Smc 2555W-AG2 User Guide

USER GUIDE

SMC2555W-AG2

EliteConnectTM Universal

802.11a/g 2.4GHz/5GHz Wireless Access Point

EliteConnect™ SMC2555W-AG2 Universal 2.4GHz/5GHz Wireless Dual-Band Access Point

The easy way to make all your network connections

20 Mason Irvine, CA 92618 Phone: (949) 679-8000

October 2008

Pub.# 149100033500E

E102008-AP-R03

Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable. However, no responsibility is assumed by SMC for its use, nor for any infringements of patents or other rights of third parties which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of SMC. SMC reserves the right to change specifications at any time without notice.

SMC Networks, Inc.

20 Mason

Irvine, CA 92618

Trademarks:

SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are trademarks of SMC Networks, Inc. Other product and company names are trademarks or registered trademarks of their respective holders.

Limited Warranty

Limited Warranty Statement: SMC Networks, Inc. (“SMC”) warrants its products to be free from defects in workmanship and materials, under normal use and service, for the applicable warranty term. All SMC products carry a standard 90-day limited warranty from the date of purchase from SMC or its Authorized Reseller. SMC may, at its own discretion, repair or replace any product not operating as warranted with a similar or functionally equivalent product, during the applicable warranty term. SMC will endeavor to repair or replace any product returned under warranty within 30 days of receipt of the product.

The standard limited warranty can be upgraded to a Limited Lifetime* warranty by registering new products within 30 days of purchase from SMC or its Authorized Reseller. Registration can be accomplished via the enclosed product registration card or online via the SMC Web site. Failure to register will not affect the standard limited warranty. The Limited Lifetime warranty covers a product during the Life of that Product, which is defined as the period of time during which the product is an “Active” SMC product. A product is considered to be “Active” while it is listed on the current SMC price list. As new technologies emerge, older technologies become obsolete and SMC will, at its discretion, replace an older product in its product line with one that incorporates these newer technologies. At that point, the obsolete product is discontinued and is no longer an “Active” SMC product. A list of discontinued products with their respective dates of discontinuance can be found at: http://www.smc.com/index.cfm?action=customer_service_warranty.

All products that are replaced become the property of SMC. Replacement products may be either new or reconditioned. Any replaced or repaired product carries either a 30-day limited warranty or the remainder of the initial warranty, whichever is longer. SMC is not responsible for any custom software or firmware, configuration information, or memory data of Customer contained in, stored on, or integrated with any products returned to SMC pursuant to any warranty. Products returned to SMC should have any customer-installed accessory or add-on components, such as expansion modules, removed prior to returning the product for replacement. SMC is not responsible for these items if they are returned with the product.

Customers must contact SMC for a Return Material Authorization number prior to returning any product to SMC. Proof of purchase may be required. Any product returned to SMC without a valid Return Material Authorization (RMA) number clearly marked on the outside of the package will be returned to customer at customer’s expense. For warranty claims within North America, please call our toll-free customer support number at (800) 762-4968. Customers are responsible for all shipping charges from their facility to SMC. SMC is responsible for return shipping charges from SMC to customer.

WARRANTIES EXCLUSIVE: IF AN SMC PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE, CUSTOMER’S SOLE REMEDY SHALL BE REPAIR OR REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMC’S OPTION. THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. SMC NEITHER ASSUMES NOR AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS. SMC SHALL

NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY CUSTOMER’S OR ANY THIRD PERSON’S MISUSE, NEGLECT, IMPROPER INSTALLATION OR TESTING, UNAUTHORIZED ATTEMPTS TO REPAIR, OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE, OR BY ACCIDENT, FIRE, LIGHTNING, OR OTHER HAZARD.

LIMITATION OF LIABILITY: IN NO EVENT, WHETHER BASED IN CONTRACT OR TORT (INCLUDING NEGLIGENCE), SHALL SMC BE LIABLE FOR INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES OF ANY KIND, OR FOR LOSS OF REVENUE, LOSS OF BUSINESS, OR OTHER FINANCIAL LOSS ARISING OUT OF OR IN CONNECTION WITH THE SALE, INSTALLATION, MAINTENANCE, USE, PERFORMANCE, FAILURE, OR INTERRUPTION OF ITS PRODUCTS, EVEN IF SMC OR ITS AUTHORIZED RESELLER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES OR THE LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR CONSUMER PRODUCTS, SO THE ABOVE LIMITATIONS AND EXCLUSIONS MAY NOT APPLY TO YOU. THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS, WHICH MAY VARY FROM STATE TO STATE. NOTHING IN THIS WARRANTY SHALL BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS.

* SMC will provide warranty service for one year following discontinuance from the active SMC price list. Under the limited lifetime warranty, internal and external power supplies, fans, and cables are covered by a standard one-year warranty from date of purchase.

SMC Networks, Inc.

20 Mason

Irvine, CA 92618

COMPLIANCES

Federal Communication Commission Interference Statement

This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one of the following measures:

• Reorient or relocate the receiving antenna

• Increase the separation between the equipment and receiver

• Connect the equipment into an outlet on a circuit different from that to which the receiver is connected

• Consult the dealer or an experienced radio/TV technician for help

FCC Caution: Any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment. This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.

IMPORTANT NOTE: FCC Radiation Exposure Statement

This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with a minimum distance of 20 centimeters (8 inches) between the radiator and your body. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter.

Wireless 5 GHz Band Statements:

As the Access Point can operate in the 5150-5250 MHz frequency band it is limited by the FCC, Industry Canada and some other countries to indoor use only so as to reduce the potential for harmful interference to co-channel Mobile Satellite systems.

COMPLIANCES

High power radars are allocated as primary users (meaning they have priority) of the 5250-5350 MHz and 5650-5850 MHz bands. These radars could cause interference and /or damage to the access point when used in Canada.

The term “IC” before the radio certification number only signifies that Industry Canada technical specifications were met.

Industry Canada - Class B

This digital apparatus does not exceed the Class B limits for radio noise emissions from digital apparatus as set out in the interference-causing equipment standard entitled “Digital Apparatus,” ICES-003 of Industry Canada.

Cet appareil numérique respecte les limites de bruits radioélectriques applicables aux appareils numériques de Classe B prescrites dans la norme sur le matérial brouilleur: “Appareils Numériques,” NMB-003 édictée par l’Industrie.

Japan VCCI Class B

Australia/New Zealand AS/NZS 4771

ACN 066 352010

OMPLIANCES

EC Conformance Declaration

Marking by the above symbol indicates compliance with the Essential Requirements of the R&TTE Directive of the European Union (1999/5/ EC). This equipment meets the following conformance standards:

• EN 60950-1 (IEC 60950-1) - Product Safety

• EN 301 893 - Technical requirements for 5 GHz radio equipment

• EN 300 328 - Technical requirements for 2.4 GHz radio equipment

• EN 301 489-1 / EN 301 489-17 - EMC requirements for radio equipment

Countries of Operation & Conditions of Use in the European Community

This device is intended to be operated in all countries of the European Community. Requirements for indoor vs. outdoor operation, license requirements and allowed channels of operation apply in some countries as described below:

Note: The user must use the configuration utility provided with this

product to ensure the channels of operation are in conformance with the spectrum usage rules for European Community countries as described below.

• This device requires that the user or installer properly enter the current country of operation in the command line interface as described in the user guide, before operating this device.

• This device will automatically limit the allowable channels determined by the current country of operation. Incorrectly entering the country of operation may result in illegal operation and may cause harmful interference to other systems. The user is obligated to ensure the device is operating according to the channel limitations, indoor/outdoor restrictions and license requirements for each European Community country as described in this document.

• This device employs a radar detection feature required for European Community operation in the 5 GHz band. This feature is automatically enabled when the country of operation is correctly configured for any European Community country. The presence of nearby radar operation may result in temporary interruption of operation of this device. The radar detection feature will automatically restart operation on a channel free of radar.

iii

COMPLIANCES

• The 5 GHz Turbo Mode feature is not allowed for operation in any European Community country. The current setting for this feature is found in the 5 GHz 802.11a Radio Settings Window as described in the user guide.

• The 5 GHz radio's Auto Channel Select setting described in the user guide must always remain enabled to ensure that automatic 5 GHz channel selection complies with European requirements. The current setting for this feature is found in the 5 GHz 802.11a Radio Settings Window as described in the user guide.

• This device is restricted to indoor use when operated in the European Community using the 5.15 - 5.35 GHz band: Channels 36, 40, 44, 48, 52, 56, 60, 64. See table below for allowed 5 GHz channels by country.

• This device may be operated indoors or outdoors in all countries of the European Community using the 2.4 GHz band: Channels 1 - 13, except where noted below.

- In Italy the end-user must apply for a license from the national

spectrum authority to operate this device outdoors.

- In Belgium outdoor operation is only permitted using the 2.46 -

2.4835 GHz band: Channel 13.

- In France outdoor operation is only permitted using the 2.4 - 2.454

GHz band: Channels 1 - 7.

OMPLIANCES

Operation Using 5 GHz Channels in the European Community

The user/installer must use the provided configuration utility to check the current channel of operation and make necessary configuration changes to ensure operation occurs in conformance with European National spectrum usage laws as described below and elsewhere in this document.

Allowed 5GHz Channels in Each European Community Country

Allowed Frequency Bands Allowed Channel Numbers Countries

5.15 - 5.25 GHz* 36, 40, 44, 48 Austria, Belgium

5.15 - 5.35 GHz* 36, 40, 44, 48, 52, 56, 60, 64 France,

5.15 - 5.35* & 5.470 - 5.725 GHz

5 GHz Operation Not Allowed

* Outdoor operation is not allowed using 5.15-5.35 GHz bands (Channels 36 -

64).

36, 40, 44, 48, 52, 56, 60, 64, 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140

None Greece

Switzerland, Liechtenstein

Denmark, Finland, Germany, Iceland, Ireland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spain, Sweden, U.K.

COMPLIANCES

Declaration of Conformity in Languages of the European Community

English Hereby, SMC, declares that this Radio LAN device is in

Finnish Valmistaja SMC vakuuttaa täten että Radio LAN device tyyppinen

Dutch Hierbij verklaart SMC dat het toestel Radio LAN device in

French Par la présente SMC déclare que l'appareil Radio LAN device est

Swedish Härmed intygar SMC att denna Radio LAN device står I

Danish Undertegnede SMC erklærer herved, at følgende udstyr Radio

German Hiermit erklärt SMC, dass sich dieser/diese/dieses Radio LAN

Greek ΜΕ ΤΗΝ ΠΑΡΟΥΣΑ SMC ΔΗΛΩ ΝΕΙ ΟΤΙ radio LAN device

Italian Con la presente SMC dichiara che questo Radio LAN device è

compliance with the essential requirements and other relevant provisions of Directive 1999/5/EC.

laite on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen.

overeenstemming is met de essentiële eisen en de andere relevante bepalingen van richtlijn 1999/5/EG

Bij deze SMC dat deze Radio LAN device voldoet aan de essentiële eisen en aan de overige relevante bepalingen van Richtlijn 1999/5/EC.

conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999/5/CE

överensstämmelse med de väsentliga egenskapskrav och övriga relevanta bestämmelser som framgår av direktiv 1999/5/EG.

LAN device overholder de væsentlige krav og øvrige relevante krav i direktiv 1999/5/EF

device in Übereinstimmung mit den grundlegenden Anforderungen und den anderen relevanten Vorschriften der Richtlinie 1999/5/EG befindet". (BMWi)

Hiermit erklärt SMC die Übereinstimmung des Gerätes Radio LAN device mit den grundlegenden Anforderungen und den anderen relevanten Festlegungen der Richtlinie 1999/5/EG. (Wien)

ΣΥΜΜΟΡΦ Ω ΝΕΤΑ Ι ΠΡΟΣ ΤΙ Σ ΟΥ Σ Ι Ω Δ ΕΙ Σ ΑΠΑΙΤΗΣΕΙΣ ΚΑΙ ΤΙ Σ ΛΟΙΠ ΕΣ Σ Χ ΕΤΙ ΚΕΣ ΔΙΑΤΑΞΕΙΣ ΤΗ Σ ΟΔ ΗΓ Ι ΑΣ 1999/5/ΕΚ

conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999/5/CE.

OMPLIANCES

Spanish Por medio de la presente Manufacturer declara que el Radio LAN

Portuguese Manufacturer declara que este Radio LAN device está conforme

device cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999/5/CE

com os requisitos essenciais e outras disposições da Directiva 1999/5/CE.

Safety Compliance

Power Cord Safety

Please read the following safety information carefully before installing the access point:

WARNING: Installation and removal of the unit must be carried out by qualified personnel only.

• The unit must be connected to an earthed (grounded) outlet to comply with

international safety standards.

• Do not connect the unit to an A.C. outlet (power supply) without an earth

(ground) connection.

• The appliance coupler (the connector to the unit and not the wall plug) must have

a configuration for mating with an EN 60320/IEC 320 appliance inlet.

• The socket outlet must be near to the unit and easily accessible. You can only

remove power from the unit by disconnecting the power cord from the outlet.

• This unit operates under SELV (Safety Extra Low Voltage) conditions according

to IEC 60950. The conditions are only maintained if the equipment to which it is connected also operates under SELV conditions.

• The PoE (Power over Ethernet), which is to be interconnected with other

equipment that must be contained within the same building including the interconnected equipment’s associated LAN connections.

France and Peru only

This unit cannot be powered from IT unit must be powered by 230 V (2P+T) via an isolation transformer ratio 1:1, with the secondary connection point labelled Neutral, connected directly to earth (ground).

†

Impédance à la terre

†

supplies. If your supplies are of IT type, this

vii

COMPLIANCES

Important! Before making connections, make sure you have the correct cord set. Check it (read the label on the cable) against the following:

Power Cord Set

U.S.A. and Canada

Denmark The supply plug must comply with Section 107-2-D1,

Switzerland The supply plug must comply with SEV/ASE 1011.

U.K. The supply plug must comply with BS1363 (3-pin 13 A) and

Europe The supply plug must comply with CEE7/7 (“SCHUKO”).

The cord set must be UL-approved and CSA certified.

The minimum specifications for the flexible cord are:

- No. 18 AWG - not longer than 2 meters, or 16 AWG.

- Type SV or SJ

- 3-conductor

The cord set must have a rated current capacity of at least 10 A

The attachment plug must be an earth-grounding type with NEMA 5-15P (15 A, 125 V) or NEMA 6-15P (15 A, 250 V) configuration.

Standard DK2-1a or DK2-5a.

be fitted with a 5 A fuse which complies with BS1362.

The mains cord must be <HAR> or <BASEC> marked and be of type HO3VVF3GO.75 (minimum).

IEC-320 receptacle.

viii

OMPLIANCES

Veuillez lire à fond l'information de la sécurité suivante avant d'installer le access point:

AVERTISSEMENT: L’installation et la dépose de ce groupe doivent être confiés à un

personnel qualifié.

• Ne branchez pas votre appareil sur une prise secteur (alimentation électrique) lorsqu'il n'y a pas de connexion de mise à la terre (mise à la masse).

• Vous devez raccorder ce groupe à une sortie mise à la terre (mise à la masse) afin de respecter les normes internationales de sécurité.

• Le coupleur d’appareil (le connecteur du groupe et non pas la prise murale) doit respecter une configuration qui permet un branchement sur une entrée d’appareil EN 60320/IEC 320.

• La prise secteur doit se trouver à proximité de l’appareil et son accès doit être facile. Vous ne pouvez mettre l’appareil hors circuit qu’en débranchant son cordon électrique au niveau de cette prise.

• L’appareil fonctionne à une tension extrêmement basse de sécurité qui est conforme à la norme IEC 60950. Ces conditions ne sont maintenues que si l’équipement auquel il est raccordé fonctionne dans les mêmes conditions.

France et Pérou uniquement:

Ce groupe ne peut pas être alimenté par un dispositif à impédance à la terre. Si vos alimentations sont du type impédance à la terre, ce groupe doit être alimenté par une tension de 230 V (2 P+T) par le biais d’un transformateur d’isolement à rapport 1:1, avec un point secondaire de connexion portant l’appellation Neutre et avec raccordement direct à la terre (masse).

Cordon électrique - Il doit être agréé dans le pays d’utilisation

Etats-Unis et Canada:

Danemark: La prise mâle d’alimentation doit respecter la section 107-2

Le cordon doit avoir reçu l’homologation des UL et un certificat de la CSA.

Les spécifications minimales pour un cable flexible sont AWG No. 18, ou AWG No. 16 pour un cable de longueur inférieure à 2 mètres.

- type SV ou SJ

- 3 conducteurs

Le cordon doit être en mesure d’acheminer un courant nominal d’au moins 10 A.

La prise femelle de branchement doit être du type à mise à la terre (mise à la masse) et respecter la configuration NEMA 5-15P (15 A, 125 V) ou NEMA 6-15P (15 A, 250 V).

D1 de la norme DK2 1a ou DK2 5a.

COMPLIANCES

Cordon électrique - Il doit être agréé dans le pays d’utilisation

Suisse: La prise mâle d’alimentation doit respecter la norme SEV/

Europe La prise secteur doit être conforme aux normes CEE 7/7

Bitte unbedingt vor dem Einbauen des Access Point die folgenden Sicherheitsanweisungen durchlesen

WARNUNG: Die Installation und der Ausbau des Geräts darf nur durch

Fachpersonal erfolgen.

• Das Gerät sollte nicht an eine ungeerdete Wechselstromsteckdose angeschlossen werden.

• Das Gerät muß an eine geerdete Steckdose angeschlossen werden, welche die internationalen Sicherheitsnormen erfüllt.

• Der Gerätestecker (der Anschluß an das Gerät, nicht der Wandsteckdosenstecker) muß einen gemäß EN 60320/IEC 320 konfigurierten Geräteeingang haben.

• Die Netzsteckdose muß in der Nähe des Geräts und leicht zugänglich sein. Die Stromversorgung des Geräts kann nur durch Herausziehen des Gerätenetzkabels aus der Netzsteckdose unterbrochen werden.

• Der Betrieb dieses Geräts erfolgt unter den SELV-Bedingungen (Sicherheitskleinstspannung) gemäß IEC 60950. Diese Bedingungen sind nur gegeben, wenn auch die an das Gerät angeschlossenen Geräte unter

•

SELV-Bedingungen betrieben werden.

ASE 1011.

(“SCHUKO”) LE cordon secteur doit porter la mention <HAR> ou

<BASEC> et doit être de type HO3VVF3GO.75 (minimum).

(Germany):

OMPLIANCES

Stromkabel. Dies muss von dem Land, in dem es benutzt wird geprüft werden:

U.S.A und Kanada

Danemark Dieser Stromstecker muß die ebene 107-2-D1, der

Schweiz Dieser Stromstecker muß die SEV/ASE

Europe Das Netzkabel muß vom Typ HO3VVF3GO.75

Der Cord muß das UL gepruft und war das CSA beglaubigt.

Das Minimum spezifikation fur der Cord sind:

- Nu. 18 AWG - nicht mehr als 2 meter, oder 16 AWG.

- Der typ SV oder SJ

- 3-Leiter

Der Cord muß haben eine strombelastbarkeit aus wenigstens 10 A

Dieser Stromstecker muß hat einer erdschluss mit der typ NEMA 5-15P (15A, 125V) oder NEMA 6-15P (15A, 250V) konfiguration.

standard DK2-1a oder DK2-5a Bestimmungen einhalten.

1011Bestimmungen einhalten.

(Mindestanforderung) sein und die Aufschrift <HAR> oder <BASEC> tragen.

Der Netzstecker muß die Norm CEE 7/7 erfüllen (”SCHUKO”).

COMPLIANCES

xii

Table of Contents

Chapter 1: Introduction 1-1

Package Checklist 1-2 Hardware Description 1-2

Component Description 1-3 Features and Benefits 1-5 System Defaults 1-6

Chapter 2: Hardware Installation 2-1

Chapter 3: External Antennas 3-1

Installation Procedures 3-1

Chapter 4: Network Configuration 4-1

Network Topologies 4-2

Ad Hoc Wireless LAN (no Access Point) 4-2

Infrastructure Wireless LAN 4-3

Infrastructure Wireless LAN for Roaming Wireless PCs 4-4

Infrastructure Wireless Bridge 4-5

Infrastructure Wireless Repeater 4-6

Chapter 5: Initial Configuration 5-1

Initial Setup through the CLI 5-1

Required Connections 5-1

Initial Configuration Steps 5-2 Logging In 5-3

Chapter 6: System Configuration 6-1

Advanced Configuration 6-2

System Identification 6-3

TCP / IP Settings 6-5

RADIUS 6-7

SSH Settings 6-11

Authentication 6-12

Filter Control 6-17

xiii

Contents

VLAN 6-20 WDS Settings 6-22 AP Management 6-28 Administration 6-29 System Log 6-34

SNMP 6-38

Configuring SNMP and Trap Message Parameters 6-39 Configuring SNMPv3 Users 6-44 Configuring SNMPv3 Trap Filters 6-46 Configuring SNMPv3 Targets 6-48

Radio Interface 6-50

Radio Settings A (802.11a) 6-51 Radio Settings G (802.11g) 6-66 Security 6-69

Status Information 6-86

Access Point Status 6-86 Station Status 6-89 Event Logs 6-92 STP Status 6-94

Chapter 7: Command Line Interface 7-1

Using the Command Line Interface 7-1

Accessing the CLI 7-1 Console Connection 7-1 Telnet Connection 7-1

Entering Commands 7-2

Keywords and Arguments 7-2 Minimum Abbreviation 7-2 Command Completion 7-3 Getting Help on Commands 7-3 Partial Keyword Lookup 7-4 Negating the Effect of Commands 7-4 Using Command History 7-4 Understanding Command Modes 7-4 Exec Commands 7-5 Configuration Commands 7-5 Command Line Processing 7-6

Command Groups 7-6 General Commands 7-7

configure 7-8 end 7-8 exit 7-8 ping 7-9 reset 7-10

xiv

Contents

show history 7-10

show line 7-11 System Management Commands 7-11

country 7-12

prompt 7-14

system name 7-14

username 7-15

password 7-15

ip ssh-server enable 7-16

ip ssh-server port 7-16

ip telnet-server enable 7-17

ip http port 7-17

ip http server 7-18

ip https port 7-18

ip https server 7-19

APmgmtIP 7-20

APmgmtUI 7-21

show apmanagement 7-21

show system 7-22

show version 7-23

show config 7-23

show hardware 7-27 System Logging Commands 7-27

logging on 7-28

logging host 7-28

logging console 7-29

logging level 7-29

logging facility-type 7-30

logging clear 7-31

show logging 7-31

show event-log 7-32 System Clock Commands 7-32

sntp-server ip 7-33

sntp-server enable 7-33

sntp-server date-time 7-34

sntp-server daylight-saving 7-35

sntp-server timezone 7-35

show sntp 7-36 DHCP Relay Commands 7-37

dhcp-relay enable 7-37

dhcp-relay 7-38

show dhcp-relay 7-38 SNMP Commands 7-39

snmp-server community 7-40

snmp-server contact 7-40

Contents

snmp-server location 7-41 snmp-server enable server 7-41 snmp-server host 7-42 snmp-server trap 7-43 snmp-server engine-id 7-44 snmp-server user 7-45 snmp-server targets 7-47 snmp-server filter 7-48 snmp-server filter-assignments 7-49 show snmp groups 7-49 show snmp users 7-50 show snmp group-assignments 7-50 show snmp target 7-51 show snmp filter 7-51 show snmp filter-assignments 7-52 show snmp 7-53

Flash/File Commands 7-54

bootfile 7-54 copy 7-55 delete 7-56 dir 7-57 show bootfile 7-57

RADIUS Client 7-58

radius-server address 7-58 radius-server port 7-59 radius-server key 7-59 radius-server retransmit 7-60 radius-server timeout 7-60 radius-server port-accounting 7-61 radius-server timeout-interim 7-61 radius-server radius-mac-format 7-62 radius-server vlan-format 7-62 show radius 7-63

802.1X Authentication 7-64

802.1x 7-64

802.1x broadcast-key-refresh-rate 7-65

802.1x session-key-refresh-rate 7-66

802.1x session-timeout 7-66

802.1x-supplicant enable 7-67

802.1x-supplicant user 7-67 show authentication 7-68

MAC Address Authentication 7-69

address filter default 7-69 address filter entry 7-70 address filter delete 7-70

xvi

Contents

mac-authentication server 7-71

mac-authentication session-timeout 7-71 Filtering Commands 7-72

filter local-bridge 7-73

filter ap-manage 7-73

filter uplink enable 7-74

filter uplink 7-74

filter ethernet-type enable 7-74

filter ethernet-type protocol 7-75

show filters 7-76 WDS Bridge Commands 7-76

bridge role (WDS) 7-77

bridge-link parent 7-77

bridge-link child 7-78

bridge dynamic-entry age-time 7-79

show bridge aging-time 7-79

show bridge filter-entry 7-80

show bridge link 7-80 Spanning Tree Commands 7-82

bridge stp enable 7-82

bridge stp forwarding-delay 7-83

bridge stp hello-time 7-83

bridge stp max-age 7-84

bridge stp priority 7-84

bridge-link path-cost 7-85

bridge-link port-priority 7-85

show bridge stp 7-86 Ethernet Interface Commands 7-87

interface ethernet 7-87

dns server 7-88

ip address 7-88

ip dhcp 7-89

speed-duplex 7-90

shutdown 7-91

show interface ethernet 7-91 Wireless Interface Commands 7-92

interface wireless 7-94

vap 7-94

speed 7-95

turbo 7-95

multicast-data-rate 7-96

channel 7-97

transmit-power 7-97

radio-mode 7-98

preamble 7-99

xvii

Contents

antenna control 7-99 antenna id 7-100 antenna location 7-101 beacon-interval 7-101 dtim-period 7-102 fragmentation-length 7-103 rts-threshold 7-103 super-a 7-104 super-g 7-105 description 7-105 ssid 7-106 closed-system 7-106 max-association 7-107 assoc-timeout-interval 7-107 auth-timeout-value 7-107 shutdown 7-108 show interface wireless 7-109 show station 7-111

Rogue AP Detection Commands 7-112

rogue-ap enable 7-112 rogue-ap authenticate 7-113 rogue-ap duration 7-114 rogue-ap interval 7-114 rogue-ap scan 7-115 show rogue-ap 7-116

Wireless Security Commands 7-116

auth 7-117 encryption 7-119 key 7-120 transmit-key 7-121 cipher-suite 7-122 mic_mode 7-123 wpa-pre-shared-key 7-124 pmksa-lifetime 7-124 pre-authentication 7-125

Link Integrity Commands 7-126

link-integrity ping-detect 7-127 link-integrity ping-host 7-127 link-integrity ping-interval 7-128 link-integrity ping-fail-retry 7-128 link-integrity ethernet-detect 7-128 show link-integrity 7-129

IAPP Commands 7-130

iapp 7-130

VLAN Commands 7-131

xviii

Contents

vlan 7-131

management-vlanid 7-132

vlan-id 7-132 WMM Commands 7-133

wmm 7-134

wmm-acknowledge-policy 7-134

wmmparam 7-135

Appendix A: Troubleshooting A-1

Appendix B: Cables and Pinouts B-1

Twisted-Pair Cable Assignments B-1

10/100BASE-TX Pin Assignments B-1

Straight-Through Wiring B-2

Crossover Wiring B-3 Console Port Pin Assignments B-3

Wiring Map for Serial Cable B-4

Appendix C: Specifications C-1

General Specifications C-1 Sensitivity C-4 Transmit Power C-5

Operating Range C-6

Glossary

Index

xix

Contents

Chapter 1: Introduction

The 2.4 GHz/5 GHz Wireless Access Point is an IEEE 802.11a/g access point that provides transparent, wireless high-speed data communications between the wired LAN and fixed or mobile devices equipped with an 802.11a, 802.11b, or 802.11g wireless adapter.

This solution offers fast, reliable wireless connectivity with considerable cost savings over wired LANs (which include long-term maintenance overhead for cabling). Using

802.11a and 802.11g technology, this access point can easily replace a 10 Mbps Ethernet connection or seamlessly integrate into a 10/100 Mbps Ethernet LAN.

The access point supports up to eight Virtual Access Points per physical radio interface, that is eight on the 802.11a radio and eight on the 802.11g radio. This allows traffic to be separated for different user groups using an access point that services one area. For each VAP, different security settings, VLAN assignments, and other parameters can be applied.

Each radio interface on the access point can operate in one of four modes:

• Access Point – Providing conectivity to wireless clients in the service area.

• Repeater – Providing an extended link to a remote access point from the wired LAN. In this mode, the access point does not have a cable connection to the wired Ethernet LAN.

• Bridge – Providing links to access points operating in “Bridge” or “Root Bridge” mode and thereby connecting other wired LAN segments.

• Root Bridge – Providing links to other access points operating in “Bridge” mode and thereby connecting other wired LAN segments. Only one unit in the wireless bridge network can be set to “Root Bridge” mode.

In addition, the access point offers full network management capabilities through an easy to configure web interface, a command line interface for initial configuration and troubleshooting, and support for Simple Network Management Protocol tools.

Radio Characteristics – The IEEE 802.11a/g standard uses a radio modulation technique known as Orthogonal Frequency Division Multiplexing (OFDM), and a shared collision domain (CSMA/CA). It operates at the 5 GHz Unlicensed National Information Infrastructure (UNII) band for connections to 802.11a clients, and at 2.4 GHz for connections to 802.11g clients.

IEEE 802.11g includes backward compatibility with the IEEE 802.11b standard. IEEE 802.11b also operates at 2.4 GHz, but uses Direct Sequence Spread Spectrum (DSSS) and Complementary Code Keying (CCK) modulation technology to achieve a communication rate of up to 11 Mbps.

The access point supports a 54 Mbps half-duplex connection to Ethernet networks for each active channel (or up to 108 Mbps when using turbo mode on the 802.11a interface).

1-1

Introduction

Package Checklist

The 2.4 GHz/5 GHz Wireless Access Point package includes:

• One 2.4 GHz/5 GHz Wireless Access Point

• One Category 5 network cable

• One RS-232 console cable

• One AC power adapter and power cord

• Four rubber feet

• User Guide CD

Inform your dealer if there are any incorrect, missing or damaged parts. If possible, retain the carton, including the original packing materials. Use them again to repack the product in case there is a need to return it.

Hardware Description

Top P a nel

Antennas

PWR Link 11a 11g

LED

Indicators

1-2

Rear Panel

Lock ConsolePOE In ResetDC 5V

Hardware Description

Security Slot

5 VDC

Power Socket

RJ-45 Port,

PoE Connector

Reset

Button

Console

Port

Component Description

Antennas

The access point includes integrated diversity antennas for wireless communications. A diversity antenna system uses two identical antennas to receive and transmit signals, helping to avoid multipath fading effects. When receiving, the access point checks both antennas and selects the one with the strongest signal. When transmitting, it will continue to use the antenna previously selected for receiving. The access point never transmits from both antennas at the same time.

The antennas transmit the outgoing signal as a toroidal sphere (doughnut shaped), with the coverage extending most in a direction perpendicular to the antenna. The antenna should be adjusted to an angle that provides the appropriate coverage for the service area. For further information, see “Positioning the Antennas” on 2-2.

LED Indicators

The access point includes four status LED indicators, as described in the following figure and table.

PWR Link 11a 11g

Power

Ethernet

Link/Activity

802.11a Wireless

Link/Activity

802.11b/g Wireless

Link/Activity

1-3

Introduction

LED Status Description

PWR On Indicates that the system is working normally.

Flashing Indicates running a self-test or loading the software program.

Flashing (Prolonged) Indicates system errors.

Link On Indicates a valid 10/100 Mbps Ethernet cable link.

Flashing Indicates that the access point is transmitting or receiving data

11a On Indicates that the 802.11a radio is enabled.

Flashing Indicates that the access point is transmitting or receiving data

Off Indicates that the 802.11a radio is disabled.

11g On Indicates that the 802.11b/g radio is enabled.

Flashing Indicates that the access point is transmitting or receiving data

Off Indicates that the 802.11b/g radio is disabled.

on a 10/100 Mbps Ethernet LAN. Flashing rate is proportional to network activity.

through wireless links. Flashing rate is proportional to network activity.

Security Slot

The access point includes a Kensington security slot on the rear panel. You can prevent unauthorized removal of the access point by wrapping the Kensington security cable (not provided) around an unmovable object, inserting the lock into the slot, and turning the key.

Console Port

This port is used to connect a console device to the access point through a serial cable. This connection is described under “Console Port Pin Assignments” on page B-3. The console device can be a PC or workstation running a VT-100 terminal emulator, or a VT-100 terminal.

Ethernet Port

The access point has one 10BASE-T/100BASE-TX RJ-45 port that can be attached directly to 10BASE-T/100BASE-TX LAN segments. These segments must conform to the IEEE 802.3 or 802.3u specifications.

This port supports automatic MDI/MDI-X operation, so you can use straight-through cables for all network connections to PCs, switches, or hubs.

The access point appears as an Ethernet node and performs a bridging function by moving packets from the wired LAN to remote workstations on the wireless infrastructure.

1-4

+ 278 hidden pages