GemTek Technology AP931229AG Dual Radio 2.4GHz/5GHz Outdoor Access Point User Manual BW2250 MRD

Gemtek Technology Co., Ltd. Dual Radio 2.4GHz/5GHz Outdoor Access Point BW2250 MRD

Contents

Manual

Copyright©2006 BROWAN Communications, Inc.BW2250 Dual Radio 2.4GHz/5GHz Outdoor Access Point User Guide September, 2006 www.browan.com
BROWAN COMMUNICATIONS Page 1 Copyright © 2002-2006 BROWAN COMMUNICATIONS. This MARKET REQUIREMENT DOCUMENT is copyrighted with all rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form by any means without the written permission of BROWAN. Notice BROWAN reserves the right to change specifications without prior notice. While the information in this document has been compiled with great care, it may not be deemed an assurance of product characteristics. BROWAN shall be liable only to the degree specified in the terms of sale and delivery. The reproduction and distribution of the documentation and software supplied with this product and the use of its contents is subject to written authorization from BROWAN. Trademarks The product described in this book is a licensed product of BROWAN. Microsoft, Windows 95, Windows 98, Windows Millennium, Windows NT, Windows 2000, Windows XP, and MS-DOS are registered trademarks of the Microsoft Corporation. Novell is a registered trademark of Novell, Inc. MacOS is a registered trademark of Apple Computer, Inc. Java is a trademark of Sun Microsystems, Inc. Wi-Fi is a registered trademark of Wi-Fi Alliance. All other brand and product names are trademarks or registered trademarks of their respective holders.
BROWAN COMMUNICATIONS Page 2 Within the 5.15 to 5.25 GHz band (5GHz radio channels 34 to 48) the U-NII devices are restricted to indoor operations to reduce any potential harmful interference to MSS operations. FCC Warning FCC Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one of the following measures:  Reorient or relocate the receiving antenna.  Increase the separation between the equipment and receiver.  Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.  Consult the dealer or an experienced radio/TV technician for help. This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. FCC Caution Any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment. FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. If this device is going to be operated in 5.15 ~ 5.25GHz frequency range, then it is restricted in indoor environment only. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. The availability of some specific channels and/or operational frequency bands are country dependent and are firmware programmed at the factory to match the intended destination.The firmware setting is not accessible by the end user.
BROWAN COMMUNICATIONS Page 3 IC Warning Operation is subject to the following two conditions:  This device may not cause interference and  This device must accept any interference, including interference that may cause undesired operation of the device This device has been designed to operate with an antenna having a maximum gain of 7dBi. Antenna having a higher gain is strictly prohibited per regulations of Industry Canada. The required antenna impedance is 50 ohms. To reduce potential radio interference to other users, the antenna type and its gain should be so chosen that the EIRP is not more than required for successful communication. To prevent radio interference to the licensed service (i.e. co-channel Mobile Satellite systems) we intended to operate this device indoors and away from windows to provide maximum shielding. Equipment (or its transmit antenna) that is installed outdoors is subject to licensing. Because high power radars are allocated as primary users (meaning they have priority) in 5250-5350 MHz, these radars could cause interference and/or damage to license exempt LAN devices.
BROWAN COMMUNICATIONS Page 4 COPYRIGHT...........................................................................................................................................1 NOTICE...................................................................................................................................................1 TRADEMARKS.......................................................................................................................................1 FCC Warning.......................................................................................................................................2 IC Warning ..........................................................................................................................................3 CONTENTS ............................................................................................................................................4 ABOUT THIS GUIDE..............................................................................................................................6 Purpose ...............................................................................................................................................6 Prerequisite Skills and Knowledge......................................................................................................6 Conventions Used in this Document...................................................................................................6 Help Us to Improve this Document! ....................................................................................................6 Browan Technical Support..................................................................................................................6 CHAPTER 1 – INTRODUCTION............................................................................................................7 Product Overview................................................................................................................................7 Features Highlight ...............................................................................................................................9 CHAPTER 2 - INSTALLATION............................................................................................................11 The Product Package........................................................................................................................11 Hardware Introduction.......................................................................................................................12 General Overview..........................................................................................................................12 Bottom Cover.................................................................................................................................13 RF Connectors and ports...............................................................................................................13 Hardware Installation.........................................................................................................................14 Installing the Access Point.............................................................................................................14 Connect to the Power Source and Local Network.........................................................................15 Software Installation..........................................................................................................................16 Initialization ....................................................................................................................................16 Software Introduction: KickStart ....................................................................................................16 Access Your BW2250....................................................................................................................16 CHAPTER 3 – APPLICATION MODE .................................................................................................20 AP + Bridge Mode .............................................................................................................................20 AP + AP Mode...................................................................................................................................20 Bridge+ Bridge Mode ........................................................................................................................21 CHAPTER 4 – REFERENCE MANUAL...............................................................................................22 Web Interface....................................................................................................................................22 Status ................................................................................................................................................23 Status | Device Status ...................................................................................................................23 Status | Wireless Status.................................................................................................................24 Status | Interface Statistics ............................................................................................................25 Network .............................................................................................................................................25 Network | Interface.........................................................................................................................25 Network | RADIUS Server .............................................................................................................28 Network | DHCP Settings ..............................................................................................................29 Network | NTP Settings .................................................................................................................35 Network | Time Settings.................................................................................................................37 Wireless.............................................................................................................................................38 Contents
BROWAN COMMUNICATIONS Page 5 Wireless | Basic .............................................................................................................................38 Wireless | Advance ........................................................................................................................48 Wireless | WEP..............................................................................................................................55 Wireless | MAC ACL......................................................................................................................56 System...............................................................................................................................................60 System | Security...........................................................................................................................60 System | SNMP..............................................................................................................................61 System | Telnet..............................................................................................................................62 System | Configuration ..................................................................................................................63 System | Reset...............................................................................................................................65 System | Upgrade ..........................................................................................................................65 APPENDIX............................................................................................................................................67 A) Specification .................................................................................................................................67 B) Factory Defaults for the BW2250 .................................................................................................69 C) Approved Antenna........................................................................................................................70 D) Location ID and ISO Country Codes............................................................................................71
BROWAN COMMUNICATIONS Page 6 Purpose The purpose of this document is to collect, analyze, and define needs and features of the new BROWAN BW2250 Dual Radio 2.4GHz/5GHz Outdoor Access Point. Prerequisite Skills and Knowledge To use this document effectively, you should have a working knowledge of Local Area Networking (LAN) concepts and wireless Internet access infrastructures. In addition, you should be familiar with the following:  Hardware installers should have a working knowledge of basic electronics and mechanical assembly, and should understand related local building codes.  Network administrators should have a solid understanding of software installation procedures for network operating systems under Microsoft Windows 95, 98, Millennium, 2000, NT, and Windows XP and general networking operations and troubleshooting knowledge. Conventions Used in this Document The following typographic conventions and symbols are used throughout this document: Very important information. Failure to observe this may result in damage. Important information that should be observed. Additional information that may be helpful but which is not required. bold Menu commands, buttons and input fields are displayed in bold code File names, directory names, form names, and system-generated output such as error messages are displayed in constant-width type <value> Placeholder for certain values, e.g. user inputs [value] Input field format, limitations, and/or restrictions. Help Us to Improve this Document! If you should encounter mistakes in this document or want to provide comments to improve the manual please send e-mail directly to: manuals@browan.com Browan Technical Support If you encounter problems when installing or using this product, please consult the Browan website at www.browan.com for:  Direct contact to the Browan support centers.  Frequently Asked Questions (FAQ).  Download area for the latest software, user documentation and product updates. About this Guide
BROWAN COMMUNICATIONS Page 7 Thank you for choosing the Browan 54Mb Dual-Radio Outdoor Access Point BW2250. The Browan BW2250 operates simultaneously in the 5-GHz and 2.4-GHz frequency bands and is fully compliant to 802.11b/g and 802.11a standard with its high performance and enhanced security. BW2250 is an important part for the Browan Wi-Fi solution as 11a/b/g outdoor AP. The two Dual-Band radios (a/g + a/g) that this product provides supplies the furthest in flexibility and makes sure low interference and large coverage. The a+g operation mode and Multiple BSSID that this product provides differentiates it from traditional outdoor AP product. Product Overview Flexibility and high performance BROWAN BW2250 is a high-performance and high capacity and feature-rich outdoor AP/Bridge for HotZone and backhaul services. The product’s dual tri-mode AP/Bridge radios architecture offers spectrum and deployment flexibility to increase capacity and extend the range of HotZone Wifi network. z Simultaneously supports 802.11a and 802.11b/g for maximum client diversity z Mix of AP, AP Router and Bridge configuration: working simultaneously, blanketing last miles with high-speed bandwidth. z Wireless AP router mode: Static Router table configure, NAT, Different IP subnet per BSSID, Enable/Disable DHCP server or DHCP relay per BSSID. z Dual AP/ AP Router configuration: for high client density environment for both 802.11b/g and 802.11a users z Dual Bridge (repeater) configuration: serves to extend the transmission range of wireless bridging and backhaul services. Secure and reliable wireless networking BW2250 supports and meets standard industry security requirement of wide area networking professionals for secured wireless network: z Supports VLAN, up to 16 VLAN ID per Radio z IEEE 802.1x/EAP with password, certificates and SIM card z 64bits/128bits static and dynamic WEP encryption z Supports Wi-Fi Protected Access (WPA/WPA2) with AES and TKIP support z Layer 2 Isolation for preventing snooping on the same BSS z MAC address filtering (ACL) for preventing illegal attacking from Internet z Hidden SSID broadcast to prevent illegal users connection z Built-in Web login authentication (UAM) Strong Anti-interference Chapter 1 – Introduction
BROWAN COMMUNICATIONS Page 8 Dynamic Channel Allocation (DCA) solution automatically selects optimal operational frequency channel during power up and the periodically monitors the environment and adjusts for best operational channel. DCA enhances BW2250 performance and provide continuous coverage under high AP density wireless network environment. Dynamic Wireless Bridging Dynamic Wireless Bridging capability enables BW2250 to automatically seek and discovery potential nearby root AP, and dynamically self-configures for wireless bridge connection. With this feature in a BW2250 network, whenever a bridge link is fail over, the network will auto reconfigure route structures to minimize the lost of WLAN operation. It also minimized the technician intervention and cost of going on-site to re-establish transmission paths. Since the birding fail over and restoration is almost seamless, the perceptible interruption of WLAN subscribers is also minimized. Multiple BSSID “Virtual AP” Technology Supports up to16 BSSID per radio and each can be configured independently to support range of security policies, authentication model, RADIUS servers and VLAN IDs. Each BSSID also can be set different priority based on 802.1p tag or 802.11e EDCA which enables WLAN client device to access wireless link QoS capabilities. Ease Installation and Deployment BW2250 enclosed in an aluminum-alloy frame-resistant with waterproof design housing operates even under extreme weather conditions. Power option includes an integrated IEEE 802.3af Power-over-Ethernet port enables effortless deployment in various environments. It also includes a special Antenna Alignment Tool, which help to assist long-range wireless bridging installation to ensure the optimal bridging performance. Easy and Secure Remote Management BW2250 supports secure remote management through HTTPS, CLISH and SNMP connections. Web-based user interface with HTTPS request supplies secure remote management BROWAN NMS product supplies the system management solution Remote software upgrading via HTTPS Detailed client survey and site survey Bridge/Client Diagnostic Tools: optimize the installation for wireless bridging and optimize operation status monitoring Management Option You can use the Access Controller management systems through the following interfaces:  Web-browser interface with HTTPS  Command Line interface (CLI) with optional SSH
BROWAN COMMUNICATIONS Page 9  Simple Network Management Protocol BW2250 management system pages are organized for the web-browser interface. This user manual provides detailed description of this management option. Features Highlight Super Bridge ● 802.11a/b/g compliant ● Up to 20 bridge links supporting ● Special radio for Bridge ● Bridge link for static WEP encryption Super AP ● Multiple BSSID (up to 16) ● SSID per BSSID ● Enabled or Disabled Hidden SSID per BSSID ● 16 VLAN ID per BSSID ● AAA way per BSSID, 802.1x and web login ● Co-existence of 802.1x and web login ● Security policy per BSSID, static WEP, dynamic WEP and WPA ● WPA passthrough ● RADIUS server per BSSID AAA ● RADIUS client supporting ● AAA Proxy, RADIUS authentication, RADIUS Proxy Server (RFC 2865, 2058) ● 802.1x supporting (EAP/TLS, EAP/TTLS, EAP/PEAP and EAP/SIM) Security ● Static 64/128bits WEP, Dynamic 64/128bits WEP ● WPA/TKIP and WPA/AES support ● MAC ACL ● Access Control (accept rule and deny rule) based on MAC address ● Layer 2 Isolation ● Hidden SSID
BROWAN COMMUNICATIONS Page 10 Management ● Secure management via HTTPS, CLISH, SNMP ● Standard MIB and Gemtek Systems Private MIB ● Remote firmware update via WEB UI ● Backup/Restore configuration file ● System Log, Save/Send System Log to remote log server with different log levels Multiple BSSID (up to 16)  SSID per BSSID  Enabled or Disabled Hidden SSID per BSSID  VLAN ID per BSSID  QoS priority per BSSID based on 802.1p or EDCA  AAA way per BSSID, 802.1x or WPA  Co-existence of 802.1x and WPA  Security policy per BSSID  RADIUS server per BSSID  Traffic priority per BSSID Maintenance  Software watchdog  Hardware watchdog
BROWAN COMMUNICATIONS Page 11 This chapter provides installation instructions for the hardware and software components of the Access Point BW2250. It also includes the procedures for the following tasks:  Hardware Introduction (Connectors)  Hardware Installation  Software Installation  The Product Package The product comes with the following:  Dual Radio outdoor Access Point (model: BW2250)  Mounting Kit  Screw Bag for Mounting Kit  Waterproof tape  RJ-45 Ethernet cable with waterproof connector  RS-232 console cable with waterproof connector  Omni-directional antenna (BA5070) * 2  Installation CD containing:  BW2250 User Guide in PDF format  KickStart Utility  Bridge/Client Diagnostic Utility  Product Firmware  Release Notes  Adobe Acrobat Readers  Printed 3 Years Warranty Card  Printed Warning Card If any of these items are missing or damaged, please contact your reseller or Browan sales representative. BA5070 antenna is the accessory of BW2250 Product. Refer to the Appendix D for BA5070 Antenna Spec: D) Approved Antenna Chapter 2 - Installation
BROWAN COMMUNICATIONS Page 12 Hardware Introduction General Overview Figure 1 – BW2250 General View The front panel of BW2250 contains:  Connectors which enable you to make different network connections for the device  Waterproof ports, which prevent the device from the damage of water that get into the internal part of the device. The Bottom cover of BW2250 contains:  Thermal convection hole  Reset button enables you to reboot or reset the device configuration to the factory defaults Press the Reset button for less than 3 seconds to reboot the device. Press the Reset button for more than 10 seconds to set the device to factory defaults. 註解 [r1]: 增加作用说明
BROWAN COMMUNICATIONS Page 13 Bottom Cover Figure 2 –Bottom Cover of the BW2250 The Bottom Cover of the BW2250 contains:  Back Label with Model and Device name. The official device name is 54Mb Dual Radio Outdoor Access Point; model BW2250.  MAC address labels of the device. The two labels show the WLAN1 and WLAN2 interface MAC address of the device.  Serial Number label of the device.  RESET Button. It is covered by a M6 Screw with a waterproof rubber washer RF Connectors and ports The BW2250 has two reverse N-type RF connectors on the flank panel: Figure 3 –RF Connectors and ports 21 34
BROWAN COMMUNICATIONS Page 14 Hardware Installation Installing the Access Point Use the following procedure to prepare your network connection to BW2250. Use the enclosed POE and power cord or any others IEEE802.3af Compliant POE Power Source Devices to supply your BW2250 Access Point. Step 1 Assemble part 1 of the Mount Kit at the back of the bottom cover as shown in the figure 4: Figure 4 – Assembling the Mounting Kit to the BW2250 Step 2 If you are mounting the AP on the wall; first install the bracket 2 of the mounting kit to a suitable position. Assemble the back of the BW2250 case to the bracket subsequently. Step 3 If you are mounting the AP to a mast; first install the bracket 2 and the clip 3 of the Mounting to a mast. Assemble the back of the BW2250 case to the bracket subsequently Step 4 Assemble the one side of an Ethernet twist cable with the waterproof RJ45 connector. Please read the description sheet in Waterproof RJ45 Connector package carefully before you do the assembly. Step 5 Insert the Ethernet twist cable to the LAN port connector on the back of the BW2250 Bottom Cover and screw down the nut. Step 6 Connect two RF connectors to the Antennas by Jump RF cable with waterproof N-type plug. ① ②③
BROWAN COMMUNICATIONS Page 15 Connect to the Power Source and Local Network Step 1 Connect the Ethernet cable from the BW2250 route to an IEEE802.3-2003 compliant Power source Equipment, Such as BE3011 POE HUB Switch from Browan. Step 2 If you use the BE3011 POE HUB, please connect the BW2250 LAN port to the PWR-LAN OUT port of BE3011 and connect the BE3011 LAN-IN port to the Switch or hub in the local network. Figure 5 – Connect BW2250 to Power source and network by PoE HUB
BROWAN COMMUNICATIONS Page 16 Software Installation Initialization There are two choices for the first web browser connection to your BW2250: either enter the BW2250's IP address and subnet (default networks settings) into the browser or launch the KickStart utility that is provided with your product CD. The default network settings for your new access point are: LAN port: IP 192.168.2.2 subnet 255.255.255.0 Software Introduction: KickStart The Browan KickStart is a software windows utility that is included on the Installation CD. The utility automatically detects access points installed on your network, regardless of its host IP address and lets you configure each unit’s IP settings. The feature list for the KickStart utility is listed below:  Scanning your subnet for all connected APs  Quick access to your AP via HTTPs, telnet, SSH To install the KickStart utility insert the Installation CD into your CD-ROM drive. Find and install the utility from the product CD into the computer. Access Your BW2250 There are two choices for the first Web browser connection to your BW2250:  Use the Web browser.  Launch the KickStart utility that is provided with your product CD. If first method is preferred follow these instructions: Step 1 Configure your PC with a static IP address on the 192.168.2.0 subnet with mask 255.255.255.0. Connect the BW2250 in to the same physical network as your PC. Open the Web browser and type the default IP address of the BW2250: https://192.168.2.2 Step 2 Enter the BW2250 administrator login details to access the Web management. The default administrator log on settings for all access point interfaces are: User Name: admin Password: admin01 If the Installation CD does not start automatically, please run “autorun.exe” manually from the root directory of the installation CD.
BROWAN COMMUNICATIONS Page 17 Step 3 After successful administrator log on you will see the main page of the BW2250’s Web interface: If second method is prefered follow the instuctions: Step 1 Install the KickStart utility from the Installation CD. Click Start > Programs > Browan > KickStart to launch the application. If the BW2250 device is connected to your network, the utility will automatically find your BW2250:
BROWAN COMMUNICATIONS Page 18 Step 2 Select your controller and right click. Select Open WEB item to launch the web management interface through the secure https connection: Step 3 Enter the BW2250 administrator login settings to access the web management interface. The default administrator log on settings for all access point interfaces are: User name: admin Password: admin01
BROWAN COMMUNICATIONS Page 19 Step 4 After successful administrator log on you will see the controller web interface. Now you are enabled to perform your configuration.
BROWAN COMMUNICATIONS Page 20 The two Dual-Band chips (a/g + a/g) that this product provides supplies the furthest flexible application. Three application modes are supplied by BW2250: z AP + Bridge mode z AP + AP mode z Bridge + Bridge mode AP + Bridge Mode AP + Bridge configuration is for environment with last mile issue. The typical usage is: 11g AP + 11a Bridge. Figure 6 – AP +Bridge application mode 1 AP + AP Mode AP + AP configuration can be for client density environment. The typical usage is: 11g AP + 11a AP. Figure 7 – AP +AP application mode Chapter 3 – Application Mode
BROWAN COMMUNICATIONS Page 21 Bridge+ Bridge Mode Bridge + Bridge mode is used in the area without Ethernet wiring. The typical usage is: 11a Bridge + 11a Bridge for Point to Multi-Point or for wireless Repeater. Figure 8 – Bridge +Bridge application mode in Point to Multi-Point Figure 9– Bridge +Bridge application mode as wireless repeater Because of the antenna interference, the performance will deteriorate dramatically if the same band (2.4GHz or 5GHz) is used both on the two RF modules. It is strongly recommended that leave two external antennas apart, at least larger than 1m. Thus antenna interference can be ignored. If external antenna cannot be apart, it is strongly recommended that one RF module is set 2.4GHz and the other is set 5GHz.
BROWAN COMMUNICATIONS Page 22 This chapter contains web management reference information. The web management main menu consists of the following sub menus:  Status – device status showing  Network – device settings affecting networking  Wireless – device settings related to the wireless part of the BW2250  System – device system settings directly applicable to the BW2250  Exit – click exit and leave the web management then close your web-browser window. Web Interface The main web management menu is displayed at the top of the page after successfully logging into the system (see the figure below). From this menu all essential configuration pages are accessed. Figure 10 – Main Configuration Management Menu The web management menu has the following structure: Status Device Status – show the status related with the whole device Wireless Status – show the status of the two radios Interface Statistics – show the status of each network interface Network Interface – TCP/IP settings of BW2250 LAN (Bridge) port RADIUS Server – specify the settings of RADIUS server which is used by 802.1x or WPA DHCP Settings– specify the settings of DHCP server or DHCP relay service NTP Settings – NTP settings of BW2250 Time Settings – Manually set time Wireless Basic – specify the basic settings related with wireless part Advance – specify the settings of multiple BSSID or Bridge WEP – specify the WEP settings related with static WEP encryption MAC ACL – MAC ACL settings for BW2250 System Security – set access permission to your BW2250 SNMP – SNMP service Telnet – Telnet/SSH service Configuration – system configuration utilities, including Backup/Upload configuration Chapter 4 – Reference Manual
BROWAN COMMUNICATIONS Page 23 Reset – reboot device and restore systems to factory default Upgrade – Upgrade the firmware remotely In the following sections, short references for all menu items are presented. Status Status | Device Status The device status page shows important information for the BW2250, its system status and network configuration. Figure 11 – Device Status System Version display the current version of the firmware loaded to the AP This is important information for support requests and for preparing firmware upgrading Uptime – indicates the time, expressed in days, hours and minutes since the system was last rebooted. System Time – shows the current time of the BW2250 Wlan1 MAC / Wlan 2 MAC – shows the MAC addresses of the two wireless interfaces of the BW2250 Free System Memory – indicates the memory currently available in the BW2250 Total System Memory – indicates the total memory in the BW2250 LAN Mode – indicate static IP or DHCP client is used for BW2250 LAN IP address LAN IP – shows the LAN IP address of BW2250 LAN Mask – shows the LAN Network Mask of BW2250 Gateway – shows the default gateway of BW2250
BROWAN COMMUNICATIONS Page 24 Status | Wireless Status The wireless status shows the information related with BW2250 two wireless interfaces. Figure 12 – Wireless Status Radio1 / Radio2 – relates with two wireless interfaces Channel – indicates which channel is in use now. Domain – indicates regulatory domain set on the BW2250 Mode – AP or Bridge mode is be used for this wireless interface Band – specify which band is in use for wireless interface Layer2 Isolation – specify the status of Layer2 Isolation service on this wireless interface Total Connected Clients – indicates number of the currently connected clients to your BW2250 Antenna Gain – indicates antenna gain value. If use BA5070, which is a attached Antenna of BW2250, shows 4.5dBi in 2.4GHz and 7dBi in 5GHz for regulation’s limitation. If customer own antenna will be used, this will shows 0dBi to gain larger EIPR value. Total Output Power (EIRP) – indicates EIRP value set to the BW2250 Total Output Power (EIRP) = Antenna Gain + RF card output power MAC ACL indicates the status of MAC ACL feature on BW2250 4.5 dBi 16dBm14dBm
BROWAN COMMUNICATIONS Page 25 Status | Interface Statistics The Interface Statistics shows each network interface status, including Input/Output bytes, packets or error. Figure 13 – Interface Statistics Interface Name – shows the name of each network interface, where ixp1 is related to LAN interface, wlan1_x is related to WLAN1 sub-interface and wlan2_x is related to WLAN2 sub-interface. Input Bytes (KB) – shows the total number of bytes received on the network interface. The bytes number is displayed in KB. Input Packets – shows the packets number received on the network interface. Input Errors – shows the packets number which contain errors preventing them from being received correctly. Output Bytes (KB) – shows the total number of bytes transmitted out of the network interface. The bytes number is displayed in KB. Output Packets – shows the packets number transmitted out of the network interface. Output Errors – shows the packets number which contain errors preventing them from being transmitted out correctly. Refresh – gets the updated network interface information. Network Network | Interface The interface configured is bridge device therefore only one interface is displayed here for configuration. Bridge interface and its settings are listed in the Interface page. Figure 14 – Interface Configuration Table
BROWAN COMMUNICATIONS Page 26 To change network interface (bridge) configuration properties click the Edit button in the Action column. The status can be changed now: Figure 15 – Edit Interface Configuration Settings IP Address - specify new interface IP address [in digits and dots notation, e.g. 192.168.123.70]. Netmask – specify the subnet mask [[0-255].[0-255].[0-255].[0-255]]. These numbers is a binary mask of the IP address, which defines IP address order and the number of IP addresses in the subnet. Gateway Address – interface gateway. For Bridge type interfaces, the gateway is always the gateway router. Protocol – specify static for setting IP address manually and dhcp for getting IP address dynamically acting as DHCP client. When dhcp is used for getting IP address, Kickstart is strongly recommended to find your device. VLAN –specify whether to manage this device via VLAN. VLAN ID – specify VLAN ID when managing this device via VLAN. Save – save the entered values. Cancel – restore all previous values. Change status or leave in the default state if no editing is necessary and click the Save button. Figure 16 – Apply or Discard Interface Configuration Changes Apply Changes – to save all changes in the interface table at once. Discard Changes – restore all previous values. For such each change of settings, the BW2250 needs to be restarted to apply all settings changes when clicking Apply Changes. Request for reboot server appears:
BROWAN COMMUNICATIONS Page 27 Figure 17 – Reboot Server Reboot – Click the button to restart the server and apply the changes. If there is no other setting needed to be modified, click the Reboot button for applying all modifications. And if there are still other setting modifications needed, go ahead to finish all changes and then click Reboot button to restart and apply all settings together. To reboot at once, click Reboot button and then it is necessary to wait a moment. And the message of reboot appears just like bellows: Figure 18 – Reboot Information
BROWAN COMMUNICATIONS Page 28 Network | RADIUS Server Up to 32 different RADIUS servers can be configured under the RADIUS servers menu. By default, one RADIUS server is specified for the system: Figure 19 – RADIUS Servers Settings Add – add new RADIUS server. Click Add to configure RADIUS server settings. Figure 20 – RADIUS Server's Details Name – specify the new RADIUS server name, which is used for selecting RADIUS server. Server IP – authentication RADIUS server IP address [dots and digits]. Server Port – specify the network port used to communicate with RADIUS [1-65535]. The default port value for authentication is 1812. The default port value for accounting is 1813. The port specified here must be the same with the one on the RADIUS server. Secret – shared secret string that is used to make sure the integrity of data frames used for authentication server. Save – save new specified RADIUS server. Cancel – restore all previous values. After adding a new RADIUS server, the following control appears:
BROWAN COMMUNICATIONS Page 29 Figure 21 – Apply or Discard RADIUS Server Changes Edit – edit an existing RADIUS server setting Delete – delete an existing RADIUS server setting Click Apply Changes to apply all the changes. Then the follow similar page will appears: Figure 22 – RADIUS Servers Reboot Server Reboot – restart the controller to make applied changes work. If there is no other setting needed to be modified, click the Reboot button for applying all modifications. And if there are still other setting modifications needed, go ahead to finish all changes and then click Reboot button to restart and apply all settings together. Network | DHCP Settings BW2250 can act as DHCP server or DHCP relay. The DHCP (Dynamic Host Configuration Protocol) service is supported on layer 2 interfaces. DHCP server and DHCP relay is disabled by default.
BROWAN COMMUNICATIONS Page 30 Figure 23 –DHCP Settings Edit – edit the wireless basic settings To change DHCP setting properties click the Edit button, the DHCP server or DHCP relay service should be configured: Figure 24 –DHCP Settings Status – Select status from the drop-down menu. Disabled – Disable the DHCP server service. DHCP Server – Enable the DHCP server service. DHCP Relay – Enable the DHCP Relay service. Choose DHCP Server to enable DHCP server service or choose DHCP Relay to enable DHCP relay service. DHCP Server This DHCP server service enables clients on the LAN to request configuration information, such as IP address, from a server. Settings of the DHCP service can be viewed just like the follow page.
BROWAN COMMUNICATIONS Page 31 Figure 25 –DHCP server Settings By default, DHCP server is disabled for BW2250. IP Address from / IP Address to – specify the IP address range to be dynamically allocated by the DHCP server. Netmask – enter the netmask for IP pool range. Gateway – enter the gateway IP for wireless clients. WINS Address (Windows Internet Naming Service) – specify server IP address if it is available on the network [dots and digits]. Lease Time – specify the IP address lease interval in seconds [1-1000000]. Domain – specify the DHCP domain name [optional, 1-128 sting]. DNS address – specify the DNS server’s IP address [in digits and dots notation]. DNS secondary address – specify the secondary DNS server’s IP address [in digits and dots notation]. Change status or leave in the default state if no editing is necessary and click the Save button.
BROWAN COMMUNICATIONS Page 32 Figure 26 –Apply or Discard DHCP server Settings The DHCP server settings will be automatically adjusted to match the network interface settings. The Gateway of DHCP server settings must be same with the Gateway of BW2250 For each change of settings, the BW2250 needs to be restarted to apply all settings changes when clicking Apply Changes. Request for reboot server appears:
BROWAN COMMUNICATIONS Page 33 Figure 27 – Reboot information Reboot – Click the button to restart the server and apply the changes. If there is no other setting needed to be modified, click the Reboot button for applying all modifications. And if there are still other setting modifications needed, go ahead to finish all changes and then click Reboot button to restart and apply all settings together. When BW2250 network Interface uses DHCP to get IP address dynamically, DHCP server service cannot be enabled. When BW2250 uses DHCP to get IP address dynamically, the similar WEB UI will be appears: Figure 28 – Warning information DHCP Relay To route DHCP through the external server, enable the DHCP Relay service.
BROWAN COMMUNICATIONS Page 34 Figure 29 – DHCP Relay settings Server IP: enter the IP address of the external DHCP server. Only one DHCP server can be supported for DHCP relay feature. Change status or leave in the default state if no editing is necessary and click the Save button. Figure 30 –Apply or Discard DHCP relay Settings For each change of settings, the BW2250 needs to be restarted to apply all settings changes when clicking Apply Changes. Request for reboot server appears: Figure 31 – Reboot information
BROWAN COMMUNICATIONS Page 35 Reboot – Click the button to restart the server and apply the changes. If there is no other setting needed to be modified, click the Reboot button for applying all modifications. And if there are still other setting modifications needed, go ahead to finish all changes and then click Reboot button to restart and apply all settings together. When BW2250 network Interface uses DHCP to get IP address dynamically, DHCP relay service cannot be enabled. Network | NTP Settings NTP (Network Time protocol) is used to synchronize the system time with the selected network NTP server. Use the Network| NTP Settings menu to configure the NTP service: Figure 32 – NTP Settings NTP status – specify enable or disable this NTP service Time Zone – specify the time zone for NTP service. Delete – delete the existed NTP server Edit – Edit the settings of the existed NTP server Add – add a new NTP server setting for synchronizing time Clicking Add button to add a new NTP server: Figure 33 – Add new NTP server setting Two NTP servers can be configured under Network | NTP Settings menu. And only IP address is accepted for NTP server. It is required to add at least one NTP server before enable NTP service.
BROWAN COMMUNICATIONS Page 36 The Name of NTP Server should be unique. Change status or leave in the default state if no editing is necessary and click the Save button. Figure 34 – Apply or Discard NTP server Changes Change the Time Zone for your own local time and change the NTP status to enable or disable. Figure 35 – Edit Time Zone setting/NTP status Clicking Save button for saving new Time Zone setting
BROWAN COMMUNICATIONS Page 37 Figure 36 – Apply or Discard Time Zone/NTP status Changes For each change of settings, the BW2250 needs to be restarted to apply all settings changes when clicking Apply Changes. Request for reboot server appears: Figure 37 – Reboot information Reboot – Click the button to restart the server and apply the changes If there is no other setting needed to be modified, click the Reboot button for applying all modifications. And if there are still other setting modifications needed, go ahead to finish all changes and then click Reboot button to restart and apply all settings together. Network | Time Settings Configure the system time manually under Network | Time Settings menu.
BROWAN COMMUNICATIONS Page 38 Figure 38 – Time Settings Click Edit to change current system time. Figure 39 – Edit Date and Time Settings Change the Date and Time or leave in the default value if no editing is necessary and click the Apply button. Thus the modified time will be taken effect at once. No reboot is needed. BW2250 has RTC (real-time clock). The system time will be saved upon reboot. If NTP is enabled, the local time cannot be modified manually. Wireless Wireless | Basic Use the wireless | Basic menu to configure such wireless settings as regulatory domain, channel, band, and power, layer2isolation. Click the edit button on the setting you need to change:
BROWAN COMMUNICATIONS Page 39 Figure 40 – Basic Wireless Settings with static channel selection Figure 41 – Basic Wireless Settings with DCA enabled Radio – specify which wireless interface of BW2250 is shown Domain – show the regulatory domain Static Channel– show the channel that the access point will use to transmit and receive information. If DCA (Dynamic Channel Allocation) is enabled, this will show Auto Channel and its channel number is chosen in auto channel selection. If use static channel selection, this will show Static Channel and its channel number. 16dBm4.5dBi 16dBm 4.5 dBi
BROWAN COMMUNICATIONS Page 40 DCA (Dynamic Channel Allocation) is very useful feature to help choose the best channel automatically and reduce interference among many Access Points. Band – show the working bands on which your radios are working. Six bands are supplied: 5GHz(11a), 5GHz(Turbo Mode 11a), 2.4GHz(Mixed 11g), 2.4GHz(11g only), 2.4GHz(Mixed 11g WiFi) and 2.4GHz(11g only WiFi). 2.4GHz(Mixed 11g) or 2.4GHz(11g only) – the radio will work on 2.4GHz for a better performance. 2.4GHz (11g only) mode only allows 11g client access. 2.4GHz(Mixed 11g) mode allows 11b/11g client access. 2.4GHz(Mixed 11g WiFi) or 2.4GHz(11g only WiFi) – make sure to compatible with Wi-Fi. 5GHz (11a) or 5GHz(Turbo Mode 11a) – the radio will work on 5GHz 11A mode. 5GHz(Turbo Mode 11a) can supply 108 raw data rate. Only under Bridge mode, Turbo Mode 11a can be set. Total Output Power (EIRP) – show the BW2250 transmission output power (EIRP) in dBm. Default is16dBm&WORLD. Antenna Gain: show the antenna gain that this Access Point used. When using the attached antenna BA5070 supplied by Browan, 4.5dBi will show in 2.4GHz and 7dBi will show in 5GHz. Otherwise, if select custom in Antenna item, the Antenna Gain will show 0 dBi to acquire larger output transmit power. RTS Threshold –show the value of RTS threshold. Default is 2347, which means that RTS is disabled. DCA threshold – show the value (in minutes) of DCA threshold. This threshold is been used to judge if there is no wireless users connected during this time. And if yes, BW2250 will monitor the environment and adjust channel for the best operational one. DCA optional channel – show the channels only in which auto channel selection (DCA) will be processed to reduce interference. Only when DCA is enabled, DCA threshold and DCA optional channel will be shown. Layer 2 Isolation – show the status of Layer 2 Isolation service (enabled or disabled) Mode – show the mode that the Access Point is in. (AP mode or Bridge mode) Site Survey –perform survey to show overview information for wireless networks in a local geography The site survey shows overview information for wireless networks in a local geographic area. Using this survey, administrator can scan for working access points, check their operating channels, and see RSSI levels. To start the scan, simply click the Site Survey menu. After clicking Site Survey, you will get the follow warning:
BROWAN COMMUNICATIONS Page 41 Figure 42 – Site Survey warning Click OK to continue site survey and get the similar UI:
BROWAN COMMUNICATIONS Page 42 Figure 43 – Site Survey information To refresh the statistics click the Rescan button. During Site Survey, all wireless clients, who are connecting with BW2250 would be kicked off. Site Survey takes some minutes to perform. Please wait and don’t power off AP during site survey. Edit – edit the wireless basic settings To change basic wireless setting properties click the Edit button in the Action column. The status can be changed now: Figure 44 – Edit Basic Wireless Settings with static channel selection
BROWAN COMMUNICATIONS Page 43 Figure 45 – Edit Basic Wireless Settings with DCA enabled Radio Name– show which wireless interface of BW2250 is being set Domain – select the regulatory domain according to your country The full frequency range of the 2.4 GHz or 5 GHz is not permitted for use in all countries. Depending on your selection of regulatory domains, the available frequency channels will vary. Before changing radio settings manually verify that your settings comply with government regulations. At all times, it will be the responsibility of the end-user to ensure that the installation complies with local radio regulations. Refer to the Appendix: . Channel – select the channel that the access point will use to transmit and receive information. If one channel is defined, it acts as default channel. Channels list will vary depending on selected regulatory domain and selected band. Multiple frequency channels are used to avoid interference between two radios of this AP, and between nearby access points. If you wish to operate more than one access point in overlapping coverage areas, we recommend a distance of at least four channels between the chosen channels. For example, for three Access Points in close proximity choose channels 1, 6 and 11 for 11b/g or channels 36, 40 and 64 for 11a. Band – working bands on which your radios are working. Six bands are supplied: 5GHz(11a), 5GHz(Turbo Mode 11a), 2.4GHz(Mixed 11g), 2.4GHz(11g only), 2.4GHz(Mixed 11g WiFi) and 2.4GHz(11g only WiFi). 2.4GHz(Mixed 11g) or 2.4GHz(11g only) – the radio will work on 2.4GHz for a better performance. 2.4GHz (11g only) mode only allows 11g client access. 2.4GHz(Mixed 11g) mode allows 11b/11g client access. 2.4GHz(Mixed 11g WiFi) or 2.4GHz(11g only WiFi) – make sure to compatible with Wi-Fi.
BROWAN COMMUNICATIONS Page 44 5GHz (11a) or 5GHz(Turbo Mode 11a) – the radio will work on 5GHz 11A mode. 5GHz(Turbo Mode 11a) can supply 108 raw data rate. Only under Bridge mode, Turbo Mode 11a can be set. Total Output Power (EIRP) –the BW2250 transmission output power (EIRP) in dBm. Default is 16dBm&WORLD. Total Output Power (EIRP) = Antenna Gain + RF card output power Antenna: Type of Antenna, two items for choice. BA5070 is the approved antenna supplied by Browan. Choose BA5070 antenna is used for meeting the limitation of regulatory domain. If you want to gain a larger output power for the real usage, it is strongest recommended to select custom. BA5070 antenna is the accessory of BW2250 Product. Refer to the Appendix D for BA5070 Antenna Spec: D) Approved Antenna If you want to gain a larger output power for the real usage, it is strongly recommended to select custom. RTS Threshold – when set, this setting specifies the maximum packet size beyond which RTS/CTS mechanism is be invokes. The value range of this is [0 …2347]. Default is 2347, which means that RTS is disabled. Enable DCA – Enable or Disable DCA service. DCA can help to choose the best working channel automatically. And static channel selection will be forbidden if DCA is enabled. DCA (Dynamic Channel Allocation) solution automatically selects the optimal operational frequency channel when power up and periodically monitors the environment and adjusts for the best operational frequency channel. DCA service is available only under 2.4GHz band. DCA threshold – specify the value (in minutes) of DCA threshold. This threshold is been used to judge if there is no wireless users connected during this time. And if yes, BW2250 will monitor the environment and adjust channel for the best operational one. If wireless network environment is stable which means auto channel selection needn’t do frequently, set a big value for DCA threshold to gain a stable wireless users’ connection. If wireless network environment changes continually, frequent auto channel selection is needed. So set a relative small value for DCA threshold to let channel change based on wireless environment. Wireless users’ will be kicked off when DCA is processing (site survey and new operational frequency channel takes effect).
BROWAN COMMUNICATIONS Page 45 DCA optional channel – specify the channels only in which auto channel selection (DCA) will choose for reducing interference reference. Only when DCA is enabled, DCA threshold and DCA optional channel will be shown. Layer 2 Isolation – Layer2 wireless client separation. Connected clients with user isolation function enabled cannot access each other directly. The clients are isolated from each other using their MAC addresses [enabled/disabled]. Mode – two modes are supplied: AP mode and Bridge mode. When Bridge mode is enabled, BW2250 can introduce a bridge loop if BW2250 Ethernet port is connected to your wired LAN. To avoid a bridge loop on your network, disconnect BW2250 from the wired LAN before or soon after Bridge mode is enabled. Save – Save the settings Change status or leave in the default state if no editing is necessary and click the Save button. Figure 46 – Apply or Discard Basic Wireless Settings with static channel selection 16dBm4.5 dBi
BROWAN COMMUNICATIONS Page 46 Figure 47 – Apply or Discard Basic Wireless Settings with DCA enabled For such each change of settings, the BW2250 needs to be restarted to apply all settings changes when clicking Apply Changes. Request for reboot server appears: Figure 48 – Reboot Server Reboot – Click the button to restart the server and apply the changes.
BROWAN COMMUNICATIONS Page 47 If there is no other setting needed to be modified, click the Reboot button for applying all modifications. And if there are still other setting modifications needed, go ahead to finish all changes and then click Reboot button to restart and apply all settings together.
BROWAN COMMUNICATIONS Page 48 Wireless | Advance BW2250 supports Multiple BSSID (MBSSID) function. You can configure up to 16 BSSIDs per radio on BW2250 and assign different configuration settings to each BSSID. For wireless users, they can think BW2250 as single AP with multi service supporting, including different security policy, different VLAN ID, different authentication etc. All the BSSIDs are active at the same time that means client devices can associate to the access point for specific service. Use the Wireless | Advance menu to configure properties related to Multiple BSSID, including configure SSID, Hidden SSID, VLAN/QoS, and Security for each SSID. Each BSSID can have its own SSID, In this case, Multiple BSSID is the same with Multiple ESSID. Wireless users can think BW2250 as multiple virtual APs, each supporting different service, and connects one SSID for the special services. Also, BW2250 supports Bridge function, it can support up to 20 Bridge links per radio. Different bridge link can use WEP or WPA-PSK for link security. AP Mode: Figure 49 – Advanced Wireless Setting (AP Mode) Radio – specify which RF card (wlan1 or wlan2) is needed to be configured since BW2250 has two Dual-Band radios Mode – specify the operation mode of BW2250 (AP or Bridge) Interface – Choose the specified MBSSID entry you want to configure. Each Interface maps to a BSSID Hidden – Show the status of Hidden SSID feature Security – Show which security policy is used for this MBSSID entry Current Connect # – Show the number of current wireless clients who are connecting with this MBSSID New – Create a new MBSSID entry Detail – Show the detail information of this MBSSID entry Edit – Edit the selected MBSSID entry you want to configure Delete – Delete the selected MBSSID entry. When in AP mode, you cannot delete the last entry Refresh – Rescan the WEB page to get newer information Clicking Detail, a similar page will be appears as below:
BROWAN COMMUNICATIONS Page 49 Figure 50 – Detail for MBSSID entry Radio – Show which radio (WLAN1 or WLAN2) is displayed Interface – Show the sub-interface of specified Radio Mode – Show the operation mode of the sub-interface SSID – Show the SSID value of the sub-interface Hidden SSID – Show the enable/disable status of Hidden SSID service Use VLAN – Show if VLAN is used for the sub-interface VLAN ID – If used VLAN, show the VLAN ID, which is specified 802.1p Tag – Show the 802.1p tag for the sub-interface if 802.1p is used SSID priority – Show the traffic priority specified for this sub-interface (BSSID/SSID), 0 means the normal priority Accounting – Show the enable/disable status of accounting service Security – Show the security policy specified for this sub-interface Current Connect Number – Show the number of current connected client with this sub-interface Detail – Show the MAC address of current connected clients Refresh – Rescan the WEB page to get newer information Return – Return to the wireless advance settings page Clicking Detail to check the detail information of the connected client just like below:
BROWAN COMMUNICATIONS Page 50 Figure 51 – Detail information of connected client Client MAC – Show the connected client’s MAC address IP Addr – Show the IP address of the connected client Auth Type – Show the auth type that the connected client is used. Auth type includes PEAP, TLS or TTLS. Signal/Noise – Show the SNR value of the connected client Input Packets – Show the packet number transmitted by the connected client Output Packets – Show the packet number destined to the connected client Clicking New or Edit on AP mode, the settings of MBSSID entry appears: Figure 52 – Multiple BSSID Setting - 1 Radio – showing which RF card (wlan1 or wlan2) is being configured. Mode – showing the current operation mode of BW2250 (AP or Bridge). Interface – showing the current MBSSID | Bridge link entry SSID – a unique ID for your wireless network. It is case sensitive and must not exceed 32 characters. The default SSID is "BW2250" but you should change this to a personal wireless network name. The SSID is important for clients when connecting to the access point. All client stations must have their client SSID settings configured and must use the same SSID. Each MBSSID entry (BSSID) can has its own SSID. And SSID can be same for different BSSID
BROWAN COMMUNICATIONS Page 51 Hidden SSID – When enabled, the SSID of this Interface is invisible in the networks list while scanning the available networks for wireless client (SSID is not broadcasted with its Beacons). When disabled, the AP’s SSID is visible in the available network list [enabled/disabled]. By default the Hidden SSID is disabled. VLAN and QoS – Specify VLAN policy or QoS policy. Data priority is based on (B) SSID and implemented by 802.11e EDCA or 802.1p tag. SSID priority (Disable VLAN) – specify the data priority, which is implemented according to 802.11e EDCA and makes sure the wireless downlink over-air QoS. This priority is based on (B) SSID, which means different BSSID can have different data priority and the data of the same BSSID has the same priority. This data priority only makes sure the priority of downlink (from AP to wireless client). 8 levels priorities are supplied. 1, 2, 0, 3, 4, 5, 6, 7 is from lowest priority to highest priority. And if no special QoS is needed, leave priority to default (0). 0 means normal priority. Enable VLAN – When enabled, the outgoing packets from this SSID will be tagged with VLAN ID and 802.1p tag (If have). VLAN ID – Configure VLAN ID for each Multiple SSID devices. Valid numbers are from 1 to 4094. 802.1p Tag – Configure 802.1p Tag for remote APC’s or Router’s QoS uses. Valid numbers are from 0 to 7. VLAN ID and 802.1p tag must cooperate with remote Router or APC. 802.1p Tag is also used for data priority. 8 levels priorities are supplied. 1, 2, 0, 3, 4, 5, 6, 7 is from lowest priority to highest priority. Accounting – Control the status of accounting service. Enable Accounting – enable or disable the accounting service. Accounting service only can be enabled when the security policy using RADIUS server is chosen. The security policies using RADIUS server include 802.1x, WPA, WPA2, WPA2 MIXED and MAC auth. Accounting Server Profile – specify which RADIUS server is used for accounting service. If not have any RADIUS server: please configure Network | RADIUS Servers Web UI first. Accounting Interim Interval – specify the value (in minutes), which is used for interim-accounting interval. This should not be left empty and the value range is from 1 to 60 minutes.
BROWAN COMMUNICATIONS Page 52 Figure 53 – Multiple BSSID Setting - 2 Security – Specify the security policy. WEP – When selected, the privacy of MSSID entry will be set to WEP (Wired Equivalent Privacy). WEP Key Index – Select the default key Index to make it the Default key and encrypt the data before being transmitted. All stations, including this MSSID Entry, always transmit data encrypted using this Default Key. The key number (1,2,3,4) is also transmitted. The receiving station will use the key number to determine which key to use for decryption. If the key value does not match with the transmitting station, the decryption will fail. The key value is set in Wireless | WEP web page. By default, four WEP keys are all set to “aaaaa”. They can be modified in Wireless | WEP. 802.1x – When selected, the MSSID entry will be configured as an 802.1x authenticator. It supports multiple authentication types based on EAP (Extensible Authentication Protocol) like EAP-TLS, EAP-TTLS, EAP-PEAP, EAP-SIM. The privacy will be configured as dynamic WEP. RADIUS Server Profile – Select the default radius server name. If not have any RADIUS server: please configure Network | RADIUS Servers Web page first. Dynamic Key Length – Select the dynamic 64-bits / 128-bits WEP encryption. WPA – Wi-Fi Protected Access, When selected, the encrypt method will be WPA with RADIUS Sever. WPA2 – When selected, the security policy will be WPA2 with RADIUS Server. In this mode, WPA client is not permitted to connect. WPA2 MIXED – When selected, WPA2 client and WPA client are all permitted to connect. RADIUS Server Profile –Select the default radius server name. If not, please configure Network | RADIUS Servers Web page first.
BROWAN COMMUNICATIONS Page 53 Algorithm – Choose WPA algorithm (TKIP, AES). Group Key Rekey interval –Specify the time in minutes, after which the group key will be updated. If not fill in the time, default rekey interval 10 minutes will be used for group key rekey. Figure 54 – Multiple BSSID Setting - 3 WPA-PSK – When selected, the security policy will be WPA PSK without RADIUS Server. WPA2-PSK – When selected, the security policy will be WPA2 PSK without RADIUS Server. In this mode, only WPA2 PSK client can connect with AP and WPA PSK client is not permitted to connect. WPA2-PSK MIXED – When selected, WPA2 PSK and WPA PSK are all permitted to connect with AP. Use Pre-Shared Key – Specify more than 8 characters and less than 64 characters for WPA with pre-shared key encryption. Algorithm – Choose WPA algorithm (TKIP, AES). Group Key Rekey interval –Specify the time in minutes, after which the group key will be updated. If not fill in the time, default rekey interval 10 minutes will be used for group key rekey. MAC Auth – When selected, the MAC address of wireless client will be passed to RADIUS server for PAP authentication when it connects with BW2250. The MAC address of wireless client acts as username and password. RADIUS Server Profile –Select the default radius server name. If not, please configure Network | RADIUS Servers Web page first. Disabled – When selected, no security policy is used on AP device. Bridge Mode
BROWAN COMMUNICATIONS Page 54 Figure 55 – Advanced Wireless Setting (Bridge Mode) Radio – specify which RF card (wlan1 or wlan2) is needed to be configured since BW2250 has two Dual-Band radios Mode – specify the operation mode of BW2250 (AP or Bridge) Interface – Choose the specified Bridge link entry you want to configure. Remote MAC – Specify the remote peer’s MAC address of this Bridge Security – Specify which security policy is used New – Create a new Bridge link entry Detail – Show the detail information of this Bridge link entry Edit – Edit the selected Bridge link entry you want to configure Delete – Delete the selected Bridge link entry. Clicking Detail, the similar page will be appears: Figure 56 – Detail of one bridge entry Clicking Edit for editing an existed bridge link or New for adding a new bridge link, you can see the figure like this.
BROWAN COMMUNICATIONS Page 55 Figure 57 – Bridge Link Setting Remote MAC – Add the remote peer’s MAC address you want to configure as a bridge link Security – Specify WEP or WPA-PSK (TKIP or AES) is used for security policy. WPA-PSK or static WEP can be used for encrypt each bridge link Use Pre-Shared Key – Specify more than 8 characters and less than 64 characters for WPA with pre-shared key encryption. Algorithm – Choose WPA algorithm (TKIP, AES). Rekey Interval –Specify the time in minutes, after which the key of the bridge link will be updated. By default, four WEP keys are all set to “aaaaa”. They can be modified in Wireless | WEP. Wireless | WEP Use the Wireless | WEP menu to configure static WEP settings. This menu only set static WEP key value related with 4 key indexes for each RF card (wlan1 or wlan2). Enable or Disable static WEP is in the Wireless | Advance menu.
BROWAN COMMUNICATIONS Page 56 Figure 58 – WEP Settings Radio – specify which RF card (wlan1 or wlan2) is needed to be set. Click Edit to edit the existing wepkey1 to wepkey4. By default, four WEP keys are all set to “aaaaa”. They can be modified according to real need. Figure 59 – Edit WEP Key Wireless | MAC ACL Use the MAC ACL service to control the default access to the wireless interface of the BW2250 or define special access rules for mobile clients. Configure the ACL using the Wireless | MAC ACL menu:
BROWAN COMMUNICATIONS Page 57 Figure 60 – MAC ACL Service Radio – Two wireless interfaces wlan1 and wlan2 can be selected for each radio’s MAC ACL rules. Only AP mode has the MAC ACL service. The wireless interface whose mode is Bridge hasn’t MAC ACL settings. Policy Setting – click the edit button to choose Allow, Deny or disable the access control service on device. By default the ACL service is disabled and all wireless clients connecting to the BW2250 are allowed (no ACL rules are applied to the wireless clients). Select Allow means only the wireless clients, whose MAC are listed in the MAC List would be permitted to access this AP. Other wireless client cannot access this AP. Select Deny means only the wireless clients, whose MAC are listed in the MAC List would be prevented from accessing. Other wireless clients can access this AP. Select Disabled means no ACL service. Figure 61 – MAC ACL settings You must create MAC List to work with Policy setting. The access control list is based on the network device’s MAC address. In the MAC ACL Configuration table, you only need to specify the MAC address of wireless client. Click the Add button to create a new MAC entry:00
BROWAN COMMUNICATIONS Page 58 Figure 62 – Add MAC entry MAC Address – enter the physical address of the network device you need to (MAC address) The format is a list of colon separated hexadecimal numbers (for example: 00:AA:A2:5C:89:56). Save – click the button to save the new MAC entry. Figure 63 – Apply or Discard MAC ACL Configuration Changes Apply Changes – to save all changes made in the interface table at once. Discard Changes – restore all previous values. For such each change of settings, the BW2250 needs to be restarted to apply all settings changes when clicking Apply Changes. Request for reboot server appears:
BROWAN COMMUNICATIONS Page 59 Figure 64 – Reboot Server Reboot – Click the button to restart the server and apply the changes. If there is no other setting needed to be modified, click the Reboot button for applying all modifications. And if there are still other setting modifications needed, go ahead to finish all changes and then click Reboot button to restart and apply all settings together.
BROWAN COMMUNICATIONS Page 60 System System | Security Use the System | Security service to configure the name and password administrator: Figure 65 – system security settings User Name – administrator username for access to BW2250 (e.g. web interface, CLI mode) [1-32 symbols, spaces not allowed]. Old Password – old password value. New Password –new password value used for user authentication in the system [4-8 characters, spaces not allowed]. Confirm Password – re-enter the new password to verify its accuracy. Save – click to save new administrator settings. Default administrator logon settings are: User Name: admin Password: admin01 Password length is from 4 to 8 characters. After filling in the right old password and the new password, clicking the Save button for taking effect immediately. After clicking Save button, the below UI will be shown to notify that the new password setting has been taken place:
BROWAN COMMUNICATIONS Page 61 Figure 66 – system security settings save and take effect successfully System | SNMP SNMP is the standard protocol that regulates network management over the Internet. To communicate with SNMP manager you must set up the same SNMP communities and identifiers on both ends: manager and agent. Use the System | SNMP menu to change current SNMP configuration. Figure 67 – SNMP settings Readonly community – Community name is used in SNMP version 1 and version 2c. Read-only (public) community allows reading values, but denies any attempt to change values [1-32 all ASCII printable characters, no spaces]. Readwrite community – Community name is used in SNMP version 1 and version 2c. Read-write (private) community allows to read and (where possible) change values [1-32 all ASCII printable characters, no spaces]. Default Trap community – The default SNMP community name used for traps without specified communities. The default community by most systems is "public". The community string must match the community string used by the SNMP network management system (NMS) [1-32 all ASCII printable characters, no spaces]. Trap Configuration Table:
BROWAN COMMUNICATIONS Page 62 You can configure your SNMP agent to send SNMP Traps (and/or inform notifications) under the defined host (SNMP manager) and community name (optional). Figure 68 – SNMP Trap table settings Click Add to add a new SNMP manager or Delete to delete a specific SNMP manager. Clicking Add: Figure 69 – Add SNMP Trap Host IP – enter SNMP manager IP address [dots and digits]. Host Port – enter the port number the trap messages should be send through [number]. Trap Type – select trap message type [v1/v2/inform]. Community – specify the community name at a SNMP trap message. This community will be used in trap messages to authenticate the SNMP manager. If not defined, the default trap community name will be used (specified in the SNMP table) [1-32 all ASCII printable characters, no spaces]. Save – save all current settings Cancel – restore the last settings System | Telnet Use System | Telnet menu to manage the telnet/SSH service of your BW2250. Figure 70 – System Configuration settings Telnet Service – Enable or disable telnet service of BW2250 SSH Service – Enable or disable SSH service of BW2250. The default of these two services are all Enabled. The current IETF SSH (SSHv2) is supported for security of accessing BW2250 via telnet/CLISH.
BROWAN COMMUNICATIONS Page 63 System | Configuration Use the System | Configuration menu to configure such system utilities:  Backup – download current working system configuration for backup  Upload/Restore – upload system configuration for restore Figure 71 – System Configuration settings You can save your current device configuration file locally clicking the Preparation button: Figure 72 – Backup settings Such device configuration is saved in the specific format file (.cfg). Description Message shows the current version of firmware. Click the Preparation button to start saving the configuration file. Click the Download button to download current working configuration into your local PC. Figure 73 – Download system configuration A configuration file name will be required when you download/save the configuration file. And please remember the configuration file name should only include characters or numbers. Otherwise, this configuration file will not upload to BW2250.
BROWAN COMMUNICATIONS Page 64 You can upload saved configuration file any time you want to restore this configuration to the device by using the Browse button Select the configuration file and upload it on the device: Figure 74 – Configuration Upload/Restore Click Upload for upload the specified configuration and then the similar UI appears Figure 75 – configuration information HOST IP – show the IP address in the configuration file that needs to upload. Please remember this IP address for accessing BW2250 after the configuration file is uploaded. HOST VERSION – show the firmware version in the configuration file that needs to upload. OK – click the button to apply configuration setting to the device. If everything is right, click OK button for upload/restore.
BROWAN COMMUNICATIONS Page 65 System | Reset Figure 76 – System Reset setting Reboot – Reboot the device Reset – Reset System to Factory Defaults To reboot the device, click Reboot and then the below appears to make sure: Figure 77 – Reboot the device To reset device to factory defaults, click Reset on Figure 48 and then the below appears to make sure: Figure 78 – Reset the device Please note that all settings including the administrator settings will be set back to the factory default when Reset is selected. System | Upgrade Check for new product updates at the Browan website: http://www.browan.com
BROWAN COMMUNICATIONS Page 66 Upload – Update your device firmware. Figure 79 – Firmware Upgrade Click the Upload and then the follow appears. Specify the full path to the new firmware image and click the Upload button: Figure 80 – Firmware Upgrade To flash the uploaded firmware image to upgrade the firmware is done by click the Upgrade button. Please make sure the firmware is correct for BW2250. Otherwise the upgrade will be failed. Figure 81 – Device Statistics Do not switch off and do not disconnect the BW2250 from the power supply during the firmware update process, otherwise the device could be damaged. It is best to use the Ethernet connection (not wireless) for the firmware update process. Update firmware will take about 5 minutes.
BROWAN COMMUNICATIONS Page 67 A) Specification Wireless Standard IEEE 802.11b(DSSS), IEEE 802.11g(OFDM) and IEEE 802.11a(OFDM) Data Rate 802.11a: 54,48,36,24,18,12,9,6Mbps; 802.11g: 54,48,36,24,12,9,6,11,5,5,2,1Mbps (auto fall back) Transmit Power (RF power) Max. 17 dBm ± 1.5dBm @6~24Mbps Max. 13 dBm ± 1.5dBm @54Mbps Antennas Two N type connectors Encryption WPA2, WPA(TKIP and CCMP-AES), WEP64, WEP128 Bridge Up to 20 bridge links Interface LAN 10/100Mb Ethernet, auto sensing, RJ-45 WLAN1 N-type Connector WLAN2 N-type Connector Management Interfaces HTTPs, Secure Telnet (SSHv2), SNMP Software Update Remote software update via HTTPs Reset Remote restore factory default Physical Specification Dimension 227 mm x 198 mm x 65 mm Weight 1.5kg Environment Specification Temperature Humidity Operating -40 to 60°C 95%, non-condensing Power Supply POE 48V, IEEE802.3af-2003 compliance Warranty 3 years Package Contents  BW2250 Dual-Band Outdoor Access Point  Mounting Kit including SCREW  Printed warranty card, release note, warning card  CD with BW2250 Firmware, Kickstart Utility, Bridge/Client Utility and User manual (*.pdf)  BA5070 Omni Dual-Band Antenna  Waterproof tape  Waterproof RJ45 Straight Plug  Reset Post Related Products Controllers: G-4200 Public Access Controller Access Points: P-720 Dual Radio 2.4GHz/5GHz Access Point Appendix 註解 [r2]: 确认配套设备机种名称
BROWAN COMMUNICATIONS Page 68
BROWAN COMMUNICATIONS Page 69 B) Factory Defaults for the BW2250 General Configuration Settings Administrator Username admin Administrator Password admin01 Get Community Public Set Community Private Network Configuration Settings IP address (Static IP) 192.168.2.2 Subnet mask 255.255.255.0 Gateway 0.0.0.0 Service Configuration Settings DHCP server Disable DHCP relay Disable NTP service Disable Telnet service Enable SSH service Enable Wireless Configuration Settings RF Card 1(WLAN1) Default Mode 11g Access Point Regulatory Domain World SSID BW2250g Default channel (Static) 11 RTS Threshold 2347 bytes EIRP 14dBm Authentication Type Open System MAC ACL Disable Layer 2 Isolation Disable Hidden SSID Disable Security Policy Disable RF Card 2(WLAN2) Default Mode 11a Access Point Regulatory Domain World SSID BW2250a Default channel (Static) 60 RTS Threshold 2347 bytes EIRP 17dBm Authentication Type Open System MAC ACL Disable Layer 2 Isolation Disable Hidden SSID Disable Security Policy Disable
BROWAN COMMUNICATIONS Page 70 C) Approved Antenna BA5070 (omni-directional antenna for 2400 ~ 2500 MHz/ 5150 ~ 5875 MHz) is approved by Browan. It is the accessory of BW2250 product.
BROWAN COMMUNICATIONS Page 71 D) Location ID and ISO Country Codes This list states the country names (official short names in English) in alphabetical order as given in ISO 3166-1 and the corresponding ISO 3166-1-alpha-2 code elements. It lists 239 official short names and code elements. Location ID Country Location ID Country AF Afghanistan LI Liechtenstein AL Albania LT Lithuania DZ Algeria LU Luxembourg AS American Samoa MO Macao AD Andorra MK Macedonia, the former Yugoslav republic of AO Angola MG Madagascar AI Anguilla MW Malawi AQ Antarctica MY Malaysia AG Antigua and Barbuda MV Maldives AR Argentina ML Mali AM Armenia MT Malta AW Aruba MH Marshall islands AU Australia MQ Martinique AT Austria MR Mauritania AZ Azerbaijan MU Mauritius BS Bahamas YT Mayotte BH Bahrain MX Mexico BD Bangladesh FM Micronesia, federated states of BB Barbados MD Moldova, republic of BY Belarus MC Monaco BE Belgium MN Mongolia BZ Belize MS Montserrat BJ Benin MA Morocco BM Bermuda MZ Mozambique BT Bhutan MM Myanmar BO Bolivia NA Namibia BA Bosnia and Herzegovina NR Nauru BW Botswana NP Nepal BV Bouvet island NL Netherlands BR Brazil AN Netherlands Antilles IO British Indian ocean territory NC New Caledonia BN Brunei Darussalam NZ New Zealand BG Bulgaria NI Nicaragua BF Burkina Faso NE Niger
BROWAN COMMUNICATIONS Page 72 BI Burundi NG Nigeria KH Cambodia NU Niue CM Cameroon NF Norfolk island CA Canada MP Northern Mariana islands CV Cape Verde NO Norway KY Cayman islands OM Oman CF Central African republic PK Pakistan TD Chad PW Palau CL Chile PS Palestinian territory, occupied CN China PA Panama CX Christmas island PG Papua new guinea CC Cocos (keeling) islands PY Paraguay CO Colombia PE Peru KM Comoros PH Philippines CG Congo PN Pitcairn CD Congo, the democratic republic of the PL Poland CK Cook islands PT Portugal CR Costa Rica PR Puerto Rico CI Côte d'ivoire QA Qatar HR Croatia RE Réunion CU Cuba RO Romania CY Cyprus RU Russian federation CZ Czech republic RW Rwanda DK Denmark SH Saint Helena DJ Djibouti KN Saint Kitts and Nevis DM Dominica LC Saint Lucia DO Dominican republic PM Saint Pierre and Miquelon EC Ecuador VC Saint Vincent and the grenadines EG Egypt WS Samoa SV El Salvador SM San Marino GQ Equatorial guinea ST Sao tome and Principe ER Eritrea SA Saudi Arabia EE Estonia SN Senegal ET Ethiopia SC Seychelles FK Falkland islands (malvinas) SL Sierra Leone FO Faroe islands SG Singapore FJ Fiji SK Slovakia FI Finland SI Slovenia FR France SB Solomon islands GF French Guiana SO Somalia PF French Polynesia ZA South Africa
BROWAN COMMUNICATIONS Page 73 TF French southern territories GS South Georgia and the south sandwich islands GA Gabon ES Spain GM Gambia LK Sri Lanka GE Georgia SD Sudan DE Germany SR Suriname GH Ghana SJ Svalbard and Jan Mayan GI Gibraltar SZ Swaziland GR Greece SE Sweden GL Greenland CH Switzerland GD Grenada SY Syrian Arab republic GP Guadeloupe TW Taiwan, province of china GU Guam TJ Tajikistan GT Guatemala TZ Tanzania, united republic of GN Guinea TH Thailand GW Guinea-Bissau TL Timor-leste GY Guyana TG Togo HT Haiti TK Tokelau HM Heard island and McDonald islands TO Tonga VA Holy see (Vatican city state) TT Trinidad and Tobago HN Honduras TN Tunisia HK Hong Kong TR Turkey HU Hungary TM Turkmenistan IS Iceland TC Turks and Caicos islands IN India TV Tuvalu ID Indonesia UG Uganda IR Iran, Islamic republic of UA Ukraine IQ Iraq AE United Arab emirates IE Ireland GB United kingdom IL Israel US United states IT Italy UM United states minor outlying islands JM Jamaica UY Uruguay JP Japan UZ Uzbekistan JO Jordan VU Vanuatu KZ Kazakhstan Vatican city state see holy see KE Kenya VE Venezuela KI Kiribati VN Viet nam KP Korea, democratic people's republic of VG Virgin islands, British KR Korea, republic of VI Virgin islands, u.s. KW Kuwait WF Wallis and Futuna KG Kyrgyzstan EH Western Sahara
BROWAN COMMUNICATIONS Page 74 LA Lao people's democratic republic YE Yemen LV Latvia YU Yugoslavia LB Lebanon Zaire see Congo, the democratic republic of the LS Lesotho ZM Zambia LR Liberia ZW Zimbabwe LY Libyan Arab Jamahiriya

Navigation menu