Download  Print this page

MiLAN ShAir AccessG Pro MIL-W2332G User Manual

Wireless access point/bridge with poe
Hide thumbs

Advertisement

MIL-W2332G
ShAir™ AccessG Pro Wireless
Access Point/Bridge with PoE
USER GUIDE

Advertisement

Table of Contents
loading

  Related Manuals for MiLAN ShAir AccessG Pro MIL-W2332G

  Summary of Contents for MiLAN ShAir AccessG Pro MIL-W2332G

  • Page 1 MIL-W2332G ShAir™ AccessG Pro Wireless Access Point/Bridge with PoE USER GUIDE...
  • Page 3 Any warranty hereunder is extended to the original consumer or purchaser and is not assignable. MiLAN Technology makes no express or implied warranties including, but not limited to, any implied warranty of mer- chantability or fitness for a particular purpose, except as expressly set forth in this warranty. In no event shall MiLAN Technology be liable for incidental or consequential damages, costs, or expenses arising out of or in connection with the performance of the product delivered hereunder.
  • Page 4 Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protec- tion against harmful interference in a residential installation. This equipment generates, uses and can radiated radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
  • Page 5 R&TTE Compliance Statement This equipment complies with all the requirements of DIRECTIVE 1999/5/CE OF THE EURO- PEAN PARLIAMENT AND THE COUNCIL OF 9 March 1999 on radio equipment and telecom- munication terminal equipment and the mutual recognition of their conformity (R&TTE). The R&TTE Directive repeals and replaces in the directive 98/13/EEC (Telecommunications Terminal Equipment and Satellite Earth Station Equipment) as of April 8,2000.
  • Page 6: Table Of Contents

    Table of Contents 1. Introduction 1.1. Overview 1.2. Features 1.3. LED Definitions 2. First-Time Installation and Configuration 2.1. Selecting a Power Supply Method 2.2. Mounting the AP on a Wall 2.3. Preparing for Configuration 2.3.1. Connecting the Managing Computer and the AP 2.3.2.
  • Page 7 3.1.1. Menu Structure 3.1.2. Save, Save & Restart, and Cancel Commands 3.1.3. Home and Refresh Commands 3.2. Viewing Status 3.2.1. Associated Wireless Clients 3.2.2. Current DHCP Mappings 3.2.3. System Log 3.2.4. Link Monitor 3.3. General Operations 3.3.1. Specifying Operational Mode 3.3.2.
  • Page 8 3.5.1.3. Association Control 3.5.1.4. AP Load Balancing 3.5.1.5. Wireless Distribution System 3.5.2. Security 3.5.2.1. Basic 3.5.2.2. MAC-Address-Based Access Control 3.5.3. IEEE 802.1x/RADIUS 3.6. Configuring Advanced Settings 3.6.1. Packet Filters 3.6.1.1. Ethernet Type Filters 3.6.1.2. IP Protocol Filters 3.6.1.3. TCP/UDP Port Filters 3.6.2.
  • Page 9: Introduction

    Introduction 1.1 Overview The MIL-W2332G ShAir AccessG Pro Wireless Access Point/Bridge enables IEEE 802.11g or IEEE 802.11b client computers to access the resources on the Ethernet network. With the sleek Web-based user interface and the included ShAir Wireless Management Utility, a network administrator can easily and clearly manage the AP.
  • Page 10 IEEE 802.1x/RADIUS. When the AP is in AP/Bridge mode, it can be configured to authenticate wireless users and distribute encryption keys dynamically by IEEE 802.1x Port-Based Network Access Control and RADIUS (Remote Au- thentication Dial-In User Service). WPA (Wi-Fi Protected Access). The AP supports the WPA standard proposed by the Wi-Fi Alliance (http://www.wi-fi.org).
  • Page 11 high-gain antennas for different purposes. • DHCP client. The AP can automatically obtain an IP address from a DHCP server. • DHCP server. The AP can automatically assign IP addresses to computers or other devices by DHCP (Dynamic Host Configuration Protocol). Static DHCP mappings.
  • Page 12: Led Definitions

    SNMP. SNMP (Simple Network Management Protocol) MIB I, MIB II, IEEE 802.1d, IEEE 802.1x, and Private Enterprise MIB are supported. UpnP. The AP responds to UpnP discovery messages so that a Windows XP user can locate the AP in My Network Places and use a Web browser to config- ure it.
  • Page 13: First-Time Installation And Configuration

    First-Time Installation and Configuration 2.1 Selecting a Power Supply Method Optionally, the AP can be powered by the supplied power adapter or PoE (Power over Ethernet). The AP automatically selects the suitable one depending on your decision. To power the AP by the supplied power adapter: Plug the power adapter to an AC socket.
  • Page 14: Preparing For Configuration

    Fig. 1. Mounting the AP on a wall. 2.3 Preparing for Configuration For you to configure an AP, a managing computer with a Web browser is needed. For first-time configuration of an AP, an Ethernet network interface card (NIC) should have been installed in the managing computer.
  • Page 15: Connecting The Managing Computer And The Ap

    2.3.1 Connecting the Managing Computer and the AP To connect the Ethernet managing computer and the managed AP for first-time con- figuration, you have two choices as illustrated in Fig. 2. Managing Computer Fig. 2. Connecting a managing computer and an AP via Ethernet. You can use either a cross-over Ethernet cable (included in the package) or a switch/hub with 2 normal Ethernet cables.
  • Page 16: Configuring The Ap

    2.4 Configuring the AP After the IP addressing issue is resolved, launch a Web browser on the managing computer. Then, go to “http://Error! Reference source not found.” to access the Web-based Network Manager Start page. TIP: For maintenance configuration of an AP, the AP can be reached by its host name using a Web browser.
  • Page 17: Step 1: Selecting An Operational Mode

    2.4.2 Step 1: Selecting an Operational Mode Go to the General, Operational Mode section, select an operational mode and click Save at the bottom of this page, and then you are brought back to the start page. The AP supports 2 operational modes: •...
  • Page 18 • AP Client. This mode is for Dynamic LAN-to-LAN Bridging. The AP Client auto- matically establishes bridge links with APs from any vendors. In either mode, the AP forwards packets between its Ethernet interface and wireless in- terface for wired hosts on the Ethernet side and wireless host(s) on the wireless side. There are 2 types of wireless links as specified by the IEEE 802.11 standard.
  • Page 19: Step 2: Configuring Tcp/Ip Settings

    2.4.3 Step 2: Configuring TCP/IP Settings Fig. 6. TCP/IP settings. Go to the TCP/IP, Addressing section to configure IP address settings. The IP address can be manually set or automatically assigned by a DHCP server on the LAN. If you are manually setting the IP address, Subnet mask, and Default gateway settings, set them appropriately, so that they comply with your LAN environment.
  • Page 20: Step 4: Reviewing And Applying Settings

    2.4.5 Step 4: Reviewing and Applying Settings Fig. 8. Settings changes are highlighted in red. On the start page, you can review all the settings you have made. Changes are high- lighted in red. If they are OK, click Restart to restart the AP for the new settings to take effect.
  • Page 21: Deploying The Ap

    2.5 Deploying the AP After the settings have been configured, deploy the AP to the field application environ- ment. Connect the AP to an Ethernet LAN through an Ethernet switch/hub. If you are configuring a pair of the APs for a dynamic or static bridging application and external high-gain directional antennas are used, it’s difficult to adjust alignments of the antennas when the pair of devices is distance away.
  • Page 22 Fig. 10. Antenna alignment assistance. Instead of using PING.exe, you can run Wireless Network Manager on Computer 1, and go to the Antenna Alignment tab. Click Start to begin monitoring the WDS link quality. Adjust the alignment of the antenna of Bridge 1 until the Link quality indicator shows a relatively maximal value.
  • Page 23: Setting Up Client Computers

    2.6 Setting up Client Computers The TCP/IP and IEEE 802.11g-related settings of wireless client computers must match those of the AP. 2.6.1 Configuring IEEE 802.11g-Related Settings Before the TCP/IP networking system of a wireless client computer can communicate with other hosts, the underlying wireless link must be established between this wireless computer and an AP.
  • Page 24: Confirming The Settings Of The Ap And Client Computers

    2.7 Confirming the Settings of the AP and Client Computers After you have completed deploying the AP and setting up client computers, you have to make sure the settings you have made are correct. 2.7.1 Checking if the IEEE 802.11g-Related Settings Work To check if a wireless client computer can associate with the AP: Launch the configuration/monitoring utility provided by the vendor of the installed WLAN NIC.
  • Page 25 Type “ping 2nd_dns_server”, where 2nd_dns_server is a placeholder for the IP address of the secondary DNS server of the wireless client computer. Then press Enter. If this DNS server responds the client should have no problem with TCP/IP net- working; else, see Appendix B-2, “TCP/IP Settings Problems” for troubleshooting.
  • Page 26: Using Web-Based Network Manager

    Using Web-Based Network Manager In this chapter, we’ll explain each Web management page of the Web-based Network Manager. 3.1 Overview Fig. 12. The Start page.
  • Page 27: Menu Structure

    3.1.1 Menu Structure The left side of the start page contains a menu for you to carry out commands. Here is a brief description of the hyperlinks on the menu: • Home. For going back to the start page. • Status.
  • Page 28 RADIUS (Remote Authentication Dial-In User Service) settings for better wire- less security. • Advanced. Advanced settings of the AP. Packet Filters. Ethernet Type Filters, IP Protocol Filters, and TCP/UDP Port Filters settings. Management. UPnP, System Log, and SNMP settings.
  • Page 29: Save, Save & Restart, And Cancel Commands

    3.1.2 Save, Save & Restart, and Cancel Commands Fig. 13. Save, Save & Restart, and Cancel. At the bottom of each page that contains settings you can configure, there are up to three buttons—Save, Save & Restart, and Cancel. Clicking Save stores the settings changes to the memory of the AP and brings you back to the start page.
  • Page 30: Home And Refresh Commands

    3.1.3 Home and Refresh Commands Fig. 15. Home and Refresh. At the bottom of each status page that shows read-only information, there are two but- tons—Home and Refresh. Clicking Home brings you back to the start page. Clicking Refresh updates the shown status information. 3.2 Viewing Status 3.2.1 Associated Wireless Clients Fig.
  • Page 31: Current Dhcp Mappings

    3.2.2 Current DHCP Mappings Fig. 17. Current DHCP mappings. On this page, all the current static or dynamic DHCP mappings are shown. A DHCP mapping is a correspondence relationship between an IP address assigned by the DHCP server and a computer or device that obtains the IP address. A computer or de- vice that acts as a DHCP client is identified by its MAC address.
  • Page 32: System Log

    3.2.3 System Log Fig. 18. System log. System events are recorded in the memory of the AP. The logged information is useful for troubleshooting purposes. The system events are divided into several categories, and you can select which categories of events to log. 3.2.4 Link Monitor Fig.
  • Page 33: General Operations

    3.3 General Operations 3.3.1 Specifying Operational Mode The AP supports 2 operational modes: • AP/Bridge. This mode provides both Access Point and Static LAN-to-LAN Bridging functionality. The static LAN-to-LAN bridging function is supported through Wireless Distribution System (WDS). • AP Client. This mode is for Dynamic LAN-to-LAN Bridging. The AP Client auto- matically establishes bridge links with APs from any vendors.
  • Page 34: Changing Password

    AP/Bridge STA-AP AP Client STA-AP To establish a static bridge link based on WDS, the AP/bridges at both end of the WDS link must be manually configured with each other’s MAC addresses (see Section 0 for more information). To establish a dynamic bridge link between an AP and an AP Client, both devices have to be configured with the same SSID and WEP settings.
  • Page 35: Managing Firmware

    3.3.3 Managing Firmware Fig. 22. Firmware management protocol setting. Firmware management operations for the AP include firmware upgrade, configuration backup, configuration restore, and configuration reset. Firmware upgrade, configuration backup, and configuration restore can be achieved via HTTP or TFTP. The HTTP-based way is suggested because it’s more user friendly.
  • Page 36: Backing Up And Restoring Configuration Settings By Http

    3.3.3.2 Backing up and Restoring Configuration Settings by HTTP To back up configuration of the AP by HTTP: Click Back Up. You’ll be prompted to open or save the configuration file. Click Save. The configuration file is named by the AP’s MAC address. For example, if the AP’s MAC address is 00-01-02-33-44-55, the configuration backup file should be “000102334455.hex”.
  • Page 37: Upgrading Firmware By Tftp

    3.3.3.3 Upgrading Firmware by TFTP When use TFTP as the firmware management protocol, you can configure settings for the AP’s TFTP client to communicate with a TFTP server. If the TFTP client does not get a response from the TFTP server within a period specified by the Timeout setting, it will resend the previous request.
  • Page 38 Trigger the firmware upgrade process by clicking Upgrade. NOTE: After the dialog box of the TFTP server program appears, be sure to specify the working folder within which the downloaded firmware files reside. NOTE: Make sure the Accept read requests check box of TFTP Server is selected. NOTE: The LAN IP address of the AP and the IP address of the TFTP server must be in the same IP subnet for TFTP to work.
  • Page 39: Backing Up And Restoring Configuration Settings By Tftp

    3.3.3.4 Backing up and Restoring Configuration Settings by TFTP Fig. 29. Configuration backup/restore. To back up configuration of the AP by TFTP: Get a computer that will be used as a TFTP server and as a managing computer to trigger the backup process. Connect the computer and one of the LAN Ethernet switch port with a normal Ethernet cable.
  • Page 40: Resetting Configuration To Factory Defaults

    On the computer, run the TFTP Server utility. And specify the folder in which the configuration backup file resides. A configuration backup file is named by the AP’s MAC address. For example, if the AP’s MAC address is 00-01-02-33-44-55, the configuration backup file should be “000102334455.hex”.
  • Page 41: Configuring Tcp/Ip Related Settings

    Configuring TCP/IP Related Settings 3.4.1 Addressing Fig. 31. TCP/IP settings. The IP address of the AP can be manually set (Set Manually) or automatically assigned by a DHCP server on the LAN (Obtain from a DHCP Server). If you are manually set- ting the IP address, Subnet mask, and Default gateway settings, set them appropri- ately, so that they comply with your LAN environment.
  • Page 42: Dhcp Server

    3.4.2 DHCP Server 3.4.2.1 Basic The AP can automatically assign IP addresses to client computers by DHCP. In this section of the management page, you can specify the Default gateway, Subnet mask, Primary DNS server, and Secondary DNS server settings that will be sent to a client at its request.
  • Page 43: Static Dhcp Mappings

    3.4.2.2 Static DHCP Mappings IP addresses of servers are often static so that clients could always locate the servers by the static IP addresses. By Static DHCP Mappings, you can ensure that a host will get the same IP address when it requests one from the DHCP server. Therefore, in- stead of configuring the IP address of an intranet server manually, you can configure the server to obtain an IP address by DHCP and it is always assigned the same IP ad- dress.
  • Page 44: Configuring Ieee 802.11G-Related Settings

    Configuring IEEE 802.11g-Related Settings 3.5.1 Communication 3.5.1.1 Basic Basic IEEE 802.11g-related communication settings include AP functionality, RF type, Regulatory domain, Channel number, Network name (SSID), Data rate, and Transmit power. Fig. 34. Basic IEEE 802.11g communication settings. For specific needs such as configuring the AP as a wireless LAN-to-LAN bridge, the AP functionality can be disabled, so that no wireless client can associate with the AP.
  • Page 45: Link Integrity

    3.5.1.2 Link Integrity Fig. 35. Link integrity settings. When the Ethernet LAN interface is detected to be disconnected from the wired network, all currently associated wireless clients are disassociated by the AP and no wireless client can associate with the AP. The detection mechanism is based on pinging the IP address specified in Reference host.
  • Page 46: Wireless Distribution System

    3.5.1.5 Wireless Distribution System Notebook Computer AP 2 AP 1 Fig. 38. Wireless Distribution System. Traditionally, access points are connected by Ethernet. By Wireless Distribution System (WDS), Aps can communicate with one another wirelessly. For example, in Fig. 38, AP 2 acts as an access point for the notebook computers and it forwards packets sent from the notebook computers to AP 1 through WDS.
  • Page 47 Fig. 40. Wireless Distribution System settings. To enable a WDS link: Specify the MAC address of the AP at the other end of the WDS link. Select the corresponding Enabled check box. For example, assume you want two APs with MAC addresses 00-02-65-01-62-C5 and 00-02-65-01-62-C6 to establish a WDS link between them.
  • Page 48 Fig. 41. Sample wireless bridge network topology. WARNING: Don’t let your network topology consisting of wireless bridges, Ethernet switches, Ethernet links, and WDS links contain loops. If any loops exist, packets will circle around the loops and network performance will be seriously degraded. Fig.
  • Page 49 Run Wireless Network Manager on a computer and locate the AP you want to manage. Go to the WDS tab, and then click Test. The test results (OK or Broken) will be shown in the Link Status column of the WDS links table. If external high-gain directional antennas are used, it’s difficult to align the antennas when the distance between the bridges is long.
  • Page 50 Adjust antenna alignment WDS Link Bridge 1 Bridge 2 PING (ICMP Echo Request) ICMP Echo Reply Computer 1 Computer 2 Fig. 44. Adjusting alignments of external directional antennas. TIP: You can make use of the Antenna Alignment Assistance feature to help you align the directional antennas.
  • Page 51: Security

    3.5.2 Security IEEE 802.11g security settings include SSID broadcasts, Wireless client isolation, Security mode, IEEE 802.11 Authentication algorithm, WEP keys, MAC-Address-Based Access Control. 3.5.2.1 Basic Fig. 46. Basic IEEE 802.11g security settings. For security reasons, it’s highly recommended that the security mode be set to options other than Open System.
  • Page 52 STA 1 AP 1 WCI: This AP Only Fig. 47. Behavior of the “This AP Only” wireless client isolation option. STA 1 AP 1 WCI: All APs in This Subnet Fig. 48. Behavior of the “All APs on This Subnet” wireless client isolation option. As illustrated in Fig.
  • Page 53 • Static WEP. WEP (Wired Equivalent Privacy) keys must be manually configured. • Static TKIP (WPA-PSK). Only TKIP (Temporal Key Integrity Protocol) mechanism of WPA (Wi-Fi Protected Access) is enabled. In this mode, you have to specify the Pre-shared key, which will be used by the TKIP engine as a master key to gener- ate keys that actually encrypt outgoing packets and decrypt incoming packets.
  • Page 54: Mac-Address-Based Access Control

    3.5.2.2 MAC-Address-Based Access Control Fig. 49. MAC-address-based access control settings. With MAC-Address-Based Access Control, you can specify the wireless client com- puters that are permitted or not permitted to associate with the AP. When the table type is set to inclusive, entries in the table are permitted to associate with the AP. When the table type is set to exclusive, entries in the table are not permitted to associate with the To deny wireless clients’...
  • Page 55 Instead of manually entering MAC addresses to the access control table one by one, you can prepare a text file that contains all the MAC addresses and put it on a TFTP server, and then command the AP to download the MAC ACL (Access Control List) file from the TFTP server.
  • Page 56: Ieee 802.1X/Radius

    3.5.3 IEEE 802.1x/RADIUS IEEE 802.1x Port-Based Network Access Control is a new standard for solving some security issues associated with IEEE 802.11, such as lack of user-based authentication and dynamic encryption key distribution. With IEEE 802.1x and the help of a RADIUS (Remote Authentication Dial-In User Service) server and a user account database, an enterprise or ISP (Internet Service Provider) can manage its mobile users’...
  • Page 57 RADIUS servers. When the primary RADIUS server fails to respond, the wireless ac- cess point will try to communicate with the secondary RADIUS server. You can specify the length of timeout and the number of retries before communicating with the secon- dary RADIUS server after failing to communicate with the primary RADIUS server.
  • Page 58: Configuring Advanced Settings

    3.6 Configuring Advanced Settings 3.6.1 Packet Filters The AP provides layer 2 (Ethernet Type Filters), layer 3 (IP Protocol Filters), and layer 4 (TCP/UDP Port Filters) filtering capabilities. The configuration processes for the filters are similar. Functionality: whether this filtering capability is enabled or disabled. Policy for matched packets: how a matched packet is processed—discard or pass.
  • Page 59: Ip Protocol Filters

    3.6.1.2 IP Protocol Filters Fig. 55. IP protocol filters settings. The protocol, source address, and destination address fields of a packet incoming from the WLAN or Ethernet interface is inspected for filtering. In a rule, specify the hex-decimal protocol number, source IP address range (Source IP Address AND Source Subnet Mask), and destination IP address range (Destination IP Address AND Destination Subnet Mask).
  • Page 60: Management

    3.6.2 Management 3.6.2.1 UPnP Fig. 57. UpnP settings. UpnP (Universal Plug and Play) enables a Windows XP user to automatically discover peripheral devices by HTTP. When the UpnP functionality is enabled, you can see the AP in My Network Places of Windows XP. The AP can be given a friend name that will be shown in My Network Places.
  • Page 61: System Log

    3.6.2.2 System Log System events can be logged to the on-board RAM of the AP (Local log) or sent to a remote computer on which an SNMP trap monitor program runs (Remote log by SNMP trap). See the next subsection for more information about SNMP trap settings. The system events are divided into the following categories: •...
  • Page 62: Snmp

    3.6.2.3 SNMP The SNMP (Simple Network Management Protocol) functionality can be disabled, and you can specify the name (used as a password) of the read-only and read-write com- munity. In addition, up to 5 SNMP trap targets can be set in the SNMP Trap Table. To specify a trap target: Type the IP address of the target host.
  • Page 63: Appendix A: Default Settings

    Appendix A: Default Settings TIP: Press the Default (SF-Reset, or Soft-Reset) switch on the housing of a pow- ered-on AP to reset the configuration settings to factory-default values. Setting Name Global User Name Password IEEE 802.11g Regulatory Domain Channel Number SSID SSID Broadcasts Transmission Rate...
  • Page 64 System Log SNMP SNMP read community SNMP write community Telnet Local Log Enabled public private Enabled...
  • Page 65: Appendix B: Troubleshooting

    Appendix B: Troubleshooting Check the following first: • Make sure that the power of the AP is on and the Ethernet cables are connected firmly to the RJ-45 jacks of the AP. • Make sure that the LED ALV of the AP is blinking to indicate the AP is working. •...
  • Page 66: B-2: Tcp/Ip Settings Problems

    B-2: TCP/IP Settings Problems Correspondent Host IEEE 802.11g Internet Ethernet LAN Stage A State B Stage D Client Default Gateway DNS Server Computer of Client Computer of Client Computer Fig. 60. Communication stages for a client to reach its correspondent host. For a wireless client computer to communicate with a correspondent host on the Inter- net by the host’s domain name (e.g.
  • Page 67 Use the OS-provided command-line network tool, route.exe, to modify the contents of the routing table. Use Windows-provided Device Manager to disable unnecessary NICs. Is the underlying link (Ethernet or IEEE 802.11g) established? Make sure the Ethernet link is OK. Make sure the wireless settings of the wireless client computer and of the AP match.
  • Page 68: B-3: Unknown Problems

    B-3: Unknown Problems • The AP has been set to obtain an IP address automatically by DHCP. How can I know its acquired IP address so that I can manage it using a Web browser? Use the utility, Wireless Router/AP Browser ( WLBrwsr.exe ), in the “ Utilities ” folder on the companion CD-ROM disc.
  • Page 69: Appendix C: Additional Information

    Appendix C: Additional Information C-1: Firmware Upgrade Using Xmodem Upgrade To upgrade the firmware of AP using Xmodem Upgrade over RS232: Power off the AP whose firmware will be upgraded. Connect the managing PC and the AP with an RS232 Null Modem cable. Select the serial port (COM1 or COM2) you use for connecting the device from the Serial port drop-down list and click Connect.
  • Page 70 90000435 Rev A...