Zebra WiNG 5.8.4 System Reference Manual

WiNG 5.8.4

MN-002844-01

Access Point

System Reference Guide

WING 5.8.4

ACCESS POINT

SYSTEM REFERENCE GUIDE

MN-002844-01

Revision A

July 2016

ii WiNG 5.8.4 Access Point System Reference Guide

TABLE OF CONTENTS

About this guide

Chapter 1, Overview

1.1 About the WiNG Software .....................................................................................................................................1-3

1.1.1 Distributed Intelligence ................................................................................................................................1-3

1.1.2 High Availability Networks ...........................................................................................................................1-4

1.1.3 Gap Free Security .......................................................................................................................................1-4

1.1.4 Outdoor Wireless and Mesh Networking .....................................................................................................1-4

1.1.5 Network Services, Routing and Switching ...................................................................................................1-4

1.1.6 Management, Deployment and Troubleshooting .........................................................................................1-4

Chapter 2, Web User Interface Features

2.1 Accessing the Web UI ...........................................................................................................................................2-2

2.1.1 Browser and System Requirements ............................................................................................................2-2

2.1.2 Connecting to the Web UI ...........................................................................................................................2-2

2.2 Glossary of Icons Used .........................................................................................................................................2-4

2.2.1 Global Icons .................................................................................................................................................2-4

2.2.2 Dialog Box Icons ..........................................................................................................................................2-5

2.2.3 Table Icons ..................................................................................................................................................2-5

2.2.4 Status Icons .................................................................................................................................................2-5

2.2.5 Configurable Objects ...................................................................................................................................2-6

2.2.6 Configuration Objects ..................................................................................................................................2-9

2.2.7 Configuration Operation Icons .....................................................................................................................2-9

2.2.8 Access Type Icons ....................................................................................................................................2-10

2.2.9 Administrative Role Icons ..........................................................................................................................2-10

2.2.10 Device Icons ............................................................................................................................................2-11

Chapter 3, Quick Start

3.1 Using the Initial Setup Wizard ...............................................................................................................................3-2

3.1.1 Typical Setup Wizard ...................................................................................................................................3-5

3.1.1.1 Virtual Controller AP Mode .................................................................................................................3-8

3.1.1.2 Standalone Mode ...............................................................................................................................3-9

3.1.1.3 Network Topology Selection ............................................................................................................3-10

iv WiNG 5.8.4 Access Point System Reference Guide

3.1.1.4 LAN Configuration ............................................................................................................................3-11

3.1.1.5 WAN Configuration ..........................................................................................................................3-13

3.1.1.6 Wireless LAN Setup .........................................................................................................................3-15

3.1.1.7 Summary And Commit Screen .........................................................................................................3-19

3.1.1.8 Adopt to a controller .........................................................................................................................3-20

3.1.2 Advanced Setup Wizard ............................................................................................................................3-21

3.1.2.1 Network Topology Selection ............................................................................................................3-24

3.1.2.2 LAN Configuration ............................................................................................................................3-25

3.1.2.3 WAN Configuration ..........................................................................................................................3-27

3.1.2.4 Radio Configuration .........................................................................................................................3-29

3.1.2.5 Wireless LAN Setup .........................................................................................................................3-31

3.1.2.6 System Information ..........................................................................................................................3-33

3.1.2.7 Summary And Commit Screen .........................................................................................................3-34

3.1.2.8 Adopt to a controller .........................................................................................................................3-35

Chapter 4, Dashboard

4.1 Dashboard ............................................................................................................................................................4-2

4.1.1 Dashboard Conventions ..............................................................................................................................4-2

4.1.1.1 Health .................................................................................................................................................4-3

4.1.1.2 Inventory ............................................................................................................................................4-6

4.2 Network View ........................................................................................................................................................4-9

4.2.1 Network View Display Options .................................................................................................................4-10

4.2.2 Device Specific Information .......................................................................................................................4-11

Chapter 5, Device Configuration

5.1 RF Domain Configuration .....................................................................................................................................5-2

5.1.1 RF Domain Sensor Configuration ................................................................................................................5-3

5.1.2 RF Client Name Configuration .....................................................................................................................5-5

5.1.3 RF Domain Alias Configuration ...................................................................................................................5-7

5.1.3.1 Basic Alias ..........................................................................................................................................5-8

5.1.3.2 Network Group Alias ........................................................................................................................5-11

5.1.3.3 Network Service Alias ......................................................................................................................5-13

5.2 System Profile Configuration ..............................................................................................................................5-15

5.2.1 General Profile Configuration ....................................................................................................................5-16

5.2.2 Profile Radio Power ...................................................................................................................................5-17

5.2.3 Profile Adoption (Auto Provisioning) Configuration ...................................................................................5-19

5.2.4 Profile Wired 802.1X Configuration ...........................................................................................................5-21

5.2.5 Profile Interface Configuration ...................................................................................................................5-22

5.2.5.1 Ethernet Port Configuration ..............................................................................................................5-22

5.2.5.2 Virtual Interface Configuration ..........................................................................................................5-32

5.2.5.3 Port Channel Configuration ..............................................................................................................5-42

5.2.5.4 Access Point Radio Configuration ....................................................................................................5-49

5.2.5.5 WAN Backhaul Configuration ...........................................................................................................5-61

5.2.5.6 PPPoE Configuration .......................................................................................................................5-64

5.2.5.7 Bluetooth Configuration ....................................................................................................................5-67

5.2.6 Profile Network Configuration ....................................................................................................................5-70

5.2.6.1 DNS Configuration ...........................................................................................................................5-71

5.2.6.2 ARP ..................................................................................................................................................5-72

5.2.6.3 L2TPv3 Profile Configuration ...........................................................................................................5-73

5.2.6.4 IGMP Snooping ................................................................................................................................5-83

5.2.6.5 MLD Snooping .................................................................................................................................5-85

5.2.6.6 Quality of Service (QoS) ..................................................................................................................5-87

5.2.6.7 Spanning Tree Configuration ...........................................................................................................5-92

5.2.6.8 Routing .............................................................................................................................................5-95

5.2.6.9 Dynamic Routing (OSPF) .................................................................................................................5-98

5.2.6.10 Forwarding Database ...................................................................................................................5-112

5.2.6.11 Bridge VLAN ................................................................................................................................5-114

5.2.6.12 Cisco Discovery Protocol Configuration .......................................................................................5-122

5.2.6.13 Link Layer Discovery Protocol Configuration ...............................................................................5-123

5.2.6.14 Miscellaneous Network Configuration ..........................................................................................5-124

5.2.6.15 Alias .............................................................................................................................................5-125

5.2.6.16 IPv6 Neighbor Configuration ........................................................................................................5-133

5.2.6.17 Profile Network Configuration and Deployment Considerations ..................................................5-134

5.2.7 Profile Security Configuration ..................................................................................................................5-135

5.2.7.1 Defining Profile VPN Settings ........................................................................................................5-136

5.2.7.2 Defining Profile Auto IPSec Tunnel ................................................................................................5-151

5.2.7.3 Defining Profile Security Settings ...................................................................................................5-152

5.2.7.4 Setting the Certificate Revocation List (CRL) Configuration ..........................................................5-154

5.2.7.5 Setting the Profile’s RADIUS Trustpoint Configuration ..................................................................5-155

5.2.7.6 Setting the Profile’s NAT Configuration ..........................................................................................5-156

5.2.7.7 Setting the Profile’s Bridge NAT Configuration ..............................................................................5-163

5.2.7.8 Setting a Profile’s Application Visibility Settings .............................................................................5-166

5.2.7.9 Profile Security Configuration and Deployment Considerations ....................................................5-167

5.2.8 Virtual Router Redundancy Protocol (VRRP) Configuration ...................................................................5-168

5.2.9 Profile Critical Resources ........................................................................................................................5-172

5.2.10 Profile Services Configuration ...............................................................................................................5-174

5.2.10.1 Profile Services Configuration and Deployment Considerations ..................................................5-176

5.2.11 Profile Management Configuration ........................................................................................................5-177

5.2.11.1 Upgrading AP6532 Firmware from 5.1 .........................................................................................5-180

5.2.11.2 Profile Management Configuration and Deployment Considerations ..........................................5-181

5.2.12 Mesh Point Configuration ......................................................................................................................5-181

5.2.12.1 Vehicle Mounted Modem (VMM) Deployment Consideration ......................................................5-189

5.2.13 Advanced Profile Configuration .............................................................................................................5-190

5.2.13.1 Advanced Profile Client Load Balancing ......................................................................................5-190

5.2.13.2 Configuring MINT Protocol ...........................................................................................................5-195

5.2.13.3 Advanced Profile Miscellaneous Configuration ............................................................................5-202

5.2.14 Environmental Sensor Configuration .....................................................................................................5-203

5.3 Managing Virtual Controllers .............................................................................................................................5-206

5.4 Overriding a Device Configuration ....................................................................................................................5-208

5.4.1 Basic Configuration .................................................................................................................................5-208

5.4.2 Certificate Management ..........................................................................................................................5-210

5.4.2.1 Manage Certificates .......................................................................................................................5-212

5.4.3 Wired 802.1X Overrides ..........................................................................................................................5-225

5.4.4 RF Domain Overrides ..............................................................................................................................5-226

5.4.5 Device Overrides .....................................................................................................................................5-229

5.4.5.1 Radio Power Overrides ..................................................................................................................5-232

5.4.5.2 Adoption Overrides ........................................................................................................................5-234

5.4.5.3 Profile Interface Override Configuration .........................................................................................5-237

5.4.5.4 Overriding the Network Configuration ............................................................................................5-282

5.4.5.5 Overriding Security Configuration ..................................................................................................5-346

5.4.5.6 Overriding the Virtual Router Redundancy Protocol (VRRP) Configuration ..................................5-370

5.4.5.7 Profile Critical Resources ...............................................................................................................5-374

5.4.5.8 Overriding a Services Configuration ..............................................................................................5-377

5.4.5.9 Overriding Management Configuration ..........................................................................................5-378

5.4.5.10 Overriding Mesh Point Configuration ...........................................................................................5-382

5.4.5.11 Overriding Environmental Sensor Configuration ..........................................................................5-391

5.4.5.12 Overriding an Advanced Configuration ........................................................................................5-393

vi WiNG 5.8.4 Access Point System Reference Guide

5.5 Managing an Event Policy ................................................................................................................................5-405

Chapter 6, Wireless Configuration

6.1 Wireless LANs ......................................................................................................................................................6-2

6.1.1 Configuring WLAN Basic Configuration....................................................................................................... 6-4

6.1.1.1 WLAN Basic Configuration Deployment Considerations ...................................................................6-6

6.1.2 Configuring WLAN Security Settings ...........................................................................................................6-7

6.1.2.1 802.1x EAP, EAP-PSK and EAP MAC ..............................................................................................6-9

6.1.2.2 MAC Authentication .........................................................................................................................6-11

6.1.2.3 PSK / None ......................................................................................................................................6-12

6.1.2.4 Captive Portal ...................................................................................................................................6-13

6.1.2.5 Passpoint Policy ...............................................................................................................................6-14

6.1.2.6 MAC Registration .............................................................................................................................6-15

6.1.2.7 External Controller ...........................................................................................................................6-16

6.1.2.8 TKIP-CCMP .....................................................................................................................................6-17

6.1.2.9 WPA2-CCMP ...................................................................................................................................6-20

6.1.2.10 WEP 64 ..........................................................................................................................................6-24

6.1.2.11 WEP 128 ........................................................................................................................................ 6-26

6.1.2.12 Keyguard........................................................................................................................................ 6-29

6.1.3 Configuring WLAN Firewall Settings .........................................................................................................6-31

6.1.4 Configuring WLAN Client Settings .............................................................................................................6-41

6.1.5 Configuring WLAN Accounting Settings ....................................................................................................6-44

6.1.6 Configuring WLAN Service Monitoring Settings ........................................................................................6-46

6.1.7 Configuring WLAN Client Load Balancing Settings ...................................................................................6-48

6.1.8 Configuring WLAN Advanced Settings ......................................................................................................6-51

6.1.9 Configuring Auto Shutdown Settings .........................................................................................................6-56

6.2 WLAN QoS Policy ...............................................................................................................................................6-58

6.2.1 Configuring QoS WMM Settings ................................................................................................................6-60

6.2.2 Configuring a WLAN’s QoS Rate Limit Settings ........................................................................................6-64

6.2.3 Configuring Multimedia Optimizations .......................................................................................................6-69

6.2.3.1 WLAN QoS Deployment Considerations .........................................................................................6-71

6.3 Radio QoS Policy ................................................................................................................................................6-72

6.3.1 Configuring a Radio’s QoS Policy .............................................................................................................6-73

6.4 Association ACL ..................................................................................................................................................6-82

6.4.1 Association ACL Deployment Considerations ...........................................................................................6-84

6.5 SMART RF ..........................................................................................................................................................6-85

6.5.1 Smart RF Configuration and Deployment Considerations .........................................................................6-94

6.6 MeshConnex Policy ............................................................................................................................................6-95

6.7 Mesh QoS Policy ..............................................................................................................................................6-101

6.8 Passpoint Policy ................................................................................................................................................6-108

6.9 Sensor Policy ....................................................................................................................................................6-116

Chapter 7, Network Configuration

7.1 Policy Based Routing (PBR) .................................................................................................................................7-2

7.2 L2TP V3 Configuration ..........................................................................................................................................7-7

7.3 Crypto CMP Policy ..............................................................................................................................................7-11

7.4 AAA Policy ..........................................................................................................................................................7-14

7.5 AAA TACACS Policy ...........................................................................................................................................7-25

7.6 Alias ....................................................................................................................................................................7-31

7.6.1 Network Basic Alias ...................................................................................................................................7-31

7.6.2 Network Group Alias ..................................................................................................................................7-34

7.6.3 Network Service Alias ................................................................................................................................7-36

7.7 URL Filtering .......................................................................................................................................................7-38

7.8 Web Filtering .......................................................................................................................................................7-42

7.9 IPv6 Router Advertisement Policy ......................................................................................................................7-44

7.10 Application Policy ..............................................................................................................................................7-48

7.11 Application ........................................................................................................................................................7-51

7.12 Schedule Policy ................................................................................................................................................7-53

7.13 Network Deployment Considerations ................................................................................................................7-54

Chapter 8, Security Configuration

8.1 Wireless Firewall ...................................................................................................................................................8-2

8.1.1 Defining a Firewall Configuration .................................................................................................................8-2

8.2 Configuring IP Firewall Rules ..............................................................................................................................8-16

8.2.1 Setting an IPv4 or IPv6 Firewall Policy ......................................................................................................8-16

8.2.2 Setting an IP SNMP ACL Policy ................................................................................................................8-20

8.2.3 Setting a Network Group Alias ..................................................................................................................8-22

8.2.4 Setting a Network Service Alias ................................................................................................................8-23

8.3 Device Fingerprinting ..........................................................................................................................................8-26

8.4 Configuring MAC Firewall Rules ......................................................................................................................... 8-32

8.5 Wireless IPS (WIPS) ...........................................................................................................................................8-35

8.6 Device Categorization .........................................................................................................................................8-45

8.7 Security Deployment Considerations ..................................................................................................................8-47

vii

Chapter 9, Services Configuration

9.1 Configuring Captive Portal Policies .......................................................................................................................9-2

9.1.1 Configuring a Captive Portal Policy .............................................................................................................9-2

9.2 Setting the DNS Whitelist Configuration .............................................................................................................9-14

9.3 Setting the DHCP Server Configuration ..............................................................................................................9-15

9.3.1 Defining DHCP Pools ................................................................................................................................9-16

9.3.2 Defining DHCP Server Global Settings .....................................................................................................9-24

9.3.3 DHCP Class Policy Configuration .............................................................................................................9-26

9.3.4 DHCP Deployment Considerations ...........................................................................................................9-27

9.4 Setting the Bonjour Gateway Configuration ........................................................................................................9-28

9.4.1 Configuring the Bonjour Discovery Policy .................................................................................................9-28

9.4.2 Configuring the Bonjour Forwarding Policy ...............................................................................................9-30

9.5 Setting the DHCPv6 Server Policy ......................................................................................................................9-32

9.5.1 Defining DHCPv6 Options .........................................................................................................................9-33

9.5.2 DHCPv6 Pool Configuration ......................................................................................................................9-35

9.6 Setting the RADIUS Configuration ......................................................................................................................9-38

9.6.1 Creating RADIUS Groups ..........................................................................................................................9-38

9.6.1.1 Creating RADIUS Groups ................................................................................................................9-40

9.6.2 Defining User Pools ...................................................................................................................................9-42

9.6.3 Configuring the RADIUS Server ................................................................................................................9-47

9.7 Setting the URL List ............................................................................................................................................9-57

9.8 Services Deployment Considerations .................................................................................................................9-58

Chapter 10, Management Access

10.1 Creating Administrators and Roles ..................................................................................................................10-2

10.2 Setting the Access Control Configuration .........................................................................................................10-5

10.3 Setting the Authentication Configuration ...........................................................................................................10-9

10.4 Setting the SNMP Configuration .....................................................................................................................10-11

10.5 SNMP Trap Configuration ...............................................................................................................................10-13

viii WiNG 5.8.4 Access Point System Reference Guide

10.6 Management Access Deployment Considerations .........................................................................................10-14

Chapter 11, Diagnostics

11.1 Fault Management ............................................................................................................................................11-2

11.2 Crash Files ........................................................................................................................................................11-7

11.3 Advanced ..........................................................................................................................................................11-8

11.3.1 UI Debugging ...........................................................................................................................................11-8

11.3.2 View UI Logs ...........................................................................................................................................11-9

11.3.3 View Sessions .......................................................................................................................................11-10

Chapter 12, Operations

12.1 Devices .............................................................................................................................................................12-2

12.1.1 Managing Firmware and Configuration Files ...........................................................................................12-3

12.1.1.1 Managing Running Configuration ...................................................................................................12-4

12.1.1.2 Managing Startup Configuration ....................................................................................................12-6

12.1.2 Rebooting the Device ..............................................................................................................................12-8

12.1.3 Managing Crypto CMP Certificates .......................................................................................................12-10

12.1.4 Upgrading Device Firmware ..................................................................................................................12-11

12.1.5 Troubleshooting the Device ...................................................................................................................12-13

12.1.5.1 Managing Crash Dump Files ........................................................................................................12-14

12.1.5.2 Copy Crash Info ...........................................................................................................................12-16

12.1.5.3 Copy Tech Support Dump ............................................................................................................12-18

12.1.5.4 Locating a Device .........................................................................................................................12-20

12.1.5.5 Debugging Wireless Clients .........................................................................................................12-22

12.1.5.6 Debug Captive Portal Clients .......................................................................................................12-25

12.1.5.7 Packet Capture ............................................................................................................................12-28

12.1.6 Viewing Device Summary Information ...................................................................................................12-31

12.1.7 Adopted Device Upgrades .....................................................................................................................12-33

12.1.8 File Management ...................................................................................................................................12-41

12.1.9 Adopted Device Restart .........................................................................................................................12-46

12.1.10 Captive Portal Pages ...........................................................................................................................12-48

12.1.11 Managing Crypto CMP Certificates .....................................................................................................12-52

12.1.12 Re-elect Controller ...............................................................................................................................12-53

12.2 Certificates ......................................................................................................................................................12-55

12.2.1 Certificate Management ........................................................................................................................12-56

12.2.2 RSA Key Management ..........................................................................................................................12-61

12.2.3 Certificate Creation ................................................................................................................................12-66

12.2.4 Generating a Certificate Signing Request (CSR) ..................................................................................12-68

12.3 Smart RF .........................................................................................................................................................12-71

12.3.1 Managing Smart RF for a RF Domain ...................................................................................................12-71

12.4 Operations Deployment Considerations .........................................................................................................12-74

Chapter 13, Statistics

13.1 System Statistics ..............................................................................................................................................13-2

13.1.1 Health ......................................................................................................................................................13-3

13.1.2 Inventory ..................................................................................................................................................13-5

13.1.3 Adopted Devices .....................................................................................................................................13-7

13.1.4 Pending Adoptions ..................................................................................................................................13-9

13.1.5 Offline Devices ......................................................................................................................................13-10

13.1.6 Device Upgrade .....................................................................................................................................13-12

13.1.7 WIPS Summary .....................................................................................................................................13-14

13.2 RF Domain Statistics ......................................................................................................................................13-16

13.2.1 Health ....................................................................................................................................................13-17

13.2.2 Inventory ................................................................................................................................................13-20

13.2.3 Devices ..................................................................................................................................................13-22

13.2.4 AP Detection ..........................................................................................................................................13-23

13.2.5 Wireless Clients .....................................................................................................................................13-25

13.2.6 Device Upgrade .....................................................................................................................................13-27

13.2.7 Wireless LANs .......................................................................................................................................13-29

13.2.8 Radios ...................................................................................................................................................13-31

13.2.8.1 Status ...........................................................................................................................................13-31

13.2.8.2 RF Statistics .................................................................................................................................13-32

13.2.8.3 Traffic Statistics ............................................................................................................................13-33

13.2.9 Bluetooth ...............................................................................................................................................13-35

13.2.10 Mesh ....................................................................................................................................................13-37

13.2.11 Mesh Point ...........................................................................................................................................13-38

13.2.12 SMART RF ..........................................................................................................................................13-53

13.2.13 WIPS ...................................................................................................................................................13-58

13.2.13.1 WIPS Client Blacklist ..................................................................................................................13-58

13.2.13.2 WIPS Events ..............................................................................................................................13-59

13.2.14 Captive Portal ......................................................................................................................................13-60

13.2.15 Coverage Hole Detection ....................................................................................................................13-62

13.2.15.1 Coverage Hole Summary ........................................................................................................... 13-62

13.2.15.2 Coverage Hole Detail .................................................................................................................13-63

13.3 Access Point Statistics ....................................................................................................................................13-65

13.3.1 Health ....................................................................................................................................................13-67

13.3.2 Device ....................................................................................................................................................13-69

13.3.3 Web-Filtering .........................................................................................................................................13-73

13.3.4 Device Upgrade .....................................................................................................................................13-75

13.3.5 Adoption ................................................................................................................................................13-76

13.3.5.1 Adopted APs ................................................................................................................................13-76

13.3.5.2 AP Adoption History .....................................................................................................................13-77

13.3.5.3 AP Self Adoption History ..............................................................................................................13-78

13.3.5.4 Pending Adoptions .......................................................................................................................13-79

13.3.6 AP Detection ..........................................................................................................................................13-80

13.3.7 Guest User ............................................................................................................................................13-82

13.3.8 Wireless Clients .....................................................................................................................................13-84

13.3.9 Wireless LANs .......................................................................................................................................13-86

13.3.10 Policy Based Routing ..........................................................................................................................13-88

13.3.11 Radios .................................................................................................................................................13-90

13.3.11.1 Status .........................................................................................................................................13-90

13.3.11.2 RF Statistics ...............................................................................................................................13-91

13.3.11.3 Traffic Statistics ..........................................................................................................................13-93

13.3.12 Mesh ....................................................................................................................................................13-95

13.3.13 Interfaces .............................................................................................................................................13-96

13.3.13.1 General Interface Details ...........................................................................................................13-97

13.3.13.2 IPv6 Address ..............................................................................................................................13-99

13.3.13.3 Multicast Groups Joined ...........................................................................................................13-102

13.3.13.4 Network Graph .........................................................................................................................13-103

13.3.14 RTLS .................................................................................................................................................13-105

13.3.15 PPPoE ..................................................................................................................

13.3.16 Bluetooth ..........................................................................................................................................13-109

13.3.17 OSPF .................................................................................................................................................13-111

13.3.17.1 OSPF Summary .......................................................................................................................13-111

13.3.17.2 OSPF Neighbors ......................................................................................................................13-112

13.3.17.3 OSPF Area Details ...................................................................................................................13-114

.............................13-107

x WiNG 5.8.4 Access Point System Reference Guide

13.3.17.4 OSPF Route Statistics .............................................................................................................13-115

13.3.17.5 OSPF Interface ........................................................................................................................13-118

13.3.17.6 OSPF State ..............................................................................................................................13-119

13.3.18 L2TPv3 Tunnels ................................................................................................................................13-121

13.3.19 VRRP .................................................................................................................................................13-123

13.3.20 Critical Resources .............................................................................................................................13-125

13.3.21 LDAP Agent Status ............................................................................................................................13-127

13.3.22 Mint Links .........................................................................................................................................13-128

13.3.23 Guest Users .......................................................................................................................................13-130

13.3.24 GRE Tunnels .....................................................................................................................................13-132

13.3.25 Dot1x .................................................................................................................................................13-133

13.3.26 Network .............................................................................................................................................13-135

13.3.26.1 ARP Entries ..............................................................................................................................13-136

13.3.26.2 Route Entries ...........................................................................................................................13-137

13.3.26.3 Default Routes .........................................................................................................................13-139

13.3.26.4 Bridge .......................................................................................................................................13-142

13.3.26.5 IGMP ........................................................................................................................................13-144

13.3.26.6 MLD ..........................................................................................................................................13-146

13.3.26.7 Traffic Shaping .........................................................................................................................13-148

13.3.26.8 DHCP Options .........................................................................................................................13-150

13.3.26.9 Cisco Discovery Protocol ........................................................................................................13-151

13.3.26.10 Link Layer Discovery Protocol ...............................................................................................13-152

13.3.26.11 IPv6 Neighbor .......................................................................................................................13-153

13.3.26.12 MSTP .....................................................................................................................................13-155

13.3.27 DHCPv6 Relay & Client .....................................................................................................................13-157

13.3.28 DHCP Server .....................................................................................................................................13-159

13.3.28.1 DHCP Server General Information ...........................................................................................13-159

13.3.28.2 DHCP Server Bindings .............................................................................................................13-160

13.3.28.3 DHCP Server Networks ...........................................................................................................13-161

13.3.29 Firewall ..............................................................................................................................................13-163

13.3.29.1 Packet Flows ............................................................................................................................13-163

13.3.29.2 Denial of Service ......................................................................................................................13-164

13.3.29.3 IP Firewall Rules .....................................................................................................................13-165

13.3.29.4 IPv6 Firewall Rules .................................................................................................................13-166

13.3.29.5 MAC Firewall Rules .................................................................................................................13-167

13.3.29.6 NAT Translations .....................................................................................................................13-168

13.3.29.7 DHCP Snooping .......................................................................................................................13-170

13.3.29.8 IPv6 Neighbor Snooping ..........................................................................................................13-171

13.3.30 VPN ...................................................................................................................................................13-173

13.3.30.1 IKESA .......................................................................................................................................13-173

13.3.30.2 IPSec ........................................................................................................................................13-174

13.3.31 Certificates .........................................................................................................................................13-176

13.3.31.1 Trustpoints ...............................................................................................................................13-176

13.3.31.2 RSA Keys ................................................................................................................................13-178

13.3.32 WIPS .................................................................................................................................................13-179

13.3.32.1 WIPS Client Blacklist ................................................................................................................13-179

13.3.32.2 WIPS Events ............................................................................................................................13-180

13.3.33 Sensor Servers ..................................................................................................................................13-182

13.3.34 Bonjour Services ...............................................................................................................................13-183

13.3.35 Captive Portal ....................................................................................................................................13-185

13.3.36 Network Time ...........................................................................................................

13.3.36.1 NTP Status ...............................................................................................................................13-187

13.3.36.2 NTP Association .......................................................................................................................13-188

13.3.37 Load Balancing ..................................................................................................................................13-190

13.3.38 Environmental Sensors (AP8132 Models Only) ................................................................................13-192

.........................13-187

13.4 Wireless Client Statistics ...............................................................................................................................13-196

13.4.1 Health ..................................................................................................................................................13-197

13.4.2 Details ..................................................................................................................................................13-200

13.4.3 Traffic ...................................................................................................................................................13-204

13.4.4 WMM TSPEC ......................................................................................................................................13-207

13.4.5 Association History ..............................................................................................................................13-208

13.4.6 Graph ...................................................................................................................................................13-209

Chapter 14, WiNG Events

14.1 Event History Messages ...................................................................................................................................14-2

Appendix A, Customer Support

Appendix B, Publicly Available Software

B.1 General Information ............................................................................................................................................. B-1

B.2 Open Source Software Used ............................................................................................................................... B-1

B.3 OSS Licenses ................................................................................................................................................... B-14

B.3.1 Apache License, Version 2.0 ................................................................................................................... B-14

B.3.2 The BSD License ..................................................................................................................................... B-16

B.3.3 GNU General Public License, version 2 ................................................................................................... B-23

B.3.4 GNU Lesser General Public License 2.1 ................................................................................................. B-28

B.3.5 CCO 1.0 Universal ................................................................................................................................... B-35

B.3.6 GNU Lesser General Public License, version 3.0 .................................................................................... B-44

B.3.7 GNU General Public License 2.0 ............................................................................................................. B-45

B.3.8 GNU Lesser General Public License, version 2.0 .................................................................................... B-52

B.3.9 GNU Lesser General Public License, version 2.1 .................................................................................... B-58

B.3.10 MIT License ............................................................................................................................................ B-64

B.3.11 Mozilla Public License, version 2 ........................................................................................................... B-64

B.3.12 The Open LDAP Public License ............................................................................................................. B-68

xii WiNG 5.8.4 Access Point System Reference Guide

ABOUT THIS GUIDE

This manual supports the following access points:

• Access Points – AP621, AP622, AP650, AP6511, AP6521, AP6522, AP6522M, AP6532, AP6562, AP7131, AP7161, AP7181, AP7502, AP8122, AP8132, AP8163, AP8222, AP8232, AP8432, AP8533, ES6510, EX3524 and EX3548.

NOTE: In this guide:

• AP6511, AP6521, AP6522, AP6522M, AP6532 and AP6562 are collectively represented as AP65XX.

• AP7131, AP7161 and AP7181 are collectively represented as AP71XX.

• AP7502, AP7522, AP7532 and AP7562 are collectively represented as AP75XX.

• AP8122, AP8132 and AP8163 are collectively represented as AP81XX.

• AP8222 and AP8232 are collectively represented as AP82XX.

NOTE: ES6510, EX3524 and EX3548 are Ethernet Switches managed by a wireless controller such as RFS4000/RFS6000/RFS7000/NX4500/NX4524/NX6500/NX6524/NX7500/ NX7510/NX7520/NX7530/NX9000/NX9500/NX9510/NX9600/VX9000. These devices do not have radios and do not provide WLAN support.

This section is organized into the following:

• Document Convention

• Notational Conventions

• ZEBRA END USER LICENSE AGREEMENT

xiv WiNG 5.8.4 Access Point System Reference Guide

Document Convention

The following conventions are used in this document to draw your attention to important information:

NOTE: Indicates tips or special requirements.

CAUTION: Indicates conditions that can cause equipment damage or data

loss.

WARNING! Indicates a condition or procedure that could result in personal injury or equipment damage.

Switch Note: Indicates caveats unique to a RFS4000/RFS6000/RFS7000/

NX4500/NX4524/NX6500/NX6524/NX7500/NX7510/NX7520/NX7530/ NX9000/NX9500/NX9510/NX9600/VX9000 model controllers or service platforms.

Notational Conventions

The following notational conventions are used in this document:

• Italics are used to highlight specific items in the general text, and to identify chapters and sections in this and related documents

• Bullets (•) indicate:

• lists of alternatives

• lists of required steps that are not necessarily sequential

• action items

• Sequential lists (those describing step-by-step procedures) appear as numbered lists

ZEBRA END USER LICENSE AGREEMENT

BY INSTALLING AND/OR USING THIS PRODUCT, YOU ACKNOWLEDGE THAT YOU HAVE READ THIS AGREEMENT, UNDERSTAND IT AND AGREE TO BE BOUND ITS TERMS. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, ZEBRA IS NOT WILLING TO LICENSE THE PRODUCT TO YOU, AND YOU MUST NOT INSTALL OR USE THIS PRODUCT.

Grant of License. Zebra Technologies Corporation (“Zebra”) grants you ("Licensee" or "you") a personal, nonexclusive, nontransferable, revocable, nonassignable, limited license to use the software and documentation (“Product(s)”) subject to the terms and conditions of this Agreement. You shall use the Products only for your internal business purposes, exclusively to support Zebra devices. Any use of the Products outside of the conditions set forth herein is strictly prohibited and will be deemed a breach of this Agreement resulting in immediate termination of your License. In the event of a breach of this Agreement, Zebra will be entitled to all available remedies at law or in equity (including immediate termination of the license without notice, immediate injunctive relief and repossession of all Products unless Licensee is a Federal agency of the United States Government).

You shall not distribute, sublicense, rent, loan, lease, export, re-export, resell, ship or divert or cause to be exported, re-exported, resold, shipped or diverted, directly or indirectly, the Products under this Agreement. You shall not, and shall not permit others to: (i) modify, translate, decompile, bootleg, reverse engineer, disassemble, or extract the inner workings of the Products, (ii) copy the look-and-feel or functionality of the Products; (iii) remove any proprietary notices, marks, labels, or logos from the Products; (iv) rent or transfer all or some of the Products to any other party without Zebra’s prior written consent; or (v) utilize any computer software or hardware which is designed to defeat any copy protection device, should the Products be equipped with such a protection device.

Title to all copies of Products will not pass to Licensee at any time and remains vested exclusively in Zebra. All intellectual property developed, originated, or prepared by Zebra in connection with the Products remain vested exclusively in Zebra, and this Agreement does not grant to Licensee any intellectual property rights.

Portions of the Products are protected by United States patent and copyright laws, international treaty provisions, and other applicable laws. Therefore, you must treat the Products like any other copyrighted material (e.g., a book or musical recording) except that you may make one copy of the Product solely for back-up purposes. Unauthorized duplication of the Products constitutes copyright infringement, and in the United States is punishable in federal court by fine and imprisonment.

Limited Warranty. Zebra warrants for a period of ninety (90) days from your receipt of the Products to you that the Software, under normal use, will perform substantially in accordance with Zebra’s published specifications for that release level of the Software. The written materials are provided "AS IS" and without warranty of any kind. Zebra’s entire liability and your sole and exclusive remedy for any breach of the foregoing limited warranty will be, at Zebra’s option, the provision of a downloadable patch or replacement code, or a refund of the unused portion of your bargained for contractual benefit up to the amount paid for the Products.

Disclaimer. THIS LIMITED WARRANTY IS THE ONLY WARRANTY PROVIDED BY ZEBRA, AND ZEBRA MAKES, AND YOU RECEIVE, NO OTHER WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR IN ANY COMMUNICATION WITH YOU. ZEBRA SPECIFICALLY DISCLAIMS ANY WARRANTY INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILTY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE. ZEBRA DOES NOT WARRANT THAT THE PRODUCTS WILL MEET YOUR REQUIREMENTS, OR THAT THE OPERATION OF THE PRODUCTS WILL BE UNINTERRUPTED OR ERROR FREE, OR THAT DEFECTS IN THE PRODUCTS WILL BE CORRECTED. ZEBRA MAKES NO WARRANTY WITH RESPECT TO THE CORRECTNESS, ACCURACY, OR RELIABILITY OF THE PRODUCTS. Some jurisdictions do not allow the exclusion of implied warranties, so the above exclusion may not apply to you.

Limitation of Liability. THE TOTAL LIABILITY OF ZEBRA UNDER THIS AGREEMENT FOR DAMAGES SHALL NOT EXCEED THE FAIR MARKET VALUE OF THE PRODUCTS LICENSED UNDER THIS AGREEMENT. IN NO EVENT WILL ZEBRA BE LIABLE IN ANY WAY FOR INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL OR PUNITIVE DAMAGES OF ANY NATURE, INCLUDING WITHOUT LIMITATION, LOST BUSINESS PROFITS, OR LIABILITY OR INJURY TO THIRD PERSONS, WHETHER FORESEEABLE OR NOT, REGARDLESS OF WHETHER ZEBRA HAS BEEN ADVISED OF THE POSSIBLITY OF SUCH DAMAGES. Some jurisdictions do not permit limitations of liability for incidental or consequential damages, so the above exclusions may not apply to you. This Limitation of Liability provision survives the termination of this Agreement and applies notwithstanding

About This Guide xv

xvi WiNG 5.8.4 Access Point System Reference Guide

any contrary provision in this Agreement. Licensee must bring any action under this Agreement within one (1) year after the cause of action arises.

Maintenance. Unless provided for in a separate agreement, Zebra shall not be responsible for maintenance or field service of the Products.

High Risk Activities. The Products are not fault-tolerant and are not designed, manufactured or intended for use or resale as on-line control software in hazardous environments requiring fail-safe performance, such as in the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, direct life support machines, or weapons systems, in which the failure of the Products could lead directly to death, personal injury, or severe physical or environmental damage ("High Risk Activities"). Zebra and its suppliers specifically disclaim any express or implied warranty of fitness for High Risk Activities, and if you elect to use the Products in any High Risk Activities, you agree to indemnify, defend, and hold Zebra harmless from and against any and all costs, damages, and losses related to that use.

U.S. Government. If you are acquiring the Products on behalf of any unit or agency of the U.S. Government, the following shall apply. Use, duplication, or disclosure of the Products is subject to the restrictions set forth in subparagraphs (c) (1) and (2) of the Commercial Computer Software - Restricted Rights clause at FAR 52.227-19 (JUNE 1987), if applicable, unless being provided to the Department of Defense. If being provided to the Department of Defense, use, duplication, or disclosure of the Products is subject to the restricted rights set forth in subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 (OCT 1988), if applicable. Products may or may not include a Restricted Rights notice, or other notice referring specifically to the terms and conditions of this Agreement. The terms and conditions of this Agreement shall each continue to apply, but only to the extent that such terms and conditions are not inconsistent with the rights provided to you under the aforementioned provisions of the FAR and DFARS, as applicable to the particular procuring agency and procurement transaction.

Assignment. Except as otherwise provided in this section, neither party may assign this Agreement, or any of its rights or obligations under this Agreement, without the prior written approval of the other party, which will not be unreasonably withheld. Any attempted assignment, delegation, or transfer without the necessary approval will be void. Notwithstanding the foregoing, for any Zebra acquisition, merger, consolidation, reorganization, or similar transaction, or any spin-off, divestiture, or other separation of a Zebra business, Zebra may, without the prior written consent of the other party: (i) assign its rights and obligations under this Agreement, in whole or in part, or (ii) split and assign its rights and obligations under this Agreement so as to retain the benefits of this Agreement for both Zebra and the assignee entity(ies) (and their respective Affiliates) following the split.

Governing Law. This Agreement shall be governed by the laws of the United States of America to the extent that they apply and otherwise by the laws of the State of New York without regard to its conflict of laws provisions or by the internal substantive laws of the country to which the Products is shipped if end-user customer is a sovereign governmental entity. The terms of the U.N. Convention on Contracts for the International Sale of Goods do not apply. In the event that the Uniform Computer information Transaction Act, any version of this Act, or a substantially similar law (collectively “UCITA”) becomes applicable to a Party’s performance under this Agreement, UCITA does not govern any aspect of this End User License Agreement or any license granted under this EndUser License Agreement, or any of the parties’ rights or obligations under this End User License Agreement. The governing law will be that in effect prior to the applicability of UCITA.

Compliance with Laws. Licensee will comply with all applicable laws and regulations, including export laws and regulations of the United States. Licensee will not, without the prior authorization of Zebra and the appropriate governmental authority of the United States, in any form export or re-export, sell or resell, ship or reship, or divert, through direct or indirect means, any item or technical data or direct or indirect products sold or otherwise furnished to any person within any territory for which the United States Government or any of its agencies at the time of the action, requires an export license or other governmental approval. Violation of this provision will be a material breach of this Agreement, permitting immediate termination by Zebra.

Third Party Software. The Products may contain one or more items of Third-Party Software. The terms of this Agreement govern your use of any Third-Party Software UNLESS A SEPARATE THIRD-PARTY SOFTWARE LICENSE IS INCLUDED, IN WHICH CASE YOUR USE OF THE THIRD-PARTY SOFTWARE WILL THEN BE GOVERNED BY THE SEPARATE THIRD-PARTY LICENSE.

Open Source Software. The Products may contain one or more items of Open Source Software. Open Source Software is software covered by a publicly available license governed solely under Copyright law, whereas the

About This Guide xvii

complete terms and obligations of such license attach to a licensee solely through the act of copying, using and/ or distribution of the licensed software, such obligations often include one or more of attribution obligations, distribution obligations, copyleft obligations, and intellectual property encumbrances. The use of any Open Source Software is subject to the terms and conditions of this Agreement as well as the terms and conditions of the corresponding license of each Open Source Software package. If there is a conflict between the terms and conditions of this Agreement and the terms and conditions of the Open Source Software license, the applicable Open Source Software license will take precedence. Copies of the licenses for the included Open Source Software, if any, as well as their attributions, acknowledgements, and software information details, are provided in the electronic copy of this Agreement, which is available in the Legal Notices or README file associated with the Product. Zebra is required to reproduce the software licenses, acknowledgments and copyright notices as provided by the authors and owners, thus, all such information is provided in its native language form, without modification or translation. Depending on the license terms of the specific Open Source Software, source code may not be provided. Please reference and review the entire Open Source Software information to identify which Open Source Software packages have source code provided or available. For instructions on how to obtain a copy of any source code made publicly available by Zebra related to Open Source Software distributed by Zebra, you may send your request (including the Zebra Product name and version, along with the Open Source Software specifics) in writing to: Zebra Technologies Corporation, Open Source Software Director, Legal Department, 3 Overlook Point, Lincolnshire, IL 60069 USA.

©2015 ZIH Corp and/or its affiliates. All rights reserved. Zebra and the stylized Zebra head are trademarks of ZIH Corp., registered in many jurisdictions worldwide. All other trademarks are the property of their respective owners.

xviii WiNG 5.8.4 Access Point System Reference Guide

CHAPTER 1 OVERVIEW

The family of WING supported access points enable high performance with secure and resilient wireless voice and data services to remote locations with the scalability required to meet the needs of large distributed enterprises.

AP6511, AP6521, AP6522, AP6532, AP6562, AP8432, AP8533, AP71XX, AP7502, AP81XX and AP82XX access points and ES6510 model ethernet switch can now use WiNG software as its onboard operating system. The unique WiNG software enables the access point to function as a Standalone “thick” access point, or a Virtual Controller AP capable of adopting and managing up to 24 access points of the same model.

When deploying an access point as a pure Virtual Controller AP, with no RFS Series controllers available anywhere on the network, the access point itself is a controller supporting other access points of the same model. The Virtual Controller AP can:

• Provide firmware upgrades for connected access point

• Aggregate statistics for the group of access points the Virtual Controller is managing

• Be the single point of configuration for that deployment location

NOTE: The recommended way to administer a network populated by numerous access points is to configure them directly from the Virtual Controller AP. If a single access point configuration requires an update from the Virtual Controller AP’s assigned profile configuration, the administrator should apply a Device Override to change just that access point’s configuration. For more information on applying an override to an access point’s Virtual Controller AP assigned configuration and profile, see Device Overrides on page 5-229.

The WiNG architecture is a solution designed for 802.11n and 802.11ac networking. It leverages the best aspects of independent and dependent architectures to create a smart network that meets the connectivity, quality and security needs of each user and their applications, based on the availability of network resources including wired networks. By distributing intelligence and control amongst access points, a WiNG network can route directly via the best path, as determined by factors including the user, location, the application and available wireless and wired resources. WiNG extends the differentiation offered to the next level, by making available services and security at every point in the network. managed traffic flow is optimized to prevent wired congestion and wireless

1-2 WiNG 5.8.4 Access Point System Reference Guide

congestion. Traffic flows dynamically, based on user and application, and finds alternate routes to work around network choke points.

NOTE: This guide describes the installation and use of the WiNG software designed specifically for AP6511, AP6521, AP6522, AP6532, AP6562, AP8432, AP8533, AP71XX, AP7502, AP7522, AP7532, AP81XX and AP82XX access points and ES6510 model ethernet switch. It does not describe the version of the WiNG software designed for use with the RFS4000, RFS6000, RFS7000, NX4500, NX4524, NX6500, NX6524, NX7500, NX7510,NX7520, NX7530, NX9000, NX9500 and NX9510. For information on using WiNG in a controller managed network, go to www.zebra.com/support.

Overview 1-3

1.1 About the WiNG Software

Zebra Technologies’ WiNG 5 operating system is the next generation in the evolution of WLAN architectures. WiNG 5 OS is designed to scale efficiently from the smallest networks to large, geographically dispersed deployments. The co-operative, distributed control plane innovation in the WiNG 5 architecture offers a softwaredefined networking (SDN)-ready operating system that can distribute controller functionality to every access point in your network. Now, every access point is network aware, providing the intelligence required to truly unleash optimal performance, all wireless LAN infrastructure can work together to ensure every transmission is routed through the most efficient path, every time.

WiNG 5 brings you the resiliency of a standalone access point network without the vulnerability of a centralized controller, with advancements that take performance, reliability, security, scalability and manageability to a new level. The result? Maximum network uptime and security with minimal management. And true seamless and dependable mobility for your users.

WiNG 5 advances the following technology:

Comprehensive Wi-Fi support. - WiNG supports all Wi-Fi protocols, including 802.11a/b/g/n/ac, allowing you to create a cost-effective migration plan based on the needs of your business.

Extraordinary scalability - With WiNG, you can build any size network, from a small WLAN network in a single location to a large multi-site network that reaches all around the globe.

Extraordinary flexibility - No matter what type of infrastructure you deploy, WiNG 5 delivers intelligence to all: standalone independent access point or adaptive access point that can be adopted by a controller but can switch to independent mode; virtual controllers; physical controllers in branch offices, the network operating center (NOC) or the cloud.

The power of distributed intelligence - WiNG distributes intelligence right to the network edge, empowering every controller and access point with the intelligence needed to be network-aware, able to identify and dynamically route traffic over the most efficient path available at that time.

Extraordinary network flexibility and site survivability - WiNG provides the best of both worlds: true hierarchical management that delivers a new level of management simplicity and resiliency by enabling controllers to adopt and manage other controllers and access point, while allowing adopted infrastructure to also stand on its own.

Gap-free security - When it comes to security, there can be no compromises. WiNG’s comprehensive security capabilities keep your network and your data safe — period — ensuring compliance with PCI, HIPAA and other government and industry security regulations.

Connectivity for the largest indoor and outdoor spaces - In addition to enabling a robust indoor WLAN, our patented MeshConnex™ technology enables the extension of Wi-Fi networks to the largest of outdoor spaces — from an expansive outdoor campus environment to an entire city.

Powerful centralized management - With WiNG you get complete control over every aspect of your WLAN. This single powerful windowpane enables zero touch infrastructure deployment, rich analytics that can help you recognize and correct brewing issues before they impact service quality and user connectivity, along with centralized and remote troubleshooting and issue resolution of the entire network.

1.1.1 Distributed Intelligence

WiNG 5 enables all WLAN infrastructure with the intelligence required to work together to determine the most efficient path for every transmission. The need to route all traffic through a controller is eliminated, along with the resulting congestion and latency, resulting in higher throughput and superior network performance. Since all features are available at the access layer, they remain available even when the controller is offline, for example, due to a WAN outage, ensuring site survivability and extraordinary network resilience. In addition, you get unprecedented scalability, large networks can support as many as 10,000 nodes without impacting throughput or manageability, providing unprecedented scalability.

1-4 WiNG 5.8.4 Access Point System Reference Guide

1.1.2 High Availability Networks

WiNG 5 enables the creation of highly reliable networks, with several levels of redundancy and failover mechanisms to ensure continuous network service in case of outages. Access points in remote sites coordinate with each other to provide optimized routing and self-healing, delivering a superior quality of experience for business critical applications. Even when WiNG 5 site survivable access points lose communication with the controller, they continue to function, able to bridge traffic while still enforcing QoS and security policies, including stateful inspection of Layer2 (locally bridged) or Layer 3 traffic.

1.1.3 Gap Free Security

When it comes to wireless security, one size does not fit all. A variety of solutions are required to meet the varying needs and demands of different types of organizations. Regardless of the size of your WLAN or your security requirements, our tiered approach to security allows you to deploy the features you need to achieve the right level of security for your networks and your data. And where a hub-and-spoke architecture can’t stop threats until they reach the controller inside your network, WiNG 5 distributes security features to every access point, including those at the very edge of your network, creating an around-the-clock constant network perimeter guard that prevents threats from entering your network for unprecedented gap free security.

1.1.4 Outdoor Wireless and Mesh Networking

When you need to extend your wireless LAN to outdoor spaces, our patented MeshConnex technology combines with comprehensive mesh networking features to enable you to create secure, high performance, flexible and scalable mesh networks. With our mesh technology, you can cover virtually any area without installing cabling, enabling the creation of cost-effective outdoor wireless networks that can provide coverage to enterprise workers in vast campus-style environments as well as public safety personnel in patrol cars.

1.1.5 Network Services, Routing and Switching

WiNG 5 integrates network services like built-in DHCP server, AAA server and routing protocols like policy based routing and OSPF, Layer 2 protocols like MSTP and Link Aggregation. Integration of services and routing/ switching protocols eliminates the need for additional servers or other networking gear in small offices thereby reducing Total Cost of Ownership (TCO). In large networks, where such services are deployed on a dedicated server/ router at the NOC, this provides a backup solution for remote sites when the WAN link to the NOC is temporarily lost. Integrating also provides the added benefit of coordination across these services on failover from primary to standby, assisting a more meaningful behavior, rather than when each fails over independently of the other for the same root cause.

1.1.6 Management, Deployment and Troubleshooting

WiNG’s comprehensive end-to-end management capabilities cover deployment through day-to-day management. You get true zero-touch deployment for access points located anywhere in the world, the simplicity of a single window into the entire network, plus the ability to remotely troubleshoot and resolve issues. And since our management technology is manufacturer-agnostic, you can manage your Zebra Technologies WLAN infrastructure as well as any legacy equipment from other manufacturers, allowing you to take advantage of our advanced WLAN infrastructure without requiring a costly rip and replace of your existing WLAN.

CHAPTER 2 WEB USER INTERFACE FEATURES

The access point’s on board user interface contains a set of features specifically designed to enable either Virtual Controller AP, Standalone AP or Adopt to Controller functionality. In Virtual Controller AP mode, an access point can manage up to 24 other access points of the same model and share data amongst managed access points. In Standalone mode, an access point functions as an autonomous, non adopted, access point servicing wireless clients. If adopted to controller, an access point is reliant on its connected controller for its configuration and management.

For information on how to access and use the access point’s Web UI, see:

• Accessing the Web UI

• Glossary of Icons Used

2-2 WiNG 5.8.4 Access Point System Reference Guide

2.1 Accessing the Web UI



Web User Interface Features

The access point uses a Graphical User Interface (GUI) which can be accessed using any supported Web browser on a client connected to the subnet the Web UI is configured on.

2.1.1 Browser and System Requirements

To access the GUI, a browser supporting Flash Player 11 is recommended. The system accessing the GUI should have a minimum of 1 GB of RAM for the UI to display and function properly. The Web UI is based on Flex, and does not use Java as the underlying UI framework. It is recommended to use a resolution of 1280 x 1024 pixels when using the GUI.

The following browsers have been validated with the Web UI:

• Firefox 3.0 or higher

• Internet Explorer 7 or higher

• Google Chrome 2.0 or higher

• Safari 3 and higher

• Opera 9.5 and higher

2.1.2 Connecting to the Web UI

1. Connect one end of an Ethernet cable to an access point LAN port and connect the other end to a computer with a working Web browser.

2. Set the computer to use an IP address between 192.168.0.10 and 192.168.0.250 on the connected port. Set a subnet/network mask of 255.255.255.0.

NOTE: The access point’s IP address is optimally provided using DHCP. A zero config IP address can also be derived if DHCP resources are unavailable. Using zero config, the last two octets in the IP address are the decimal equivalent of the last two bytes in the access point’s hardcoded MAC address.

For example:

MAC address - 00:C0:23:00:F0:0A Zero-config IP address - 169.254.240.10

3. To derive the access point’s IP address using its MAC address:

4. Open the Windows calculator be selecting Start > All Programs > Accessories > Calculator. This menu path may vary slightly depending on your version of Windows.

5. With the Calculator displayed, select View > Scientific. Select the Hex radio button.

6. Enter a hex byte of the access point’s MAC address. For example, F0.

7. Select the Dec radio button. The calculator converts F0 into 240. Repeat this process for the last access point MAC address octet.

8. Once obtained, point the Web browser to the access point’s IP address. The following login screen displays:

Web User Interface Features 2-3

Figure 2-1 Access Point Web UI Login screen

9. Enter the default username admin in the Username field.

10. Enter the default password admin123 in the Password field.

11. Select the Login button to load the management interface.

If this is the first time the management interface has been accessed, the first screen to display will prompt for a change of the default access point password. Then, a dialogue displays to start the initial setup wizard. For more information on using the initial setup wizard see Using the Initial Setup Wizard on page 3-2.

2-4 WiNG 5.8.4 Access Point System Reference Guide

2.2 Glossary of Icons Used



Web User Interface Features

The access point interface utilizes a number of icons designed to interact with the system, gather information from managed devices and obtain status. This chapter is a compendium of the icons used, and is organized as follows:

• Global Icons

• Dialog Box Icons

• Table Icons

• Status Icons

• Configurable Objects

• Configuration Objects

• Configuration Operation Icons

• Access Type Icons

• Administrative Role Icons

• Device Icons

2.2.1 Global Icons



Glossary of Icons Used

This section lists global icons available throughout the interface.

Logout – Select this icon to log out of the system. This icon is always available and is located at the top right-hand corner of the UI.

Add – Select this icon to add a row in a table. When this icon is selected, a new row is created in the table, or a dialog box opens where you can enter values for that particular list.

Delete – Select this icon to remove a row from a table. When this icon is clicked, the selected row is immediately deleted.

More Information – Select this icon to display a pop-up with supplementary information that may be available for an item.

Trash – Select this icon to remove a row from a table. When this icon is clicked, the selected row is immediately deleted.

Create new policy – Select this icon to create a new policy. Policies define different configuration parameters that can be applied to device configurations, and device profiles.

Edit policy – Select this icon to edit an existing configuration item or policy. To edit a policy, select the policy and this icon.

2.2.2 Dialog Box Icons



Glossary of Icons Used

These icons indicate the current state of various controls in a dialog. These icons enables you to gather, at a glance, the status of all the controls in a dialog. The absence of any of these icons next to a control indicates the value in that control has not been modified from its last saved configuration.

Entry Updated – Indicates a value has been modified from its last saved configuration.

Entry Update – States that an override has been applied to a device’s profile configuration.

Mandatory Field – Indicates the control’s value is a mandatory configuration item. You will not be allowed to proceed further without providing all mandatory values in the dialog or the screen.

Error in Entry – Indicates there is an error in a supplied value. A small red popup provides a likely cause of the error.

Web User Interface Features 2-5

2.2.3 Table Icons



Glossary of Icons Used

The following two override icons are status indicators for transactions that need to be committed.

2.2.4 Status Icons



Glossary of Icons Used

These icons define device status, operations on the wireless controller, or any other action that requires a status being returned to the user.

Table Row Overridden – Indicates a change (profile configuration override) has been made to a table row, and the change will not be implemented until saved. This icon represents a change from this device’s profile assigned configuration.

Table Row Added – Indicates a new row has been added to a table, and the change will not be implemented until saved. This icon represents a change from this device’s profile assigned configuration.

Fatal Error – States there is an error causing a managed device to stop functioning.

Error – Indicates an error exits requiring intervention. An action has failed, but the error is not system wide.

2-6 WiNG 5.8.4 Access Point System Reference Guide

Warning – States a particular action has completed, but some errors were detected that did not stop the process from completing. Intervention might still be required to resolve subsequent warnings.

Success – Indicates everything is well within the network or a process has completed successfully without error.

Information – This icon always precedes information displayed to the user. This may either be a message displaying progress for a particular process, or may just be a message from the system.

2.2.5 Configurable Objects



Glossary of Icons Used

These icons define configurable items within the UI.

Device Configuration – Represents a configuration file applicable to a device category.

Auto Provisioning Policy – Represents a provisioning policy. Provisioning policies are a set of configuration parameters that define how access points and wireless clients are adopted and their management configuration supplied.

Wireless LANs – States an action impacting a WLAN has occurred.

WLAN QoS Policy – States a Quality of Service (QoS) policy

configuration has been impacted.

Radio QoS Policy – Indicates a QoS policy configuration has been impacted.

AAA Policy – Indicates an Authentication, Authorization and Accounting (AAA) policy has been impacted. AAA policies define

RADIUS authentication and accounting parameters.

Association ACL – Indicates an Association Access Control List (ACL) configuration has been impacted. An ACL is a set of configuration parameters used to set access to managed resources. The association ACL configures the parameters for controlling device associations.

+ 1146 hidden pages

Zebra WiNG 5.8.4 System Reference Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

ABOUT THIS GUIDE

Document Convention

Notational Conventions

ZEBRA END USER LICENSE AGREEMENT

1.1 About the WiNG Software

1.1.1 Distributed Intelligence

1.1.2 High Availability Networks

1.1.3 Gap Free Security

1.1.4 Outdoor Wireless and Mesh Networking

1.1.5 Network Services, Routing and Switching

1.1.6 Management, Deployment and Troubleshooting

2.1 Accessing the Web UI

2.1.1 Browser and System Requirements

2.1.2 Connecting to the Web UI

2.2 Glossary of Icons Used

2.2.1 Global Icons

2.2.2 Dialog Box Icons

2.2.3 Table Icons

2.2.4 Status Icons

2.2.5 Configurable Objects