TP-LINK EAP115-Wall User guide
REV1.0.0
1910011922
User Guide
EAP115-Wall
CONTENTS
Chapter 1 Introduction ...................................................................................................................... 1
Chapter 2 Network Topology .......................................................................................................... 2
Chapter 3 Management Mode ........................................................................................................ 4
3.1 Standalone Mode ................................................................................................................ 4
3.2 Managed Mode .................................................................................................................... 4
3.3 Switch to Standalone Mode ............................................................................................ 4
Chapter 4 Network .............................................................................................................................. 5
Chapter 5 Wireless .............................................................................................................................. 6
5.1 Wireless Settings ................................................................................................................ 7
5.1.1 Wireless Basic Settings ....................................................................................... 8
5.1.2 SSIDs .......................................................................................................................... 9
5.1.3 Wireless Advanced Settings ............................................................................ 13
5.1.4 Load Balance ......................................................................................................... 14
5.2 Portal ..................................................................................................................................... 15
5.2.1 Portal Configuration ............................................................................................ 16
5.2.2 Free Authentication Policy ................................................................................ 20
5.3 MAC Filtering ...................................................................................................................... 22
5.4 Scheduler ............................................................................................................................. 25
5.5 QoS ........................................................................................................................................ 28
5.5.1 AP EDCA Parameters ......................................................................................... 29
5.5.2 Station EDCA Parameters ................................................................................. 30
5.6 Rogue AP Detection ......................................................................................................... 31
5.6.1 Settings ................................................................................................................... 32
5.6.2 Detected Rogue AP List..................................................................................... 32
5.6.3 Trusted AP List ...................................................................................................... 33
5.6.4 Download/Backup Trusted AP List ................................................................ 34
Chapter 6 Monitoring ....................................................................................................................... 35
6.1 AP ........................................................................................................................................... 35
6.1.1 AP List ...................................................................................................................... 35
6.2 SSID ....................................................................................................................................... 40
6.2.1 SSID List .................................................................................................................. 40
6.3 Client...................................................................................................................................... 41
6.3.1 User List .................................................................................................................. 41
6.3.2 Portal Authenticated Guest .............................................................................. 42
Chapter 7 Management................................................................................................................... 44
7.1 System Log ......................................................................................................................... 44
7.1.1 Log List .................................................................................................................... 44
7.1.2 Log Settings ........................................................................................................... 45
7.2 Web Server .......................................................................................................................... 46
7.3 Management Access ....................................................................................................... 47
7.4 LED ON/OFF ........................................................................................................................ 48
7.5 Wi-Fi Control ....................................................................................................................... 48
7.6 SSH ........................................................................................................................................ 49
7.7 Management VLAN .......................................................................................................... 50
7.8 SNMP ..................................................................................................................................... 50
Chapter 8 System .............................................................................................................................. 53
8.1 User Account ...................................................................................................................... 53
8.2 Time Settings ...................................................................................................................... 53
8.2.1 Time Settings ........................................................................................................ 54
8.2.2 Daylight Saving ..................................................................................................... 55
8.3 Reboot/Reset ..................................................................................................................... 57
8.4 Backup & Restore .............................................................................................................. 57
8.5 Firmware Upgrade ............................................................................................................ 58
Chapter 1 Introduction
Auranet series products provide wireless coverage solutions for small-medium
business. They can either work independently as standalone APs or be centrally
managed by the EAP Controller software, providing a flexible, richly-functional but
easily-configured enterprise-grade wireless network for small and medium business.
“Celling lamp” appearance and easily mounting design with chassis make the EAP easy
to be installed on a wall or ceiling and blend in with most interior decorations.
With two built-in omnidirectional antennas, EAP115-Wall operates at 2.4GHz, and apply
802.11 standards and 2*2MIMO technology, allowing packet transmission at up to
300Mbps.
EAP115-Wall can only be powered via a PSE* device.
*PSE: Power Sourcing Equipment, a device (switch or hub for instance) that will provide
power in a PoE setup
1
Chapter 2 Network Topology
A typical network topology for EAP115-Wall is shown below.
Figure 2-1 Typical Topology
2
To deploy the EAP in your local network, a DHCP server is required to assign IP
addresses to the EAP and clients. Typically, a router acts as the DHCP server. A
computer running the EAP Controller software can locate in the same or different subnet
with the EAPs.
The EAP can be managed by the EAP Controller software, which is a management
software specially designed for the TP-Link EAP devices on a local wireless network,
allowing you to centrally configure and monitor mass EAP devices using a web browser
on your PC. For more information about the EAP Controller, please find the EAP
Controller User Guide from our official website:
http://www.tp-link.com/en/support/download/
3
TIPS:
Proceed to the following chapters for information on using the EAP in standalone mode.
Chapter 3 Management Mode
300Mbps Wireless N Wall-Plate Access Point EAP115-Wall can either work under the
control of the EAP Controller software or work independently as a standalone access
point.
When user establishes a large-scale wireless network, the management of every single
EAP in the network is complex and complicated. With the EAP Controller software, you
can centrally manage the mass EAPs simply in a web browser.
The Standalone mode applies to a relatively small-sized wireless network. EAPs in the
Standalone mode cannot be managed centrally by the EAP Controller software.
3.1 Standalone Mode
By default, the EAP works independently as a standalone access point. By entering the
IP address of the standalone EAP, you can log in to its web interface and perform
configurations.
The factory default IP address configuration of the EAP is DHCP (Dynamic Host
Configuration Protocol). Before you access the web interface of the EAP, please make
sure the DHCP server works properly. Typically, a router acts as the DHCP server.
Follow the steps below to log in to the web interface of a standalone EAP.
1. Launch a web browser, enter the DHCP address in the address field and press the
Enter key.
2. Enter admin (all lowercase) for both username and password.
3.2 Managed Mode
The EAP will become a managed EAP once it is adopted via the EAP Controller software.
Users can manage the EAP via a web browser. Refer to the EAP Controller User Guide
from our website at www.tp-link.com to know more about EAP Controller software.
3.3 Switch to Standalone Mode
The web interface of a specific EAP is not available once this EAP is adopted by the EAP
Controller. You can
AP. Refer to the EAP Controller User Guide from our website at www.tp-link.com to learn
more.
Forget
the EAP via the EAP Controller to turn it back as a standalone
4
On
Network
DHCP Fallback
DHCP Fallback
Chapter 4 Network
page you can configure the IP address of the standalone EAP.
Figure 4-1 Network Page
Dynamic/Static: By default, the EAP obtains an IP address from a DHCP server (typically
a router). Select Static to configure IP address manually.
Fallback IP: If the EAP fails to get a dynamic IP address from a DHCP server within
ten seconds, the fallback IP will work as the IP address of the device.
After that, however, the device will keep trying to obtain an IP address
from the DHCP server until it succeeds.
Enter the fallback IP/IP mask.
IP/IP MASK:
Enter the fallback gateway.
Gateway:
5
Wireless
Chapter 5 Wireless
and Rogue AP Detection, is shown below.
page, consisting of Wireless Settings, Portal, MAC Filtering, Scheduler, QoS
Figure 5-1 Wireless Page
6
5.1 Wireless Settings
Wireless Settings
Following is the page of
.
Figure 5-2 Wireless Settings Page
7
supports 802.11b/g/n, 802.11b/g, and 802.11n standards. It is
include 20MHz, 40MHz and 20/40MHz (this device
ate higher transmit power,
TIPS:
the EAP.
Proceed to the following chapter for information on configuring the wireless network of
5.1.1 Wireless Basic Settings
Figure 5-3 Wireless Basic Settings
2.4GHz
Wireless Radio:
Wireless Mode: Select the protocol standard for the wireless network.
Channel Width: Select the channel width of this device.
Check the box to enable 2.4GHz Wireless Radio.
Wireless network created by the EAP work within 2.4GHz. The EAP
recommended to select 802.11b/g/n, in which way clients supporting
11b, 11g or 11n mode can access your wireless network.
Options
automatically selects 20MHz or 40MHz, and 20MHz will be used if
40MHz is not available).
According to IEEE 802.11n standard, using a channel width of 40MHz
can increase wireless throughput. However, users may choose lower
bandwidth due to the following reasons:
1. To increase the available number of channels within the limited total
bandwidth.
2. To avoid interference from overlapping channels occupied by other
devices in the environment.
3. Lower bandwidth can concentr
increasing stability of wireless links over long distances.
8
Select the channel used by this device to improve wireless
allows, the maximum Tx power regulated will be applied in actual
NOTE
reduce longevity of the device. Select a certain transmit power is
Channel:
performance. 1/2412MHz means the Channel is 1 and the frequency is
2412MHz. By default, channel is automatically selected.
Tx Power(EIRP): Enter the transmit power value. By default, the value is 20.
If the maximum transmit power is set to be larger than local regulation
situation.
: In most cases, it is unnecessary to select maximum transmit
power. Selecting larger transmit power than needed may cause
interference to neighborhood. Also it consumes more power and will
enough to achieve the best performance.
5.1.2 SSIDs
SSIDs can work together with switches supporting 802.1Q VLAN. The EAP can build up
to eight virtual wireless networks per radio for users to access. At the same time, it adds
different VLAN tags to the clients which connect to the corresponding wireless network.
It supports maximum 8 VLANs per radio. The clients in different VLAN cannot directly
communicate with each other.
Clients connected to the device via cable do not belong to any VLAN. Thus wired client
can communicate with all the wireless clients despite the VLAN settings.
Click in the Modify column, the following content will be shown.
Figure 5-4 SSIDs
Click to add up to 8 wireless networks per radio.
9
PSK is
NOTE:
may work at a low transmission rate.
SSID Name: Enter up to 32 characters as the SSID name.
Wireless
VLAN ID:
SSID
Broadcast:
Set a VLAN ID (ranges from 0 to 4094) for the wireless network. Wireless
networks with the same VLAN ID are grouped to a VLAN.
Enable this function, AP will broadcast its SSID to hosts in the surrounding
environment, as thus hosts can find the wireless network identified by this
SSID. If SSID Broadcast is not enabled, hosts must enter the AP’s SSID
manually to connect to this AP.
Security
Mode:
Select the security mode of the wireless network. For the security of
wireless network, you are suggested to encrypt your wireless network. This
device provides three security modes: WPA-Enterprise, WPA-PSK (WPA
Pre-Shared Key) and WEP (Wired Equivalent Privacy). WPArecommended. Settings vary in different security modes as the details are
in the following introduction. Select None and the hosts can access the
wireless network without password.
Portal: Portal provides authentication service for the clients who want to access
the wireless local area network. For more information, refer to 5.2 Portal
After Portal is enabled, the configurations in 5.2 Portal will be applied.
SSID
Isolation:
After enabling SSID Isolation, the devices connected in the same SSID
cannot communicate with each other.
.
Modify:
Click to open the page to edit the parameters of SSID.
Click to delete the SSID.
Following is the detailed introduction of security mode: WEP, WPA-Enterprise and
WPA-PSK.
WEP
WEP (Wired Equivalent Privacy), based on the IEEE 802.11 standard, is less safe than
WPA-Enterprise or WPA-PSK.
WEP is not supported in 802.11n mode. If WEP is applied in 802.11n mode, the clients may
not be able to access the wireless network. If WEP is applied in 11b/g/n mode, the device
10
password. However, correct password is necessary for data
Hexadecimal format stands for any combination of
Figure 5-5 Security Mode-WEP
Type: Select the authentication type for WEP.
Auto: The default setting is Auto, which can select Open System or
Shared Key automatically based on the wireless station's capability and
request.
Open System: After you select Open System, clients can pass the
authentication and associate with the wireless network without
transmission.
Shared Key: After you select Shared Key, clients has to input password
to pass the authentication, or it cannot associate with the wireless
network or transmit data.
Key Selected: You can configure four keys in advance and select one as the present
valid key.
Wep Key
Format:
Select the wep key format as ASCII or Hexadecimal.
ASCII: ASCII format stands for any combination of keyboard characters
in the specified length.
Hexadecimal:
hexadecimal digits (0-9, a-f, A-F) in the specified length.
Key Type: Select the WEP key length for encryption.
64 Bit: You can enter 10 hexadecimal digits (any combination of 0-9, a-
f, A-F without null key) or 5 ASCII characters.
128 Bit: You can enter 26 hexadecimal digits (any combination of 0-9,
a-f, A-F without null key) or 13 ASCII characters.
152 Bit: You can enter 32 hexadecimal digits (any combination of 0-9,
a-f, A-F without null key) or 16 ASCII characters.
Key Value: Enter the key value.
11
Group Key
NOTE:
11b/g/n mode, the device may work at a low transmission rate.
WPA-Enterprise
Based on RADIUS server, WPA-Enterprise can generate different passwords for
different users and it is much safer than WPA-PSK. However, it costs much to maintain
and is more suitable for enterprise users. At present, WPA-Enterprise has two versions:
WPA-PSK and WPA2-PSK.
Figure 5-6 Security Mode_WPA-Enterprise
Version: Select one of the following versions:
Auto: Select WPA-PSK or WPA2-PSK automatically based on the
wireless station's capability and request.
WPA-PSK: Pre-shared key of WPA.
WPA2-PSK: Pre-shared key of WPA2.
Encryption: Select the encryption type, including Auto, TKIP, and AES. The default
setting is Auto, which can select TKIP (Temporal Key Integrity Protocol)
or AES (Advanced Encryption Standard) automatically based on the
wireless station's capability and request. AES is more secure than TKIP
and TKIP is not supported in 802.11n mode. It is recommended to select
AES as the encryption type.
RADIUS Server
Enter the IP address/port of the RADIUS server.
IP/Port:
RADIUS
Enter the shared secret of RADIUS server to access the RADIUS server.
Password:
Specify the group key update period in seconds. The value can be either
Update period:
0 or 30-8640000 seconds.
Encryption type TKIP is not supported in 802.11n mode. If TKIP is applied in 802.11n mode,
the clients may not be able to access the wireless network of the EAP. If TKIP is applied in
12
automatically based on the
Group Key
WPA-PSK
Based on pre-shared key, security mode WPA-PSK is characterized by high security and
simple configuration, which suits for common households and small business. WPA-PSK
has two versions: WPA-PSK and WPA2-PSK.
Figure 5-7 Security Mode_WPA-PSK
Version:
Auto: Select WPA-PSK or WPA2-PSK
wireless station's capability and request.
WPA-PSK: Pre-shared key of WPA-PSK.
WPA2-PSK: Pre-shared key of WPA2-PSK.
Encryption: Select the encryption type, including Auto, TKIP, and AES. The default
setting is Auto, which can select TKIP (Temporal Key Integrity Protocol) or
AES (Advanced Encryption Standard) automatically based on the wireless
station's capability and request. AES is more secure than TKIP and TKIP
is not supported in 802.11n mode. It is recommended to select AES as
the encryption type.
Wireless
Password:
Configure the WPA-PSK/WPA2-PSK password with ASCII or Hexadecimal
characters. For ASCII, the length should be between 8 and 63 characters
with combination of numbers, letters (case-sensitive) and common
punctuations. For Hexadecimal, the length should be 64 characters (caseinsensitive, 0-9, a-f, A-F).
Specify the group key update period in seconds. The value can be either
Update Period:
0 or 30-8640000 seconds.
5.1.3 Wireless Advanced Settings
Figure 5-8 Wireless Advanced Settings
13
wireless performance caused by the excessive packets. The
Beacon
Interval:
DTIM Period: This value indicates the number of beacon intervals between successive
RTS
Threshold:
Beacons are transmitted periodically by the device to announce the
presence of a wireless network for the clients. Beacon Interval value
determines the time interval of the beacons sent by the device. You can
specify a value from 40 to 100. The default value is 100 milliseconds.
Delivery Traffic Indication Messages (DTIMs) and this number is included
in each Beacon frame. A DTIM is contained in Beacon frames to indicate
whether the access point has buffered broadcast and/or multicast data for
the client devices. Following a Beacon frame containing a DTIM, the
access point will release the buffered broadcast and/or multicast data, if
any exists. You can specify the value between 1-255 Beacon Intervals. The
default value is 1, indicating the DTIM Period is the same as Beacon
Interval. An excessive DTIM period may reduce the performance of
multicast applications. It is recommended to keep it by default.
When the RTS threshold is activated, all the stations and APs follow the
Request to Send (RTS) protocol. When the station is to send packets, it will
send a RTS to AP to inform the AP that it will send data. After receiving the
RTS, the AP notices other stations in the same wireless network to delay
their transmitting of data. At the same time, the AP inform the requesting
station to send data. The value range is from 1 to 2347 bytes. The default
value is 2347, which means that RTS is disabled.
Fragmentation
Threshold:
Specify the fragmentation threshold for packets. If the size of the packet
is larger than the fragmentation threshold, the packet will be fragmented
into several packets. Too low fragmentation threshold may result in poor
recommended and default value is 2346 bytes.
5.1.4 Load Balance
By restricting the maximum number of clients accessing the EAPs, Load Balance helps
to achieve rational use of network resources.
Figure 5-9 Load Balance
Load Balance: Disable by default. Click ON to enable the function. After enabling it,
you can set a number for maximum associated clients to control the
wireless access.
14
Portal
Maximum
Associated
Clients:
Enter the number of clients to be allowed for connection to the EAP.
The number ranges from 1 to 99.
5.2 Portal
Portal authentication enhances the network security by providing authentication service
to the clients that just need temporary access to the wireless network. Such clients have
to log into a web page to establish verification, after which they will access the network
as guests. What's more, you can customize the authentication login page and specify a
URL which the newly authenticated clients will be redirected to. Please refer to
Configuration or Free Authentication Policy according to your need.
Following is the page of
.
Portal
Figure 5-10 Portal Page
15
NOTE:
to enable Portal of a selected SSID.
No Authentication
Local Password
External RADIUS Server
To apply Portal in a wireless network, please go to Wireless→Wireless Settings→SSIDs
5.2.1 Portal Configuration
Three authentication types are available: No Authentication, Local Password and
External RADIUS Server.
1.
protocol and click the Login button.
2.
in the EAP.
3.
password, which are saved in the database of the RADIUS server. The RADIUS
server acts as the authentication server, which allows you to set different
usernames and passwords for different users.
:Users are required to finish only two steps: agree with the user
:Users are required to enter the preset password, which are saved
:Users are required to enter the preset user name and
Refer to the following content to configure Portal based on actual network situations.
No Authentication
Figure 5-11 Portal Configuration_No Authentication
16
Authentication
Select No Authentication.
Type:
Authentication
Timeout:
After successful verification, an authentication session is established.
Authentication Timeout decides the active time of the session. Within
the active time, the device keeps the authentication session open with
the associated client. To reopen the session, the client needs to log in
the web authentication page and enter the user name and password
again once authentication timeout is reached.
By default, authentication timeout is one hour. Select Custom from the
drop-down list to customize the parameter.
Redirect: Disable by default. Redirect specifies that the portal should redirect the
newly authenticated clients to the configured URL.
Redirect URL: If you enable the Redirect function, please enter the URL that a newly
authenticated client will be directed to.
Portal
Customization:
Select Local Web Portal, the authentication login page will be provided
by the built-in web server.
The page configured below will be presented to users as the login page.
Words can be filled in Input Box 1 and Input Box 2.
Enter up to 31 characters as the title of the authentication login page in
Input Box 1, like “Guest Portal of TP-Link”.
Enter the terms presented to users in Input Box 2. The terms can be 1 to
1023 characters long.
17
Local Password
External RADIUS Server
Figure 5-12 Portal Configuration_Local Password
Authentication Type: Select Local Password.
Password: Enter the password for local authentication.
Please refer to No Authentication to configure Authentication Timeout, Redirect,
Redirect URL, and Portal Customization.
External RADIUS Server
provides two types of portal customization: Local Web Portal
and External Web Portal. The authentication login page of Local Web Portal is provided
by the built-in portal server of the EAP, as
Figure 5-13 shown. The authentication login
page of External Web Portal is provided by external portal server, as Figure 5-14 shown.
18
1. Local Web Portal
Figure 5-13 Portal Configuration_External RADIUS Server_Local Web Portal
Authentication
Type:
RADIUS Server IP: Enter the IP address of the RADIUS server.
Port: Enter the port for authentication service.
RADIUS Password: Enter the shared secret of RADIUS server to log in to the RADIUS
Select External RADIUS Server.
server.
Please refer to No Authentication to configure Authentication Timeout, Redirect,
Redirect URL, and Portal Customization.
19
Loading...