ICOM AP-95M Instruction manual

INSTRUCTION MANUAL

WIRELESS ACCESS POINT

AP-95M

IEEE802.11ac Wave 2 standard

INTRODUCTION

1 BEFORE USING THE AP-95M

2 INSTALLATION GUIDE

3 CONNECTING WIRELESS LAN [BASIC]

4 CONNECTING WIRELESS LAN [ADVANCED]

5 OTHER FUNCTIONS

6 MAINTENANCE

7 INFORMATION

INTRODUCTION

Thank you for choosing this Icom product. The AP-95M wireless access point is designed and built with Icom’s IP network technology. We hope you agree with Icom’s philosophy of “Technology First.” Many hours of research and development went into the design of your AP-95M. The AP-95M complies with the IEEE802.11ac Wave 2 standards, and enables you to communicate in dual bands.

• The ‘IEEE802.11ac’ standard can be used only on the 5 GHz band (Wireless 2).

ALL RIGHTS RESERVED. This document contains material protected under International and Domestic Copyright Laws and Treaties. Any unauthorized reprint or use of this material is prohibited. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system without express written permission from Icom Incorporated.

All stated specications and design are subject to change without notice or obligation.

Microsoft and Windows are trademarks of the Microsoft group of companies. Icom, Icom Inc. and the Icom logo are registered trademarks of Icom Incorporated (Japan) in Japan, the United States, the United Kingdom, Germany, France, Spain, Russia, Australia, New Zealand, and/or other countries. All other products or brands are registered trademarks or trademarks of their respective holders.

i

INTRODUCTION

ABOUT THE WIRELESS LAN STANDARDS

The AP-95M’s wireless LAN standards and the maximum communication rates are shown in the table below.

NOTE: The bandwidth that can be used differs, depending on the country.

Frequency band Wireless LAN standard Bandwidth

5 GHz IEEE802.11ac 80 MHz 867 Mbps

40 MHz 400 Mbps

20 MHz 173 Mbps

IEEE802.11n 40 MHz 300 Mbps

20 MHz 144 Mbps

IEEE802.11a 54 Mbps

2.4 GHz IEEE802.11n 40 MHz 400 Mbps*

IEEE802.11g 54 Mbps

IEEE802.11b 11 Mbps

*The client wireless LAN station must be compatible with 256QAM modulation.

About the Wireless LAN information

• The maximum communication rate is written based on the maximum theoretical rate of the IEEE802.11 wireless LAN standard, and is not the actual data communication rate.

• The actual data communication rate differs, depending on the condition in which the AP-95M is used, such

as distance, obstacles, PC specications, network vacancy, and so on.

20 MHz

Maximum communication

rate (theory)

173 Mbps*

The AP-95M’s wireless LAN standards and the maximum communication distance is shown in the table below.

The wireless communication distance differs, depending on the installed location, or the frequencies used. Refer to the table below as a reference.

Frequency band Wireless LAN standard Indoor Outdoor*

5 GHz IEEE802.11ac

IEEE802.11n

IEEE802.11a

2.4 GHz IEEE802.11n

IEEE802.11g

IEEE802.11b

* This product has the frequency range approved only for indoor use. Follow the restrictions of the laws and regulations of

each country.

Approximately

30 m: 32 yd

Approximately

30 m: 32 yd

Approximately 100 m: 109 yd

ii

INTRODUCTION

ABOUT THE WIRELESS LAN STANDARDS (CONTINUED)

Bandwidth and Channel

The AP-95M has 2 wireless LAN units inside: 2.4 GHz band (Wireless 1) and 5 GHz band (Wireless 2). Set the desired “Channel” and “Bandwidth.”

• When setting multiple access points with the 80 MHz bandwidth on 5 GHz, or 20/40 MHz bandwidth on 2.4 GHz, set the channels away from each other, to prevent signal interference.

Frequency band Bandwidth

5 GHz 80 MHz

40 MHz 20 MHz

2.4 GHz 40 MHz 20 MHz

iii

INTRODUCTION

FEATURES

• A communication can be made at the maximum rate of 867 Mbps (theoretical) based on the [IEEE802.11ac] and the [IEEE802.11n] standards.

L The [IEEE802.11ac] standard can only be used for Wireless 2 (5 GHz band). L The [IEEE802.11ac] and the [IEEE802.11n] standards are enabled when “None” or “AES” are set for “Encryption.”

• Dual band communications using the 5 GHz and 2.4 GHz bands can be made, based on the [IEEE802.11a] and the [IEEE802.11b/g] standards.

• To use multiple wireless devices that are based on different wireless LAN standards at the same time, protection mechanisms are built into the AP-95M, for communication rate maintenance.

• The authentication system supports “Open System,” “Shared Key,” “IEEE802.1X,” “WPA,” “WPA2,” “WPAPSK,” and “WPA2-PSK.”

• If “IEEE802.1X,” “WPA” or “WPA2” is selected, the RADIUS authentication server can be used.

• Web authentication function, which authorizes wireless LAN stations, is built into the AP-95M.

• The AP-95M complies with the Power over Ethernet (PoE) power reception function based on the [IEEE802.3af] standard. Therefore, power can be received using a HUB (user supplied) that supports the [IEEE802.3af] standard.

• With the function that the “Wi-Fi Alliance” proposes, SSID and Security (WPA-PSK/WPA2-PSK) can automatically be set to the AP-95M (virtual AP) and the wireless LAN station that supports the Wi-Fi Protected Setup (WPS) function.

L This device is not certied by the Wi-Fi alliance. (As of August 2021)

• Supports the 10BASE-T/100BASE-TX/1000BASE-T automatic switching function.

• Auto MDI/MDI-X system for the port polarity.

• Supports the SNMP system for the network management.

• No license nor certicate is needed to use this product.

iv

INTRODUCTION

ABOUT DEFAULT SETTINGS

Menu Setting screen Setting Title Default setting

Network Settings IP Address IP Address IP Address 192.168.0.1

Subnet Mask 255.255.255.0

DHCP Server DHCP Server DHCP Server Disable

Wireless Settings Wireless LAN Wireless LAN Channel 001CH (2412 MHz) (Wireless 1)

036CH (5180 MHz) (Wireless 2)

Bandwidth 20 MHz

Virtual AP Virtual AP Interface ath0 (Wireless 1)

ath1 (Wireless 2)

SSID WIRELESSLAN-0

Security Authentication Open System/Shared Key

Encryption None

Management Administrator Administrator Password Username admin (Cannot be changed)

Current Password admin (Lower case letters)

To prevent unauthorized access

You must carefully chose your password, and change it occasionally.

• Choose one that is not easy to guess.

• Use numbers, characters and letters (both lower and upper case).

v

INTRODUCTION

SETTING PROCEDURES

Follow the procedures below to set up the AP-95M.

1 Main functions +p.1-4 ~

2 Installation +p.1-10 ~

3 Wireless communication settings +pp.2-2 ~

4 Date, time and other settings +p.3-117 ~

5 Checking and saving the settings +p.4-2 ~

6 Restoring the factory defaults +p.4-4 ~

7 Troubleshooting +p.5-2 ~

vi

TABLE OF CONTENTS

Section 1 BEFORE USING THE AP-95M

1. Panel description …………………………………………………………………………………………………… 1-2 MTop panel ………………………………………………………………………………………………………… 1-2 MRear panel/Back side …………………………………………………………………………………………… 1-3

2. Main functions ……………………………………………………………………………………………………… 1-4 MRoaming function ……………………………………………………………………………………………… 1-5 MWireless Bridge function ……………………………………………………………………………………… 1-6 MVirtual AP function ……………………………………………………………………………………………… 1-7 MAbout the Router function ……………………………………………………………………………………… 1-8 MWPS function …………………………………………………………………………………………………… 1-9

3. Installation ………………………………………………………………………………………………………… 1-10 MInstalling the AP-95M on a rail ……………………………………………………………………………… 1-11

4. Setting …………………………………………………………………………………………………………… 1-12 MSetting a static IP address to a PC ………………………………………………………………………… 1-12 MConnecting a PC ……………………………………………………………………………………………… 1-13 MAccessing the setting screen ………………………………………………………………………………… 1-16 MAbout the setting screen layout ……………………………………………………………………………… 1-18 MChanging the IP address …………………………………………………………………………………… 1-20

Section 2 PREPARATION

1. WIRELESS LAN CONNECTION [Basic] ………………………………………………………………………… 2-2 MEntering the SSID ……………………………………………………………………………………………… 2-2 MEntering the security settings ………………………………………………………………………………… 2-3 MSetting the “WEP RC4” encryption …………………………………………………………………………… 2-4 MAbout the WEP Key …………………………………………………………………………………………… 2-4 MASCII characters and hexadecimal digits …………………………………………………………………… 2-4 MEntering the WEP Key with hexadecimal digits ……………………………………………………………… 2-5 MEntering the WEP Key with ASCII characters ……………………………………………………………… 2-6 MGenerating the WEP Key ……………………………………………………………………………………… 2-7 MAutomatically setting the channels in the 2.4 GHz band …………………………………………………… 2-9 MAutomatically setting the channels in the 5 GHz band …………………………………………………… 2-10 MCommunicating in the 80 MHz bandwidth ………………………………………………………………… 2-11 MEnabling the WPS function ………………………………………………………………………………… 2-12 MAutomatically setting the wireless LAN using the WPS function ………………………………………… 2-13

2. WIRELESS LAN CONNECTION [Advanced] ………………………………………………………………… 2-14 MSetting the Virtual AP ………………………………………………………………………………………… 2-14 MUsing the Wireless Bridging (WBR) function ……………………………………………………………… 2-15 MSetting the Master unit ……………………………………………………………………………………… 2-16 MSetting the Client unit ………………………………………………………………………………………… 2-18 M Setting the Wireless Bridging function to the AP-95M for the RS-AP3 (Option) management ……… 2-19 MSetting the accounting ……………………………………………………………………………………… 2-20 MSetting the MAC Authentication Server (RADIUS) ……………………………………………………… 2-21 MAbout the RADIUS setting …………………………………………………………………………………… 2-22 MAbout the Authentication VLAN ……………………………………………………………………………… 2-23

vii

TABLE OF CONTENTS

Section 3 SETTING SCREEN

[TOP] Screen ………………………………………………………………………………………………………… 3-5

MSystem Status …………………………………………………………………………………………………… 3-5 MMAC Address …………………………………………………………………………………………………… 3-5 MWAN Status ……………………………………………………………………………………………………… 3-5

[Network Status] screen ……………………………………………………………………………………………… 3-6

MInterface List ……………………………………………………………………………………………………… 3-6 MEthernet Port Connection Status ……………………………………………………………………………… 3-6 MWireless LAN …………………………………………………………………………………………………… 3-7 MWireless Bridging (WBR) ……………………………………………………………………………………… 3-7 MDHCP Lease Status …………………………………………………………………………………………… 3-7

[SYSLOG] screen ……………………………………………………………………………………………………… 3-8

[Wireless Status] screen ……………………………………………………………………………………………… 3-9

MAP Status ………………………………………………………………………………………………………… 3-9 MStation Status …………………………………………………………………………………………………… 3-9 MStation Status Details ………………………………………………………………………………………… 3-10 MWireless Bridge Status ……………………………………………………………………………………… 3-11 MWireless Bridge Status Details ……………………………………………………………………………… 3-11

[IP Address] Screen ………………………………………………………………………………………………… 3-12

MHost Name …………………………………………………………………………………………………… 3-12 MVLAN …………………………………………………………………………………………………………… 3-12 MIP Address …………………………………………………………………………………………………… 3-13

[DHCP Server] Screen …………………………………………………………………………………………… 3-14

MDHCP Server ………………………………………………………………………………………………… 3-14 MStatic DHCP …………………………………………………………………………………………………… 3-16 MList of Static DHCP Settings ………………………………………………………………………………… 3-16

[Static Routing] Screen …………………………………………………………………………………………… 3-17

MRouting Table ………………………………………………………………………………………………… 3-17 MStatic Routing ………………………………………………………………………………………………… 3-18 MList of Static Routing Entries ………………………………………………………………………………… 3-18

[Policy Routing] Screen …………………………………………………………………………………………… 3-19

MSource Address Routing …………………………………………………………………………………… 3-19 MList of Source Address Routing Entries …………………………………………………………………… 3-19

[Packet Filter] Screen ……………………………………………………………………………………………… 3-20

MPacket Filter Settings ………………………………………………………………………………………… 3-20 MList of Packet Filter Entries ………………………………………………………………………………… 3-32

Using the Packet Filter …………………………………………………………………………………………… 3-33

MPacket Filtering Examples …………………………………………………………………………………… 3-33

[Web Authentication Basic] Screen ……………………………………………………………………………… 3-37

MWeb Authentication …………………………………………………………………………………………… 3-37 MCustom Page ………………………………………………………………………………………………… 3-39

viii

TABLE OF CONTENTS

Section 3 SETTING SCREEN

[Web Authentication Advanced] Screen ………………………………………………………………………… 3-43

MWeb Authentication Method ………………………………………………………………………………… 3-43 MRADIUS ……………………………………………………………………………………………………… 3-44 MLocal List ……………………………………………………………………………………………………… 3-45 MList of Users …………………………………………………………………………………………………… 3-45

[WAN] Screen ……………………………………………………………………………………………………… 3-46

MConnection Status MConnection Status MConnection Status MConnection Status MConnection Type ……………………………………………………………………………………………… 3-50 MConnection Settings MConnection Settings MConnection Settings MList of Connection Settings

LAN Port

DHCP Client

Static IP

PPPoE

DHCP Client

Static IP

PPPoE

…………………………………………………………………………… 3-46 …………………………………………………………………………… 3-47

……………………………………………………………………………… 3-48

……………………………………………………………………………… 3-49

…………………………………………………………………………… 3-51

…………………………………………………………………………… 3-52

…………………………………………………………………………… 3-53

PPPoE

…………………………………………………………………… 3-55

[NAT] Screen ………………………………………………………………………………………………………… 3-56

MNAT …………………………………………………………………………………………………………… 3-56 MDMZ Host ……………………………………………………………………………………………………… 3-56 MPort Forwarding ……………………………………………………………………………………………… 3-57 MList of Port Forwarding Entries ……………………………………………………………………………… 3-57

[IP Filter] Screen …………………………………………………………………………………………………… 3-58

MGeneral Settings ……………………………………………………………………………………………… 3-58 MIP Filter ………………………………………………………………………………………………………… 3-59 MList of IP Filter Entries ……………………………………………………………………………………… 3-65

[Simple DNS] Screen ……………………………………………………………………………………………… 3-66

MSimple DNS Server Settings ………………………………………………………………………………… 3-66 MList of Simple DNS Server Settings ………………………………………………………………………… 3-66

[Wireless LAN] Screen …………………………………………………………………………………………… 3-67

MWireless LAN ………………………………………………………………………………………………… 3-67

[Virtual AP] Screen ………………………………………………………………………………………………… 3-69

MVirtual AP ……………………………………………………………………………………………………… 3-69 MMAC Authentication Server (RADIUS) ……………………………………………………………………… 3-74 MSecurity ……………………………………………………………………………………………………… 3-75 MSetting for RADIUS …………………………………………………………………………………………… 3-80 MAccounting …………………………………………………………………………………………………… 3-81

[MAC Address Filtering] Screen …………………………………………………………………………………… 3-82

MMAC Address Filtering ……………………………………………………………………………………… 3-82 MStation MAC Address List …………………………………………………………………………………… 3-83 MList of MAC Address Filtering Entries ……………………………………………………………………… 3-84

[Network Monitoring] Screen ……………………………………………………………………………………… 3-85

MNetwork Monitoring …………………………………………………………………………………………… 3-85

ix

TABLE OF CONTENTS

Section 3 SETTING SCREEN

[Wireless Bridging] Screen ………………………………………………………………………………………… 3-87

MWireless Bridging …………………………………………………………………………………………… 3-87 MMaster Settings ……………………………………………………………………………………………… 3-88 MList of Wireless Bridges ……………………………………………………………………………………… 3-89 MClient Settings ………………………………………………………………………………………………… 3-90

[WMM Advanced] Screen ………………………………………………………………………………………… 3-94

MWMM Advanced ……………………………………………………………………………………………… 3-94 MWMM Power Save …………………………………………………………………………………………… 3-98

[Rate] Screen ……………………………………………………………………………………………………… 3-99

MRate Settings ………………………………………………………………………………………………… 3-99 MList of the preset rate ………………………………………………………………………………………… 3-100 MAbout the communication rate ……………………………………………………………………………… 3-102 MAbout the communication rate for each MCS value ……………………………………………………… 3-103 MCommon Settings among Virtual APs ……………………………………………………………………… 3-104

[ARP Caching] Screen ……………………………………………………………………………………………… 3-105

MARP Caching ………………………………………………………………………………………………… 3-105 MARP Caching Status ………………………………………………………………………………………… 3-107

[IP Advanced Radio System] Screen …………………………………………………………………………… 3-108

MAbout the IP Advanced Radio System ……………………………………………………………………… 3-108

[WPS] Screen ……………………………………………………………………………………………………… 3-109

MWPS …………………………………………………………………………………………………………… 3-109 MStarting WPS ………………………………………………………………………………………………… 3-110 MWPS Status …………………………………………………………………………………………………… 3-111

[Administrator] Screen ……………………………………………………………………………………………… 3-112

MAdministrator Password ……………………………………………………………………………………… 3-112

[Management Tools] Screen ……………………………………………………………………………………… 3-113

MAccess Point Management Tools …………………………………………………………………………… 3-113 MHTTP/HTTPS ………………………………………………………………………………………………… 3-114 MIf you cannot access the setting screen …………………………………………………………………… 3-115 MTelnet/SSH …………………………………………………………………………………………………… 3-116

[Date and Time] Screen …………………………………………………………………………………………… 3-117

MDate and Time ………………………………………………………………………………………………… 3-117 MNTP …………………………………………………………………………………………………………… 3-118 MSNTP Server ………………………………………………………………………………………………… 3-119

[SYSLOG] Screen ………………………………………………………………………………………………… 3-120

MSYSLOG ……………………………………………………………………………………………………… 3-120

[SNMP] screen ……………………………………………………………………………………………………… 3-121

MSNMP ………………………………………………………………………………………………………… 3-121 MSNMPv3 ……………………………………………………………………………………………………… 3-122

[LED] screen ………………………………………………………………………………………………………… 3-123

MLED OFF Mode ……………………………………………………………………………………………… 3-123

x

TABLE OF CONTENTS

Section 3 SETTING SCREEN

[Network Test] Screen ……………………………………………………………………………………………… 3-124

MPing Test ……………………………………………………………………………………………………… 3-124 MTraceroute Test ……………………………………………………………………………………………… 3-125

[Reboot] Screen …………………………………………………………………………………………………… 3-126

MReboot ………………………………………………………………………………………………………… 3-126

[Settings Backup/Restore] Screen………………………………………………………………………………… 3-127

MSettings Backup ……………………………………………………………………………………………… 3-127 MSettings Restore ……………………………………………………………………………………………… 3-127 MList of Settings ………………………………………………………………………………………………… 3-128

[Factory Defaults] Screen ………………………………………………………………………………………… 3-129

MFactory Defaults ……………………………………………………………………………………………… 3-129

[Firmware Update] Screen ………………………………………………………………………………………… 3-130

MFirmware Status ……………………………………………………………………………………………… 3-130 MOnline Update ………………………………………………………………………………………………… 3-131 MAutomatic Update …………………………………………………………………………………………… 3-132 MManual Update ……………………………………………………………………………………………… 3-133

Section 4 MAINTENANCE

1. Checking and saving the settings ………………………………………………………………………………… 4-2

2. Uploading the saved settings ……………………………………………………………………………………… 4-3

3. Restoring the factory defaults …………………………………………………………………………………… 4-4 MPushing <MODE> ……………………………………………………………………………………………… 4-4 MUsing the setting screen ………………………………………………………………………………………… 4-5

4. Firmware Update …………………………………………………………………………………………………… 4-6 MAbout the firmware ……………………………………………………………………………………………… 4-6 MFirmware update note …………………………………………………………………………………………… 4-6 MManually updating the firmware: ……………………………………………………………………………… 4-7 MUpdating the firmware online …………………………………………………………………………………… 4-8

xi

TABLE OF CONTENTS

Section 5 INFORMATION

1. Troubleshooting …………………………………………………………………………………………………… 5-2

2. Connecting using Telnet/SSH …………………………………………………………………………………… 5-4

3. About the setting screen …………………………………………………………………………………………… 5-5

4. Feature functions …………………………………………………………………………………………………… 5-8

5. About the characters ……………………………………………………………………………………………… 5-9 MNetwork Settings ………………………………………………………………………………………………… 5-9 MWireless Settings ………………………………………………………………………………………………… 5-9 MManagement …………………………………………………………………………………………………… 5-9

6. Specifications …………………………………………………………………………………………………… 5-10 MGeneral ………………………………………………………………………………………………………… 5-10 MCable LAN …………………………………………………………………………………………………… 5-10 MWireless LAN ………………………………………………………………………………………………… 5-10

xii

Section 1

BEFORE USING THE AP-95M

1. Panel description …………………………………………………………………………………………………… 1-2 MTop panel ………………………………………………………………………………………………………… 1-2 MRear panel/Back side …………………………………………………………………………………………… 1-3

2. Main functions ……………………………………………………………………………………………………… 1-4 MRoaming function ……………………………………………………………………………………………… 1-5 MWireless Bridge function ……………………………………………………………………………………… 1-6 MVirtual AP function ……………………………………………………………………………………………… 1-7 MAbout the Router function ……………………………………………………………………………………… 1-8 MWPS function …………………………………………………………………………………………………… 1-9

3. Installation ………………………………………………………………………………………………………… 1-10 MInstalling the AP-95M on a rail ……………………………………………………………………………… 1-11

4. Setting …………………………………………………………………………………………………………… 1-12 MSetting a static IP address to a PC ………………………………………………………………………… 1-12 MConnecting a PC ……………………………………………………………………………………………… 1-13 MAccessing the setting screen ………………………………………………………………………………… 1-16 MAbout the setting screen layout ……………………………………………………………………………… 1-18 MChanging the IP address …………………………………………………………………………………… 1-20

1-1

BEFORE USING THE AP-95M

1

1. Panel description

■ Top panel

1

2 3 4 5 6

1MODE button �� Used to reset the AP-95M to its default settings. (p.4-4)

• We recommend that you use a pen to hold down this button.

25GHz �� Lights green: 1 or more unit (5 GHz) connection*/WPS succeeded.

No light: Condition other than above.

32.4GHz �� Lights green:

No light: Condition other than above.

4LAN �� Lights green: LAN is connected (1000BASE-T)

Blinks green: LAN is communicating (1000BASE-T) Lights orange: LAN is connected (10BASE-T/100BASE-TX) Blinks orange: LAN is communicating (10BASE-T/100BASE-TX) No light: Condition other than above.

5MODE �� Lights green: The [MODE] button is hold down.

Blinks green: WPS is running. Lights orange: A firmware update is ready (Online update). Blinks orange: WPS failed. (Turns OFF after 30 seconds passed) No light: Condition other than above.

6POWER �� Lights green: Power is ON.

Blinks green: Firmware loading. No light: Condition other than above.

1 or more unit (2.4 GHz) connection*/WPS succeeded.

* When there is no wireless LAN station to connect with the AP-95M, or no wireless communication is made

while “Wireless Unit” is enabled, these indicators will turn OFF. The time when the LED turns OFF differs, depending on the communication status.

NOTE:

When the LED function is enabled, all LED indicators are OFF. (Default: Disable)

1-2

BEFORE USING THE AP-95M

1

1. Panel description

■ Rear panel/Back side

12

3

1[LAN] port (RJ-45 type) � Connect to network devices such as a network switch (HUB). (p.3-46)

• If the power is supplied through PoE, connect a HUB (IEEE802.3af) regardless of the connection type.

• When“LANportˮ(Default)isselectedastheConnectiontype: Used as a LAN port that accepts network devices such as HUB (VLAN switch, and so on.) or router modem.

• When“DHCPClient,”“StaticIP”or‟PPPoE”: Used as a WAN port that accepts a bridge modem (ADSL, VDSL, CATV) or ONU (Optical Network Unit).

2DC jack �� Connect to the supplied or optional power adapter.

• When you use the power from the Ethernet cable (PoE), you do not need a separate power adapter.

3Security slot �� Attach a security wire (user supplied).

Refer to the instruction manual that comes with the security wire for details.

1-3

BEFORE USING THE AP-95M

1

2. Main functions

 Access Point function The AP-95M is a wireless access point that complies with the “IEEE802.11ac” and “IEEE802.11n” standards. It is designed for dual band communications in the 2.4 GHz and 5 GHz bands.

 Wireless LAN (SSID) SSIDs are set to AP-95M and wireless LAN stations, to distinguish (groups) the wireless network. (p.2-2)

• The AP-95M is equipped with 2 wireless LAN units. When using multiple virtual APs, the same SSIDs cannot be set in a wireless LAN unit.

 Maximum Number of Stations

This function limits the number of wireless LAN stations that can be connected at a time to each Virtual AP.

Thispreventsthecommunicationtrafcspeedfrombeingreducing.(p.3-69)

 Privacy Separator

This function blocks the communication between wireless LAN stations that use the same virtual AP.

• Ifthisfunctionissetto‟Enable,”allcommunicationsbetweenwirelessdevicesinthesameVirtualAPareinhibited. (p.3-69)

• To inhibit the communication between wireless devices that are in a different virtual AP, set the Packet Filter function (p.3-20).

Virtual AP: ath0 Virtual AP: ath01

 ‘IEEE802.11ac’ standard With data communication using a quadruple frequency bandwidth (channel) and multiple antennas, communication with a maximum speed of 867 Mbps* (theoretical value) can be made.

* The ‘IEEE802.11ac’ standard can be used only when Encryption is set to “None” or “AES.”

The ‘IEEE802.11ac’ standard can be used only on the 5 GHz band (Wireless 2). In addition, the Bandwidth must be set to “80 MHz” to use the maximum 867 Mbps. (p.2-11)

• The ‘IEEE802.11ac’ is compatible with the ‘IEEE802.11n/a’ standard.

 ‘IEEE802.11n’ standard With data communication using a double frequency bandwidth (channel) and multiple antennas, communication with a maximum speed of 400 Mbps* (theoretical value) can be made.

* The ‘IEEE802.11n’ standard can be used only when Encryption is set to “None” or “AES.”

In addition, the client wireless LAN station must be compatible with 256QAM modulation, and the Bandwidth must be set to “40 MHz” to use the maximum of 400 Mbps. (p.2-11)

• The ‘IEEE802.11n’ is compatible with the ‘IEEE802.11a/b/g’ standard.

1-4

BEFORE USING THE AP-95M

006CH (2437 MHz)

The setting values in this diagram are examples.

1

2. Main functions

■ Roaming function

Even if you moved a wireless LAN station, this function enables a wireless LAN station to automatically switch to the access point (AP-95M) with the best signal. This enables you to use the wireless LAN station in larger areas.

“IEEE802.11g” standard

SSID: WIRELESSLAN-0 Channel: 001CH (2412 MHz)

HUB

To cabled LAN

19 2.16 8.0 .2 19 2.16 8.0 .1

Wireless LAN station

192.168.0.100 SSID: WIRELESSLAN-0

Moving

“IEEE802.11g” standard

SSID: WIRELESSLAN-0 Channel:

Automatically switches when moved

Using the roaming function

• Set the identical SSID, security settings to both the AP-95M and the wireless LAN station.

• When using this function in a area that many wireless LAN devices are used, set a channel where there is no interference, or set “Automatic” for “Channel” in the Wireless LAN screen. In the wireless LAN standard (IEEE802.11g) used in the example above, set more than 4 channels between access points.

L Set the roaming threshold value on the wireless LAN station according to the equipment used.

Using the Beam Forming function and MU-MIMO function

The Beam Forming function sends the signal in the direction of the device that it will communicate with. The MU-MIMO function provides concurrent communications with plural wireless devices without interference.

1-5

BEFORE USING THE AP-95M

Master settings

Client settings

1

2. Main functions

■ Wireless Bridge function

The wireless bridging function enables you to connect Icom’s wireless access points together.

• The access point that can communicate with differs, depending on the integrated wireless LAN unit.

AP-95M's Wireless LAN unit Band AP-90M AP-95M

Wireless 1 (WBR) 2.4 GHz Yes (Wireless 2 (WBR)) Yes Wireless 2 (WBR) 5 GHz Yes (Wireless 2 (WBR)) Yes

• AP-90M's Wireless 1 (WDS) and AP-95M's Wireless 1/2 (WBR) do not communicate each other.

L If the channel is set to “Automatic” (p.2-10), the wireless Bridge function cannot be used. L Set the virtual AP (ath0 or ath1) on the master side, and then build a star-shaped network.

• Multiple clients can be connected to the master.

• A client can only be connected to one master.

L Check the client’s “BSSID” on the “Wireless Bridging (WBR)” screen, and then enter in the “Peer BSSID”

eld.

• A maximum of 8 clients can be registered to the master.

• The master’s SSID and security settings can be set on the “Virtual AP” screen.

L The client scans the matching SSID and security settings.

• Set the master’s SSID and security settings on the client’s “Wireless Bridging” screen.

(As of August 2021)

Cable LAN Cable LAN

• The client side automatically changes to Master channels.

• When the AP-95M operates as a client, the channel and WMM Advanced settings are invalid.

• If there are multiple masters, the master to connect will depend on the radio signal strength.

• Roaming will not be performed unless the signal is cut off, even if the signal strength is changed.

Channel: 001CH (2412 MHz) Virtual AP: ath0 SSID: WIRELESSLAN-0 Authentication: WPA2-PSK Encryption: AES PSK: wirelessmaster BSSID: 1E-90-C7-00-00-03 (Client BSSID)

Master

19 2.16 8. 0.1

Wireless bridging

SSID: WIRELESSLAN-0 Authentication: WPA2-PSK Encryption: AES PSK: wirelessmaster

• These values are examples.

Client

19 2.16 8. 0.2

BSSID: 1E-90-C7-00-00-03

1-6

BEFORE USING THE AP-95M

1

2. Main functions

■ Virtual AP function

With an AP-95M, you can make multiple wireless station groups by their settings (SSID/Security/VLAN ID).

• The VLAN function and Router function cannot be used at the same time.

• The illustration below is an example of using “ath0,” “ath01” and “ath02” for different wireless station groups’ virtual AP.

Wireless LAN station group Cable LAN station group

SSID: WIRELES SL AN-1 VLAN ID: 10 Security: WPA-PSK AES

ath01

SSID: WIRELESSLAN-0 VLAN ID: 0 (No tag) Security: WPA-PSK AES

ath0

Management VLAN

ID: 0 (No tag)

AP-95M

VLAN ID: 10

LAN without VLAN tag

SSID: WIRELESSLAN-2 VLAN ID: 20 Security: WPA-PSK TKIP

ath02

VLAN switch

VLAN ID: 20

• To prevent lower a communication rate, using Wireless 1 and Wireless 2 (for each) with 4 or fewer Virtual APs is recommended.

Using the Virtual AP function

• Using a Virtual AP*, you can create a wireless network with up to 16 groups. * If you want to create an IEEE802.11ac standard wireless network, set the Virtual AP (ath1, ath11 to ath17)

on the “Virtual AP” screen of Wireless 2 (5 GHz band).

• When using multiple Virtual AP functions, the same [SSID] cannot be set to Virtual APs on both wireless LAN units.

• You can set VLAN IDs (0 to 4094) to the virtual AP’s wireless station groups.

• [Management VLAN ID] is set to “0” as the default. Therefore, you cannot access the setting screen from the network with the VLAN ID set other than “0” (default).

1-7

BEFORE USING THE AP-95M

1

2. Main functions

■ About the Router function

The AP-95M has a router function that enables the wireless devices on the LAN to access the internet.

• The [Connection Type] item is set to “LAN Port” as the default. If your modem is a router modem, the AP-95M's Router function is not necessary. Set the [Connection Type] item to “LAN Port”.

• Ask your Internet provider (ISP) for the connection type.

[Connecting a Bridge modem]

SelecttheConnectionType(DHCPclient/PPPoE/StaticIP)asspeciedbyyourISP,andthenconnecta

modem (ADSL, VDSL, CATV) or ONU (Optical Network Unit) to the [LAN] port.

• The [LAN] port can be used as a WAN port.

Wireless LAN station

AP-95M

Wireless LAN station

[LAN] port (Used as a WAN port)

[Connecting a Router modem]

Connect a router modem to the [LAN] port. Select LAN Port for the Connection Type.

• The [LAN] port can be used as a LAN port.

Cable LAN station

INTERNETINTERNET

Bridge modem/DCE (FTTH)

ISP

Wireless LAN station

INTERNETINTERNET

Cable LAN station

AP-95M

[LAN] port (Used as a LAN port)

Router modem

ISP

1-8

BEFORE USING THE AP-95M

1

2. Main functions

■ WPS function

With the function that the “Wi-Fi Alliance” proposed, SSID and Security (WPA-PSK/WPA2-PSK) can automatically be set to the wireless LAN station that supports the WPS (Wi-Fi Protected Setup) function.

• To automatically set it and start the WPS function, select either of the following methods.

L Clicking <Start> on the setting screen. (p.2-12)

(Push Button)

L Setting the communicator’s PIN code.

 (PIN(PersonalIdenticationNumber))

Not using the WPS function

Connect the cable LAN station.

q

Access the setting screen.

w

Set the SSID and Shared Key.

e

Using the WPS function

Connect the cable LAN station.

q

Access the setting screen.

w

Set the SSID and Shared Key.

e

Click <Start> on the WPS screen.

r

AP-95M

Wireless LAN station

Start the connection software.

r

Select the “SSID” of the virtual AP.

t

Enter the Shared Key.

y

Push [WPS].

t

Using the WPS function

• Use a wireless LAN station that supports the WPS function.

• If your wireless LAN station has no [WPS] button, use the application that supports WPS, or a regular wireless network connection using Windows.

• Enable and set the SSID and security to the virtual AP and select it as “Interface” to use the WPS function. (p.3-69) If you select an invalid virtual AP for “Interface,” the WPS function cannot be used.

1-9

BEFORE USING THE AP-95M

1

3. Installation

This product radiates or receives radio wave from its top surface, so we recommend mounting on a wall or ceiling. You can mount on the wall or ceiling using the supplied bracket, by following procedure q to t below.

DANGER!

R

Mount the unit securely to a thick surface that can support more than 600 g (1.3 lb).

Wall or ceiling

q

Use the supplied anchor if mounting on drywall.

13 × 43 mm (0.5 × 1.7 in)

Screw hole

w

80 mm (3.1 in)

Hook slots

r

Mark the screw positions using the bracket as the template.

By placing the bracket on the wall so that the two screw holes are horizontal, you can mount the access point at the correct angle.

Mount the unit to the bracket by hooking the screws (e) to the hook slots (r) and twisting the unit until it makes a click sound (t).

Tapping screw (Supplied)

3.5 × 32 mm (0.1 × 1.3 in)

t

Screw holes

e

Dimensions

Hooking screws (Supplied)

2.6 × 14 mm (0.1 × 0.6 in)

52 mm (2 in)

42 mm (1.7 in)

Wall or ceiling

162 mm (6.4 in)

To remove the unit from the bracket:

Becarefulofnottobreakyourngernail.

q

While holding down this notch to release the lock.

1-10

Twist the unit counter-clockwise

w

until it is detached from the bracket.

BEFORE USING THE AP-95M

1

3. Installation

■ Installing the AP-95M on a rail

The supplied rail clip enables you to install the AP-95M to a rail. Attach rails clips to the AP-95M's bottom panel, then push them into the rail until it makes a click sound.

• If you attach a security wire (user supplied), attach the AP-95M to a rail in advance.

Rail (User supplied)

Supplied clips

Security slot

Attaching rail clips:

2 types of rail clips are supplied with the AP-95M. Use the appropriate type according to the rail to attach the AP-95M. The supplied spacers can be used to make a gap between the AP-95M and the ceiling.

Supplied screw (2.6 x 25 mm)

Supplied screw (2.6 x 10 mm)

Supplied clip (14.3 mm: 0.6 inch)

Supplied clip (23.8 mm: 0.9 inch)

Supplied spacer

1-11

BEFORE USING THE AP-95M

1

4. Setting

■ Setting a static IP address to a PC

The following procedures describe how to set a static IP address (example: 192.168.0.100), based on Microsoft Windows 10. The AP-95M’s IP address is set to “192.168.0.1,” and the DHCP server is set to “Disable,” as the default.

Click [Start] (Windows logo) and then click [Control Panel].

1

In the [Control Panel] window, click [Network and Internet] and then click [Network and Sharing Center].

2

Click [Change adapter settings].

3

Right-click [Local Area Connection] (cable LAN station) or [Wireless Network Connection] (wireless

4

LAN station), and then click [Properties] in the displayed menu list.

q Right-click

w Click

If the [User Account Control] message appears, click [Yes] to continue.

5

In the [Local Area Connection Properties] (for a cable LAN station) or the [Wireless Network

6

Connection Properties] (for a wireless LAN station) screen, select “Internet Protocol Version 4 (TCP/IPv4),” and then click [Properties]. The “Internet Protocol Version 4 (TCP/IPv4) Properties” screen is displayed.

Select “Use the following IP address” and enter the IP address (example: 192.168.0.100) and the

7

Subnet mask (example: 255.255.255.0), and then click [OK].

q Select

Close the window.

8

w Enter

If necessary, change the PC’s IP address after setting up the AP-95M.

e Click

1-12

BEFORE USING THE AP-95M

1

4. Setting

■ Connecting a PC

• When using a Cable LAN device:

Follow the procedures q to r to connect with the AP-95M, and check the indications described below.

Check the [LAN] indication

r

If [LAN] does not light, check the LAN cable connection.

Lights: Blinks: Green: Orange:

w

LAN connected LAN is communicating 1000BASE-T 10BASE-T/100BASE-TX

Connect the power adaptor

[POWER] lights green when the AP-95M has completed its boot up.

AC outlet

To the [LAN] portTo the [LAN] port

Connect Cables

q

To the DC jack

LAN cable (User supplied: Category 5e or higher)

AP-95M

(Default: 192.168.0.1)

Start the PC

e

1-13

PC

(Example: 192.168.0.100)

BEFORE USING THE AP-95M

1

4. Setting

■ Connecting a PC

• When using a Wireless LAN device:

Turn ON the AP-95M's power.

1

Check the [POWER] indication

If [POWER] does not light, check the power cable connection.

AC outlet

2

Click the wireless network connection icon on the PC.

• It may take a few minutes until the icon appears.

Click

To the DC jackTo the DC jack

AP-95M

(Default: 192.168.0.1)

PC

(Example: 192.168.0.100)

1-14

BEFORE USING THE AP-95M

1

4. Setting

■ Connecting a PC

• When using a Wireless LAN device:

Select the SSID assigned to the AP-95M (example: WIRELESSLAN-0) and click [Connect].

3

• “Connect to a Network” is displayed.

Click

4

The setting is completed when [5GHz] or [2.4GHz] lights green.

Click

1-15

(Continued on the next page.)

BEFORE USING THE AP-95M

1

4. Setting

■ Accessing the setting screen

• The following procedures describe how to use the AP-95M setting screen using a web browser.

Open your web browser, then enter the IP address* of the AP-95M into the address bar.

1

http://192.168.0.1/

*The default IP address is “192.168.0.1.”

2

Push the [ENTER] key.

• The Login Authentication screen will appear.

3

Enter“admin”(xedusername)and“admin”(defaultpassword)intheirrespectiveinputeldsintheLogin

Authentication window, and then click [OK].

•Whenaccessingthewebbrowserforthersttime,settingthetimezoneisrequired.(Settingcountryisalsorequired onlyinEurope.)Seethe“SettingtheTimeZoneandCountry”leaetfordetails.

Enter

q Enter

w Click

1-16

BEFORE USING THE AP-95M

1

4. Setting

■ Accessing the setting screen

• When using a Wireless LAN device:

1

2

3 4

1Link to the Icom web site If your PC is connected to the Internet, click the Icom logo to open the

Icom web site.

2Setting menu �� Displays the screen name list on a menu line. When you click each

menu title, a list of items drops down, which you can use to select the desired setting item.

3Setting screen �� Displays the settings and values when you click the screen name.

4Setting buttons �� Save or cancel the setting values.

• Items and buttons may differ, depending on the setting.

1-17

BEFORE USING THE AP-95M

1

4. Setting

■ About the setting screen layout

The screen automatically re-sized and aligned according to the web browser window size. You can adjust the window size, depending on your PC screen size.

Screen size: Large

Screen size: Middle

Screen size: Small

1-18

BEFORE USING THE AP-95M

1

4. Setting

■ About the setting screen layout

The hidden menu appears by clicking “

Click

.”

1-19

BEFORE USING THE AP-95M

1

4. Setting

Network Settings > IP Address > IP Address

■ Changing the IP address

Make sure the AP-95M’s IP address is not the same as other network device’s address.

1

Click [Network Settings], and then click [IP Address].

2

In the “IP Address” screen, change the “IP Address” settings and then click [Apply].

• The changes are saved.

q Enter

w Click

• If you have changed the “Network (example: 192.168.0)” digits on the AP-95M’s IP address, also change the PC’s network digits on the IP address to the same value.

IP Address assigning An IP Address consists of two parts, the “Network” and “Host.” For example, in the AP-95M’s IP address “192.168.0.1” (Class C), the digits “192.168.0” are the network digits and the “1” at the end is the host digit. Network devices with the same network numbers are recognized as belonging to the same network.

Furthermore,thenetworkdevicesinthenetworkareidentiedbythehostpart.

Assign the IP Address considering the following points.

• Set the identical network digits for all the devices that you want to add into the network.

• Do not set the same host digit to network devices in the same network.

•Donotsetthenetworkaddresswhosetherstdigitofthehostpartis“0.”

• Do not set the broadcast address whose the last digit of the host part is “255.”

1-20

PREPARATION

1. WIRELESS LAN CONNECTION [Basic] ………………………………………………………………………… 2-2 MEntering the SSID ……………………………………………………………………………………………… 2-2 MEntering the security settings ………………………………………………………………………………… 2-3 MSetting the “WEP RC4” encryption …………………………………………………………………………… 2-4 MAbout the WEP Key …………………………………………………………………………………………… 2-4 MASCII characters and hexadecimal digits …………………………………………………………………… 2-4 MEntering the WEP Key with hexadecimal digits ……………………………………………………………… 2-5 MEntering the WEP Key with ASCII characters ……………………………………………………………… 2-6 MGenerating the WEP Key ……………………………………………………………………………………… 2-7 MAutomatically setting the channels in the 2.4 GHz band …………………………………………………… 2-9 MAutomatically setting the channels in the 5 GHz band …………………………………………………… 2-10 MCommunicating in the 80 MHz bandwidth ………………………………………………………………… 2-11 MEnabling the WPS function ………………………………………………………………………………… 2-12 MAutomatically setting the wireless LAN using the WPS function ………………………………………… 2-13

Section 2

2. WIRELESS LAN CONNECTION [Advanced] ………………………………………………………………… 2-14 MSetting the Virtual AP ………………………………………………………………………………………… 2-14 MUsing the Wireless Bridging (WBR) function ……………………………………………………………… 2-15 MSetting the Master unit ……………………………………………………………………………………… 2-16 MSetting the Client unit ………………………………………………………………………………………… 2-18 MSetting the Wireless Bridging function to the AP-95M for the RS-AP3 (Option) management ……… 2-19 MSetting the accounting ……………………………………………………………………………………… 2-20 MSetting the MAC Authentication Server (RADIUS) ……………………………………………………… 2-21 MAbout the RADIUS setting …………………………………………………………………………………… 2-22 MAbout the Authentication VLAN ……………………………………………………………………………… 2-23

NOTE:

All the wireless connections will be temporally disconnected when you click <Apply> on the [Wireless LAN Setting] screen.

2-1

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ Entering the SSID

Entering the SSID is required for a wireless LAN station to identify the wireless network.

• Communicating with Wireless 1 “ath0” is used as an example. (Default: WIRELESSLAN-0)

1

Click [Wireless 1] in the “Wireless Settings” menu, and then click [Virtual AP].

2

In the “Virtual AP” menu, enter an SSID of up to 32 characters. (Example: ICOM)

3

Click <Apply>.

Enter

Select “Enable” to disable SSID broadcasting. (Default: Disable)

• The Hide SSID function and the WPS function cannot be used at the same time.

About the Hide SSID function

You can prevent the connection from unknown wireless stations.

• If the “Hide SSID” item is set to “Enable,” the AP-95M’s SSID will not be displayed in the Wireless Network Connection item on the PC screen.

L We recommend that you change this setting only if it is necessary.

2-2

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ Entering the security settings

Enter the same security settings for the wireless LAN station.

• Communicating with Wireless 1 (2.4 GHz) “ath0” is used as an example. Authentication: WPA-PSK/WPA2-PSK Encryption: TKIP/AES PSK (Pre-Shared Key): wirelessmaster (See page 2-24 for details on the security settings that are not mentioned in this instruction.)

Select “WPA-PSK/WPA2-PSK” for Authentication and “TKIP/AES” for Encryption, and then enter

1

“wirelessmaster” in the PSK (Pre-Shared Key) eld.

• The entry mode (hexadecimal digits/ASCII characters) is automatically differentiated, according to the

number of digits or characters entered in the “PSK (Pre-Shared Key)” eld.

- ASCII: 8 ~ 63 characters

- Hexerdecimal: 64 digits

Click <Apply>.

2

1Select

2Enter

2-3

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

■ Setting the “WEP RC4” encryption

There are three ways to congure the “WEP RC4” encryption.

• Directly entering the hexadecimal encryption keys. (p.2-5)

• Directly entering the ASCII lettered encryption keys.

• Generating the encryption keys according to the entered “Key Generator” character strings. (p.2-7) L “Encryption” is not set as a default. L If you cannot set “WEP RC4,” the WPS function may be set to the Virtual AP (ath0 to ath7) used. (p.2-12)

■ About the WEP Key

The number of digits or characters that can be entered differs, depending on the “Encryption” setting and the bit number in the parenthesis. The entry mode (hexadecimal digits/ASCII characters) is automatically selected, according to the number of entered digits or characters.

Authentication

Open System Shared Key Hexadecimal ASCII

✓

✓ ✓

Encryption

None (Default) — —

WEP RC4 64 (40) bit 10 digits 5 characters

WEP RC4 (104) bit 26 digits 13 characters

WEP RC4 152 (128) bit 32 digits 16 characters

Entry mode

■ ASCII characters and hexadecimal digits

If “Encryption” cannot be set for the communicator’s entry mode, enter characters according to the following table. For example, “4153434949” (10 hexadecimal digits) in the hexadecimal code will be “ASCII” (5 numbers and letters) in the ASCII characters.

ASCII ! ” # $ % & ’ ( ) * , - . /

Hexadecimal 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f

ASCII 0 1 2 3 4 5 6 7 8 9 : ; < = > ?

Hexadecimal 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f

ASCII @ A B C D E F G H I J K L M N O

Hexadecimal 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f

ASCII P Q R S T U V W X Y Z [ \ ] ^ _

Hexadecimal 50 51 52 53 54 55 56 57 58 59 5a 5b 5c 5d 5e 5f

ASCII ` a b c d e f g h i j k l m n o

Hexadecimal 60 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f

ASCII p q r s t u v w x y z { | } ~

Hexadecimal 70 71 72 73 74 75 76 77 78 79 7a 7b 7c 7d 7e

To prevent unauthorized access

You must carefully choose your password, and change it occasionally.

• Choose one that is not easy to guess.

• Use numbers, characters and letters (both lower and upper case).

2-4

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ Entering the WEP Key with hexadecimal digits

The following example is when Wireless 1 (2.4 GHz) is set to “ath0.” Authentication: Open System/Shared Key (default) Encryption: WEP RC4 128 (104) WEP Key: 26 digits or characters (0 to 9, a to f or A to F)

1

Click [Wireless Settings] and [Wireless 1], and then click [Virtual AP].

2

Select [WEP RC4 128 (104)] for “Encryption,” and then enter the 26 digit or characters WEP Key.

3

Click <Apply>.

Make sure “Open System/Shared Key” is selected.

q Select

w Enter

2-5

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ Entering the WEP Key with ASCII characters

The following example is when Wireless 1 (2.4 GHz) is set to “ath0.” Authentication: Open System/Shared Key (default) Encryption: WEP RC4 128 (104) WEP Key: 13 characters (example: RETSAMEVAWNAL)

1

Click [Wireless Settings] and [Wireless 1], and then click [Virtual AP].

2

Select [WEP RC4 128 (104)] for “Encryption,” and then enter the 13 characters WEP Key.

3

Click <Apply>.

Make sure “Open System/Shared Key” is selected.

q Select

w Enter

2-6

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ Generating the WEP Key

The following example is when Wireless 1 (2.4 GHz) is set to “ath0.” Authentication: Open System/Shared Key (default) Encryption: WEP RC4 128 (104) Key Generator: Desired character string of up to 31 characters (example: ICOM)

1

Click [Wireless Settings] and [Wireless 1], and then click [Virtual AP].

2

Select [WEP RC4 128 (104)] for “Encryption,” and then enter the desired character string of up to 31 characters into “Key Generator.”

3

Click <Apply>.

Make sure “Open System/Shared Key” is selected.

q Select

w Enter

The generated WEP Key is displayed.

About the Key Generator

• The Key Generator is not compatible non-Icom products.

• Enter the desired characters to automatically generate the WEP key into the text box.

• The generated digits or characters differ, depending on the “Encryption” setting.

2-7

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

Wireless Settings > Wireless 1/Wireless 2 > MAC Address Filtering

You can set the AP-95M to allow or deny the access from wireless LAN stations, for each virtual AP (up to 1024 stations).

• The following steps describe how to set to allow or deny access, using Wireless 1’s (2.4 GHz) virtual AP (ath0) as an example.

1

Click [Wireless Settings] and [Wireless 1], and then click [MAC Address Filtering].

2

Select [Enable] for “MAC Address Filtering,” and then click <Apply>.

q Select

3

Enter the MAC address of the wireless LAN station that you want to allow access, and then click [Add].

Kq

Kw

e Check

1Status �� Displays the wireless communication status.

<Connected>: While communicating with the AP-95M, the

[Connected] button is displayed.

L If you click [Connected], the communication

status and wireless LAN stations are displayed.

Disallowed: Displayed when communication is denied by

the AP-95M.

On the List: Displayed if the MAC address is registered

but not connected.

w Click

q Enter

w Click

2<Add>/<Delete> �� Adds the MAC address of the displayed wireless LAN station to

the list, or deletes the address from the list.

2-8

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

Wireless Settings > Wireless 1/Wireless 2 > Wireless LAN

■ Automatically setting the channels in the 2.4 GHz band

Setting the Wireless 1 is used as an example.

• You can select “Automatic” only when “20 MHz” is selected in the [Bandwidth] item.

• You can conrm the channel in use on the setting screen.

• When clicking <Apply> on the Wireless LAN screen, the channel is scanned and the channel is automatically set.

• When managing the AP-95M by the RS-AP3, the channel is not be automatically set.

1

Click [Wireless Settings] and [Wireless 1], and then click [Wireless LAN].

2

Select [Automatic] for “Channel,” and then click <Apply>. (Default: 001 CH (2412 MHz))

Make sure that the default value is selected.

q Select

w Click

e Check

2-9

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

Wireless Settings > Wireless 1/Wireless 2 > Wireless LAN

■ Automatically setting the channels in the 5 GHz band

Setting Wireless 2 is used as an example.

1

Click [Wireless Settings] and [Wireless 2], and then click [Wireless LAN].

2

Select [Automatic] for “Channel,” and then click <Apply>. (Default: 036CH (5180 MHz))

Make sure the default value is selected.

q Select

w Click

e Check

Precautions on using the AP-95M outdoors

Use the AP-95M outdoors according to your local regulations.

2-10

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

Wireless Settings > Wireless 2 > Wireless LAN

■ Communicating in the 80 MHz bandwidth

The [IEEE802.11ac] standard can be used when “5 GHz” is selected for Wireless 2 and “None” or “AES” is selected as “Encryption” on the “Virtual AP” screen.

• If “Encryption” is set to “WEP RC4” or “TKIP,” the communication is made in the [IEEE802.11a/b/g] standard, according to the set Frequency Band.

Click [Wireless Settings] and [Wireless 2], and then click [Wireless LAN].

1

Select “80 MHz” for the Bandwidth. (Default: 20 MHz)

2

Select

Click <Apply>.

3

40 MHz/80 MHz bandwidth communication

• When you are using the 40 MHz or 80 MHz bandwidth mode on the wireless LAN, rst check nearby frequencies in order to not to interfere other radio stations.

• If your are interfered with a radio station using this device, set the “Bandwidth” to “20 MHz (default).”

2-11

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

This topic explains how to automatically assign the SSID and PSK (Pre-Shared Key), that are set to the Virtual AP, to a wireless LAN station by the WPS (Wi-Fi Protected Setup) function.

• See page 2-3 for the SSID and security setting details.

• The Authentications that can be used for the WPS function are “WPA-PSK” and “WPA2-PSK.”

Wireless Settings > WPS

■ Enabling the WPS function

“Push Button” is used in this example. (p.3-110)

• If the WPS function is enabled, the <Start> button will appear on the setting screen.

1

Click [Wireless Settings], and then click [WPS].

2

Select “Interface” (example: ath0) to use the WPS function, and then click <Apply>. (Default: None)

3

Check “WPS Status.”

q Select

w Click

Check

The set Virtual AP settings are displayed.

2-12

(Continued on the next page)

PREPARATION

2

1. WIRELESS LAN CONNECTION [Basic]

This page describes how to assign the automatic setting by using the [WPS] function. (Automatically sets the SSID and PSK (Pre-Shared Key) contents to the wireless LAN station.)

Wireless Settings > WPS

■ Automatically setting the wireless LAN using the WPS function

A Windows 10’s regular network connection is used as an example to describe how to automatically set up the wireless LAN station using the WPS function.

• See the wireless station’s instruction manual for more details.

• If [MODE] blinks orange and settings cannot be made, set “None” for “Interface” (p.2-12) to manually set the station.

1

Click the wireless network connection icon on the PC.

• It may take a few minutes until the icon appears.

Click

2

Select the SSID assigned to the AP-95M (example: WIRELESSLAN-0) and click [Connect].

• “Connect to a Network” is displayed.

Click

“Security key” does not need to be entered.

• If the connection fails, enter the PSK and click [Next].

Check

3

Push [WPS] on the AP-95M. [MODE] slowly blinks green .

Click

4

The setting is completed when [5GHz] or [2.4GHz] lights green

.

2-13

[MODE]

Blinks green: WPS is running Blinks in orange: WPS failed (turns OFF after 30

seconds)

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ Setting the Virtual AP

Setting the wireless LAN station (ath01) illustrated in light blue is used as an example.

• The Virtual LAN function and Routing function cannot be used at the same time. [Virtual AP] Interface: ath01 Virtual AP: Enable

SSID: WIRELESSLAN-1 (Default) VLAN ID: 10

[Security] Authentication: WPA-PSK/WPA2-PSK

Encryption: AES

PSK (Pre-Shared Key): RETSAMEVAWNAL

Wireless LAN station group Cable LAN station group

SSID: WIRELESSLAN-1 VLAN ID: 10 Security:

WPA-PSK/WPA2-PSK AES

ath01

Management VLAN ID: 0 (No tag)

VLAN ID: 10

SSID: WIRELESSLAN-0 VLAN ID:0 (No tag) Security:

• Virtual AP “ath0” is assumed to have been already congured in this example.

• See “Virtual AP function” for more details. (p.1-7)

1

Click [Wireless Settings] and [Wireless 1], and then click [Virtual AP].

2

Select “ath01” for “Interface,” and then set the other settings, as in the examples described above.

WPA-PSK/WPA2-PSK AES

ath0

AP-95M

VLAN switch

Make sure “WIRELESSLAN-1” is entered.

LAN without VLAN tag

q Select

w Click

e Enter

2-14

r Select

t Enter

y Click

 (Continued on the next page)

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Wireless Bridging (WBR)

■ Using the Wireless Bridging (WBR) function

Setting two AP-95Ms (illustration: master (ath0) and client) with the following settings are used as an example.

• Refer to “Wireless Bridging function” for how to use the function. (p.2-16)

• The client unit channel automatically changes to the master unit channel.

The channel “001CH (2412 MHz)” (Wireless 1) is set as the default, and it is used as the example in this description.

• The client virtual AP (ath07, ath17) cannot be used when the wireless bridging function is set.

• The IP address which was set in “Changing the IP address” (p.1-20) is used as an example.

Master (p.2-16) [Wireless LAN] Channel: 001CH (2412 MHz) (default) [Virtual AP] Interface: ath0 ( Communication is done on the SSID and security

settings that are set in the Master station (Virtual AP

setting: ath0 (Wireless 1) and ath1 (Wireless 2).) Virtual AP: Enable (default) SSID: WIRELESSLAN-0 (default) [Security] Authentication: WPA2-PSK Encryption: AES PSK (Pre-Shared Key): wirelessmaster [Wireless Bridging] Wireless Bridging: Enable Operating Mode: Master Interface: wbr0 Client BSSID: 1E-90-C7-00-00-03 (Client BSSID)

• Check the Client BSSID by enabling “Wireless Bridging” on the client’s “Wireless Bridging (WBR)” screen.

Client (p.2-18) [Wireless Bridging] Wireless Bridging: Enable Operating Mode: Client [Client Settings] SSID: WIRELESSLAN-0 (default) Authentication: WPA2-PSK Encryption: AES PSK (Pre-Shared Key): wirelessmaster

• The client’s “Interface” cannot be changed from “wbr16” (wireless 1) or “wbr17” (wireless 2).

Master settings Channel: 001CH (2412MHz) Virtual AP: ath0 SSID: WIRELESSLAN-0 Authentication: WPA2-PSK Encryption: AES PSK: wirelessmaster BSSID: 1E-90-C7-00-00-03

(Client BSSID)

Master

192.168.0.1

Cable LAN Cable LAN

Wireless Bridging

connection

Client settings SSID: WIRELESSLAN-0 Authentication: WPA2-PSK Encryption: AES PSK: wirelessmaster

• The client unit channel automatically changes to the master unit channel.

• These settings are example.

Client

192.168.0.2

BSSID: 1E-90-C7-00-00-03

2-15

 (Continued on the next page)

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Wireless Bridging (WBR)

■ Setting the Master unit

Follow the steps below to set the master unit to use with the Wireless Bridging function.

1

Click [Wireless Settings] and [Wireless 1], and then click [Virtual AP].

2

Set “ath0” for the interface, and then enable the virtual AP.

You can select “ath0” (wireless 1) or “ath1” (wireless 2)

Make sure “WIRELESSLAN-0” is entered.

3

Click [Wireless Settings] and [Wireless 1], and then click [Wireless Bridging (WBR)].

4

Set wireless bridging settings for the master unit.

Set the client BSSID for the master unit.

q Select

w Enter

e Click

q Click

w Select

e Check

r Enter

t Click

2-16

(Continued on the next page)

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Wireless Bridging (WBR)

■ Setting the Master unit

Click <OK>.

5

• For Wireless 1, the wireless bridging is made using the SSID and Security settings set to the virtual AP (ath0) on the master unit.

• The client unit scans the master unit that has the matching SSID and security settings.

Click

6

Check the “List of Wireless Bridges.”

Check

2-17

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Wireless Bridging (WBR)

■ Setting the Client unit

Follow the steps below to set the client unit to use with the Wireless Bridging function.

• The wireless bridging is made using the SSID and Security settings that are set to the virtual AP (ath0) (Wireless 1) or (ath1) (Wireless 2) on the master unit.

• The client unit scans the master unit that has the matching SSID and security settings.

• During a scan with the client unit, the wireless LAN station cannot be connected to the other virtual APs.

• The client’s virtual AP (ath07) (Wireless 1) and (ath17) (Wireless 2) cannot be used when the Wireless Bridging function is set.

1

Click [Wireless Settings] and [Wireless 1], and then click [Wireless Bridging (WBR)].

2

Set client’s security settings.

3

q Click

w Select

BSSID to set for the Master unit

e Check

r Select

t Enter

y Click

Click [OK].

Click

2-18

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Wireless Bridging (WBR)

Management > Management Tools

■ Setting the Wireless Bridging function to the AP-95M for the RS-AP3 (Option) management

1. Set the Wireless Bridging function on the AP-95M setting screen (Wireless 1 or Wireless 2) to enable the communication.

2. Enable “Management Tools” on the setting screen.

3. Before starting the access point management using the RS-AP3, set the AP-95M setting values on the “Individual Configurations” screen and “Common Configurations” screen* of the RS-AP3.

* Congure the master unit’s SSID and security settings on the “Common Conguration” screen.

Master settings on the “Individual Conguration” screen.

“Common Conguration” screen.

Client settings on the “Individual Congurations” screen.

When managing the AP-95M using the optional RS-AP3

• You cannot change Router (WAN side) settings until “End Management” is selected on the RS-AP3 screen. (See the RS-AP3 Instruction Manual for detail)

• If you use the Router function, set “Connection Type” to Static IP, then set a static IP address to the WAN side IP address item.

• When the Connection Type is set to “DHCP Client,” you have to congure the network environment so that the same IP address is always provided by the Static DHCP server.

• When the Connection Type is set to “PPPoE,” AP-95M cannot be managed by the RS-AP3.

2-19

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ Setting the accounting

Setting “Accounting” is required for compiling the network status information (connection, disconnection, MAC address, and so on) of the wireless LAN station that communicate with, and then sending it to the accounting server.

• To use this function, you must set an accounting server.

• Individually setting the virtual AP (ath03) on the Wireless 1 (2.4 GHz) is used as an example.

1

Click [Wireless Settings] and [Wireless1], and then click [Virtual AP].

2

Select [Enable] for “Accounting.” (Default: Disable)

qSelect

wSelect

eSelect

3

Select “Enable” for “Use per Virtual AP Settings,” and then enter the accounting server data.

• Depending on the system you use, the port number may differ from the default settings.

• Set the same password for the AP-95M in “Secret” for the primary and secondary accounting servers.

q Set

w Click

2-20

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ Setting the MAC Authentication Server (RADIUS)

Set the MAC Authentication Server to authorize wireless station’s MAC address on the RADIUS server.

• To use this server, you must set the RADIUS server for each Virtual AP.

• You can select to either set the virtual APs individually or all together, on the “Virtual AP” screen.

• With the MAC authentication function, you can use the both “Authentication” and “Encryption” combined of your choice.

• The wireless LAN station’s MAC address needs to be registered to the RADIUS server beforehand. If the MAC address is “00-AB-12-CD-34-EF,” the Username/Password is “00ab12cd34ef.”

• Individually setting the virtual AP (ath03) on Wireless1 (2.4 GHz) is used as an example.

1

Click [Wireless Settings] and [Wireless1], and then click [Virtual AP].

2

Select [Enable] for “MAC Authentication.” (Default: Disable)

3

Enter the RADIUS server data.

• Depending on the system you use, the port number may differ from the default settings.

• Set the same password for the AP-95M in “Secret” for the primary and secondary RADIUS servers.

q Select

w Select

e Select

q Enter

w Click

2-21

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ About the RADIUS setting

Set the RADIUS for authorizing the WPA, WPA2, or IEEE802.1X.

• To use this server, you must set the RADIUS server.

• See the RADIUS server or wireless LAN device’s manual for the EAP authentication.

• Individually setting the virtual AP (ath03) on Wireless 1 (2.4 GHz) is used as an example.

1

Click [Wireless Settings] and [Wireless1], and then click [Virtual AP].

2

Set the “Authentication” and “Encryption.” (Authentication example: WPA2)

q Select

3

Select “Enable” for “Use per Virtual AP Settings,” and then enter the RADIUS server data.

• Depending on the system you use, the port number may differ from the default settings.

• Set the same password for the AP-95M in “Secret” for the primary and secondary RADIUS servers.

w Select

e Select

q Enter

w Click

2-22

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ About the Authentication VLAN

When the Authentication VLAN is enabled, you can group the wireless LAN station's VLAN ID, according to the RADIUS authenitication result (Response property).

• You have to set the RADIUS server settings for each Virtual AP.

• To enable the Authentication VLAN, select “Enable” in the [MAC Authentication], or select an authentication type (WPA/ WPA2/IEEE802.1X) in the [Authentication] item. (p.2-24)

• Network authentication takes priority when both network authentication and MAC authentication are enabled, and the VLAN ID was obtained from both network authentication and MAC authentication. When the response property is invalid or not obtained, the VLAN ID that is set to the Virtual AP is valid.

• This function cannot be congured on the RS-AP3's MAC Authentication server (RADIUS) function.

Response property that is noticed from the RADIUS server when the authentication is succeed.

• Tunnel-Type: 13 (Fixed)

• Tunnel-Medium-Type: 6 (Fixed)

RADIUS server

VLAN

switch

RADIUS authentication result w→

←q RADIUS authentication request

• Tunnel-Private-Group-ID: VLAN ID 0 ~ 4094 (No tag for 0)

Virtual AP: ath03

VLAN ID: 10

Cable LAN station

L These settings are examples.

L You can check the wireless station’s VLAN ID on the [Wireless Status] screen.

Click <Detail> at the [Station Status] item to check the ID. (p.3-9)

VLAN ID: 20

VLAN ID: 10

Wireless LAN station

VLAN ID: 0

(Not tag)

VLAN ID: 20

2-23

PREPARATION

2

2. WIRELESS LAN CONNECTION [Advanced]

Wireless Settings > Wireless 1/Wireless 2 > Virtual AP

■ About the Authentication VLAN

When using the MAC authentication

Set the MAC Authentication and Authentication VLAN to “Enable” in the Virtual AP item on the Virtual AP screen.

q Select

w Select

• See page 2-22 for the RADIUS server setting for the MAC authentication.

• With the MAC authentication function, you can use the both “Authentication” and “Encryption” combined of your choice.

• The wireless LAN station’s MAC address needs to be registered to the RADIUS server beforehand. If the MAC address is “00-AB-12-CD-34-EF,” the Username/Password is “00ab12cd34ef.”

When using the network authentication (WPA/WPA2/IEEE802.1X)

Set the Network authentication and encryption in the Encryption item on the Security screen, and the authentication VLAN enable in the Virtual AP item. (Example: WPA2)

• To use this server, you must set the RADIUS server.

• See the RADIUS server or wireless LAN device’s manual for the EAP authentication.

2-24

w Check

q Select

SETTING SCREEN

Section 3