Samsung WEA453E Installation guide

2600-00FK1RGA4 Ver. 6.0

WEC8500/WEC8050 (APC)

Operation Manual

This manual is proprietary to SAMSUNG Electronics Co., Ltd. and is protected by copyright.

No information contained herein may be copied, translated, transcribed or duplicated for any commercial purposes or disclosed to the third party in any form without the prior written consent of SAMSUNG Electronics Co., Ltd.

TRADEMARKS

Product names mentioned in this manual may be trademarks and/or registered trademarks of their respective companies.

This manual should be read and used as a guideline for properly installing and operating the product.

All reasonable care has been made to ensure that this document is accurate. If you have any comments on this manual, please contact our documentation centre at the following homepage:

Homepage: http://www.samsungdocs.com

INTRODUCTION

Purpose

This manual describes the overview, management, and setup of WEC8500/WEC8050 that is a Samsung Wireless Enterprise (W-EP) Access Point Controller (APC). This manual is written for WEC8500 version 1.4.4, WEC8050 version 1.0.0.

Document Content and Organization

This manual consists of ten Chapters, three Annexes, and a list of Abbreviations.

CHAPTER 1. Access Point Controller System Overview

This chapter describes the main functions, network configuration, external configuration and service scenario of APC.

CHAPTER 2. Basic System Configuration

This chapter describes how to configure to use Command Line Interface (CLI) and Web UI.

CHAPTER 3. Data Network Function

This chapter describes how to set up the data network such as interface, Virtual Local Area Network (VLAN), L3, or Quality of Service (QoS), etc. of APC.

CHAPTER 4. AP Connection Management

This chapter describes the connection management function of APC and Samsung W-EP wireless LAN Access Point (AP).

CHAPTER 5. WLAN Management

This chapter describes how to set up the Wireless Local Area Network (WLAN) of APC.

CHAPTER 6. Wi-Fi Configuration

This chapter describes how to configure the Wireless Fidelity (Wi-Fi) of APC, QoS, and country code.

page 3 of 628

INTRODUCTION

CHAPTER 7. WLAN Additional Service

This chapter describes how to set up WLAN additional services available in the APC.

CHAPTER 8. Security

This chapter describes how to set up security related setting such as Remote Authentication Dial-In User Service (RADIUS) server available in the APC, unauthorized AP detection and blocking function, guest access, WEB pass-through, Network Address Translation (NAT), firewall function, etc.

CHAPTER 9. IP Application

This chapter describes the Internet Protocol (IP) application functions available in the APC such as Domain Naming Service (DNS), Network Time Protocol (NTP), File Transfer Protocol (FTP)/sFTP, or Telnet/SSH.

CHAPTER 10. System Management

This chapter describes the various system management functions available in the APC.

ANNEX A. CLI Command Structure

Command structure available in the CLI of APC.

ANNEX B. Open Source Announcement (WEC8500/WEC8050)

Open source list used in the APC and its license notice.

ANNEX C. Open Source Announcement (WEA302/WEA303/WEA312/ WEA313/WEA403/WEA412)

Open source list used in the Samsung W-EP wireless LAN AP and its license notice.

ABBREVIATION

Describes the acronyms used in this manual.

Conventions

The following types of paragraphs contain special information that must be carefully read and thoroughly understood. Such information may or may not be enclosed in a rectangular box, separating it from the main text, but is always preceded by an icon and/or a bold title.

NOTE

Indicates additional information as a reference.

page 4 of 628

INTRODUCTION

Console Screen Output

 The lined box with ‘Courier New’ font will be used to distinguish between the main content and console output screen text.

‘Bold Courier New’ font will indicate the value entered by the operator on the console screen.

Revision History

	VERSION		DATE OF ISSUE	REMARKS
	VERSION		DATE OF ISSUE	REMARKS

6.0		12. 2014.		Updated the content overall in accordance with the
				package version 2.4.0

5.0		05. 2014.		Updated the content overall in accordance with the
				package version 2.0.0

4.0		01. 2014.		- Changed contents
				 1.3.1 WEC8500 Configuration and Functions
				 4.2.6.3 Tech Support Information
3.0		10. 2013.		- Updated the content overall in accordance with the
				package version (WEC8500 version 1.4.4, WEC8050
				version 1.0.0)
				- Added contents for WEC8050

2.0		06. 2013.		- Updated the content overall in accordance with the
				package version 1.3.0
				- Added contents
				 3.4.6 OS-AWARE
				 7.4.2 DPC Configuration
				 7.4.3 DCS Configuration
				 7.4.4 CHDC Configuration
				- Changed contents
				 7.10 Clustering
				 10.8.2 System Upgrade
1.0		03. 2013.		First Version

page 5 of 628

TABLE OF CONTENTS

INTRODUCTION	3
Purpose.......................................................................................................................................	3
Document Content and Organization ..........................................................................................	3
Conventions ................................................................................................................................	4
Console Screen Output...............................................................................................................	5
Revision History ..........................................................................................................................	5

CHAPTER 1. Access Point Controller System Overview		21
1.1	APC Overview ..........................................................................................................................	21
1.2	Network Configuration............................................................................................................	23
1.3	APC Configuration and Functions .........................................................................................	26
	1.3.1 WEC8500 Configuration and Functions ......................................................................	26
	1.3.2 WEC8050 Configuration and Functions ......................................................................	30
1.4	APC Application Configuration and Service Scenario .........................................................	32
	1.4.1 Basic Configuration .....................................................................................................	32
	1.4.2 Configuration of Multiple APC for Redundancy ...........................................................	33
	1.4.3 Clustering Configuration using Multiple APC (WEC8500) ...........................................	34
	1.4.4 Configuration of Multiple Sites Consisting of Headquarter and Branches ...................	37
1.5	NAT Configuration between AP and APC ..............................................................................	39

CHAPTER 2. Basic System Configuration			40
2.1	Basic System Configuration...................................................................................................		40
	2.1.1	CLI Connection ...........................................................................................................	40
	2.1.2	Managing Operator Account........................................................................................	41
	2.1.3 APC Management Port Configuration .........................................................................		42
	2.1.4	SNMP Community Configuration.................................................................................	42
	2.1.5	CLI Basic Usage .........................................................................................................	42
2.2	Using Web UI ...........................................................................................................................		45
	2.2.1	Web UI Connection .....................................................................................................	45
	2.2.2	WEC Main Window .....................................................................................................	46
	2.2.3	Managing Operator Account........................................................................................	47

page 6 of 628

TABLE OF CONTENTS

2.3 Initial Setup Wizard..................................................................................................................		48
2.3.1	Overview......................................................................................................................	48
2.3.2	Connecting ..................................................................................................................	48
2.3.3	How to Use ..................................................................................................................	49

CHAPTER 3. Data Network Function			52
3.1	Port Configuration ...................................................................................................................		52
	3.1.1	Port management ........................................................................................................	52
3.2	Interface Configuration ...........................................................................................................		56
	3.2.1	Interface management .................................................................................................	56
	3.2.2	Managing Interface Group ...........................................................................................	59
3.3	VLAN Configuration.................................................................................................................		61
	3.3.1	VLAN ...........................................................................................................................	61
	3.3.2	Bridge ..........................................................................................................................	63
	3.3.3	Spanning Tree .............................................................................................................	66
3.4	Layer 3 Protocol Configuration ..............................................................................................		70
	3.4.1	IP Address Configuration .............................................................................................	70
	3.4.2	Static Routing Configuration ........................................................................................	70
	3.4.3 IP Multicast Routing Configuration ..............................................................................		71
	3.4.4	PIM Configuration ........................................................................................................	72
	3.4.5	OSPF Configuration ....................................................................................................	72
	3.4.6	VRRP Configuration ..................................................................................................	110
	3.4.7	Configuring IPWATCHD .............................................................................................	113
3.5	QoS	.....................................................................................................................................	114
	3.5.1 .....................................................................................................	ACL Configuration	114
	3.5.2 ...........................................................................................	Class - map Configuration	118
	3.5.3 ...........................................................................................	Policy - map Configuration	119
	3.5.4 ......................................................................................	Service Policy Configuration	120
	3.5.5 ................................................................................................................	Time Profile	121
	3.5.6 ...............................................................................................................	OS - AWARE	124
3.6	Multicast ...............................................................................................................to Unicast		127
3.7	IP Multicast ....................................................................................................Configuration		127
	3.7.1 ............................................................................IP Multicast Routing Configuration		127
	3.7.2 ......................................................................................................	PIM Configuration	127
3.8	IGMP ......................................................................................................................Snooping		130
3.9	Deep .........................................................................................................Packet Inspection		133
	3.9.1 ...................................................................Configuring Profile and Application Rule		133

page 7 of 628

TABLE OF CONTENTS

	3.9.2	Configuring Application Group...................................................................................	134
	3.9.3 Checking Statistics by Category ................................................................................		134
CHAPTER 4. AP Connection Management			139
4.1	APC Management..................................................................................................................		139
	4.1.1	Managing APC List....................................................................................................	139
	4.1.2	Management Interface Configuration ........................................................................	141
	4.1.3	CAPWAP Configuration.............................................................................................	142
	4.1.4 AP Registration (Auto Discovery) Configuration........................................................		144
	4.1.5	Managing AP File Transmission ................................................................................	145
	4.1.6	APC Redundancy Configuration ...............................................................................	145
4.2	AP Management.....................................................................................................................		151
	4.2.1	AP Group Configuration ............................................................................................	151
	4.2.2	Configuring Remote AP Group..................................................................................	167
	4.2.3 AP Time Synchronization per Group .........................................................................		173
	4.2.4	AP Configuration .......................................................................................................	175
	4.2.5	Information Management ..........................................................................................	186
	4.2.6	Outdoor AP Configuration .........................................................................................	189
	4.2.7	AP Package Upgrade................................................................................................	190
	4.2.8	Remote AP Package Upgrade ..................................................................................	195
CHAPTER 5.		WLAN Management	204
5.1	WLAN Configuration .............................................................................................................		204
	5.1.1	Basic WLAN Configuration........................................................................................	204
	5.1.2	WLAN Additional Configuration .................................................................................	207
	5.1.3	WLAN-based ACL Configuration ...............................................................................	209
	5.1.4	Managing Root Service .............................................................................................	211
	5.1.5 MCS Configuration Management by WLAN ..............................................................		214
5.2	Local Switching .....................................................................................................................		217
5.3	Security and Authentication .................................................................................................		220
	5.3.1 Initialization of WLAN Security Function....................................................................		220
	5.3.2	WPA/WPA2 PSK Configuration .................................................................................	222
	5.3.3	WPA/WPA2 802.1x Configuration .............................................................................	225
	5.3.4	Static WEP Configuration ..........................................................................................	229
	5.3.5	Dynamic WEP Configuration.....................................................................................	231
5.4	DHCP Configuration..............................................................................................................		234
	5.4.1	DHCP Server ............................................................................................................	234
	5.4.2	DHCP Relay..............................................................................................................	242

page 8 of 628

TABLE OF CONTENTS

5.4.3	DHCP Proxy ..............................................................................................................	243
5.4.4	Option 82 Configuration.............................................................................................	244
5.4.5	Primary/Secondary Server Configuration ..................................................................	246
5.5 Radio Service Configuration.................................................................................................		249

CHAPTER 6.		Wi-Fi Configuration	251
6.1	802.11a/b/g/n/ac Radio Property...........................................................................................		251
	6.1.1	802.11a/b/g Configuration..........................................................................................	251
	6.1.2	802.11n Configuration................................................................................................	256
	6.1.3	802.11ac Configuration..............................................................................................	257
6.2	Wi-Fi QoS Configuration .......................................................................................................		259
	6.2.1 QoS Configuration of Wireless Terminal ....................................................................		259
	6.2.2	QoS Configuration of AP............................................................................................	261
	6.2.3 Configuring QoS Profile of a Specific Terminal ..........................................................		265
	6.2.4	Voice Optimization Configuration...............................................................................	267
6.3	802.11h Configuration ...........................................................................................................		268
6.4	Country Code .........................................................................................................................		270

CHAPTER 7. WLAN Additional Services			274
7.1	Managing Wireless Terminal.................................................................................................		274
	7.1.1	Information Retrieval Functions .................................................................................	274
	7.1.2 Connection History related Configuration ..................................................................		275
7.2	Handover Management .........................................................................................................		276
	7.2.1	Connection History Information .................................................................................	276
	7.2.2	AirMove Configuration ...............................................................................................	276
	7.2.3	Inter APC Handover Configuration ............................................................................	278
7.3	Call Admission Control (CAC) Configuration......................................................................		279
	7.3.1	SIP ALG Configuration...............................................................................................	279
	7.3.2	Voice CAC Configuration ...........................................................................................	281
	7.3.3	Video CAC Configuration...........................................................................................	283
7.4	Radio Resource Management (RRM) ...................................................................................		285
	7.4.1	RRM Configuration ....................................................................................................	285
	7.4.2	DPC Configuration.....................................................................................................	286
	7.4.3	DCS Configuration.....................................................................................................	288
	7.4.4	CHDC Configuration..................................................................................................	290
	7.4.5	Sleeping Cell Detection .............................................................................................	294
	7.4.6	Energy Saving Groups...............................................................................................	296

page 9 of 628

TABLE OF CONTENTS

	7.4.7	Energy Saving Auto Classification.............................................................................	297
7.5	Location Tracking..................................................................................................................		300
7.6	Spectrum Analysis ................................................................................................................		301
	7.6.1	Retrieving Spectrum Analysis Data ...........................................................................	301
	7.6.2	Spectrum Analysis Configuration...............................................................................	304
	7.6.3	Interference Type Configuration ................................................................................	306
7.7 Controlling Usage per User ..................................................................................................			307
7.8	Remote Packet Capture ........................................................................................................		309
7.9	Clustering...............................................................................................................................		311
7.10	Limiting the Number of Connected Users...........................................................................		315
	7.10.1	Limiting Connections per Radio ................................................................................	315
	7.10.2	Connection Limitation per WLAN ..............................................................................	316
7.11 Voice Statistics and Communication Failure Detection .....................................................			318
	7.11.1	Voice Statistics Function............................................................................................	318
	7.11.2	Detecting WLAN-based Communication Failure .......................................................	320
7.12	Voice Signal and Media Monitoring .....................................................................................		321
	7.12.1	Checking Voice Related Wireless Information...........................................................	321
	7.12.2	Checking Voice Related Quality Information .............................................................	326
7.13	Multicast Stream Admission Control ...................................................................................		329
	7.13.1	Configuring Admission Control ..................................................................................	329
7.14	Wi-Fi Band Steering ..............................................................................................................		331
	7.14.1	Activating Band Steering Function ............................................................................	331
7.15	Wi-Fi Load Balancing ............................................................................................................		334
	7.15.1	Activating Load Balancing Function ..........................................................................	334
7.16	Station-based Adaptive Load Balancing .............................................................................		336
	7.16.1	Basic Setting of Station-based Adaptive Load Balancing ..........................................	336
	7.16.2	Setting AP Group Parameter.....................................................................................	337
	7.16.3	Setting AP Parameters ..............................................................................................	339

CHAPTER 8.		Security	341
8.1	RADIUS Server Configuration ..............................................................................................		341
	8.1.1	External RADIUS Server ...........................................................................................	341
	8.1.2	Internal RADIUS Server ............................................................................................	347
8.2	Unauthorized AP/Terminal Detection and Blocking ...........................................................		351
	8.2.1	Enabling Detection Function .....................................................................................	351
	8.2.2	Detection ...................................................................................................................	352

page 10 of 628

TABLE OF CONTENTS

	8.2.3	Enabling Blocking Function .......................................................................................	370
	8.2.4	Blocking .....................................................................................................................	370
8.3	Captive Portal.........................................................................................................................		374
	8.3.1	Configuring Guest Authentication ..............................................................................	374
	8.3.2	Configuring Guest ACL ..............................................................................................	376
	8.3.3	Configuring Web Authentication ................................................................................	378
	8.3.4 Configuring Web Authentication on MAC Authentication Failure ...............................		381
	8.3.5	Configuring Web Pass-through..................................................................................	385
	8.3.6 Configuring One Time Redirection.............................................................................		387
	8.3.7	Redirection Address Format ......................................................................................	389
8.4	NAT and Firewall Configuration............................................................................................		390
	8.4.1	Firewall Configuration ................................................................................................	390
	8.4.2	Access List Configuration ..........................................................................................	391
	8.4.3	NAT Configuration .....................................................................................................	392
8.5	MAC Filter...............................................................................................................................		396
8.6	Operator Authentication through Interoperation with TACACS+ Server ..........................		399
	8.6.1 Configuring External TACACS+ Server .....................................................................		399
	8.6.2 Configuring Authentication Type of Operator Account ...............................................		402
8.7	Role Based Access Control ..................................................................................................		403
	8.7.1	Configuring Role Profile.............................................................................................	403
	8.7.2	Configuring Derivation Profile ....................................................................................	404
	8.7.3	Configuring ACL Profile .............................................................................................	407
	8.7.4	Configuration Synchronization (Remote AP Group)...................................................	411
8.8	External BYOD Server ...........................................................................................................		414
	8.8.1 Configuring External BYOD Server ...........................................................................		414
	8.8.2	Captive Portal Configuration......................................................................................	416

CHAPTER 9.		IP Application	419
9.1	DNS	.....................................................................................................................................	419
	9.1.1 ...........................................................................................	DNS Client Configuration	419
	9.1.2 ...........................................................................................	DNS Proxy Configuration	420
9.2	NTP .....................................................................................................................................		422
9.3	FTP/sFTP ................................................................................................................................		425
9.4	Telnet/SSH ..............................................................................................................................		428
9.5	Utilities....................................................................................................................................		430

page 11 of 628

TABLE OF CONTENTS

CHAPTER 10.		System Management	431
10.1	SNMP Configuration..............................................................................................................		431
	10.1.1	SNMP Community.....................................................................................................	431
	10.1.2	SNMP Trap................................................................................................................	432
10.2	System Management.............................................................................................................		434
	10.2.1	Retrieving System Information ..................................................................................	434
	10.2.2	System Reboot..........................................................................................................	439
10.3	System Resource Management ...........................................................................................		441
	10.3.1	Retrieving System Status ..........................................................................................	441
	10.3.2	Retrieving and Configuring Threshold .......................................................................	444
10.4	Managing Alarm and Event...................................................................................................		445
	10.4.1	Retrieving Current Alarm ...........................................................................................	446
	10.4.2	Retrieving History......................................................................................................	447
	10.4.3	External Transmission Configuration.........................................................................	449
	10.4.4	Alarm Filter and Level Configuration .........................................................................	449
10.5	Managing Traffic Performance .............................................................................................		451
	10.5.1	Managing History Information ...................................................................................	451
	10.5.2	Managing Real-time Information Collection...............................................................	452
10.6	Managing License Key..........................................................................................................		453
	10.6.1	Managing SLM License (Activation) Key...................................................................	453
	10.6.2	Managing Old License Key .......................................................................................	456
10.7	Syslog Configuration ............................................................................................................		459
10.8	Upgrade..................................................................................................................................		461
	10.8.1	Checking Package Version .......................................................................................	461
	10.8.2	System Upgrade .......................................................................................................	461
10.9	Configuration Management ..................................................................................................		464
10.10 Debug and Diagnosis............................................................................................................			466
	10.10.1	Process .....................................................................................................................	466
	10.10.2	Retrieving Crash Information.....................................................................................	468
10.11 File Management ...................................................................................................................			471
	10.11.1	Retrieving Configuration of Current Directory............................................................	471
	10.11.2	Retrieving Directory List ............................................................................................	472
	10.11.3	Revising File..............................................................................................................	473
	10.11.4	Retrieve File Content.................................................................................................	473
	10.11.5	File Download and Upload ........................................................................................	474
	10.11.6	Package File .............................................................................................................	474
	10.11.7	Retrieving Storage Media ..........................................................................................	476

page 12 of 628

TABLE OF CONTENTS

	10.11.8 Managing File in Web UI ...........................................................................................	477
	10.11.9 Statistics Function......................................................................................................	480
ANNEX A. CLI Command Structure		522
A.1	configure ................................................................................................................................	522
A.2	show........................................................................................................................................	552
A.3	clear ........................................................................................................................................	564
A.4	debug ......................................................................................................................................	566
A.5	file............................................................................................................................................	569
A.6	Etc ...........................................................................................................................................	569
ANNEX B. Open Source Announcement (WEC8500/WEC8050)		570
ANNEX C. Open Source Announcement (WEA302/WEA303/
	WEA312/WEA313/WEA403/WEA412)	599
ABBREVIATION		624

page 13 of 628

TABLE OF CONTENTS

LIST OF FIGURES
Figure 1. System Structure for Wireless Enterprise Solution ......................................................	22
Figure 2. W-EP Network Configuration.......................................................................................	23
Figure 3. WEC8500 Interface-Front/Back...................................................................................	26
Figure 4. System LED Configuration ..........................................................................................	26
Figure 5. Management Port Configuration..................................................................................	27
Figure 6. Optic port configuration ...............................................................................................	28
Figure 7. Power module configuration ........................................................................................	29
Figure 8. WEC8050 interface-Front/Back...................................................................................	30
Figure 9. Status LED configuration .............................................................................................	30
Figure 10. Ethernet Port Configurations .....................................................................................	31
Figure 11. Basic Configuration of W-EP Wireless LAN System ..................................................	32
Figure 12. Example of W-EP Wireless LAN System Configuration for Redundancy ..................	33
Figure 13. Example of W-EP Wireless LAN System Configuration for Distributed Clustering
Service ......................................................................................................................	35
Figure 14. Example of W-EP Wireless LAN System Configuration for Centralized Clustering
Service ......................................................................................................................	36
Figure 15. Example of W-EP Wireless LAN System Configuration for Multiple Sites consisting of
Headquarter and Branches .......................................................................................	37
Figure 16. AP-APC NAT Environment Configuration Diagram....................................................	39
Figure 17. Web UI Connection Window......................................................................................	45
Figure 18. WEC Main Window....................................................................................................	46
Figure 19. Operator Account Management Window ...................................................................	47
Figure 20. Operator Account Addition Window ...........................................................................	47
Figure 21. Initial Setup Wizard Welcome Screen .......................................................................	49
Figure 22. Move to the setup step of the initial setup wizard ......................................................	49
Figure 23. Port Management Window ........................................................................................	54
Figure 24. Port Configuration Change Window ..........................................................................	55
Figure 25. Interfaces Window (1)................................................................................................	57
Figure 26. Interfaces Window (2)................................................................................................	57
Figure 27. Interfaces Window (3)................................................................................................	58
Figure 28. Interface Group Window (1) ......................................................................................	59
Figure 29. Interface Group Window (2) ......................................................................................	60
Figure 30. Spanning Tree Configuration Window (1) ..................................................................	68
Figure 31. Spanning Tree Configuration Window (2) ..................................................................	69
Figure 32. Spanning Tree Configuration Window (3) ..................................................................	69
Figure 33. Static Routing Configuration Window ........................................................................	71
Figure 34. OSPF Configuration Window.....................................................................................	73

page 14 of 628

TABLE OF CONTENTS

Figure 35. VRRP-Operation Window ........................................................................................	112
Figure 36. VRRP-Circuit Failover Window (1)...........................................................................	112
Figure 37. VRRP-Circuit Failover Window (2)...........................................................................	112
Figure 38. IPWATCHD Configuration Window ..........................................................................	113
Figure 39. ACL Configuration Window ......................................................................................	115
Figure 40. Window where a Time Profile is Applied to ACL ......................................................	115
Figure 41. ACL Interface Configuration Window (1) ..................................................................	116
Figure 42. ACL Interface Configuration Window (2) ..................................................................	116
Figure 43. Admin ACL Configuration Window ...........................................................................	118
Figure 44. Time Profile Configuration Window (1).....................................................................	121
Figure 45. Time Profile Configuration Window (2).....................................................................	122
Figure 46. Applying to ACL .......................................................................................................	123
Figure 47. IP Multicast Configuration Window ..........................................................................	127
Figure 48. PIM-SM Configuration Window (1)...........................................................................	128
Figure 49. PIM-SM Configuration Window (2)...........................................................................	128
Figure 50. PIM-SM Configuration Window (3)...........................................................................	129
Figure 51. PIM-SM Configuration Window (4)...........................................................................	129
Figure 52. IGMP Snooping Config Window...............................................................................	131
Figure 53. IGMP Snooping Mroute Creation Window (1) ..........................................................	131
Figure 54. IGMP Snooping Mroute Creation Window (2)..........................................................	132
Figure 55. IGMP Snooping Mroute Creation Window (3) ..........................................................	132
Figure 56. IGMP Snooping Mroute Creation Window (4) ..........................................................	132
Figure 57. APC List Management Window ...............................................................................	140
Figure 58. Management interface configuration........................................................................	141
Figure 59. AP Registration Method Setup Window ...................................................................	144
Figure 60. Redundancy Configuration Window.........................................................................	148
Figure 61. AP retrieving window................................................................................................	149
Figure 62. AP redundancy Configuration Window.....................................................................	150
Figure 63. AP groups configuration Window .............................................................................	152
Figure 64. AP Group Addition Window......................................................................................	152
Figure 65. General Configuration Window for AP Group ..........................................................	155
Figure 66. AP Add/Remove Window for AP Group ...................................................................	157
Figure 67. WLAN Add/Remove Window for AP Group..............................................................	158
Figure 68. 802.11a/n Window for AP Group..............................................................................	159
Figure 69. 802.11b/g/n Window for AP Group...........................................................................	160
Figure 70. Advanced Configuration Window for AP Group........................................................	166
Figure 71. Remote AP Group Add/Remove Window.................................................................	168
Figure 72. Local Authentication Configuration Window for Remote AP Group..........................	169
Figure 73. Window for Configuring Tunneling Forwarding of Remote AP Group ......................	171

page 15 of 628

TABLE OF CONTENTS

Figure 74. Window for Configuring Local Bridging Forwarding of Remote AP Group...............	172
Figure 75. AP Time Synchronization Configuration Options .....................................................	174
Figure 76. Adding Access Points ..............................................................................................	175
Figure 77. AP Profile Setting (1) ...............................................................................................	179
Figure 78. AP Profile Setting (2) ...............................................................................................	181
Figure 79. AP mode configuration ............................................................................................	182
Figure 80. AP CLI Account Add/Remove Window ....................................................................	183
Figure 81. AP SNMP v1/v2c Community Configuration Window ..............................................	185
Figure 82. AP v3 User Configuration Window...........................................................................	185
Figure 83. AP Ports window......................................................................................................	187
Figure 84. AP Ports detail information window .........................................................................	187
Figure 85. AP Tech Support Information Receiving Window.....................................................	188
Figure 86. Outdoor AP Create Window.....................................................................................	190
Figure 87. AP upgrade..............................................................................................................	193
Figure 88. AP upgrade-global ...................................................................................................	193
Figure 89. AP upgrade-individual..............................................................................................	194
Figure 90. AP upgrade-advanced .............................................................................................	195
Figure 91. Remote AP Group Upgrade Activation_1 ................................................................	196
Figure 92. Remote AP Group Upgrade Activation_2 ................................................................	197
Figure 93. Checking Master AP Configuration..........................................................................	198
Figure 94. Checking Master AP Configuration..........................................................................	198
Figure 95. AP Package Configuration.......................................................................................	200
Figure 96. Starting AP Upgrade ................................................................................................	201
Figure 97. Restarting and Upgrading AP ..................................................................................	203
Figure 98. WLAN basic configuration (1) ..................................................................................	206
Figure 99. WLAN basic configuration (2) ..................................................................................	206
Figure 100. WLAN-based ACL configuration ............................................................................	210
Figure 101. Root service management (1) ...............................................................................	213
Figure 102. Root service management (2) ...............................................................................	213
Figure 103. MCS by WLAN: 802.11a/n/ac Configuration Management window .......................	216
Figure 104. MCS by WLAN: 802.11b/g/n Configuration Management window.........................	216
Figure 105. Local Switching Configuration Window of WLAN ..................................................	218
Figure 106. Split ACL Configuration Window of WLAN Allocated to AP....................................	219
Figure 107. VLAN/ACL/Pre-Auth.ACL Configuration Window of WLAN Allocated to AP ..........	219
Figure 108. Initialization of WLAN security function..................................................................	221
Figure 109. WPA/WPA2 PSK configuration ..............................................................................	224
Figure 110. WPA/WPA2 802.1x Configuration (1).....................................................................	227
Figure 111. WPA/WPA2 802.1x Configuration (2).....................................................................	228
Figure 112. Static WEP configuration .......................................................................................	230

page 16 of 628

TABLE OF CONTENTS

Figure 113. Dynamic WEP Configuration Window ....................................................................	233
Figure 114. DHCP server configuration.....................................................................................	234
Figure 115. DHCP Pool (1) .......................................................................................................	240
Figure 116. DHCP Pool (2) .......................................................................................................	240
Figure 117. DHCP Relay...........................................................................................................	242
Figure 118. DHCP Proxy...........................................................................................................	243
Figure 119. Option 82 configuration (1).....................................................................................	245
Figure 120. Option 82 configuration (2) ....................................................................................	245
Figure 121. Primary/Secondary server configuration (1)...........................................................	247
Figure 122. Primary/Secondary server configuration (2)...........................................................	247
Figure 123. Primary/Secondary server configuration (3)...........................................................	248
Figure 124. Radio service configuration....................................................................................	250
Figure 125. 802.11a/b/g/n radio (1) ...........................................................................................	254
Figure 126. 802.11a/b/g/n radio (2) ...........................................................................................	255
Figure 127. QoS configuration of a wireless terminal (1) ..........................................................	260
Figure 128. QoS configuration of a wireless terminal (2) ..........................................................	260
Figure 129. QoS configuration of AP (wireless section) ............................................................	264
Figure 130. Configuring QoS profile of a specific terminal ........................................................	266
Figure 131. Configuring voice optimization ...............................................................................	267
Figure 132. Configuring 802.11h...............................................................................................	269
Figure 133. Country code window (1) .......................................................................................	272
Figure 134. Country code window (2) .......................................................................................	273
Figure 135. Information viewing window ...................................................................................	275
Figure 136. Handover window ..................................................................................................	278
Figure 137. SIP ALG configuration window...............................................................................	280
Figure 138. Admission control configuration of 802.11a/n.........................................................	282
Figure 139. 802.11a/n Admission Control Configuration Window .............................................	284
Figure 140. RRM configuration window ....................................................................................	286
Figure 141. DPC settings..........................................................................................................	287
Figure 142. DCS settings ..........................................................................................................	290
Figure 143. CHDC settings .......................................................................................................	293
Figure 144. Spectrum Analysis Data .........................................................................................	304
Figure 145. Controlling Usage per User....................................................................................	308
Figure 146. Clustering window..................................................................................................	314
Figure 147. Clustering addition window ....................................................................................	314
Figure 148. Configuring connection limitation per radio ............................................................	316
Figure 149. Configuring connection limitation per WLAN..........................................................	317
Figure 150. Voice statistics .......................................................................................................	319
Figure 151. Detecting WLAN-based communication failure......................................................	320

page 17 of 628

TABLE OF CONTENTS

Figure 152. VoIP Stations Retrieval Screen..............................................................................	324
Figure 153. Active Call Retrieval Screen ..................................................................................	325
Figure 154. Complete Calls Retrieval Screen...........................................................................	325
Figure 155. 802.11a/n Admission Control Configuration Window .............................................	330
Figure 156. Band Steering Function On/Off and Band Setting .................................................	333
Figure 157. Configuring Load Balancing Function....................................................................	335
Figure 158. RADIUS server configuration ................................................................................	343
Figure 159. RADIUS Server MAC Authentication Configuration Window .................................	346
Figure 160. Wireless Intrusion General Configuration Window ................................................	351
Figure 161. Managed Rule Configuration Window ...................................................................	353
Figure 162. Managed Addition Window ....................................................................................	353
Figure 163. Unmanaged Rule Configuration Window...............................................................	355
Figure 164. Unmanaged Rule Addition Window .......................................................................	355
Figure 165. List Window to Manually Change Classification ....................................................	357
Figure 166. Classification Change Window in AP Detail Screen ..............................................	357
Figure 167. List Window to Manually Remove..........................................................................	358
Figure 168. Manual Remove Change Window in AP Detail Screen .........................................	359
Figure 169. Configuration Window for Unauthorized AP Detection Option ...............................	360
Figure 170. Configuration Window for Unauthorized Station Detection Option.........................	362
Figure 171. Configuration Window for Channel Validation........................................................	363
Figure 172. AP blacklist Configuration Window ........................................................................	365
Figure 173. Managed AP Window ............................................................................................	365
Figure 174. Station blacklist Search/Configuration Window .....................................................	366
Figure 175. Managed Station Search Window..........................................................................	366
Figure 176. Managed SSID Window ........................................................................................	367
Figure 177. Managed/Neighbor AP Search/Configuration Window ..........................................	368
Figure 178. Managed/Neighbor AP List Addition Window.........................................................	368
Figure 179. Station Allowed Limit Configuration Window..........................................................	369
Figure 180. Wireless Intrusion Containment General Configuration Window ...........................	370
Figure 181. List Window for Blocking AP ..................................................................................	371
Figure 182. List Window for Blocking Station............................................................................	372
Figure 183. Automatic Blocking Configuration Window ............................................................	373
Figure 184. Guest User Configuration Window ........................................................................	375
Figure 185. Guest User List Window ........................................................................................	376
Figure 186. Guest Auth Configuration Window.........................................................................	376
Figure 187. Access List Addition Window .................................................................................	377
Figure 188. Access List Entry Addition Window........................................................................	377
Figure 189. WLAN Guest Configuration Window......................................................................	380
Figure 190. WLAN Web Policy Configuration Window .............................................................	380

page 18 of 628

TABLE OF CONTENTS

Figure 191. Web Auth Configuration Window ...........................................................................	380
Figure 192. WLAN Guest Configuration Window ......................................................................	383
Figure 193. WLAN Layer 2 Security Configuration Window......................................................	383
Figure 194. WLAN Web Policy Configuration Window..............................................................	384
Figure 195. Web Auth Configuration Window ...........................................................................	384
Figure 196. WLAN Guest Configuration Window ......................................................................	386
Figure 197. Web Pass-through Configuration Window .............................................................	386
Figure 198. WLAN Guest Configuration Window ......................................................................	388
Figure 199. One Time Redirection Configuration Window ........................................................	388
Figure 200. Firewall configuration (1)........................................................................................	390
Figure 201. Firewall configuration (2)........................................................................................	391
Figure 202. Access-list configuration ........................................................................................	392
Figure 203. NAT configuration (1) .............................................................................................	394
Figure 204. NAT configuration (2) .............................................................................................	395
Figure 205. MAC configuration .................................................................................................	397
Figure 206. MAC entry configuration window(1) .......................................................................	397
Figure 207. MAC entry configuration(2) ....................................................................................	398
Figure 208. MAC entry configuration(3) ....................................................................................	398
Figure 209. TTACACS+ Server Configuration Window .............................................................	401
Figure 210. Operator Account Authentication Type Configuration Window ...............................	402
Figure 211. Role Profile Configuration ......................................................................................	404
Figure 212. Role Profile Add Configuration ...............................................................................	404
Figure 213. Derivation Profile Configuration .............................................................................	405
Figure 214. Derivation Profile Add Configuration ......................................................................	405
Figure 215. Derivation Profile Configuration .............................................................................	406
Figure 216. Derivation Profile Add Configuration ......................................................................	406
Figure 217. Wlan Derivation Profile Configuration ....................................................................	407
Figure 218. Acl Profile Configuration.........................................................................................	408
Figure 219. Acl Profile Add Configuration .................................................................................	409
Figure 220. Acl Profile Edit Configuration .................................................................................	409
Figure 221. Remote Ap Group-Alc Profile Configuration...........................................................	410
Figure 222. ACL Configuration Synchronization - All.................................................................	412
Figure 223. ACL Configuration Synchronization - Remote Group.............................................	412
Figure 224. ACL Configuration Synchronization - Remote AP ..................................................	413
Figure 225. External BYOD Server Configuration Window .......................................................	415
Figure 226. DNS client..............................................................................................................	420
Figure 227. DNS proxy .............................................................................................................	421
Figure 228. NTP client configuration .........................................................................................	424
Figure 229. FTP/SFTP server configuration..............................................................................	427

page 19 of 628

TABLE OF CONTENTS

Figure 230. Telnet/SSH server configuration ............................................................................		429
Figure 231. Adding SNMP community ......................................................................................		432
Figure 232. SNMP trap configuration .......................................................................................		433
Figure 233. System information................................................................................................		437
Figure 234. Reboot (APC) ........................................................................................................		439
Figure 235. Reboot (AP)...........................................................................................................		440
Figure 236. Configuring SNMP alarm threshold .......................................................................		444
Figure 237. Current alarm ........................................................................................................		446
Figure 238. History ...................................................................................................................		448
Figure 239. Configuring alarm filter and level ...........................................................................		450
Figure 240. SLM License Search and Configuration Window ..................................................		455
Figure 241. Old License Installation Check Window.................................................................		458
Figure 242.	Syslog window.......................................................................................................	460
Figure 243.	Package upgrade (APC)........................................................................................	463
Figure 244.	DB Backup/Restore ...............................................................................................	465
Figure 245.	File management window ......................................................................................	477

page 20 of 628

CHAPTER 1. Access Point Controller System Overview

CHAPTER 1. Access Point Controller

System Overview

1.1APC Overview

The Samsung Access Pointer Controller (APC) comprehensively manages the user information and traffics while managing an Access Point (AP), i.e. a device that provides wireless connection service for a user terminal in a Wi-Fi environment. There are two types depending on the AP capacity; WEC8500 and WEC8050. It comprehensively manages all the APs and provides services in a wireless LAN environment. Because AP and APC are connected in tunneling, all the user traffics are exchanged and processed.

The APC is typically installed at a position where it can be connected to a backbone switch, core switch or router in a network of enterprise environment and it controls a wireless LAN AP and provides the functions for Wireless LAN (WLAN) services such as handover and QoS, security/authentication, etc. The Samsung WEC8500 provides its services up to 500 APs. It can provide its services up to 10,000 connected user devices. Meanwhile, the WEC8050 can accommodate maximum 75 APs and provides the service to maximum 1500 user devices.

The APC provides a WLAN network environment through AP management and also provides various communication services required by enterprise customers in a wireless environment by interoperating with other enterprise solutions. It provides Wireless Enterprise (W-EP) solution in an enterprise environment by making the collaboration applications such as telephone, message, or communicator, etc., that has been used in a legacy wire environment, be able to be used in a wireless terminal such as smart phone, tablet PC, or notebook.

page 21 of 628

CHAPTER 1. Access Point Controller System Overview

Legacy System			IP-PBX	Enterprise	WLAN Network		Wireless
	Groupware			Mobile Server			Terminal
	Groupware			Mobile Server
	(Mail, PIMS)
						APC


					(WEC8500)
				Push Mail/Payment		W-EP AP	Mail, UC Service
			Call Manager
		FFA/ERP

				Mobile device
							based on Android

	SFA/CRM etc.			management, etc.
	SFA/CRM etc.			management, etc.

Figure 1. System Structure for Wireless Enterprise Solution

The Samsung W-EP solution, as shown in figure, comprehensively includes various enterprise applications which are provided by wire/wireless infrastructure products and wireless terminals. The WLAN network, a wireless infrastructure solution that provides mobility in an enterprise environment, consists of W-EP wireless LAN Access Point (AP), W-EP AP Controller (APC), and Wireless Enterprise WLAN Manager (WEM).

The Samsung APC and W-EP wireless LAN AP are core devices that provide various services such as user authentication, wireless management, voice and data service, etc. in the 802.11-based Wi-Fi environment. The WEM provides convenient configuration environment, various statistics, and event information to an operator.

Term

In this manual, the WEC8500/WEC8050 and APC commonly represent Samsung AP Controller. In addition, the AP means Samsung W-EP wireless LAN AP.

page 22 of 628

CHAPTER 1. Access Point Controller System Overview

1.2Network Configuration

The network configuration of Samsung W-EP solution that includes APC is shown below.

IP-PBX

WEC8050/WEC8500

Router

Internet

WEM

…

Ethernet Switch

W-EP AP

…

FMC client

Figure 2. W-EP Network Configuration

IP-PBX

As an enterprise call manager, it is a switch required to provide the Fixed Mobile Convergence (FMC) function to a wireless terminal (optional).

APC (WEC8500/WEC8050)

The APC manages all the W-EP wireless LAN APs installed in an enterprise communication environment and it also manages user information and traffics.

Because the W-EP wireless LAN network configuration uses a centralized structure where all the wireless user traffics are in tunneling through the APC, the APC is one of the most important elements related to traffic management and throughput in the W-EP environment. An APC is typically installed at a position where it can be connected to a backbone switch, core switch or router in a network. It controls the W-EP wireless LAN AP and provides handover, QoS, and security/authentication functions.

WEM

In the W-EP wireless LAN environment, various services are provided through a complex network configuration. As many users are involved, its management is complex and difficult. A normal network administrator can hardly handle any problematic issue as well as a normal management task. The WEM is a Network Management System (NMS) that efficiently manages this kind of W-EP wireless LAN network and service environment.

It manages a WLAN network, retrieves and configures the status of APC or W-EP wireless LAN AP.

page 23 of 628

CHAPTER 1. Access Point Controller System Overview

W-EP AP (W-EP Wireless LAN AP)

The W-EP wireless LAN AP is a device that provides wireless connection service to a user terminal. It should be installed by considering the service area or region that will be provided in an enterprise environment. Typically, the number of W-EP wireless LAN APs is determined by considering the size of installation area and the number of users to secure service coverage.

Ethernet Switch

Typically, because an AP is installed in a user area, use a Power over Ethernet (PoE) switch that does not use a power line for the beauties of environment, etc. Install the W-EP wireless LAN APs by considering current consumption and the power capacity PoE switch. In addition, because power drop may occur if the distance between the switch and W-EP wireless LAN AP, the relationship between distance and power must be considered. Typically, the distance between these two must be 100 m or less in order to avoid power drop.

Wireless terminal/FMC Client

Terminal that provides the 802.11a/b/g/n interface such as smart phone, tablet PC, or notebook computer, etc. In an Android smart phone, an enterprise Voice over IP (VoIP) application equipped with the Samsung voice engine is called a FMC client (The FMC client is an option).

Wireless additional service

In the W-EP environment, various application services are required as well as basic wireless connection services.

The Wireless Intrusion Prevention System (WIPS) provides a security service that is one of the most important elements in an enterprise environment. The WIPS can seamlessly receive wireless connection service through the security services such as unauthorized terminal, unauthorized AP, or ad hoc connection blocking, etc.

Location service that manages the location of a terminal in a wireless environment is also an application service required in an enterprise environment. With this, it is possible to manage the location of an effective user or an unauthorized user.

IP application service

The IP application servers required in an existing wire network including Dynamic Host Configuration Protocol (DHCP) server, DNS server, web server, or RADIUS authentication server are also used in the W-EP environment. Especially, the DHCP server and RADIUS authentication server play a critical role in the wireless environment.

page 24 of 628

CHAPTER 1. Access Point Controller System Overview

WIPS Solution

It monitors the properness of the implementation of the wireless network infrastructure by detecting penetration via unauthorized wireless equipment installed in the internal network, the detoured gateway segment of the internal officers and employees who illegally connect to the commercial WLAN service, etc. and provides the wireless network invasion detection which implements the safe and effective wireless network environment by detecting security vulnerabilities.

page 25 of 628

CHAPTER 1. Access Point Controller System Overview

1.3APC Configuration and Functions

1.3.1WEC8500 Configuration and Functions

The Configuration and the purpose of each item of WEC8500 are as follows:

Console port

USB port

System LED Management port	1G Optic port	10G Optic port

Ground hole

Power Module

Figure 3. WEC8500 Interface-Front/Back

System LED

System LED indicates the various statuses of system. Each LED displays the following information.

		Figure 4. System LED Configuration

LED	Status	Description

SYS	Green	The system is operating normally

	Orange	The system is now booting

	Red	Preparing the system for booting

FAN (fan	Green	The installed FAN module is operating normally
module)
module)	Orange	The system is now booting
	Orange	The system is now booting

	Red	Fan module fault has occurred

PS1 (power	Green	Normal operation of installed power module 1
module 1)
module 1)	Red	Power is turned off or a fault occurred while the power module 1 is
	Red
		installed.

	Off	Power module 1 is not installed.

PS2 (power	Green	Normal operation of installed power module 2

page 26 of 628

CHAPTER 1. Access Point Controller System Overview

LED	Status	Description

module 2)	Red	Power is turned off or a fault occurred while the power module 2 is
		installed.

	Off	Power module 2 is not installed.

Console port (RS232C)

A console port is used to check the operational status of WEC8500 or for input through the CLI. Its basic requirements are as follows:

Baud rate: 115200 bps

Character size: 8 characters

Parity: None

Stop bit: 1, Data bit: 8

Flow control: None

Management port (1 GE UTP)

The WEC8500 provides a 10/100/1000BASE-T port (RJ-45) for management purpose. It is working in 10/100 Mbps half duplex/full duplex mode or in 1000 Mbps full duplex mode. Because it supports the automatic MDI/MDI-X function, you can use a straightthrough cable for all the network connections to a PC, server, switch, or network hub.

				LED
				LED
				Connector
		Figure 5. Management Port Configuration

Configuration item		Status		Description
LED		Green	Turned on for link connection

		Orange	Blinking for data exchange

Connector	-		Connector for UTP cable connection

When connecting a cable to the management port, make sure to check if the cable complies with the 10 BASE-T, 100 BASE-TX, or 1000 BASE-T.

Cable type: UTP or STP cable using RJ-45 connector

10 BASE-T: Category 3 or higher

100 BASE-TX: Category 5 or higher

1000 BASE-T: Category 5 or higher (Category 5e or higher is recommended)

Isolate from wireless frequency disturbing waves

Shut down electrical surge

page 27 of 628

CHAPTER 1. Access Point Controller System Overview

Separate the electrical wiring of a switch or related devices and the electromagnetic area of network data line

Cable or connector and safe connection without damaged cable sheath

The 1000 BASE-T standard does not support the forced mode.

The auto-negotiation function must be always used for 1000 BASE-T port or trunk connection.

Optic port

It provides two 10 GbE Optic ports and eight 1 GbE Optic ports and the operational status of each port is displayed in LED.

1G port	1G port	10G port	10G port
LINK/ACT LED	Connector	LINK/ACT LED	Connector
	Figure 6. Optic port configuration

Configuration item	Port/LED	Description

10 GE ports	LINK/ACT 1, LINK/ACT 2	LINK/ACT status of each port
		- Turned on for link connection
		- Blinking for data exchange

	10G 1, 10G 2	10 GbE Optic module connector

1 GE port	LINK/ACT 1~LINK/ACT 8	LINK/ACT status of each port
		- Turned on for link connection
		- Blinking for data exchange

	1G 1~1G 8	1 GbE Optic module connector

USB port (Host 2.0)

The WEC8500 provides a USB host port that supports the upgrade of WEC8500 operation software.

A typical USB memory stick is supported.

page 28 of 628

CHAPTER 1. Access Point Controller System Overview

Power module

AC LED

DC LED

				Power input Power
				connector switch
				Figure 7. Power module configuration

	Configuration item			Description
	Power input connector			Connector to connect the power cable to

	Power switch			Switch to turn on/off power

	AC LED			Turned on when there is a normal AC power input.

	DC LED			Turned on when there is a normal DC power output.

page 29 of 628

CHAPTER 1. Access Point Controller System Overview

1.3.2WEC8050 Configuration and Functions

The configuration and the purpose of each item of WEC8050 are as follows:

	Status LED Console Port								Ethernet Port

Ground hole

Power

Figure 8. WEC8050 interface-Front/Back

Status LED

This LED indicates the various statuses of system. Each LED displays the following information.

		Figure 9. Status LED configuration

LED	Status	Description

SYS	Green	The system is operating normally

	Orange	The system is now booting

	Red	Preparing the system for booting

FAN	Green	The installed FAN module is operating normally

	Orange	The system is now booting

	Red	Fan fault

PWR	Green	The power is supplied normally

	Off	The power is turned off or not supplied

page 30 of 628

+ 270 hidden pages