Smc 2552W-G2 User Guide

USER GUIDE

SMC2552W-G2

EliteConnectTM Universal

802.11g 2.4GHz Wireless Access Point

EliteConnect™ SMC2552W-G2

2.4GHz Wireless Access Point

The easy way to make all your network connections

20 Mason
Irvine, CA 92618
Phone: (949) 679-8000

September 2008

Pub.# 149100034100E

F4.3.2.2 E092008-AP-R03

Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and
reliable. However, no responsibility is assumed by SMC for its use, nor for any
infringements of patents or other rights of third parties which may result from its use. No
license is granted by implication or otherwise under any patent or patent rights of SMC.
SMC reserves the right to change specifications at any time without notice.

Copyright © 2008 by

SMC Networks, Inc.

20 Mason

Irvine, CA 92618

All rights reserved. Printed in Taiwan

Trademarks:

SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are
trademarks of SMC Networks, Inc. Other product and company names are trademarks or
registered trademarks of their respective holders.

Limited Warranty

Limited Warranty Statement: SMC Networks, Inc. (“SMC”) warrants its products to be
free from defects in workmanship and materials, under normal use and service, for the
applicable warranty term. All SMC products carry a standard 90-day limited warranty from
the date of purchase from SMC or its Authorized Reseller. SMC may, at its own discretion,
repair or replace any product not operating as warranted with a similar or functionally
equivalent product, during the applicable warranty term. SMC will endeavor to repair or
replace any product returned under warranty within 30 days of receipt of the product.

The standard limited warranty can be upgraded to a Limited Lifetime* warranty by
registering new products within 30 days of purchase from SMC or its Authorized Reseller.
Registration can be accomplished via the enclosed product registration card or online via
the SMC Web site. Failure to register will not affect the standard limited warranty. The
Limited Lifetime warranty covers a product during the Life of that Product, which is
defined as the period of time during which the product is an “Active” SMC product. A
product is considered to be “Active” while it is listed on the current SMC price list. As new
technologies emerge, older technologies become obsolete and SMC will, at its discretion,
replace an older product in its product line with one that incorporates these newer
technologies. At that point, the obsolete product is discontinued and is no longer an
“Active” SMC product. A list of discontinued products with their respective dates of
discontinuance can be found at:
http://www.smc.com/index.cfm?action=customer_service_warranty.

All products that are replaced become the property of SMC. Replacement products may
be either new or reconditioned. Any replaced or repaired product carries either a 30-day
limited warranty or the remainder of the initial warranty, whichever is longer. SMC is not
responsible for any custom software or firmware, configuration information, or memory
data of Customer contained in, stored on, or integrated with any products returned to
SMC pursuant to any warranty. Products returned to SMC should have any
customer-installed accessory or add-on components, such as expansion modules,
removed prior to returning the product for replacement. SMC is not responsible for these
items if they are returned with the product.

Customers must contact SMC for a Return Material Authorization number prior to
returning any product to SMC. Proof of purchase may be required. Any product returned
to SMC without a valid Return Material Authorization (RMA) number clearly marked on
the outside of the package will be returned to customer at customer’s expense. For
warranty claims within North America, please call our toll-free customer support number
at (800) 762-4968. Customers are responsible for all shipping charges from their facility to
SMC. SMC is responsible for return shipping charges from SMC to customer.

WARRANTIES EXCLUSIVE: IF AN SMC PRODUCT DOES NOT OPERATE AS
WARRANTED ABOVE, CUSTOMER’S SOLE REMEDY SHALL BE REPAIR OR
REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMC’S OPTION. THE
FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF
ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER IN
FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING
WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE. SMC NEITHER ASSUMES NOR AUTHORIZES ANY OTHER
PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE
SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS. SMC SHALL

iv

NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION
DISCLOSE THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS
CAUSED BY CUSTOMER’S OR ANY THIRD PERSON’S MISUSE, NEGLECT,
IMPROPER INSTALLATION OR TESTING, UNAUTHORIZED ATTEMPTS TO REPAIR,
OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE, OR BY
ACCIDENT, FIRE, LIGHTNING, OR OTHER HAZARD.

LIMITATION OF LIABILITY: IN NO EVENT, WHETHER BASED IN CONTRACT OR
TORT (INCLUDING NEGLIGENCE), SHALL SMC BE LIABLE FOR INCIDENTAL,
CONSEQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES OF ANY KIND, OR
FOR LOSS OF REVENUE, LOSS OF BUSINESS, OR OTHER FINANCIAL LOSS
ARISING OUT OF OR IN CONNECTION WITH THE SALE, INSTALLATION,
MAINTENANCE, USE, PERFORMANCE, FAILURE, OR INTERRUPTION OF ITS
PRODUCTS, EVEN IF SMC OR ITS AUTHORIZED RESELLER HAS BEEN ADVISED
OF THE POSSIBILITY OF SUCH DAMAGES.

SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES OR
THE LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR
CONSUMER PRODUCTS, SO THE ABOVE LIMITATIONS AND EXCLUSIONS MAY
NOT APPLY TO YOU. THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS,
WHICH MAY VARY FROM STATE TO STATE. NOTHING IN THIS WARRANTY SHALL
BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS.

* SMC will provide warranty service for one year following discontinuance from the active
SMC price list. Under the limited lifetime warranty, internal and external power supplies,
fans, and cables are covered by a standard one-year warranty from date of purchase.

SMC Networks, Inc.

20 Mason

Irvine, CA 92618

v

vi

COMPLIANCES

Federal Communication Commission Interference
Statement

This equipment has been tested and found to comply with the limits for a Class B
digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to
provide reasonable protection against harmful interference in a residential
installation. This equipment generates, uses and can radiate radio frequency
energy and, if not installed and used in accordance with the instructions, may
cause harmful interference to radio communications. However, there is no
guarantee that interference will not occur in a particular installation. If this
equipment does cause harmful interference to radio or television reception, which
can be determined by turning the equipment off and on, the user is encouraged to
try to correct the interference by one of the following measures:

• Reorient or relocate the receiving antenna

• Increase the separation between the equipment and receiver

• Connect the equipment into an outlet on a circuit different from that to which the
receiver is connected

• Consult the dealer or an experienced radio/TV technician for help

FCC Caution: Any changes or modifications not expressly approved by the party
responsible for compliance could void the user's authority to operate this
equipment. This device complies with Part 15 of the FCC Rules. Operation is
subject to the following two conditions: (1) This device may not cause harmful
interference, and (2) this device must accept any interference received, including
interference that may cause undesired operation.

IMPORTANT NOTE:
FCC Radiation Exposure Statement

This equipment complies with FCC radiation exposure limits set forth for an
uncontrolled environment. This equipment should be installed and operated with a
minimum distance of 20 centimeters (8 inches) between the radiator and your
body. This transmitter must not be co-located or operating in conjunction with any
other antenna or transmitter.

i

COMPLIANCES

Industry Canada - Class B

This digital apparatus does not exceed the Class B limits for radio noise emissions
from digital apparatus as set out in the interference-causing equipment standard
entitled “Digital Apparatus,” ICES-003 of Industry Canada.

Cet appareil numérique respecte les limites de bruits radioélectriques applicables
aux appareils numériques de Classe B prescrites dans la norme sur le matérial
brouilleur: “Appareils Numériques,” NMB-003 édictée par l’Industrie.

Taiwan DGT

Japan VCCI Class B

Australia/New Zealand AS/NZS 4771

N11846

ii

C

OMPLIANCES

EC Conformance Declaration

Marking by the above symbol indicates compliance with the Essential
Requirements of the R&TTE Directive of the European Union (1999/5/
EC). This equipment meets the following conformance standards:

• EN 60950-1 (IEC 60950-1) - Product Safety

• EN 300 328 - Technical requirements for 2.4 GHz radio equipment

• EN 301 489-1 / EN 301 489-17 - EMC requirements for radio equipment

Countries of Operation & Conditions of Use in the European
Community

This device is intended to be operated in all countries of the European
Community. Requirements for indoor vs. outdoor operation, license
requirements and allowed channels of operation apply in some countries
as described below:

Note: The user must use the configuration utility provided with this

product to ensure the channels of operation are in conformance
with the spectrum usage rules for European Community countries
as described below.

• This device requires that the user or installer properly enter the current
country of operation in the command line interface as described in the
user guide, before operating this device.

• This device will automatically limit the allowable channels determined
by the current country of operation. Incorrectly entering the country of
operation may result in illegal operation and may cause harmful
interference to other systems. The user is obligated to ensure the
device is operating according to the channel limitations, indoor/outdoor
restrictions and license requirements for each European Community
country as described in this document.

• This device may be operated indoors or outdoors in all countries of the
European Community using the 2.4 GHz band: Channels 1 - 13, except
where noted below.

- In Italy the end-user must apply for a license from the national

spectrum authority to operate this device outdoors.

- In Belgium outdoor operation is only permitted using the 2.46 -

2.4835 GHz band: Channel 13.

- In France outdoor operation is only permitted using the 2.4 - 2.454

GHz band: Channels 1 - 7.

iii

COMPLIANCES

Declaration of Conformity in Languages of the European
Community

English Hereby, SMC, declares that this Radio LAN device is in

Finnish Valmistaja SMC vakuuttaa täten että Radio LAN device tyyppinen

Dutch Hierbij verklaart SMC dat het toestel Radio LAN device in

French Par la présente SMC déclare que l'appareil Radio LAN device est

Swedish Härmed intygar SMC att denna Radio LAN device står I

Danish Undertegnede SMC erklærer herved, at følgende udstyr Radio

German Hiermit erklärt SMC, dass sich dieser/diese/dieses Radio LAN

Greek ΜΕ ΤΗΝ ΠΑΡΟΥΣΑ SMC ΔΗΛΩΝΕΙ ΟΤΙ radio LAN device

Italian Con la presente SMC dichiara che questo Radio LAN device è

compliance with the essential requirements and other relevant
provisions of Directive 1999/5/EC.

laite on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä
koskevien direktiivin muiden ehtojen mukainen.

overeenstemming is met de essentiële eisen en de andere
relevante bepalingen van richtlijn 1999/5/EG

Bij deze SMC dat deze Radio LAN device voldoet aan de
essentiële eisen en aan de overige relevante bepalingen van
Richtlijn 1999/5/EC.

conforme aux exigences essentielles et aux autres dispositions
pertinentes de la directive 1999/5/CE

överensstämmelse med de väsentliga egenskapskrav och övriga
relevanta bestämmelser som framgår av direktiv 1999/5/EG.

LAN device overholder de væsentlige krav og øvrige relevante
krav i direktiv 1999/5/EF

device in Übereinstimmung mit den grundlegenden
Anforderungen und den anderen relevanten Vorschriften der
Richtlinie 1999/5/EG befindet". (BMWi)

Hiermit erklärt SMC die Übereinstimmung des Gerätes Radio
LAN device mit den grundlegenden Anforderungen und den
anderen relevanten Festlegungen der Richtlinie 1999/5/EG.
(Wien)

ΣΥΜΜΟΡΦΩ ΝΕΤΑ Ι ΠΡΟΣ ΤΙ Σ ΟΥ Σ Ι Ω ΔΕΙ Σ ΑΠΑΙΤΗΣΕΙΣ ΚΑ Ι ΤΙ Σ ΛΟΙ Π ΕΣ
Σ Χ ΕΤΙ Κ ΕΣ ΔΙΑΤΑΞΕΙΣ ΤΗΣ ΟΔ Η Γ Ι Α Σ 1999/5/ΕΚ

conforme ai requisiti essenziali ed alle altre disposizioni pertinenti
stabilite dalla direttiva 1999/5/CE.

iv

C

OMPLIANCES

Spanish Por medio de la presente Manufacturer declara que el Radio LAN

Portuguese Manufacturer declara que este Radio LAN device está conforme

device cumple con los requisitos esenciales y cualesquiera otras
disposiciones aplicables o exigibles de la Directiva 1999/5/CE

com os requisitos essenciais e outras disposições da Directiva
1999/5/CE.

Safety Compliance

Power Cord Safety

Please read the following safety information carefully before installing the access
point:

WARNING: Installation and removal of the unit must be carried out by qualified
personnel only.

• The unit must be connected to an earthed (grounded) outlet to comply with
international safety standards.

• Do not connect the unit to an A.C. outlet (power supply) without an earth
(ground) connection.

• The appliance coupler (the connector to the unit and not the wall plug) must have

a configuration for mating with an EN 60320/IEC 320 appliance inlet.

• The socket outlet must be near to the unit and easily accessible. You can only

remove power from the unit by disconnecting the power cord from the outlet.

• This unit operates under SELV (Safety Extra Low Voltage) conditions according
to IEC 60950. The conditions are only maintained if the equipment to which it is
connected also operates under SELV conditions.

• The PoE (Power over Ethernet), which is to be interconnected with other
equipment that must be contained within the same building including the
interconnected equipment’s associated LAN connections.

France and Peru only

This unit cannot be powered from IT
unit must be powered by 230 V (2P+T) via an isolation transformer ratio 1:1, with
the secondary connection point labelled Neutral, connected directly to earth
(ground).

†

Impédance à la terre

†

supplies. If your supplies are of IT type, this

v

COMPLIANCES

Important! Before making connections, make sure you have the correct cord set.
Check it (read the label on the cable) against the following:

Power Cord Set

U.S.A. and
Canada

Denmark The supply plug must comply with Section 107-2-D1,

Switzerland The supply plug must comply with SEV/ASE 1011.

U.K. The supply plug must comply with BS1363 (3-pin 13 A) and

Europe The supply plug must comply with CEE7/7 (“SCHUKO”).

The cord set must be UL-approved and CSA certified.

The minimum specifications for the flexible cord are:

- No. 18 AWG - not longer than 2 meters, or 16 AWG.

- Type SV or SJ

- 3-conductor

The cord set must have a rated current capacity of at least
10 A

The attachment plug must be an earth-grounding type with
NEMA 5-15P (15 A, 125 V) or NEMA 6-15P (15 A, 250 V)
configuration.

Standard DK2-1a or DK2-5a.

be fitted with a 5 A fuse which complies with BS1362.

The mains cord must be <HAR> or <BASEC> marked and
be of type HO3VVF3GO.75 (minimum).

The mains cord must be <HAR> or <BASEC> marked and
be of type HO3VVF3GO.75 (minimum).

IEC-320 receptacle.

vi

C

OMPLIANCES

Veuillez lire à fond l'information de la sécurité suivante avant
d'installer le access point:

AVERTISSEMENT: L’installation et la dépose de ce groupe doivent être confiés à un

personnel qualifié.

• Ne branchez pas votre appareil sur une prise secteur (alimentation électrique)
lorsqu'il n'y a pas de connexion de mise à la terre (mise à la masse).

• Vous devez raccorder ce groupe à une sortie mise à la terre (mise à la masse) afin
de respecter les normes internationales de sécurité.

• Le coupleur d’appareil (le connecteur du groupe et non pas la prise murale) doit
respecter une configuration qui permet un branchement sur une entrée d’appareil
EN 60320/IEC 320.

• La prise secteur doit se trouver à proximité de l’appareil et son accès doit être
facile. Vous ne pouvez mettre l’appareil hors circuit qu’en débranchant son cordon
électrique au niveau de cette prise.

• L’appareil fonctionne à une tension extrêmement basse de sécurité qui est
conforme à la norme IEC 60950. Ces conditions ne sont maintenues que si
l’équipement auquel il est raccordé fonctionne dans les mêmes conditions.

France et Pérou uniquement:

Ce groupe ne peut pas être alimenté par un dispositif à impédance à la terre. Si vos
alimentations sont du type impédance à la terre, ce groupe doit être alimenté par
une tension de 230 V (2 P+T) par le biais d’un transformateur d’isolement à rapport
1:1, avec un point secondaire de connexion portant l’appellation Neutre et avec
raccordement direct à la terre (masse).

Cordon électrique - Il doit être agréé dans le pays d’utilisation

Etats-Unis et
Canada:

Danemark: La prise mâle d’alimentation doit respecter la section 107-2

Le cordon doit avoir reçu l’homologation des UL et un
certificat de la CSA.

Les spécifications minimales pour un cable flexible sont
AWG No. 18, ou AWG No. 16 pour un cable de longueur
inférieure à 2 mètres.

- type SV ou SJ

- 3 conducteurs

Le cordon doit être en mesure d’acheminer un courant
nominal d’au moins 10 A.

La prise femelle de branchement doit être du type à mise à
la terre (mise à la masse) et respecter la configuration NEMA
5-15P (15 A, 125 V) ou NEMA 6-15P (15 A, 250 V).

D1 de la norme DK2 1a ou DK2 5a.

vii

COMPLIANCES

Cordon électrique - Il doit être agréé dans le pays d’utilisation

Suisse: La prise mâle d’alimentation doit respecter la norme SEV/

Europe La prise secteur doit être conforme aux normes CEE 7/7

Bitte unbedingt vor dem Einbauen des Access Point die folgenden
Sicherheitsanweisungen durchlesen

WARNUNG: Die Installation und der Ausbau des Geräts darf nur durch

Fachpersonal erfolgen.

• Das Gerät sollte nicht an eine ungeerdete Wechselstromsteckdose
angeschlossen werden.

• Das Gerät muß an eine geerdete Steckdose angeschlossen werden, welche die
internationalen Sicherheitsnormen erfüllt.

• Der Gerätestecker (der Anschluß an das Gerät, nicht der
Wandsteckdosenstecker) muß einen gemäß EN 60320/IEC 320 konfigurierten
Geräteeingang haben.

• Die Netzsteckdose muß in der Nähe des Geräts und leicht zugänglich sein. Die
Stromversorgung des Geräts kann nur durch Herausziehen des
Gerätenetzkabels aus der Netzsteckdose unterbrochen werden.

• Der Betrieb dieses Geräts erfolgt unter den SELV-Bedingungen
(Sicherheitskleinstspannung) gemäß IEC 60950. Diese Bedingungen sind nur
gegeben, wenn auch die an das Gerät angeschlossenen Geräte unter

•

SELV-Bedingungen betrieben werden.

ASE 1011.

(“SCHUKO”)
LE cordon secteur doit porter la mention <HAR> ou

<BASEC> et doit être de type HO3VVF3GO.75 (minimum).

(Germany):

viii

C

OMPLIANCES

Stromkabel. Dies muss von dem Land, in dem es benutzt wird geprüft werden:

U.S.A und
Kanada

Danemark Dieser Stromstecker muß die ebene 107-2-D1, der

Schweiz Dieser Stromstecker muß die SEV/ASE

Europe Das Netzkabel muß vom Typ HO3VVF3GO.75

Der Cord muß das UL gepruft und war das CSA
beglaubigt.

Das Minimum spezifikation fur der Cord sind:

- Nu. 18 AWG - nicht mehr als 2 meter, oder 16 AWG.

- Der typ SV oder SJ

- 3-Leiter

Der Cord muß haben eine strombelastbarkeit aus
wenigstens 10 A

Dieser Stromstecker muß hat einer erdschluss mit der typ
NEMA 5-15P (15A, 125V) oder NEMA 6-15P (15A, 250V)
konfiguration.

standard DK2-1a oder DK2-5a Bestimmungen einhalten.

1011Bestimmungen einhalten.

(Mindestanforderung) sein und die Aufschrift <HAR> oder
<BASEC> tragen.

Der Netzstecker muß die Norm CEE 7/7 erfüllen
(”SCHUKO”).

ix

COMPLIANCES

x

Table of Contents

Chapter 1: Introduction 1-1

Package Checklist 1-2
Hardware Description 1-2

Antennas 1-3
LED Indicators 1-3
Security Slot 1-4
Console Port 1-4
Ethernet Port 1-4
Reset Button 1-5

Power Connector 1-5
Features and Benefits 1-5
System Defaults 1-6

Chapter 2: Hardware Installation 2-1

Chapter 3: Network Configuration 3-1

Network Topologies 3-2

Ad Hoc Wireless LAN (no Access Point) 3-2

Infrastructure Wireless LAN 3-3

Infrastructure Wireless LAN for Roaming Wireless PCs 3-4

Infrastructure Wireless Bridge 3-5

Infrastructure Wireless Repeater 3-6

Chapter 4: Initial Configuration 4-1

Initial Setup through the CLI 4-1

Required Connections 4-1

Initial Configuration Steps 4-2
Logging In 4-3

Chapter 5: System Configuration 5-1

Advanced Configuration 5-2

System Identification 5-3

TCP / IP Settings 5-5

RADIUS 5-7

SSH Settings 5-11

xi

Contents

Authentication 5-12
Filter Control 5-17
VLAN 5-19
WDS Settings 5-21
AP Management 5-27
Administration 5-28
System Log 5-33

SNMP 5-37

Configuring SNMP and Trap Message Parameters 5-38
Configuring SNMPv3 Users 5-43
Configuring SNMPv3 Trap Filters 5-45
Configuring SNMPv3 Targets 5-47

Radio Interface 5-49

Security 5-66

Status Information 5-85

Access Point Status 5-85
Station Status 5-88
Event Logs 5-91

Chapter 6: Command Line Interface 6-1

Using the Command Line Interface 6-1

Accessing the CLI 6-1
Console Connection 6-1
Telnet Connection 6-1

Entering Commands 6-2

Keywords and Arguments 6-2
Minimum Abbreviation 6-3
Command Completion 6-3
Getting Help on Commands 6-3
Partial Keyword Lookup 6-4
Negating the Effect of Commands 6-4
Using Command History 6-4
Understanding Command Modes 6-4
Exec Commands 6-5
Configuration Commands 6-5
Command Line Processing 6-6

Command Groups 6-6
General Commands 6-7

configure 6-8
end 6-8
exit 6-8
ping 6-9
reset 6-10
show history 6-10

xii

Contents

show line 6-11
System Management Commands 6-11

country 6-12

prompt 6-14

system name 6-14

username 6-15

password 6-15

ip ssh-server enable 6-16

ip ssh-server port 6-16

ip telnet-server enable 6-17

ip http port 6-17

ip http server 6-18

ip https port 6-18

ip https server 6-19

APmgmtIP 6-20

APmgmtUI 6-21

show apmagement 6-21

show system 6-22

show version 6-23

show config 6-23

show hardware 6-27
System Logging Commands 6-27

logging on 6-28

logging host 6-28

logging console 6-29

logging level 6-29

logging facility-type 6-30

logging clear 6-31

show logging 6-31

show event-log 6-32
System Clock Commands 6-32

sntp-server ip 6-33

sntp-server enable 6-33

sntp-server date-time 6-34

sntp-server daylight-saving 6-35

sntp-server timezone 6-35

show sntp 6-36
DHCP Relay Commands 6-37

dhcp-relay enable 6-37

dhcp-relay 6-38

show dhcp-relay 6-38
SNMP Commands 6-39

snmp-server community 6-40

snmp-server contact 6-40

snmp-server location 6-41

xiii

Contents

snmp-server enable server 6-41
snmp-server host 6-42
snmp-server trap 6-43
snmp-server engine-id 6-45
snmp-server user 6-45
snmp-server targets 6-47
snmp-server filter 6-48
snmp-server filter-assignments 6-49
show snmp groups 6-49
show snmp users 6-50
show snmp group-assignments 6-50
show snmp target 6-51
show snmp filter 6-51
show snmp filter-assignments 6-52
show snmp 6-53

Flash/File Commands 6-54

bootfile 6-54
copy 6-55
delete 6-56
dir 6-57
show bootfile 6-57

RADIUS Client 6-58

radius-server address 6-58
radius-server port 6-59
radius-server key 6-59
radius-server retransmit 6-60
radius-server timeout 6-60
radius-server port-accounting 6-61
radius-server timeout-interim 6-61
radius-server radius-mac-format 6-62
radius-server vlan-format 6-62
show radius 6-63

802.1X Authentication 6-64

802.1x 6-64

802.1x broadcast-key-refresh-rate 6-65

802.1x session-key-refresh-rate 6-66

802.1x session-timeout 6-66

802.1x-supplicant enable 6-67

802.1x-supplicant user 6-67
show authentication 6-68

MAC Address Authentication 6-69

address filter default 6-69
address filter entry 6-70
address filter delete 6-70
mac-authentication server 6-71

xiv

Contents

mac-authentication session-timeout 6-71
Filtering Commands 6-72

filter local-bridge 6-72

filter ap-manage 6-73

filter uplink enable 6-73

filter uplink 6-74

filter ethernet-type enable 6-74

filter ethernet-type protocol 6-75

show filters 6-76
WDS Bridge Commands 6-76

bridge role (WDS) 6-77

bridge-link parent 6-77

bridge-link child 6-78

bridge dynamic-entry age-time 6-79

show bridge aging-time 6-79

show bridge filter-entry 6-80

show bridge link 6-80
Spanning Tree Commands 6-82

bridge stp enable 6-82

bridge stp forwarding-delay 6-83

bridge stp hello-time 6-83

bridge stp max-age 6-84

bridge stp priority 6-84

bridge-link path-cost 6-85

bridge-link port-priority 6-85

show bridge stp 6-86
Ethernet Interface Commands 6-87

interface ethernet 6-87

dns server 6-88

ip address 6-88

ip dhcp 6-89

speed-duplex 6-90

shutdown 6-91

show interface ethernet 6-91
Wireless Interface Commands 6-92

interface wireless 6-94

vap 6-94

speed 6-95

multicast-data-rate 6-95

channel 6-96

transmit-power 6-96

radio-mode 6-97

preamble 6-98

antenna control 6-98

antenna id 6-99

xv

Contents

antenna location 6-100
beacon-interval 6-100
dtim-period 6-101
fragmentation-length 6-101
rts-threshold 6-102
super-g 6-103
description 6-103
ssid 6-104
closed-system 6-104
max-association 6-105
assoc-timeout-interval 6-105
auth-timeout-value 6-105
shutdown 6-106
show interface wireless 6-107
show station 6-108

Rogue AP Detection Commands 6-108

rogue-ap enable 6-109
rogue-ap authenticate 6-110
rogue-ap duration 6-110
rogue-ap interval 6-111
rogue-ap scan 6-112
show rogue-ap 6-112

Wireless Security Commands 6-113

auth 6-113
encryption 6-115
key 6-116
transmit-key 6-117
cipher-suite 6-118
mic_mode 6-119
wpa-pre-shared-key 6-120
pmksa-lifetime 6-120
pre-authentication 6-121

Link Integrity Commands 6-122

link-integrity ping-detect 6-123
link-integrity ping-host 6-123
link-integrity ping-interval 6-124
link-integrity ping-fail-retry 6-124
link-integrity ethernet-detect 6-124
show link-integrity 6-125

IAPP Commands 6-126

iapp 6-126

VLAN Commands 6-127

vlan 6-127
management-vlanid 6-128
vlan-id 6-128

xvi

Contents

WMM Commands 6-129

wmm 6-130

wmm-acknowledge-policy 6-130

wmmparam 6-131

Appendix A: Troubleshooting A-1

Appendix B: Cables and Pinouts B-1

Twisted-Pair Cable Assignments B-1

10/100BASE-TX Pin Assignments B-1

Straight-Through Wiring B-2

Crossover Wiring B-3
Console Port Pin Assignments B-3

Wiring Map for Serial Cable B-4

Appendix C: Specifications C-1

General Specifications C-1
Sensitivity C-3
Transmit Power C-3

Operating Range C-5

Glossary

Index

xvii

Contents

xviii

Chapter 1: Introduction

The 2.4 GHz Wireless Access Point is an IEEE 802.11b/g access point that provides
transparent, wireless high-speed data communications between the wired LAN and
fixed or mobile devices equipped with an 802.11b, or 802.11g wireless adapter.

This solution offers fast, reliable wireless connectivity with considerable cost savings
over wired LANs (which include long-term maintenance overhead for cabling). Using

802.11b and 802.11g technology, this access point can easily replace a 10 Mbps
Ethernet connection or seamlessly integrate into a 10/100 Mbps Ethernet LAN.

The access point supports up to eight Virtual Access Points. This allows traffic to be
separated for different user groups using an access point that services one area. For
each VAP, different security settings, VLAN assignments, and other parameters can
be applied.

Each radio interface on the access point can operate in one of four modes:

• Access Point – Providing conectivity to wireless clients in the service area.

• Repeater – Providing an extended link to a remote access point from the wired
LAN. In this mode, the access point does not have a cable connection to the wired
Ethernet LAN.

• Bridge – Providing links to access points operating in “Bridge” or “Root Bridge”
mode and thereby connecting other wired LAN segments.

• Root Bridge – Providing links to other access points operating in “Bridge” mode
and thereby connecting other wired LAN segments. Only one unit in the wireless
bridge network can be set to “Root Bridge” mode.

In addition, the access point offers full network management capabilities through an
easy to configure web interface, a command line interface for initial configuration
and troubleshooting, and support for Simple Network Management Protocol tools.

Radio Characteristics – The IEEE 802.11b/g standard uses a radio modulation
technique known as Orthogonal Frequency Division Multiplexing (OFDM), and a
shared collision domain (CSMA/CA). It operates at the 2.4 GHz Unlicensed National
Information Infrastructure (UNII) band for connections to 802.11g clients.

IEEE 802.11g includes backward compatibility with the IEEE 802.11b standard.
IEEE 802.11b also operates at 2.4 GHz, but uses Direct Sequence Spread
Spectrum (DSSS) and Complementary Code Keying (CCK) modulation technology
to achieve a communication rate of up to 11 Mbps.

The access point supports a 54 Mbps half-duplex connection to Ethernet networks
for each active channel.

1-1

Introduction

1

Package Checklist

The 2.4 GHz Wireless Access Point package includes:

• One 2.4 GHz Wireless Access Point

• One Category 5 network cable

• One RS-232 console cable

• One AC power adapter and power cord

• Four rubber feet

• User Guide CD

Inform your dealer if there are any incorrect, missing or damaged parts. If possible,
retain the carton, including the original packing materials. Use them again to repack
the product in case there is a need to return it.

Hardware Description

Top P a nel

Antennas

LED

Indicators

1-2

Hardware Description

Rear Panel

RJ-45 Port

Security Slot

5 VDC

Power Socket

Reset

Button

Console

Port

Antennas

The access point includes integrated diversity antennas for wireless
communications. A diversity antenna system uses two identical antennas to receive
and transmit signals, helping to avoid multipath fading effects. When receiving, the
access point checks both antennas and selects the one with the strongest signal.
When transmitting, it will continue to use the antenna previously selected for
receiving. The access point never transmits from both antennas at the same time.

The antennas transmit the outgoing signal as a toroidal sphere (doughnut shaped),
with the coverage extending most in a direction perpendicular to the antenna. The
antenna should be adjusted to an angle that provides the appropriate coverage for
the service area. For further information, see “Positioning the Antennas” on 2-2.

1

LED Indicators

The access point includes three status
LED indicators, as described in the
following figure and table.

Power

Ethernet

Link/Activity

802.11b/g
Wireless

Link/Activity

1-3

Introduction

1

LED Status Description

PWR On Indicates that the system is working normally.

Flashing Indicates running a self-test or loading the software program.

Flashing (Prolonged) Indicates system errors.

Link On Indicates a valid 10/100 Mbps Ethernet cable link.

Flashing Indicates that the access point is transmitting or receiving data

11g On Indicates that the 802.11b/g radio is enabled.

Flashing Indicates that the access point is transmitting or receiving data

Off Indicates that the 802.11b/g radio is disabled.

on a 10/100 Mbps Ethernet LAN. Flashing rate is proportional
to network activity.

through wireless links. Flashing rate is proportional to network
activity.

Security Slot

The access point includes a Kensington security slot on the rear panel. You can
prevent unauthorized removal of the access point by wrapping the Kensington
security cable (not provided) around an unmovable object, inserting the lock into the
slot, and turning the key.

Console Port

This port is used to connect a console device to the access point through a serial
cable. This connection is described under “Console Port Pin Assignments” on page
B-3. The console device can be a PC or workstation running a VT-100 terminal
emulator, or a VT-100 terminal.

Ethernet Port

The access point has one 10BASE-T/100BASE-TX RJ-45 port that can be attached
directly to 10BASE-T/100BASE-TX LAN segments. These segments must conform
to the IEEE 802.3 or 802.3u specifications.

This port supports automatic MDI/MDI-X operation, so you can use straight-through
cables for all network connections to PCs, switches, or hubs.

The access point appears as an Ethernet node and performs a bridging function by
moving packets from the wired LAN to remote workstations on the wireless
infrastructure.

Note: The RJ-45 port also supports Power over Ethernet (PoE) based on the IEEE

802.3af standard. Refer to the description for the “Power Connector” for
information on supplying power to the access point’s network port from a network
device, such as a switch, that provides Power over Ethernet (PoE).

1-4

Features and Benefits

Reset Button

This button is used to reset the access point or restore the factory default
configuration. If you hold down the button for less than 5 seconds, the access point
will perform a hardware reset. If you hold down the button for 5 seconds or more,
any configuration changes you may have made are removed, and the factory default
configuration is restored to the access point.

Power Connector

The access point does not have a power switch. It is powered on when connected to
the AC power adapter, and the power adapter is connected to a power source. The
power adapter automatically adjusts to any voltage between 100-240 volts at 50 or
60 Hz. No voltage range settings are required.

The access point may also receive Power over Ethernet (PoE) from a switch or
other network device that supplies power over the network cable based on the IEEE

802.3af standard.

Note that if the access point is connected to a PoE source device and also
connected to a local power source through the AC power adapter, PoE will be
disabled.

Features and Benefits

• Local network connection via 10/100 Mbps Ethernet ports or 54 Mbps wireless
interface (supporting up to 128 mobile users)

• IEEE 802.11b and 802.11g compliant

• Interoperable with multiple vendors based on the IEEE 802.11f protocol

• Advanced security through 64/128/152-bit Wired Equivalent Protection (WEP)
encryption, IEEE 802.1X authentication via a RADIUS server, Wi-Fi Protected
Access (WPA), and MAC address filtering features to protect your sensitive data
and authenticate only authorized users to your network

• Provides seamless roaming within the IEEE 802.11b and 802.11g WLAN
environment

• Scans all available channels and selects the best channel for each client based on
the signal-to-noise ratio

• Allows the country of operation to be set to match regulatory requirements (for
countries outside of the United States)

1

1-5

Introduction

1

System Defaults

The following table lists some of the access point’s basic system defaults. To reset
the access point defaults, use the CLI command “reset configuration” from the Exec
level prompt.

Table 1-1. System Defaults

Feature Parameter Default

Identification System Name SMC

Administration User Name admin

Password smcadmin

General

TCP/IP DHCP Enabled

RADIUS (Primary and
Secondary)

SSH Server Status Enabled

PPPoE PPPoE Status Disabled

HTTP Server Enabled

HTTP Server Port 80

HTTP Server Enabled

HTTP Server Port 443

IP Address 192.168.2.2

Subnet Mask 255.255.255.0

Default Gateway 0.0.0.0

Primary DNS IP 0.0.0.0

Secondary DNS IP 0.0.0.0

IP Address 0.0.0.0

Port 1812

Key DEFAULT

Timeout 5 seconds

Retransmit attempts 3

Accounting Port 0 (Disabled)

Interim Update Timeout 3600 seconds

Server Port 22

1-6