GemTek Technology AP930301G 54Mb Operator Access Point User Manual Manual

Gemtek Technology Co., Ltd. 54Mb Operator Access Point Manual

Contents

Manual

54Mb Operator Access Point P-520rUser’s Guide Revision 2.5 July, 2006Copyright © 2002-2006 Gemtek Systems Holding BV www.gemtek-systems.com
Copyright© 2002-2006 Gemtek Systems Holding BV. This user’s guide and the software described in it are copyrighted with all rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into anylanguage in any form by any means without the written permission of Gemtek Systems Holding BV.NoticeGemtek Systems reserves the right to change specifications without prior notice. While the information in this manual has been compiled with great care, it may not be deemed an assurance of product characteristics. Gemtek Systems shall be liable only to the degree specified in the terms of sale and delivery.The reproduction and distribution of the documentation and software supplied with this product and the use of its contents is subject to written authorization from Gemtek Systems.TrademarksThe product described in this book is a licensed product of Gemtek Systems Holding BV.Microsoft, Windows 95, Windows 98, Windows Millennium Edition, Windows NT, Windows 2000, Windows XP, and MS-DOS are registered trademarks of the Microsoft Corporation.Mac OS is a registered trademark of Apple Computer, Inc. Java is a trademark of Sun Microsystems, Inc.Wi-Fi is a registered trademark of the Wi-Fi Alliance.All other brand and product names are trademarks or registered trademarks of their respective holders.
FCC Warning This equipment has been tested and found to comply with the limits for a Class B digital device,pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protectionagainst harmful interference in a residentialinstallation.This equipment generates, uses and can radiateradio frequency energy and, if not installed andused in accordance with the instructions, maycause harmful interference to radiocommunications. However, there is no guaranteethat interference will not occur in a particularinstallation. If this equipment does cause harmfulinterference to radio or television reception, whichcan be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one of the following measures:Reorient or relocate the receiving antenna.Increase the separation between the equipment and receiver. Connect the equipment into an outlet on a circuit different from that to which the receiveris connected.Consult the dealer or an experienced radio/TVtechnician for help.This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions:(1) This device may not cause harmful interference,and (2) this device must accept any interferencereceived, including interference that may causeundesired operation.FCC Caution To assure continued compliance, any changes or modifications not expressly approved by the partyresponsible for compliance could void the user'sauthority to operate this equipmentFCC Radiation Exposure Statement This equipment complies with FCC radiationexposure limits set forth for an uncontrolledenvironment. This equipment should be installedand operated with minimum distance 20cm betweenthe radiator and your body. This transmitter mustnot be co-located or operating in conjunction withany other antenna or transmitter.R&TTE Compliance Statement This equipment complies with all the requirementsof the Directive 1999/5/EC of the EuropeanParliament and the Council of 9 March 1999 onRadio Equipment and Telecommunication TerminalEquipment and the Mutual Recognition of their Conformity (R&TTE). The R&TTE Directive repeals and replaces in the directive 98/13/EEC (Telecommunications TerminalEquipment and Satellite Earth Station Equipment)As of April 8, 2000. SafetyThis equipment is designed with the utmost care for the safety of those who install and use it. However,special attention must be paid to the dangers of electric shock and static electricity when workingwith electrical equipment. All guidelines of this manual and of the computer manufacturer musttherefore be allowed at all times to ensure the safe use of the equipment.EU Countries Intended for Use This device is intended for home and office use in Austria, Belgium, Denmark, Finland, France (withFrequency channel restrictions), Germany, Greece, Ireland, Italy, Luxembourg, The Netherlands,Portugal, Spain, Sweden and United Kingdom.The ETSI version of this device is also authorizedfor use in EFTA member states Iceland,Liechtenstein, Norway and Switzerland.EU Countries Not Intended for UseNone.The availability of some specific channels and/or operational frequency bands are country dependent and are firmware programmed at the factory to match the intended destination. The firmware setting is not accessible by the end user.
User’s Guide ContentsContentsCopyright .............................................................................................................................................3Notice ..................................................................................................................................................3Trademarks .........................................................................................................................................3National Radio Regulations.................................................................................................................3FCC Warning.......................................................................................................................................4R&TTE Compliance Statement ...........................................................................................................4CONTENTS ............................................................................................................................................ 5ABOUT THIS GUIDE.............................................................................................................................. 7Purpose ...............................................................................................................................................7Prerequisite Skills and Knowledge......................................................................................................7Conventions Used in this Document ...................................................................................................7Help Us to Improve this Document! ....................................................................................................7Service & Support ...............................................................................................................................7Gemtek Systems Technical Support...................................................................................................7CHAPTER 1 – INTRODUCTION ............................................................................................................ 8Product Overview ................................................................................................................................8Management Options ..........................................................................................................................9Web Interface...................................................................................................................................9SNMP Management ........................................................................................................................9Gemtek Management System .........................................................................................................9P-520r Features....................................................................................................................................9Operating Modes...............................................................................................................................10Antenna Diversity ..............................................................................................................................11CHAPTER 2 – INSTALLATION ...........................................................................................................13The Packaging Contents...................................................................................................................13System Requirements .......................................................................................................................13Hardware Introduction .......................................................................................................................14Front Panel: LEDs .........................................................................................................................14Rear Panel.....................................................................................................................................15A Look Inside .................................................................................................................................16Hardware Installation.........................................................................................................................18Attaching the Access Point to the Wall..........................................................................................18Removing the Access Point from the Wall ....................................................................................19Initialization........................................................................................................................................20Software Introduction: KickStart ....................................................................................................20Access your P-520r Access Point...................................................................................................20Reset to the Factory Default Settings ...............................................................................................23CHAPTER 3 – QUICK SETUP .............................................................................................................25Setup Wizard.....................................................................................................................................25CHAPTER 4 – REFERENCE MANUAL............................................................................................... 34Web Interface ....................................................................................................................................34Configuration .....................................................................................................................................36Configuration | Settings Summary .................................................................................................36Configuration | Identity...................................................................................................................36Configuration | Local Area Network | Network Setup ....................................................................37Configuration | Local Area Network | Virtual LAN..........................................................................38Configuration | Wireless | Basic Settings.......................................................................................39Gemtek Systems Page 5
User’s Guide ContentsConfiguration | Wireless | WDS Links............................................................................................42Configuration | Wireless | Advanced Settings................................................................................46Configuration | Security | Wireless Security | Client Isolation........................................................47Configuration | Security | Wireless Security | Access Control List.................................................47Configuration | Security | Wireless Security | RADIUS Servers ....................................................49Configuration | Security | Wireless Security | Wired Equivalent Privacy (WEP)............................51Configuration | Security | Wireless Security | 802.1x Security.......................................................52Configuration | Security | Wireless Security | Wi-Fi Protected Access (WPA) ..............................53Configuration | Security | Wireless Security | Management Security ............................................54Configuration | System | Backup/Restore......................................................................................55Configuration | System | GMS Agent.............................................................................................56Configuration | System | SNMP Traps...........................................................................................60Configuration | System | NTP Settings ..........................................................................................61Configuration | System | Automatic Reboot...................................................................................63Status ................................................................................................................................................64Status | Statistics/Usage | Status Overview...................................................................................64Status | Statistics/Usage | Interface Statistics ...............................................................................64Status | Statistics/Usage | Wireless Statistics................................................................................65Status | Statistics/Usage | Event Reporting...................................................................................66Status | Clients | Wireless Clients..................................................................................................67Status | Clients | Access Points .....................................................................................................67Status | Clients | WDS Links..........................................................................................................68Update...............................................................................................................................................69CHAPTER 5 – SNMP MANAGEMENT ................................................................................................ 71Introduction........................................................................................................................................71SNMP Versions .................................................................................................................................71SNMP Agent......................................................................................................................................72SNMP Community Strings.................................................................................................................72Use SNMP to Access MIB.................................................................................................................72Gemtek Systems Private MIB ...........................................................................................................73APPENDIX............................................................................................................................................74A) P-520r Operator Access Point Specification.................................................................................74Technical Data...............................................................................................................................74B) Factory Defaults Values for the P-520r Access Point ..................................................................76C) P-520r Rescue and Firmware Recovery via TFTP.......................................................................78GLOSSARY ..........................................................................................................................................79INDEX ...................................................................................................................................................84Gemtek Systems Page 6
User’s Guide About this Guide About this Guide PurposeThis document provides information and procedures on hardware installation, setup, configuration,and management of the Gemtek Systems 54Mbps Operator Access Point P-520r.Prerequisite Skills and Knowledge To use this document effectively, you should have a working knowledge of Local Area Networking(LAN) concepts and wireless Internet access infrastructures.Hardware installers should have a working knowledge of basic electronics and mechanical assembly,and should understand related local building codes.Conventions Used in this Document The following typographic conventions and symbols are used throughout this document:Very important information. Failure to observe this may result in damage.Important information that should be observed.Additional information that may be helpful but which is not required.bold Menu commands, buttons and input fields are displayed in bold code File names, directory names, form names, and system-generated outputsuch as error messages are displayed in constant-width type <value> Placeholder for certain values, e.g. user inputs Help Us to Improve this Document! If you should encounter mistakes in this document or want to provide comments to improve the manual please send e-mail directly to manuals@gemtek.ltService & Support The latest software and documentation is available for download at the Gemtek Systems websitehttps://support-eu.gemtek-systems.it/Gemtek Systems Technical Support If you encounter problems when installing or using this product, please consult the Gemtek Systems Website at http://www.gemtek-systems.com for: Direct contact to the Gemtek Systems support centers.Frequently Asked Questions (FAQ).Download area for the latest software, user documentation and product updates.Gemtek Systems Page 7
User’s Guide Chapter 1 – Introduction Chapter 1 – Introduction Thank you for choosing the Gemtek Systems 54Mbps Operator Access Point model P-520r.The Gemtek Systems P-520r is a Carrier-Grade Wi-Fi Access Point designed to provide reliable and secure wireless access to an operator network or enterprise LAN. Theft-proof mounted to a wall or ceiling the access point can be fully configured and controlled from a central management systemminimizing the need for an engineer to physically access the unit once it has been installed.Product Overview High Performance for Maximum CoverageThe Gemtek Systems P-520r Operator Access Point provides quality connectivity for Wi-Fi networks. Designed to support even the largest of Hot Spots, this AP combines high receiver sensitivity and proven antenna technology to maximize coverage.Wi-Fi Compliance to Ensure Network CompatibilityTested for interoperability with the Wi-Fi standard, the P-520r will support all Wi-Fi certified client devices; the global industry-standard for local wireless networking.The Perfect Access Point for Large Areas The P-520r is specifically designed for large venues. Connected to a Access Controller like the Gemtek Systems G6000 or P-560, P-520r can easily cover a hotspot of any size. P-520r is IEEE 802.3af compliant, enabling it to be powered over standard Cat-5 Ethernet cabling, reducinginstallation and maintenance costs.Total Management The P-520r Operator Access Point simplifies the set-up, operation, control and management of public access networks. The AP can be remotely managed via HTTP or SNMP. Auto-channel selection and integrated site survey utilities help administrators to optimize cell planning.SecurityP-520r supports various state-of-the-art security mechanisms like WPA, Access Control Lists, 802.1x/EAP authentication and Layer 2 User Isolation. The User Isolation feature can effectively prevent peer-to-peer communication between client stations. The AP is designed for wall mount with integrated theft-protection.Gemtek Systems Page 8
User’s Guide Chapter 1 – Introduction Management Options There are several managing and monitoring interfaces available to the operator to configure andmanage the P-520r on your network:  Web-browser InterfaceSNMP Management (SNMP v1, v2c)Gemtek Management System (GMS)This user manual provides detailed description of Web and SNMP management option. Web Interface The Web-browser interface (also known as the HTTP interface) provides easy access to configurationsettings and network statistics from any computer in the network. Use the Web browser interfacethrough your LAN (switch, hub, etc.), over the Internet, or with a “crossover” Ethernet cable connecteddirectly to your computer’s Ethernet Port.SNMP Management In addition to the Web interface, you can also manage and configure a P-520r using the Simple Network Management Protocol (SNMP). SNMP enables network administrators to manage networkperformance, find and solve network problems, and plan for network growth.In order to manage the device you have to provide your Network ManagementSystem software with adequate MIB files. Please consult your managementsoftware manuals on how to do that. Gemtek Management SystemGemtek Management System (GMS) is a centralized monitoring and management solution for wireless network equipment based on the GEOS operating system. At the heart of GMS is a powerfuland efficient engine that securely gathers, interprets and records information from registered network devices, and makes that information available to network administrators through a convenient,secure, and attractive Web interface.However, as the name implies, the most important feature of GMS is configuration management.GMS can retrieve and/or store configuration files from/to GEOS based devices (that are online and connected to the server) at any time, turning management of large groups of devices from an administrative nightmare into a single click operation. Remote firmware update is part of the core functionality as well, so forget having to individually update firmware on tens or hundreds of networkdevices - just upload the new firmware image to the GMS server and schedule a group firmwareupdate!P-520r Features IEEE 802.11g/b Access Point, Wi-Fi certifiedIntegrated high-gain diversity antennas Power-over-Ethernet support, IEE 802.3af compliant Theft protection system 802.1x/EAPoLAN WPA (PSK, TKIP) Seamless roaming (IAPP support) Virtual local area network support (VLAN) Remote management, remote updatesLayer 2 Isolation (disable peer-to-peer traffic) ACL (Access Control List)Gemtek Systems Page 9
User’s Guide Chapter 1 – Introduction  DHCP client Remote software updateSNMPv1, SNMPv2, incl. traps, MIB-II, IEEE-802.11, Gemtek general Private MIB Operating Modes The P-520r Access Point can work in different operating modes: Access Point (AP) mode:In AP mode the P-520r can connect multiple wireless client stations to a wired network. The Local Area Network and the Wireless Network are from the same IP address space.Access Point with WDS (Wireless Bridge and Wireless Repeater) mode:AWDS (Wireless Distribution System) allows you to create a wireless network infrastructure.Normally, the access points must be connected with a wire (LAN), which is generally an Ethernet connection in business applications. Once connected, these access points create wireless cellsallowing a wireless connection. The WDS feature allows the access points to be wirelessly connectedto another access point, eliminating the need to the wired connection between them. Two WDSconfigurations are described in the following pictures: wireless bridge and wireless repeater.Gemtek Systems Page 10
User’s Guide Chapter 1 – Introduction Wireless Bridge:The first use of the WDS, Wireless Bridge mode is to create the wireless bridge between two or more wired networks, for example networks in different buildings with no wired connections betweenthem. All APs in a WDS have to be configured for the same radio channel and must be configuredwith their WDS partner AP BSSIDs (MAC addresses). The data being transported is bridged transparently; i.e., the data received by the LAN station is identical to data that would be received if both LAN stations had been connected to the same LAN subnet.Antenna Diversity The P-520r Operator Access Point uses antenna diversity to select the best reception signal at the two integrated antennas. Antenna diversity counters the adverse effects of multi-path fading and antennapattern nulls and reduces the packet error rate.The main antenna (at internal connector J4) is used for transmission whereas both antennas, main and aux, can receiving signals. Receive diversity examines only packets directed at the AP. A count of frames received consecutively with FCS errors is compared to the configured threshold value.When this value is reached, the receive antenna used is switched to the other antenna. If a directedframe is received without errors the error count is reset back to zero.Gemtek Systems Page 11
User’s Guide Chapter 1 – Introduction Wireless Repeater:The other use of the WDS, Wireless Repeater mode is to extend wireless area coverage betweenwired and wireless networks. This mode is normally used in large, open areas, where pulling a wire is prohibited or not cost effective and in residential circumstances. By settings up the BSSIDs (MAC addresses) between AP’s WDS partners, stations can intersect with any AP of this BSSID and move between the coverage of both APs. In both cases, the P-520r acts as a network bridge between wireless and wired networks. All data received by the P-520r on its wireless or Ethernet interface is broadcast on the wireless interface to all connected devices that are authorized in the ACL (access control list). Gemtek Systems Page 12
User’s Guide Chapter 2 – InstallationChapter 2 – Installation This chapter provides installation instructions for the hardware and software components of the P-520rOperator Access Point. It also includes the following information:The Packaging ContentsSystem RequirementsHardware IntroductionHardware Installation The Packaging Contents Each Operator Access Point comes with the following:Wireless LAN Access Point P-520rWall mounting clampTool for disassembling the housingTwisted pair LAN cable Power AdapterInstallation CD containing software and documentation:P-520r User Guide in PDF format  Release Note KickStart Utility Product FirmwareAdobe Acrobat Readers Warranty CardIf any of these items are missing or damaged, please contact your reseller orGemtek Systems sales representative.System Requirements The management of the P-520r is independent of your operating system. You will need a computer that is connected to the same IP network as the P-520r (via Ethernet) and the HTML browser (e.g. Internet Explorer, Netscape, Opera). A Windows operating system is required for installing and using the KickStart utility delivered with the product CD. For setting up the integrated 802.1x/EAP based access control function, you need to provide a connection to a Gemtek Systems access controller or a 3rd party RADIUS server.Gemtek Systems Page 13
User’s Guide Chapter 2 – InstallationHardware Introduction Front Panel: LEDs The Operator Access Point has three LED’s located on its front. 1. Power LED2. LAN link LED3. Wireless activity LEDFigure 1 – P-520r LED’s Item LED Color Status IndicationOff Power supply connection not available or broken 1Power LED GreenOn Power supply connection OK Off No LAN connection available2LAN Link LED GreenOn LAN connection OK Off No activity3Wireless activity LED GreenBlinking Sending and receiving dataGemtek Systems Page 14
User’s Guide Chapter 2 – InstallationRear Panel 1. MAC Address of the P-520rThis label shows the Wireless LAN MAC which coincide with LAN MAC address of the device. You can determine the Wireless LAN MAC address byusing the KickStart.Figure 2 – Rear Panel of the P-520rMAC:00904B111698P520r1Gemtek Systems Page 15
User’s Guide Chapter 2 – InstallationA Look Inside Open the housing of the Access Point by pressing the spring latches on the bottom back side of the access point as shown:Figure 3 – Opening the P-520r Housing Looking inside the P-520r you will find some important points: 1. Power Connector Plug for external 5V DCpower supply. For use only when Power-over-Ethernet is not available. We advise to use eitherthe external 5V power supply OR Power-over-Ethernet but not both in parallel.1 2 3 67542. Ethernet Socket for common twisted pair orPower-over-Ethernet cable.3. Reset button: press 1 second to unlock theAccess Point and to set the administrator’spassword to default. Press more than 8 seconds to reset the Access Point to factory default. 4. I-pex Antenna Connectors for internal and external antennas is the J4 connector. For use withoriginal Gemtek Systems antennas and antennacables only!5. After installing the Access Point on the wall,release the spring latch to Removing the Access Point from the Wall. 6. Top Cable Inlet for Ethernet cable or antennacable for additional external antennas.7. Bottom Cable Inlet for Ethernet cable or antennacable for additional external antennas.Figure 4 – Looking Inside the P-520rGemtek Systems Page 16
User’s Guide Chapter 2 – InstallationYou can feed the Ethernet cable, external power supply or antenna cable for additional external antennas in two ways:Through the top cable inletThrough the bottom cable inlet Figure 5 – Top and Bottom Cable Inlet of the P-520rGemtek Systems Page 17
User’s Guide Chapter 2 – InstallationHardware Installation Carefully select the ideal position for your Access Point by considering the followingrecommendations:The length of the Ethernet cable that connects the Access Point to the network must not exceed 100 meters.Place the Access Point in a dry, clean location as far from the ground as possible, such as at thetop of a wall, keeping clear of metal obstructions.Place the Access Point away from transformers, heavy-duty motors, fluorescent lights, microwaveovens, refrigerators, or other equipment that could cause radio signal interference.Locate the AP(s) so that the primary lobe provides coverage where it is required.Don't cover the Access Point with material that absorbs the radio signal (e.g. wooden paneling,walls).Attaching the Access Point to the Wall Step 1 Place the Access Point at the desired location. Use the wall mounting assembly kit that is delivered with the P-520r Access Point. Step 2 Attach the wall mounting clamp to the wall with the spring latch to the upper side using the four screws.Step 3 Connect the rear side of the Access Point to the mounting plate: Figure 6 – Attaching the P-520r Housing to the Mounting Clamp Step 4 Move the housing slightly downward and press until the spring latch is locked in place.The P-520r Access Point is now securely mounted onto the wall and cannot be removed without special tools.Step 5 Open the housing of the Access Point and connect an Ethernet cable to the RJ45socket. Run the cable to the desired cable inlet then close the housing.Step 6 Connect the twisted pair LAN cable to a Power-over-Ethernet device (switch orinjector). At least the power LED and the LAN link LED should light up.Gemtek Systems Page 18
User’s Guide Chapter 2 – InstallationRemoving the Access Point from the Wall Step 1 Open the housing of the Access Point by pressing the spring latches on the upperrear side of the access point using the disassembling tool delivered with your P-520r:Figure 7 – Removing the P-520r Housing Using the Disassembling tool Step 2 Release the housing from the wall-mounting clamp by carefully pressing the springlatch in the center of the device (unit 5 in the Figure 4 – Looking Inside the P-520r) using the point of the disassembling tool: Figure 8 – Releasing the P-520r Housing Step 3 Move the housing slightly upward and remove it. Gemtek Systems Page 19
User’s Guide Chapter 2 – InstallationInitializationThe following paragraphs describe how to access the web configuration interface of the GemtekSystems P-520r. After unpacking and connecting the product for the first time it responds to either the default IP address 192.168.2.2/255.255.255.0 or to a dynamic IP address given by your local DHCPserver. In the later case you need to locate the dynamic IP address of the P-520r with the KickStart utility.Software Introduction: KickStart The Gemtek Systems KickStart is a software utility that is included on the Product CD.The utility automatically detects Gemtek Systems access points installed on your network, regardless of its IP address, and lets you configure each unit’s IP settings. The feature list for the KickStart utility is listed below: Scanning your network for all network devicesQuick access to your AP via http, https, telnet, sshSetting new IP address of your AP Reset to factory default settingsDefault access (in case of lost administrator password) Firmware updatesTo install the KickStart utility insert the Installation CD into your CD-ROM drive. Find and install the utility from the product CD into the computer.If the Installation CD does not start automatically, please run “autorun.exe”manually from the root directory of the installation CD. Access your P-520r Access Point In default configuration your access point IP address is assigned by the DHCP server so for the first web browser connection to your AP launch the KickStart utility that is provided with your product CD and follow the instuctionsStep 1 Install the KickStart utility from the Installation CD. Click Start > Programs > Gemtek Systems > KickStart to launch the application. If the P-520r is connected to your network, the utility will automatically find your device: Gemtek Systems Page 20
User’s Guide Chapter 2 – InstallationStep 2 Select your access point and right click. Select Open WEB item to launch the webmanagement interface through the http connection:Gemtek Systems Page 21
User’s Guide Chapter 2 – InstallationStep 3 Enter the P-520r administrator login details to access the web management interface. The default administrator log on settings for all access point interfaces are: User Name: adminPassword: admin01Step 4 After successful administrator log on you will see the main page of the access point’s web interface:In the center of the screen a menu is displayed with links to the six different setup areas:ConfigurationStatusSetup WizardUpdateHomeContactYou can now perform the initial access point configuration.Gemtek Systems Page 22
User’s Guide Chapter 2 – Installation Reset to the Factory Default SettingsKeep in mind that resetting the device is an irreversible process. Please note thateven the administrator password will be set back to the factory default! If you have mis-configured your device in such a way that you cannot get access to modify its parameters via your Web browser you have two options to reset the device back to its factory default settings.Method one requires access to the internal Reset Button (item 3, inFigure 4 – Looking Inside the P-520r) as described in chapter: Hardware Introduction.The second option is using the KickStart utility provided on the product CD. Note, that the KickStart utility finds you access point is in the different subnet than your computer. To reset the AP using KickStart follow the guideline below:Step 1 Find you P-520r according the Ethernet MAC (Media Access Control) address in the Found Devices table. The Ethernet MAC address is the serial number of the P-520rdecremented by 1 (in hexadecimal).Step 2 Select your access point and right click. Select Reset to Default item to set your device back to the factory defaults.Step 3 Enter the P-520r administrator login details as requested and click OK: Step 4 After successful administrator log on your access point will set back to the default status.Refer to the appendix, section: C) Factory Defaults Values for the P-520r Access Point for a detailed list of factory default values. You can reset your AP even if the administrator password is lost. Use the KickStart utility to access your AP with the default administrator account (login: admin, password: admin01). Follow the guidelines below:This default access function is available only 1 minute after the access point reboot. Step 1 Find you P-520r according the IP address or Ethernet MAC (Media Access Control) address in the Found Devices table. The Ethernet MAC address is the serial numberof the P-520r decremented by 1 (in hexadecimal).Step 2 Select your access point and right click. Select Default Access item to access your device with default administrator settings.Gemtek Systems Page 23
User’s Guide Chapter 2 – InstallationStep 3 Enter the Temporary IP Address for your AP, e.g. 192.168.2.28 (address should be from the same subnet as local host) and click the OK:Step 4 After successful entry of a temporary IP address you can access your access point with the default administrator login. The access point system configuration (except temporary IP address) is left unchanged.Gemtek Systems Page 24
User’s Guide Chapter 3 – Quick SetupChapter 3 – Quick Setup This chapter provides how to setup the P-520r Operator Access Point the step-by step. Setup Wizard To easily configure your access point step-by-step, choose the Setup Wizard from the main menu.With this wizard you are able to configure the following settings:Select the country and regulatory domain in which you will use the access pointSpecify IP addresses (static or dynamic)Define the radio policy (802.11b, 802.11g or Mixed) Specify the network name (SSID) and the radio channelChoose the wireless security settings (No encryption, WEP, WPA) Configure the administrator’s passwordFigure 9 – Main Menu Click Setup Wizard on the top menu and follow the instructions of the Basic Setup Wizard. Click theNext button and a new page with country selection appears.Step 1 Country Selection When County Selection page is displayed you can choose the country in which this access point will be used. Just choose country from drop-down list: Figure 10 – Country SelectionBack – click return to the main wizard page.Next – click to continue the access point setup process.Gemtek Systems Page 25
User’s Guide Chapter 3 – Quick SetupCancel – click to cancel the access point setup process.To continue the setup wizard click the Next button and choose the primary address selection.Step 2 Network SetupThe IP configuration as described below is required for device management purposes. IP addressescan either be retrieved from a DHCP server or configured manually.To setup the device IP configuration manually, choose the Static IP radio button and enter the credentials:Figure 11 – Network Setup SettingsIP Address – specify the access point’s IP address [digit and dots]. When shipped from the factory or reset to factory settings, the AP defaults to a static IP address of 192.168.2.2.Subnet Mask – specify the access point’s subnet mask [digit and dots]. When shipped from the factory or reset to factory settings, the AP defaults to a subnet mask of 255.255.255.0.Gateway – specify the IP address of the access point’s gateway [digit and dots]. When shipped from the factory or reset to factory settings, the AP defaults to a gateway IP address of 192.168.2.1.Select Dynamic radio button, if need that IP address should be assigned by the DHCP server. The static IP settings are displayed but have no affect on the network configuration:Gemtek Systems Page 26
User’s Guide Chapter 3 – Quick SetupFigure 12 – Network SetupTo find your P-520r with dynamic IP settings use the KickStart. Back – click return to the previous wizard page. Next – click to continue the access point setup process.Cancel – click to cancel the access point setup process.Step 3 Internal Radio PolicyWhen the IP configuration is finished click the Next button and new page Internal radio policy is displayed. You can choose now the radio policy. It can be G-only (802.11g), B-only (802.11b) orMixed (allows both 802.11b and 802.11g):Gemtek Systems Page 27
User’s Guide Chapter 3 – Quick SetupFigure 13 – Internal Radio Policy Settings Changing the radio policy could result in a loss of your connection when you are using a wireless connection.Mixed – select the mixed radio policy that allows both 802.11b and 802.11g modes.G-only – select the 802.11g mode to connect 802.11g clients only.B-only – select the 802.11b mode to connect 802.11g clients only. Back – click return to the previous wizard page. Next – click to continue the access point setup process.Cancel – click to cancel the access point setup process.To continue the setup wizard click the Next button. Step 4 Network IdentificationWhen the radio policy is chosen according your needs, you need to specify the Networkidentification settings of your wireless LAN. You can enter now the SSID and choose the radiochannel:Gemtek Systems Page 28
User’s Guide Chapter 3 – Quick SetupFigure 14 – Network Identification Settings Wireless Network Name (SSID) – specify the unique name for your wireless network.Radio Channel – select the channel that the access point uses to transmit and receive information. Back – click return to the previous wizard page. Next – click to continue the access point setup process.Cancel – click to cancel the access point setup process.More about SSID and Radio channel settings see the respective chapter:Configuration | Wireless | Basic SettingsTo continue the setup wizard click Next button. Step 5 SecurityChoose the security method to protect your data that only authorized network users could access the network. You can choose WEP,WPA or No security for your device.If no security is needed, simply choose the No Security radio button: Gemtek Systems Page 29
User’s Guide Chapter 3 – Quick SetupFigure 15 – Security Settings Back – click return to the previous wizard page. Next – click to continue the access point setup process.Cancel – click to cancel the access point setup process.If you ant to choose WEP encryption, just select the Wired Equivalent Privacy (WEP) radio buttonand click Next button to configure the WEP encryption settings. You can then choose the encryptionkey length: Figure 16 – WEP Encryption SettingsKey Length – choose the shared secret’s Key length from drop-down list [64-bits (10 characters)/128-bits (26 characters)].Network Key – specify the shared secret. 5 colon-separated HEX (0-9, A-F, and a-f) pairs (e.g.00:AC:01:35:FF) for the 64-bits WEP encryption; 13 colon-separated HEX (0-9, A-F, and a-f) pairs (e.g. 00:11:22:33:44:55:66:77:88:99:AA:BB:CC) for the 128-bits WEP encryption.Gemtek Systems Page 30
User’s Guide Chapter 3 – Quick SetupBack – click return to the previous wizard page. Next – click to continue the access point setup process.Cancel – click to cancel the access point setup process.To continue the setup wizard click the Next button and the new Administrator Password Setuppage will appear.More about WEP settings see the respective chapter: Configuration | Security |Wireless Security | Wired Equivalent Privacy (WEP)If you want to choose WPA encryption, just select the Wi-Fi Protected Access (WPA) radio button in the Security page and click the Next button to configure the WPA encryption settings. You can now specify the WPA password phrase:Figure 17 – Wi-Fi Protected Access (WPA) Settings Pre-shared Key – specify WPA pre-shared key [8-63 characters].Re-enter Pre-shared Key – re-enter the WPA pre-shared key to verify its accuracy [8-63 character].Back – click return to the previous wizard page. Next – click to continue the access point setup process.Cancel – click to cancel the access point setup process.To configure WPA without pre-shared key but with dynamic key exchange via RADIUS refer to the chapter Configuration | Security | Wireless Security | Wi-Fi Protected Access (WPA)Step 6 Administrator Password Setup After the security settings have been configured successfully click the Next button and the final step Administrator Password Setup will be displayed. Here you can choose and modify the administrator password to protect your AP from unauthorized configuration.If you want to protect your access point from unauthorized access and configuration, select the Usepassword protection checkbox and specify a password: Gemtek Systems Page 31
User’s Guide Chapter 3 – Quick SetupFigure 18 – Administrator Password Setup Settings Password – enter the new password value used for user authentication in the system [4-32 symbols].Confirm Password – re-enter the new password to verify its accuracy.Back – click to return to the main wizard page.Next – click to continue the access point setup process.Cancel – click to cancel the access point setup process.Step 7 Confirm Settings When Administrator’s password configuration is finished, click the Next button to finish the Setup Wizard. You just need to confirm that settings are correct:Figure 19 – Confirm SettingsGemtek Systems Page 32
User’s Guide Chapter 3 – Quick SetupBack – click to return to the previous wizard page.Finish – click to finish the access point setup process.Cancel – click to cancel the access point setup process.Click the Finish button to complete the quick setup wizard. The Access Point is now ready for basicoperation. You can now use the web interface menu to configure many more details for your P-520r.Gemtek Systems Page 33
User’s Guide Chapter 4 – Reference ManualChapter 4 – Reference Manual The following paragraphs describe capabilities and configuration parameters of the web managementinterface of the P-520r Operator Access Point. When the access point is installed you can access and configure the device using a standard web browser.This chapter includes the following subsections:Configuration – to configure essential access point settings: identity, network setup, VLAN, wireless settings, advanced wireless settings, wireless security, unauthorized configurationsettings, download/upload backup configuration, reset device to defaults, SNMP Traps, setupGMS agent, NTP settings, automatic device reboot.Status – to view the system summary, interface statistics, wireless settings, event reporting, to find connected clients.Setup Wizard – quick device setup wizard.Update - device firmware update wizard.Home – click and you will be redirected to the main Status Overview page.Contact – click to view contact information.Web InterfaceThe main menu of the web management is displayed at the top of the page after successfully logginginto the system (see the figure below). From this menu all essential configuration pages can beaccessed.Figure 20 – Web Management Menu By default the Status menu is activated and the current AP Status Overview page is displayed.The web management menu has the following structure: Gemtek Systems Page 34
User’s Guide Chapter 4 – Reference ManualConfigurationConfiguration – identity data of the access point: Settings Summary – the summary of main access point settings Identity – name, location, operator of the access pointLocal Area Network – network interface configuration:Network Setup – IP address, netmask, gateway, Dynamic IP (DHCP) Virtual LAN – VLAN settingsWireless - wireless interface configuration:Basic Settings – SSID, channel selection and other settingsWDS Links – configuration of Wireless distribution Systems (bridge links)Advanced settings – advanced wireless settingsSecurity – access point security settings: Wireless Security – configure wireless security settings: Client Isolation – deny or grant access between clientsAccess Control List (ACL) – access control default policy, static ACL, access controlby MAC addressRADIUS Servers – RADIUS servers IP, port and other settingsWired Equivalent Privacy (WEP) – WEP security802.1x Security – 802.1X network authenticationWi-Fi Protected Access (WPA) – WPA security (encryption and authentication)Management Security – configure access of your access pointSystem – access point system settings:Backup/Restore – reset configuration to factory defaults values and/or reboot, download or/andupload system backup configurationGMS Agent – setup the GMS agent to communicate with GMS server SNMP Traps – SNMP traps settings NTP Settings – configure the NTP service Automatic Reboot – configure the automatic P520r reboot. StatusStatistics/Usage – view system status:Status Overview – the summary of the access point status Interface Statistics – Local Loopback, LAN Ethernet, Internal Radio, WAN Ethernet statistic Wireless Statistics – wireless statistics Event Reporting – the log of important eventsClients – scan for access points and connected clients:Wireless Clients – connected users’ statistics list Access Points – discover access points with internal radioWDS Links – WDS links’ statistics Setup WizardUpdateIn the following sections, short references for all menu items are presented.Gemtek Systems Page 35
User’s Guide Chapter 4 – Reference ManualConfigurationConfiguration | Settings SummaryThe Settings Summary page shows important information of the P-520r: its IP address, SSID, wireless security settings and access control status. The page is not configurable but displays the currentsystem configuration only.Figure 21 – Settings SummarySSID – indicates the unique name for your wireless network.IP Address – indicates the IP address of your P-520r. If two addresses are displayed this means that the access point retrieved its IP address dynamicallyvia DHCP. The first IP address is the IGMP IP multicast address; the second IP is given from DHCPserver’s pool.Wireless Security – indicates if security methods are enabled on your access point [None, WEP, WPA, 802.1X].Access Control – indicates access control status [Any client/Selected clients only].Configuration | Identity The identity data of the access point are displayed here. You can use the first three fields Name,Location,Contact to describe the access point. These fields do not influence the behavior of the access point. But are for information purposes only.Gemtek Systems Page 36
User’s Guide Chapter 4 – Reference ManualFigure 22 – Identity Settings Name – specify the administrative name of the access point [string].Location – specify the location where your device is installed [string].Contact – specify the name of the person/company responsible for the P-520r [string]. MAC Address – displays the MAC address of the access point. Cannot be changed.Access Point Type – displays information on your type of access point. Cannot be changed.Firmware Version – displays the version number of the software that controls the access point.Boot Loader Version – displays the boot loader version.Cancel – restore all previous values.Apply – save changed configuration.Configuration | Local Area Network | Network Setup The IP configuration as described below is required for device management purposes. IP addressescan either be retrieved from a DHCP server or configured manually.Figure 23 – Network Setup Settings IP Address – specify the access point’s IP address [digit and dots]. When shipped from the factory or reset to factory settings, the AP defaults to a static IP address of 192.168.2.2.Gemtek Systems Page 37
User’s Guide Chapter 4 – Reference ManualSubnet Mask – specify the access point’s subnet mask [digit and dots]. When shipped from the factory or reset to factory settings, the AP defaults to a subnet mask of 255.255.255.0.Gateway – specify the IP address of the access point’s gateway [digit and dots]. When shipped from the factory or reset to factory settings, the AP defaults to a gateway IP address of 192.168.2.1.If you change the IP address manually, make sure that the chosen IP address is unused and belongs to the same IP subnet as your wired LAN, otherwise you willloose the connection to the P-520r from your current PC.If you enable the DHCP client via a Web browser, the browser will loose the connection after rebooting,because the IP address assigned by the DHCP server is not predictable.If Dynamic is selected the static IP settings are displayed but have no affect on the network configuration. The dynamic IP address and gateway address as assigned by the DHCP server are applied to the system after restart.To find your P-520r with dynamic IP settings use a utility such as Gemtek Systems KickStart.Configuration | Local Area Network | Virtual LAN A Virtual Local Area Network (VLAN) is a mechanism to segregate devices or groups of devices on the same physical LAN. P-520r allows the definition of a VLAN by a VLAN identifier. If you enable the VLAN functionality in the menu Configuration | Local Area Network | Virtual LAN all traffic from the wireless LAN to the LAN will be tagged with the specified VLAN ID. Incoming traffic from the wired LAN not tagged with the appropriate VLAN ID is discarded by the AP. Figure 24 – Virtual Local Area Network (VLAN) Settings To define a VLAN membership on the access point, select the checkbox and enter the VLAN identifier:Figure 25 – Enable Virtual Local Area Network (VLAN)VLAN id – specify the ID for your VLAN network [1 to 4094]. Wireless client devices connected to the AP are grouped into this VLAN. Cancel – restore all previous values.Apply – save changed configuration.Gemtek Systems Page 38
User’s Guide Chapter 4 – Reference ManualWhen VLAN is enabled you can view this interface statistic in Status | Interface Statistics page.There you can see such parameters as interface status, InOctets, InUcast, InMcast, OutOctets,OutUcast and OutMcast.Configuration | Wireless | Basic Settings Use the Configuration | Wireless | Basic Settings menu to configure the most relevant wirelesssettings of your access point.Figure 26 – Basic Wireless Settings IAPP – select this checkbox to enable seamless roaming of client stations between P-520r APs. By using the Inter-Access Point Protocol (IAPP) roaming, a client can be hand-over between accesspoints when changing its physical location. The IAPP protocol is used to ensure all relevant session information is delivered to the new AP to which the client is moving. IAPP roaming is compatible with other Gemtek Systems products.Look at the scheme for more details about IAPP roaming: Gemtek Systems Page 39
User’s Guide Chapter 4 – Reference ManualIAPP RoamingAP1 AP2ClientRADIUS ServerFigure 27 – IAPP Roaming SchemeThe wireless client is switched from AP1 to AP2 when entering the coverage area of the new accesspoint (AP2). The roaming is performed without client re-authentication. The IAPP protocol ensures to inform the old AP1 of the new client association. The AP1 then stops the client RADIUS session, and the AP2 starts the client’s session with the RADIUS.IAPP roaming requires that all access points share the same SSID. Wireless Network Name (SSID) – is a unique name for your wireless network [1-32 symbols]. The default SSID is "P520" but you should change this to a personal wireless network name. The SSID is important for client stations when connecting to the access point. All client stations must have their client SSID settings configured and must use the same SSID. Band – click on the change policy… link and choose the policy of internal radio mode [Mixed/G-only/B-only].Changing the radio policy could result in a loss of your connection when you are using a wireless connection.Radio Channel – select the channel that the access point uses to transmit and receive information. Multiple frequency channels are used to avoid interference between nearby access points. If you wish to operate more than one access point in overlapping coverage areas, we recommend a distance of at least four channels between the chosen channels. For example, for three access points in closeproximity choose channels 1, 6 and 11. Click on the autochannel… link and a pop-up window with auto channel settings will appear. You can now select a list of preferred channels: Gemtek Systems Page 40
User’s Guide Chapter 4 – Reference ManualFigure 28 – Auto Channel Settings The auto-channel function is a great technique to minimize interference between access points. With auto-channel selection enabled the P-520r will regularly scan the air for neighboring access points and selects the channel with the least expected interference. The range of scanned channels can be limited by the administrator.Do not use auto-channels when using WDS, otherwise the access points will not be able to communicate between each other wirelessly.PRISM Nitro– increases the performance in 802.11g and mixed-mode environments. The Nitro technology provides up to 50% more throughput in g-only networks; up to 300% more in mixed-mode(802.11b and 802.11g) networks by eliminating collisions and employing packet bursting technology.A maximum of 140Mbps throughput can be reached by selecting a packet burst lengths of 1500Ps:Off – switch off PRISM Nitro,Minimum – burst length is 650 Ps,Medium – burst length is 1000 Ps,Maximum – burst length is 1500 Ps;Broadcast SSID – when selected your AP’s SSID is visible during network scans on a wirelessstation. When unselected, the AP’s SSID is not visible and not broadcasted to wireless stations.. Cancel – restore all previous values.Apply – save changed configuration. Gemtek Systems Page 41
User’s Guide Chapter 4 – Reference ManualConfiguration | Wireless | WDS Links The access point P-520r supports the definition of a WDS (Wireless Distribution System). In WDS mode a P-520r can act as wireless bridge or wireless repeater. Choose the Configuration | Wireless | WDS Links menu if you want to setup bridge links between different access points while connectingwireless client stations in parallel. Up to seven access points can be interconnected in a wirelessdistribution system.In the WDS table bride links can be defined by selecting WDS ready access points by their MACaddress. Make sure that the radio channel and the data rates for all WDS APs are set to the samevalues.APs that relay data received from a wireless station to another access points (andvice versa) have to receive and send each packet over the same channel. Hencethe overall throughput will be reduced for each relay link. As an option WDS links to other APs can be added manually by specifying the MAC address of the remote AP. APs participating in a WDS network DO NOT have to be configured with the sameSSID.Add AP in WDS from the WDS Links table:In the menu Configuration | Wireless | WDS Links you can find a table of remote access points that you can connect to via a WDS Link. On this table an administrator can see access points, their operating channels, data rates, RSSI (Received Signal Strength Indication) and the Age of the last signal.Select the checkbox to add an access point to the Wireless Distribution System. The checkboxes willbe active only of those WDS links that uses the same channel as your device:Figure 29 – WDS Links for Internal Radio TableEnable – select if need to add the access point to Wireless Distribution System. Peer address – displays the MAC address of the access point.Name – specify the name of chosen WDS Link. Gemtek Systems Page 42
User’s Guide Chapter 4 – Reference ManualSSID – displays the SSID of the access point. Data Rates – displays the transmit data rates of the remote access point.Channel – displays the channel that the access point uses to transmit and receive information.Age –indicates the age of the last information received from the remote access point in seconds.RSSI – shows the Received Signal Strength Indication (RSSI) of the access point.Cancel – restore all previous values.Apply – save changed configuration.When the required WDS Link is selected, enter the name of chosen WDS Link:Figure 30 – Specify the WDS Link NameCancel – restore all previous values.Apply – save changed configuration.Add AP in WDS manually:When a WDS APs is not shown in the WDS table automatically you can add it manually by entering the MAC address of the remote AP. Click on the Add WDS Link button. Gemtek Systems Page 43
User’s Guide Chapter 4 – Reference ManualFigure 31 – Add WDS Link ManuallyOK – saves added new WDS Link in the WDS Links for internal radio table. Cancel – close the Add Wireless Distribution Link window without saving information.Follow the example to see how to configure a WDS.Case 1 – AP with WDS (Wireless Bridge).Create the wireless bridge between two wired networks: AP1 can be configured to forward all data to AP2 and vice versa. AP2WDS LinkAP1Wired LANWired LANGemtek Systems Page 44
User’s Guide Chapter 4 – Reference ManualStep 1 Choose the wireless MAC address of AP2 in the web configuration interface of AP1,menu WDS Links.Step 2 Choose the wireless MAC address of AP1 in the web configuration interface of AP2,menu WDS Links.Step 3 Select the same radio channel and the data rates for both APs using the WirelessSettings menu.Case 2 – AP with WDS (Wireless Repeater)This example shows a configuration where one AP relays all traffic wirelessly to another AP. In the picture below Station 1 is connected to the wired LAN via AP1 and AP2. AP 1 acts as a repeaterbetween Station 1 and AP2.AP1WDS LinkAP2Wired LANAP3WDS LinkStep 1 Choose the wireless MAC address AP2 and AP3 in the AP1 Web interface WDSLinks menu under the Configuration.Step 2 Choose the wireless MAC address AP1 in the AP2 Web interface WDS Links menuunder the Configuration.Step 3 Choose the wireless MAC address AP1 in the AP3 Web interface WDS Links menuunder the Configuration.Step 4 Select the same radio channel for both APs using the Wireless Settings menu underthe Configuration.Gemtek Systems Page 45
User’s Guide Chapter 4 – Reference ManualConfiguration | Wireless | Advanced Settings For normal operation the following default settings do not need to be modified. Changing the P-520r advanced settings requires expert knowledge of the 802.11 protocol and the radio functionality.The configuration menu Configuration | Wireless | Advanced Settings allows administrators to change low level radio parameters and antenna diversity settings: Figure 32 – Advanced Wireless Settings Operational Rate Set – this setting specifies the set of Supported and Basic data rates at which the station may transmit data. Each rate shall be within the range from 2 to 127, corresponding to data rates in increments of 500 kb/s from 1 Mb/s to 63.5 Mb/s, and shall be supported for receiving data.This value is reported in transmitted Beacon, Probe Request, Probe Response, Association Request,Association Response, Reassociation Request, and Reassociation Response frames, and is used to determine whether a BSS with which the station desires to synchronize is suitable. Operational rate set is defined as hexadecimal string where highest bit of each digit represents if Supported rate is the Basic rate (basic rate = supported rate | 0x80, where “|” means “bitwise or”operation).Beacon Period – this setting specifies the amount of time between beacons in milliseconds. A beacon is a packet broadcast by the access point to synchronize the wireless network.RTS Threshold – this setting specifies the maximum packet size beyond which the Wireless LANCard invokes its RTS/CTS mechanism. Packets that exceed the specified RTS threshold trigger the RTS/CTS mechanism. The NIC transmits packets smaller than this threshold without using RTS/CTS [[0-2347] default: 2347 (2347 means that RTS is disabled)].Fragmentation Threshold – the fragmentation threshold, specified in bytes, determines whetherpackets will be fragmented and at what size. On an 802.11 wireless LAN, packets exceeding thefragmentation threshold are fragmented, i.e., split into, smaller units suitable for the circuit size.Packets smaller than the specified fragmentation threshold value are not fragmented [[256-2346]default: 2346 (2346 means that fragmentation is disabled)].Enable TX and RX Diversity – choose this option to enable or disable the antenna diversity. Gemtek Systems Page 46
User’s Guide Chapter 4 – Reference ManualUse the antenna diversity to select the best reception signal at the two integrated antennas. The main antenna is used for transmission whereas both antennas, primary and secondary, can receivesignals. Receive diversity examines only packets directed at the AP. A count of frames receivedconsecutively with FCS errors is compared to the configured threshold value. When this value isreached, the receive antenna used is switched to the other antenna. If a directed frame is receivedwithout errors the error count is reset back to zero. If the antenna diversity option is enabled, the Antenna Used To Transmit and AntennaUsed To Receive settings have no effect. Antenna Used To Transmit – choose the single antenna for transmitting [primary/secondary].Antenna Used To Receive – choose the single antenna for receiving [primary/secondary].Cancel – to restore all previous values.Apply – to save changed configuration.Configuration | Security | Wireless Security | Client Isolation Use the Configuration | Security | Wireless Security| Client Isolation menu to configure the layer 2 user isolation feature. Select the Use Client Isolation checkbox to enable Layer 2 wireless client separation. In this case connected wireless stations are not able to communicate with each other. The client stations are isolated on MAC address level. Figure 33 – Client Isolation SettingsBack – to return to the main Wireless Security Settings page.Cancel – to restore all previous values.Apply – to save changed configuration.Configuration | Security | Wireless Security | Access Control List In the Access Control Settings page (Access Control List (ACL) menu under the Configuration | Security | Wireless Security) you can specify default access policy for the Wireless device interfaceor define special access rules. To enable Access Control List select the Enable access control listcheckbox.Default Access: select Accept to allow all mobile clients to access this access point or Reject toprevent all mobile clients from accessing your access point. Clients may also be subject to rules in the Access control table.Gemtek Systems Page 47
User’s Guide Chapter 4 – Reference ManualFigure 34 – Access Control List (ACL) Settings You can further create your own access list if you need to define special access rules for specificnetwork devices. The access control list is based on the network device's MAC address. In the access control table, you need only specify the network device MAC address and its access policy (accept/reject) with the new rule. Add – click to add ACL rule.Delete – click to remove selected ACL rule.Back – to return to the main Wireless Security Settings page.Cancel – to restore all previous values.Apply – to save changed configuration.Click the Add button to add new ACL rule and new pop-up window Add a Client appears. Thedefinition of new rules is shown in the following example:Figure 35 – Add New ACL RuleMAC Address – specify the MAC address of the device you want to add to the ACL. The format is a list of colon separated hexadecimal numbers (for example: 00:00:78:0A:CD:FF).Gemtek Systems Page 48
User’s Guide Chapter 4 – Reference ManualAccess – select the permission of the rule to determine whether the specified network device shall be accepted or rejected by the access point.OK – saves added new ACL rule into configuration.Cancel – close the Add a Client window without saving information.Click the Delete button to remove desired ACL rule, and new pop-up window Delete Clients appears.You can select the MAC addresses that should be deleted as shown on the following example:Figure 36 – Delete Selected Clients' MAC addressesOK – removes selected ACL rule from the list. Cancel – close the Delete Clients window without saving information.Configuration | Security | Wireless Security | RADIUS Servers Only 2 RADIUS servers can be configured on the system: one Authentication andone Accounting.RADIUS is an authentication, authorization and accounting (AAA) system. RADIUS enables operatorsto maintain a very large database of users. By using RADIUS, operators can implement policy-basedmanagement of their subscriber base. RADIUS further enables the collection of usage data (e.g.amount of time, amount of transferred bytes, and session time) for accounting purposes. Use the Configuration | Security | Wireless Security| RADIUS Servers menu to configure the RADIUS servers’ list and settings. By default there is no RADIUS server on the system: Gemtek Systems Page 49
User’s Guide Chapter 4 – Reference Manual Figure 37 – RADIUS Servers' Settings Re-authentication Time – specify the number of seconds after which the access point re-authenticates client stations [0-2147483647]. The default value is 3600 seconds. If 0 is entered it means that stations will not have to re-authenticate as long as they are connected.IP address – displays RADIUS server’s IP address.Port Number – displays RADIUS server’s port number.Type – displays RADIUS server’s type. Add – click to add RADIUS server.Delete – click to remove selected RADIUS server.Back – to return to the main Wireless Security Settings page.Cancel – to restore all previous values.Apply – to save changed configuration.In the default configuration no RADIUS servers are define on the system. Click the Add button to addnew RADIUS server and new pop-up window Add RADIUS server appears. You can define the RADIUS server’s parameters as shown on the following example: Figure 38 – Add RADIUS ServerServer Type – select the RADIUS server’s type [authentication/accounting].Gemtek Systems Page 50
User’s Guide Chapter 4 – Reference ManualIP Address – enter the RADIUS server IP address [digit and dots].UDP Port – specify the network port used to communicate with RADIUS [1-65535]. Default: 1812.The port default value is 1812 in accordance with RFC 2865 " RemoteAuthentication Dial-in User Service (RADIUS)".Secret – specify the shared secret string that is used to encrypt data frames used for RADIUS servers[4-64 symbols].Confirm Secret – re-enter the RADIUS secret to verify its accuracy.OK – saves added new RADIUS server into configuration.Cancel – close the window without saving information.Click the Delete button to delete desired RADIUS server, and new pop-up window Delete RADIUSServers appears. You can select the RADIUS server that should be deleted as shown on thefollowing example: Figure 39 – Delete RADIUS serverOK – removes selected RADIUS servers from the system.Cancel – close the window without saving information.Configuration | Security | Wireless Security | Wired Equivalent Privacy (WEP) WEP is a data privacy mechanism based on a 64-bit or 128-bit shared key algorithm as described in the IEEE 802.11 standard. Static WEP uses a symmetric scheme where the same key and algorithmare used for both encryption and decryption of data. Use the Configuration | Security | Wireless Security| Wired Equivalent Privacy (WEP) menu to configure the WEP encryption.The checkbox Use WEP Encryption defines if encryption will be used or not. To enable WEPencryption, select this checkbox:Gemtek Systems Page 51
User’s Guide Chapter 4 – Reference ManualFigure 40 – Wired Equivalent Privacy (WEP) Settings Enter the encryption key to be used to encrypt and decrypt wireless traffic: 64-bits – specify pre-shared key as 5 colon-separated HEX (0-9, A-F, and a-f) pairs (e.g. 00:AC:01:35:FF).128-bits – specify pre-shared key as 13 colon-separated HEX (0-9, A-F, and a-f) pairs (e.g. 00:11:22:33:44:55:66:77:88:99:AA:BB:CC).Back – return to the main Wireless Security Settings page.Cancel – restore all previous values.Apply – save changed configuration.The same encryption key must also be entered into the WLAN card configuration of the mobile clients.Configuration | Security | Wireless Security | 802.1x Security 802.1X security is available only if RADIUS server is configured on the P-520rsystem.Use the Configuration | Security | Wireless Security| 802.1x Security menu to setup the 802.1Xsecurity settings. This security always uses dynamic WEP keys which length you can choose by simply selecting the radio button.To enable 802.1x security, select the checkbox and choose the desired Key Size and settings for Rekeying:Gemtek Systems Page 52
User’s Guide Chapter 4 – Reference ManualFigure 41 – 802.1X Security SettingsKey Size and Group Rekeying unavailable when using WEP security.64-bits – indicates that a 64-bit key is chosen for 802.1x security. 128-bits – indicates that a 128-bit key is chosen for 802.1x security.No rekeying – indicates that Group Key will not be changed dynamically.Rekey every … minutes – specify the time period in minutes, after which the group key will beupdated [1-71582788]. Default value is 60 minutes.Rekey every … x1000 packets – specify the number of transmitted packets, per 1000 packets, after which the group key value will be updated [1-4294967295]. Default value is 10x1000 packets.Configuration | Security | Wireless Security | Wi-Fi Protected Access (WPA) Wi-Fi Protected Access provides a higher level of protection for wireless LAN client stations as it includes methods for mutual authentication, strong encryption, and data integrity. WPA takes theoriginal master key only as a starting point and derives its encryption keys dynamically from thismaster key. WPA regularly changes and rotates the encryption keys so that the same encryption key is never used twice. Key exchange is done automatically transparent to the user.To enable the WPA security for your WLAN you need:An access point that has WPA support like the Gemtek Systems P-520rA wireless network card with WPA ready driver A supplicant that supports WPA (e.g. Windows XP client)To configure the WPA with pre-shared key security on the P-520r use the Configuration | Security | Wireless Security| Wi-Fi Protected Access (WPA) menu, select the WPA with pre-shared keysecurity method and enter the shared secret:Figure 42 – WPA with Pre-shared Key SettingsPre-shared Key – specify the pre-shared key for WPA security [8-63 characters].Re-enter Pre-shared Key – re-enter pre-shared key to verify its accuracy. Gemtek Systems Page 53
User’s Guide Chapter 4 – Reference ManualThe pre-shared key must match the one configured on your WLAN client stations.Back – return to the main Wireless Security Settings page.Cancel – restore all previous values.Apply – save changed configuration.WPA with RADIUS server makes use of external AAA (RADIUS) server to generate and exchange dynamic WPA keys between P-520r and the client stations. To configure WPA with a RADIUS server select the WPA with RADIUS server security method radio button and enter the Group Key Rekeysettings:Figure 43 – WPA with RADIUS Server SettingsNo rekeying – indicates that Group Key will not be rekeyed.Rekey every … minutes – specify amount of minutes and WPA automatically will generate a newRekey every … minutes – specify the time period in minutes, after which the group key will beupdated [1-71582788]. Default value is 60 minutes.Rekey every … x1000 packets – specify the number of transmitted packets, per 1000 packets, after which the group key value will be updated [1-4294967295]. Default value is 10x1000 packets.Update Group Key if station leaves BSS – when selected, the group key value will be updated if wireless client leaves BSS. Configuration | Security | Wireless Security | Management Security Use the Configuration | Security | Wireless Security | Management Security menu for changingthe administrator’s password and to lock the access point for any further configuration changes.The default administrator settings for all access point interfaces are:username - adminpassword - admin01The username is not configurable parameter, so it cannot be changed.Gemtek Systems Page 54
User’s Guide Chapter 4 – Reference ManualFigure 44 – Change Administrator's PasswordNew Password – specify new password value used for user authentication in the system [4-32characters].Confirm Password – re-enter the new password to verify its accuracy.Change Password – changes new specified administrator’s password.The password is also the SNMP Read-write community string. If the password ischanged the SNMP community string will be changed as well. Use Lock Access Point to prevent modifications to the current device configuration.Figure 45 – Lock Access PointLock Access Point – click the button to lock the P-520r.This action denies system configuration modifying. You will not be able to configure any of device settings. To unlock the access point you need the physical access to the P-520r and press the reset button on the device for 1 second.Keep in mind that reset button will set the administrator password back to default: User Name: adminPassword: admin01Configuration | System | Backup/Restore To restore s saved system configuration, set factory defaults or download current system configuration use the Backup/Restore menu.Restore Configuration allows you to upload a backup configuration from disk to the P-520r. Simplyselect the configuration file from disk and click upload:Figure 46 – Upload System Configuration FileBrowse – specify file you want to upload location.Upload – upload system configuration on the system.Gemtek Systems Page 55
User’s Guide Chapter 4 – Reference ManualBackup Configuration allows you to download the current system configuration and save to a file. Simply click the Backup button and specify the file location and name.Figure 47 – Download System Configuration FileBackup – save the configuration as a file on your computer.Restore Default Configuration sets the device back to its original or default configurationCheck the Factory defaults values in the Appendix section: C) Factory DefaultsValues for the P-520r Access PointFigure 48 – Restore Default ConfigurationRestore – reset device to factory default values. Keep in mind that resetting the device is an irreversible process.Please note that also the administrator password will be set back to the factory default.Reboot. Click this button to reboot the access point:Figure 49 – Reboot the Access Point Configuration | System | GMS Agent At the heart of the P-520r management subsystem is a simple text based configuration file and GMS agent which in pair with GMS server creates a structure for fast wireless network deployment and robust administration. Properly configured the GMS agent can:send heartbeat notifications with standard and optional information to the GMS server,report device's extended status configuration to the GMS server,report device's current configuration to the GMS server,download and apply/merge full or partial configuration from the GMS server,download and update device's firmware from the GMS server.The GMS agent starts at the very end of the system startup process. It reads its configuration directlyfrom the system configuration file. Enable the GMS agent: Figure 50 – Enable the GMS Agent Gemtek Systems Page 56
User’s Guide Chapter 4 – Reference ManualUse GMS System – select this checkbox to enable association of the device with GMS server.Setup connection to GMS server settings:Figure 51 – Connection to GMS server settingsUse Persistent – select the checkbox to make a persistent connection to the GMS server. If enabled,the connection to the GMS server will be kept persistent; if disabled, the connection will be established and subsequently closed after all server responses are processed for every heartbeatnotification.Timeout – specify the maximum number of seconds to wait for a response from the GMS serverbefore considering the connection as having timed out. Default: 60 seconds.Setup multicast settings:Figure 52 – Multicast SettingsIP address – specify the IP multicast group address to listen on during automatic GMS serverdiscovery. Default: 224.0.6.128. Port – specify the port to bind to when listening on an IP multicast group during automatic GMSserver discovery [1-56635]. Default: 45144.Interface Name – specify the name of the interface to bind to when listening on an IP multicast groupduring automatic GMS server discovery [default: br0]. The interface is optional, but it is highly recommended to define it. If no interface is provided, GMS agent will try to bind on all interfaces. Thiswill succeed only if default or multicast route is configured on the system. Otherwise GMS agent will keep trying to bind and report errors to system log. It is not recommended to change default multicast settings. In case incorrectsettings are specified, the device will not be able to discover the GMS server location.Specify the authentication settings:Figure 53 – specify GMS Authentication Settings Certificate Path – specify the name of GMS client certificate PKCS12 file [file name]. It should be stored in /usr/etc/ directory on device.Gemtek Systems Page 57
User’s Guide Chapter 4 – Reference ManualPassword – specify the password for certificate PKCS12 file [string]. Only used if the certificate key is encrypted.Identifier – specify the unique identifier used for client authentication [all ASCI characters].Gemtek Systems Page 58
User’s Guide Chapter 4 – Reference ManualSpecify the alarms settings:Figure 54 – Specify the Alarm Settings Use Alarms – select the checkbox if need to enable the alarm gathering.Level – specify the message level [emergency/alert/critical/error/warning/notice/info/debug].Messages that have this level or any level of greater importance are considered alarms and are reported to the RCMS agent. Default – errors.Specify the heartbeat settings: Figure 55 – the Heartbeat Settings URL – specify the URL of the GMS server that heartbeat notifications are sent to (and, subsequently,server responses are read from and processed)Interval – specify the interval, in seconds, between subsequent heartbeat notifications. Default: 30. You can configure the device monitoring specifying the Object Identifier (OID) and the name of the statistic to gather the information from. Simply click Add button under the table and specify settings: Figure 56 – Add the OID Name – specify optional attribute name.Object Identifier (OID) – specify the local SNMP OID to gather the information from [SNMP OID] Up to 16 OIDs can be added on the system.OK – click to add OID in the table. Gemtek Systems Page 59
User’s Guide Chapter 4 – Reference ManualCancel – close the Add OID window without saving information.Use the SNMP agent to discover what OIDs are implemented on P-520r and can be monitored on the GMS server.Configuration | System | SNMP Traps SNMP is another management interface for the P-520r. In particular it provides the ability to send trap messages with notifications or alarms to a management system. You can configure the SNMP agentin P-520r to send SNMP traps to one or more SNMP managers. By default no SNMP manager hosts are defined:Figure 57 – SNMP Traps TableTo add a new trap host IP address for P-520r click the Add button and a new pop-up window AddTrap Host IP Address appears:Figure 58 - Add Trap Host IP IP Address – specify the SNMP manager IP address.OK – saves added SNMP manager IP address into configuration. Cancel – close the window without saving information.Click the Delete button to delete desired SNMP traps hosts and a new pop-up window Delete Trap Host IP addresses appears. You can select the hosts’ IP addresses that should be deleted as shownon the following example: Gemtek Systems Page 60
User’s Guide Chapter 4 – Reference ManualFigure 59 – Delete Trap Host IPOK – removes selected SNMP manager IP addresses from the system.Cancel – close the window without saving information.Configuration | System | NTP Settings The NTP (Network Time Protocol) is used to synchronize the clock of the access point to a selectedtime reference. You can synchronize the system clock settings using the Configuration | System | NTP Settings menu:Figure 60 – NTP Settings Local Time – displays the current system date and time. Enable NTP – select this option if you want to specify auto time settings (using NTP server).Time Zone (+/-hh:mm) – specify time zone for NTP time [-12.00 – +12.00]. The NTP server returnsGMT + 00.00 time if not specified otherwise.The Time Zone is taken into account for the time displayed in the managementGUI, however the system works on GMT (UTC)Gemtek Systems Page 61
User’s Guide Chapter 4 – Reference ManualNTP Server – displays the NTP server.Cancel – click the button to cancel changes.Apply – click the button to save auto time and date settings.To add the NTP host, click Add button under the NTP server’s table and a new pop-up window AddNTP Server appears:Figure 61 – Add a New NTP Server NTP Server – specify the trusted NTP server host [1-128].OK – saves added NTP host into configuration.Cancel – close the window without saving information.There is a possibility to add an additional NTP service host. The secondary NTP server will be used if connection to the previously defined NTP server is lost.Click the Delete button to delete desired NTP hosts and a new pop-up window Delete NTP Serverappears. You can select the hosts’ IP addresses that should be deleted as shown on the followingexample:Gemtek Systems Page 62
User’s Guide Chapter 4 – Reference ManualFigure 62 – Delete a NTP serverOK – removes selected NTP host from the system.Cancel – close the window without saving information.Configuration | System | Automatic Reboot The Automatic Reboot feature allows to reboot the P-520r device automatically at the scheduled time. Figure 63 – Automatic Reboot ConfigurationEnable Automatic Reboot – select this option if you want to activate Automatic Reboot function and specify settings. Reboot date (yyyy-mm-dd) – specify the reboot date value [year-month-day]. Reboot time (hh:mm) – specify the reboot time [hours:minutes].Reboot every (hours) – specify the time period in hours for every next reboot [0-1000].Cancel – click the button to cancel changes.Apply – click the button to save automatic reboot settings.Gemtek Systems Page 63
User’s Guide Chapter 4 – Reference ManualStatusStatus | Statistics/Usage | Status OverviewUse the Status | Statistics/Usage | Status Overview menu for a summary of status information of your access point. Figure 64 – Status OverviewUptime – indicates the time, expressed in hours, minutes and seconds since last reboot[hours:minutes:seconds].Wireless Clients – indicates the total number of currently connected client stations. Click on thehyperlink Status | Clients | Wireless Clients to see more details for individual clients. Packets Sent – indicates the data volume transmitted to the wireless LAN since reboot.Packets Received – indicates the volume of data received since reboot. Last Log – indicates the time when the access point has sent the most recent event message.Highest Priority – shows the priority level of the last event [Emergency/Alert/Critical/Error/Warning/Notice/Info/Debug].Status | Statistics/Usage | Interface Statistics Use the Status | Statistics/Usage | Interface Statistics menu for a summary of interface statisticsGemtek Systems Page 64
User’s Guide Chapter 4 – Reference ManualFigure 65 – Interface StatisticsInterface – indicates a unique name for each interface.Status – shows the current operational state of the interface [up/down].InOctets – indicates the amount of received bytes on the interface, including framing characters.InUcast – totals unicast frames received at the port excluding discards. InMcast – totals multicast frames received at the port excluding discards. OutOctets – shows the total transmitted frames of the interface in bytes, including framing characters.OutUcast – totals unicast frames transmitted from the port including discards.OutMcast – totals multicast frames transmitted from the port including discards.Status | Statistics/Usage | Wireless Statistics Use the Status | Statistics/Usage | Wireless Statistics menu to view information regarding datatraffic for the Wireless interface.Figure 66 – Wireless StatisticsTransmitted Fragments – displays the total of transmitted fragmented frames.Transmitted Multicasts – displays the total of transmitted multicast frames. Transmitted Frame Count – displays count of successfully transmitted MSDU (MAC Service Data Units).Failed Packets – displays the total of not transmitted MSDU.Retry Count – displays the number of successfully transmitted MSDU after one or more retransmissions.Multiple Retry Count – displays the number of successfully transmitted MSDU after more than one retransmissions.Duplicate Frames – displays the total of duplicate frames. Gemtek Systems Page 65
User’s Guide Chapter 4 – Reference ManualRTS Success Count – displays the total of successfully received RTS packets. RTS Failure Count – displays total of not received RTS packets.ACK Failure Count – displays total of expected but not received ACK (acknowledgement) frames. Received Fragment Count – displays total of each successfully received MPDU (MAC Protocol DataUnit) of type Data or Management.Received Multicasts Count – displays the total of MSDU, received with the multicast bit set in the destination MAC address.FCS Errors – displays count of FCS (Frame Check Sequence) errors in received MPDU. WEP Undecryptable – displays the number of not decrypted frames.Status | Statistics/Usage | Event Reporting The event reporting system informs about internal services and provides debug messages in case of malfunctions or network problems. The trace system can help operators to locate mis-configurationsand system errors. Use the Status | Statistics/Usage | Event Reporting menu to view current syslogmessages in case of troubleshooting of one of the services:Figure 67 – Event ReportingReset Eventlog – delete all displayed logged messages.Report Level – shows how important the event (or how critical the error) is [Emergency/Alert/Critical/Error/Warning/Notice/Info/Debug].Gemtek Systems Page 66
User’s Guide Chapter 4 – Reference ManualFacility – indicates the unique identifier of the facility that generated the event. A facility can be a hardware device, a protocol, or a module of the system software.[Kernel/User/Security/Clock/LogAudit/LogAlert/System/Network/Wlan/management]ID – indicates an internal number for the event. Description – indicates description of the event. Count – indicates the number of times this event has occurred. Occurrence – indicates time when this event has occurred, in months, days andhours:minutes:seconds since the access point was started.Status | Clients | Wireless Clients All clients currently connected to the P-520r access point are listed in the Wireless Clients table. Select the Status | Clients | Wireless Clients menu if you want to get statistics regarding wirelessclients.The wireless clients are listed by their MAC address,Rate,Quality,RSSI,State and Ageparameters:Figure 68 – Connected Wireless Clients MAC Address – displays wireless client’s MAC address.Rate – displays the current data rate in Mbps.Quality – displays an indicator for the quality of the client (not supported yet). RSSI – displays the Received Signal Strength Indication (RSSI) in dBm of the client. State – displays the connection status between client and AP [Disconnected/ DiscAndUlPreauth/llAuthenticated/ llAuthAndUlPreauth/ Associated/ ulAuthenticated/ Key Distribution/Forwarding/Rejected]. Only clients in the state Forwarding will be able to send/receive data to/from other devices. Age – shows the age in seconds of the last information received from the client. The age is reset to 0 if any activity of this client is detected.Status | Clients | Access Points The page shows information about other wireless LANs in range. With this site survey administratorcan scan for neighboring access points; check their operating channels, view MAC addresses, Data rates, and other parameters. The site survey does not interrupt any client or WDS connection.Gemtek Systems Page 67
User’s Guide Chapter 4 – Reference ManualFigure 69 – Detected Access Points with Internal RadioBSSID – displays the MAC address of the remote access point. SSID – displays the network name (SSID) of the remote access point.Data Rates – displays the range of data transmission rates supported by a device in megabits per second (Mbps).Channel – displays the channel of the remote access point. Age – shows the age in seconds of the last information received from the remote AP. The age is resetto 0 if any activity of this access point is detected.RSSI – displays the Received Signal Strength Indication (RSSI) of the remote access point.Status | Clients | WDS Links This page displays status information about current bridge connections to other APs (WDS links).Figure 70 – WDS Link Statistics TablePeer address – displays the MAC address of the remote WDS access point/bridge.Name – shows the name of the WDS Link.SSID – displays the SSID of the access point. Data Rates – displays the data rates.Channel – displays the radio channel for transmit and receive Age – shows the age in seconds of the last information received from the remote AP. The age is resetto 0 if any activity of this access point is detected.RSSI – displays the Received Signal Strength Indication (RSSI) of the remote access point.Gemtek Systems Page 68
User’s Guide Chapter 4 – Reference ManualUpdateWe recommend to regularly check for new Software updates on the GemtekSystems website: http://www.gemtek-systems.comTo update your device firmware, use only the original Gemtek System firmware image and click the update button on main menu. New Update Wizard pop-up window appears.Figure 71 – Update WizardNext – click to continue the firmware update process.Cancel – click to cancel the firmware update process.To start update, click the next button and specify the full path to the new firmware image and click the upload button:Gemtek Systems Page 69
User’s Guide Chapter 4 – Reference ManualFigure 72 – New Firmware UploadBrowse – click the button to specify the new image location.Update – upload with new firmware.Cancel – cancel the upload process.Back – return to main firmware update wizard page.New firmware image is uploaded and system firmware update begins. New window with informationalmessage and remaining time appears.Figure 73 – Firmware Update ProcessWhen the upload is completed successfully a confirmation message and the access point restarts.Do not switch off and do not disconnect the P-520r from the power supply during the firmware update process as this can damage the device.Gemtek Systems Page 70
User’s Guide Chapter 5 – SNMP ManagementChapter 5 – SNMP Management IntroductionAnother way to configure and monitor the access point (P-520r) via a TCP/IP network is SNMP(Simple Network Management Protocol).SNMP is an application layer protocol that facilitates the exchange of management informationbetween network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP)protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.The SNMP agent and management information base (MIB) reside on the access point. To configureSNMP on the AP, you define the relationship between the Network Management System (NMS) and the SNMP agent (our AP). The SNMP agent contains MIB and Gemtek Systems private MIBvariables whose values the SNMP manager can request or change. A NMS can get a value from an agent or store a value into the agent. The agent gathers data from the MIB, the repository for information about device parameters and network data. The agent can also respond to a manager’srequests to get or set data.In order to manage the device you have to provide your Network ManagementSystem software with adequate MIB files. Please consult your managementsoftware manuals on how to do that. SNMP Versions The access point supports the following versions of SNMP:SNMPv1—The Simple Network Management Protocol: A Full Internet Standard, defined in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.)Security is based on community strings.SNMPv2c—The community-string based Administrative Framework for SNMPv2. SNMPv2c (the"C" stands for "community") is an Experimental Internet Protocol defined in RFC 1901, RFC 1905,and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1. Both SNMPv1 and SNMPv2c use a community-based form of security. The community of managersable to access the agent's MIB is defined by an IP address access control list and password. The Access Controller implementation of SNMP supports all MIB II variables (as described in RFC 1213) and defines all traps using the guidelines described in RFC 1215.The traps described in this RFC are:coldStartA coldStart trap signifies that the SNMP entity, acting in an agent role, is reinitializing itself and that its configuration may have been altered.WarmStartA WarmStart trap signifies that the SNMP entity, acting in an agent role, is reinitializing itself and that its configuration is unaltered.Gemtek Systems Page 71
User’s Guide Chapter 5 – SNMP ManagementauthenticationFailureAn authenticationFailure trap signifies that the SNMP entity, acting in an agent role, has received a protocol message that is not properly authenticated.linkDownA linkDown trap signifies that the SNMP entity, acting in an agent role, recognizes a failure in one of the communication links represented in the agent's configuration.linkUpA linkUp trap signifies that the SNMP entity, acting in an agent role, recognizes that one of the communication links represented in the agent's configuration has come up. SNMP Agent The SNMP agent is integrated in your P-520r and responds to SNMP manager requests as follows: Get a MIB variable—The SNMP agent begins this function in response to a request from the SNMP manager. The agent retrieves the value of the requested MIB variable and responds to the manager with that value. Set a MIB variable—The SNMP agent begins this function in response to a message from theSNMP manager. The SNMP agent changes the value of the MIB variable to the value requestedby the manager.The SNMP agent also sends unsolicited trap messages to notify an SNMP manager that a significantevent has occurred (e.g. authentication failures) on the agent. SNMP Community Strings SNMP community strings authenticate access to MIB objects and function as embedded passwords.In order for the SNMP manager to access the controller, the community string must match one of the two community string definitions on the controller. A community string can be as follows: Read-only – gives read access to authorized management stations to all objects in the MIB except the community strings, but does not allow write access.Read-write – gives read and write access to authorized management stations to all objects in the MIB, but does not allow access to the community strings.The SNMP Read-write community string is also the administrator’s password. If the password is changed the SNMP community string will be changed as well. Use SNMP to Access MIB As shown in the picture Figure 74 – SNMP Network SNMP agent gathers data from the MIB. The agent can send traps (notification of certain events) to the SNMP manager, which receives andprocesses the traps. Traps are messages alerting the SNMP manager to a condition on the networksuch as improper user authentication, restarts, link status (up or down), MAC address tracking, and so forth. The SNMP agent also responds to MIB-related queries sent by the SNMP manager in get-request,get-next-request, and set-request format.Gemtek Systems Page 72
User’s Guide Chapter 5 – SNMP ManagementMIBSNMP AgentP-520rSNMP Managerget-response, trapsget-request, get-next-reguest, get-bulk, set-requestFigure 74 – SNMP NetworkGemtek Systems Private MIB In addition to standard SNMP MIBs the P-520r supports the private Gemtek Stystems MIB. The private MIBs are enterprise specific and serve to extend the functionality of the standard MIBs. Private MIB identifies manageable objects and their properties that are specific to the managed device. MIBs let you manage device not only by using WEB or Command Line Interface but also using SNMPprotocol. The descriptions and brief explanations of managed objects are available in the MIB file. The MIB file is a specially formatted text file. It is using the so-called ASN.1 standard syntax. The Gemtek Systems private MIBs are the following: GemTek-Generic-Mib.mib GemTek-Mib.mib GemTek-Products-AP-Mib.mib GemTek-Products-Mib.mib GemTek-RCMS.mib  GemTek-Traps-Mib.mibGemtek Systems Page 73
User’s Guide AppendixA) P-520r Operator Access Point SpecificationTechnical Data FeaturesTheft protection system  Power-over-Ethernet supportIEEE 802.11g/b Access Point, Wi-Fi compliantRemote management, updatesWPA (PSK, TKIP, Rekeying)/WEP support Layer 2 isolation for securityIntegrated high-gain diversity antennas Seamless roaming (IAPP) support 802.1x security Virtual local area network support (VLAN)  RADIUS support Remote management via HTTP, SNMP (MIB II, Ethernet MIB, Bridge MIB, private MIB) TerminalACL (Access Control List)  DHCP clientWirelessStandard IEEE 802.11b/g (2.4GHz ISM band), Wi-Fi compliantData Rate 802.11b: 11, 5.5, 2, 1Mbps802.11g: 54, 48, 36, 24, 18, 12, 9, 6 Channels Up to 11 channels selectableTransmit Power 18dBm Sensitivity Data Rate Sensitivity Modulation54Mbps -71dBm 64QAM/OFDM, 8% PER 48Mbps -73dBm 64QAM/OFDM, 8% PER 36Mbps -75dBm 16QAM/OFDM, 8% PER 24Mbps -78dBm 16QAM/OFDM, 8% PER 18Mbps -80dBm QPSK/OFDM, 8% PER 12Mbps -82dBm QPSK/OFDM, 8% PER 11Mbps -87dBm CCK, 8% PER 9Mbps -84dBm BPSK/OFDM, 8% PER 6Mbps -86dBm BPSK/OFDM, 8% PER 5.5Mbps -89dBm CCK, 8% PER 2Mbps -90dBm DQPSK, 8% PER 1Mbps -92dBm DBPSK, 8% PERAntennas Two integrated diversity antennas: 6dBi directional antenna verticalpolarization & 4dBi horizontal polarized antennaInterfaceEthernet Interface 10/100 base-T, RJ-45 Ethernet port for connection to LAN Serial Console Port DB-9 connector (internal)Physical Specification AppendixGemtek Systems Page 74
User’s Guide AppendixDimension 196mm x 142mm x 35 mm/ 7.6 x 5.5 x 1.4 (L x W x D) Weight 350g / 0.771 lbsEnvironment Specification Temperature 0°C to 45°CHumidity 10% to 95%, non-condensingPower Supply Power Adaptor External AC/DC converter 100/230V to 5V DC/1.5A, 4.2W max. Optional Power Supply Power-over-Ethernet IEEE 802.3af compliant Mechanical Specification Ruggedized and flame-resistant plastic housing and plate that allows for placement on a wall, theft protectionLEDs3 LEDs RF activity, LAN activity, PowerManagementInterfaces HTTP, SNMPv1 und SNMPv2 (MIB II, 802.11 MIB, private MIB), TerminalSoftware Update Remote Software Update via HTTP Performance Monitor Tx/RxTest Integrated site surveyReset Remote reset/ Manufacturing resetWarranty2 years Package ContentsP-520r 54Mb Operator Access Point CD-ROM with software and documentationEthernet patch cable 100/230 Power AdapterWall mount plate Unmount toolRelated Products G-6000, 4100 Public Access ControllerAccess Controllers:P-560 54Mb Hotspot-in-a-BoxClient Adapters: T-300 series (2.4 GHz, 11Mb)E-820 8-port Power-over-Ethernet SwitchPoE Switches:E-110 Single-port PoE FeederSoftware: S-1000 Network Management Suite This table is for planning purposes only and is not intend to modify or supplement any specificationsor warranties relating to Gemtek Systems products. Gemtek Systems may make changes to thesespecifications and descriptions at any time, without notice.Gemtek Systems Page 75
User’s Guide AppendixB) Factory Defaults Values for the P-520r Access Point The following settings and parameters are the factory default for the 54Mb Operator Access Pointmodel: P-520r. Configuration:IdentityName nameLocation locationContact contact information Local Area Network: Network Setup Dynamic IP SelectedStatic IP Not SelectedVirtual LANUse Virtual Local Network (VLAN) Not selectedVLAN id noneWirelessBasic Wireless Settings Broadcast SSID SelectedPRISM Nitro. MaximumWireless Network Name (SSID) P520Band MixedRadio Channel 6Advanced Wireless Settings Operational Rate Set 82848B0C129618243048606CBeacon Period 100RTS Threshold 2347Fragmentation Threshold 2346SecurityWireless Security | Client Isolation Use Client Isolation Not SelectedWireless Security | Access Control List (ACL) Enable Access Control List Not SelectedGemtek Systems Page 76
User’s Guide AppendixWireless Security | RADIUS Servers Reauthentication Time 3600No RADIUS servers are defined on the system in the default statusWireless Security | Wired Equivalency Privacy (WEP) Use WEP Security Not selectedWireless Security | 802.1X Security 802.1X Security is not available because by default no RADIUS servers are on the system Wireless Security | Wi-Fi Protected Access (WPA) Disable WPA Security SelectedUse WPA with Pre-shared Key Not SelectedUse WPA with RADIUS server settings is not available because by default no RADIUS servers are on the system.Security | Management Security User name admin (cannot be changed)Password admin01System | SNMP Traps No SNMP traps on the systemGMS Agent Settings Use GMS System Not selectedUse Persistent Not selectedTimeout 30IP Address 224.0.6.128Port 45144Interface Name br0Certificate Path Not specified Password Not specified Identifier Not specified Use Alarms Not selectedLevel errorsURL Not specified Interval 60SNMP Community Strings Read-only public (cannot be changed)Read-write admin01NTP Settings Enable NTP Not selectedAutomatic Reboot Enable Automatic Reboot Not selectedGemtek Systems Page 77
User’s Guide AppendixC) P-520r Rescue and Firmware Recovery via TFTP Booting P-520r in rescue mode: 1. Turn off power on P-520r.2. Push reset button (see on Figure 4 – Looking Inside the P-520r) when booting on P-520r.3. Wait 3 seconds, release button. P-520r boots on rescue mode therefore will get IP address from DHCP. Upload firmware (FW update) to P-520r via TFTP:$ tftp <P-520r_IP_address>tftp> bin tftp> put <fimage_p520r.gsi.1.20.0319_16y> <password> Sent 1377280 bytes in 51.6 seconds tftp> quit $Gemtek Systems Page 78
User’s Guide GlossaryGlossarySymbols:10BASET 10 Mbps/baseband/twisted pair.The IEEE standard for twisted pair Ethernet.802.11b The IEEE standards for the definition of the Wireless high-speed (11Mbit) protocol for wireless communication.AAuthorization the process of determining what types of activities a user is permitted to undertake. Usually, authorization is in the context of authentication: once you haveauthenticated a user, they may be authorizedfor different types of access or activity.Authentication - Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.Bbackbone The primary connectivitymechanism of a hierarchical distributedsystem. All systems, which have connectivityto an intermediate system on the backbone,are assured of connectivity to each other. This does not prevent systems from setting upprivate arrangements with each other tobypass the backbone for reasons of cost,performance, or security.bandwidth Technically, the difference, in Hertz(Hz), between the highest and lowestfrequencies of a transmission channel.However, as typically used, the amount of data that can be sent through a given communications circuit. For example, typical Ethernet has a bandwidth of 100Mbps.bps bits per second. A measure of the datatransmission rate. DDatagram Self-contained, independent entityof data carrying sufficient information to be routed from the source to the destinationcomputer without reliance on earlierexchanges between this source anddestination computer and the transportingnetwork." a self-contained, independent entityof data carrying sufficient information to be routed from the source to the destinationcomputer without reliance on earlierexchanges between this source anddestination computer and the transportingnetwork. The term has generally beenreplaced by “packet”. DHCP Dynamic Host Configuration Protocol. A service that lets clients on a LAN requestconfiguration information, such as IP host addresses, from a server.DNS Domain Name System. The distributedname/address mechanism used in the Internet. It comprises distributed onlinedatabases that contain mappings betweenhuman-readable names and IP addresses,and servers, which provide translation servicesto client applications.Domain A part of the DNS naming hierarchy.Syntactically, an Internet domain nameconsists of a sequence of names (labels)separated by periods (dots), e.g., “machine.company.com”. See DNS.EEthernet A common, 10Mbps local area network technology invented by Xerox Corporation at the Palo Alto Research Center. Ethernet is a best-effort delivery system that uses CSMA/CD technology. Ethernet can be run over thin wire coaxial cable (10BASE2), thick wire coaxial cable (10BASE5), twistedpair cable (10BASET), or fiber optic cable.EIRP Effective Isotropic Radiated PowerTechnical value that evaluates the strength of receive signalsEPROM – EPROM (erasable programmableread-only memory) is programmable read-onlymemory (programmable ROM) that can be erased and re-used.Gemtek Systems Page 79
User’s Guide GlossaryFfilter A device that selectively sorts signals and passes through a desired range of signalswhile suppressing the others. This kind of filter is used to suppress noise or to separatesignals into bandwidth channels.firewall A system or combination of systemsthat enforces a boundary between two or more networks.FLASH A new memory technology, whichcombines the nonvolatile features of EPROM’swith the easy in-system reprogramming ofconventional volatile RAM. See EPROM.Ggateway The original Internet term for what isnow called router or more precisely, IP router. In modern usage, the term “gateway” and“application gateway” refers to systems, whichperform translation from some native protocol,or physical data format to another. Examples include electronic mail gateways, whichtranslate between X.400 and RFC 822 mailmessage formats. See router.Hhost An (end-user) computer system thatconnects to a network, such as a PC, minicomputer of mainframe.hotspot A hotspot is wireless public access system that allows subscribers to connect to a wireless network in order to access the Internet or other devices, such as printers.Hotspots are created by WLAN access points, installed in public venues. Common locationsfor public access are hotels, airport lounges,railway stations or coffee shops.HTTPS (Hypertext Transfer Protocol overSecure Socket Layer, or HTTP over SSL) is a Web protocol developed by Netscape and built into its browser that encrypts and decryptsuser page requests as well as the pages that are returned by the Web server. HTTPS is really just the use of Netscape's Secure Socket Layer (SSL) as a sublayer under its regular HTTP application.IICMP Internet Control Message Protocol. The TCP/IP protocol used to handle errors and control messages at the IP layer. ICMP is part of the IP protocol. Gateways, routers andhosts use ICMP to send reports of problemsabout datagrams back to the original sourcethat sent the datagram. interface One of the physical ports on the router, including the Ethernet and asynchronous ports.interface type The type (Ethernet or Point-to-Point) of one of the interfaces on the router.internet A collection of networksinterconnected by a set of routers, which allow them to function as a single, large virtualnetwork.Internet (note the capital “I”) The largestinternet in the world consisting of large national backbone networks (such as MILNET, NSFNET, and CREN) and a myriad of regionaland local campus networks all over the world.The Internet is a multiprotocol network, but generally carries TCP/IP. Internet address See IP address.Internet Protocol See IP.ISP Internet service provider. A company that provides Internet - related services. Mostimportantly, an ISP provides Internet access services and products to other companies and consumers.IP Internet Protocol. The network layerprotocol for the TCP/IP protocol suite. It is a connectionless, best-effort packet switchingprotocol.IP address A 32-bit address assigned to hosts using TCP/IP. The address specifies a specificconnection to a network, not the host itself. See dotted decimal notation.LLAN Local Area Network. Any physical network technology (such as Ethernet) thatoperates at high speed (typically 10 Mbit per second or more) over short distances (up to a few kilometers). See WAN.LED Light Emitting Diode. A luminousindicator.Gemtek Systems Page 80
User’s Guide GlossaryMMAC (Media Access Control) The uniquehardware number of a device connected to a shared media. On an Ethernet it is the same interface as the Ethernet address.metric A concept used to describe the cost of a route across a network, the distance to thedestination at the remote end of the route, or the capacity of the route. MIB A management information base (MIB) is a formal description of a set of network objectsthat can be managed using the Simple Network Management Protocol (SNMP). There are MIBs (or more accurately, MIB extensions)for each set of related network entities that can be managed.Nname resolution The process of mapping a name into the corresponding address. See DNS.NAT Network Address Translation, an Internet standard that enables a local-area network(LAN to use one set of IP addresses for internal traffic and a second set of addressesfor external traffic. A NAT box located where the LAN meets the Internet makes all necessary IP address translations. NAT isused for two main tasks – to provide a type of firewall by hiding internal IP addresses andenable a company to use more internal IPaddresses. Since they're used internally only, there's no possibility of conflict with IP addresses used by other companies andorganizations.network A computer network is a data communications system, which interconnectscomputer systems at various different sites. A network may be composed of any combinationof LANs or WANs.network address The network portion of an IP address. For a class A network, the networkaddress is the first byte of the IP address. For a class B network, the network address is the first two bytes of the IP address. For a class C network, the network address is the first three bytes of the IP address. In each case, the remainder is the host address. In the Internet, assigned network addresses are globallyunique. See IP address.node An addressable device attached to a computer network. See host,router.Ppacket The unit of data sent across a network.“Packet” is a generic term used to describe units of data at all levels of the protocol stack, but it is most correctly used to describeapplication data units. See datagram,frame.policy Organization-level rules governingacceptable use of computing resources,security practices, and operational procedures.POP3: POP3 (Post Office Protocol 3) is themost recent version of a standard protocol for receiving e-mail. POP3 is a client/serverprotocol in which e-mail is received and held for you by your Internet server. Periodically,you (or your client e-mail receiver) check your mail-box on the server and download any mail. POP3 is built into the Netmanage suite ofInternet products and one of the most populare-mail products, Eudora. It's also built into the Netscape and Microsoft Internet Explorer browsers.PPP: PPP (Point-to-Point Protocol) is a protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. PPP uses the Internet protocol (IP) (and is designed to handle others). It is sometimes considered a member of the TCP/IP suite of protocols. Relative to the Open Systems Interconnection (OSI) referencemodel, PPP provides layer 2 (data-link layer) service. Essentially, it packages your computer's TCP/IP packets and forwards them to the server where they can actually be put on the Internet.PPP is a full-duplex protocol that can be used on various physical media, including twistedpair or fiber optic lines or satellite transmission. It uses a variation of High SpeedData Link Control (HDLC) for packetencapsulation.PPP is usually preferred over the earlier de facto standard Serial Line Internet Protocol(SLIP) because it can handle synchronous aswell as asynchronous communication. PPP can share a line with other users and it has error detection that SLIP lacks. Where a choice is possible, PPP is preferred.Gemtek Systems Page 81
User’s Guide GlossaryPPPoE: PPPoE (Point-to-Point Protocol over Ethernet) is a specification for connectingmultiple computer users on an Ethernet local area network to a remote site through commoncustomer premises equipment, which is the telephone company's term for a modem and similar devices. PPPoE can be used to have an office or building-full of users share acommon Digital Subscriber Line (DSL), cable modem, or wireless connection to the Internet. PPPoE combines the Point-to-Point Protocol(PPP), commonly used in dialup connections,with the Ethernet protocol, which supportsmultiple users in a local area network. The PPP protocol information is encapsulatedwithin an Ethernet frame.PPPoE has the advantage that neither the telephone company nor the Internet service provider (ISP) needs to provide any specialsupport. Unlike dialup connections, DSL andcable modem connections are "always on."Since a number of different users are sharingthe same physical connection to the remoteservice provider, a way is needed to keeptrack of which user traffic should go to and which user should be billed. PPPoE providesfor each user-remote site session to learneach other's network addresses (during an initial exchange called "discovery"). Once a session is established between an individualuser and the remote site (for example, an Internet service provider), the session can be monitored for billing purposes. PPTP: Point-to-Point Tunneling Protocol(PPTP) is a protocol (set of communicationrules) that allows corporations to extend their own corporate network through private"tunnels" over the public Internet. Effectively, a corporation uses a wide-area network as a single large local area network. This kind of interconnection is known as a virtual privatenetwork (VPN). port The abstraction used by Internet transport protocols to distinguish among multiple simultaneous connections to a single destination host. A port is a transport layer demultiplexing value. Each application has a unique port number associated with it. It is also used to refer to one of the physical network connectors on the router.protocol A formal description of messageformats and the rules two computers mustfollow to exchange those messages. Protocolscan describe low-level details of machine-to-machine interfaces (e.g., the order in whichbits and bytes are sent across a wire) or high-level exchanges between allocation programs(e.g., the way in which two programs transfer a file across the Internet). QQOS Quality of Service. Transmission systemqualities measure in terms of reliability and availability.RRADIUS (Remote Authentication Dial-In User Service) is a client/server protocol andsoftware that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.RADIUS allows a company to maintain userprofiles in a central database that all remoteservers can share. It provides better security,allowing a company to set up a policy that can be applied at a single administered networkpoint. Having a central service also means that it's easier to track usage for billing and for keeping network statistics.route The path that network traffic takes from the source to the destination. It may include many gateways, routers, hosts and physicalnetworks.route table A table listing information aboutroutes to other hosts or networks, such as the remote network or host address, the interface down which the route exists, the distance to the remote address and the cost of sendingdata over the route.router A system responsible for makingdecisions about which of several pathsnetwork (or Internet) traffic will follow. To do this it uses a routing protocol to gain information about the network, and algorithmsto choose the best route based on severalcriteria known as “routing metrics”. Gemtek Systems Page 82
User’s Guide GlossaryRouter On the Internet, a router is a device or, in some cases, software in a computer, thatdetermines the next network point to which a packet should be forwarded toward its destination. The router is connected to at least two networks and decides which way to sendeach information packet based on its currentunderstanding of the state of the networks it is connected to. topology A network topology shows the computers and the links between them. Anetwork layer must know the current networktopology to be able to route packets to their final destination.UUDP User Datagram Protocol. A transportlayer protocol in the TCP/IP suite of protocols.UDP, like TCP, uses IP for delivery; however, unlike TCP, UDP provides for exchange of datagrams without acknowledgements orguaranteed delivery.Sserver A network device that provides servicesto client stations. Examples include file servers and print servers.service A term used with the router to refer to a connection to another port on (another)router, used to access dialup modems, hoststhat do not support TCP/IP and otherasynchronous devices. URL Uniform Resource Locator. A standardformat for specifying the name, type and location of documents and resources on an Internet. The syntax is type://host.domain:port/path/filename, where type specifies the type of document or resource (e.g. http is a file on a WWW server; file is a file on an anonymous FTP server; Telnet is a connectionto a Telnet-based service). See WWW.SNMP A Simple Network ManagementProtocol. The Internet standard protocoldeveloped to manage nodes on an IP network.See MIB.subnet A portion of a network, which may be a physically independent network segment,which shares a network address with other portions of the network and is distinguished by a subnet number. A subnet is to a networkwhat a network is to an internet. WWAN Wide Area Network. Any physical network technology that spans largegeographic distances. WANs usually operate a slower speeds than LANs. See LAN.subnet address The subnet portion of an IP address. In a subnetted network, the hostportion of an IP address is split into a subnetportion and a host portion using an address orsubnet mask. See subnet mask, IP address and network address.Wi-Fi is short for wireless fidelity and is another name for IEEE 802.11b. It is a registered trademark of Wi-Fi Alliance. "Wi-Fi" is used in place of 802.11b in the same waythat "Ethernet" is used in place of IEEE 802.3. Products certified as Wi-Fi by Wi-Fi Alliance are interoperable with each other even if they are from different manufacturers. A user with a Wi-Fi product can use any brand of accesspoint with any other brand of client hardwarethat is built to the Wi-Fi standard.subnet mask A bit mask used to select bitsfrom an Internet address for subnetaddressing. The mask is 32 bits long andselects the network portion of the Internet address and one or more bits of the local portion. Sometimes called address mask. WWW World Wide Web. A hypertext-based,distributed information system based on client- server architecture. Web browsers (clientapplications) request documents from Web servers. Documents may contain text, graphics and audiovisual data, as well as links to other documents and services. Web servers and documents are identified by URLs (Uniform Resource Locators). See URL.TTCP Transmission Control Protocol. TheTCP/IP standard transport layer protocol in the Internet suite of protocols, providing reliable,connection-oriented, full-duplex streams. It uses IP for delivery. Telnet The virtual terminal protocol in theTCP/IP suite of protocols, which allows usersof one host to log into a remote host andinteract as normal terminal users of that host.Gemtek Systems Page 83
User’s Guide IndexIndexAAccess Point with WDS wireless bridge, 10, 11 wireless repeater, 12 Access your AP, 20 ACL, 47 Advanced Wireless Settings, 46Antenna Gain, 41AP mode, 10 auto-channel, 41 automatic reboot, 63 BBackup/Restore, 55 Basic rate, 46 Basic Wireless Settings, 39 Beacon period, 46 CCable inlet, 16, 17 Configuration, 84 DDefault, 49 Defaults, 16, 40, 47 configuration, 77 LAN, 77 security, 77 wireless, 77 DHCP, 38, 84 Domain, 84 download system configuration, 56 EEthernet Socket, 16 FFactory Defaults, 77 reset, 23 Fragmentation threshold, 46GGateway, 26, 38 GMS, 9 Agent, 56 HHardware introduction LEDs, 14 Hardware Introduction Look inside, 16MAC address, 15 High perfomance, 8IIAPP Roaming Scheme, 39 Identity, 36Installationattach AP to the wall, 18 hardware, 18remove AP from the wall, 19 Introductionkickstart utility, 20software, 20 IP address, 20, 26, 37, 50 ISO Country Codes, 79 KKickStart utility, 20 LLAN, 14, 85 LED, 14, 85 Location ID, 79MMAC, 15, 37, 47, 48, 67, 68 Management, 8 Management options, 9 Management Options GMS, 9 SNMP, 9 Web-browser, 9 Management Security, 54MIB, 73 MMCX Antenna Connectors, 16 NNetwork Setup, 37 NTP, 61 OOperating mode, 10 Operational rate set, 46 PP-520r features, 9 Packaging contents, 13 Power Connector Plug, 16 Gemtek Systems Page 84
User’s Guide IndexPRISM Nitro, 41 Product overview, 8QQOS, 87 RRadio channel, 40 RADIUS, 87 RADIUS server, 54 RADIUS servers, 49 Reboot, 56 Regulatory Domain/Channels, 74, 76 Reset, 16 using hardware, 23 using KickStart, 23 using software, 56 Restore configuration, 55 RTS threshold, 46SSecurity, 29 802.11x, 52 WEP, 31, 51 WPA, 31, 53 Settings Summary, 36Setup wizard, 25SNMP, 9, 71 SNMP management, 9 SNMP Traps, 60SSID, 68 Statisticsaccess points, 67 event reporting, 66 interface statistics, 64 wireless clients, 67 wireless statistics, 65 support, 7 Supported rate, 46 System requirements, 13 TTCP, 88 Technical data, 74 Total Output Power, 41 UUDP, 88 Update wizard, 69VVLAN, 38 WWDS Configurationwireless bridge, 44 Web interface management, 9 Web interface menu, 34 WEP, 25, 30, 53 Wi-Fi compilance, 8 WPA, 25, 31, 53 Gemtek Systems Page 85

Navigation menu