Page 1
Order toll-free in the U.S.: Call 877-877-BBOX (outside U.S. call 724-746-5500) Customer FREE technical support 24 hours a day, 7 days a week: Call 724-746-5500 or fax 724-746-0746 Support Mailing address: Black Box Corporation, 1000 Park Drive, Lawrence, PA 15055-1018 Information Web site: www.blackbox.com • E-mail: info@blackbox.com...
Page 2
Trademarks Used in this Manual Trademarks Used in this Manual Black Box and the Double Diamond logo are registered trademarks of BB Technologies, Inc. Kensington is a registered trademark of Acco Brands Corporation. AirMagnet is a registered trademark of AirMagnet, Inc.
Page 3
FCC and IC RFI Statements Federal Communications Commission and Industry Canada Radio Frequency Interference Statements This equipment generates, uses, and can radiate radio-frequency energy, and if not installed and used properly, that is, in strict accordance with the manufacturer’s instructions, may cause inter ference to radio communication. It has been tested and found to comply with the limits for a Class A computing device in accordance with the specifications in Subpart B of Part 15 of FCC rules, which are designed to provide reasonable protection against such interference when the equipment is operated in a commercial environment.
Page 4
NOM Statement/Radiation Exposure Statement Instrucciones de Seguridad (Normas Oficiales Mexicanas Electrical Safety Statement) 1. Todas las instrucciones de seguridad y operación deberán ser leídas antes de que el aparato eléctrico sea operado. 2. Las instrucciones de seguridad y operación deberán ser guardadas para referencia futura. 3.
SmartPath APs are intended to be operated in all countries of the European Community. Requirements for indoor vs. outdoor operation, license requirements and allowed channels of operation apply in some countries as described below. • Before operating a SmartPath AP, the admin or installer must properly enter the current country code as described in Black Box product documentation.
Dutch: Hierbij verklaart Black Box dat het toestel Radio LAN device in overeenstemming is met de essentiële eisen en de andere relevante bepalingen van richtlijn 1999/5/EG. Bij deze Black Box dat deze Radio LAN device voldoet aan de essentiële eisen en aan de overige relevante bepalingen van Richtlijn 1999/5/EC.
Page 7
Black Box die Übereinstimmung des Gerätes Radio LAN device mit den grundlegenden Anforderungen und den anderen relevanten Festlegungen der Richtlinie 1999/5/EG. (Wien) Italian: Con la presente Black Box dichiara che questo Radio LAN device è conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999/5/CE.
Page 8
SmartPath AP Safety Compliance • The attachment plug must be an earth-grounding type with NEMA 5-15P (15 A, 125 V) or NEMA 6-15 (15 A, 250 V) configuration. Denmark only: • The supply plug must comply with Section 107-2-D1, Standard DK2-1a or DK2-5a. •...
The Smart Path AP (LWN602A) Overview ............................47 4.1 Hardware Description ................................47 4.2 Ethernet Port ..................................48 4.3 Status Indicator ................................. 48 4.4 Antennas ....................................49 Mounting a Smart Path AP (LWN602A) Device ........................49 4.5.1 Ceiling Mount ...............................50 4.5.2 Surface Mount ..............................51 Device, Power, and Environmental Specifications ........................52...
Page 10
Table of Contents Smart Path EMS Appliance Online ...............................59 Using Smart Path EMS .................................61 Installling and Connecting to the Smart Path EMS GUI .......................61 Introduction to the Smart Path EMS GUI ..........................67 7.2.1 Viewing Reports ..............................68 7.2.2 Searching ................................68 7.2.3 Multiselecting ...............................70 7.2.4 Cloning Configurations ............................70...
Page 11
Table of Contents 11.5 Example 5: Loading a Bootstrap Configuration .........................155 11.6 Command Line Interface (CLI) Commands for Examples ....................157 11.6.1 Commands for Example 1 ...........................157 11.6.2 Commands for Example 2 ...........................157 11.6.3 Commands for Example 3 ...........................158 11.6.4 Commands for Example 4 ...........................158 11.6.5 Commands for Example 5 ...........................160 Traffic Types ...................................162 Appendix.
Chapter 1: Specifications 1.3 Smart Path EMS Appliance (LWN600MA) Fans: (2) system, (1) power Form Factor: 1U rackmountable device Interface: Serial port: (1) DB9 male RS-232 port, 9600 bps, (8) data bits, no parity, (1) stop bit, no flow control; USB port: Standard Type A USB 2.0 port;...
2.1 Assessing Your Requirements To get started with your Black Box WLAN installation, examine the basic requirements of your implementation. First, consider who your stakeholders are and take the time to fully understand their access requirements. Talk to department managers within your organization and make sure everyone has documented the full complement of potential network users.
Chapter 2: Preparing for a WAN Deployment Upgrading from a thin AP solution is also easy. However, because a thin AP makes use of an overlay tunneled network, you sometimes have to add a local VLAN for access or use tunnels to replicate the overlay network. However, because using VLANs rather than tunnels provides significant performance and scalability advantages, which is clearly the recommended path.
Chapter 2: Preparing for a WAN Deployment • Deploy and Check In this scenario, an initial site survey is not performed. Instead, wireless administrators make educated guesses on the best locations for the access points, or they use a planning tool to determine the locations more reliably. After deploying the access points, the administrators do a quick site survey.
Page 17
If following general guidelines do not provide enough confidence or if the deployment environment is particularly challenging, you might consider using software planning tools like AirMagnet Planner or Ekahau Site Survey (ESS). Black Box also includes a free ® planning tool with the SmartPath AP on-line software. Such tools are useful in determining the placement of access points with- out performing a site survey.
Chapter 2: Preparing for a WAN Deployment • Client Software - Depending on the deployment, users can use built-in Microsoft Windows , Linux and/or Macintosh client software ® ® ® ® (supplicants). - For better services and troubleshooting, consider a third-party supplicant such as Juniper Networks Odyssey Client.
Page 19
As anyone who has administered a WLAN system in the past knows, proper configuration of the access point antennas at the outset can save you lots of trouble. The SmartPath AP (LWN602A) has internal antennas that cannot be adjusted. However, the antennas for the SmartPath (LWN602HA) are adjustable. The SmartPath AP (LWN602A) has a pair of fixed, dual- band omnidirectional antennas;...
2.2.7 Preparing the Wired Network for Wireless One of the advantages of moving to a Black Box WLAN is that you do not have to make changes to the underlying network, such as putting controllers into wiring closets. This can save you considerable time and effort during installation. However, some network changes might make sense for some deployments.
Some of the most common issues that arise after deploying a new wireless network are RF interference, RADIUS issues, and desk- top client issues. The first step in troubleshooting is to look at logs and use debug commands. Black Box offers an extensive set of event monitoring and debug tools that you can use through SmartPath EMS, the SmartPath AP network management system.
Page 22
Chapter 2: Preparing for a WAN Deployment The first concept to understand is signal strength and how it relates to throughput. Radio power is measured in decibels relative to one milliwatt (dBm) where 0 dBm = 1 milliwatt, but decibels increase using a log10 math function. Rather than dusting off your old math books and pulling out your calculator, look at the dBm-to-milliwatt converter that appears below.
Page 23
Chapter 2: Preparing for a WAN Deployment Signal strength not only diminishes over distance, but it can also be affected by objects in the way (see Figure 2-4). This can be a wall, a tree, or even a person. There is a fairly predictable dB drop through most objects that also decreases the SNR, thus decreasing the data rate.
Page 24
1, 5, 9 to counter interference from microwaves, which tend to cause interference in the high end of the spectrum. Black Box recommends alternative channel layouts only for the most challenging radio environments. Designing a channel pattern is easier for the 5-GHz spectrum. Depending on the country and the device being used, there are between 4 and 24 channels available for Wi-Fi use.
Page 25
Chapter 2: Preparing for a WAN Deployment Secondary Path Primary Path Secondary Path Figure 2-7. Multipath radio waves. NOTE: If you would like to learn more about how radio-frequency propagation works or the details of 802.11, Wikipedia provides excellent background information under the entries “IEEE 802.11,” “radio propagation,” and “multipath.” Additionally, spending a few hours with a site survey tool such as AirMagnet Surveyor or the Ekahau Site Survey (ESS) and a few test APs can increase both your familiarity with Wi-Fi propagation and your confidence about how it behaves.
Chapter 3: The SmartPath AP (LWN602HA) Overview 3. The SmartPath AP (LWN602HA) Overview The SmartPath AP is a high-performance and highly reliable 802.11n wireless access point. The SmartPath AP provides dual concurrent 802.11b/g/n and 802.11a/n radios for 3x3 MIMO (Multiple In, Multiple Out) and dual 10/100/1000 Ethernet ports for link aggregation or link redundancy.
Page 27
PoE injectors available as an optional accessory from Black Box. (If you connect the SmartPath AP to a power source through the power connector and PoE ports simultaneously, the device draws power through the power connector and automatically disables PoE.)
Chapter 3: The SmartPath AP (LWN602HA) Overview 3.2 Ethernet and Console Ports There are three ports on the SmartPath AP: two RJ-45 10/100/1000BASE-T/TX Ethernet ports and an RJ-45 console port. The pin assignments in the PoE (Power over Ethernet) Ethernet ports follow the TIA/EIA-568-B standard (see Figure 3-3 and Table 3-2). The ports accept standard types of Ethernet cable—CAT3, CAT5, CAT5e, or CAT6—and can receive power over this cable from power sourcing equipment (PSE) that is 802.3af-compatible.
Page 29
Chapter 3: The SmartPath AP (LWN602HA) Overview Table 3-3. T568A Wire Color. T568A Wire Color White/Green Green White/Orange Blue White/Blue Orange White/Brown Brown Figure 3-4. T568A Terminated Ethernet Cable with an RJ-45 connector. Table 3-4. T568B Wire Color. T568A Wire Color White/Orange Orange White/Green...
Chapter 3: The SmartPath AP (LWN602HA) Overview 3.2.1 Smart PoE The SmartPath AP (LWN602HA) applies the concept of smart PoE to adjust power consumption as necessitated by varying levels of available power. The SmartPath AP supports PoE on both its ETH0 or ETH1 interfaces and can draw power through either one or through both simultaneously.
Page 31
Chapter 3: The SmartPath AP (LWN602HA) Overview Switch(config)#interface fastEthernet 0/1 Switch(config-if)#switchport mode access Switch(config-if)#channel-group 1 mode on Switch(config-if)#spanning-tree portfast Switch(config-if)#exi Switch(config)#int fastEthernet 0/2 Switch(config-if)#switchport mode access Switch(config-if)#channel-group 1 mode on Switch(config-if)#spanning-tree portfast Switch(config-if)#exit Switch(config)#exit Switch#wr mem Finally, you must cable the Cisco switch and the SmartPath AP together: Cisco 0/1 to SmartPath AP eth0, and Cisco 0/2 to SmartPath AP eth1.
Chapter 3: The SmartPath AP (LWN602HA) Overview 3.2.3 Console Port The pin-to-signal mapping in the RJ-45 console port is shown shown in Figure 3-6. Table 3-5. Console port pin assignments. Signal Direction RTS (Request to Send) Output, unused DTR (Data Terminal Ready) Output, unused TXD (Transmitted Data) Output...
Chapter 3: The SmartPath AP (LWN602HA) Overview SmartPath AP (LWN602HA) HiveAP 340 CONSOLE Console Port COM Port COM Port Rollover cable with (on Back Panel) (on back panel) Rollover Cable with RJ-5 connectors RJ-45 Connectors Management System RJ-45-to-Female DB9 adapter RJ-45-to-Female DB-9 Adapter Management System Figure 3-7.
Chapter 3: The SmartPath AP (LWN602HA) Overview • Pulsing green: 1000-Mbps Ethernet link is up and active • Steady amber: 10-/100-Mbps Ethernet link is up but inactive • Pulsing amber: 10-/100-Mbps Ethernet link is up and active WIFI0 and WIFI1 •...
Chapter 3: The SmartPath AP (LWN602HA) Overview Generally, orient the antennas vertically for improved radio coverage, as shown here: When mounting the SmartPath AP (LWN602HA) on a ceiling, orient its antennas downward. When mounting the SmartPath AP on a wall or post, fully extend its antennas upward and downward.
Page 36
Chapter 3: The SmartPath AP (LWN602HA) Overview In previous 802.11 standards, access points and clients each used a single set of components, or RF chain, for transmitting or receiving. Although two antennas are often used for diversity, only the one with the best signal-to-noise ratio is used at any given moment, and that antenna makes use of the single RF chain while the other antenna remains inactive.
Chapter 3: The SmartPath AP (LWN602HA) Overview 3.4.2 Using MIMO with Legacy Clients In addition to supporting up to 300-Mbps throughput per radio for 802.11n clients, MIMO can improve the reliability and speed of legacy 802.11a/b/g client traffic. When an 802.11a/b/g access point does not receive acknowledgement that a frame it sent was received, it resends that frame, possibly at a somewhat lower transmission rate.
Page 38
Chapter 3: The SmartPath AP (LWN602HA) Overview (worms’s eye view with ceiling Ceiling Track Worm’s eye view with ceiling tiles removed for clarity) tiles removed for clarity. Track Clip Press the track clips against the ceiling track and swivel them until they snap into place, gripping the edges of the track.
Page 39
Chapter 3: The SmartPath AP (LWN602HA) Overview Mounting Plate (side view) (side view) Mounting Plate SmartPath AP (LWN602HA) shown as transparent for clarity HiveAP 340 (shown as transparent for clairty) With the SmartPath AP upside With the HiveAP 340 upside down, align its port side with the down, align its port side with bottom end of the plate.
To mount the SmartPath AP in the plenum space above a dropped ceiling grid, you need the mounting plate, hanger clip, and a standard 24"-wide hanger frame, which can be ordered separately (call Black Box Technical Support at 724-746-5500 for details).
Page 41
Chapter 3: The SmartPath AP (LWN602HA) Overview 4. Remove the ceiling tile next to the area where you want to mount the device. 5. Press the hanger frame downward into place on the ceiling track until the claws on each leg grips the track below the top ridge (see Figure 3-17).
Chapter 3: The SmartPath AP (LWN602HA) Overview SmartPath AP attached to the mounting plate Bird’s eye view with the ceiling tiles and ceiling tracks removed for clarity Hanger frame Insert the hanger clip upward through the center slot in the hanger frame. Rotate the SmartPath AP and the attached mounting accessories coun- terclockwise until the clip locks in...
Page 43
Chapter 3: The SmartPath AP (LWN602HA) Overview 2. Push the tabs into the slots and slide the SmartPath AP toward its port panel. This repositions the tabs in the narrower, rectangular section of the slots and holds the device firmly in place below the mounting plate. Mounting Plate The recommended holes for the four strands are shaded in.
Page 44
Chapter 3: The SmartPath AP (LWN602HA) Overview Wrap the wire around a beam, clip the hook to the rope, and then pull the rope downward until it is taut against the beam. Wrap the wire rope around a beam, clip the hook to the rope, and then pull the rope downward until it is taut against the beam.
Chapter 3: The SmartPath AP (LWN602HA) Overview 3.5.4 Surface Mount You can use the mounting plate to attach the SmartPath AP to any surface that supports its weight, and to which you can screw or nail the plate. First, mount the plate to the surface. Then, through one of the two large openings in the plate, make a hole in the wall so that you can pass the cables through to the SmartPath AP.
Chapter 3: The SmartPath AP (LWN602HA) Overview 3.6 Device, Power, and Environmental Specifications Understanding the range of specifications for the SmartPath AP is necessary for optimal deployment and device operation. The following specifications describe the physical features and hardware components, the power adapter and PoE electrical require- ments, and the temperature and humidity ranges in which the device can operate.
4.1 Hardware Description The SmartPath AP (LWN602A) is a multichannel wireless access point. It contains a dual-band radio that can operate at either 2.4 GHz or 5 GHz—but not in both bands simultaneously. The SmartPath AP contains a 2.4-GHz radio and a 5-GHz radio that can operate concurrently through four internal antennas.
4.3 Status Indicator The status indicator has been incorporated into the Black Box logo on the top of the SmartPath AP LWN602A. It is illuminated by various colors to indicate different states of activity. The meanings of the colors are as follows: •...
(heart-shaped) pattern around each antenna (see Figure 2-1). On the SmartPath AP LWN602A, the two 2.4-GHz antennas link to one radio, and the two 5-GHz antennas link to the other radio, both of which can operate concurrently. The relationship of antennas and radios is shown in Figure 4-3.
Chapter 4: SmartPath AP (LWN602A) Overview NOTE: In addition to these methods, you can also mount the SmartPath AP on a table using the set of four rubber feet that ship with the product. Simply peel the rubber feet off the adhesive sheet and press them against the underside of the SmartPath AP in its four corners.
4.5.2 Surface Mount You can attach the SmartPath AP LWN602A to any flat surface that supports its weight. First, attach two screws to the surface. Then, make a hole in the wall a few inches or centimeters above the screws so that you can pass the cables through the wall to the SmartPath AP.
SmartPath AP” in Section 4.5.1. 4.6 Device, Power, and Environmental Specifications Understanding the specifications for the SmartPath AP LWN602A is necessary for optimal deployment and device operation. The following specifications describe the physical features and hardware components, the power adapter and PoE (Power over Ethernet) electrical requirements, and the temperature and humidity ranges in which the device can operate.
Chapter 5: The SmartPath EMS Platform 5. The SmartPath EMS Platform The SmartPath EMS Network Management System provides centralized configuration, monitoring, and reporting for multiple SmartPath APs. The following are a few of the many benefits that a SmartPath EMS offers: •...
Chapter 5: The SmartPath EMS Platform Table 5-1. SmartPath EMS component descriptions. Component Description The two mounting brackets allow you to mount the SmartPath EMS in a standard 19" (48.26 cm) equipment Mounting Brackets rack. You can also move the brackets to the rear of the chassis if you need to reverse mount it. A male DB9 serial port to which you can make a console connection using an RS-232 (or "null modem") cable.
Page 55
Chapter 5: The SmartPath EMS Platform View of an Ethernet port on the SmartPath EMS Link Activity LED Link Rate LED Dark: Link is down Dark: 10 Mbps Steady Amber: Link is up, but inactive Green: 100 Mbps Blinking Amber: Link is up and active Amber: 1000 Mbps 8—1 Pin Numbers...
Chapter 5: The SmartPath EMS Platform 1 2 3 Figure 5-4. View of the console port on the SmartPath EMS. Table 5-3. RS-232 standard pin assignments. Signal Direction DCD (Data Carrier Detect) Not used RXD (Received Data) Input TXD (Transmitted Data) Output DTR (Data Terminal Ready) Not used...
Chapter 5: The SmartPath EMS Platform 5.4 Rackmounting the SmartPath EMS You can mount the SmartPath EMS in a standard 19" (48 cm) equipment rack with two rack screws—typically ⁄ ", ⁄ ", or ⁄ " long with 10-32 threads. The SmartPath EMS ships with mounting brackets already attached to its left and right sides near the front panel (see Figure 5-1).
Page 58
Chapter 5: The SmartPath EMS Platform Power Specifications • ATX (Advanced Technology Extended) autoswitching power supply with PFC (power factor corrector): • Input: 100–240 VAC • Output: 250 watts • Power supply cord: Standard three-conductor SVT 18 AWG cord with an NEMA5-15P three-prong male plug and three-pin socket Environmental Specifications •...
In addition to a physical SmartPath EMS appliance, the SmartPath EMS network management system is available in one other form. SmartPath EMS Online is a cloud-based service running on hardware hosted and maintained by Black Box (see Figure 6-1). This management system provides cost-effective alternatives for managing WLAN networks that might not require the investment of a physical SmartPath EMS appliance.
Page 60
Chapter 6: SmartPath EMS Appliance Online SmartPath.blackbox.com (1) The SmartPath AP initially forms a CAPWAP connection with SmartPath.blackbox.com. Online Server VSPM-1 (2) When the online server discovers an entry for the SmartPath AP assigning it to VSPM-1, it redirects the SmartPath AP to that VSPM.
Chapter 7: Using SmartPath EMS 7. Using SmartPath EMS Think of the cooperative control architecture as consisting of three broad planes of communication. On the data plane, wireless clients gain network access by forming associations with SmartPath APs. On the control plane, SmartPath APs communicate with each other to coordinate functions such as best-path forwarding, fast roaming, and automatic RF management.
Page 62
DB9 connector. (For more details, see Section 5.2, Ethernet and Console Ports.) The GUI requirements for the management system are as follows: • Minimum screen resolution of 1280 x 1024 pixels • Standard browser—Black Box recommends Internet Explorer v7.0 or Mozilla Firefox v2.0.0 or later—with Flash v9.0 or later,...
Page 63
Chapter 7: Using SmartPath EMS Clusters in different subnets Router Switch Hives in different subnets 10.1.1.1 10.1.1.8/24 10.1.3.0/24 10.1.4.0/24 Router 10.1.2.1 10.1.2.8/24 10.1.5.0/24 SmartPath HiveManager Each cluster contains Admin SCP Server Each hive contains 10.1.7.34 10.1.6.12 multiple HiveAPs. multiple SmartPath APs Static Routes: SmartPath EMS sends traffic destined for 10.1.6.0/24 to 10.1.2.1.
Page 64
Figure 7-5. SmartPath EMS license information. For a physical SmartPath EMS appliance, select Install License Key, copy the license key text string previously supplied by Black Box in an e-mail message, paste it in the License Key field, and then click Install.
Page 65
If you do not have a license key yet, please contact Black Box Technical Support at 724-746-5500 or support@blackbox.com. You’ll need to supply valid account information. 6. After entering a license key, the Black Box Corporation End User License Agreement appears. Read it over, and if you agree with its content, click “Agree.”...
Page 66
Chapter 7: Using SmartPath EMS Figure 7-6. Start Here screen. If you want, you can change just one password at this time, or leave them both as the default and change them later. To see the password string that you enter, clear Obscure Password. 9.
Chapter 7: Using SmartPath EMS 7.2 Introduction to the SmartPath EMS GUI Using the SmartPath EMS GUI, you can set up the configurations needed to deploy, manage, and monitor large numbers of SmartPath APs. The configuration workflow is described in Section 7.3. The GUI consists of several important sections, which are shown in Figure 7-7.
Chapter 7: Using SmartPath EMS 7.2.1 Viewing Reports When viewing reports that contain graphs (Monitor > Reports …), you can use your mouse to control what information SmartPath EMS displays. Moving your mouse over a measurement point on any line in a graph displays the type of data being reported and the date, time, and value of the measurement.
Page 69
Chapter 7: Using SmartPath EMS Figure 7-10. Search tool. The following items are ignored when using the search tool: • The names of fields in dialog boxes • The settings on the following Home > Administration pages: SmartPath EMS Settings, SmartPath EMS Services, and SPM Notification Mail List •...
Chapter 7: Using SmartPath EMS 7.2.3 Multiselecting You can select multiple objects to make the same modifications or perform the same operation to all of them at once. Select the check boxes to select multiple noncontiguous objects, or shift-click to select check boxes for multiple contiguous objects.
Chapter 7: Using SmartPath EMS Figure 7-13. Cloning a cluster. 7.2.5 Sorting Displayed Data You can control how the GUI displays data in the main panel by clicking a column header. This causes the displayed content to reorder itself alphanumerically or chronologically in either ascending or descending order. Clicking the header a second time reverses the order in which the data is displayed.
Chapter 7: Using SmartPath EMS Figure 7-15. Indicates that the list appears in descending order from the top Indicates that the list appears in ascending order from the bottom 7.3 SmartPath Configuration Workflow (Enterprise Mode) Assuming that you have already set SmartPath EMS in Enterprise mode and configured its basic settings, and that you have deployed SmartPath APs, which are now connected to SmartPath EMS, you can start configuring the SmartPath APs through SmartPath EMS.* You can configure numerous objects, some of which might need to reference other objects.
SCP server, you can direct SmartPath EMS to log in and load it from a directory there. 1. I f you do not yet have an account on the Black Box Support portal, send an e-mail request to (info@blackbox.com) to set one 2.
SmartPath EMS makes it easy to update SmartPathOS firmware running on managed SmartPath APs. First, you obtain new SmartPath AP firmware from Black Box Technical Support and upload it onto SmartPath EMS. Then you push the firmware to the SmartPath APs and activate it by rebooting them.
Chapter 7: Using SmartPath EMS Password: Type a password that SmartPath EMS can use to log in securely to the SCP server. NOTE: To delete an old SmartPathOS file, select the file in the "Available Images" list, and then click Remove. 7.
Page 76
Chapter 7: Using SmartPath EMS When updating SmartPath APs in a mesh environment, the SmartPath EMS communicates with mesh points through their portal and, if there are any intervening mesh points, through them as well. While updating SmartPath APs in such an environment, it is important to keep the path from the SmartPath EMS to all SmartPath APs clear so that the data transfer along that path is not disrupted.
Chapter 8: Basic Configuration Examples 8. Basic Configuration Examples This chapter introduces the SmartPath EMS GUI in Enterprise mode through a series of examples showing how to create a basic configuration of an SSID, cluster, and WLAN policy. It then explains how to connect several SmartPath APs to SmartPath EMS, accept them for management, and push the configuration to them over the network.
Page 78
Chapter 8: Basic Configuration Examples A PSK is the simplest way to provide client authentication and data encryption: simply configure an SSID with the same PSK on the SmartPath AP and its clients. A PSK authenticates clients by the simple fact that the clients and SmartPath AP have the same key.
Page 79
Chapter 8: Basic Configuration Examples User profile assigned to users that associate with this SSID: default-profile The predefined user profile "default-profile" applies the standard SmartPath Quality of Service level through the predefined QoS policy "def-user-qos" and assigns user traffic to VLAN 1. SSID Broadcast Band: 2.4 GHz (11n/b/g) SmartPath APs have two radios: a 2.4-GHz radio, which supports 802.11n/b/g, and a 5-GHz radio, which supports 802.11n/a.
Chapter 8: Basic Configuration Examples Beacons SSID: test1-psk Key method: WPA-PSK or WPA2-PSK Encryption: CCMP (AES) or TKIP Supported rates and capabilities SmartPath AP Client Beacons The SmartPath AP broadcasts beacons advertising The HiveAP broadcasts beacons advertising the the SSID “test1 psk” and its security and network SSID “test1-psk”...
Chapter 8: Basic Configuration Examples In this example, you define a cluster and name it "cluster-test1". Later, in Section 8.3, you assign the cluster to a WLAN policy, which in turn, you assign to SmartPath AP devices in Section 8.5. NOTE: A WLAN policy is different from a cluster.
100–240 VAC power source or allow them to obtain power through PoE from PSE on the network. (Both power adapters and PoE injectors are available from Black Box as options.) Place the third SmartPath AP—SmartPath AP3—within range of the other two, and use a power adapter to connect it to an AC power source.
Page 83
Chapter 8: Basic Configuration Examples Router/Firewall/DHCP Server Switch/PSE The switch delivers power to SmartPath AP1 and Smart- Path AP2 through PoE. SmartPath AP2 SmartPath EMS SmartPathAP1 (Portal) (Portal) SmartPath AP3 (Mesh Point) Single Subnet Layer-2 Broadcasting Domain SmartPath AP3 receives power = Wired Link HiveAP3 receives power from a 100–240 VAC outlet.
Page 84
Chapter 8: Basic Configuration Examples CAPWAP Client CAPWAP Server (SmartPath AP) (SmartPath EMS) The CAPWAP client (SmartPath AP) pings the CAPWAP server (SmartPath The CAPWAP client (HiveAP) pings the CAPWAP server (HiveManager) EMS), but receives no responses within the neighbor-dead-interval. but receives no responses within the neighbor-dead-interval.
Page 85
Chapter 8: Basic Configuration Examples Check that the SmartPath APs have made a CAPWAP connection with SmartPath EMS: Click “Monitor > Access Points > SmartPath APs.” The page displays the three SmartPath APs that you put on the network. If you see the three SmartPath APs, refer to Figure 8-6. If you do not see them, check the following: •...
Page 86
Chapter 8: Basic Configuration Examples Auth (Authenticated)—The SmartPath AP has been authenticated and can now exchange data traffic. You can also check the presence of cluster neighbors by viewing the entries listed in the Supplicant column for the wifi1.1 interface in the output of the show auth command.
Page 87
Chapter 8: Basic Configuration Examples Audit icons: CAPWAP connection and security icons: You can customize the table contents Green square + red triangle: The by clicking the Edit Table icon. You can Green linked chain/red unlinked chain: The configuration on a SmartPath AP add more columns (radio channels and SmartPath AP is connected or disconnected.
Page 88
Chapter 8: Basic Configuration Examples • If SmartPath EMS continues to use its default domain name ("clustermanager") plus the name of the local domain to which it and the SmartPath APs belong, configure an authoritative DNS server with an A record that resolves "clustermanager.<local_ domain>"...
Chapter 8: Basic Configuration Examples 8.5 Example 5: Assigning the Configuration to SmartPath APs After completing the steps in the previous examples, you now assign the WLAN policy to the SmartPath APs. In addition, you set one radio in access mode and one in backhaul mode, and you change their login settings (and country code if necessary). Finally, you push the configuration to the SmartPath APs.
Page 90
Chapter 8: Basic Configuration Examples Figure 8-9. Monitor > Access Points > SmartPath APs (view mode: Config). Updating the Country Code For SmartPath APs intended for use in the United States, the region code is preset as "FCC"—for "Federal Communications Commission"—and the country code is preset as "United States".
Page 91
Chapter 8: Basic Configuration Examples Because SmartPath AP3 is a mesh point and the update involves changing its cluster—from cluster0 to cluster1-test—you must make sure to update its configuration before updating the configurations on SmartPath AP1 and SmartPath AP2. If you upload the configuration on all of them at the same time and schedule them to reboot too quickly (say, 1 second after the upload pro- cess completes), there is a chance that the portal through which the configuration for the mesh point is passing will reboot before the mesh point finishes receiving its configuration.
Page 92
Chapter 8: Basic Configuration Examples After SmartPath AP3 reboots to activate its new configuration, it tries to reconnect with SmartPath EMS. However, it cannot do so because it is a mesh point that now belongs to the cluster1-test cluster while its portals—SmartPath AP1 and 2—are still using their original configurations in which they are members of cluster0.
Chapter 9: Common Configuration Examples 9. Common Configuration Examples Through the use of examples, this chapter shows how to use SmartPath EMS in Enterprise mode to configure several features that are somewhat more advanced than those covered in the previous chapter. The examples cover topics such as topological maps, IEEE 802.1X authentication, captive web portals, and the SmartPath EMS concept of classifier tags, which is a method for assigning the different definitions of a single network object to various managed SmartPath APs.
Chapter 9: Common Configuration Examples 4 SmartPath APs 2 SmartPath APs Floors per Floor Floors per Floor Floors 8 SmartPath APs SmartPath APs Total Total Corporate Branch Headquarters Office VPN Tunnel Branch1 HQ-B1 HQ-B2 SmartPath EMS (in “HQ-B1”) Figure 9-1. Deployment overview. 9.1.1 Setting Up Topology Maps In this example, you upload maps to SmartPath EMS showing floor plans for three office buildings and organize them in a hierar- chical structure.
Page 95
Chapter 9: Common Configuration Examples Level 1 CorpOffices (Level-1 Map) Double-clicking a floor icon on the This map shows 3 buildings and 20 icons that link to level-2 maps. CorpOffices map (level 1) opens the corresponding level-2 map. You can also navigate to any map within the Topology Maps section of the navigation tree in the 8 icons linking...
Page 96
Chapter 9: Common Configuration Examples Map showing one of the floor plans SmartPath Uploading map to SmartPath EMS Management system Figure 9-3. Uploading a map of a building floor plan. 4. Repeat this for all the image files that you need to load, and then close the dialog box when done. For this example, you load these 21 files: •...
Chapter 9: Common Configuration Examples A floor icon labeled "HQ-B1-F2" appears on the CorpOffices image, and a new entry named "HQ-B1-F2" appears nested under "CorpOffices" in the navigation tree. 6. Select the icon and drag it to the location you want. After adding the CorpOffices "map"...
Page 98
For example, if the MAC OUI is 008C:1000:0120, you only need to write "000120" to be able to distinguish it from other SmartPath APs later. NOTE: 008C:10 is the Black Box MAC address portion. You need to change this. 1. Make copies of the maps uploaded to SmartPath EMS, label them, and take them along when installing the SmartPath APs.
Chapter 9: Common Configuration Examples 9.2 Example 2: IEEE 802.1x with an External RADIUS Server You can configure SmartPath APs to act as RADIUS authenticators, also known as RADIUS clients or network access server (NAS) devices. They forward IEEE 802.1X/EAP user authentication requests and responses between wireless supplicants and up to four RADIUS authentication servers (a primary and three backups).
Page 100
Chapter 9: Common Configuration Examples 1. To create a VLAN object for employee traffic, click “Configuration > Advanced Configuration > Network Objects > VLANs > New,” and then enter the following in the VLANs dialog box: VLAN Name: VLAN-10 Enter the following, and then click “Apply:” VLAN ID: 10 Type: Global Setting the type as "Global"...
Page 101
Chapter 9: Common Configuration Examples SmartPath APs as RADIUS Authenticators SmartPath AP RADIUS authenticators provide network access to wireless clients and pass authentication requests between the wireless clients acting as RADIUS supplicants and a RADIUS authentication server. In this section, you configure the settings that control how the SmartPath APs communicate with the RADIUS authentication server.
Page 102
Chapter 9: Common Configuration Examples Server Role: Primary To provide server redundancy, you can configure up to four RADIUS servers, designating one as the primary server and the others as backup servers. The RADIUS authenticators only send RADIUS authentication requests to the backup servers when the primary server becomes unreachable.
Page 103
Chapter 9: Common Configuration Examples Description: Employee and IT WLAN access; 802.1X SSID Access Security: WPA/WPA2 802.1X (Enterprise) Use Default 802.1X Settings: (select) By default, when a SmartPath AP hosts a WPA/WPA2 802.1X (Enterprise) SSID, it negotiations with clients over the use of WPA or WPA2 for key management and TKIP or CCMP (AES) for encryption, and uses whichever methods each client supports.
Page 104
Chapter 9: Common Configuration Examples Upload and activate CWP pages and Server key: (clear) Upload and activate certificate for RADIUS and VPN services: (clear) Upload and activate employee, guests, and contractor credentials: (clear) Check boxes for both SmartPath APs: (select) Connecting Supplicants to the WLAN The 802.1X authentication process is somewhat different depending on the operating system on which the RADIUS supplicant is running and whether the client uses the user’s login credentials to authenticate itself on a domain.
A captive web portal provides registered users with network access while containing unregistered users. Because the Black Box captive web portal feature is very flexible, you will have a number of choices to make when configuring it.
9.3.2 Providing Network Settings In addition to various registration types, Black Box offers two approaches to providing captive Web portal clients with network settings. One approach uses external DHCP and DNS servers on the network, and the other uses internal DHCP and DNS servers on the SmartPath AP itself.
Page 107
Chapter 9: Common Configuration Examples DNS address resolution HTTP connection to the captive web portal DNS Querient DNS Server HTTP Client HTTP Server HTTP GET DNS Query Reply DNS Reply The SmartPath AP allows DNS queries and When the client sends an HTTP or HTTPS replies between the client of an ungregistered GET command, the SmartPath AP intercepts it user and a DNS server.
Page 108
Chapter 9: Common Configuration Examples Association Using SSID “guest” Address and TCP/IP Assignments Wireless Client Wireless Access Point DHCP Client DHCP Server DHCP Discover Association Request DHCP Offer DHCP Request Association Response DHCP ACK SSID “guest” IP Address: 172.16.1.2 Netmask: 255.255.255.0 The client forms an association with the Default Gateway: 172.16.1.1*...
9.3.3 Modifying Captive Web Portal Pages Black Box provides .html files and images for use on the captive Web portal server and a tool in the GUI to modify the supplied text, colors, and images to better suit the needs of your organization. The various file names and their purposes are as follows. An example of the default web page components is shown in Figure 9-14: •...
Page 110
Chapter 9: Common Configuration Examples • use-policy.html (the page that appears when you click the Acceptable Use Policy link on the registration.html or auth-reg.html pages) blackbox_spacer.png (transparent image to offset the registration section from the top; size 200 x 103 px; 72 dpi) blackbox_3d_bg.png (solid background;...
You can also replace it with a file containing an image if you prefer. Footer Image: By default, this is a graphic of the Black Box logo. The file name is blackbox_logo_reverse.png and its dimensions are 111 x 48 px at 72 dpi. If you replace this with a different image, make sure it has the same or nearly the same dimensions to avoid distortion.
Page 112
Chapter 9: Common Configuration Examples • Firewall Policy—To maintain security, restrict visitors to accessing just the public network. • User Profile—Apply the QoS rate limiting and firewall policy to the user profile that the SmartPath AP applies to traffic from successfully registered users.
Page 113
Chapter 9: Common Configuration Examples Table 9-1. QoS rate limiting parameters. Weight % (Read Policing Rate Limit Policing Rate Limit Class Number—Name Scheduling Type Scheduling Weight Only) (kbps) (8-2.11a/b/g) (kbps) (802.11n) 7—Network Control Strict 6—Voice Strict 5—Video Weighted Round Robin 2000 2000 4—Controlled Load...
Page 114
Chapter 9: Common Configuration Examples Port Number: 4500 Service Idle Timeout: 1800 ALG Type: (leave blank) Firewall Policy Rules To create an IP firewall policy to control outgoing traffic, click Configuration > Advanced Configuration > Security Policies > IP Policies > New, and enter the following: Policy Name: guest-IP-policy-from-access Description: Allow guests to access the public network To add rules to permit DHCP, DNS, HTTP, HTTPS, IKE, and NAT-T to the public network while denying any type of traffic to the...
Page 115
Chapter 9: Common Configuration Examples Figure 9-15. Firewall policy rules. NOTE: If you need to rearrange a set of policy rules, select the checkbox to the left of a rule, and then click the Up and Down buttons on the right to move the selected rule to a new position. The rules in this policy allow clients to access a DHCP and DNS server to get their network settings and resolve DNS queries so that they can access the captive web portal.
Page 116
Chapter 9: Common Configuration Examples In this example, you only associate the user profile to an SSID that authenticates users with a preshared key, so the attri- bute number is not used here. It becomes important if you use a remote RADIUS authentication server for IEEE 802.1X authentication.
Page 117
Chapter 9: Common Configuration Examples Scheduling Weight: 5 The weight defines a preference for forwarding traffic. It does not specify a percentage or an amount. Its value is relative to the weights of QoS schedules in other user profiles in the same WLAN policy. Because wireless access for guests is mainly a convenience and not a necessity, you assign it a weight that is low in comparison to the weights of other user profiles to give guests the lowest priority.
Page 118
Chapter 9: Common Configuration Examples Key Value and Confirm Value: guest123 Enable Captive Web Portal: (select); CWP-guest1 Self-Registration Access: User Profile: Self-reg-guests(3) SSID Broadcast Band: 2.4 GHz (11n/b/g) WLAN Policy To add the SSID to an existing WLAN policy, click Configuration > WLAN Policies > wlan_policy, enter the following and then click Save: In the SSID Profiles section, click Add/Remove SSID Profile, select guest in the Available SSID Profiles list, click the right arrow ( >...
Chapter 9: Common Configuration Examples 4. Close the Web page and open a new browser window. The browser successfully opens to its home page, and you can visit other sites on the public network. If there is any Web server on the local network, try to browse to it and you will find that it is not possible.
Chapter 9: Common Configuration Examples *NOTE: It is also possible for groups of users to use the same private PSK. For example, you might find it expedient to create a single private PSK user for visitors. You then e-mail the private PSK user data to the lobby ambassador to hand out to all visitors that arrive that week.
Chapter 9: Common Configuration Examples User Profile Attribute: 35 VLAN ID: 1 Reauthorization Time: 1800 (default) NOTE: If you want to define advanced options, click + to expand the Private PSK Advanced Options section. You can modify the characteristics of keys that SmartPath EMS generates, such as their length, the types of characters used in them, the meth- od of their generation, and the period of time during which they are valid.
Chapter 9: Common Configuration Examples 9.4.4 Private PSK SSID To configure an SSID for the private PSK users that you have created, click Configuration > SSIDs > New, enter the following, and then click Save: Profile Name: star SSID: star The profile name is the name that you reference in the WLAN policy and contains the SSID and related configuration objects, such as user profiles and user groups.
Chapter 9: Common Configuration Examples 9.4.6 E-mail Notification To distribute the private PSK user definitions to the employees and the manager in charge of the contractors, click Configuration > Advanced Configuration > Authentication > Local Users, select the users, and then click Email PSK. The specified recipients receive a separate e-mail message for each private PSK user, with content like the following: PSK: hon;VP#243 Description: Use SSID star...
Chapter 9: Common Configuration Examples 9.5.2 Create a VLAN Object with Three Definitions Click Configuration > Advanced Configuration > Network Objects > VLANs > New, enter the following, and then click Apply: VLAN Name: branchVLAN-10-20-30 VLAN ID: 10 Type: Global Description: VLAN at Branch Office #1 Click New, enter the following, and then click Apply: VLAN ID: 20...
Page 127
Chapter 9: Common Configuration Examples The SmartPath AP Update Results page appears so that you can monitor the progress of the upload procedure. When complete, “100%” appears in the Upload Rate column and “Successful” appears in the Update Result column. Check that the VLANs are being applied properly: In the Upload and Activate Configuration dialog box, click the host name of a SmartPath AP at Branch Office 1, and then select View Configuration.
Chapter 10: SmartPath Operating System (OS) 10. SmartPath Operating System (OS) You can deploy a single SmartPath AP and it will provide wireless access as an autonomous AP. However, if you deploy two or more SmartPath APs in a cluster, you can provide superior wireless access with many benefits. A cluster is a set of SmartPath APs that exchanges information with each other to form a collaborative whole (see Figure 10-1).
Page 129
Chapter 10: SmartPath Operating System (OS) Table 10-1. Common default settings and commands. Default Settings Commands To disable the DHCP client: no interface mgt0 dhcp client DHCP client = enabled To set an IP address: interface mgt0 ip ip _ addr netmask To set the native (untagged) VLAN that the switch infrastructure in the surrounding wired VLAN ID = 1...
Chapter 10: SmartPath Operating System (OS) 10.2 Configuration Overview The amount of configuration depends on the complexity of your deployment. As you can see in "Deployment Examples (CLI)" in Chapter 11, you can enter a minimum of three commands to deploy a single SmartPath AP, and just a few more to deploy a cluster.
Chapter 10: SmartPath Operating System (OS) 10.2.2 Policy-Level Configurations Policies control how wireless clients access the network. The following list contains some key areas of policy-level configurations and relevant commands. • QoS settings qos { classifier-map | classifier-profile | marker-map | marker-profile | policy } … •...
Chapter 10: SmartPath Operating System (OS) 10.3 SmartPathOS Configuration File Types SmartPathOS supports several types of configuration files: running, current, backup, bootstrap, default, and failed. The running configuration (config) is the configuration that is actively running in DRAM. During the bootup process, a SmartPath AP loads the running config from one of up to four config files stored in flash memory: •...
Page 133
Chapter 10: SmartPath Operating System (OS) SmartPath HiveManager TFTP SmartPath AP Server Server Current Config Config File When you upload a config file from SmartPath EMS or New Backup Config When you upload a config file from SmartPath EMS or a TFTP (in flash memory) a TFTP or SCP server, the SmartPath AP saves the or SCP server, the SmartPath AP saves the uploaded file as a...
Page 134
NOTE: Be careful to remember the login name and password defined in the bootstrap config file. If they become lost or forgotten, you must obtain a one-time login key from Black Box technical support. To get the key, you must already...
Page 135
Chapter 10: SmartPath Operating System (OS) To create and load a bootstrap config, make a text file containing a set of commands that you want the SmartPath AP to load as its bootstrap configuration (for an example, see Section 11.5). Save the file locally and then load it with one of the following commands: save config tftp://ip _ addr:filename bootstrap save config scp://username@ip _ addr:filename bootstrap...
Chapter 11: Deployment Examples CLI 11. Deployment Examples CLI This chapter presents several deployment examples to introduce the primary tasks involved in configuring SmartPath APs through the SmartPathOS CLI. In Deploying a Single SmartPath AP in Section 11.1, you deploy one SmartPath AP as an autonomous access point. This is the simplest configuration: You only need to enter and save three commands.
Chapter 11: Deployment Examples CLI 11.1 Example 1: Deploying a Single SmartPath AP In this example, you deploy one SmartPath AP (SmartPath AP-1) to provide network access to a small office with 15–20 wireless clients. You only need to define the following SSID parameters on the SmartPath AP and clients: •...
Page 138
Chapter 11: Deployment Examples CLI 4. On your management system, run a VT100 terminal emulation program, such as Tera Term Pro (a free terminal emulator) or Hilgraeve Hyperterminal (provided with Windows operating systems). Use the following settings: • Bits per second (baud rate): 9600 •...
Page 139
Chapter 11: Deployment Examples CLI NOTE: By default, the minimum password length is 5 characters. You can change the minimum length by entering the following command: admin min-password-length <number> (The minimum password length can be between 5 and 32 characters.) Step 3: Configure the wireless clients.
Chapter 11: Deployment Examples CLI 11.2 Example 2: Deploying a Cluster Building on "Deploying a Single SmartPath AP" in Section 11.1, the office network has expanded and requires more SmartPath APs to provide greater coverage. In addition to the basic configuration covered in the previous example, you configure all three SmartPath APs to form a cluster within the same Layer 2 switched network.
Page 141
Chapter 11: Deployment Examples CLI Step 1: Configure SmartPath AP-1 1. Using the connection settings described in the first example, log in to SmartPath AP-1. 2. Configure SmartPath AP-1 as a member of “cluster1” and set the security protocol suite. cluster cluster1 You create a cluster, which is a set of SmartPath APs that collectively distribute data and coordinate activities among themselves, such as client association data for fast roaming, route data for making optimal data-path forwarding...
Page 142
Chapter 11: Deployment Examples CLI Step 2: Configure SmartPath AP-2 and SmartPath AP-3. 1. Power on SmartPath AP-2 and log in through its console port. 2. Configure SmartPath AP-2 with the same commands that you used for SmartPath AP-1: ssid employee ssid employee security protocol-suite wpa-auto-psk ascii-key N38bu7Adr0n3 interface wifi0 ssid employee cluster cluster1...
Page 143
Chapter 11: Deployment Examples CLI 6. Check that SmartPath AP-3 has associated with the other members at the wireless level. Log in to SmartPath AP-3 and enter this command to see its neighbors in cluster1: Log in to SmartPath AP-3 and enter this command to see its neighbors in SmartPath AP-1: show cluster cluster1 neighbor SmartPath AP-3 Chan=channel number;...
Page 144
Chapter 11: Deployment Examples CLI After associating a wireless client with SmartPath AP-1, log in to SmartPath AP-1 and enter this command: show ssid employee station SmartPath AP-1 Chan=channel number; Pow=Power in dBm; A-Mode=Authentication mode; Cipher=Encryption mode; A-Time=Associated time; Auth=Authenticated; UPID=User profile Identifier;...
Chapter 11: Deployment Examples CLI Step 4: Configure wireless clients. Define the “employee” SSID on all the wireless clients in wireless network-2 and -3. Specify WPA-PSK for network authentication, AES or TKIP for data encryption, and the preshared key N38bu7Adr0n3. The setup of cluster1 is complete.
Page 146
Chapter 11: Deployment Examples CLI Step 1: Define the RADIUS server on the SmartPath AP-1. Configure the settings for the RADIUS server (IP address and shared secret) on SmartPath AP-1. aaa radius-server first 10.1.1.10 shared-secret s3cr3741n4bl0X The IP address of the RADIUS server is 10.1.1.10, and the shared secret that SmartPath AP-1 and the RADIUS server use to authenticate each other is "s3cr3741n4b10X".
Page 147
Chapter 11: Deployment Examples CLI NOTE: If the supplicant is on a PC running Windows XP, you must configure it to use PEAP for authentication. By default, a Windows XP wireless client uses Smart Card or other Certificate instead of PEAP. If the supplicant is Windows based and you are not on a domain.
Chapter 11: Deployment Examples CLI show ssid employee station Chan=channel number; Pow=Power in dbm; A-Mode=Authentication mode; Cipher=Encryption mode; A-Time=Associated time; Auth=Authenticated; UPID=User profile Identifier; Phymode=Physical mode; Mac Addr IP Addr Chan Rate A-Mode Cipher A-Time VLAN Auth UPID Phymode -------------- --------- ---- ---- ---- -------- -------...
Page 149
Chapter 11: Deployment Examples CLI You next define a QoS policy that defines how the cluster members prioritize and process the traffic mapped to Classes 6, 5, and 3. The QoS policy (named “voice”) is shown in Figure 11-9 and has these settings: Class 6 (voice) Forwarding: strict (Cluster members forward traffic mapped to this class immediately without queuing it.) Maximum rate for all Class 6 traffic: 512 kbps, which supports an 8- to 64-kbps VoIP call (depending on the compression that the...
Class 2 is for all types of traffic not mapped to an Black Box class—such as HTTP for example. Figure 11-9. QoS policy “voice” for voice, streaming media, and data.
Chapter 11: Deployment Examples CLI 2. Define the custom services that you need. service mms tcp 1755 service smtp tcp 25 service pop3 tcp 110 The Microsoft Media Server (MMS) protocol can use several transports (UDP, TCP, and HTTP). However, for a SmartPath AP to be able to map a service to a SmartPath QoS class, it must be able to identify that service by a unique characteristic such as a static destination port number or a nonstandard protocol number.
Chapter 11: Deployment Examples CLI The user profile rate defines the total amount of bandwidth for all users to which the policy applies. The user rate defines the maximum amount for any single user. The user profile rate defines the total amount of bandwidth for all users to which this policy applies.
Page 154
Chapter 11: Deployment Examples CLI Step 4: Configure SmartPath AP-2 and SmartPath AP-3. 1. Log in to SmartPath AP-2 through its console port. 2. Configure SmartPath AP-2 with the same commands that you used for SmartPath AP-1: qos classifier-map oui 00:12:3b qos 6 service mms tcp 1755 service smtp tcp 25 service pop3 tcp 110...
NOTE: Be careful to remember the login name and password defined in a bootstrap config file. If they become lost or forgotten, you must obtain a one-time login key from Black Box technical support. To get the key, you must already have had a support contract in place.
Chapter 11: Deployment Examples CLI Step 3: Load the bootstrap config file on SmartPath AP-2 and SmartPath AP-3. 1. Make a serial connection to the console port on SmartPath AP-2 and log in. 2. Upload the bootstrap-cluster1.txt config file from the TFTP server to SmartPath AP-2 as a bootstrap config. save config tftp://10.1.1.31:bootstrap-cluster1.txt bootstrap 3.
Chapter 11: Deployment Examples CLI SmartPath AP-3: ssid employee ssid employee security protocol-suite wpa-auto-psk ascii-key N38bu7Adr0n3 interface wifi0.1 ssid employee cluster cluster1 cluster cluster1 password s1r70ckH07m3s interface mgt0 cluster cluster1 save config 11.6.3 Commands for Example 3 Enter the following commands to configure the cluster members to support IEEE 802.1X authentication in Example 3 in Section 11.3: SmartPath AP-1: aaa radius-server first 10.1.1.10 shared-secret s3cr3741n4bl0X...
Chapter 12: Traffic Types 12. Traffic Types This is a list of all the types of traffic that might be involved with a SmartPath AP and SmartPath EMS deployment. If a firewall lies between any of the sources and destinations listed below, make sure that it allows these traffic types. Table 12-1.
Page 163
Chapter 12: Traffic Types Table 12-2. Traffic supporting management of SmartPath APs. Service Source Destination Protocol SRC Port DST Port Notes Required for SmartPath APs to | discover SmartPath EMS and send it SmartPath AP mgt0 alarms, events, reports, traps, and CAPWAP* SmartPath EMS 17 UDP...
Page 164
Chapter 12: Traffic Types Table 12-2 (continued). Traffic supporting management of SmartPath APs. Service Source Destination Protocol SRC Port DST Port Notes Required for a SmartPath EMS to SmartPath AP mgt0 upload files—SmartPath OS images, SSHv2 SmartPath EMS 6 TCP 1024–65535 full configs, captive web portals interface...
Appendix: Country Codes Appendix. Country Codes When the region code on a SmartPath AP is preset as “world,” you must set a country code for the location where you intend to deploy the SmartPath AP. This code determines the radio channels and power settings that the SmartPath AP can use when deployed in that country.
Page 166
Appendix: Country Codes Table A-1 (continued). Countries and country codes. Country Country Code Country Country Codes Country Country Code Country Country Code Japan 11 (J11) 4011 Japan12 (J12) 4012 Japan13 (J13) 4013 Japan14 (J14) 4014 Japan 15 (J15) 4015 Japan16 (J16) 4016 Japan17 (J17) 4017...
Page 168
About Black Box Black Box Network Services is your source for an extensive range of networking and infrastructure products. You’ll find everything from cabinets and racks and power and surge protection products to media converters and Ethernet switches all supported by free, live 24/7 Tech support available in 30 seconds or less.