Black Box LWN602A User Manual
  1. Manuals
  2. Brands
  3. Black Box Manuals
  4. Wireless Access Point
  5. SmartPath LWN602A
  6. User manual
Black Box LWN602A User Manual

Black Box LWN602A User Manual

Smartpath enterprise wireless system
Hide thumbs Also See for LWN602A:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
SmartPath Enterprise Wireless System User Guide
Provides the speed, range, security, adapability,
and manageability to replace wired networks at
an enterprise level.
Intelligent 802.1n wireless access points work together
to increase network efficiency.
Order toll-free in the U.S.: Call 877-877-BBOX (outside U.S. call 724-746-5500)
Customer
FREE technical support 24 hours a day, 7 days a week: Call 724-746-5500 or fax 724-746-0746
Support
Mailing address: Black Box Corporation, 1000 Park Drive, Lawrence, PA 15055-1018
Information
Web site: www.blackbox.com • E-mail: info@blackbox.com
BLACK BOX
LWN602A
LWN602AE
LWN602HA
LWN602HAE
®

Advertisement

Table of Contents
loading

Related Manuals for Black Box LWN602A

Summary of Contents for Black Box LWN602A

  • Page 1 Order toll-free in the U.S.: Call 877-877-BBOX (outside U.S. call 724-746-5500) Customer FREE technical support 24 hours a day, 7 days a week: Call 724-746-5500 or fax 724-746-0746 Support Mailing address: Black Box Corporation, 1000 Park Drive, Lawrence, PA 15055-1018 Information Web site: www.blackbox.com • E-mail: info@blackbox.com...
  • Page 2 Trademarks Used in this Manual Trademarks Used in this Manual Black Box and the Double Diamond logo are registered trademarks of BB Technologies, Inc. Kensington is a registered trademark of Acco Brands Corporation. AirMagnet is a registered trademark of AirMagnet, Inc.
  • Page 3 FCC and IC RFI Statements Federal Communications Commission and Industry Canada Radio Frequency Interference Statements This equipment generates, uses, and can radiate radio-frequency energy, and if not installed and used properly, that is, in strict accordance with the manufacturer’s instructions, may cause inter ference to radio communication. It has been tested and found to comply with the limits for a Class A computing device in accordance with the specifications in Subpart B of Part 15 of FCC rules, which are designed to provide reasonable protection against such interference when the equipment is operated in a commercial environment.
  • Page 4 NOM Statement/Radiation Exposure Statement Instrucciones de Seguridad (Normas Oficiales Mexicanas Electrical Safety Statement) 1. Todas las instrucciones de seguridad y operación deberán ser leídas antes de que el aparato eléctrico sea operado. 2. Las instrucciones de seguridad y operación deberán ser guardadas para referencia futura. 3.

  • Page 5: Ec Conformance Declaration

    SmartPath APs are intended to be operated in all countries of the European Community. Requirements for indoor vs. outdoor operation, license requirements and allowed channels of operation apply in some countries as described below. • Before operating a SmartPath AP, the admin or installer must properly enter the current country code as described in Black Box product documentation.

  • Page 6: Declaration Of Conformity In Languages Of The European Community

    Dutch: Hierbij verklaart Black Box dat het toestel Radio LAN device in overeenstemming is met de essentiële eisen en de andere relevante bepalingen van richtlijn 1999/5/EG. Bij deze Black Box dat deze Radio LAN device voldoet aan de essentiële eisen en aan de overige relevante bepalingen van Richtlijn 1999/5/EC.
  • Page 7 Black Box die Übereinstimmung des Gerätes Radio LAN device mit den grundlegenden Anforderungen und den anderen relevanten Festlegungen der Richtlinie 1999/5/EG. (Wien) Italian: Con la presente Black Box dichiara che questo Radio LAN device è conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999/5/CE.
  • Page 8 SmartPath AP Safety Compliance • The attachment plug must be an earth-grounding type with NEMA 5-15P (15 A, 125 V) or NEMA 6-15 (15 A, 250 V) configuration. Denmark only: • The supply plug must comply with Section 107-2-D1, Standard DK2-1a or DK2-5a. •...

  • Page 9: Table Of Contents

    The Smart Path AP (LWN602A) Overview ............................47 4.1 Hardware Description ................................47 4.2 Ethernet Port ..................................48 4.3 Status Indicator ................................. 48 4.4 Antennas ....................................49 Mounting a Smart Path AP (LWN602A) Device ........................49 4.5.1 Ceiling Mount ...............................50 4.5.2 Surface Mount ..............................51 Device, Power, and Environmental Specifications ........................52...
  • Page 10 Table of Contents Smart Path EMS Appliance Online ...............................59 Using Smart Path EMS .................................61 Installling and Connecting to the Smart Path EMS GUI .......................61 Introduction to the Smart Path EMS GUI ..........................67 7.2.1 Viewing Reports ..............................68 7.2.2 Searching ................................68 7.2.3 Multiselecting ...............................70 7.2.4 Cloning Configurations ............................70...
  • Page 11 Table of Contents 11.5 Example 5: Loading a Bootstrap Configuration .........................155 11.6 Command Line Interface (CLI) Commands for Examples ....................157 11.6.1 Commands for Example 1 ...........................157 11.6.2 Commands for Example 2 ...........................157 11.6.3 Commands for Example 3 ...........................158 11.6.4 Commands for Example 4 ...........................158 11.6.5 Commands for Example 5 ...........................160 Traffic Types ...................................162 Appendix.

  • Page 12: Specifications

    Size: 1.25"H x 8.5"W x 8"D (3.2 x 21.5 x 20.3 cm) Weight: 3 lb. (1.4 kg) 1.2 Smart Path AP (LWN602A) Antennas: (2) omnidirectional 802.11b/g/n antennas, and (2) omnidirectional 802.11a/n antennas Interface: RJ-45 power input pins: Wires 4, 5, 7, 8 or 1, 2, 3, 6 Connectors: (1) RJ-45 autosensing 10/100/1000BASE-T/TX Mbps port;...

  • Page 13: Smartpath Ems Appliance (Lwn600Ma)

    Chapter 1: Specifications 1.3 Smart Path EMS Appliance (LWN600MA) Fans: (2) system, (1) power Form Factor: 1U rackmountable device Interface: Serial port: (1) DB9 male RS-232 port, 9600 bps, (8) data bits, no parity, (1) stop bit, no flow control; USB port: Standard Type A USB 2.0 port;...

  • Page 14: Preparing For A Wlan Deployment

    2.1 Assessing Your Requirements To get started with your Black Box WLAN installation, examine the basic requirements of your implementation. First, consider who your stakeholders are and take the time to fully understand their access requirements. Talk to department managers within your organization and make sure everyone has documented the full complement of potential network users.

  • Page 15: New Wlan Deployment

    Chapter 2: Preparing for a WAN Deployment Upgrading from a thin AP solution is also easy. However, because a thin AP makes use of an overlay tunneled network, you sometimes have to add a local VLAN for access or use tunnels to replicate the overlay network. However, because using VLANs rather than tunnels provides significant performance and scalability advantages, which is clearly the recommended path.

  • Page 16: Budgetiing Wi-Fi: The Chicken And Egg Problem

    Chapter 2: Preparing for a WAN Deployment • Deploy and Check In this scenario, an initial site survey is not performed. Instead, wireless administrators make educated guesses on the best locations for the access points, or they use a planning tool to determine the locations more reliably. After deploying the access points, the administrators do a quick site survey.
  • Page 17 If following general guidelines do not provide enough confidence or if the deployment environment is particularly challenging, you might consider using software planning tools like AirMagnet Planner or Ekahau Site Survey (ESS). Black Box also includes a free ® planning tool with the SmartPath AP on-line software. Such tools are useful in determining the placement of access points with- out performing a site survey.

  • Page 18: Bandwidth Assumptions For Wi-Fi

    Chapter 2: Preparing for a WAN Deployment • Client Software - Depending on the deployment, users can use built-in Microsoft Windows , Linux and/or Macintosh client software ® ® ® ® (supplicants). - For better services and troubleshooting, consider a third-party supplicant such as Juniper Networks Odyssey Client.
  • Page 19 As anyone who has administered a WLAN system in the past knows, proper configuration of the access point antennas at the outset can save you lots of trouble. The SmartPath AP (LWN602A) has internal antennas that cannot be adjusted. However, the antennas for the SmartPath (LWN602HA) are adjustable. The SmartPath AP (LWN602A) has a pair of fixed, dual- band omnidirectional antennas;...

  • Page 20: Preparing The Wired Network For Wireless

    2.2.7 Preparing the Wired Network for Wireless One of the advantages of moving to a Black Box WLAN is that you do not have to make changes to the underlying network, such as putting controllers into wiring closets. This can save you considerable time and effort during installation. However, some network changes might make sense for some deployments.

  • Page 21: Operational Considerations

    Some of the most common issues that arise after deploying a new wireless network are RF interference, RADIUS issues, and desk- top client issues. The first step in troubleshooting is to look at logs and use debug commands. Black Box offers an extensive set of event monitoring and debug tools that you can use through SmartPath EMS, the SmartPath AP network management system.
  • Page 22 Chapter 2: Preparing for a WAN Deployment The first concept to understand is signal strength and how it relates to throughput. Radio power is measured in decibels relative to one milliwatt (dBm) where 0 dBm = 1 milliwatt, but decibels increase using a log10 math function. Rather than dusting off your old math books and pulling out your calculator, look at the dBm-to-milliwatt converter that appears below.
  • Page 23 Chapter 2: Preparing for a WAN Deployment Signal strength not only diminishes over distance, but it can also be affected by objects in the way (see Figure 2-4). This can be a wall, a tree, or even a person. There is a fairly predictable dB drop through most objects that also decreases the SNR, thus decreasing the data rate.
  • Page 24 1, 5, 9 to counter interference from microwaves, which tend to cause interference in the high end of the spectrum. Black Box recommends alternative channel layouts only for the most challenging radio environments. Designing a channel pattern is easier for the 5-GHz spectrum. Depending on the country and the device being used, there are between 4 and 24 channels available for Wi-Fi use.
  • Page 25 Chapter 2: Preparing for a WAN Deployment Secondary Path Primary Path Secondary Path Figure 2-7. Multipath radio waves. NOTE: If you would like to learn more about how radio-frequency propagation works or the details of 802.11, Wikipedia provides excellent background information under the entries “IEEE 802.11,” “radio propagation,” and “multipath.” Additionally, spending a few hours with a site survey tool such as AirMagnet Surveyor or the Ekahau Site Survey (ESS) and a few test APs can increase both your familiarity with Wi-Fi propagation and your confidence about how it behaves.

  • Page 26: The Smartpath Ap (Lwn602Ha) Overview

    Chapter 3: The SmartPath AP (LWN602HA) Overview 3. The SmartPath AP (LWN602HA) Overview The SmartPath AP is a high-performance and highly reliable 802.11n wireless access point. The SmartPath AP provides dual concurrent 802.11b/g/n and 802.11a/n radios for 3x3 MIMO (Multiple In, Multiple Out) and dual 10/100/1000 Ethernet ports for link aggregation or link redundancy.
  • Page 27 PoE injectors available as an optional accessory from Black Box. (If you connect the SmartPath AP to a power source through the power connector and PoE ports simultaneously, the device draws power through the power connector and automatically disables PoE.)

  • Page 28: Ethernet And Console Ports

    Chapter 3: The SmartPath AP (LWN602HA) Overview 3.2 Ethernet and Console Ports There are three ports on the SmartPath AP: two RJ-45 10/100/1000BASE-T/TX Ethernet ports and an RJ-45 console port. The pin assignments in the PoE (Power over Ethernet) Ethernet ports follow the TIA/EIA-568-B standard (see Figure 3-3 and Table 3-2). The ports accept standard types of Ethernet cable—CAT3, CAT5, CAT5e, or CAT6—and can receive power over this cable from power sourcing equipment (PSE) that is 802.3af-compatible.
  • Page 29 Chapter 3: The SmartPath AP (LWN602HA) Overview Table 3-3. T568A Wire Color. T568A Wire Color White/Green Green White/Orange Blue White/Blue Orange White/Brown Brown Figure 3-4. T568A Terminated Ethernet Cable with an RJ-45 connector. Table 3-4. T568B Wire Color. T568A Wire Color White/Orange Orange White/Green...

  • Page 30: Smart Poe

    Chapter 3: The SmartPath AP (LWN602HA) Overview 3.2.1 Smart PoE The SmartPath AP (LWN602HA) applies the concept of smart PoE to adjust power consumption as necessitated by varying levels of available power. The SmartPath AP supports PoE on both its ETH0 or ETH1 interfaces and can draw power through either one or through both simultaneously.
  • Page 31 Chapter 3: The SmartPath AP (LWN602HA) Overview Switch(config)#interface fastEthernet 0/1 Switch(config-if)#switchport mode access Switch(config-if)#channel-group 1 mode on Switch(config-if)#spanning-tree portfast Switch(config-if)#exi Switch(config)#int fastEthernet 0/2 Switch(config-if)#switchport mode access Switch(config-if)#channel-group 1 mode on Switch(config-if)#spanning-tree portfast Switch(config-if)#exit Switch(config)#exit Switch#wr mem Finally, you must cable the Cisco switch and the SmartPath AP together: Cisco 0/1 to SmartPath AP eth0, and Cisco 0/2 to SmartPath AP eth1.

  • Page 32: Console Port

    Chapter 3: The SmartPath AP (LWN602HA) Overview 3.2.3 Console Port The pin-to-signal mapping in the RJ-45 console port is shown shown in Figure 3-6. Table 3-5. Console port pin assignments. Signal Direction RTS (Request to Send) Output, unused DTR (Data Terminal Ready) Output, unused TXD (Transmitted Data) Output...

  • Page 33: Status Leds

    Chapter 3: The SmartPath AP (LWN602HA) Overview SmartPath AP (LWN602HA) HiveAP 340 CONSOLE Console Port COM Port COM Port Rollover cable with (on Back Panel) (on back panel) Rollover Cable with RJ-5 connectors RJ-45 Connectors Management System RJ-45-to-Female DB9 adapter RJ-45-to-Female DB-9 Adapter Management System Figure 3-7.

  • Page 34: Antennas

    Chapter 3: The SmartPath AP (LWN602HA) Overview • Pulsing green: 1000-Mbps Ethernet link is up and active • Steady amber: 10-/100-Mbps Ethernet link is up but inactive • Pulsing amber: 10-/100-Mbps Ethernet link is up and active WIFI0 and WIFI1 •...

  • Page 35: Multiple In, Multiple Out (Mimo)

    Chapter 3: The SmartPath AP (LWN602HA) Overview Generally, orient the antennas vertically for improved radio coverage, as shown here: When mounting the SmartPath AP (LWN602HA) on a ceiling, orient its antennas downward. When mounting the SmartPath AP on a wall or post, fully extend its antennas upward and downward.
  • Page 36 Chapter 3: The SmartPath AP (LWN602HA) Overview In previous 802.11 standards, access points and clients each used a single set of components, or RF chain, for transmitting or receiving. Although two antennas are often used for diversity, only the one with the best signal-to-noise ratio is used at any given moment, and that antenna makes use of the single RF chain while the other antenna remains inactive.

  • Page 37: Using Mimo With Legacy Clients

    Chapter 3: The SmartPath AP (LWN602HA) Overview 3.4.2 Using MIMO with Legacy Clients In addition to supporting up to 300-Mbps throughput per radio for 802.11n clients, MIMO can improve the reliability and speed of legacy 802.11a/b/g client traffic. When an 802.11a/b/g access point does not receive acknowledgement that a frame it sent was received, it resends that frame, possibly at a somewhat lower transmission rate.
  • Page 38 Chapter 3: The SmartPath AP (LWN602HA) Overview (worms’s eye view with ceiling Ceiling Track Worm’s eye view with ceiling tiles removed for clarity) tiles removed for clarity. Track Clip Press the track clips against the ceiling track and swivel them until they snap into place, gripping the edges of the track.
  • Page 39 Chapter 3: The SmartPath AP (LWN602HA) Overview Mounting Plate (side view) (side view) Mounting Plate SmartPath AP (LWN602HA) shown as transparent for clarity HiveAP 340 (shown as transparent for clairty) With the SmartPath AP upside With the HiveAP 340 upside down, align its port side with the down, align its port side with bottom end of the plate.

  • Page 40: Plenum Mount

    To mount the SmartPath AP in the plenum space above a dropped ceiling grid, you need the mounting plate, hanger clip, and a standard 24"-wide hanger frame, which can be ordered separately (call Black Box Technical Support at 724-746-5500 for details).
  • Page 41 Chapter 3: The SmartPath AP (LWN602HA) Overview 4. Remove the ceiling tile next to the area where you want to mount the device. 5. Press the hanger frame downward into place on the ceiling track until the claws on each leg grips the track below the top ridge (see Figure 3-17).

  • Page 42: Suspended Mount

    Chapter 3: The SmartPath AP (LWN602HA) Overview SmartPath AP attached to the mounting plate Bird’s eye view with the ceiling tiles and ceiling tracks removed for clarity Hanger frame Insert the hanger clip upward through the center slot in the hanger frame. Rotate the SmartPath AP and the attached mounting accessories coun- terclockwise until the clip locks in...
  • Page 43 Chapter 3: The SmartPath AP (LWN602HA) Overview 2. Push the tabs into the slots and slide the SmartPath AP toward its port panel. This repositions the tabs in the narrower, rectangular section of the slots and holds the device firmly in place below the mounting plate. Mounting Plate The recommended holes for the four strands are shaded in.
  • Page 44 Chapter 3: The SmartPath AP (LWN602HA) Overview Wrap the wire around a beam, clip the hook to the rope, and then pull the rope downward until it is taut against the beam. Wrap the wire rope around a beam, clip the hook to the rope, and then pull the rope downward until it is taut against the beam.

  • Page 45: Surface Mount

    Chapter 3: The SmartPath AP (LWN602HA) Overview 3.5.4 Surface Mount You can use the mounting plate to attach the SmartPath AP to any surface that supports its weight, and to which you can screw or nail the plate. First, mount the plate to the surface. Then, through one of the two large openings in the plate, make a hole in the wall so that you can pass the cables through to the SmartPath AP.

  • Page 46: Device, Power, And Environmental Specifications

    Chapter 3: The SmartPath AP (LWN602HA) Overview 3.6 Device, Power, and Environmental Specifications Understanding the range of specifications for the SmartPath AP is necessary for optimal deployment and device operation. The following specifications describe the physical features and hardware components, the power adapter and PoE electrical require- ments, and the temperature and humidity ranges in which the device can operate.

  • Page 47: The Smart Path Ap (Lwn602A) Overview

    4.1 Hardware Description The SmartPath AP (LWN602A) is a multichannel wireless access point. It contains a dual-band radio that can operate at either 2.4 GHz or 5 GHz—but not in both bands simultaneously. The SmartPath AP contains a 2.4-GHz radio and a 5-GHz radio that can operate concurrently through four internal antennas.

  • Page 48: Ethernet Port

    4.3 Status Indicator The status indicator has been incorporated into the Black Box logo on the top of the SmartPath AP LWN602A. It is illuminated by various colors to indicate different states of activity. The meanings of the colors are as follows: •...

  • Page 49: Antennas

    (heart-shaped) pattern around each antenna (see Figure 2-1). On the SmartPath AP LWN602A, the two 2.4-GHz antennas link to one radio, and the two 5-GHz antennas link to the other radio, both of which can operate concurrently. The relationship of antennas and radios is shown in Figure 4-3.

  • Page 50: Ceiling Mount

    Chapter 4: SmartPath AP (LWN602A) Overview NOTE: In addition to these methods, you can also mount the SmartPath AP on a table using the set of four rubber feet that ship with the product. Simply peel the rubber feet off the adhesive sheet and press them against the underside of the SmartPath AP in its four corners.

  • Page 51: Surface Mount

    4.5.2 Surface Mount You can attach the SmartPath AP LWN602A to any flat surface that supports its weight. First, attach two screws to the surface. Then, make a hole in the wall a few inches or centimeters above the screws so that you can pass the cables through the wall to the SmartPath AP.

  • Page 52: Device, Power, And Environmental Specifications

    SmartPath AP” in Section 4.5.1. 4.6 Device, Power, and Environmental Specifications Understanding the specifications for the SmartPath AP LWN602A is necessary for optimal deployment and device operation. The following specifications describe the physical features and hardware components, the power adapter and PoE (Power over Ethernet) electrical requirements, and the temperature and humidity ranges in which the device can operate.

  • Page 53: The Smart Path Ems (Lwn602Ma) Platform

    Chapter 5: The SmartPath EMS Platform 5. The SmartPath EMS Platform The SmartPath EMS Network Management System provides centralized configuration, monitoring, and reporting for multiple SmartPath APs. The following are a few of the many benefits that a SmartPath EMS offers: •...

  • Page 54: Ethernet And Console Ports

    Chapter 5: The SmartPath EMS Platform Table 5-1. SmartPath EMS component descriptions. Component Description The two mounting brackets allow you to mount the SmartPath EMS in a standard 19" (48.26 cm) equipment Mounting Brackets rack. You can also move the brackets to the rear of the chassis if you need to reverse mount it. A male DB9 serial port to which you can make a console connection using an RS-232 (or "null modem") cable.
  • Page 55 Chapter 5: The SmartPath EMS Platform View of an Ethernet port on the SmartPath EMS Link Activity LED Link Rate LED Dark: Link is down Dark: 10 Mbps Steady Amber: Link is up, but inactive Green: 100 Mbps Blinking Amber: Link is up and active Amber: 1000 Mbps 8—1 Pin Numbers...

  • Page 56: Status Leds

    Chapter 5: The SmartPath EMS Platform 1 2 3 Figure 5-4. View of the console port on the SmartPath EMS. Table 5-3. RS-232 standard pin assignments. Signal Direction DCD (Data Carrier Detect) Not used RXD (Received Data) Input TXD (Transmitted Data) Output DTR (Data Terminal Ready) Not used...

  • Page 57: Rackmounting The Smartpath Ems

    Chapter 5: The SmartPath EMS Platform 5.4 Rackmounting the SmartPath EMS You can mount the SmartPath EMS in a standard 19" (48 cm) equipment rack with two rack screws—typically ⁄ ", ⁄ ", or ⁄ " long with 10-32 threads. The SmartPath EMS ships with mounting brackets already attached to its left and right sides near the front panel (see Figure 5-1).
  • Page 58 Chapter 5: The SmartPath EMS Platform Power Specifications • ATX (Advanced Technology Extended) autoswitching power supply with PFC (power factor corrector): • Input: 100–240 VAC • Output: 250 watts • Power supply cord: Standard three-conductor SVT 18 AWG cord with an NEMA5-15P three-prong male plug and three-pin socket Environmental Specifications •...

  • Page 59: Smartpath Ems Appliance Online

    In addition to a physical SmartPath EMS appliance, the SmartPath EMS network management system is available in one other form. SmartPath EMS Online is a cloud-based service running on hardware hosted and maintained by Black Box (see Figure 6-1). This management system provides cost-effective alternatives for managing WLAN networks that might not require the investment of a physical SmartPath EMS appliance.
  • Page 60 Chapter 6: SmartPath EMS Appliance Online SmartPath.blackbox.com (1) The SmartPath AP initially forms a CAPWAP connection with SmartPath.blackbox.com. Online Server VSPM-1 (2) When the online server discovers an entry for the SmartPath AP assigning it to VSPM-1, it redirects the SmartPath AP to that VSPM.

  • Page 61: Using Smartpath Ems

    Chapter 7: Using SmartPath EMS 7. Using SmartPath EMS Think of the cooperative control architecture as consisting of three broad planes of communication. On the data plane, wireless clients gain network access by forming associations with SmartPath APs. On the control plane, SmartPath APs communicate with each other to coordinate functions such as best-path forwarding, fast roaming, and automatic RF management.
  • Page 62 DB9 connector. (For more details, see Section 5.2, Ethernet and Console Ports.) The GUI requirements for the management system are as follows: • Minimum screen resolution of 1280 x 1024 pixels • Standard browser—Black Box recommends Internet Explorer v7.0 or Mozilla Firefox v2.0.0 or later—with Flash v9.0 or later,...
  • Page 63 Chapter 7: Using SmartPath EMS Clusters in different subnets Router Switch Hives in different subnets 10.1.1.1 10.1.1.8/24 10.1.3.0/24 10.1.4.0/24 Router 10.1.2.1 10.1.2.8/24 10.1.5.0/24 SmartPath HiveManager Each cluster contains Admin SCP Server Each hive contains 10.1.7.34 10.1.6.12 multiple HiveAPs. multiple SmartPath APs Static Routes: SmartPath EMS sends traffic destined for 10.1.6.0/24 to 10.1.2.1.
  • Page 64 Figure 7-5. SmartPath EMS license information. For a physical SmartPath EMS appliance, select Install License Key, copy the license key text string previously supplied by Black Box in an e-mail message, paste it in the License Key field, and then click Install.
  • Page 65 If you do not have a license key yet, please contact Black Box Technical Support at 724-746-5500 or support@blackbox.com. You’ll need to supply valid account information. 6. After entering a license key, the Black Box Corporation End User License Agreement appears. Read it over, and if you agree with its content, click “Agree.”...
  • Page 66 Chapter 7: Using SmartPath EMS Figure 7-6. Start Here screen. If you want, you can change just one password at this time, or leave them both as the default and change them later. To see the password string that you enter, clear Obscure Password. 9.

  • Page 67: Introduction To The Smartpath Ems Gui

    Chapter 7: Using SmartPath EMS 7.2 Introduction to the SmartPath EMS GUI Using the SmartPath EMS GUI, you can set up the configurations needed to deploy, manage, and monitor large numbers of SmartPath APs. The configuration workflow is described in Section 7.3. The GUI consists of several important sections, which are shown in Figure 7-7.

  • Page 68: Viewing Reports

    Chapter 7: Using SmartPath EMS 7.2.1 Viewing Reports When viewing reports that contain graphs (Monitor > Reports …), you can use your mouse to control what information SmartPath EMS displays. Moving your mouse over a measurement point on any line in a graph displays the type of data being reported and the date, time, and value of the measurement.
  • Page 69 Chapter 7: Using SmartPath EMS Figure 7-10. Search tool. The following items are ignored when using the search tool: • The names of fields in dialog boxes • The settings on the following Home > Administration pages: SmartPath EMS Settings, SmartPath EMS Services, and SPM Notification Mail List •...

  • Page 70: Multiselecting

    Chapter 7: Using SmartPath EMS 7.2.3 Multiselecting You can select multiple objects to make the same modifications or perform the same operation to all of them at once. Select the check boxes to select multiple noncontiguous objects, or shift-click to select check boxes for multiple contiguous objects.

  • Page 71: Sorting Displayed Data

    Chapter 7: Using SmartPath EMS Figure 7-13. Cloning a cluster. 7.2.5 Sorting Displayed Data You can control how the GUI displays data in the main panel by clicking a column header. This causes the displayed content to reorder itself alphanumerically or chronologically in either ascending or descending order. Clicking the header a second time reverses the order in which the data is displayed.

  • Page 72: Smartpath Configuration Workflow (Enterprise Mode)

    Chapter 7: Using SmartPath EMS Figure 7-15. Indicates that the list appears in descending order from the top Indicates that the list appears in ascending order from the bottom 7.3 SmartPath Configuration Workflow (Enterprise Mode) Assuming that you have already set SmartPath EMS in Enterprise mode and configured its basic settings, and that you have deployed SmartPath APs, which are now connected to SmartPath EMS, you can start configuring the SmartPath APs through SmartPath EMS.* You can configure numerous objects, some of which might need to reference other objects.

  • Page 73: Updating Software On Smartpath Ems

    SCP server, you can direct SmartPath EMS to log in and load it from a directory there. 1. I f you do not yet have an account on the Black Box Support portal, send an e-mail request to (info@blackbox.com) to set one 2.

  • Page 74: Updating Smartpathos Firmware

    SmartPath EMS makes it easy to update SmartPathOS firmware running on managed SmartPath APs. First, you obtain new SmartPath AP firmware from Black Box Technical Support and upload it onto SmartPath EMS. Then you push the firmware to the SmartPath APs and activate it by rebooting them.

  • Page 75: Updating Smartpath Aps In A Mesh Environment

    Chapter 7: Using SmartPath EMS Password: Type a password that SmartPath EMS can use to log in securely to the SCP server. NOTE: To delete an old SmartPathOS file, select the file in the "Available Images" list, and then click Remove. 7.
  • Page 76 Chapter 7: Using SmartPath EMS When updating SmartPath APs in a mesh environment, the SmartPath EMS communicates with mesh points through their portal and, if there are any intervening mesh points, through them as well. While updating SmartPath APs in such an environment, it is important to keep the path from the SmartPath EMS to all SmartPath APs clear so that the data transfer along that path is not disrupted.

  • Page 77: Basic Configuration Examples

    Chapter 8: Basic Configuration Examples 8. Basic Configuration Examples This chapter introduces the SmartPath EMS GUI in Enterprise mode through a series of examples showing how to create a basic configuration of an SSID, cluster, and WLAN policy. It then explains how to connect several SmartPath APs to SmartPath EMS, accept them for management, and push the configuration to them over the network.
  • Page 78 Chapter 8: Basic Configuration Examples A PSK is the simplest way to provide client authentication and data encryption: simply configure an SSID with the same PSK on the SmartPath AP and its clients. A PSK authenticates clients by the simple fact that the clients and SmartPath AP have the same key.
  • Page 79 Chapter 8: Basic Configuration Examples User profile assigned to users that associate with this SSID: default-profile The predefined user profile "default-profile" applies the standard SmartPath Quality of Service level through the predefined QoS policy "def-user-qos" and assigns user traffic to VLAN 1. SSID Broadcast Band: 2.4 GHz (11n/b/g) SmartPath APs have two radios: a 2.4-GHz radio, which supports 802.11n/b/g, and a 5-GHz radio, which supports 802.11n/a.

  • Page 80: Example 2: Creating A Cluster

    Chapter 8: Basic Configuration Examples Beacons SSID: test1-psk Key method: WPA-PSK or WPA2-PSK Encryption: CCMP (AES) or TKIP Supported rates and capabilities SmartPath AP Client Beacons The SmartPath AP broadcasts beacons advertising The HiveAP broadcasts beacons advertising the the SSID “test1 psk” and its security and network SSID “test1-psk”...

  • Page 81: Example 3: Creating A Wlan Policy

    Chapter 8: Basic Configuration Examples In this example, you define a cluster and name it "cluster-test1". Later, in Section 8.3, you assign the cluster to a WLAN policy, which in turn, you assign to SmartPath AP devices in Section 8.5. NOTE: A WLAN policy is different from a cluster.

  • Page 82: Example 4: Connecting Smartpath Aps To Smartpath Ems

    100–240 VAC power source or allow them to obtain power through PoE from PSE on the network. (Both power adapters and PoE injectors are available from Black Box as options.) Place the third SmartPath AP—SmartPath AP3—within range of the other two, and use a power adapter to connect it to an AC power source.
  • Page 83 Chapter 8: Basic Configuration Examples Router/Firewall/DHCP Server Switch/PSE The switch delivers power to SmartPath AP1 and Smart- Path AP2 through PoE. SmartPath AP2 SmartPath EMS SmartPathAP1 (Portal) (Portal) SmartPath AP3 (Mesh Point) Single Subnet Layer-2 Broadcasting Domain SmartPath AP3 receives power = Wired Link HiveAP3 receives power from a 100–240 VAC outlet.
  • Page 84 Chapter 8: Basic Configuration Examples CAPWAP Client CAPWAP Server (SmartPath AP) (SmartPath EMS) The CAPWAP client (SmartPath AP) pings the CAPWAP server (SmartPath The CAPWAP client (HiveAP) pings the CAPWAP server (HiveManager) EMS), but receives no responses within the neighbor-dead-interval. but receives no responses within the neighbor-dead-interval.
  • Page 85 Chapter 8: Basic Configuration Examples Check that the SmartPath APs have made a CAPWAP connection with SmartPath EMS: Click “Monitor > Access Points > SmartPath APs.” The page displays the three SmartPath APs that you put on the network. If you see the three SmartPath APs, refer to Figure 8-6. If you do not see them, check the following: •...
  • Page 86 Chapter 8: Basic Configuration Examples Auth (Authenticated)—The SmartPath AP has been authenticated and can now exchange data traffic. You can also check the presence of cluster neighbors by viewing the entries listed in the Supplicant column for the wifi1.1 interface in the output of the show auth command.
  • Page 87 Chapter 8: Basic Configuration Examples Audit icons: CAPWAP connection and security icons: You can customize the table contents Green square + red triangle: The by clicking the Edit Table icon. You can Green linked chain/red unlinked chain: The configuration on a SmartPath AP add more columns (radio channels and SmartPath AP is connected or disconnected.
  • Page 88 Chapter 8: Basic Configuration Examples • If SmartPath EMS continues to use its default domain name ("clustermanager") plus the name of the local domain to which it and the SmartPath APs belong, configure an authoritative DNS server with an A record that resolves "clustermanager.<local_ domain>"...

  • Page 89: Example 5: Assigning The Configuration To Smartpath Aps

    Chapter 8: Basic Configuration Examples 8.5 Example 5: Assigning the Configuration to SmartPath APs After completing the steps in the previous examples, you now assign the WLAN policy to the SmartPath APs. In addition, you set one radio in access mode and one in backhaul mode, and you change their login settings (and country code if necessary). Finally, you push the configuration to the SmartPath APs.
  • Page 90 Chapter 8: Basic Configuration Examples Figure 8-9. Monitor > Access Points > SmartPath APs (view mode: Config). Updating the Country Code For SmartPath APs intended for use in the United States, the region code is preset as "FCC"—for "Federal Communications Commission"—and the country code is preset as "United States".
  • Page 91 Chapter 8: Basic Configuration Examples Because SmartPath AP3 is a mesh point and the update involves changing its cluster—from cluster0 to cluster1-test—you must make sure to update its configuration before updating the configurations on SmartPath AP1 and SmartPath AP2. If you upload the configuration on all of them at the same time and schedule them to reboot too quickly (say, 1 second after the upload pro- cess completes), there is a chance that the portal through which the configuration for the mesh point is passing will reboot before the mesh point finishes receiving its configuration.
  • Page 92 Chapter 8: Basic Configuration Examples After SmartPath AP3 reboots to activate its new configuration, it tries to reconnect with SmartPath EMS. However, it cannot do so because it is a mesh point that now belongs to the cluster1-test cluster while its portals—SmartPath AP1 and 2—are still using their original configurations in which they are members of cluster0.

  • Page 93: Common Configuration Examples

    Chapter 9: Common Configuration Examples 9. Common Configuration Examples Through the use of examples, this chapter shows how to use SmartPath EMS in Enterprise mode to configure several features that are somewhat more advanced than those covered in the previous chapter. The examples cover topics such as topological maps, IEEE 802.1X authentication, captive web portals, and the SmartPath EMS concept of classifier tags, which is a method for assigning the different definitions of a single network object to various managed SmartPath APs.

  • Page 94: Setting Up Topology Maps

    Chapter 9: Common Configuration Examples 4 SmartPath APs 2 SmartPath APs Floors per Floor Floors per Floor Floors 8 SmartPath APs SmartPath APs Total Total Corporate Branch Headquarters Office VPN Tunnel Branch1 HQ-B1 HQ-B2 SmartPath EMS (in “HQ-B1”) Figure 9-1. Deployment overview. 9.1.1 Setting Up Topology Maps In this example, you upload maps to SmartPath EMS showing floor plans for three office buildings and organize them in a hierar- chical structure.
  • Page 95 Chapter 9: Common Configuration Examples Level 1 CorpOffices (Level-1 Map) Double-clicking a floor icon on the This map shows 3 buildings and 20 icons that link to level-2 maps. CorpOffices map (level 1) opens the corresponding level-2 map. You can also navigate to any map within the Topology Maps section of the navigation tree in the 8 icons linking...
  • Page 96 Chapter 9: Common Configuration Examples Map showing one of the floor plans SmartPath Uploading map to SmartPath EMS Management system Figure 9-3. Uploading a map of a building floor plan. 4. Repeat this for all the image files that you need to load, and then close the dialog box when done. For this example, you load these 21 files: •...

  • Page 97: Preparing The Smartpath Aps

    Chapter 9: Common Configuration Examples A floor icon labeled "HQ-B1-F2" appears on the CorpOffices image, and a new entry named "HQ-B1-F2" appears nested under "CorpOffices" in the navigation tree. 6. Select the icon and drag it to the location you want. After adding the CorpOffices "map"...
  • Page 98 For example, if the MAC OUI is 008C:1000:0120, you only need to write "000120" to be able to distinguish it from other SmartPath APs later. NOTE: 008C:10 is the Black Box MAC address portion. You need to change this. 1. Make copies of the maps uploaded to SmartPath EMS, label them, and take them along when installing the SmartPath APs.

  • Page 99: Example 2: Ieee 802.1X With An External Radius Server

    Chapter 9: Common Configuration Examples 9.2 Example 2: IEEE 802.1x with an External RADIUS Server You can configure SmartPath APs to act as RADIUS authenticators, also known as RADIUS clients or network access server (NAS) devices. They forward IEEE 802.1X/EAP user authentication requests and responses between wireless supplicants and up to four RADIUS authentication servers (a primary and three backups).
  • Page 100 Chapter 9: Common Configuration Examples 1. To create a VLAN object for employee traffic, click “Configuration > Advanced Configuration > Network Objects > VLANs > New,” and then enter the following in the VLANs dialog box: VLAN Name: VLAN-10 Enter the following, and then click “Apply:” VLAN ID: 10 Type: Global Setting the type as "Global"...
  • Page 101 Chapter 9: Common Configuration Examples SmartPath APs as RADIUS Authenticators SmartPath AP RADIUS authenticators provide network access to wireless clients and pass authentication requests between the wireless clients acting as RADIUS supplicants and a RADIUS authentication server. In this section, you configure the settings that control how the SmartPath APs communicate with the RADIUS authentication server.
  • Page 102 Chapter 9: Common Configuration Examples Server Role: Primary To provide server redundancy, you can configure up to four RADIUS servers, designating one as the primary server and the others as backup servers. The RADIUS authenticators only send RADIUS authentication requests to the backup servers when the primary server becomes unreachable.
  • Page 103 Chapter 9: Common Configuration Examples Description: Employee and IT WLAN access; 802.1X SSID Access Security: WPA/WPA2 802.1X (Enterprise) Use Default 802.1X Settings: (select) By default, when a SmartPath AP hosts a WPA/WPA2 802.1X (Enterprise) SSID, it negotiations with clients over the use of WPA or WPA2 for key management and TKIP or CCMP (AES) for encryption, and uses whichever methods each client supports.
  • Page 104 Chapter 9: Common Configuration Examples Upload and activate CWP pages and Server key: (clear) Upload and activate certificate for RADIUS and VPN services: (clear) Upload and activate employee, guests, and contractor credentials: (clear) Check boxes for both SmartPath APs: (select) Connecting Supplicants to the WLAN The 802.1X authentication process is somewhat different depending on the operating system on which the RADIUS supplicant is running and whether the client uses the user’s login credentials to authenticate itself on a domain.

  • Page 105: Example 3: Providing Guest Access Through A Captive Web Portal

    A captive web portal provides registered users with network access while containing unregistered users. Because the Black Box captive web portal feature is very flexible, you will have a number of choices to make when configuring it.

  • Page 106: Providing Network Settings

    9.3.2 Providing Network Settings In addition to various registration types, Black Box offers two approaches to providing captive Web portal clients with network settings. One approach uses external DHCP and DNS servers on the network, and the other uses internal DHCP and DNS servers on the SmartPath AP itself.
  • Page 107 Chapter 9: Common Configuration Examples DNS address resolution HTTP connection to the captive web portal DNS Querient DNS Server HTTP Client HTTP Server HTTP GET DNS Query Reply DNS Reply The SmartPath AP allows DNS queries and When the client sends an HTTP or HTTPS replies between the client of an ungregistered GET command, the SmartPath AP intercepts it user and a DNS server.
  • Page 108 Chapter 9: Common Configuration Examples Association Using SSID “guest” Address and TCP/IP Assignments Wireless Client Wireless Access Point DHCP Client DHCP Server DHCP Discover Association Request DHCP Offer DHCP Request Association Response DHCP ACK SSID “guest” IP Address: 172.16.1.2 Netmask: 255.255.255.0 The client forms an association with the Default Gateway: 172.16.1.1*...

  • Page 109: Modifying Captive Web Portal

    9.3.3 Modifying Captive Web Portal Pages Black Box provides .html files and images for use on the captive Web portal server and a tool in the GUI to modify the supplied text, colors, and images to better suit the needs of your organization. The various file names and their purposes are as follows. An example of the default web page components is shown in Figure 9-14: •...
  • Page 110 Chapter 9: Common Configuration Examples • use-policy.html (the page that appears when you click the Acceptable Use Policy link on the registration.html or auth-reg.html pages) blackbox_spacer.png (transparent image to offset the registration section from the top; size 200 x 103 px; 72 dpi) blackbox_3d_bg.png (solid background;...

  • Page 111: Configuring A Captive Web Portal

    You can also replace it with a file containing an image if you prefer. Footer Image: By default, this is a graphic of the Black Box logo. The file name is blackbox_logo_reverse.png and its dimensions are 111 x 48 px at 72 dpi. If you replace this with a different image, make sure it has the same or nearly the same dimensions to avoid distortion.
  • Page 112 Chapter 9: Common Configuration Examples • Firewall Policy—To maintain security, restrict visitors to accessing just the public network. • User Profile—Apply the QoS rate limiting and firewall policy to the user profile that the SmartPath AP applies to traffic from successfully registered users.
  • Page 113 Chapter 9: Common Configuration Examples Table 9-1. QoS rate limiting parameters. Weight % (Read Policing Rate Limit Policing Rate Limit Class Number—Name Scheduling Type Scheduling Weight Only) (kbps) (8-2.11a/b/g) (kbps) (802.11n) 7—Network Control Strict 6—Voice Strict 5—Video Weighted Round Robin 2000 2000 4—Controlled Load...
  • Page 114 Chapter 9: Common Configuration Examples Port Number: 4500 Service Idle Timeout: 1800 ALG Type: (leave blank) Firewall Policy Rules To create an IP firewall policy to control outgoing traffic, click Configuration > Advanced Configuration > Security Policies > IP Policies > New, and enter the following: Policy Name: guest-IP-policy-from-access Description: Allow guests to access the public network To add rules to permit DHCP, DNS, HTTP, HTTPS, IKE, and NAT-T to the public network while denying any type of traffic to the...
  • Page 115 Chapter 9: Common Configuration Examples Figure 9-15. Firewall policy rules. NOTE: If you need to rearrange a set of policy rules, select the checkbox to the left of a rule, and then click the Up and Down buttons on the right to move the selected rule to a new position. The rules in this policy allow clients to access a DHCP and DNS server to get their network settings and resolve DNS queries so that they can access the captive web portal.
  • Page 116 Chapter 9: Common Configuration Examples In this example, you only associate the user profile to an SSID that authenticates users with a preshared key, so the attri- bute number is not used here. It becomes important if you use a remote RADIUS authentication server for IEEE 802.1X authentication.
  • Page 117 Chapter 9: Common Configuration Examples Scheduling Weight: 5 The weight defines a preference for forwarding traffic. It does not specify a percentage or an amount. Its value is relative to the weights of QoS schedules in other user profiles in the same WLAN policy. Because wireless access for guests is mainly a convenience and not a necessity, you assign it a weight that is low in comparison to the weights of other user profiles to give guests the lowest priority.
  • Page 118 Chapter 9: Common Configuration Examples Key Value and Confirm Value: guest123 Enable Captive Web Portal: (select); CWP-guest1 Self-Registration Access: User Profile: Self-reg-guests(3) SSID Broadcast Band: 2.4 GHz (11n/b/g) WLAN Policy To add the SSID to an existing WLAN policy, click Configuration > WLAN Policies > wlan_policy, enter the following and then click Save: In the SSID Profiles section, click Add/Remove SSID Profile, select guest in the Available SSID Profiles list, click the right arrow ( >...

  • Page 119: Example 4: Private Psks

    Chapter 9: Common Configuration Examples 4. Close the Web page and open a new browser window. The browser successfully opens to its home page, and you can visit other sites on the public network. If there is any Web server on the local network, try to browse to it and you will find that it is not possible.

  • Page 120: User Profiles

    Chapter 9: Common Configuration Examples *NOTE: It is also possible for groups of users to use the same private PSK. For example, you might find it expedient to create a single private PSK user for visitors. You then e-mail the private PSK user data to the lobby ambassador to hand out to all visitors that arrive that week.

  • Page 121: Private Psk User Groups

    Chapter 9: Common Configuration Examples Table 9-3. CTRL-click or SHIFT-click to select multiple services. (Click…) Source Destination* Service Action Logging* (Click) [-any] [-any-] DHCP-Server, DNS Permit Apply [-any-] 10.0.0.0/8 [-any-] Deny Dropped Packets Apply [-any-] 172.16.0.0/12 [-any-] Deny Dropped Packets Click “Apply.”...

  • Page 122: Importing Private Psk Users

    Chapter 9: Common Configuration Examples User Profile Attribute: 35 VLAN ID: 1 Reauthorization Time: 1800 (default) NOTE: If you want to define advanced options, click + to expand the Private PSK Advanced Options section. You can modify the characteristics of keys that SmartPath EMS generates, such as their length, the types of characters used in them, the meth- od of their generation, and the period of time during which they are valid.

  • Page 123: Private Psk Ssid

    Chapter 9: Common Configuration Examples 9.4.4 Private PSK SSID To configure an SSID for the private PSK users that you have created, click Configuration > SSIDs > New, enter the following, and then click Save: Profile Name: star SSID: star The profile name is the name that you reference in the WLAN policy and contains the SSID and related configuration objects, such as user profiles and user groups.

  • Page 124: E-Mail Notification

    Chapter 9: Common Configuration Examples 9.4.6 E-mail Notification To distribute the private PSK user definitions to the employees and the manager in charge of the contractors, click Configuration > Advanced Configuration > Authentication > Local Users, select the users, and then click Email PSK. The specified recipients receive a separate e-mail message for each private PSK user, with content like the following: PSK: hon;VP#243 Description: Use SSID star...

  • Page 125: Set Smartpath Ap Classifiers

    Chapter 9: Common Configuration Examples SmartPath EMS Branch Office #3 VLAN: 30 VLAN definition: 30; type: branch3 SmartPath AP classifier: branch3 Main Office Branch Office #2 Branch Office #1 VLAN: 20 VLAN: 10 VLAN definition: 20; type: branch2 VLAN definition: 10; type: global SmartPath AP classifier: branch2 SmartPath AP classifier: (nothing) Figure 9-18.

  • Page 126: Create A Vlan Object With Three Definitions

    Chapter 9: Common Configuration Examples 9.5.2 Create a VLAN Object with Three Definitions Click Configuration > Advanced Configuration > Network Objects > VLANs > New, enter the following, and then click Apply: VLAN Name: branchVLAN-10-20-30 VLAN ID: 10 Type: Global Description: VLAN at Branch Office #1 Click New, enter the following, and then click Apply: VLAN ID: 20...
  • Page 127 Chapter 9: Common Configuration Examples The SmartPath AP Update Results page appears so that you can monitor the progress of the upload procedure. When complete, “100%” appears in the Upload Rate column and “Successful” appears in the Update Result column. Check that the VLANs are being applied properly: In the Upload and Activate Configuration dialog box, click the host name of a SmartPath AP at Branch Office 1, and then select View Configuration.

  • Page 128: Smartpath Operating System (Os)

    Chapter 10: SmartPath Operating System (OS) 10. SmartPath Operating System (OS) You can deploy a single SmartPath AP and it will provide wireless access as an autonomous AP. However, if you deploy two or more SmartPath APs in a cluster, you can provide superior wireless access with many benefits. A cluster is a set of SmartPath APs that exchanges information with each other to form a collaborative whole (see Figure 10-1).
  • Page 129 Chapter 10: SmartPath Operating System (OS) Table 10-1. Common default settings and commands. Default Settings Commands To disable the DHCP client: no interface mgt0 dhcp client DHCP client = enabled To set an IP address: interface mgt0 ip ip _ addr netmask To set the native (untagged) VLAN that the switch infrastructure in the surrounding wired VLAN ID = 1...

  • Page 130: Configuration Overview

    Chapter 10: SmartPath Operating System (OS) 10.2 Configuration Overview The amount of configuration depends on the complexity of your deployment. As you can see in "Deployment Examples (CLI)" in Chapter 11, you can enter a minimum of three commands to deploy a single SmartPath AP, and just a few more to deploy a cluster.

  • Page 131: Policy-Level Configurations

    Chapter 10: SmartPath Operating System (OS) 10.2.2 Policy-Level Configurations Policies control how wireless clients access the network. The following list contains some key areas of policy-level configurations and relevant commands. • QoS settings qos { classifier-map | classifier-profile | marker-map | marker-profile | policy } … •...

  • Page 132: Smartpathos Configuration File Types

    Chapter 10: SmartPath Operating System (OS) 10.3 SmartPathOS Configuration File Types SmartPathOS supports several types of configuration files: running, current, backup, bootstrap, default, and failed. The running configuration (config) is the configuration that is actively running in DRAM. During the bootup process, a SmartPath AP loads the running config from one of up to four config files stored in flash memory: •...
  • Page 133 Chapter 10: SmartPath Operating System (OS) SmartPath HiveManager TFTP SmartPath AP Server Server Current Config Config File When you upload a config file from SmartPath EMS or New Backup Config When you upload a config file from SmartPath EMS or a TFTP (in flash memory) a TFTP or SCP server, the SmartPath AP saves the or SCP server, the SmartPath AP saves the uploaded file as a...
  • Page 134 NOTE: Be careful to remember the login name and password defined in the bootstrap config file. If they become lost or forgotten, you must obtain a one-time login key from Black Box technical support. To get the key, you must already...
  • Page 135 Chapter 10: SmartPath Operating System (OS) To create and load a bootstrap config, make a text file containing a set of commands that you want the SmartPath AP to load as its bootstrap configuration (for an example, see Section 11.5). Save the file locally and then load it with one of the following commands: save config tftp://ip _ addr:filename bootstrap save config scp://username@ip _ addr:filename bootstrap...

  • Page 136: Deployment Examples Cli

    Chapter 11: Deployment Examples CLI 11. Deployment Examples CLI This chapter presents several deployment examples to introduce the primary tasks involved in configuring SmartPath APs through the SmartPathOS CLI. In Deploying a Single SmartPath AP in Section 11.1, you deploy one SmartPath AP as an autonomous access point. This is the simplest configuration: You only need to enter and save three commands.

  • Page 137: Example 1: Deploying A Single Smartpath Ap

    Chapter 11: Deployment Examples CLI 11.1 Example 1: Deploying a Single SmartPath AP In this example, you deploy one SmartPath AP (SmartPath AP-1) to provide network access to a small office with 15–20 wireless clients. You only need to define the following SSID parameters on the SmartPath AP and clients: •...
  • Page 138 Chapter 11: Deployment Examples CLI 4. On your management system, run a VT100 terminal emulation program, such as Tera Term Pro (a free terminal emulator) or Hilgraeve Hyperterminal (provided with Windows operating systems). Use the following settings: • Bits per second (baud rate): 9600 •...
  • Page 139 Chapter 11: Deployment Examples CLI NOTE: By default, the minimum password length is 5 characters. You can change the minimum length by entering the following command: admin min-password-length <number> (The minimum password length can be between 5 and 32 characters.) Step 3: Configure the wireless clients.

  • Page 140: Example 2: Deploying A Cluster

    Chapter 11: Deployment Examples CLI 11.2 Example 2: Deploying a Cluster Building on "Deploying a Single SmartPath AP" in Section 11.1, the office network has expanded and requires more SmartPath APs to provide greater coverage. In addition to the basic configuration covered in the previous example, you configure all three SmartPath APs to form a cluster within the same Layer 2 switched network.
  • Page 141 Chapter 11: Deployment Examples CLI Step 1: Configure SmartPath AP-1 1. Using the connection settings described in the first example, log in to SmartPath AP-1. 2. Configure SmartPath AP-1 as a member of “cluster1” and set the security protocol suite. cluster cluster1 You create a cluster, which is a set of SmartPath APs that collectively distribute data and coordinate activities among themselves, such as client association data for fast roaming, route data for making optimal data-path forwarding...
  • Page 142 Chapter 11: Deployment Examples CLI Step 2: Configure SmartPath AP-2 and SmartPath AP-3. 1. Power on SmartPath AP-2 and log in through its console port. 2. Configure SmartPath AP-2 with the same commands that you used for SmartPath AP-1: ssid employee ssid employee security protocol-suite wpa-auto-psk ascii-key N38bu7Adr0n3 interface wifi0 ssid employee cluster cluster1...
  • Page 143 Chapter 11: Deployment Examples CLI 6. Check that SmartPath AP-3 has associated with the other members at the wireless level. Log in to SmartPath AP-3 and enter this command to see its neighbors in cluster1: Log in to SmartPath AP-3 and enter this command to see its neighbors in SmartPath AP-1: show cluster cluster1 neighbor SmartPath AP-3 Chan=channel number;...
  • Page 144 Chapter 11: Deployment Examples CLI After associating a wireless client with SmartPath AP-1, log in to SmartPath AP-1 and enter this command: show ssid employee station SmartPath AP-1 Chan=channel number; Pow=Power in dBm; A-Mode=Authentication mode; Cipher=Encryption mode; A-Time=Associated time; Auth=Authenticated; UPID=User profile Identifier;...

  • Page 145: Example 3: Using Ieee 802.1X Authentication

    Chapter 11: Deployment Examples CLI Step 4: Configure wireless clients. Define the “employee” SSID on all the wireless clients in wireless network-2 and -3. Specify WPA-PSK for network authentication, AES or TKIP for data encryption, and the preshared key N38bu7Adr0n3. The setup of cluster1 is complete.
  • Page 146 Chapter 11: Deployment Examples CLI Step 1: Define the RADIUS server on the SmartPath AP-1. Configure the settings for the RADIUS server (IP address and shared secret) on SmartPath AP-1. aaa radius-server first 10.1.1.10 shared-secret s3cr3741n4bl0X The IP address of the RADIUS server is 10.1.1.10, and the shared secret that SmartPath AP-1 and the RADIUS server use to authenticate each other is "s3cr3741n4b10X".
  • Page 147 Chapter 11: Deployment Examples CLI NOTE: If the supplicant is on a PC running Windows XP, you must configure it to use PEAP for authentication. By default, a Windows XP wireless client uses Smart Card or other Certificate instead of PEAP. If the supplicant is Windows based and you are not on a domain.

  • Page 148: Example 4: Applying Qos

    Chapter 11: Deployment Examples CLI show ssid employee station Chan=channel number; Pow=Power in dbm; A-Mode=Authentication mode; Cipher=Encryption mode; A-Time=Associated time; Auth=Authenticated; UPID=User profile Identifier; Phymode=Physical mode; Mac Addr IP Addr Chan Rate A-Mode Cipher A-Time VLAN Auth UPID Phymode -------------- --------- ---- ---- ---- -------- -------...
  • Page 149 Chapter 11: Deployment Examples CLI You next define a QoS policy that defines how the cluster members prioritize and process the traffic mapped to Classes 6, 5, and 3. The QoS policy (named “voice”) is shown in Figure 11-9 and has these settings: Class 6 (voice) Forwarding: strict (Cluster members forward traffic mapped to this class immediately without queuing it.) Maximum rate for all Class 6 traffic: 512 kbps, which supports an 8- to 64-kbps VoIP call (depending on the compression that the...

  • Page 150: Qos Classifier-Map Oui 00:12:3B Qos

    Class 2 is for all types of traffic not mapped to an Black Box class—such as HTTP for example. Figure 11-9. QoS policy “voice” for voice, streaming media, and data.

  • Page 151: Service Mms Tcp

    Chapter 11: Deployment Examples CLI 2. Define the custom services that you need. service mms tcp 1755 service smtp tcp 25 service pop3 tcp 110 The Microsoft Media Server (MMS) protocol can use several transports (UDP, TCP, and HTTP). However, for a SmartPath AP to be able to map a service to a SmartPath QoS class, it must be able to identify that service by a unique characteristic such as a static destination port number or a nonstandard protocol number.

  • Page 152: Qos Policy Voice Qos 5 Wrr

    Chapter 11: Deployment Examples CLI Step 3: Apply QoS on SmartPath AP-1. 1. Create a QoS policy. For SmartPath APs supporting IEEE 802.11a/b/g: qos policy voice qos 5 wrr 20000 90 qos policy voice qos 3 wrr 54000 60 For SmartPath APs supporting IEEE 802.11a/b/g/n: qos policy voice qos 6 strict 512 0 qos policy voice qos 5 wrr 20000 90 qos policy voice qos 3 wrr 1000000 60...

  • Page 153: User-Profile Employee-Net Qos-Policy Voice Attribute

    Chapter 11: Deployment Examples CLI The user profile rate defines the total amount of bandwidth for all users to which the policy applies. The user rate defines the maximum amount for any single user. The user profile rate defines the total amount of bandwidth for all users to which this policy applies.
  • Page 154 Chapter 11: Deployment Examples CLI Step 4: Configure SmartPath AP-2 and SmartPath AP-3. 1. Log in to SmartPath AP-2 through its console port. 2. Configure SmartPath AP-2 with the same commands that you used for SmartPath AP-1: qos classifier-map oui 00:12:3b qos 6 service mms tcp 1755 service smtp tcp 25 service pop3 tcp 110...

  • Page 155: Example 5: Loading A Bootstrap Configuration

    2. Confirm the reboot command, and then, when you are asked if you want to use the Black Box Initial Configuration Wizard, enter no.

  • Page 156: Show Config Bootstrap

    NOTE: Be careful to remember the login name and password defined in a bootstrap config file. If they become lost or forgotten, you must obtain a one-time login key from Black Box technical support. To get the key, you must already have had a support contract in place.

  • Page 157: Command Line Interface (Cli) Commands For Examples

    Chapter 11: Deployment Examples CLI Step 3: Load the bootstrap config file on SmartPath AP-2 and SmartPath AP-3. 1. Make a serial connection to the console port on SmartPath AP-2 and log in. 2. Upload the bootstrap-cluster1.txt config file from the TFTP server to SmartPath AP-2 as a bootstrap config. save config tftp://10.1.1.31:bootstrap-cluster1.txt bootstrap 3.

  • Page 158: Commands For Example 3

    Chapter 11: Deployment Examples CLI SmartPath AP-3: ssid employee ssid employee security protocol-suite wpa-auto-psk ascii-key N38bu7Adr0n3 interface wifi0.1 ssid employee cluster cluster1 cluster cluster1 password s1r70ckH07m3s interface mgt0 cluster cluster1 save config 11.6.3 Commands for Example 3 Enter the following commands to configure the cluster members to support IEEE 802.1X authentication in Example 3 in Section 11.3: SmartPath AP-1: aaa radius-server first 10.1.1.10 shared-secret s3cr3741n4bl0X...
  • Page 159 Chapter 11: Deployment Examples CLI qos classifier-profile eth0-voice mac qos classifier-profile eth0-voice service ssid employee qos-classifier employee-voice interface eth0 qos-classifier eth0-voice For SmartPath APs supporting IEEE 802.11a/b/g: qos policy voice qos 5 wrr 20000 90 qos policy voice qos 3 wrr 54000 60 For SmartPath APs supporting IEEE 802.11a/b/g/n: qos policy voice qos 6 strict 512 0 qos policy voice qos 5 wrr 20000 90...

  • Page 160: Commands For Example 5

    Chapter 11: Deployment Examples CLI save config SmartPath AP-3: qos classifier-map oui 00:12:3b qos 6 service mms tcp 1755 service smtp tcp 25 service pop3 tcp 110 qos classifier-map service mms qos 5 qos classifier-map service smtp qos 3 qos classifier-map service pop3 qos 3 qos classifier-profile employee-voice mac qos classifier-profile employee-voice service qos classifier-profile eth0-voice mac...
  • Page 161 Chapter 11: Deployment Examples CLI SmartPath AP-2 save config tftp://10.1.1.31:bootstrap-security.txt bootstrap show config bootstrap SmartPath AP-3 save config tftp://10.1.1.31:bootstrap-meshpoint.txt bootstrap show config bootstrap 724-746-5500 | blackbox.com Page 161...

  • Page 162: Traffic Types

    Chapter 12: Traffic Types 12. Traffic Types This is a list of all the types of traffic that might be involved with a SmartPath AP and SmartPath EMS deployment. If a firewall lies between any of the sources and destinations listed below, make sure that it allows these traffic types. Table 12-1.
  • Page 163 Chapter 12: Traffic Types Table 12-2. Traffic supporting management of SmartPath APs. Service Source Destination Protocol SRC Port DST Port Notes Required for SmartPath APs to | discover SmartPath EMS and send it SmartPath AP mgt0 alarms, events, reports, traps, and CAPWAP* SmartPath EMS 17 UDP...
  • Page 164 Chapter 12: Traffic Types Table 12-2 (continued). Traffic supporting management of SmartPath APs. Service Source Destination Protocol SRC Port DST Port Notes Required for a SmartPath EMS to SmartPath AP mgt0 upload files—SmartPath OS images, SSHv2 SmartPath EMS 6 TCP 1024–65535 full configs, captive web portals interface...

  • Page 165: Appendix. Country Codes

    Appendix: Country Codes Appendix. Country Codes When the region code on a SmartPath AP is preset as “world,” you must set a country code for the location where you intend to deploy the SmartPath AP. This code determines the radio channels and power settings that the SmartPath AP can use when deployed in that country.
  • Page 166 Appendix: Country Codes Table A-1 (continued). Countries and country codes. Country Country Code Country Country Codes Country Country Code Country Country Code Japan 11 (J11) 4011 Japan12 (J12) 4012 Japan13 (J13) 4013 Japan14 (J14) 4014 Japan 15 (J15) 4015 Japan16 (J16) 4016 Japan17 (J17) 4017...
  • Page 167 NOTES 724-746-5500 | blackbox.com Page 167...
  • Page 168 About Black Box Black Box Network Services is your source for an extensive range of networking and infrastructure products. You’ll find everything from cabinets and racks and power and surge protection products to media converters and Ethernet switches all supported by free, live 24/7 Tech support available in 30 seconds or less.

This manual is also suitable for:

Lwn602aeLwn602haLwn602hae

Table of Contents