LevelOne EAP-110 User Manual
  1. Manuals
  2. Brands
  3. LevelOne Manuals
  4. Wireless Access Point
  5. EAP-110
  6. User manual
LevelOne EAP-110 User Manual

LevelOne EAP-110 User Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
LevelOne
EAP-110
Enterprise Access Point
User Manual
V1.0
1

Advertisement

Table of Contents
loading

Related Manuals for LevelOne EAP-110

Summary of Contents for LevelOne EAP-110

  • Page 1 LevelOne EAP-110 Enterprise Access Point User Manual V1.0...
  • Page 2 LevelOne Disclaimer LevelOne does not assume any liability arising out the application or use of any products, or software described herein. Neither does it convey any license under its parent rights not the parent rights of others. LevelOne further reserves the right to make changes in any products described herein without notice. The publication is subject to change without notice.

  • Page 3: Table Of Contents

    Table of Contents Before You Start ..............................4 1.1 Preface ................................4 1.2 Conventions ................................ 4 1.3 Package Content ..............................4 System Overview and Getting Started ......................... 5 2.1 Introduction ................................. 5 2.2 Deployment Topology ............................5 2.3 Hardware Description ............................6 2.4 Hardware Installation ............................

  • Page 4: Before You Start

    This manual is intended for system integrators, field engineers, and network administrators to set up LevelOne’s EAP-110 802.11n/b/g 2.4GHz MIMO Access Point in their network environments. It contains step-by-step procedures and visual examples to guide MIS staff or individuals with basic network system knowledge to complete the installation.

  • Page 5: System Overview And Getting Started

    802.1X, and Wi-Fi Protected Access (WPA and WPA2). EAP-110 also features multiple ESSIDs with VLAN tags and multiple Virtual APs, great for enterprise applications, such as separating the traffics of different departments using different ESSIDs. The PoE LAN port can receive power from Power over Ethernet (PoE) sourcing device.

  • Page 6: Hardware Description

    2.3 Hardware Description This section depicts the hardware information including all panel description. Connector Panel EAP-110 Connector Panel Attach the power adapter here. Attach the Ethernet cable here for connecting to wired local network. This port supports LAN(PoE) PoE as well which can be connected to a PSE (power sourcing equipment) as an alternative power sourcing.
  • Page 7 LED Panel EAP-110 LED Panel LAN LED LED ON indicates LAN cable is connected; OFF indicates no connection; BLINKING indicates transmitting data. WLAN LED LED ON indicates wireless is ready. WES LED To indicate WES status. Master (Press for more than 3...

  • Page 8: Hardware Installation

    2. Connect the EAP-110 to your network device. Connect one end of the Ethernet cable to LAN port of EAP-110 and the other end of the cable to a switch, a router, or a hub. EAP-110 is then connected to your existing wired LAN network.
  • Page 9 • Launch the web browser on your PC and enter the IP Address of the EAP-110 (192.168.1.1) at the address field, and then press Enter. The following Administrator Login Page will then appear. Enter “admin” for both the Username and Password fields, and then click Login.
  • Page 10 It is strongly recommended to make a backup copy of configuration settings. • After the EAP-110’s network configuration is completed, please remember to change the IP Address of your PC Connection Properties back to its original settings in order to ensure that...

  • Page 11: Connect Your Ap To Your Network

    LAN port and provide wireless access to your network. After having prepared the EAP-110’s hardware for configuration, set the TCP/IP settings of administrator’s computer to have a static IP Address of 192.168.1.10 and Subnet Mask of 255.255.255.0.
  • Page 12 System Information Page There are two methods of setting up the time: Manual (indicated by the option Set Date & Time) and NTP. The default is Manual and requires individual setup every time the system starts up. Simply choose a time zone and set the time accordingly.
  • Page 13 Step 2: Configuring the AP’s Network Settings While still on this Page, click on the Network Interface tab to begin configuration of the network settings. Network Settings Page If the deployment decides the AP will be getting dynamic IP Addresses from the connected network, set Mode to DHCP;...
  • Page 14 Step 3: Configure the AP’s Wireless General Settings Click on the Wireless icon followed by the General tab. On this page we only need to choose the Band and Channel that we wish to use. Wireless General Settings Page On this page, select the Band with which the AP is to broadcast its signal. The rest of the fields are optional and can be configured at another time.
  • Page 15 Step 4: Configuring Wireless Coverage (VAP-1) To setup the AP’s wireless access, refer to the following VAP-1 configuration (other VAP configuration can refer to the same setup steps as done for VAP-1). Click on the Overview tab to proceed. Virtual AP Overview Page On this page click the hyperlink in the row and column that corresponds with VAP-1’s State.
  • Page 16 The desired VAP profile can be selected from the drop-down menu of Profile Name and VAP-1 configuration will serve as an example for all other VAPs. Before proceeding further, please make sure that the VAP field is Enable; afterwards, enter an ESSID to represent the WLAN associated with AP’s VAP-1.

  • Page 17: Adding Virtual Access Points

    4. Adding Virtual Access Points EAP-110 possesses the feature of multi-ESSID; namely, it can behave as multiple virtual access points, providing different levels of services from the same physical AP device. Please click on the AP icon to review the VAP Overview page.

  • Page 18: Secure Your Ap

    5. Secure Your AP Different VAP may require different level of security. These instructions will guide the user through setting up different types of security for a particular VAP. Simply repeat the following steps for other VAP with security requirement. Step 1: Ensure the intended VAP is Enabled VAP Overview Page On the VAP Overview page, check the table to confirm the VAP State.
  • Page 19 The following instructions will guide the user to set up wireless security with a specific VAP. If only restricted access of certain MAC addresses is desired, skip to the Step3. MAC restriction can be coupled with wireless security to provide extra protection. First, click on the corresponding cell in the column labeled Security Type.
  • Page 20 • None: Authentication is not required and data is not encrypted during transmission when this option is selected. This is the default setting as shown in the following figure. Security Settings: None • WEP: WEP (Wired Equivalent Privacy) is a data encryption mechanism with key length selected from 64-bit, 128-bit, or 152-bit.
  • Page 21 • 802.1X: When 802.1X Authentication is selected, RADIUS authentication and enhanced dynamic WEP are provided. Security Settings: 802.1X Authentication  Dynamic WEP Settings: Dynamic WEP: For 802.1X security type, Dynamic WEP is always enabled to automatically generate WEP keys for encryption. WEP Key Length: Select from 64-bit or 128-bit key length.
  • Page 22 • WPA-PSK: Provide shared key authenticaiton in WPA data encryption. Security Settings: WPA-PSK  Cipher Suite: Select an encryption method from TKIP (WPA), AES (WPA), TKIP (WAP2), AES (WAP2), or Mixed.  Pre-shared Key Type: Select a pre-shared key type: PSK (Hex) or Passphrase. ...
  • Page 23 • WPA-RADIUS: Authenticate users by RADIUS and provide WPA data encryption. Security Settings: WPA-RADIUS  WPA Settings: Cipher Suite: Select an encryption method from TKIP (WPA), AES (WPA), TKIP (WAP2), AES (WAP2), or Mixed. Group Key Update Period: The time interval for the Group Key to be renewed; the time unit is in seconds.
  • Page 24 Step 3: Configuring MAC ACL (Access Control List) Clicking on the hyperlink corresponding with intended VAP in the MAC ACL column, the user will be brought to the Access Control Settings page. Access Control Settings Page Please choose among Disable, Allow, Deny, and RADIUS ACL from the drop-down menu of Access Control Type.
  • Page 25 MAC ACL Deny List...
  • Page 26 RADIUS ACL: Authenticate incoming MAC addresses by an external RADIUS server. When RADIUS ACL is selected, all incoming MAC addresses will be authenticated by an external RADIUS server. Please note that each VAP’s MAC ACL and its security type (shown on the Security Settings page) share the same RADIUS configuration.

  • Page 27: Create A Wds Bridge

    WDS link creation will assist to extend network coverage where running wires is not an option, effectively transferring the traffics to the other end of WLAN/LAN through the EAP-110. Since this is a peer to peer connection, both EAP-110s will be configured by the same way.
  • Page 28 Step 2: Prevent Loops if Connecting Many APs When many APs are linked in this manner, undesired loops may form to lower overall WLAN performance. To prevent such occurrence, please make sure Layer 2 STP is enabled. To turn on this feature, please click on the System and then Network Interface tab. Network Settings Page Please select Enable in the field labeled Layer2 STP.

  • Page 29: Web Management Configuration

    7. Web Management Configuration This chapter will guide the user through the EAP-110’s detailed settings. The following table shows all the User Interface (UI) functions of LevelOne’s EAP-110 Enterprise Access Point. The Web Management Interface (WMI) is the page where the status is displayed, control is issued and parameters are configured.

  • Page 30: System

    7.1 System Upon clicking on the System button, users can work on this section for general configurations of the devices (e.g. Time Setup, Network Configurations, and System Logs). This section includes the following functions: General, Network Interface, and Management. 7.1.1 General System Information Page ...
  • Page 31 Enable NTP: By selecting Enabled NTP, EAP-110 can synchronize its system time with the NTP server automatically. While this method is chosen, at least one NTP server's IP address or domain name must be provided. NTP Time Configuration Fields Generally networks would have a common NTP server (internal or external). If there is, use that one, otherwise locate a nearby NTP server on the web.

  • Page 32: Network Interface

    • Layer 2 STP: If the EAP-110 is set up to bridge other network components, this option can be enabled to prevent undesired loops because broadcasting storm may occur in a multi-switch environment where broadcast packets are forwarded in an endless loop between switches. Moreover, a broadcast storm may consume most of available system resources in addition to available bandwidth.

  • Page 33: Management

    7.1.3 Management The management services (e.g. VLAN for Management, SNMP, and System log) can be configured here. Management Services Page • VLAN for Management: When it is enabled, management traffics from the system will be tagged with a VLAN ID. In other words, administrator who wants to access the WMI must send management traffics with the same VLAN ID such as connecting to a specific VAP with the same VLAN ID.
  • Page 34 • SNMP Configuration: By enabling SNMP function, the administrator can obtain the system information remotely. SNMP Configuration Fields  Enable/ Disable: Enable or Disable this function.  Community String: The community string is required when accessing the Management Information Base (MIB) of the system. Read: Enter the community string to access the MIB with Read privilege.
  • Page 35 • GRE Tunnel: When an EAP-110 is discovered or added to the AP list, it can be logically deployed into the Controller’s managed network regardless of its physical location by tunnels. All of the configuration should be performed on the Controller side. It is meaningless to configure GRE tunnel settings from the EAP-110 side only.

  • Page 36: Vap Overview

    An overall status is collected on this page, including ESSID, State, Security Type, MAC ACL, and Advanced Settings, where EAP-110 features 8 VAPs with respective settings. In this table, please click on the hyperlink to further configure each individual VAP.
  • Page 37 • State: The hyperlink showing Enable or Disable connects to the VAP Configuration page. VAP Overview Page – State • Security Type: The hyperlink showing the security type connects to the Security Settings Page. VAP Overview Page – Security Type...
  • Page 38 • MAC ACL: The hyperlink showing Allow or Disable connects to the Access Control Settings Page. VAP Overview Page – MAC ACL • Advanced Settings: The advanced settings hyperlink connects to the Advanced Wireless Settings Page. VAP Overview Page – Advanced Settings...

  • Page 39: General

    7.2.2 General AP’s general wireless settings can be configured here: AP General Settings Page • Band: Select an appropriate wireless band: 802.11b, 802.11g, 802.11b+802.11g, 802.11g+802.11n or select Disable if the wireless function is not required. • Short Preamble: The short preamble with a 56-bit synchronization field can improve WLAN transmission efficiency.
  • Page 40 • Beacon Interval (ms): The entered amount of time indicates how often the beacon signal will be sent from the access point. **Due to RF regulation in different nations, available values in the above table will differ. Table 2 RF Configurations (under normal circumstances in certain countries) Short Max Transmit Transmit...

  • Page 41: Vap Configuration

    VAP. It can be coupled with different service level like a variety of wireless security types. • VLAN ID: EAP-110 supports tagged VLANs (virtual LANs). To enable VLAN function, each VAP shall be given a unique VLAN ID with valid values ranging from 1 to 4094.

  • Page 42: Security

    7.2.4 Security EAP-110 supports various wireless authentication and data encryption methods in each VAP profile. With this, the administrator can provide different service levels to clients. The security type includes None, WEP, 802.1X, WPA-PSK, and WPA-RADIUS. • None: Authentication is not required and data is not encrypted during transmission when this option is selected.
  • Page 43  802.11 Authentication: Select from Open System, Shared Key, or Auto.  WEP Key Length: Select from 64-bit, 128-bit, 152-bit key length.  WEP Key Format: Select from ASCII or Hex format for the WEP key.  WEP Key Index: Select a key index from 1~4. The WEP key index is a number that specifies which WEP key will be used for the encryption of wireless frames during data transmission.
  • Page 44  Dynamic WEP Settings: Dynamic WEP: For 802.1X security type, Dynamic WEP is always enabled to automatically generate WEP keys for encryption. WEP Key Length: Select from 64-bit or 128-bit key length. Re-keying Period: The time interval for the dynamic WEP key to be updated; the time unit is in second.
  • Page 45  WPA-RADIUS: If this option is selected, the RADIUS authentication and data encryption will be both enabled. Security Settings: WPA-RADIUS  WPA Settings: Cipher Suite: Select an encryption method from TKIP (WPA), AES (WPA), TKIP(WAP2), AES (WAP2), or Mixed. Group Key Update Period: The time interval for the Group Key to be renewed; the time unit is in seconds.

  • Page 46: Repeater

    Repeater Settings: Universal Repeater  If WDS is selected, EAP-110 can support up to 4 WDS links to its peer APs. Security Type (None, WEP, or WPA/PSK) can be configured to decide which encryption to be used for WDS connections respectively.

  • Page 47: Advanced

    The RTS mechanism will be activated if the data size exceeds the value provided. A lower RTS Threshold setting can be useful in areas where many client devices are associating with EAP-110 or in areas where the clients are far apart and can detect only EAP-110 but not each other.
  • Page 48 <To receive the benefits of WMM QoS> ▬ The application must support WMM. ▬ WMM shall be enabled on EAP-110. ▬ WMM shall be enabled in the wireless adapter on client’s computer. • IAPP: IAPP (Inter Access Point Protocol) is a protocol by which access points share information about the stations that are connected to them.

  • Page 49: Access Control

    7.2.7 Access Control On this page, the network administrator can restrict the total number of clients connected to the EAP-110, as well as specify particular MAC addresses that can or cannot access the device. Access Control Settings Page • Maximum Number of Clients EAP-110 supports various methods of authenticating clients for wireless LAN access.
  • Page 50 • Access Control Type The administrator can restrict the wireless access of client devices based on their MAC addresses.  Disable Access Control: When Disable is selected, there is no restriction for client devices to access the system.  MAC ACL Allow List: When selecting MAC ACL Allow List, only the client devices (identified by their MAC addresses) listed in the Allow List (“allowed MAC addresses”)are granted with access to the system.
  • Page 51  MAC ACL Deny List: When selecting MAC ACL Deny List, all client devices are granted with access to the system except those listed in the Deny List (“denied MAC addresses”). The administrator can allow any denied MAC address to connect to the system temporarily by checking Disable.
  • Page 52  RADIUS ACL: Authenticate incoming MAC addresses by an external RADIUS. When RADIUS ACL is selected, all incoming MAC addresses will be authenticated by an external RADIUS. Please note that each VAP’s MAC ACL and its security type (shown on the Security Settings page) share the same RADIUS configuration.

  • Page 53: Site Survey

    7.2.8 Site Survey Sit Survey is a useful tool to provide information about the surrounding wireless environment; available APs are shown with their respective SSID, MAC Address, Channel, Rate setting, Signal reading, and Security type. The administrator can click Setup or Connect to configure the wireless connection according to the mentioned readings when Repeater Type is Universal Repeater.
  • Page 54  WPA-PSK: Click Setup to configure the WPA-PSK setting for associating with the target The following configuration box will then appear at the bottom of the screen. Information provided here must be consistent with the security settings of the target AP.

  • Page 55: Firewall

    7.3 Firewall The system provides an added security feature, Layer2 Firewall, in addition to typical AP security. Layer2 Firewall offers a firewall function that is tailored specifically for Layer2 traffics, providing another choice of shield against possible security threats coming from/going to WLAN (AP interfaces); hence, besides firewall policies configured on gateways, this extra security feature will assist to mitigate possible security breach.
  • Page 56 From the overview table, each rule is designated with the following field;  No.: The numbering will decide the priority to let system carry out the available firewall rules in the tables.  State: The check marks will enable the respective rules. ...
  • Page 57  Interface: It can indicate inbound/outbound direction with desired interfaces.  Service (when EtherType is IPv4): Select the available upper layer protocols/services from the drop- down list.  DSAP/SSAP (when EtherType is IEEE 802.3): The value can be further specified for the fields in 802.2 LLC frame header.
  • Page 58 >>To insert a specific rule, In in Setting column of firewall list will lead to the following page for detail configuration with rule ID for the current inserted rule. From this page, the rule can be edited form scratch or from an existing rule for revision. >>To move a specific rule, MV in Setting column of firewall list will lead to the following page for reordering confirmation.

  • Page 60: Service

    (when EtherType is IPv4). EAP-110 provides a list of rules to block or pass traffics of layer-3 or above protocols. These services are available to choose from drop-down list of layer2 firewall rule edit page with Ether Type to be IPv4. The first 28 entries are default services and the administrator can add/delete any extra desired services.

  • Page 61: Advanced

    7.3.3 Advanced Advanced firewall settings are used to supplement the firewall rules, providing extra security enhancement against DHCP and ARP traffics traversing the available interfaces of system.  Trust Interface: Each VAP interface can be checked individually to mark as trusted interfaces; security enforcements on DHCP/ARP like DHCP snooping and ARP inspection will be carried out on non-trusted interfaces.

  • Page 62: Utilities

    7.4 Utilities The administrator can maintain the system on this page: Change Password, Backup & Restore, System Upgrade, and Reboot. 7.4.1 Change Password To protect the Web Management Interface from unauthorized access, it is highly recommended to change the administrator’s password to a secure password. Only alpha-numeric characters are allowed, and it is also recommended to make use of a combination of both numeric and alphabetic characters.

  • Page 63: Backup & Restore

    7.4.2 Backup & Restore This function is used to backup and restore the EAP-110 settings. The EAP-110 can also be restored to factory defaults using this function. It can be used to duplicate settings to other access points (backup settings of this system and then restore on another AP).

  • Page 64: System Upgrade

    7.4.3 System Upgrade The EAP-110 provides a web firmware upload / upgrade feature. The administrator can download the latest firmware from the website and save it on the administrator’s PC. To upgrade the system firmware, click Browse to choose the new firmware file you downloaded onto your PC and then click Upload to execute the process.

  • Page 65: Reboot

    7.4.4 Reboot This function allows the administrator to restart the EAP-110 safely. The process shall take about three minutes. Click Reboot to restart the system. Please wait for the blinking timer to complete its countdown before accessing the system’s Web Management Interface again. The System Overview page will appear after reboot successfully.

  • Page 66: Status

    7.5 Status This page is used to view the current condition and state of the system and includes the following functions: Overview, Associated Clients, Repeater and Event Log. 7.5.1 Overview The System Overview page provides an overview of the system status for the administrator. System Overview Page...
  • Page 67 Table 3 Status Page's Organizational Layout Item Description System Name The system name of the EAP-110. Firmware Version The present firmware version of the EAP-110 The present firmware build number of the EAP- Build Number System Location The location of the EAP-110.

  • Page 68: Associated Clients

    7.5.2 Associated Clients The administrator can remotely oversee the status of all associated clients on this page. When a low SNR is found here, the administrator can tune the corresponding parameters or investigate the settings of associated clients to improve network communication performance. Associated Client Status Page •...

  • Page 69: Repeater

    7.5.3 Repeater The system supports 3 options of Repeater types including status of MAC Address, SNR, TX Rate, TX Count and TX Errors. WDS Link Status Page • WDS Link Status: The table will indicate the link status of all WDS interfaces. ...

  • Page 70: Event Log

    Hostname: Indicates which host recorded this event. Note that all events on this page are local events, so the hostname in this field is always the same. However, in remote SYSLOG service, this field will help the administrator identify which event is from this EAP-110. •...

  • Page 71: Online Help

    7.6 Online Help The Help button is at the upper right corner of the display screen. Click Help for the Online Help window, and then click the hyperlink of the relevant information needed. Online Help Corner Online Help Page...
  • Page 72 P/N: V11020110620...

Table of Contents