabletron Discovery Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21

Modifying Wireless Parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22

Using AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23

Configuring for Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24

Setting Secure Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24

Setting Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-25

Configuring the Console Port for Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-28

AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-28

Contents

RoamAbout R2 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-28

Access Point 2000 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-28

Configuring the R2 for SNMPv1 or SNMPv2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-29

Configuring the AP for Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-30

RADIUS Management Authenticator (AP 2000 Only) . . . . . . . . . . . . . . . . . . . . . . . . 5-30

Configuring the AP for Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-32

Configuring for Rapid Rekeying . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-36

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-36

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-36

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-37

Set Up Rapid Rekeying on the Clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-38

Configuring for VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-40

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-41

Using the RoamAbout R2 Web Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-42

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-42

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-42

Setting Spanning Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-43

Using AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-43

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-43

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-43

Filtering Traffic by Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-44

Filtering Traffic by Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-46

Checking the Configuration on Multiple APs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-47

Resetting the RoamAbout AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-48

Using the RoamAbout R2 Web Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-49

Configuring Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-50

6 Maintaining the Wireless Network

In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1

Testing Radio Communications Quality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2

Using the RoamAbout Client Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 -3

Optimizing RoamAbout AP Placement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5

Using the Client Utility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5

Using AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-6

Optimizing RoamAbout Outdoor Antenna Placement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-7

Logging Measurement Data. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-8

Checking the Client RoamAbout PC Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-9

Monitoring the AP Using RMON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-10

Monitoring RADIUS Client Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11

vii

Contents

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11

Checking RoamAbout Product Version Numbers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13

Using AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13

Using the Client Utility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13

Upgrading the RoamAbout AP Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-14

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-14

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-14

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15

Using the AP Hardware Reset Button . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15

Replacing the PC Card in an AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-16

7 Problem Solving

In This Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1

Using the AP LEDs to Determine the Problem. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2

RoamAbout R2 LEDs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2

AP 2000 LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5

AP (Classic) LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-8

Showing Counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11

Using the AP Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11

Using the Access Point 2000 Console Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11

Using the RoamAbout R2 Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11

Displaying Error Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-18

RoamAbout PC Card LED Activity in a Client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-19

Windows Does Not Detect the RoamAbout PC Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-21

Client Cannot Connect to the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-21

Checking the Network Protocols on a Windows System . . . . . . . . . . . . . . . . . . . . . . . . . . 7-22

Device Conflict on a Windows System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-23

Windows NT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-23

Windows 95 or 98. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-24

Changing the ISA Adapter Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-25

Setting SNMP Trap Addresses (Access Point Only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-26

Setting Upline Dump (Access Point Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-27

A PC Card Information

Supported Frequency Sub-Bands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .A-3

viii

B Connecting a Device to the Console Port

C ASCII to HEX Conversion

Glossary

Index

Contents

A RoamAbout wireless network consists of RoamAbout wireless products, such as the

RoamAbout R2 Wireless Access Platform, RoamAbout Access Point 2000, RoamAbout

PC Card, and other wireless products that use an 802.11 Direct Sequence (DS) compliant

radio.

This manual describes how to design, install, configure and maintain a RoamAbout

wireless network. It also describes how to troubleshoot problems that may arise during

installation or operation.

NOTE: AP refers to the Access Point and the RoamAbout R2 unless

NOTE

otherwise specified in this document.

Intended Audience

Preface

This manual is intended for the wireless network manager. You should have a basic

knowledge of Local Area Networks (LANs) and networking functions.

Associated Documents

You can download the documentation, drivers, and utilities from the RoamAbout Wireless

web site. Check the RoamAbout Wireless web site regularly for product upgrades:

http://www.enterasys.com/wireless

Component Information Location

RoamAbout AP Manager RoamAbout 802.11 Wireless Networking

Guide and online help

RoamAbout R2 Wireless Access Platform

RoamAbout Access Point 2000 RoamAbout Access Point 2000 Hardware

RoamAbout 802.11 PC Card RoamAbout 802.11 PC Card Drivers and

RoamAbout 802.11 PC Card Drivers

RoamAbout Client Utility RoamAbout 802.11 PC Card Drivers and

RoamAbout R2 Wireless Access Platform Hardwar e Installation Guide and online help

Install ation Gui de and onli ne help

Utilities Client CD-ROM Kit RoamAbout 802.11 PC Card Installation

Guide RoamAbout 802.11 PC Card Drivers and

Utilities CD-ROM Kit RoamAbout 802.11 PC Card Drivers and

Utilities Setup and Installation Guide and

online help

Utilities CD-ROM Kit RoamAbout 802.11 PC Card Drivers and

Utilities Setup and Installation Guide and

online help

RoamAbout Outdoor Solution RoamAbout Outdoor Antenna Site

RoamAbout ISA Adapter Card RoamAbout ISA Adapter Installation RoamAbout PCI Adapter Card RoamAbout PCI Adapter Installation

xii

Prepa rat io n and Ins tal l ati on Gui de

Document Conventions

The following icons are used in this document:

Icon Meaning

CAUTION: Contains information essential to avoid personal injury or damage to the equipment.

Document Conventions

NOTE

NOTE: Calls the reader’s attention to any item of information that may be of special importance.

xiii

Getting Help

For additional support related to this device or document, contact Enterasys Netwo r ks

using one of the following methods:

World Wide Web: http://www.enterasys.com/wireless

Phone: North America: (603) 332-9400

Europe: 353 61 701 910

Asia: +800 8827-2878

Internet mail: support@enterasys.com

To send comments or suggestions concerning this document, contact the Enterasys

Networks Technical Writing Department via the following e-mai l

address: TechWriting@enterasys.com

Make sure you include the document Part Number in the e-mail message.

Before calling Enterasys Networks, please have the following information ready:

• Your Enterasys Networks service contract number

• A descri pt ion of the problem

• A description of any action(s) already taken to resolve the problem

• The serial and revision numbers of all involved Enterasys Networks products in the

network

• A description of your network environment (for example, layout, cable type)

• Network load and frame size at the time of trouble (if known)

• The device history (for example, have you returned the device before, is this a

recurring problem)

• Any previous Return Material Authorization (RMA) numbers

xiv

Chapter 1

Wireless Network Configurations

There are three basic RoamAbout wireless network configurations:

• One or more APs connecting wireless clients to a wired network, using the Workgroup

Bridge mode. A wireless client can be any co mpu ter with an 80 2.1 1 Direct-Sequ ence (DS) compliant radio card. This type of network is referred to as a wireless infrastructure network.

• Two or more APs used as a wireless link connecting wired networks. This is called a

LAN-to-LAN configuration. There are two variations of the RoamAbout LAN-to-LAN configurations:

— Point-to-Point which connect s two wired networks , using the LAN-to-LAN

Endpoint Bridge mode.

— Point-to-Multipoint which can connect multiple wired networks, using the

LAN-to-LAN Multipoint Bridge mode.

• Wireless clients communicating among themselves without a connection to a wired

network. This is called a peer-to-peer or ad-hoc network.

In This Chapter

Information in this chapter is presented as follows:

Topic Page

RoamAbout AP 1-2 RoamAbout PC Card 1-4 Wireless Infrastructure Network 1-6 LAN-to-LAN Configuration 1-9 RoamAbout R2 Configuration Examples 1-13 Ad-Hoc Network 1-15 Optional Antennas 1-16

1-1

RoamAbout AP

This guide addresses the different RoamAbout AP hardware platforms: RoamAbout

Access Point (sometimes referred to as Classic), RoamAbout Access Point 2000, and

RoamAbout R2 Wireless Access Platform. Unless otherwise specified, AP refers to all the

RoamAbout AP platforms.

The RoamAbout Access Point Classic is no longer available; however, a number of the

Access Point 2000 reference information and procedures apply to the Classic platform.

The RoamAbout Access Point 2000 is a wired to wireless bridge. One port connects to an

Ethernet LAN. The other port connects to a wireless network. The wireless connection is

provided by a RoamAbout 802.11 DS compliant PC Card.

The RoamAbout R2 is an expandable wireless access platform designed to support

existing, and future, radio technologies and networking requirements.

The RoamAbout AP provides the following basic bridging services. See Chapter 2 for

descriptions of wireless LAN, security and management features.

• Store-and-forward capability

The AP receives, checks, and transmits frames to other LANs, enabling the configuration of extended LANs.

• Frame filtering based on address

Using the address database and the source and destination addresses from incoming frames, the AP isolates traffic that does not need to be forwarded to, or should not be allowed on, other LANs. This action reduces the total data traffic on an extended LAN and thus increases bandwidth efficiency.

• Data Link layer relay

The AP operates at the Data Link layer of the Open System Interconnection (OSI) model. Operation at this layer makes the AP transparent to the protocols that use the LAN connectivity service. This protocol transparency is a key factor in the extended LAN service.

1-2

RoamAbout AP

• Dynamic address learning

The forwarding and translating process module automatically adds new source addresses to the address database while the AP is operating. This reverse learning of the address and port association allows automatic network configuration without prior downline loading of configuration data to the AP. Address learning is p rotoc ol and management entity independent.

An Aging Timer determines how long an address remains in the database. The timer measures the time since data was last addressed to or from a particular node. If the timer lapses without any traffic, the node’s address is removed f rom the database. T he Aging Timer interval can be modified by a Network Management System.

• Workgrou p Bridge mode

In Workgroup Bridge mode, the AP co mmunicates with wireless client s. The AP only forwards packets to multicast addresses, br oadcast addresses, and kn own addresses on the wireless LAN.

The RoamAbout Access Point 2000 learns addresses only from the wireless side of the network. The default Aging Timer interval is 32 minutes.

The RoamAbout R2 learns addresses from both the wired and wireless side. The default Aging Timer interval is approximately 7 minutes.

• LAN-to-LAN Endpoint Br idge mode

In a Point-to-Point configuration, both APs are configured as Endpoints. In this mode, the AP filters packets based upon their destination address and forwards

all packets with unknown addresses.

• LAN-to-LAN Multipoint Bridg e mode

This mode is used where multiple APs are configured as dedicated wireless links between LANs in a Point-to-Multipoint config uration . On e AP mu st be des ignated as the Central AP. The C entral AP can com municate wit h up to s ix other APs configured as Endpoints.

In this mode, the AP filters packets based upon their destination address and forwards all packets with unknown addresses.

NOTE: You must purchase a valid activation key to enable Multipoint

NOTE

bridge mode. Contact your Enterasys Representative.

Refer to the Release Notes that shipped with your AP for a complete list of product features.

1-3

RoamAbout PC Card

The RoamAbout PC Card is an IEEE 802.11 Direct Sequence (DS) compliant wireless

network interface card.

The RoamAbout PC Card functions like any standard wired Ethernet card; however, the

RoamAbout PC Card uses radio frequencies instead of a cable for the LAN connection.

When installed in a computer, the PC Card and computer are referred to as a RoamAbout

wireless client.

The RoamAbout PC Card fits into any PC card type II slot and includes the following

features:

• The ability to support desktop PCs, via one of the following adapters:

— RoamAbout ISA Adapter Card option, which allows installation into computers

that do not have a PC card slot but do have an available ISA bus slot.

— RoamAbout PCI Adapter Card option, which allows installation into computers

that do not have a PC Card slot or an ISA bus slot. The PCI Adapter works with Microsoft Windows PC99-compliant PCs (PCI-slot-only PCs) that have BIOS-supported PCI 2.2 or higher.

• An 802.11 DS compliant radio.

• The ability to communicate with 802.11 DS compliant APs or other 802.11 clients.

• The RoamAbout Client Utility, which allows you to monitor the quality of wireless

communication.

• Support for W i ndo w s 95, Wi n dow s 9 8, Wi ndows NT, Window s 20 00, Windows Me,

Windows XP, MS-DOS, Windows 3.x, Windows CE, Linux, and Apple PowerBook computers. Refer to the RoamAbout 802.11 PC Card Drivers and Utilities Setup and Installation Guide for more information.

• 802.11 power management.

• Wired Equivalent Privacy (WEP) security.

• Roaming, where the client can move from one AP to another in the same wireless

network without losing LAN connectivity.

• Roaming over multiple channels. The RoamAbout PC Card automatically uses the

same channel as the associated AP.

• The RoamAbout PC Card is also the means by which a RoamAbout AP communicates

with a wireless network. This manual considers an AP and its installed PC Card(s) as one unit.

1-4

RoamAbout PC Card

Operating Syste m Suppo rt

You can have client s with vario us operating systems in the same wireless network. Refer

to the RoamAbout 802.11 PC Card Drivers and Utilities Setup and Installation Guide for

setup and installation information. For the latest version of the RoamAbout drivers, see the

RoamAbout web site: http://www.enterasys.com/wireless.

You may need to install the appropriate networking protocols when installing the

RoamAbout PC Card in the computer. The most common protocols include TCP/IP and

NetBEUI.

1-5

Wireless Infrastructure Network

In a wireless infrastructure network, wireless clients communicate with an AP to connect

to a wired LAN. A RoamAbout wireless infrastructure network can support clients with

various op erating systems.

The area where a client can communicate with th e AP is called a coverage area. To increase

the coverage area, you can add APs to the wireless network.

Single AP

A single AP supports a single wireless infrastructure network. Each wireless client must

communicate with the AP to connect to the wired network.

NOTE

separate wireless infrastructure networks. Refer to “RoamAbout R2

Configuration Examples” on page 1-13.

You can have multiple wireless infrastructure networks, each with a s ingle AP and different

wireless names. Each network is a separate entity. Clients cannot roam between networks.

Multiple APs

A wireless infrastructure network can consist of multiple APs. This extends th e coverage

area of the wireless network. To allow roamin g, each AP in the wireless networ k must use

the same Wireless Network Name.

NOTE: The RoamAbout R2 with the Mezzanine option can support two

NOTE

In this configuration, the wireless network consists of cells. A cell is a single AP and its

wireless clients within a network of multiple APs.

NOTE: The RoamAbout R2 with the Mezzanine option can effectively be configured as two APs supporting the same wireless infrastructure network. Refer to “RoamAbout R2 Configuration Examples” on page 1-13.

Figure 1-1 shows two APs in the same wireless network.

1-6

Wireless Infrastructure Netwo rk

Figure 1-1: Cells Within a Wireless Infrastructure Network Configuration

Cell 1 Cell 2

AP1

Workgroup Mode

Coverage

Areas

AP2

Workgroup Mode

Wireless

Client

To allow wireless clients to physically move within a wireless network, the coverage areas

should overlap. In Figure 1-1, Cell 1 and Cell 2 share overlapping areas of coverag e. As a

wireless client moves from Cell 2 to Cell 1, the necessary infrastructure network

information is passed from AP2 to AP1 while maintainin g LAN connectiv ity. The

capability of moving from one AP to another without losing the network connection is

called roaming.

When a wireless client (such as the laptop computer in Figure 1-1) approaches the outside

boundary of a coverage area, the client can sense that another AP using the same Wireless

Network Name is providing a better quality signal. The client then automatically switches

to the other AP. If the other AP is using a different channel, the client automatically

switches to that channel.

1-7

Wireless Infrastructure Network

Wireless Client Behavior

You can configure the wireless client to connect to a specific wireless network or the first

available wireless network.

If you configure the client to connect to a specific wireless network, the client establishes

a radio connection to the AP in the specified wireless network that provides the best

communications quality. APs in a different wireless network are ignored.

If you configure the client to connect to the first available wireless network (the Wireless

Network Name = ANY), the client establishes a radio connection to the AP that provides

the best communications quality. Be aware that if there are multiple wireless networks, the

client could connect to an AP that is not in the network you want to join.

In either configuration, the client automatically matches the radio channel used by the AP.

A wireless client configured to connect to any available network does not automatically

switch networks after it makes a connection to a wireless network; for example:

Your wireless client is configured to connect to the first available wireless network. The first available network is called SouthSide. Once the connection is made, you move your client out of range of SouthSide, but in range of another wireless network called NorthSide. The wireless client loses the connection to SouthSide but d oes not make the connection to NorthSide. To connect to NorthSide, you need to restart the client. After the restart, the wireless client connects to NorthSide since it is the first available wireless network.

1-8

LAN-to-LAN Configuration

You can connect separate LANs over a wireless link by configuring two or more

RoamAbout APs to communicate with each other. This is called a LAN-to-LAN

configuration.

There are two variations of the RoamAbout LAN-to-LAN configuration:

• Point-to-Point, using the LAN-to-LAN Endpoint Bridge mode, which connects two

wired networks.

• Point-to-Multipoint, using the LAN-to-LAN Multipoint Bridge mode, which can

connect multiple wired networks.

Typically, the APs are configured with outdoor antennas. If you use an outdoor antenna,

you should have a professional antenna installation com pany perform the installation.

Contact your Enterasys sales representative or visit the RoamAbout web site,

www.enterasys.com/wireless, for more information about the outdoor antenna kits.

Point-to-Point

LAN-to-LAN Configuration

Figure 1-2 shows two APs, configured as LAN-to-LAN Endpoint Bridge mode, in

different buildings using an outdoor antenna to connect the LANs in those buildings. As

shown in the figure, both APs use a directional antenna. You can also con figure the APs to

connect two LANs in the same building.

Figure 1-2: Point-to-Point Configuration

Endpoint

Mode

Endpoint

Mode

1-9

LAN-to-LAN Configuration

Point-to-Multipoint

You can connect wired LANs in different buildings using the LAN-to-LAN Multipoint

feature. At least one of the APs is configured as a Multipoint AP, called the Central AP.

The Central AP can communicate directly with up to six APs. The six APs a re configur ed

as Endpoints, which can only communicate directly to the Central AP. The Central AP

allows the Endpoint APs to communicate with each other through the Central AP.

A Central AP uses an omni-directional antenna so that it can communicate with multip le

APs in different directions. The Endpoint APs usually use a directional antenna pointed at

the Central AP. The directional antenna allows you to increase the distance between APs.

There must be a clear line sight between antennas to avoid a r eduction in the signal level.

NOTE: The RoamAbout R2 Mezzanine option (slot 2) does not support

NOTE

Configuration Examples

LAN-to-LAN Multipoint. This means that an R2 can use its Slot 2 radio to participate as an Endpoint AP in a Point-to-Multipoint configuration, but cannot use its Slot 2 radio to act as a Central AP.

Figure 1-3 provides an example of a Central AP with six Endpoint APs. The Endpoint APs

can only communicate with the Central AP and not directly with each other. Therefore, the

Central AP should be connected to the main wired LAN.

Figure 1-3: Point-to-Multipoint Configuration

Endpoint Mode

Omni-Directional

Antenna

Multipoint Mode (Central AP)

Endpoint Mode

1-10

LAN-to-LAN Configuration

Omni-Directional

Antenna

Endpoint Mode

Building A

Multipoint Mode (Central AP)

Endpoint Mode

Building B

Multipoint Mode

(Central AP)

Endpoint Mode

Building B

Multipoint Mode

(Central AP)

Endpoint Mode

Building B

Multipoint Mode

(Central AP)

Figure 1-4 provides an example of two Central APs in the same Po int-to-Multipoint

configuration. In this configuration, six APs are configured to communica te with the same

Central AP. You can configure one or more of those six APs as a Central AP to

communicate with up to five additional APs. If using an Access Point 2000, this

configuration requires the Wireless Relay parameter to be enabled.

Figure 1-4: Point-to-Multipoint-to-Multipoint Configuration

Area 1

Endpoint Mode

Omni-Directional

Antenna

Building A

Multipoint Mode (Central AP)

Endpoint Mode

Area 2

Endpoint Mode

Building B

Multipoint Mode

(Central AP)

Endpoint Mode

1-11

LAN-to-LAN Configuration

In Figure 1-4, Building A is the Central AP for Buildings A1 through A5 and Building B. However, Building B is also the Central AP f or Building A and Buildings B1 through B5. You could expand this one further by making Building B3 a Central AP for five other buildings, although adding additional hops may decrease network performance.

To avoid bridgi ng problems , do not configur e an AP as an Endpoin t for more than one Central AP. In Figure 1-4, you would not configure Building B1 as an Endpoint to communicate directly to Building A.

Preventing Network Loops

It is important to avoid Point-to-Multipoint configuratio ns that wi ll caus e brid ge lo ops. A

bridge loop occurs when two parallel network paths are created between any two LANs,

causing packets to be continuously regenerated through both parallel paths. This situation

eventually renders the network unusable due to the ex cessive traffic that is being generated

by the loop. The AP Spann ing Tree function corrects this type of problem by shutting down

the port and possibly shutting down a segment of the network.

Figure 1-5 provides examples of configurations that cause Network Loops.

Building A

Multipoint Mode

Figure 1-5: Network Loops

Building B

Multipoint Mode

Building C

Multipoint Mode

Building A

Multipoint Mode

(Central AP)

Building B

Endpoint Mode

Wired or Fiber Link

Building C

Endpoint Mode

1-12

RoamAbout R2 Configuration Examples

This section provid es confi gurati on examples using t he RoamAb out R2 (wi th the tw o-slot

option).

Restrictions

• The RoamAbout R2 slot 2 does not support LAN-to-LAN Multipoint.

• If two 802.11b PC Cards are installed in the RoamAbout R2 Wireless Access Platform,

one of the PC Cards must be conn ected to the Range Extender Antenna to prev ent radio interference between the two cards. The antenna must be placed at leas t two feet away from the RoamAbout R2.

• The 802.11 PC Cards must be at least 5 channels apart from each other.

Workgroup Mode (both slots) Example

Figure 1-6 shows a RoamAbout R2 with both slots configured in Workgroup mode.

Figure 1-6: Workgroup Configuration

R2 With Mezzanine Option

Slot 2

Workgroup

Mode

Slot 1

Workgroup

Mode

WNG_21

1-13

RoamAbout R2 Configuration Examples

Workgroup Mode and LAN-to-LAN Example

Figure 1-7 shows two RoamAbou t R2s in different buildings using an out door directiona l

antenna to connect the LANs in those buildings. Each RoamAbout R2 contains two radio

slots; one slot configured in Workgroup mode, and one slot configured in LAN-to-LAN

Endpoint Bridge mode.

In addition, a RoamAbout R2 can be configured for multipoint mode ( slot 1 only), con nect

to an omni-directional antenna, and connect to other APs.

Figure 1-7: Workgroup and LAN-to-LAN Endpoint Configuration

Slot 2

Workgroup

Mode

Slot 1

Endpoint

Mode

Slot 2

Endpoint

Mode

Slot 1

Workgroup

Mode

1-14

Ad-Hoc Network

Client D

Wireless ad-hoc networks do not include APs. Instead, the ad-hoc network is a loose

association, or workgroup, of computers that can communicate with each other using the

PC Card in Ad-Hoc Mode. Figure 1-8 shows an ad-hoc network.

The ad-hoc network is also kno wn as a peer-t o-peer network or inde pendent netw ork. The

size of the ad-hoc network coverage area is determined by various factors, such as

proximity and obstacles in the environment. In Figure 1-8, Client D has a coverage area

(shown in gray) that touches all the other clients. This client can communicate with the

other clients. Client C’s coverage area does not touch Client A. These clients cannot

communicate unless they move closer together.

The number of clients that the ad-hoc network can support is determined by the network

utilization of each client. For example, a large number o f clients could use the networ k for

reading e-mail with very good network performance, but a few clients transferring large

files could slow the network response time for all the clie nts.

Figure 1-8: Ad-Hoc Network

Ad-Hoc Network

Client A

Client B

Client C

Client D

1-15

Optional Antennas

The RoamAbout PC Card has two integrated antennas that perform best in an open

environment with as few obstacles as possible. Depending on the environment and wireless

network configuration, you may need an optional antenna.

The following sections describe the types of optional antennas available with the

RoamAbout product s.

Vehicle-Mount Ant enn a

The RoamAbout Vehicle-Mount antenna (Figure 1-9) is a 5 dBi omni-directional antenna

that connects vehicles with an on-board client to the wireless network. The sturdy design

allows you to mo unt it on vehicles, su ch as the ro of of a fork-lif t truck, to allow conti nuous

access to networked data, whether inside or outside of the building.

You connect the Vehicle-Mount antenna to the PC Card using the special 2.5 meter (8 foot)

cable. To connect an antenna to the PC Card, insert the connector into the socket on the

extended side of the PC card. To protect the socket from dust, it is shielded with a cap. You

must remove the cap. For mounting and installation instructions, see the RoamAbout

Outdoor Antenna Site Preparation and Installation Guide.

Figure 1-9: Vehicle-Mount Antenna

ap d

A t a

at H

t i

a .1 2

i-G H

G N

K R O

W T

E N

S E

L E R

F O

N A L

S E

L E

R I

O D E

E R F

H T

Y O

N E

WNG_07

1-16

Optional Antennas

Range Extender Antenna

Use the Range Extender Antenna (Figure 1-10) to ensure optimal transmission and reception quality for situations where the integrated antennas are shielded, such as:

• The wireless device, such as a desktop client, is close to metal surfaces.

• The wireless device is installed in a hidden location, such as in a cabinet.

• Objects shield the wireless device.

• Using the RoamAbout R2 Mezzanine slot upgrade option, where two 802.11b PC

Cards are installed in the RoamAbout R2 Wireless Access Platform. One of the PC Cards must be connected to the Ra nge Extender Antenn a to prevent radio interference between the two cards. In this case, the antenn a must be p laced at least two feet away from the RoamAbout R2.

The Range Extender antenna has a mounting bracket and a base for vertical positioning that allows you to place the antenna on top of a table or cabinet, or attach it to the wall or ceiling. To connect an antenna to the PC Card, insert the connector into the socket on the extended side of the PC card. To protect the socket from dust, it is shielded with a cap.

CAUTION: To avoid damage, do not place the Range Extender Antenna on top of, or close to a monitor. Man y computer monitors have a degauss option. An electromagnetic discharge that may occur when degaussing the monitor may damage the antenna.

Figure 1-10: Range Extender Antenna

r e t p a

t A a d R

c i

t D i b 1 .

a 2 g i 0 8

i H

N I

S E

I W F

O M O

D E E

R F E

H T Y

O J N E

WNG_08

1-17

Optional Antennas

Outdoor Antenna Kit

There are two RoamAbout antennas available for outdoor use:

• 14-dBi directional antenna

• 7-dBi omni-directional antenna

The RoamAbout outdoor antennas support outdoor LAN-to-LAN wireless links that are used to connect separate LANs. The directional antenna is typically used in a Point-to-Point wireless link. The omni-directional antenna is typically used in a Point-to- M ultipoint configuration. The omni-directional antenna can also be used in a wireless infrastructure network.

Refer to the RoamAbout Outdo or Ante nn a Si te Pr epa ra t ion a nd Installation Gu ide , or the RoamAbout web site for more information: http://www.enterasys.com/wireless.

1-18

Understanding Wireless Network

This chapter describes many of the wireless n etworking co ncepts and cha racteristics. You should be familiar with this information before you design, implement, or manage a RoamAbout wireless network. Not all characteristics ap ply to all of the network configurations.

Some of the features listed are not available with earlier versions of the AP and the PC Card driver. Review the Release Notes to d etermine if a feature is supported b y your AP version and client version.

In This Chapter

Information in this chapter is presented as follows:

Chapter 2

Characteristics

Topic Page

Wireless Network Name 2-2 Access Point MAC Addresses 2-3 RoamAbout R2 MAC Addresses 2-3 Channel Frequencies 2-4 Transmit Rate 2-5 Communications Quality 2-7 Data Throughput Efficiency 2-8 AP Density and Roaming 2-8 RTS/CTS Protocol 2-9

802.11 Power Management 2-11 Security 2-12

Network Operating System Security 2-12 RoamAbout AP Secure Access 2-12

2-1

Wireless Network Name

Topic Page

Wired Equivalent Privacy (WEP) Encryption 2-13 Authentication 2-14

802.1X Rapid Rekeying 2-16 SNMP Community Names 2-19 Console Port Security 2-19

Network Protocols 2-20 Wireless Traffic 2-20 Spanning Tree Protocol 2-22 VLANs 2-23 RoamAbout SNMP Management 2-26

Wireless Network Name

A wireless network name, also called an SSID, is the name of the wireless infrastructure network. To add an AP to an existi ng wireless network, confi gure the AP with the nam e of the wireless network. To create a new wireless infrastructure network, configure the AP with a unique wireless network name. The wireless network name is case sensitive.

The AP has a Secure Access feature. When enabled, the AP does not broad cast its network name, and it only accepts connections from clients configured with the correct name. Users of operating systems like Windows XP will not see the name show up automatically in wireless LAN configuration dialogs.

When Secure Access is disabled, users can configure clients without a network name by leaving the network name fiel d blank or using ANY (all uppercase) as the wireless network name, and still connect to the network. Users of operating systems like Windows XP will be able to view the network name in wirele ss LAN configuration dialogs.

The AP does not use a wireless network name in a LAN-to-LAN configuration.

2-2

Access Point MAC Addresses

The MAC address is a unique identifier for networking devices. Each LAN device (including Ethernet cards, bridges, routers, and gateways) is identified by a unique factory-set MAC address:

• One MAC address for the wired Ethernet interface, which is printed on the AP.

• One MAC address for the RoamAbout PC Card installed in the AP, which is printed

on a label on the back side of the card.

RoamAbout wireless clients are identified by the MAC address of the RoamAbout PC Card. You cannot change the universal MAC address of a networking device.

RoamAbout R2 MAC Addresses

The RoamAbout R2 has the following MAC Addresses allocated to it:

• One MAC address for the wired Ethernet interface, which is printed on the AP.

Access Point MAC Addresses

• One MAC address for each RoamAbout PC Card installed in the AP, which is prin ted

on a label on the back side of the card.

• One MAC address for the Spanning Tree. This MAC address is the wired MAC

address plus 10 hex. For example, if the RoamAbout R2 MAC Address is xx-xx-xx-xx-xx-40, the Spanning Tree MAC Address will be xx-xx-xx-xx-xx-50.

If using SNMP, you may see additional MAC Addresses, starting with the MAC address printed on the AP. These additional 30 MAC Addresses are used internally and do not generate network t raffic.

2-3

Channel Frequencies

The channel sets the center radio frequency for the wireless device. The RoamAbout PC Card can support up to 14 channels; however, the number of available channels varies in different countries.

• APs within the same wireless infrastructure network can be set to different channels.

You can change the channel in an AP. The client au tomatically uses the same channel as the AP.

• Wireless clients automatically switch to the AP’s channel when roaming between APs

in a wireless network; for example, there are two APs in a wireless network where AP 1 uses channel 1 and AP 2 uses channel 6. When connected to AP 1, the client automatically uses channel 1. When roaming to AP 2, the client automatically changes to channel 6.

• To avoid radio interference, adjacent APs should be set to different channels that are

at least five channels apart. The APs do not necessarily have to be in the same wireles s network. For example, you have three APs whose coverage areas overlap; set the channels to 1, 6 and 11, if possible.

Due to local radio regulations, not all channels are available in all countries.

NOTE

NOTE: If you have two 802.11b PC Cards installed in the RoamAbout R2, the channels between the PC Cards must be at least 5 channels apart from each other.

• In a LAN-to-LAN configuration, the APs must be set to the same channel.

• In an Ad-Hoc network, all clients must use the same channel to communicate. The

client uses a default channel which cannot be changed, with the exception of Mac and Windows XP clients. You can set the channel on Mac and Windows XP operating systems.

See “Supported Frequency Sub-Bands” on page A-3 for a list of channels s uppor ted by country.

2-4

Transmit Rate

The transmit rate identifies the preferred data transmission speed of the AP. The actual data transmission speed is subject to the type of PC Cards at both ends of the wireless link and the communications quality of the link.

Transmissions at faster rates allow for higher data throughput and quicker network response times. However, transmissions at lower rates are usually more reliable and cover longer distances than the higher rates. You might use a lower rate when the client is at the extreme edge of the coverage area (see Figure 2-1). Using a lower rate covers the longer distance more reliably than a higher rate.

As shown in Figure 2-1, an AP can have clients using different transmit rates in a wireless infrastructure network.

The following sections describe the auto rate and fixed rate settings.

Figure 2-1: Using Various Transmit Rates

Transmit Rate

Lower

Rate

Fixed

Higher

Rate

Intermittent

Noise

Higher

Rate

2-5

Transmit Rate

Auto Rate

With the auto rate option, the PC Card in a client or AP automatically switches to the next lower rate when data transmissions fail more than once. Shortly after completing the transmission, the PC Card returns to transmitting data at the higher rate.

In most environments, Auto Rate allows the PC Card to use a higher rate for better data throughput, yet the PC Card can still use the more reliable slower rate when transmissions fail. A transmission can fail when the network experiences sporadic noise interference.

Also use Auto Rate if you have APs with 11 Mbit/s PC Cards an d a mix of clien ts with 11 Mbit/s and 2 Mbit/s PC Cards. The AP can communicate with both types of clients, but can communicate with the 11 Mbit/s clients at a higher rate than the 2 Mbit/s clients.

Fixed Rate

A fixed rate setting prevents the PC Card from retransmitting at a lower rate after a failed transmission. One example of why you would do this is when a microwave oven in the area produces noise in the same frequency as the wireless network (see Figure 2-1). The interference only occurs when the machine is in use. The interference may temporarily disrupt communications between a client and the AP.

After a transmission fails more than once, the AP retransmits at a lower rate. However, the interference also prevents communication at the lower rate. Retransmitting at a lower rate does not solve the problem and could decrease network performance. With fixed rate enabled, the AP cannot retransmit at a lower rate.

Using a fixed low rate is useful in networks where range is more important than speed, especially when network response times are affected by numerous retrans missions and the communications quality is low due to a low signal level. Setting the transmit rate to a low rate prevents the AP from slowing network response times b y tran smitting data unsuccessfully at a higher rate then retransmitting at a lower rate.

A fixed transmit rate does not affect the receive rate. For exampl e, an AP and a client both have 11 Mbit/s PC Cards, but the client is fixed to only transmit at 2 Mbit/s. The AP can send data at 11 Mbit/s to the client, and the client can respond by sending data at 2 Mbit/s.

You should not set the AP to a fixed rate of more than 2 Mbit/s if you have clients with 11 Mbit/s and 2 Mbit/s PC Cards. Otherwise, the 2 Mbit/s clients cannot communicate with the AP. The 2 Mbit/s clients can only receive data at a maximum of 2 Mbit/s.

2-6

Communications Quality

Communications quality is measured by the Signal to Noise Ratio (SNR). The SNR is a dynamic indicator that indicates the relative strength of the radio signal (signal level) versus the radio interference (noise level) in the radio signal path. In most environments, SNR is a good indicator for the quality of the radio link between transmitter and receiver. A higher SNR value means a better quality radio link.

The RoamAbout Client Utility allows you to monitor the SNR, signal level, and noise level at the client. The Client Utility is provided on the RoamAbout 802.11 PC Card Drivers and Utilities CD-ROM, or you can download it from the RoamAbout Wir eless web site.

For the AP, the RoamAbout AP Manager provides a Link Test diagnostic too l that monitors the SNR, signal level, and noise level between the AP and a remote wireless device.

Signal Level

The signal level values give you an indication of the distance between wireless devices. Using the RoamAbout Client Utility, you can observe a decrease of the signal level value when you move a client away from its AP. As an indicator for the communications quality, signal level should always be interpreted in combination with noise level:

Communications Quality

• A high signal level with a low noise level p rovides excellent co mmunications qu ality.

• A high signal level with a high noise level results in an average or poor SNR.

Communications may not be as good as expected despite the strong signal level.

• A low signal level may still provide adequate communications when the noise level is

relatively low.

Noise Level

The noise level indicates the presence of interference. Noise can be generated by various devices such as microwave ovens (2.4 GHz), elevator motors, and theft detection devices (like those used in retail stores). Noise level should always be re lated to the signal level:

• A low noise leve l with a h igh si gnal l evel prov ides excellent co mmuni cations qu ality .

• A medium or high noise level with a high signal level re sults in an average or poor

SNR. Communications may not be as g ood as expected despite the strong signal level.

• A high noise level most likely provides poor communications when the signal level is

medium or low.

2-7

Data Throughput Efficiency

Data throughput efficiency is measured in transmission s sent, lost, or received. When a data transmission fails, the wireless device autom atically retransmits the data. It is normal in many environments for a transmission to fail occasionally. Data is not lost since the wireless device automatically retransmits the data frames.

Many failed transmissions may result in longer network response times. Numerous retransmissions require more time and bandwidth to maintain network communication while contributing to the congestion of the medium. You can determine the number of retransmissions in a wireless network using the RoamAbout Client Utility. The client utility is provided in the RoamAbout PC Card kit and is installed on clie nts.

AP Density and Ro ami ng

The AP Density is an advanced value that changes the s ensitivity of the roaming client. The distance range between RoamAbout APs listed below are estimated, and may differ depending on your operating environment.

• Low (default). The Low setting provides maximum coverage using a minimum

number of APs. This option is typically used for single-cell networks, but also provides an efficient and cost effective solution for networks that include multiple wireless clients. The coverage area ranges up to approximately 60+ meters.

• Medium. The Medium setting can be used for environments where you desire clients

to disassociate sooner and roam to communicate at shorter distances/higher speeds than the Low setting. The coverage area ranges approximately 40 to 60 meters.

• High. The High setting should only be used when you are designing a wireless

infrastructure that includes a high concentration of AP devices. The coverage area ranges approximately 20 to 40 meters.

• Minicell. The Minicell setting should be used when you want to create small coverage

areas. The coverage area distance range is approximately 10 to 20 meters.

• Microcell. The Microcell setting should be used when you want to create extremely

small coverage areas. The distance range is approximately 5 to 10 meters.

The AP has a Medium Densi ty Distribution paramete r that automatically dis tributes the AP density setting to the RoamAbout wireless clients with the V7.44, or higher, driver. This parameter is enabled by default.

2-8

RTS/CTS Pr otocol

Each device in a wirele ss network can sense tr ansmissions from other devices in its network that use the same frequency. To avoid collisions and lost data, a device only transmits when it senses that no other device is transmitting. This behavior is referr ed to as th e Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) p roto col. The RTS/C T S (Request to Send/Clear to Send) protocol is useful when collisions do occur. Collisions can occur if two clients are unable to sense each other’s transmissions and simultaneously transmit to the AP.

The RTS/CTS protocol forces a wireless device to perform the following:

• When a packet to be transmitted is shorter than the RTS/CTS th r e shold, the device

transmits when it senses that the medium is free. The RTS/CTS protocol is not used. A shorter packet is less likely to have a collision than a longer packet.

• When the packet exceeds the threshold, the device sends an RTS message and waits

until the receiving device responds with a CTS message.

The RTS message includes the length of the frame that the device wishes to transmit. The receiving device includes this information as a radio-silence time indicator in its CTS response message. The CTS message annou nces to all the d evices in the wir eless network which device is allowed to transmit its message. All other devices defer their transmissions for the radio-silence time identified in the CTS message.

RTS/CTS Protocol

The RoamAbout AP allows you to set the RTS Threshold on the AP, and to set a Remote RTS Threshold for clients to avoid a hidden station problem.

RTS Threshold

The RTS Threshold on a RoamAbout AP specifies the packet size of transmissions, where messages larger than the specified size must use the RTS/CTS pro tocol. The default value, 2347, effectively turns off the RTS Threshold.

A lower RTS Threshold is useful when collisions frequently occur at the AP. This can be caused when the AP and a client (or AP in a LAN-to-LAN configuration) transmit data to each other simultaneously. A lower RTS Threshold forces the AP to send an RTS to the device before transmitting a packet that exceeds the threshold. The AP waits until the device responds with a CTS message.

Lowering the RTS Threshold imposes additional network overhead that could negatively affect the throughput performance. You should only lower the RTS Threshold when the wireless network experiences frame collisions and lost messages.

2-9

RTS/CTS Protocol

Client B

Hidden Station

A wireless device is a hidden station when its transmissions cannot be sensed by another wireless device in the same network. Therefore, multiple devices could tran smit at the same time. This problem can occur with clients located at opposite ends of an AP coverage area.

Figure 2-2 illustrates a hidden st ation example. Clients A and B are within range of the AP.

However, Client B cannot sense transmissions from Client A, since Client A is outside of Client B’s coverage area (shown in gray). Client B could transmit while Client A is transmitting. Therefore, messages of both Client A and B collide when arriving simultaneously at the AP. The collision results in a loss of messages for both clients.

Figure 2-2 also illustrates that Client C is not hidden from the other clients.

Figure 2-2: Hidden Station Example

Client B

Client A

Client C

To avoid a hidden station problem, move the clients or AP if possible so that the devices can sense each other’s transmission s. Otherwise, enable Remote RTS Threshold o n the AP. Do not change the RTS Threshold on the AP.

Enabling Remote RTS Threshold forces the client to send an RTS to the AP before transmitting a packet that exceeds the threshold. The client waits until the AP responds with a CTS message. However, enabling Remote RTS Threshold imposes additional network overhead that could negatively affect the data throughput performance. You should only use this setting when the density of clients and APs is low and you witness poor network performance due to excessive frame collisions at the APs.

2-10

802.11 Power Management

Power management can extend the battery life of clients by allowing the client to sleep for short periods o f time while its messag es are buffered by the AP.

You may need to balance wireless performance versus battery-life. Power management imposes a more active use of the wireless medium, which might lead to more frequent transmission delays experienced as slower network response times during file transfers. With slower response times, the client may spend more time in operational mode resulting in less effective power management. In such cases, disabling power management on the client might result in better throughput per for mance.

The RoamAbout PC Card 802.11 power management is separate from any power managem ent function on your computer.

RoamAbout AP

The RoamAbout AP automatically supports 802.11 power management. The only parameter that can be set is the Delivery Traffic Indication Message (DTIM) interval, which sets the buffering time. The default value of 1 corresponds to 100 milliseconds of sleep time. It is highly recommended that you do not change this value.

802.11 Power Managemen t

RoamAbout Client

You can enable or disable power management on a RoamAbout client. With power management enabled, the client goes int o sleep mode to minimize power consumption. The wireless traffic is buffered in the AP that the client uses to connect to the network.

The client checks for network traffic addressed to the client at regular intervals. If there is no traffic addressed to the client, the client returns to sleep mode. If traffic is buffered at the AP, the client collects the buffered messages prior to returning to sleep mode. The following discusses how power management can impact data throughput of the wireless network.

• Power management causes little or no difference in network performance when using

transaction processing applications, such as hand -held scanners or clients that us e the wireless network only to send and receive e-mail.

• You may experience longer network response times when you transfer large files

between the network and the client while power management is enabled. The size of the files and the recurrence of file transfers are a factor. If modifying a document over the network, any auto save feature could cause frequent file transfers.

• The AP could cause longer network respo nse times if a number of clients use the same

AP for buffering messages while in slee p mode.

2-11

Security

The following lists the types of security in a RoamAbout wirele ss environment:

• Network operating system security

• RoamAbout AP Secure Access

• Wired Equivalent Privacy (WEP) Encryption

• Simple Network Management Protocol (SNMP) community names

• SNMPv3 (RoamAbout R2 only)

• Device Authentication, which requires a RADIUS (Remote Authentication Dial-In

User Service) server. Authentication can be based on: — MAC address

— 802.1X — Both MAC address and 802.1X

• 802.1X Rapid Rekeying

• Console port password

• Address Filtering (see “Filters” on page 2-21)

Network Operating System Security

To access networking data or services, a wireless client needs to run an appr opriate network operating system. Most network o perating sys tems use s tandard security measures such as login names and passwords. When you follow the standard network security procedures and guidelines recommended for your network operating system, an unauthorized user cannot access network data or services without the appropriate user name and password. For detailed information, consult the documentation that came with the network op erating system or refer to the reseller of your LAN software.

RoamAbout AP Secure Access

When Secure Access is enabled, the AP denies access to wireless clients that do no t use the correct wireless network nam e. In addition, the AP does not broadcas t its network name, so that clients with operating systems like Windows XP d o not s ee the name s how u p in wireless LAN configuration dialogs.

When disabled, users can configure clients by leaving the network name field blank or using ANY (all uppercase) as the wireless netw ork name, and still co nnect to the networ k. Clients will be able to view the network name in wireless LAN configuratio n dialo gs .

2-12

Wired Equivalent Privacy (WEP) Encryption

The WEP feature encrypts all data transmitted within the wireless network. The encryption uses the RC4 algorithm as defined in the IEEE 802 .11 Wired Equ i valent Privacy s t andar d.

Security

NOTE

NOTE: Broadcast and multicast messages are not encrypted.

The RoamAbout devices can be configured with four encry ption key s. Each key is placed in a specific position (Key 1, Key 2, Key 3, or Key 4). You select one key to encrypt transmitted data. To decipher the data, the receiving wireles s device must have the key used to encrypt the data in the same position as the sending device.

The receiving device can transmit data back to the sending device using a different key for transmission, as long as the other device has the transmittin g key in the same position. In

Figure 2-3, the AP uses Key 1 to encrypt transmitted data, which the client can decipher.

The client uses Key 2 to encrypt transmitted data, which the AP can decipher. If the AP uses Key 3 to encrypt t ransmitted data, it cannot be deciphered by the client. The Bobss k ey is Key 3 on the AP but Key 4 on the client.

Figure 2-3: Using Encryption

Key 1 = Je3ff Key 2 = Vicki Key 3 = Bobss Key 4 = [No Entry]

Transmit Key = 2

Transmit Key = 1

Key 1 = Je3ff Key 2 = Vicki Key 3 = Freds Key 4 = Bobss

In a wireless infrastructure network, you can configure the APs to :

• Only accept encrypted data from clients. Only clients that have the correct encryption

keys can participate in this network.

• Accept encrypted data from clients with encryption enabled, and unencrypted data

from clients without encryption enabled. This allows clients who require security to use encryption without preventing other clients from using the network.

In a LAN-to-LAN configuration, use encryption to have a secure wireless link. In an ad-hoc network, use encryption to prevent uninvited users from joining the network.

2-13

Security

Authentication

The RoamAbout AP supports authentication of wireless workgroup clients. An AP can authenticate clients based on:

• MAC address

• 802.1X

• Both MAC address and 802.1X (Hybrid authentication)

When using any of these types of authentication, you must configu re the AP as a RADIUS client.

RADIUS Client

RADIUS (Remote Authentication Dial In User Service) is a protocol that the AP uses to communicate with a remote Authentication Server. Separating the Authentication Server from the AP means that several APs can share the same centralized authorization database. However, it also means that to successfully authenticate wireless clients, you must configure the AP as a RADIUS client.

When configured as a RADIUS client, the AP passes user authentication information to a designated RADIUS Server. The RADIUS Server receives inbound user connection requests, processes the requests to authenticate the user, then responds to the AP with the necessary information to deliver service to the user. The AP acts on the response that is returned by the RADIUS Server to allow or deny the user’s access to the network.

The AP and RADIUS Server authenticate transactions through the use of a shared secret, which is never sent over the network. They use the shared secret to encrypt RADIUS attributes containing passwords or other sensitive data. This network security greatly reduces the possibility of disclosed passwords or divulged secrets.

If you enable authentication on the AP without configuring it as a RADIUS client, the AP will be unable to contact the Authentication Server. Therefore, the AP will assume that all of the clients on the controlled ports are unauthorized and will prevent access to the LAN.

MAC Address Authentication

MAC address authentication is a form of authentication that does not place any special requirements upo n cl ie nts. The RADIUS Server is configured with the MAC a ddres s e s o f the wireless clients. When a client associates with the wireless LAN, the AP uses the client’s MAC address as the user name. The client is unaware that a MAC address authentication is taking place, except to the extent that the AP blocks LAN access as a result.

2-14

Security

802.1X Authentication

IEEE 802.1X authentication allows logins based on user n ame, password, user certificates, and other methods that may be mutually supported by the authentication server and the clients. Only clients that support 802.1X can participate in a wireless network that uses this type of authentication.

IEEE 802.1X authentication also imposes more requirements on the RADIUS server. For MAC address authentication, a RADIUS server only needs to handle RADIUS. For

802.1X, the server must also hand le EAP (Ex tensib le Authen tication Protoco l) an d o ne o r more protocols, such as MD5 (Message Digest 5) or TLS (Transport Layer Security). Microsoft Windows 20 00 Advanced Server is one example of a p roduct that suppor ts all of the protocols needed for 802.1X.

Some login methods associated with IEEE 802.1X provide a way by which an AP can securely distribute radio keys. When all of the clients on a wireless LAN use such login methods, it becomes practical to use Rapid Rekeying. Rapid Rekeying enhances security by frequently changing radio encryption keys, reducing the time to decode and use an encryption key.

Hybrid Authenticati on

Hybrid authentication is a special authentication mode for sites under goin g a transition to IEEE 802.1X. The AP uses both MAC address and 802.1X authentication. 802.1X takes precedence, but in the absence o f 802 .1X replies fr om a clien t, the AP grants access based on the MAC address . This a llows you to intr oduce IEEE 80 2.1X cli ents with out disr upting non-802.1X clients’ access to the LAN. However, this prohibits the use of the Rapid Rekeying feature.

Rapid Rekeying is not available in this authentication mode. The MAC address clients would not be able to keep up with the radio key changes, and would lose connectivity to the LAN.

2-15

Security

802.1X Rapid Rekeying

Rapid Rekeying, also known as Key Tumbling, provides automatic IEEE 802.11 WEP encryption key generation and frequent redistribution of WEP keys.

The following information applies to using Rapid Rekeying:

• Rapid Rekeying requires the use of 802.1X authentication. Unauthen ticated clients and

MAC address authentication clients cannot receive updated WEP keys, and would soon lose connectivity to the LAN.

• Rapid Rekeying automatically disables user-specified WEP encryption keys.

• Rapid Rekeying requi res the us e of an EAP login meth od that gener ates s essi on keys,

and the use of a RADIUS server that will distribute those keys to the AP. The AP uses the session keys to encrypt the WEP key distribution mes sages. Clients without session keys do not get new WEP keys.

• EAP-TLS authentication using X.509 certificates on the clients will work with Rapid

Rekeying.

• EAP-MD5 password authentication will not work with Rapid Rekeying. EAP-MD5

does not negotiate session keys.

• Token based authentication will work with Rapid Rekeying if the tok en based

authentication uses a TLS based method, such as TTLS or PEAP. The requirement is that there are TLS session keys negotiated and retained by the client and the AP.

The following describes how the AP introduces new key pairs.

1. The AP and clients are using the exis ting keys at the begin ning of the Rapid Rekey ing

encryption cycle.

AP Client

Key # Encryption TX/RX State TX/RX Encryption

Key1 aaaaaaaaaaaaaa RX Active TX aaaaaaaaaaaaaa Key2 bbbbbbbbbbbbb TX Active RX bbbbbbbbbbbbb Key3 xxxxxxxxxxxxx Inactive xxxxxxxxxxxxx Key4 xxxxxxxxxxxxx Inactive xxxxxxxxxxxxx

2-16

Security

2. The key period expires. The AP creates two new random keys and loads them into the

inactive authenticator key indexes ( Keys 3 and 4 in this example). The keys are not yet used for transmission or reception.

AP Client

Key # Encryption TX/RX State TX/RX Encryption

Key1 aaaaaaaaaaaaaa RX Active TX aaaaaaaaaaaaaa Key2 bbbbbbbbbbbbb TX Active RX bbbbbbbbbbbbb Key3 cccccccccccccc Inactive xxxxxxxxxxxxx Key4 ddddddddddddd Inactive xxxxxxxxxxxxx

3. The AP begins transmitting the new key pair to the authenticated clients in the

supplicant list. When a client receives the new keys, it immediately begins transmitting using the new TX key. The AP does not use the new TX key until the message has been transmitted to all clients. During this time, the AP accepts transmissions on both the old and new RX keys. Note that a client can only have one TX key. The following table shows that some clients use Key1 as the TX key while other clients use Key 3.

AP Client

Key # Encryption TX/RX State TX/RX Encryption

Key1 aaaaaaaaaaaaaa RX Active TX aaaaaaaaaaaaaa Key2 bbbbbbbbbbbbb TX Active RX bbbbbbbbbbbbb Key3 cccccccccccccc RX Active TX cccccccccccccc Key4 ddddddddddddd Inactive ddddddddddddd

2-17

Security

4. Once the AP transmits the new keys to all clients in the supplicant list, it begins using

the new TX key (Key4). At this time all supplicants are using Key3 as their TX key.

AP Client

Key # Encryption TX/RX State TX/RX Encryption

Key1 aaaaaaaaaaaaaa Inactive aaaaaaaaaaaaaa Key2 bbbbbbbbbbbbb Inactive bbbbbbbbbbbbb Key3 cccccccccccccc RX Active TX cccccccccccccc Key4 ddddddddddddd TX Active RX ddddddddddddd

5. The key period expires. The AP creates two new random keys, loads them into the

inactive authenticator key indexes (Keys 1 and 2 in this example), and repeats the process (starting at step 3).

AP Client

Key # Encryption TX/RX State TX/RX Encryption

Key1 eeeeeeeeeeeee Inactive aaaaaaaaaaaaaa Key2 fffffffffffff Inactive bbbbbbbbbbbbb Key3 cccccccccccccc RX Active TX cccccccccccccc Key4 ddddddddddddd TX Active RX ddddddddddddd

2-18

SNMP Community Names

The SNMP community n a me all ows man a gemen t t ool s usi ng S NMP to di s pla y or m odi fy AP parameters remotely.

The RoamAbout R2 supports SNMPv3. To access the RoamAbout R2 parameters via SNMP, the management tool must know the Authentication Password and Privacy Password. To support management tools using SNMP v2 or SNMPv1, the R2 provides four community names that allow SNMPv1 and SNMPv2c read-only and read-write access. Th e names are disabled by default with the exception of Community Name #1, which is set to public. The community names are only accessible from the R2 console port.

The AP 2000 supports a read/write community nam e and a read-only community name. By default, the AP uses public as the default read/write community name. This allows any management tool using SNMP to access the AP and change parameters. By changing the read/write community name, users must enter the correct community name to modify the AP parameters. The r ead-o nly co mmunity name allows the managem ent t ool s t o v ie w but not change the AP parameters. You can chan ge the read-only name so that users must enter the correct name before they can view the AP parameters.

Security

Console Port Security

RoamAbout Access Point 2000

The RoamAbout Access Point console port has two security features:

• You can configure the console port to require a password before users can access the

Installation Menu.

• You can configure the console port to prevent any management system from using

SNMP to modify the encryption parameters.

RoamAbout R2

The RoamAbout R2 console port supports SNMPv3, and has the following security features:

• Access to the console requires a password. The username is “admin” and the default

password is “password”. The password must be a minimum of eight ASCII characters, and is case-sensitive.

• The ability to enable or disable Web management and Telnet.

2-19

Network Protocols

When you install a RoamAbout PC Card in a computer using a Windows operating system, you may need to install and config ure a set of netwo rking pro tocol s. The typ e of prot ocols needed depends on the network operati ng system used within your LAN enviro nment. The most common protocols are:

• IPX/SPX compatible protocols if your networking environment is using the Novell

NetWare network operating system.

• NetBEUI if you want to use file and print sharing supported by Microsoft Client for

Microsof t Networks.

• TCP/IP if you want to connect your computer to a network that uses IP addressing or

you would like to connect to the Internet.

These networking protocols can operate simultaneously with other networking protocols. When you install a RoamAbout PC Ca rd in an Apple computer , you may need to install and

enable Apple’s Open Transport or Apple Classic network protocols along with TCP/IP.

Wireless Traffic

In addition to data, wireless network traffic includes beacons and various types of messages.

Beacons

A beacon is a message that is transmitted at regular intervals by the RoamAbout APs to all wireless clients in the wireless infrastructure. Beacons are used to maintain and optimize communications by helping mobile RoamAbout clients to automatically connect to the AP that provides the best communications quality.

Beacons are transmitted at 2 Mbit/s when the transmit rate is set to auto rate, as described in “Transmit Rate” on page 2-5. If the transmit rate is fixed, the beacons are transmitted at the fixed rate.

2-20

Wireless Traffic

Message Types

When a device in the wireless network transmits data, it can take one of these forms:

• Broadcast: A data message transmitted by one device to all devices in the network.

• Multicast: A data message transmitted by one device to multiple devices in the

network. Unlike broadcast messages, multicast messages do not always include all devices in the network.

• Unicast - A data message transmitted by one device to another device. Broadcast and multicast messages are transmitted at 2 Mbit/s when the transmit rate is set

to auto rate, as described in “Tran smit Rate” on page 2-5 . If the transmit rate is fixed, the broadcast and multicast messages are transmitted at the fixed rate.

Filters

The following filters are only available using the RoamAbout AP Manager, or a Network Management Station that uses SNMP.

The RoamAbout AP has three types of filters:

• Protocol

Use the Protocol filter to NOT forward specific protocol traffic to the wireless network, which can reduce unnecessary traffic and increase the network response time. However, filtering the wrong protocols can negatively affect the operation of the network. When solving network problems, you should clear all filters.

• Address

This filter forwards or does not forward traffic based on the client’s MAC address. — Addresses Denied: A client in the Addresses Denied list cannot access the LAN,

even if the client has been authenticated.

— Addresses Allowed: Clients in the Addresses Allowed list can access the LAN.

Clients must supply their MAC address to the Network Administrator. This filter is essentially ineffective when also using authentication.

• Rate Limiting (AP 2000 only)

Use rate limiting to enable/disable the default rate limiting, and to enter the maximum number of rate-limited frames forwarded per second.

By default, the AP 2000 limits multicast traffic to 100 Kbi t/sec. Changing this parameter could cause multicast traffic to use more network bandwidth. Should a broadcast storm occur when this parameter is disabled, the multicast traffic could cause a serious degradati on of netw ork per form a nce. T he R 2 d oes not s up po rt the mu l ticast rate limiting function.

2-21

Spanning Tree Protocol

Spanning Tree Pr otocol

The RoamAbout AP uses 802.1d Spannin g Tree Protocol to p revent network loop s. A loop occurs when there are alternate routes between networks, as described in “Preventing

Network Loop s” on page 1- 12. A loop can cause bridges to continually forward multicast

traffic and degrade network performance. In normal LAN-to-LAN operation, keep Spanning Tree ENABLED. You should only

disable Spanning Tree when using an application in a configuration that requires it. It is important to avoid Point-to-Multipoint configuratio ns that wi ll caus e brid ge lo ops. A

bridge loop occurs when two parallel network paths are created between any two LANs, causing packets to be continuously regenerated through both parallel paths. This situation eventually renders the network unusable due to the ex cessive traffic that is being generated by the loop. The AP Spann ing Tree function corrects this type of problem by shutting down the port and possibly shutting down a segment of the network.

Using the Access Point 2000

You can enable or disable the Spanning Tree when in Endpoint bridge mode. Spanning Tree is disabled when in Workgroup bridge mode and enabled in Multipoint bridge mode.

Using the RoamAbout R2

You can enable or disable the Spanning Tree in all bridge modes. The default setting is disabled.

2-22

VLANs

A VLAN is a logical part ition of o ne or mor e physi cal networ ks. A sing le VLAN can span multiple LANs, and multiple VLANs can reside within a single LAN. One major benefit of a VLAN is that traffic is restricted to a subset of the physical LAN or LANs. Multicasts are only sent to the VLAN member po rts. Therefore, a VLAN can conserve network b andwidth and improve security.

All the devices in a designated VLAN need not necessarily support VLANs. Devices that receive or generate data, such as a user’s laptop or desktop comp uter, do not need to support VLANs to be part of a VLAN. Instead, a network device, such as a switch, can insert the VLAN ID into the data received from a device in a VLAN. Data containing the VLAN ID is considered “tagged.”

Access Point 2000

The RoamAbout Access Point 2000 only allows or disallows the forwarding of tagged VLAN data in LAN-to-LAN bri dge mo de. Th e AP 20 00 d oes not support configuring the ports as VLAN members.

VLANs

The AP does not forward VLAN data while in workgroup bridge mode.

R2 Access Platform

The RoamAbout R2 supports the forwarding of tagged VLAN data. It does NOT support the following:

• Insertion of VLAN IDs into untagged frames.

• Spanning Trees on a per VLAN basis.

• GARP Multicast Registration Protocol (GMR P) .

• VLAN IDs higher than 2047. The R2 supports VLANs numbered 2-2047.

• Forwarding of VLAN data while the R2 is in workgroup mode. The R2 does not

support VLANs when either slot of the R2 is in workgroup mode.

NOTE

NOTE: VLAN 1 is a default VLAN used by the R2 to allow pass-through of unt agged data. Chan ging the VLAN 1 defaul t settings could prevent the R2 from forwarding untagged data.

2-23

VLANs

Network Configurations

Both the RoamAbout Access Point 2000 and the R2 can be used as a wireless bridge to an existing VLAN. For example, two APs can connect VLANs residing in different buildings, as illustrated in Figure 2-4. The wired side of each AP is connected to a switch that supports VLAN IDs. Switch 1 connects to VLANs Red, Blue, and Green, but only forwards data from VLANs Red and Green. Switch 2, in a different building, connects to VLANs Red and Green. The AP is configured to forward VLAN data.

Figure 2-4: Wireless Bridge Between VLANs

VLANs Red,Blue,Green VLANs Red,Green

Switch 1 AP AP Switch 2

VLANs Red,Green

Figure 2-5 shows a point-to-multipoint configuration. Switch 1 connects to VLANs Red,

Blue, Green, and Purple. R2 (E) is confi gured to forward dat a from VLA N Red to wirele ss endpoint R2(A), VLAN Blue to R2(B), VLAN Green to R2(C), and VLAN Purple to R2(D). This example is only valid for the RoamAbout R2.

Figure 2-5: VLAN Support in Point-to-Multipoint Configuration

VLAN Red

VLAN Blue

VLAN Green

VLANs Red, Blue, Green, Purple

Switch 1

(E)

(A)

(B)

(C)

Switch 2

Switch 3

Switch 4

2-24

(D)

Switch 5

VLAN Purple

Ingress Filtering is always enabled on the RoamAbout R2. That is, the R2 does NOT forward data from a VLAN defined on other ports if it is received on a port that is not configured for that VLAN. In Figure 2-5, should R2(A) be configured incorrectly and forward VLAN Green data from Switch 2 to R2(E), R2 (E) would not forward the data. Although other R2(E) ports are configured fo r VLAN Green, the port receiving the data is not configured for VLAN Green. It is only configured for VLAN Red. Ingress Filtering cannot be disabled.

Static and Dynamic VLAN s

A static VLAN is created when a user manually configures the ports to be Tagged, Untagged, or Forbidden. A dyn amic VLAN is created when the ports are co nfigured via the GARP VLAN Registration Protocol (GVRP), which allows network devices to share their statically configured VLANs. Dynamically configured VLANs are not saved. A reset to the device causes the device to relearn the dynamic VLANs via GVRP. The RoamAbout R2 supports both statically-configured VLAN settings and GVRP-configured settings.

GVRP only distributes statically configured VLAN information to an adjacent device. In

Figure 2-5, should the Switch 1 port connected to R2(E) be statically configured fo r VLAN

Gray, GVRP would configure the R2(E) wired port dynamically for VLAN Gray. The wireless ports would not be configured for VLAN Gray since they are not directly connected to Switch 1. By default, GVRP is disabled on the R2.

VLANs

2-25

RoamAbout SNMP Management

RoamAbout SNMP Manag ement

Access Point 2000

The Access Point supports the Simple Network Management Protocol (SNMP) through any standard Network Management Station (NMS) that supports SNMP. The SNMP management capability enables you to manage standard SNMP MIB characteristics , such as protocol filtering and address filtering.

The Access Point 2000 supports the following MIB objects:

•

DEC ELAN Vendor MIB • IEEE 802.11 MIB

• DEC Extended LAN B ridge MIB • IEEE 8021-PAE-MIB (Port Access Entity)

• DEC Hub900 Common MIB • RFC1157 (SNMP Management)

• DEC RoamAbout MIB • RFC1213 (MIB II)

• Enterasys 802.1X Ext e nsions MIB • RFC1286 (Bridge MIB)

• Enterasys Encrypted 802.1X

Configurat ion MIB

• Enterasys Encrypted 802.1X Rapid

Rekeying MIB

• RFC1398 (Ethernet Interface MIB)

• RFC1493 (IETF Bridge MIB)

• EnterasysPrivate Enterprise MIB • RFC1757 (RMON MIB)

• Enterasys-RADIUS-AUTH-Client-MIB • RFC2618 (RADIUS Authentication Client

MIB)

• HUB PCOM MIB

To perform SNMP management on the AP, you must assign it an IP address. Also, the Network Management Station needs to have the AP read/write community name. The default community name is public.

Refer to the Release Notes for a complete list of supported MIB objects.

2-26

RoamAbout SNMP Management

RoamAbout R2

The RoamAbout R2 suppo rts SNMPv3. If your Netwo rk Management Station (NMS) do es not support SNMPv3, use the RoamAbout R2 console port to config ure the Communities Views for SNMPv1 and SNMPv2c access.

The RoamAbout R2 supports the following MIBs:

•

Enterasys-802. 11 Extensions MIB • RFC1907 (SNMPv3)

• Enterasys Extended Switch MIB • RFC2233 (IF-MIB)

• Enterasys Encrypted 802.1X Rapid

Rekeying MIB

• RFC2571 (SNMP Management

Framework)

• EnterasysPrivate Enterprise MIB • RFC2572 (SNMP MPD)

• Enterasys-R2Management.mi2 • RFC2573n (SNMP Notification MIB)

• Enterasys-RADIUS-AUTH-Client-MIB • RFC2573t (SNMP Target MIB)

• IANAifType-MIB • RFC2574 (SNMP USM)

• IEEE 802.11 MIB • RFC2575 (SNMP VACM)

• IEEE 802.1X MIB • RFC2618 (RADIUS Auth. Client MIB)

• IEEE 8021-P AE -MIB (Port Access Entity) • RFC2665 (Ether-Like MIB)

• RFC1157 (SNMP Management) • RFC2674p (P-Bridge-MIB)

• RFC1213 (MIB II) • RFC2674q (Q-Bridge-MIB)

• RFC1493 (IETF Bridge MIB) • TMSCommonMib

• RFC1757 (RMON MIB) • TMSL3Mib

Refer to the Release Notes for a complete list of supported MIB objects.

2-27

The first step in designing a wireless network is to determine which network configuration best fits your needs. The wireless network configurati ons are discussed in Chapter 1. Once you have chosen a configuration, this chapter lists the v ariou s si te requ irements neces sary for each type of network.

In This Chapter

Information in this chapter is presented as follows:

Chapter 3

Designing and Implementing

a Wireless Network

Topic Page

Infrastructure Network 3-2

Determining the Coverage Area and Supported Users 3-3 Selecting the Location for a Single AP 3-4 Selecting the Locations for Multiple APs 3-5 RoamAbout R2 Mezzanine Special Considerations 3-6 Using Multiple Wireless Infrastructure Networks 3-6 Using an Outdoor Antenna 3-6

LAN-to-LAN Network Configuration 3-7 Ad-Hoc Network 3-8 Wireless Network Hardware Installation Overview 3-9

3-1

Infrastructure Network

To plan a wireless infrastructure network, determine the following:

• Coverage area - the area wher e the c lients ar e located . If the clients ar e mo bile, this is

the area where the clients can connect to the network.

• Supported users - the number of clients that you expect to support.

• Network utilization - how users intend to use the network. Utilization includes

frequently transferring large files (heavy utilization) or only accessing e-mail (light utilization).

These factors, described in the following sections, help you to determine the number of APs needed. Afterwards, you need to examine the AP hardware requirements and the wireless client system requirements.

When designing a wireless network, consider the security issues for your environment. Security can include the following:

• Keeping the AP in a locked closet.

• Using the security cover. A security cover is not included with the Access Point 2000

(contact your Enterasys Representative for more infor m at ion) .

• Preventing unauthorized users from joining the wireless network.

• Using authentication and data encryption to ensure that sensitive data is ke pt privat e.

3-2

Infrastructure Network

Determining the Coverage Area and Supported Users

Coverage area is determined by a number of factors, including physical obstructions and noise leve ls as shown i n Figure 3-1.

The following is an example of the coverage area in a semi-open environment, which is defined as work space divided b y sho ulder- height, ho llow wall elements. The distances in your environment may be different.

• 11 Mbit/s - 165 feet (50 meters)

• 5.5 Mbit/s - 230 feet (70 meters)

• 2 Mbit/s - 300 feet (90 meters)

• 1 Mbit/s - 375 feet (115 meters)

Figure 3-1: Coverage Area

Noise from Microwave

Noise from Elevator Shaft

The faster the transmit speed, the shorter the coverage area at that speed. An AP with an 11 Mbit/s PC Card can communicate with clients up to a distance of 375 feet in a semi-open environment. However, only clients within the first 165 feet can communicate at 11 Mbit/s. Clients between 165 and 230 feet communicate at 5.5 Mbit/s. Clients between 230 and 300 feet communicate at 2 Mbit/s; and clients between 300 to 375 feet communicate at 1 Mbit/s.

3-3

Infrastructure Network

Noise levels in the radio frequencies can reduce the coverage area. Such noise can be generated by microwave ovens and elevator motors. Increasing the AP Density will also reduce the coverage area of a single AP.

A RoamAbout Access Point can support up to 250 users within its coverage area. The RoamAbout R2 supports up to 250 users per slot. However, this number can be significantly reduced by various factors, s uch as noise o r obstruc tions in the cov erage area, and the network utilization by each client. If your desired coverage area is larger or the number of users is greater, you need to install multiple APs.

Be aware of potential hi dden s tation proble ms, as des cribed i n “Hidden S tation” on page

2-10. If possible, arrange the coverage area to minimize or prevent any two clients from

being within range of the AP, but out of range from each other.

Selecting the Location for a Single AP

The AP should be placed as close as possible to the center of th e planned cove rage area. If it is necessary to install the AP in an obstructed location, use the o ptional Rang e Extend er antenna to extend the coverage area of the AP. The Range Extender antenna should also be used if, for security reasons, you need to install the AP in a closed location, such as a closet. Before mounting the AP, review the hardware requirements described in the installat ion documentation that came with the RoamAbout AP.

For best placement, configure the AP and a client and use the pr ocedure in the “Optimizing

RoamAbout AP Placement” on page 6-5 before permanently mounting the AP.

3-4

Infrastructure Network

Selecting the Locations for Multiple APs

Consid e r th e following:

• Each coverage area must overlap another coverage area to allow roaming for clients.

• The amount of overlap depends on number of users in a coverage area and utilization

of the network. If you expect that one coverage ar ea has more us ers or h igher networ k utilization than

the other coverage areas, increase the overlap of the adjacent coverage areas by moving the APs closer together (see Figure 3-2).

Figure 3-2: Overlapping Coverage Areas

AP1 AP4AP2

AP3

• If possible, have the adjacent APs whose coverage areas o verlap use different channels

that are at least five channels apart.

NOTE: If you are using two PC cards in the RoamAbout R2, they must

NOTE

be five channels apart.

• Be aware of potential hidden station problems. If possible, arrange the coverage area

to minimize or prevent any two clients from being within range of the AP but out of range with each other.

For best placement, configure the AP and a client and use the pr ocedure in the “Optimizing

RoamAbout AP Placement” on page 6-5 before permanently mounting the AP.

Before mounting the AP, review the hardware requirements described in the installat ion documentation that shipped with the RoamAbout AP.

3-5

Infrastructure Network

RoamAbout R2 Mezzanine Special Considerations

The following information pertains to the RoamAbout R2 with the Mezzanine option installed:

• Slot 2 does not support LAN-to-LAN Multipoint.

• If two 802.11b PC Cards are in stalled in the RoamAbout R2 , one of the PC Cards must

be connected to the Range Extender Antenna to preven t radio interference between the two cards. The antenna must be placed at least two feet away from the RoamAbout R2. This is not necessary if one of the cards is connected to an outdoor antenna.

• If you have two 802.11b PC Cards installed in the RoamAbout R2, the channels

between the PC Cards must be at least 5 channels apart from each other.

Using Multiple Wireless Infrastru c ture Networks

Instead of creating multiple cells in a single infrastructure network, you can have separate infrastructure networks. The advantages include:

• Preventing too many users from roaming t o a p art ic ular coverage area by config uri ng

some users to use one network, and other users to a different network. This is a form of load balancing.

• Creating a secure network for security-sensitive users and a general, less secure

network for other users. For example, on a college campus you can create a wireless network that uses encryption for use by the faculty, and a wireless network that does not use encryption for use by students.

The coverage areas of APs in different networks can overlap without interference as long as they use different channels. If possible, have the APs use different channels that are at least five channels apart.

Using an Outdoor Antenna

You can extend the coverage area of a wireless infrastructure network by connecting an outdoor omni-directional (7 dBi) antenna to the AP.

Typically, you only use the omni-directional antenna in an indoor/outdoor environment, such as in and around a warehouse. Also, the clients should be configured with the

RoamAbout Vehicle-Mount antennas.

NOTE

NOTE: If you are planning to use an outdoor antenna refer to the RoamAbout Outdoor Antenna Site Preparation and Instal lation Guide

for regulator y infor mation, FCC requir ement s, and deta iled pr ocedures to install outdoor antennas.

3-6

LAN-to-LAN Network Configuration

There are two types of LAN-to-LAN configurations. The LAN-to-LAN Endpoint Bridge mode is used in a Point-to-Point configuration to connect two separate wired LANs. The LAN-to-LAN Multipoint Bridge mode is used in a Point-to-Multipoint configuration to connect multiple wired LANs. Typically, the LANs are in different buildings and the configuration requires the RoamAbout outdoor antenna kit.

Consid e r th e following:

• Type of antenna. Use two directional antennas in a Point-to-Point link. Use one

omni-directional antenna and up to six directional antenna s in a Point-to-Multipoint configuration.

• Outdoor antenna installation. You should use a professional antenna installation

company to install the outdoor antennas.

• Grounding system. The AP and the outdoor antenna must use the same earth ground.

• Connecting of the outdoor antenna to the AP, and connect ing the AP to the wired LAN.

Refer to the RoamAbout Outdoor Antenna Site Preparation and Installation Guide for the detailed procedures to determine distances and install an outdoor configuration.

If you are not using an antenna, the APs should be within each other’s coverage area. The speed you want to use for your wireless link is one factor that determines the distance between the APs. Other factors include physical obstructions and noise levels.

The following is an example of the coverage area in a semi-open environment, which is defined as work space divided by shoulder-height, hollow wall elements.

• 11 Mbit/s - 165 feet (50 meters)

• 5.5 Mbit/s - 230 feet (70 meters)

• 2 Mbit/s - 300 feet (90 meters)

• 1 Mbit/s - 375 feet (115 meters)

Before mounting the AP, review the hardware requirements described in the installat ion documentation that came with the RoamAbout AP.

NOTE: Using the AP Density feature will change the coverage area.

NOTE

See AP Density and Roaming on page 2-8 for more information.

3-7

Ad-Hoc Netwo rk

Ad-Hoc Network

The only requirement for an ad-hoc network is the ability to communicate with one or more other wir eless users. To do this :

• All PC Cards must use the same channel. Default channels are listed in Table A-3 on

page A-3.

• Determine the size of the coverage area. The speed of the R oamAbout PC Card is on e

factor that determines the client coverage area. Other factors include physical obstructions and noise levels. The following is an example of the coverage area in a semi-open environment, which is defined as work space divided by shoulder-height, hollow wall elements.

— 11 Mbit/s - 165 feet (50 meters) — 5.5 Mbit/s - 230 feet (70 meters) — 2 Mbit/s - 300 feet (90 meters) — 1 Mbit/s - 375 feet (115 meters) The faster the transmit speed, the shorter the coverage area at that speed. A client with

an 11 Mbit/s PC Card can communicate with other clients up to a distance of 375 feet in a semi-open environment. However, only clients within the first 165 feet can communicate at 11 Mbit/s. Clients between 165 and 230 feet communicate at

5.5 Mbit/s. Clients between 230 and 300 feet communicate at 2 Mbit/s; and clients between 300 to 375 feet communicate at 1 Mbit/s.

If using a card other than the RoamAbout PC Card in wireless clients, refer to that card’s documentation for information about allowable distances. Make sure that the computer meets the RoamAbout PC Card r equirem ents as des cribed in the “Wireless

Network Hardware Installation Overview” on page 3-9.

3-8

Wireless Network Hardware Installation Overview

Once you have designed the wireless network and determined where to place the wireless devices, install and configure the hardware as described in the following sections.

Wireless Infrastructure Network

The following is an overview of the steps to install the wireless devices in a wireless infrastructure network.

1. Install the RoamAbout AP in the location you have chosen. Refer to the RoamAbout

documentation to install the hardware.

2. Install a tool to configure the AP as described in Chapter 4.

3. Configure the APs us i ng t he proced ures i n Chapter 5. You sh ould configure the APs

before configuring clients. A number of client settings depend on the AP settings.

4. Create wireless clients by installing the RoamAbout PC Card into the appropriate

computers. Refer to the RoamAbout PC Card documentation.

5. If installing the RoamAbout Client Utility (recommen ded) , see the “RoamAbout

Client Utility” on page 4-7.

6. Configure the wireless clients using the procedures described in the RoamAbout

802.11 PC Card Drivers and Utilities Se tup and Installation Guide.

LAN-to-LA N Configuration

The following is an overview of the steps to install the APs in a LAN-to-LAN configuration.

1. If using an outdoor antenna, follow the instructions in the RoamAbout Outdoor

Antenna Site Preparation and Installation Guide.

2. Install the RoamAbout APs in the locations you have chosen. Refer to the RoamAbout

AP documentation to install the AP hardware.

3. Choose and install a tool to configure the AP as described in Chapter 4.

4. Configure the APs using the procedure in the “Confi guri ng APs in a Poin t- to-Point

Network” on page 5-8 or “Configuring the AP for Point-to-Multipoint” on page 5-13.

3-9

Wireless Network Hardware Installation Overview

Ad-Hoc Network

The following is an overview of the steps to install the wireless clients in an Ad-Hoc network.

1. Create wireless clients by installing the RoamAbout PC Card into the appropriate

computers. Refer to the RoamAbout PC Card documentation.

2. If installing the RoamAbout Client Utility (recommen ded) , see the “RoamAbout

Client Utility” on page 4-7.

3. Configure the wireles s clients, as describ ed in the RoamAbout 802 .11 PC Card Drivers

and Utilities Setup and Installation Guide.

3-10

Chapter 4

Wireless Network Tools

This chapter describes the configuration tools. You can configure the AP using one or more of these tools:

• RoamAbout AP Manager

• RoamAbout console port

• Telnet (RoamAbout R2 only)

• Web Management (RoamAbout R2 only)

• Network Management Station (NMS)

To configure the AP for the first time, you need to use the Ro amAbout AP Manager or the console port.

In This Chapter

Information in this chapter is presented as follows:

Topic Page

RoamAbout AP Manager 4-2 Other SNMP Management Tools 4-5 RoamAbout Console Port 4-5 Telnet 4-6 Web Manageme nt 4-6 RoamAbout Client Utility 4-7

4-1

RoamAbout AP Manager

The RoamAbout AP Manager is a config urat i on tool for new APs and a management tool to assist the ongoing management and support of RoamAbout wireless networks. The AP Manager can manage multiple APs simultaneously.

The AP Manager has the following features:

• Ability to manage multiple APs remotely, including changing parameters on multiple

APs in a wireless network with a single command.

• Ability to group APs. For example, you can group together all the APs in one wireless

network and have a second group for APs in another wireless network.

• Ability to view AP parameters such as statistics, firmware version number, MAC

addresses, amount of memory, and card type.

• Integrity checking for many wireless parameter changes. This warns you if a common

wireless network management mistake is about to be made, or if the operatio n requested is unusual and usually not recommended.

• Integrity checking of an existing wireless network configuration for consistent settings

and common management errors.

• Improved wireless network performance through packet filtering and recommended

filter settings.

• Integrated with a BootP/TFTP application for simple AP firmware upgrades, also

called flash upgrades.

• Support for 802.11 radio techno logy .

• Ability to manage current and previous releases of the AP firmware. The AP Manager

only allows access to those features supported by the selected AP.

4-2

RoamAbout AP Manager

Installing the RoamAbout AP Manager

The AP Manager supports Windows 95, Wi nd ow s 98, Wi nd ows 2000, Windows Me, Windows NT (V4.0 or later), and Windows XP.

The AP Manager can manage APs from a wireless computer. However, the AP Manager needs to be on a computer connected to the same wired LAN as the AP to assign an IP address or upgrade the AP firmware.

The AP Manager is included on the CD-ROM in the RoamAbout AP kit, and can also be downloaded from the enterasys.com/wireless web site. To install the AP Manager, follow the installation instructions. After the installation, you can open the AP Manager main window, shown in Figure 4-1, by clicking the Start button on the Windows desktop and selecting Programs

Figure 4-1: RoamAbout AP Manager Main Window

→RoamAbout→RoamAbout AP Manager.

4-3

RoamAbout AP Manager

Using the AP Manager

You can manage APs individually or as a single group. You can group APs based on any criteria, such as:

• All APs belongin g to the same n etwork are in one g roup. For exam ple, have one g roup

for the Accounting network and one group for the Engineering network.

• To avoid confusion, you should have different groups for APs in an infrastructure

network and APs in a LAN-to-LAN configuration. APs in these configurations are managed differently.

• If you have earlier releases of the RoamAbout AP, you can group non-802.11

compliant APs together, separate from the 802.11 APs.

The AP Manager saves each group in a configuration file (*.CFG). When you create a group, give the file a meani ng ful nam e that repres ent s t he gro up, such as Campus for APs used outside on a college campus, or Engineering if all the APs are used for the Engineering wireless network.

When you open a configuration file, the APs in the group are displayed in the Managed List field on the main window (see Figure 4-1). You can add or remove APs from the configuration file. The following lists some of the actions you can perform from the AP Manager main window:

• Each time you open the AP Manager, the RoamAbout AP Managed List field is

blank. You need to open a file by clicking File in the menu bar, selecting Open, and choosing a configurati on fil e. Al l the APs in tha t gr oup are di s played i n the Man aged List field.

• If there is a RoamAbout R2 in the list, you are prompted for a password. The p assword

is the password that you entered when you created the configuration file.

• To display the settings that the AP is currently using, select the AP in the Managed List

field and click the various buttons, such as Wireless Parameters, Network Parameters, and Hardware. Click the Help button in each dialog box for a description of the dialog box.

• To check the Signal-to-Noise Ratio (SNR) between the AP and another device in the

same wireless network, select Integrity in the menu bar and select Link Test.

• To discover all APs in your network, select Selection in the menu bar and Discover.

Chapter 5 contains the procedures to configure APs using the AP Manager.

4-4

Other SNMP Management Tools

The AP supports the Si mple Network Management Protocol (SNMP) through any standar d Network Management Station (NMS) that supports SNMP. The SNMP management capability enables you to manage standard SNMP MIB characteristics, such as protocol filtering and address filtering.

• To manage the AP with an NMS, you must first use the console port or AP Manager

to configure the AP with a valid IP address.

• The RoamAbout R2 supports SNMPv3. If your NMS does not support SNMPv3 and

you want to use SNMPv1 or SNMPv2c, use the RoamAbout R2 console to access the community names. The RoamAbou t R2 Co mmu nity s creen con tains fou r co mmun ity names that allow SNMPv1 and SNMPv2c read-only and read-write access to an NMS. The names are disabled by default with the exception o f Community Name #1 , which is set to public. If using SNMPv3, you should leave names 2 through 4 disabled.

• The following AP settings are only accessible from an NMS:

—RMON parameters

Other SNMP Management Tools

— Aging timer

RoamAbout Console Port

You can manage the AP by connecting a terminal or personal computer running terminal emulation software to the console port. Signals from the console port conform to the EIA-232D signaling st and a rd at 9600 ba ud only. The port appears as a data terminal equipment (DTE) device. Typical ly, you do not need to use th e console po rt if you use the AP Manager to manage the AP. However, the R2 SNMP community names are only modifiable from the R2 console port.

Refer to Appendix B for the procedure to connect a device to the AP console port.

4-5

Telnet

You can manage the RoamAbout R2 through Telnet. However, you must first assign the R2 an IP address.

Perform the following steps to access the R2 through Telnet:

1. Open a DOS Prompt.

2. Telnet to the IP Address that you assigned to the RoamAbout R2.

For example: telnet 10.0.0.00 You are prompted for a username and password. The default username is admin and

the default password is password. The Main Menu appears.

3. Ensure that your preferences are set to use the arrow keys.

Web Management

You can manage the RoamAbout R2 through your web browser. However, you must first assign the R2 an IP address. Refer to Appendix B for the procedure to connect a device to the AP console port.

The RoamAbout R2 web management runs on the following browsers:

• Netscape Communicator V4.5, V4.6, V4.7 and V6.0 (and later)

• Microsoft Internet Explorer V4.0 and V5.0 (and later)

You must set the browser proxy to Direct Internet Connection. Then enter the IP address that you assigned to the RoamAbout R2 in the browser window. You are prompted for a username and password. The default username is admin and the default password is password.

4-6

RoamAbout Client Utility

The RoamAbout Client Utility is a diagnostic tool for RoamAbout wireless networks. The RoamAbout Client Utility is included on the RoamA bout 802.11 PC Card Drivers and Utilities CD-ROM, or you can download it from the RoamAbout Wireless web site. Refer to the RoamAbout 802.11 PC Card Drivers and Utilities Setup and Installation Guide for setup and installation information.

Use the Client Utility to:

• Perform a radio Link Test with a single AP or computer. The Link Test mode allows

you to verify the communications quality of the RoamAbout PC Card in more detail. It allows you to investigate the performance of the RoamAbout radio link between:

— Your computer and another wireless computer — Your computer and the current AP

• Perform a Site Survey running the Site Monitor option. Use the Site Monitor mode to

display the communications quality of your computer with multiple APs in its vicinity. The Site Monitor mode allows you to conduct a site survey to:

RoamAbout Client Utility

— Determine the overall wireless coverage of your LAN network. — Determine or optimize placement of your APs, to provide seamless connectivity

to mobile stations.

For detailed information about each Client Utility window, consult the RoamAbout Client Utility on-line help by clicking the Help button in each window.

4-7

Configuring the Wireless Network

This chapter provides the procedures to configure the wireless device parameters. Before performing these pr ocedures, you need t o install the wireless netwo rk tools as descr ibed in

Chapter 4.

• To install the drivers and utilities on the clients, refer to the RoamAbout 802.11 PC

Card Drivers and Utilities Se tup and Installation Guide.

• If you are configuring a wireless infrastructure network, configure the APs first. Many

of the wireless client parameters are based on the AP settings.

• For infrastructure and ad-hoc networks, document the common settings for any clients

that join the network at a future date.

In This Chapter

Chapter 5

Information in this chapter is presented as follows:

Topic Page

Configuring APs in an Infrastructure Network 5-3 Configuring APs in a Point-to-Point Network 5-8 Configuring the AP for Point-to-Multipoint 5-13 Viewing Current AP Settings 5-18 Modifying the IP Address 5-19 Setting the Cabletron Discovery Protoc ol 5-21 Modifying Wireless Parameters 5-22 Configuring for Security 5-24 Configuring the Console Port for Security 5-28 Configuring the R2 for SNMPv1 or SNMPv2 5-29 Configuring the AP for Authentication 5-30 Configuring for Rapid Rekeying 5-36 Configuring for VLANs 5-40

5-1

In This Chapter

Topic Page

Setting Spanning Tree 5-43 Filtering Traffic by Protocols 5-44 Filtering Traffic by Addresses 5-46 Checking the Configuration on Multiple APs 5-47 Resetting the RoamAbout AP 5-48 Using the RoamAbout R2 Web Management 5-49 Configuring Clients 5-50

5-2

Configuring APs in an Infrastructure Network

After installing the AP, you can configure its network and wireless para met e rs us ing th e AP Manager, the console p ort, or t he R2 Web Managem ent. To conf igur e the RoamAbo ut R2 for management by an NMS using SNMPv2 or SNMPv1, see “Configuring the R2 for

SNMPv1 or SNMPv2” on page 5-29.

Required Information

When configuring an AP, have the following information available:

• If the AP has been configured with an IP address, you need to know that IP address. If

the AP has not been assigned an IP address, you need the following: — The AP wired MAC address, which is printed on the front of the Access Point

2000 and on the side of the RoamAbout R2.

— Valid, unused IP address. Depending on your network configuration, you may

also need to provide the subnet mask and default gateway.

• The AP SNMP read/write community name (default is public). If you do not enter the

correct community name, you cannot modify the AP or add it to an AP Manager group.

• For a RoamAbout R2, the SNMPv3 Authentication and Privacy Passwords (default for

both is password).

• Identification information, such as a unique name for the AP, its location, and the name

of the person responsible for the AP.

Wireless Parameters Used in an Infrastructure Network

If adding APs to an existing wireless network, write down the wireless parameter settings. If creating a wireless infrastructure net work, you can enter the Chan nel, Wireless Network Name, and Station Name, and use the default settings for the other parameters. The following describes the settings used in an infrast ructure network:

• Slot 1/Slot 2: (RoamAbout R2 only): Select the slot to be configured.

• Channel: Set adjacent APs to different channels that are at least five channels apart if

possible. See Appendix A for channel information.

• Wireless network name: The wireless network name can be any alphanumeric string

(uppercase and lowercase) with a maximum of 32 characters. Spaces are allowed. The name is case-sensitive. An example of a wireless network name is:

My RoamAbout NETWORK 2

5-3

Configuring APs in an Infrastructure Network

• Station name: Select a unique name that helps identify the location of the AP. Each

AP should have a unique station name.

• Bridge Mode: Set to Workgroup.

• AP Density: See AP Density and Roaming on page 2-8 for more information.

• Transmit Rate: The default setting works well in most environments. See “Transmit

Rate” on page 2-5.

• RTS Threshold: The default setting works well in most environments. See

“RTS/CTS Protocol” on page 2-9.

• Remote RTS Threshold: The default setting works well in most environments. See

“RTS/CT S Protocol ” on page 2- 9. This setting is only available on a RoamAbout R2

managed by the AP Manager.

• DTIM: In nearly all environments, you should not chang e the default DTIM of 1. See

“802.11 Power Management” on page 2-11.

• Secure Access: Enable to prevent clients without the correct wireless network name

from connecting to this AP.

• Multicast Transmit Rate: Identifies the desired transmission speed for the broadcast

and multicast traffic as forwarded by the AP to the wireless LAN. You should use the lowest speed that you want to support. If using applications that use multicast traffic (for example, IGMP), you can increase this rate from the default of 2 Mbit/s Fixed.

• IntraBSS Relay:

— Enable: Allows wireless users associated with an AP to see and communicate

between each other. This is accomplished by taking a multicast packet from one wireless user and rebroadcasting it so that all wireless users see it.

— Disable: Prevents communication between users associated with an AP. This

mode is intended for use in the ISP market where the ISP does not want separ ate households to browse the Network Neighborhood and see other customers and their hard drives.

• Medium Density Dist r i b ution: Enable it to have the AP distribute its AP Density

(low, medium, high, minicell, microcell) to the clients. This setting is not available from the console ports.

• Load Balancing: Forces wireless clients to associate with APs that are least busy,

resulting in a more even distribution of client associations between APs. Load balancing increases the network's overall throughput. Load balancing is enabled by default. This setting is not available from the console ports.

5-4

Configuring APs in an Infrastructure Network

Using the AP Manager

Use the Help button in the AP Manager for a description of any field.

1. If you are currently managing APs with the AP Manager, determine if the new AP

belongs to an existing group. Refer to “RoamAbout AP Manager” on page 4-2 for a description of configuratio n groups.

File

→Open (adds the AP to an existing group)

File

→New (start s a new group)

2. Click Setup/Add New AP.

3. If the AP has been assign ed an IP address, click No when asked if you need to lo ad an

IP address on the AP. If the AP does not have an IP address, click Yes.

4. Enter a new IP address or the AP’s existing IP address and other network parameters

as prompted. You may need to wait a few minutes for the IP address to load. Afterwards, the AP

Manager di splays the Identification and Wireless Parameter dialog boxes.

5. Identification: Enter information that will help administrators identify the AP.

6. Wireless Parameters: Enter the wireless parameters for your wireless network. If

your wireless network requires additional settings, click the Advanced butto n.

7. Click OK.

8. To implement your changes:

R2 AP: Select Reset from the main window. Select Reset Slot x, where x is the slot (1 or 2) you configured.

AP 2000: Select Reset from the main window. Select Reset with Current Settings. Allow approximately one minute for the AP to reset and complete its self-test.

9. Repeat this procedure to add additional APs to this or other configuration groups.

10. When configuring wireless clients, enter the Wireless network name esp ecially if

Secure Access is enabled.

Refer to the other sections in this chapter to configure features such as authentication, encryption, and filters.

5-5

Configuring APs in an Infrastructure Network

Using the RoamAbout R2 Conso le Port

To use the console port, follow the instructions in “Connecting a Device to the Console

Port” in Appendix B. Use Help in the console screens for a description of any field.

1. Choose Network Configuration from the Main Menu and enter the following

parameters:

IP address: Enter the IP address you wish to assign to the AP. Subnet mask: Enter the subnet mask you wish to assign to the AP. Default gateway: Enter the IP address of the default gateway. Spanning Tree: Set to Disable. IP Address Mode: Set to Manual when configuring an AP for the first time. For more

information, see “Modifying the IP Address” on page 5-19. Ethernet Speed: This sets the speed of the wired Ethernet connection. The default

setting, autonegotiate, works well in most environments. GVRP: Set to Disabled unless you are configuring the AP to support VLANs, as

described in “Configuring for VLANs” on page 5-40. CDP: This setting is Disabled by default in Workgroup mode. To change this setting,

refer to “Setting the Cabletron Discovery Protocol” on page 5-21.

2. Choose Save.

3. Choose Wireless Configuration from the Main Menu, then choose Set/Show

Wireless Configuration.

4. At the top of screen, select the radio slot (1 or 2) to configure.

5. Enter the wireless parameters.

6. Set the Reset Option to Reset Radio if necessary (default setting).

7. Choose Save.

8. To configure the RoamAbout clients, write down the Wireless Network Name,

especially if Secure Access is enabled.

Refer to the other sections in this chapter to configure features such as authentication, encryption, and filters.

5-6

Configuring APs in an Infrastructure Network

Using the Access Point 2000 Console Port

To use the console port, follow the instructions in “Connecting a Device to the Console

Port” in Appendix B. Use Help in the console screens for a description of any field.

1. Choose Set IP Address from the Installation Menu.

2. Enter the IP address, subnet mask, and default gateway.

3. Choose Module-Specific Options from the Installation Menu.

4. Choose Set Wireless Configuration. Enter the wireles s parameters for yo ur wireless

network.

5. Select Module-Specific Options from the Installation Menu and set the following

parameters:

Bridge Mode Options : Set to Workgroup. Enable/Disable Default Rate Limitin g: Set to Disabled to disable the 100 Kbit/sec

limitation on multicast traffic.

6. Optionally, you can enable console security as follows: a) Choose Enable/Disable Console Password from the Installation Menu. Enable

Console Password to prevent other users from using the console port to view or modify settings.

b) Select Set SNM P Read/Write Community from the Installation Menu. Enter a

new community name (4 to 31 printable ASCII characters) . Users must enter the community name to access the menu.

7. To implement your changes, select Reset with Current Settings from the Installation Menu. Allow approximately one minute for the AP to reset and complete its self-test.

8. When configuring wireless clients, enter the Wireless ne twork name especially if Secure Access is enabled.

Refer to the other sections in this chapter to configure features such as authentication, encryption, and filters.

5-7

Configuring APs in a Point-to-Point Network

You can configure two APs to communicate with each other in a LAN-to-LAN Point-to-Point confi gu rati on u sin g t he AP Manager or the console port as described in the following sections. To configure the RoamAbout R2 for management by an NMS using SNMPv2 or SNM Pv1, see “Configuring the R2 for SNMPv1 or SNMPv2” on page

5-29.

Required Information

When configuring an AP, have the following information available:

• If the AP has been configured with an IP address, you need to know that IP address. If the AP has not been assigned an IP address, you need the following:

— The AP wired MAC address, which is printed on the front of the Access Point

2000 and on the side of the RoamAbout R2.

— Valid, unused IP address. Depending on your network configuration, you may

also need to provide the subnet mask and default gateway.

• The AP SNMP read/write community name (default is public). If you do not enter the correct community name, you cannot modify the AP or add it to an AP Manager group.

• For a RoamAbout R2, the SNMPv3 Authentication and Privacy Passwords (default for both is password).

• Wireless MAC address of each AP. The wireless MAC address is NOT the same as the wired MAC address printed on the AP. Perform one of the following to see the wireless MAC address:

— AP Manager: Select each AP from the Manage d Li st field and click the

Hardware button.

— Access Point 2000 console port: Show Current Settings from the Installation

Menu.

— R2 console port: Current Configuration from the Main Menu. — Back of the PC Card used in the AP. Th e MAC address of the PC Card is the AP’s

wireless MAC address.

• Identification information, such as a unique name for the AP, its location, and the name of the person responsible for the AP.

5-8

Configuring APs in a Point-to-Point Network

Wireless Parameters Used in a Point-to-Point Network

The following AP parameters are not used in this configuration:

• Wireless Network Name

• Secure Access

• IntraBSS Relay

• AP Density

• Power Management (DTIM Period)

• Multicast Transmit Rate

The following describes the settings used in a point-to-point network:

• Slot 1/Slot 2: (RoamAbout R2 only): Select the slot to be configured.

• Channel: Both APs must use the same channel.

• Station name: Select a unique name that helps identify the location of the AP. Each

AP should have a unique station name.

• Bridge Mode: Set to LAN-to-LAN Endpoint.

• Remote Wireless MAC Address: Enter the wireless MAC address of the remote AP.

• Transmit Rate: A fixed rate is recommended for most environments. See “Transmit

Rate” on page 2-5.

• RTS Threshold: The default setting works well in most environments. See

“RTS/CTS Protocol” on page 2-9.

• Spanning Tree: Set to Enabled or Disabled. For more information, see “Spanning

Tree Protocol” on page 2-22.

5-9

Configuring APs in a Point-to-Point Network

Using the AP Manager

Use the Help button in the AP Manager for a description of any field.

1. If you are currently managing APs with the AP Manager, determine if the new AP belongs to an existing group. Refer to “RoamAbout AP Manager” on page 4-2 for a description of configuratio n groups.

File

→Open (adds the AP to an existing group)

File

→New (start s a new group)

2. Click Setup/Add New AP.

3. If the AP has been assign ed an IP address, click No when asked if you need to lo ad an

IP address on the AP. If the AP does not have an IP address, click Yes.

4. Enter a new IP address or the AP’s existing IP address and other network parameters as prompted.

You may need to wait a few minutes for the IP address to load. Afterwards, the AP Manager di splays the Identification and Wireless Parameter dialog boxes.

5. Identification: Enter information that will help administrators identify the AP.

6. Wireless Parameters: Enter the wireless parameters for your wireless network. Click

the Advanced button to view all wireless parameters.

7. Click OK.

8. To implement your changes:

R2 AP: Select Reset from the main window. If c hanging the bridge mode, select Reset with Current Settings. Otherwise, select Reset Slot x, where x is the slot (1 or 2) you

configured. AP 2000: Select Reset from the main window. Select Reset with Current Settings.

Allow approximately one minute for the AP to reset and complete its self-test.

9. Repeat this procedure at the other AP.

Refer to the other sections in this chapter to configure features such as encryption and filters.

5-10

Configuring APs in a Point-to-Point Network

Using the RoamAbout R2 Conso le Port

To use the console port, follow the instructions in “Connecting a Device to the Console

Port” in Appendix B. Use Help in the console screens for a description of any field.

1. Choose Network Configuration from the Main Menu and enter the following parameters:

IP address: Enter the IP address you wish to assign to the AP. Subnet mask: Enter the subnet mask you wish to assign to the AP. Default gateway: Enter the IP address of the default gateway. Spanning Tree: Set to Enabled or Disabled. For more information, see “Spanning

Tree Protocol” on page 2-22.

IP Address Mode: Set to Manual when configuring an AP for the first time. For more

information, see “Modifying the IP Address” on page 5-19. Ethernet Speed: This sets the speed of the wired Ethernet connection. The default

setting, autonegotiate, works well in most environments. GVRP: Set to Disabled unless you are configuring the AP to support VLANs, as

described in “Configuring for VLANs” on page 5-40. CDP: This setting is Auto Enabled by default in LAN-to-LAN mode. To change this

setting, refer to “Setting the Cabletron Discovery Protocol” on page 5-21.

2. Choose Save.

3. Choose Wireless Configuration from the Main Menu, then choose Set/Show

Wireless Configuration.

4. At the top of screen, select the radio slot (1 or 2) to configure.

5. Enter the wireless parameters.

6. Set the Reset Option to Reset Radio if necessary (default setting).

7. Choose Save.

8. If changing the bridge mode, you need to implement your changes by choosing

Reset/Upgrade in the Main Menu then choosing Reset Switch. Allow approximately one minute for the AP to reset and complete its self-test.

9. Perform this procedure on the other AP.

Refer to the other sections in this chapter to configure features such as encryption and filters.

5-11

Configuring APs in a Point-to-Point Network

Using the Access Point 2000 Console Port

To use the console port, follow the instructions in “Connecting a Device to the Console

Port” in Appendix B. Use Help in the console screens for a description of any field.

1. Choose Set IP Address from the Installation Menu.

2. Enter the IP address, subnet mask, and default gateway.

3. Choose Module-Specific Options from the Installation Menu.

4. Choose Set Wireless Configuration. Enter the parameters for your wireless networ k.

5. Select Bridge Mode Options in the Module-Specific Options menu.

Bridge Mode: Set to LAN-to-LAN End-Point. Remote Wireless MAC Address: Enter the wireless MAC address of the remote AP. Spanning Tree Mode: Set to Enabled or Disabled. For more information, see

Spanning Tree Protocol on page 2-22.

6. Optionally, you can enable console security as follows: a) From the Installation Menu, choose Enable/Disable Console Password. Set to

Enable.

b) Select Set SNM P Read/Write Community from the Installation Menu. Enter a

new community name (4 to 31 printable ASCII characters) . Users must enter the community name to access the menu.

7. To implement your changes, select Reset with Current Settings from the Installation Menu. Allow approximately one minute for the AP to reset and complete its self-test.

8. Perform this procedure on the other AP.

Refer to the other sections in this chapter to configure features such as encryption and filters.

5-12

Configuring the AP for Point-to-Multipoint

You can configure up to seven APs in a point-to-multipoint configuration. At least one AP must be configured as a Central AP. The other APs are configured as endpoint APs, as described in “Point-to-Multipoint” on page 1-10. To configure the RoamAbout R2 for management by an NMS using SNMPv2 or SNMPv1, see “Configuring the R2 for

SNMPv1 or SNMPv2” on page 5-29.

Required Information

When configuring an AP, have the following information available:

• Valid Multipoint Activation Key (16 characters) to enable Multipoint bridge mode (purchased separately). Contact your Enterasys Representative.

• If the AP has been configured with an IP address, you need to know that IP address. If the AP has not been assigned an IP address, you need the following:

— The AP wired MAC address, which is printed on the front of the Access Point

2000 and on the side of the RoamAbout R2.

— Valid, unused IP address. Depending on your network configuration, you may

also need to provide the subnet mask and default gateway.

• The AP SNMP read/write community name (default is public). If you do not enter the correct community name, you cannot modify the AP or add it to the AP Manager group.

• For a RoamAbout R2, the SNMPv3 Authentication and Privacy Passwords (default for both is password).

• Wireless MAC address of each AP. The wireless MAC address is NOT the same as the wired MAC address printed on the AP. Perform one of the following to see the wireless MAC address:

— AP Manager: Select each AP from the Manage d Li st field and click the

Hardware button.

— Access Point 2000 console port: Show Current Settings from the Installation

Menu.

— R2 console port: Current Configuration from the Main Menu. — Back of the PC Card used in the AP. Th e MAC address of the PC Card is the AP’s

wireless MAC address.

• Identification information, such as a unique name for the AP, its location, and the name of the person responsible for the AP.

5-13

Configuring the AP for Point-to-Multipoint

Wireless Parameters Used in a Poin t-to-Multipoint Network

The following AP parameters are not used in this configuration:

• Wireless Network Name

• Secure Access

• IntraBSS Relay

• AP Density

• Power Management (DTIM Period)

• Multicast Transmit Rate

The following describes the settings used in a point-to-multipoint network:

• Slot 1/Slot 2 (RoamAbout R2 only): Select the slot to be configured. For the central AP, Slot 1 must be selected.

• Channel. All APs must use the same channel.

• Station name. Select a unique name that helps identify the location of the AP. Each

AP should have a unique station name.

• Bridge Mode: Central AP: Set to LAN-to-LAN Multipoint.

Endpoint APs: Set to LAN-to-LAN Endpoint.

• Multipoint Activation Key (Central AP only): Enter the 16 character alphanumeric activation key.

• Remote Wireless MAC addresses: Central AP: En ter the wireless MAC addresses of the other APs. Any unused fiel ds must be null (contain no characters). Endp oint APs : Enter the wireless MAC address of the Central AP.

• Wireless Relay (Central AP, Access Point 2000 only): Enable to allow the endpoint APs to communicate with each other through the Central AP, or Disable to only allow the endpoint APs to communicate with the Central AP and its wired LAN.

• Transmit Rate: The default setting works well in most environments. See “Transmit

Rate” on page 2-5.

• RTS Threshold: The default setting works well in most environments. See

“RTS/CTS Protocol” on page 2-9.

• Spanning Tree: Central AP: Set to Enabled. Endpoint APs: Enable or disable. For more information, see “Spanning Tree Protocol” on page 2-22.

5-14

Configuring the AP for Point-to-Multipoint

Using the AP Manager

Use the Help button in the AP Manager for a description of any field.

1. Determine which AP is the Central AP, as described in “Point-to-Multipoint” on

page 1-10.

2. If you are currently managing APs with the AP Manager, determine if the new AP belongs to an existing group. Refer to “RoamAbout AP Manager” on page 4-2 for a description of configuratio n groups.

→Open (adds the AP to an existing group)

File File

→New (start s a new group)

3. Click Setup/Add New AP.

4. If the AP has been assign ed an IP address, click No when asked if you need to lo ad an

IP address on the AP. If the AP does not have an IP address, click Yes.

5. Enter a new IP address or the AP’s existing IP address and other network parameters as prompted.

You may need to wait a few minutes for the IP address to load. Afterwards, the AP Manager di splays the Identification and Wireless Parameter dialog boxes.

6. Identification: Enter information that will help administrators identify the AP.

7. Wireless Parameters: Enter the wireless parameters for your wireless network. Click

the Advanced button to view all the wireless parameters. When configuring the Central AP, click the LAN-to-LAN Multipoint Properties

button to ente r the w irel ess MA C add res ses o f t he ot he r A P s. A ny un us ed f ield s mus t be null (contain no characters).

8. Click OK.

9. To implement your changes:

R2 AP: Select Reset from the main window. If c hanging the bridge mode, select Reset with Current Settings. Otherwise, select Reset Slot x, where x is the slot (1 or 2) you

configured. AP 2000: Select Reset from the main window. Select Reset with Current Settings.

Allow approximately one minute for the AP to reset and complete its self-test.

10. Repeat this procedure at the other APs.

Refer to the other sections in this chapter to configure features such as encryption and filters.

5-15

Configuring the AP for Point-to-Multipoint

Using the RoamAbout R2 Conso le Port

To use the console port, follow the instructions in “Connecting a Device to the Console

Port” in Appendix B. Use Help in the console screens for a description of any field.

1. Choose Network Configuration from the Main Menu and enter the following: IP address: Enter the IP address you wish to assign to the AP.

Subnet mask: Enter the subnet mask you wish to assign to the AP. Default gateway: Enter the IP address of the default gateway. Spanning Tree: For the Central AP , se t to Enabled. For the APs in LAN-to-LAN

Endpoint bridge mode, you can enable or disable Spanning Tree. For more information, see “Spanning Tree Protocol” on page 2-22.

IP Address Mode: Set to Manual when configuring an AP for the first time. For more information, see “Modifying the IP Address” on page 5-19.

Ethernet Speed: This sets the speed of the wired Ethernet connection. The default setting, autonegotiate, works well in most environments.

GVRP: Set to Disabled unless you are configuring the AP to support VLANs, as described in “Configuring for VLANs” on page 5-40.

CDP: This setting is Auto Enabled by default in LAN-to-LAN mode. To change this setting, refer to “Setting the Cabletron Discovery Protocol” on page 5-21.

2. Choose Save.

3. Choose Wireless Configuration from the Main Menu, then choose Set/Show

Wireless Configuration.

4. At the top of screen, select the radio slot (1 or 2) to configure.

5. Enter the wireless parameters.

6. Set the Reset Option to Reset Radio if necessary (default setting).

7. Choose Save.

8. If changing the bridge mode, you need to implement your changes by choosing

Reset/Upgrade in the Main Menu then choosing Reset Switch. Allow approximately one minute for the AP to reset and complete its self-test.

Refer to the other sections in this chapter to configure features such as encryption and filters.

5-16

Configuring the AP for Point-to-Multipoint

Using the Access Point 2000 Console Port

To use the console port, follow the instructions in “Connecting a Device to the Console

Port” in Appendix B. Use Help in the console screens for a description of any field.

1. Choose Set IP Address from the Installation Menu.

2. Enter the IP address, subnet mask, and default gateway.

3. Choose Module-Specific Options from the Installation Menu.

4. Choose Set Wireless Configuration. Enter the wireles s parameters for yo ur wireless

network.

5. Select Bridge Mode Options from the Module-Specific Options menu and continue entering the wireless parameters.

6. Optionally, you can enable console security as follows: a) From the Installation Menu, choose Enable/Disable Console Password. Set to

Enable.

b) Select Set SNM P Read/Write Community from the Installation Menu. Enter a

new community name (4 to 31 printable ASCII characters) . Users must enter the community name to access the menu.

7. To implement your changes, reset the AP by selecting Reset with Current Settings from the Installation Menu. Allow approximately one minute for the AP to reset and complete its self-test.

8. Perform this procedure on the other APs.

Refer to the other sections in this chapter to configure features such as authentication and filters.

5-17

Viewing Current AP Settings

You can view the current settings before you modify the RoamAbout AP parameters.

Using the AP Manager

Using the AP Manager, select the AP from the Managed List field and click the various buttons, such as Wireless Parameters, Network Parameters, and Hardware. In the Wireless Parameters dialog box, click the Advanced button to view all the wireless parameters. If you have changed any wireless parameters and have not yet reset the AP, both the operating (current) settings and the settings that take affect after the next reset are displayed.

Using the RoamAbout R2 Console

• Choose Current Configuration from the Main Menu to view the network and hardware parameters.

• To display the current wireless settings, choose Wireless Configuration in the Main Menu, then choose Set/Show Wireless Configuration. If you have changed a wir eless parameter but not yet reset the AP, the new setting is NOT reflected in this display.

Using the Access Point 2000 Console

• Choose Show Current Settings from the Installation Menu to view the network and hardware parameters.

• To display the current wireless settings, choose Module-Specific Options then select Show Wireless Configuration. If you have changed a wir el ess p aramet er but not yet

reset the AP, the new setting is NOT reflected in this display.

5-18

Modifying the IP Address

The AP can obtain an IP address using these methods:

• BootP (default): The AP obtains its IP Address from a BootP server when it reboots. A BootP server must be co nfi gu red i n ad vance t o r esp ond with the desired I P addr ess .

• DHCP: The AP obtains its IP address from a DHCP server. This option is not recommended for enterprise netwo rks.

• Manual: Prevents the AP from issuing BootP or DHCP requests to ob tain an IP address. Use this setting if the AP was already assigned an IP address and you do not want to change it.

Using the AP Manager

You can use the AP Manager to change the IP address using a BootP or DHCP server. You also have the option to manually change the IP address of an Access Point or Acces s Point

2000. To only modify the s ubnet mask or default gateway, select the AP from the Managed

List field and click the Network Parameters button. A reset is not needed.

Modifying the IP Address

To change the AP’s current IP address using BootP or DHCP, perform the following:

1. Select the AP from the Managed Lis t field.

2. Click the Network Parameters button and set the following parameters:

Address State: Set to Volatile. The address state options are inactive if this parameter was disabled using the console port. This setting is not used on a RoamAbout R2.

IP Address Initialization: Set to DHCP or BootP to automatically assign an IP Address to the AP after the reset.

3. Click OK.

4. In the AP Manager main window, click the Reset button. Then click Reset with

Current Settings. The AP is reset and uses the selected method to obtain an IP address.

When done, you may need to delete the AP with the old IP address from the managed list. To manage the AP with the new IP address with AP Manager, use the Setup/Add New AP

button fr om the mai n window or use Selection

→Discover from the menu bar.

5-19

Modifying the IP Address

To manually change the IP address of an Access Point or Access Point 2000, perform the following. You will need the AP’s wired MAC address and an unused IP address .

1. Select the AP in the managed list.

2. Click on the Network Parameters button.

3. Set the Address State to Volatile.

4. Select Manual from the IP Address Initialization option.

5. Click OK.

6. In the main AP Manager window, click the Reset button. Then, click Reset with

Current Settings.

7. Click the Setup/Add New AP button from the main window.

8. Click Yes in the Load IP Address message.

9. In the Load IP Address dialog, enter the wired MAC address, new IP Address, and

other parameters as necessary.

10. Click OK.

11. If a message appears about reloading an R2, click OK to close the message and

continue loading the new address.

Using the RoamAbout R2 Conso le Port

1. Choose Network Configuration from the Main Menu and enter the following parameters:

IP address: If manually entering an IP address, enter the IP address you wish to assign to the AP.

Subnet mask: Enter the subnet mask you wish to assign to the AP. Default gateway: Enter the IP address of the default gateway. IP Address Mode: Set to Manual, DHCP, or BootP. The AP uses this method to obtain

an IP address on the next reset.

2. Choose Save. You do not need to reset the AP.

5-20

Enterasys 802.11, RoamAbout R2, RoamAbout AP 2000, RoamAbout PC Card, RoamAbout AP Classic Networking Manual

Specifications and Main Features

Frequently Asked Questions

User Manual