1. Manuals
  2. Brands
  3. Lantech Manuals
  4. Wireless Access Point
  5. IWP-2000-68
  6. User manual

Lantech IWP-2000-68 User Manual

802.11a/b/g dual radio outdoor multi-function wireless access point
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Lantech
IWP-2000-68
802.11a/b/g Dual Radio Outdoor Multi-Function
Wireless Access Point
User's Manual

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the IWP-2000-68 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Summary of Contents for Lantech IWP-2000-68

  • Page 1 Lantech IWP-2000-68 802.11a/b/g Dual Radio Outdoor Multi-Function Wireless Access Point User’s Manual...
  • Page 2 IWP-2000-68 User’s Manual Release 1.0...

  • Page 3: Table Of Contents

    1-2. Specification .................. 3 1-3. Package Contents ................5 2. Installation ................6 2-1. Full View of IWP-2000-68 ............. 6 2-2. Full View of POE Injector ............... 7 2-3. Mount Kit for IWP-2000-68 ............7 2-4. System Requirements ..............8 2.4.1 PoE Injector ................
  • Page 4 3.5.6 SNMP .................. 100 3.5.7 Tools .................. 105 3.5.8 Log Out ................105 3.6 VLAN AP Mode ................106 3.6.1 System ................106 3.6.2 LAN Configuration .............. 114 3.6.3 Wireless ................114 3.6.4 Filtering ................119 3.6.5 SNMP .................. 120 3.6.6 Tools ..................

  • Page 5: Revision History

    Revision History Release Date Revision 12/31/2010...

  • Page 6: Caution

    Caution Circuit devices are sensitive to static electricity, which can damage their delicate electronics. Dry weather conditions or walking across a carpeted floor may cause you to acquire a static electrical charge. To protect your device, always:  Touch the metal chassis of your computer to ground the static electrical charge before you pick up the circuit device.
  • Page 7 In this user’s manual, it will not only tell you how to install and connect your network system but configure and monitor the IWP-2000-68 through the built-in web UI step-by-step. Many explanations in details of hardware and software functions are shown as well as the examples of the operation for web-based interface.

  • Page 8: Introduction

    The IWP-2000-68 also operates as multi-function wireless system that includes MESH, Point-to-Point/Point-to-Multipoint Bridge, Access Point, Wireless Client, and Repeater. The dual radio of IWP-2000-68 can be functioned dual band and maintain each radio up to 54Mbps data rate simultaneously on both directions. Key Features in the Device •...

  • Page 9: Specification

    1-2. Specification General 802.11b: 1, 2, 5.5, 11Mbps Data Rates 802.11g: 6,9,12,18,24,36,48,54 Mbps 802.11a: 6,9,12,18,24,36,48,54 Mbps IEEE802.11 a/b/g, IEEE802.1x, IEEE802.3, IEEE802.3u,I Standards EEE802.3af Power Active Ethernet (Power over Ethernet) 48 VDC/1A Requirements External Power Unit: Auto sensing 100/240 VAC; 50/60 Hz FCC/CE (by request), IP68 Regulation Certifications...
  • Page 10 Web‐ based configuration (HTTP/HTTPS) Remote Configuration Upgrade firmware via WEB, TFTP and FTP Firmware Upgrade 32 users (simultaneously) per radio Max Client Network management Lantech-Wireless-View • Operating: -30°C to 80°C Environmental • Storage: -40°C to 80°C Temperature Range 5%~95% Typical Humidity...

  • Page 11: Package Contents

    1-3. Package Contents Make sure that you have following items: 1. 1 x IWP-2000-68 Outdoor Wireless Access Point unit 2. 1 x Power Cord 3. 1 x 100~240VAC, 50~60Hz AC to 48V/1A Power Supply 4. 1 x Grounding wire 1.8m 5.

  • Page 12: Installation

    2. Installation 2-1. Full View of IWP-2000-68 Interface on the IWP-2000-68 Unit: eth1: For connecting the RJ-45 CAT-5 Ethernet cable to receiving the power and for user to configure the Access Point. eth0: For connecting and provide power to other device, such as IPCAM.

  • Page 13: Full View Of Poe Injector

    Power and Data Interface location on the PoE denoted by numbers 3-5. 2-3. Mount Kit for IWP-2000-68 The IWP-2000-68 can be mounted on a pole or wall; user can use the Pole Mount kit to mount the IWP-2000-68 as shown in Figure 2-1 and Wall Mount kit to mount the IWP-2000-68 as shown in Figure 2-2.

  • Page 14: System Requirements

    This works great in areas where you may not have power, like house roof. This also allows you to place the IWP-2000-68 unit closer to the antenna, to make installation easier more thus reducing signal loss over antenna cabling.

  • Page 15: Preparing Installation

    Before installing IWP-2000-68 for outdoor application or hard-to-reach location, we recommend configure and test all the devices first. For configuring the IWP-2000-68, please follow the quick steps below to power up the IWP-2000-68. Refer to Figure 2-3 for steps 1 through IWP-2000-68 Figure 2-3 Step1: Connect the power cord into the Power Input Port of the POE Injector and the AC plug into a power outlet.

  • Page 16: Operation Of Web-Based Management

    3. Operation of Web-based Management 3.1 Basic Configuration This chapter instructs user how to configure and manage the IWP-2000-68 through the web user interface. The default values of the AP are listed in the table below: IP Address 192.168.1.1 Subnet Mask 255.255.255.0...

  • Page 17: Ap-Bridge Mode

    Figure 3-2 3.2 AP-Bridge Mode The default operating model for IWP-2000-68 is AP-Bridge, this model is to set the device as a normal AP. The functions and settings are list as following: ▽...

  • Page 18: System

    Bridge Status ● WIFI Status ● ● System time ● Reboot ● ▽ LAN Bridge LAN settings ● ▽ WIRELESS WIFI ath0 Setting ● WIFI ath1 Setting ● WIFI ath2 Setting ● WIFI ath3 Setting ● WIFI ath4 Setting ● WIFI ath5 Setting ●...
  • Page 19 Figure 3-2-1 3.2.1.1 Administrator By selecting the item of Administrator under System, User will see the screen shown in Figure 3-2-2. These settings allow user to configure the device Name, language, model, password, remote management and WIFI Loading Warning Threshold. Device Name This is a host name or system name for the device.
  • Page 20 The threshold value is used by Lantech-Wireless-View. Lantech-Wireless-View will monitor the WIFI loading, when the loading is over this value, Lantech-Wireless-View will change the color of the link line on network topology to notify the user about condition of the link quality. The threshold value is between 5 and 3.2.1.2 Firmware Update...
  • Page 21 Figure 3-2-3 Using TFTP On any computer in the network or a compute direct connect to the AP. Install a TFTP Server utility, and put the firmware file named ‘upgradeFW.tar’ in a folder. Run TFTP server utility and specify the folder in which the firmware file located.
  • Page 22 Figure 3-2-4 Restore Factory Default Configuration: To reset configuration settings to the factory default values, just click on <NEXT> button beside ‘Restore Factory Default Configuration’. Figure 3-2-5 Then click on <Restore> button on next page, now the system will reset to factory default value. Figure 3-2-6 Local Backup Settings/Restore settings To backup or restore the configuration for this device, click on...
  • Page 23 Figure 3-2-8 Remote Backup Settings/Restore settings User can also backup/restore the configuration of this device remotely. Click on <NEXT> button beside ‘Local Backup settings/Restore settings’, Figure 3-2-9 Enter the necessary setting in next page, then click on <Backup To Server> or <Restore From Server> to start the process. Figure 3-2-10 3.2.1.4 General Status In this page user could see the detail settings of this device, including...
  • Page 24 Figure 3-2-11 3.2.1.5 Power Control/Status In this page user can enable the PoE power forwarding function for eth0 port.
  • Page 25 Figure 3-2-12 3.2.1.6 Bridge Status In this page user could see the bridge interfaces information of this device, such as interface information, STP status, mac address information etc. Figure 3-2-13 3.2.1.7 WIFI Status In this page user could see the WIFI information of this device, such as: Interface information, Security information, Associated AP/Station.
  • Page 26 Figure 3-2-14 3.2.1.8 Log In this page user could see the system logs record of this device. Figure 3-2-15 3.2.1.9 System time Select Setting Type Setting by: User can set system time in two ways. One is manual setting, the other one is synchronize with an Internet Time Server. Manual Setting User can manually enter the Year/ Month/ Day and Hour: Minute: Second.

  • Page 27: Lan Configuration

    Figure 3-2-16 3.2.1.10 Reboot User can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the <Reboot> button and click on <OK> on pop-up screen to confirm user’s decision.
  • Page 28 lowest priority will be elected 'root bridge' Hello Time: Set the bridge's 'bridge hello time' value (seconds). Forwarding Delay: Set the bridge's 'bridge forward delay' value (seconds). Max Age: Set the bridge's 'maximum message age' value (seconds) Port Cost: Set the port cost of the port. Port Priority: Set the port priority of the port (interface).

  • Page 29: Wireless

    3.2.3 Wireless User can configure the wireless related settings in this page. Figure 3-2-19 3.2.3.1 WIFI ath0~7 Setting General Radio Power: Turn this interface on or off Wireless Mode: Select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g.
  • Page 30 number between 1 and 255 to specify. Fragment Threshold: It is the maximum frame size that wireless device can transmit without fragmenting the frame. Enter a value between 256 and 2346 to specify the Fragment Threshold. RTS/CTS Threshold: Packets larger than the value are transmitted by the RTS/CTS handshake.
  • Page 31 Select Key: Check the radio box in front of the key that user would like to use for this AP. Figure 3-2-22 WPA-Personal: The method of authentication is similar to WEP, user can define a ‘Pre-Shared Key’, once the key is confirmed and satisfied on both the client and access point, then access is granted.
  • Page 32 QoS WMM: Enable/disable WMM support. MAX Associated Station: Maximum number of stations allowed in station table. Common Parameters: CWmin: Minimum Contention Window. The valid values for ‘CWmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095.

  • Page 33: Filtering

    wireless medium (WM). This value specifies (in milliseconds) the Transmission Opportunity (TXOP) for Client Station; that is, the interval of time when the WMM AP has the right to initiate transmissions on the wireless network. ACM: Admission control mandatory. Figure 3-2-25 3.2.4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter(s).

  • Page 34: Snmp

    Figure 3-2-26 3.2.5 SNMP The IWP-2000-68 support SNMP V1/V2C/V3, this page is for defines the SNMP access control and SNMP traps. 3.2.5.1 Basic Setting SNMP Agent Check the <Enable> check box to turn on SNMP. Please Note: Enable the SNMP will also enable the LLDP (Link Layer Discovery Protocol) function.
  • Page 35 have the correct community name, user can't retrieve any data (get) or make any change (set). Multiple SNMP managers may be organized in a specified community. V3 The SNMP V3 is a Security Enhancement for SNMP, it provides secure access to devices by a combination of userID, authenticating and encrypting packets over the network.
  • Page 36 3.2.5.2 VACM Setting User can use the View-based Access Control Model (VACM) to define whether access to a specified managed object is authorized. Access control is done at the following points:  When processing retrieval request messages from the SNMP manager.
  • Page 37 View Create a view for user to let the groups have rights to view the MIB tree. Index: Index of View. Tick the checkbox to enable the recordset. View Name: The name of view. Include: Assign include or exclude in this record for certain subtree.
  • Page 38 Figure 3-2-30 3.2.5.3 SNMP Trap It is an SNMP application that uses the SNMP TRAP operation to send information to a network management system. SNMP Trap Trap Active: To enable or disable SNMP Trap function. Version: Indicate the traps will be sent in v1 or v2c or not send (disable).

  • Page 39: Tools

    Figure 3-2-32 3.2.6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device. Figure 3-2-33 3.2.7 Log Out User can manually logout by click on <Log Out>. Figure 3-2-34 3.3 AP-CB-Bridge Mode AP-CB-Bridge mode is to set this device as an AP and Client Bridge device, the setting and functions as following: ▽...

  • Page 40: System

    Rogue AP Scan ● WIFI ath3 Setting ● WIFI ath4 Setting ● WIFI ath5 Setting ● WIFI ath6 Setting ● WIFI ath7 Setting ● ▽ FILTER MAC Filtering ● ▽ SNMP Basic Setting ● VACM Setting ● Trap Setting ● ▽...
  • Page 41 Language Select This function allows user to select a language for the UI, the options available are: English, Simplified Chinese and Traditional Chinese. Model Select OLSR-AP: To set this device as an AP with layer 3 MESH function. AODV-AP: To set this device as an AP with layer 3 MESH function. AP-Bridge: To set this device as a normal AP.
  • Page 42 The threshold value is used by Lantech-Wireless-View. Lantech-Wireless-View will monitor the WIFI loading, when the loading is over this value, Lantech-Wireless-View will change the color of the link line on network topology to notify the user about condition of the link quality. The threshold value is between 5 and 3.3.1.2 Firmware Update...
  • Page 43 Using FTP On FTP server, there should have valid firmware which includes fs-opn.img and/or kernel-opn.img. On the Firmware Update - FTP page, enter the IP address of the FTP server, firmware name and FTP user name and password. Then click on <APPLY> button to start the firmware upgrade process.
  • Page 44 Click on <Backup Settings> button on next page to save the settings of this device to a file named ‘configs.tar’ on user’s PC. To Restore the settings, click on <Browse> button and select the correct file path and file name. Then, click on <Restore Settings> button to start the restore settings process.
  • Page 45 Figure 3-3-11 3.3.1.5 Power Control/Status In this page user can enable the eth0 port to provide PoE power and data forwarding function. Figure 3-3-12...
  • Page 46 3.3.1.6 Bridge Status In this page user could see the bridge interfaces information of this device, such as interface information, STP status, mac address information etc. Figure 3-3-13 3.3.1.7 WIFI Status In this page user can click WIFI Interfaces to see each WIFI’s information of this device, such as: Interface information, Security information, Associated AP/Station.
  • Page 47 The Figure 3-3-15shows that the ath3 (CB model) has connected to an AP, and display the relevant information. Figure 3-3-15 The Figure 3-3-16 shows ath4 (AP model) information. Figure 3-3-16 3.3.1.8 Log In this page user could see the system logs record of this device. Figure 3-3-17 3.3.1.9 System time Select Setting Type...

  • Page 48: Lan Configuration

    User can manually enter the Year/ Month/ Day and Hour: Minute: Second. Using Internet Time Server Hours from GMT: User can enter the Hours from GMT, for example Taiwan is GMT +8 Hours. Server IP: User should enter the Internet time server IP address. Time Update for Every: User can set time update interval by enter the days, hours, and minutes.
  • Page 49 User can change the network settings of this device from LAN Configuration; it is including IP address, Subnet mask, and Gateway address. Bridge STP Setting User can also set the Bridge STP setting in this page. STP/RSTP: Disable the bridge STP or set the bridge mode as STP or RSTP mode.

  • Page 50: Wireless

    3.3.3 Wireless User can set the wireless related setting here. Figure 3-3-21 3.3.3.1 Rogue AP Scan Rogue Enable Check the radio box in front of <Enable> to enable the Rogue AP detection, and Press <Add> or <Del> button to apply. Allow AP The allowable AP list.
  • Page 51 The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. SSID: The SSID (service set identifier) is an identifier of an AP in user’s wireless network. In station mode (CB), this SSID must be same as the AP that user wish to connect. User can either type in the SSID by themself or simply press the <Scan>...
  • Page 52 Figure 3-3-23 SSID Security Mode Authentication: User can choose which authentication type to secure the wireless net work. There are four options for authentication: Disable, WEP, WPA-personal and WPA-enterprise. WEP: Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11 standard.
  • Page 53 Figure 3-3-25 WPA-enterprise: WPA-Enterprise includes all of the features of WPA-PSK plus support the 802.1x authentication. To use this function, a separate RADIUS server is required User should enter their account and password to pass the authentication. Figure 3-3-26 Please Note: In wifi station model, the security setting must be same as the AP that user wish to connect.
  • Page 54 Figure 3-3-27 Advanced Settings Peer Node Distance: Set the distance between this device and it’s adjacent. If select 'manual', the distance will be determined by 'Slot time', 'ACK timeout' and 'CTS timeout' three values. Beacon Period: This item contains the length of the beacon interval. Enter a value between 20 and 1000 to specify the Beacon Period.
  • Page 55 Figure 3-3-28 SSID Security Mode Authentication: User can choose which authentication type to secure the wireless net work. There are four options for authentication: Disable, WEP, WPA-personal and WPA-enterprise. WEP: Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11 standard.
  • Page 56 (broadcast/multicast encryption keys) in seconds. Figure 3-3-30 WPA-enterprise: WPA-Enterprise includes all of the features of WPA-PSK plus support the 802.1x authentication. To use this function, a separate RADIUS server is required. User should enter the IP and port number of the Authentication Server and Shared Secret here.
  • Page 57 This affects traffic flowing from the access point to the client station. These parameters are used by the access point when transmitting frames to the clients. AP Tx-Best Effort: Medium Priority. Medium throughput and delay. Most traditional IP data is sent to this queue. AP Tx-Background: Low Priority.

  • Page 58: Filtering

    Reject: All PCs/interfaces can access this AP except those interfaces/PCs with MAC address in the MAC address table. Figure 3-2-32 3.3.5 SNMP The IWP-2000-68 support SNMP V1/V2C/V3, this page is for defines the SNMP access control and SNMP traps. 3.3.5.1 Basic Setting SNMP Agent Check the <Enable>...
  • Page 59 Lantech-Wireless-View to remote management the AP and draw the network topography. System Information Contact: Specify the contact name for this managed node as well as information about how to contact this person. Location: It is used to define the location of the host on which the SNMP agent is running.
  • Page 60 Figure 3-2-34 3.3.5.2 VACM Setting User can use the View-based Access Control Model (VACM) to define whether access to a specified managed object is authorized. Access control is done at the following points: When processing retrieval request messages from the SNMP manager.
  • Page 61 Index: Index of Group. Tick the checkbox to enable the recordset. Group Name: A group name is given to a group of users and is used when managing their access rights. Security Model: Assign security model for group. Security Name: Assign security name for group. This field will obtain from the ‘Security Name’...
  • Page 62 The Access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: Index of Access. Tick the checkbox to enable recordset. Group: Returned and lookup the ‘Group Name’ from the Group table.

  • Page 63: Tools

    Figure 3-3-38 Trap Items Enable/Disable which trap items to send. Figure 3-3-39 3.3.6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device. Figure 3-3-40 3.3.7 Log Out User can manually logout by click on <Log Out>. Figure 3-3-41...

  • Page 64: Ap-Cb-Route Mode

    3.4 AP-CB-Route Mode AP-CB-Route mode is to set this device as a router device with AP and CB functions. The setting and functions as following: ▽ SYSTEM Administrator ● Firmware ● Configuration Tools ● General Status ● Power Control ● WIFI Status ●...

  • Page 65: System

    3.4.1 System This page shows the current status and some basic settings of the device, including Administrator, Firmware, Configuration Tools, General Status, Power Control, WIFI Status, Log, System Time and Reboot; screen as shown in Figure 3-4-1 Figure 3-4-1 3.4.1.1 Administrator By selecting the item of Administrator under System, User will see the screen shown in Figure 3-4-2.
  • Page 66 The threshold value is used by Lantech-Wireless-View. Lantech-Wireless-View will monitor the WIFI loading, when the loading is over this value, Lantech-Wireless-View will change the color of the link line on network topology to notify the user about condition of the link quality. The threshold value is between 5 and 3.4.1.2 Firmware Update...
  • Page 67 Figure 3-4-3 Using TFTP On any computer in the network or a compute direct connect to the AP. Install a TFTP Server utility, and put the firmware file named ‘upgradeFW.tar’ in a folder. Run TFTP utility and specify the folder in which the firmware file located.
  • Page 68 Figure 3-4-4 Restore Factory Default Configuration: To reset configuration settings to the factory default values, just click on <NEXT> button beside ‘Restore Factory Default Configuration’. Figure 3-4-5 Then click on <Restore> button on next page, now the system will reset to factory default value. Figure 3-4-6 Local Backup Settings/Restore settings To backup or restore the configuration for this device.
  • Page 69 Figure 3-4-8 Remote Backup Settings/Restore settings User can also backup/restore the configuration of this device remotely. Click on <NEXT> button beside ‘Local Backup settings/Restore settings’, Figure 3-4-9 Enter the necessary setting in next page, then click on <Backup To Server> or <Restore From Server> to start the process. Figure 3-4-10 3.4.1.4 General Status In this page user could see the detail settings of this device, including...
  • Page 70 Figure 3-4-11 3.4.1.5 Power Control/Status In this page user can enable the eth0 port to provide PoE power and data forwarding function.
  • Page 71 Figure 3-4-12 3.4.1.6 WIFI Status In this page user can click WIFI Interfaces to see each WIFI information of this device, such as: Interface information, Security information, Associated AP/Station. The Figure 3-4-13 shows the ath3 (CB) interface is waiting for connecting to an AP.
  • Page 72 3.4.1.7 Log In this page user could see the system logs record of this device. Figure 3-4-16 3.4.1.8 System time Select Setting Type Setting by: User can set system time in two ways. One is manual setting, the other one is synchronize with an Internet Time Server. Manual Setting User can manually enter the Year/ Month/ Day and Hour: Minute: Second.

  • Page 73: Wan Configuration

    Figure 3-4-18 3.4.2 WAN Configuration 3.4.2.1 WAN Settings This function is to establish a connection with user’s WAN network, select the IP Allocation Mode that ISP is used. Interface ath3 Setting IP Authentication: Indicate how the IP address of this device will be assigned.

  • Page 74: Lan Configuration

    User can press <Add> button to add IP address to the Bandwidth Limitation list. User can tick the check box and press <Del> button to delete the IP address from the Bandwidth Limitation list. Figure 3-4-20 3.4.3 LAN Configuration User can change the local network settings of this device from LAN Configuration for eth0~eth1 and ath4~ath7, which include the IP address, Subnet mask and DHCP server related settings.

  • Page 75: Wireless

    Figure 3-4-21 3.4.4 Wireless User can set the wireless related setting here. Figure 3-4-22 3.4.4.1 Rogue AP Scan Rogue Enable Check the radio box in front of <Enable> to enable the Rogue AP detection, and Press <Add> or <Del> button to apply. Allow AP The allowable AP list.
  • Page 76 Press <WIFIx> button to Re-scan the APs nearby which are scanned by wifi card x (x:1 or 2) Figure 3-4-23 3.4.4.2 WIFI ath3 Setting General Radio Power: Turn this interface on or off Wireless Mode: Select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g.
  • Page 77 specify the value of the RTS /CTS Threshold. Tx Power: To set the tx power as off to turn off the tx power, set auto to let device determine the tx power value automatically, or set manual to set the tx power value. The max value is depending on the wireless module.
  • Page 78 granted. The encryption method used is referred to as the Temporal Key Integrity Protocol (TKIP). WPA MODE: In this setting, user can choose WPA or WPA2 or WPA & WPA2. (WPA2 is far superior to WPA, because the encryption of method used is Advanced Encryption Standard (AES).) Share Key: User should define the pre-share key in here;...
  • Page 79 radio channels. Channel: Set the operating frequency/channel for this device. Figure 3-4-28 Advanced Settings Peer Node Distance: Set the distance between this device and it’s adjacent. If select 'manual', the distance will be determined by 'Slot time', 'ACK timeout' and 'CTS timeout' three values. Beacon Period: This item contains the length of the beacon interval.
  • Page 80 Figure 3-4-29 SSID Security Mode Authentication: User can choose which authentication type to secure the wireless net work. There are four options for authentication: Disable, WEP, WPA-personal and WPA-enterprise. WEP: Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11 standard.
  • Page 81 (broadcast/multicast encryption keys) in seconds. Figure 3-4-31 WPA-enterprise: WPA-Enterprise includes all of the features of WPA-PSK plus support the 802.1x authentication. To use this function, a separate RADIUS server is required. User should enter the IP and port number of the Authentication Server and Shared Secret here.
  • Page 82 This affects traffic flowing from the access point to the client station. These parameters are used by the access point when transmitting frames to the clients. AP Tx-Best Effort: Medium Priority. Medium throughput and delay. Most traditional IP data is sent to this queue. AP Tx-Background: Low Priority.

  • Page 83: Filtering

    3.4.5 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to user’s network. A MAC address is a unique ID assigned by the manufacturer of the network adapter.

  • Page 84: Snmp

    MAC address in the MAC address table. Figure 3-4-35 3.4.6 SNMP The IWP-2000-68 support SNMP V1/V2C/V3, this page is for defines the SNMP access control and SNMP traps. 3.4.6.1 Basic Setting SNMP Agent Check the <Enable> check box to turn on SNMP. Please Note: Enable the SNMP will also enable the LLDP (Link Layer Discovery Protocol) function.
  • Page 85 SNMP Community provides a simple protection by using the community name to control the access to the SNMP. The community name can be thought of as a password. If user don’t have the correct community name, user can’t retrieve any data (get) or make any change (set).
  • Page 86 Figure 3-4-36 3.4.6.2 VACM Setting User can use the View-based Access Control Model (VACM) to define whether access to a specified managed object is authorized. Access control is done at the following points: When processing retrieval request messages from the SNMP manager.
  • Page 87 Index: Index of Group. Tick the checkbox to enable the recordset. Group Name: A group name is given to a group of users and is used when managing their access rights. Security Model: Assign security model for group. Security Name: Assign security name for group. This field will obtain from the ‘Security Name’...
  • Page 88 The Access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: Index of Access. Tick the checkbox to enable recordset. Group: Returned and lookup the ‘Group Name’ from the Group table.

  • Page 89: Tools

    Figure 3-4-40 Trap Items Enable/Disable which trap items to send. Figure 3-4-41 3.4.7 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device. Figure 3-4-42 3.4.8 Log Out User can manually logout by click on <Log Out>. Figure 3-4-43...

  • Page 90: Cb-Cb-Route Mode

    3.5 CB-CB-Route Mode CB-CB-Route mode is to set this device as a router device with two CBs (Station mode). For example, one CB connects to an Internet Provider’s AP for WAN connection; another CB connects to the intranet’s AP. The setting and functions list as following: ▽...

  • Page 91: System

    3.5.1 System This page shows the current status and some basic settings of the device, including Administrator, Firmware, Configuration Tools, General Status, Power Control, WIFI Status, Log, System time and Reboot; screen as shown in Figure 3-5-1 Figure 3-5-1 3.5.1.1 Administrator By selecting the item of Administrator under System, User will see the screen shown in Figure 3-5-2.
  • Page 92 The threshold value is used by Lantech-Wireless-View. Lantech-Wireless-View will monitor the WIFI loading, when the loading is over this value, Lantech-Wireless-View will change the color of the link line on network topology to notify the user about condition of the link quality. The threshold value is between 5 and 3.5.1.2 Firmware Update...
  • Page 93 Figure 3-5-3 Using TFTP On any computer in the network or a compute direct connect to the AP. Install a TFTP Server utility, and put the firmware file named ‘upgradeFW.tar’ in a folder. Run TFTP utility and specify the folder in which the firmware file located.
  • Page 94 Figure 3-5-4 Restore Factory Default Configuration: To reset configuration settings to the factory default values, just click on <NEXT> button beside ‘Restore Factory Default Configuration’. Figure 3-5-5 Then click on <Restore> button on next page, now the system will reset to factory default value. Figure 3-5-6 Local Backup Settings/Restore settings To backup or restore the configuration for this device.
  • Page 95 Figure 3-5-8 Remote Backup Settings/Restore settings User can also backup/restore the configuration of this device remotely. Click on <NEXT> button beside ‘Local Backup settings/Restore settings’, Figure 3-5-9 Enter the necessary setting in next page, then click on <Backup To Server> or <Restore From Server> to start the process. Figure 3-5-10 3.5.1.4 General Status In this page user could see the detail settings of this device, including...
  • Page 96 Figure 3-5-11 3.5.1.5 Power Control/Status In this page user can enable the eth0 port to provide PoE power and data forwarding function. Figure 3-5-12...
  • Page 97 3.5.1.6 WIFI Status In this page user can click WIFI Interfaces to see each WIFI information of this device, such as: Interface information, Security information, Associated AP/Station. The Figure 3-5-13 shows the ath3/ath7 (CB) interface is waiting for connecting to an AP. Figure 3-5-13 The Figure 3-5-14 shows that the ath3/ath7 (CB model) has connected to an AP, and display the relevant information.

  • Page 98: Wan Configuration

    Using Internet Time Server Hours from GMT: User can enter the Hours from GMT, for example Taiwan is GMT +8 Hours. Server IP: User should enter the Internet time server IP address here. Time Update for Every: User can set time update interval by enter the days, hours, and minutes.

  • Page 99: Lan Configuration

    Figure 3-5-18 3.5.2.2 Bandwidth Management This function allows user to set the limitation of total upload/download bandwidth on WAN interface, and also can set the limitation of upload/download bandwidth for each user or a group of users by IP address. Bandwidth Management Bandwidth Management: Enable bandwidth limitation function.

  • Page 100: Wireless

    User can change the network settings of this interface from LAN configuration; it is including IP address, Subnet mask and enable/disable the DHCP server Function. DHCP Server Parameters Primary / Secondary DNS Address: The domain-name-servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting / Ending Address: The IP Address range which will be assigned.
  • Page 101 Figure 3-5-22 3.5.4.1 Rogue AP Scan Rogue Enable Check the radio box in front of <Enable> to enable the Rogue AP detection, and Press <Add> or <Del> button to apply. Allow AP The allowable AP list. The AP in the list is a legal AP for CB to connect.
  • Page 102 user’s wireless network. In station mode (CB), this SSID must be same as the AP that user wish to connect. User can either type in the SSID by themself or simply press the <Scan> button and select the AP form the popup list, then click <submit>. MAC Cloning: This feature controls the MAC Address of the Wireless Bridge seen by other devices (wired or wireless).
  • Page 103 Figure 3-5-24 SSID Security Mode Authentication: User can choose which authentication type to secure the wireless net work. There are four options for authentication: Disable, WEP, WPA-personal and WPA-enterprise. WEP: Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11 standard.

  • Page 104: Filtering

    Figure 3-5-26 WPA-enterprise: WPA-Enterprise includes all of the features of WPA-PSK plus support the 802.1x authentication. To use this function, a separate RADIUS server is required User should enter their account and password to pass the authentication. Figure 3-5-27 Please Note: In wifi station model, the security setting must be same as the AP that user wish to connect.

  • Page 105: Mac Filtering

    Figure 3-5-28 3.5.5.2 MAC Filtering User can block certain clients from accessing this AP based on its MAC address. Use Filtering type to define the filtering scenario: General Disabled: Disable this filtering function. If this option is selected, all PCs can access this AP. Accept: All PCs are filtered out except those MAC addresses in the following MAC address table.

  • Page 106: Snmp

    Figure 3-5-29 3.5.6 SNMP The IWP-2000-68 support SNMP V1/V2C/V3, this page is for defines the SNMP access control and SNMP traps. 3.5.6.1 Basic Setting SNMP Agent Check the <Enable> check box to turn on SNMP. Please Note: Enable the SNMP will also enable the LLDP (Link Layer Discovery Protocol) function.
  • Page 107 community name can be thought of as a password. If user don't have the correct community name, user can't retrieve any data (get) or make any change (set). Multiple SNMP managers may be organized in a specified community. V3 The SNMP V3 is a Security Enhancement for SNMP, it provides secure access to devices by a combination of userID, authenticating and encrypting packets over the network.
  • Page 108 Figure 3-5-30 3.5.6.2 VACM Setting User can use the View-based Access Control Model (VACM) to define whether access to a specified managed object is authorized. Access control is done at the following points: When processing retrieval request messages from the SNMP manager.
  • Page 109 Index: Index of Group. Tick the checkbox to enable the recordset. Group Name: A group name is given to a group of users and is used when managing their access rights. Security Model: Assign security model for group. Security Name: Assign security name for group. This field will obtain from the ‘Security Name’...
  • Page 110 The Access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: Index of Access. Tick the checkbox to enable recordset. Group: Returned and lookup the ‘Group Name’ from the Group table.

  • Page 111: Tools

    Figure 3-5-34 Trap Items Enable/Disable which trap items to send. Figure 3-5-35 3.5.7 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device. Figure 3-5-36 3.5.8 Log Out User can manually logout by click on <Log Out>. Figure 3-5-37...

  • Page 112: Vlan Ap Mode

    3.6 VLAN AP Mode To set this device as a VLAN-AP. Each AP bridge (SSID) has its own VLAN ID, the setting and functions as following: ▽ SYSTEM Administrator ● Firmware ● Configuration Tools ● General Status ● Power Control ●...
  • Page 113 Figure 3-6-1 3.6.1.1 Administrator By selecting the item of Administrator under System, User will see the screen shown in Figure 3-6-2. These settings allow user to configure the Device Name, Language, Model, Password, Remote Management and WIFI Loading Warning Threshold. Device Name This is a host name or system name for the device.
  • Page 114 The threshold value is used by Lantech-Wireless-View. Lantech-Wireless-View will monitor the WIFI loading, when the loading is over this value, Lantech-Wireless-View will change the color of the link line on network topology to notify the user about condition of the link quality. The threshold value is between 5 and 3.6.1.2 Firmware Update...
  • Page 115 Figure 3-6-3 Using TFTP On any computer in the network or a compute direct connect to the AP. Install a TFTP Server utility, and put the firmware file named ‘upgradeFW.tar’ in a folder. Run TFTP utility and specify the folder in which the firmware file located.
  • Page 116 Figure 3-6-4 Restore Factory Default Configuration: To reset configuration settings to the factory default values, just click on <NEXT> button beside ‘Restore Factory Default Configuration’. Figure 3-6-5 Then click on <Restore> button on next page, now the system will reset to factory default value. Figure 3-6-6 Local Backup Settings/Restore settings To backup or restore the configuration for this device.
  • Page 117 Figure 3-6-8 Remote Backup Settings/Restore settings User can also backup/restore the configuration of this device remotely. Click on <NEXT> button beside ‘Local Backup settings/Restore settings’, Figure 3-6-9 Enter the necessary setting in next page, then click on <Backup To Server> or <Restore From Server> to start the process. Figure 3-6-10 3.6.1.4 General Status In this page user could see the detail settings of this device, including...
  • Page 118 Figure 3-6-11 3.6.1.5 Power Control/Status In this page user can enable the eth0 port to provide PoE power and data forwarding function. Figure 3-6-12...
  • Page 119 3.6.1.6 WIFI Status In this page user could see the WIFI information of this device, such as: Interface information, Security information, Associated AP/Station. Figure 3-6-13 3.6.1.7 Log In this page user could see the system logs record of this device. Figure 3-6-14 3.6.1.8 System time Select Setting Type...

  • Page 120: Lan Configuration

    Figure 3-6-15 3.6.1.9 Reboot User can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the <Reboot> button and click on <OK> on pop-up screen to confirm user’s decision.
  • Page 121 Figure 3-6-18 3.6.3.1 WIFI ath0~7 Setting General Radio Power: Turn this interface on or off Wireless Mode: Select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. VLAN ID: It is only available in VLAN_AP model. It is the VLAN tag value.
  • Page 122 number between 1 and 255 to specify. Fragment Threshold: It is the maximum frame size that wireless device can transmit without fragmenting the frame. Enter a value between 256 and 2346 to specify the Fragment Threshold. RTS/CTS Threshold: Packets larger than the value are transmitted by the RTS/CTS handshake.
  • Page 123 Select Key: Check the radio box in front of the key that user would like to use for this AP. Figure 3-6-21 WPA-Personal: The method of authentication is similar to WEP, user can define a ‘Pre-Shared Key’, once the key is confirmed and satisfied on both the client and access point, then access is granted.
  • Page 124 QoS WMM Enable/disable WMM support. MAX Associated Station: Maximum number of stations allowed in station table. Common Parameters: CWmin: Minimum Contention Window. The valid values for ‘CWmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095.

  • Page 125: Filtering

    wireless medium (WM). This value specifies (in milliseconds) the Transmission Opportunity (TXOP) for Client Station; that is, the interval of time when the WMM AP has the right to initiate transmissions on the wireless network. ACM: Admission control mandatory. Figure 3-6-24 3.6.4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter(s).

  • Page 126: Snmp

    Figure 3-6-25 3.6.5 SNMP The IWP-2000-68 support SNMP V1/V2C/V3, this page is for defines the SNMP access control and SNMP traps. 3.6.5.1 Basic Setting SNMP Agent Check the <Enable> check box to turn on SNMP. Please Note: Enable the SNMP will also enable the LLDP (Link Layer Discovery Protocol) function.
  • Page 127 community name can be thought of as a password. If user don't have the correct community name, user can't retrieve any data (get) or make any change (set). Multiple SNMP managers may be organized in a specified community. V3 The SNMP V3 is a Security Enhancement for SNMP, it provides secure access to devices by a combination of userID, authenticating and encrypting packets over the network.
  • Page 128 Figure 3-6-26 3.6.5.2 VACM Setting User can use the View-based Access Control Model (VACM) to define whether access to a specified managed object is authorized. Access control is done at the following points: When processing retrieval request messages from the SNMP manager.
  • Page 129 Index: Index of Group. Tick the checkbox to enable the recordset. Group Name: A group name is given to a group of users and is used when managing their access rights. Security Model: Assign security model for group. Security Name: Assign security name for group. This field will obtain from the ‘Security Name’...
  • Page 130 The Access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: Index of Access. Tick the checkbox to enable recordset. Group: Returned and lookup the ‘Group Name’ from the Group table.

  • Page 131: Tools

    Auth Level: Assign security level in this record. The Options are: NoAuthNoPriv, AuthNoPriv, AuthPriv. Figure 3-6-30 Trap Items Enable/Disable which trap items to send. Figure 3-6-31 3.6.6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device.

  • Page 132: Ap_Wds_Bridge Mode

    3.7 AP_WDS_Bridge Mode To set this device as a WDS device, the setting and functions as following: ▽ SYSTEM Administrator ● Firmware ● Configuration Tools ● General Status ● Power Control ● Bridge Status ● WIFI Status ● ● System time ●...
  • Page 133 Figure 3-7-1 3.7.1.1 Administrator By selecting the item of Administrator under System, User will see the screen shown in Figure 3-7-2. These settings allow user to configure the Device Name, Language, Model, Password, Remote Management and WIFI Loading Warning Threshold. Device Name This is a host name or system name for the device.
  • Page 134 The threshold value is used by Lantech-Wireless-View. Lantech-Wireless-View will monitor the WIFI loading, when the loading is over this value, Lantech-Wireless-View will change the color of the link line on network topology to notify the user about condition of the link quality. The threshold value is between 5 and 3.7.1.2 Firmware Update...
  • Page 135 Figure 3-7-3 Using TFTP On any computer in the network or a compute direct connect to the AP. Install a TFTP Server utility, and put the firmware file named ‘upgradeFW.tar’ in a folder. Run TFTP utility and specify the folder in which the firmware file located.
  • Page 136 Figure 3-7-4 Restore Factory Default Configuration: To reset configuration settings to the factory default values, just click on <NEXT> button beside ‘Restore Factory Default Configuration’. Figure 3-7-5 Then click on <Restore> button on next page, now the system will reset to factory default value. Figure 3-7-6 Local Backup Settings/Restore settings To backup or restore the configuration for this device.
  • Page 137 Figure 3-7-8 Remote Backup Settings/Restore settings User can also backup/restore the configuration of this device remotely. Click on <NEXT> button beside ‘Local Backup settings/Restore settings’, Figure 3-7-9 Enter the necessary setting in next page, then click on <Backup To Server> or <Restore From Server> to start the process. Figure 3-7-10 3.7.1.4 General Status In this page user could see the detail settings of this device, including...
  • Page 138 Figure 3-7-11 3.7.1.5 Power Control/Status In this page user can enable the eth0 port to provide PoE power and data forwarding function. Figure 3-7-12...
  • Page 139 3.7.1.6 Bridge Status In this page user could see the bridge interfaces information of this device, such as interface information, STP ststus, mac address information etc. Figure 3-7-13 3.7.1.7 WIFI Status In this page user could see the WIFI information of this device, such as: Interface information, Security information, Associated AP/Station.
  • Page 140 Figure 3-7-14 3.7.1.8 Log In this page user could see the system logs record of this device. Figure 3-7-15 3.7.1.9 System time Select Setting Type Setting by: User can set system time in two ways. One is manual setting, the other one is Synchronize with an Internet Time Server. Manual Setting User can manually enter the Year/ Month/ Day and Hour: Minute: Second.

  • Page 141: Lan Configuration

    Figure 3-7-16 3.7.1.10 Reboot User can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the <Reboot> button and click on <OK> on pop-up screen to confirm user’s decision.

  • Page 142: Wireless

    Max Age: Set the bridge's 'maximum message age' value (seconds) Port Cost: Set the port cost of the port. Port Priority: Set the port priority of the port (interface). It is used in the designated port and root port selection algorithms. P to P: If a bridge port is operating in full-duplex mode, than the port is functioning as point-to-point.
  • Page 143 3.7.3.1 WIFI ath0 and ath4 Setting General Radio Power: Turn this interface on or off Wireless Mode: Select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. SSID: The SSID (service set identifier) is an identifier of an AP in user’s wireless network.
  • Page 144 other. WEP Key Setting: It uses two kinds of WEP Encryption key length: 5-bytes and 13-bytes. The key format can either use 'ASCII' to set the key values (ie. 0~9, a~z) Or use 'HEX' to set the key value in hexadecimal.
  • Page 145 WPA-Personal: The method of authentication is similar to WEP, user can define a ‘Pre-Shared Key’, once the key is confirmed and satisfied on both the client and access point, then access is granted. The encryption method used is referred to as the Temporal Key Integrity Protocol (TKIP).
  • Page 146 CWmin: Minimum Contention Window. The valid values for ‘CWmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095. The value for ‘CWmin’ must be lower than the value for ‘CWmax’. CWmax: Maximum Contention Window. The Valid values for ‘cwmax’...

  • Page 147: Filtering

    Figure 3-7-25 3.7.4 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to user’s network. A MAC address is a unique ID assigned by the manufacturer of the network adapter.

  • Page 148: Snmp

    Figure 3-7-26 3.7.5 SNMP The IWP-2000-68 support SNMP V1/V2C/V3, this page is for defines the SNMP access control and SNMP traps. 3.7.5.1 Basic Setting SNMP Agent Check the <Enable> check box to turn on SNMP. Please Note: Enable the SNMP will also enable the LLDP (Link Layer Discovery Protocol) function.
  • Page 149 community name can be thought of as a password. If user don't have the correct community name, user can't retrieve any data (get) or make any change (set). Multiple SNMP managers may be organized in a specified community. V3 The SNMP V3 is a Security Enhancement for SNMP, it provides secure access to devices by a combination of userID, authenticating and encrypting packets over the network.
  • Page 150 Figure 3-7-27 3.7.5.2 VACM Setting User can use the View-based Access Control Model (VACM) to define whether access to a specified managed object is authorized. Access control is done at the following points: When processing retrieval request messages from the SNMP manager.
  • Page 151 Index: Index of Group. Tick the checkbox to enable the recordset. Group Name: A group name is given to a group of users and is used when managing their access rights. Security Model: Assign security model for group. Security Name: Assign security name for group. This field will obtain from the ‘Security Name’...
  • Page 152 The Access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: Index of Access. Tick the checkbox to enable recordset. Group: Returned and lookup the ‘Group Name’ from the Group table.

  • Page 153: Tools

    Figure 3-7-31 Trap Items Enable/Disable which trap items to send. Figure 3-7-32 3.7.6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device. Figure 3-7-33 3.7.7 Log Out User can manually logout by click on <Log Out>. Figure 3-7-34...

  • Page 154: Ap4 Wds Bridge Mode

    3.8 AP4 WDS Bridge Mode To set this device as a WDS device, the setting and functions as following: ▽ SYSTEM Administrator ● Firmware ● Configuration Tools ● General Status ● Power Control ● Bridge Status ● WIFI Status ● ●...
  • Page 155 Figure 3-8-1 3.8.1.1 Administrator By selecting the item of Administrator under System, User will see the screen shown in Figure 3-8-2. These settings allow user to configure the Device Name, Language, Model, Password, Remote Management and WIFI Loading Warning Threshold. Device Name This is a host name or system name for the device.
  • Page 156 The threshold value is used by Lantech-Wireless-View. Lantech-Wireless-View will monitor the WIFI loading, when the loading is over this value, Lantech-Wireless-View will change the color of the link line on network topology to notify the user about condition of the link quality. The threshold value is between 5 and 3.8.1.2 Firmware Update...
  • Page 157 Figure 3-8-3 Using TFTP On any computer in the network or a compute direct connect to the AP. Install a TFTP Server utility, and put the firmware file named ‘upgradeFW.tar’ in a folder. Run TFTP utility and specify the folder in which the firmware file located.
  • Page 158 Figure 3-8-4 Restore Factory Default Configuration: To reset configuration settings to the factory default values, just click on <NEXT> button beside ‘Restore Factory Default Configuration’. Figure 3-8-5 Then click on <Restore> button on next page, now the system will reset to factory default value. Figure 3-8-6 Local Backup Settings/Restore settings To backup or restore the configuration for this device.
  • Page 159 Figure 3-8-8 Remote Backup Settings/Restore settings User can also backup/restore the configuration of this device remotely. Click on <NEXT> button beside ‘Local Backup settings/Restore settings’, Figure 3-8-9 Enter the necessary setting in next page, then click on <Backup To Server> or <Restore From Server> to start the process. Figure 3-8-10 3.8.1.4 General Status In this page user could see the detail settings of this device, including...
  • Page 160 Figure 3-8-11 3.8.1.5 Power Control In this page user can enable the eth0 port to provide PoE power and data forwarding function. Figure 3-8-12...
  • Page 161 3.8.1.6 Bridge Status In this page user could see the bridge interfaces information of this device, such as interface information, STP status, mac address information etc. Figure 3-8-13 3.8.1.7 WIFI Status In this page user could see the WIFI information of this device, such as: Interface information, Security information, Associated AP/Station.
  • Page 162 Figure 3-8-14 3.8.1.8 Log In this page user could see the system logs record of this device. Figure 3-8-15 3.8.1.9 System time Select Setting Type Setting by: User can set system time in two ways. One is manual setting, the other one is Synchronize with an Internet Time Server. Manual Setting User can manually enter the Year/ Month/ Day and Hour: Minute: Second.

  • Page 163: Lan Configuration

    Figure 3-8-16 3.8.1.10 Reboot User can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the <Reboot> button and click on <OK> on pop-up screen to confirm user’s decision.

  • Page 164: Wireless

    Max Age: Set the bridge's 'maximum message age' value (seconds) Port Cost: Set the port cost of the port. Port Priority: Set the port priority of the port (interface). It is used in the designated port and root port selection algorithms. P to P: If a bridge port is operating in full-duplex mode, than the port is functioning as point-to-point.
  • Page 165 Figure 3-8-19 3.8.3.1 WIFI ath0 Setting General Radio Power: Turn this interface on or off Wireless Mode: Select which wireless mode that user wants to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. SSID: The SSID (service set identifier) is an identifier of an AP in user’s wireless network.
  • Page 166 Tx Power: To set the tx power as off to turn off the tx power, set auto to let device determine the tx power value automatically, or set manual to set the tx power value. The max value is depending on the wireless module.
  • Page 167 transmitted without encryption. If the 'Restricted' selected, all the packets are transmitted with encryption. Select Key: Check the radio box in front of the key you would like to use for this AP. igure 3-8-23 WPA-Personal: The method of authentication is similar to WEP, user can define a ‘Pre-Shared Key’, once the key is confirmed and satisfied on both the client and access point, then access is granted.
  • Page 168 Figure 3-8-25 QoS WMM: Enable/disable WMM support. MAX Associated Station: Maximum number of stations allowed in station table. Common Parameters: CWmin: Minimum Contention Window. The valid values for ‘CWmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095.
  • Page 169 transmitted to the access point. STA Tx-Best Effort: Medium Priority, Medium throughput and delay. Most traditional IP data will be sending to this queue. STA Tx-Background: Low Priority, High throughput. Bulk data that requires maximum throughput and it’s not time-sensitive will be sending to this queue (FTP data, for example).
  • Page 170 Figure 3-8-27 Advanced Settings Peer Node Distance: Set the distance between this device and it’s adjacent. If select 'manual', the distance will be determined by 'Slot time', 'ACK timeout' and 'CTS timeout' three values. Beacon Period: This item contains the length of the beacon interval. Enter a value between 20 and 1000 to specify the Beacon Period.
  • Page 171 Figure 3-8-28 SSID Security Mode Authentication: User can choose which authentication type to secure the wireless net work. There are four options for authentication: Disable, WEP, WPA-personal and WPA-enterprise. WEP: Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11 standard.
  • Page 172 (broadcast/multicast encryption keys) in seconds. Figure 3-8-30 WPA-enterprise: WPA-Enterprise includes all of the features of WPA-PSK plus support the 802.1x authentication. To use this function, a separate RADIUS server is required. User should enter the IP and port number of the Authentication Server and Shared Secret here.
  • Page 173 AP Parameters: This affects traffic flowing from the access point to the client station. These parameters are used by the access point when transmitting frames to the clients. AP Tx-Best Effort: Medium Priority. Medium throughput and delay. Most traditional IP data is sent to this queue. AP Tx-Background: Low Priority.

  • Page 174: Filtering

    Reject: All PCs/interfaces can access this AP except those interfaces/PCs with MAC address in the MAC address table. Figure 3-8-33 3.8.5 SNMP The IWP-2000-68 support SNMP V1/V2C/V3, this page is for defines the SNMP access control and SNMP traps. 3.8.5.1 Basic Setting SNMP Agent Check the <Enable>...
  • Page 175 Protocol) function. This function will be used if user wants Lantech-Wireless-View to remote management the AP and draw the network topography. System Information Contact: Specify the contact name for this managed node as well as information about how to contact this person.
  • Page 176 Figure 3-8-34 3.8.5.2 VACM Setting User can use the View-based Access Control Model (VACM) to define whether access to a specified managed object is authorized. Access control is done at the following points: When processing retrieval request messages from the SNMP manager.
  • Page 177 Map the security names into group names. (For SNMP V3, the security Name is the user ID in Basic setting.) Index: Index of Group. Tick the checkbox to enable the recordset. Group Name: A group name is given to a group of users and is used when managing their access rights.
  • Page 178 Access The Access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: Index of Access. Tick the checkbox to enable recordset. Group: Returned and lookup the ‘Group Name’ from the Group table.

  • Page 179: Tools

    NoAuthNoPriv, AuthNoPriv, authPriv. Figure 3-8-38 Trap Items Enable/Disable which trap items to send. Figure 3-8-39 3.8.6 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device. Figure 3-8-40 3.8.7 Log Out User can manually logout by click on <Log Out>.

  • Page 180: Olsr_Ap Mode

    3.9 OLSR_AP Mode To set this device as a MESH device, the setting and functions as following: ▽ SYSTEM Administrator ● Firmware ● Configuration Tools ● General Status ● Power Control ● WIFI Status ● ● System time ● Reboot ●...

  • Page 181: System

    3.9.1 System This page shows the current status and some basic settings of the device, including Administrator, Firmware, Configuration Tools, General Status, Power Control, WIFI Status, Log, System Time and Reboot; screen as shown in Figure 3-9-1 Figure 3-9-1 3.9.1.1 Administrator By selecting the item of Administrator under System, User will see the screen shown in Figure 3-9-2.
  • Page 182 The threshold value is used by Lantech-Wireless-View. Lantech-Wireless-View will monitor the WIFI loading, when the loading is over this value, Lantech-Wireless-View will change the color of the link line on network topology to notify the user about condition of the link quality. The threshold value is between 5 and 3.9.1.2 Firmware Update...
  • Page 183 Figure 3-9-3 Using TFTP On any computer in the network or a compute direct connect to the AP. Install a TFTP Server utility, and put the firmware file named ‘upgradeFW.tar’ in a folder. Run TFTP utility and specify the folder in which the firmware file located.
  • Page 184 Figure 3-9-4 Restore Factory Default Configuration: To reset configuration settings to the factory default values, just click on <NEXT> button beside ‘Restore Factory Default Configuration’. Figure 3-9-5 Then click on <Restore> button on next page, now the system will reset to factory default value. Figure 3-9-6 Local Backup Settings/Restore settings To backup or restore the configuration for this device.
  • Page 185 Figure 3-9-8 Remote Backup Settings/Restore settings User can also backup/restore the configuration of this device remotely. Click on <NEXT> button beside ‘Local Backup settings/Restore settings’, Figure 3-9-9 Enter the necessary setting in next page, then click on <Backup To Server> or <Restore From Server> to start the process. Figure 3-9-10 3.9.1.4 General Status In this page user could see the detail settings of this device, including...
  • Page 186 Figure 3-9-11 3.9.1.5 Power Control In this page user can enable the eth0 port to provide PoE power and data forwarding function. Figure 3-9-12...
  • Page 187 3.9.1.6 WIFI Status In this page user could see the WIFI information of this device, such as: Interface information, Security information, Associated AP/Station. Figure 3-9-13 3.9.1.7 Log In this page user could see the system logs record of this device. Figure 3-9-14 3.9.1.8 System time Select Setting Type...

  • Page 188: Wan Configuration

    Figure 3-9-15 3.9.1.9 Reboot User can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the <Reboot> button and click on <OK> on pop-up screen to confirm user’s decision.
  • Page 189 Figure 3-9-17 3.9.2.2 Bandwidth Management This function allows user to set the limitation of total upload/download bandwidth on WAN interface, and also can set the limitation of upload/download bandwidth for each user or a group of users by IP address. Bandwidth Management Bandwidth Management: Enable bandwidth limitation function.

  • Page 190: Lan Configuration

    3.9.3 LAN Configuration The Access Point must have an IP address for the (wireless) local area network. User can also enable DHCP service to assign IP address to the wireless clients. (Please Note: The DHCP service for MESH network is inhibited.) 3.9.3.1 Eth0 Settings Network IP Parameters...

  • Page 191: Mesh

    Lease Time: How long does the IP address can be leased by DHCP server. Figure 3-9-20 3.9.3.3 MESH WLAN Settings User can configure the IP address for MESH ath0 interface in here. The IP address for MESH ath0 must be in the same subnet with other MESH device’s ath0 interface, and must be in different subnet with WAN, AP WLAN IP address.
  • Page 192 Figure 3-9-22 3.9.4.2 OLSR-ADMIN In this page, user can set the MESH related settings that shows in OLSR-CONFIG Change basic settings Pollrate [0.0-m.n]: This option sets the interval in seconds, which the mesh scheduler should be poll for events every 0.2 seconds if the pollrate is set to 0.2.
  • Page 193 Fisheye [Enable, Disable]: To increase stability in a mesh, TC messages should be sent quite frequently. However, the network would then suffer from the resulting overhead. The idea is to frequently send TC messages to adjacent nodes, i.e. nodes that are likely to be involved in routing loops, without flooding the whole mesh with each sent TC message.
  • Page 194 Figure 3-9-24 3.9.4.4 OLSR-LINKS LINKS Local IP Remote IP lost total 192.168.0.2 192.168.0.1 1.000 1.000 1.00 This table contains the links to our neighbors. It contains the following columns. Local IP: The IP address of the interface that have contacted to the neighbor.

  • Page 195: Wireless

    will: The neighbor's willingness. 2_Hop_Neighbors: The IP address of 2 hops neighbors. Topology entries Source_IP Dest_IP 10.0.0.6 192.168.0.2 1.000 1.000 1.00 10.0.0.6 10.0.0.5 1.000 1.000 1.00 This table displays the topology information that mesh system has gathered from LQ TC messages. It states which nodes in the network report links to which other nodes and what quality does these links have.
  • Page 196 Figure 3-9-26 3.9.5.1 WIFI AP Setting General Radio Power: Turn this interface on or off Wireless Mode: Select which wireless mode that you want to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. SSID: The SSID (service set identifier) is an identifier of an AP in user’s wireless network.
  • Page 197 RTS/CTS Threshold: Packets larger than the value are transmitted by the RTS/CTS handshake. Enter a value between 1 and 2346 to specify the value of the RTS /CTS Threshold. Tx Power: To set the tx power as off to turn off the tx power, set auto to let device determine the tx power value automatically, or set manual to set the tx power value.
  • Page 198 Figure 3-9-29 WPA-Personal: The method of authentication is similar to WEP, user can define a ‘Pre-Shared Key’, once the key is confirmed and satisfied on both the client and access point, then access is granted. The encryption method used is referred to as the Temporal Key Integrity Protocol (TKIP).
  • Page 199 MAX Associated Station: Maximum number of stations allowed in station table. Common Parameters: CWmin: Minimum Contention Window. The valid values for ‘CWmin’ are 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023, 2047, or 4095. The value for ‘CWmin’ must be lower than the value for ‘CWmax’.
  • Page 200 interval of time when the WMM AP has the right to initiate transmissions on the wireless network. ACM: Admission control mandatory. Figure 3-9-32 3.9.5.2 WIFI MESH Setting General Radio Power: Turn this interface on or off Wireless Mode: Select which wireless mode that you want to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g.
  • Page 201 number between 1 and 255 to specify. Fragment Threshold: It is the maximum frame size that wireless device can transmit without fragmenting the frame. Enter a value between 256 and 2346 to specify the Fragment Threshold. RTS/CTS Threshold: Packets larger than the value are transmitted by the RTS/CTS handshake.

  • Page 202: Filtering

    Select Key: Check the radio box in front of the key you would like to use for this AP. Figure 3-9-35 3.9.6 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to user’s network.

  • Page 203: Snmp

    Reject: All PCs/interfaces can access this AP except those interfaces/PCs with MAC address in the MAC address table. Figure 3-9-37 3.9.7 SNMP The IWP-2000-68 support SNMP V1/V2C/V3, this page is for defines the SNMP access control and SNMP traps. 3.9.7.1 Basic Setting SNMP Agent Check the <Enable>...
  • Page 204 V1/V2C User can change user’s SNMP community settings on this page. Access Right: Select an access right for the SNMP manager. 'Read' is read only, 'Write' is read-write, and 'Deny' means this community name is not implemented. Community: Specify the name of community for the SNMP manager.
  • Page 205 Figure 3-9-38 3.9.7.2 VACM Setting You can use the View-based Access Control Model (VACM) to define whether access to a specified managed object is authorized. Access control is done at the following points: When processing retrieval request messages from the SNMP manager.
  • Page 206 Index: Index of Group. Tick the checkbox to enable the recordset. Group Name: A group name is given to a group of users and is used when managing their access rights. Security Model: Assign security model for group. Security Name: Assign security name for group. This field will obtain from the ‘Security Name’...
  • Page 207 The Access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: Index of Access. Tick the checkbox to enable recordset. Group: Returned and lookup the ‘Group Name’ from the Group table.

  • Page 208: Tools

    Figure 3-9-42 Trap Items Enable/Disable which trap items to send. Figure 3-9-43 3.9.8 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device. Figure 3-9-44 3.9.9 Log Out User can manually logout by click on <Log Out>. Figure 3-9-45...

  • Page 209: Aodv_Ap Mode

    3.10 AODV_AP Mode To set this device as a MESH device, the setting and functions as following: ▽ SYSTEM Administrator ● Firmware ● Configuration Tools ● General Status ● Power Concrol ● WIFI Status ● ● System time ● Reboot ●...
  • Page 210 Status, Power Control, WIFI Status, Log, System Time and Reboot; screen as shown in Figure 3-10-1 Figure 3-10-1 3.10.1.1 Administrator By selecting the item of Administrator under System, User will see the screen shown in Figure 3-10-2. These settings allow user to configure the Device Name, Language, Model, Password, Remote Management and WIFI Loading Warning Threshold.
  • Page 211 The threshold value is used by Lantech-Wireless-View. Lantech-Wireless-View will monitor the WIFI loading, when the loading is over this value, Lantech-Wireless-View will change the color of the link line on network topology to notify the user about condition of the link quality. The threshold value is between 5 and 3.10.1.2 Firmware Update...
  • Page 212 Figure 3-10-3 Using TFTP On any computer in the network or a compute direct connect to the AP. Install a TFTP Server utility, and put the firmware file named ‘upgradeFW.tar’ in a folder. Run TFTP utility and specify the folder in which the firmware file located.
  • Page 213 Figure 3-10-4 Restore Factory Default Configuration: To reset configuration settings to the factory default values, just click on <NEXT> button beside ‘Restore Factory Default Configuration’. Figure 3-10-5 Then click on <Restore> button on next page, now the system will reset to factory default value. Figure 3-10-6 Local Backup Settings/Restore settings To backup or restore the configuration for this device.
  • Page 214 Figure 3-10-8 Remote Backup Settings/Restore settings User can also backup/restore the configuration of this device remotely. Click on <NEXT> button beside ‘Local Backup settings/Restore settings’, Figure 3-10-9 Enter the necessary setting in next page, then click on <Backup To Server> or <Restore From Server> to start the process. Figure 3-10-10 3.10.1.4 General Status In this page user could see the detail settings of this device, including...
  • Page 215 Figure 3-10-11 3.10.1.5 Power Control In this page user can enable the eth0 port to provide PoE power and data forwarding function. Figure 3-10-12...
  • Page 216 3.10.1.6 WIFI Status In this page user could see the WIFI information of this device, such as: Interface information, Security information, Associated AP/Station. Figure 3-10-13 3.10.1.7 Log In this page user could see the system logs record of this device. Figure 3-10-14 3.10.1.8 System time Select Setting Type...

  • Page 217: Wan Configuration

    Figure 3-10-15 3.10.1.9 Reboot User can perform reboot function in case of the device is not function normally, or after user change some major settings for example: change system model. The existing settings will not be changed. To perform the reboot, click on the <Reboot> button and click on <OK> on pop-up screen to confirm user’s decision.
  • Page 218 Figure 3-10-16 3.10.2.2 Bandwidth Management This function allows user to set the limitation of total upload/download bandwidth on WAN interface, and also can set the limitation of upload/download bandwidth for each user or a group of users by IP address. Bandwidth Management Bandwidth Management: Enable bandwidth limitation function.

  • Page 219: Lan Configuration

    3.10.3 LAN Configuration 3.10.3.1 Eth0 Settings Network IP Parameters User can change the network settings of this interface from LAN configuration; it is including IP address, Subnet mask, and enable/disable the DHCP server Function. DHCP Server Parameters Primary / Secondary DNS Address: The domain-name-servers option specifies a list of Domain Name System name servers available to the client IP Pool Starting / Ending Address: The IP Address range which will...

  • Page 220: Mesh

    Figure 3-10-19 3.10.3.3 MESH WLAN Settings User can configure the IP address for MESH ath0 interface in here. The IP address for MESH ath0 must be in the same subnet with other MESH device’s ath0 interface, and must be in different subnet with WAN, AP WLAN IP address.

  • Page 221: Wireless

    Active Internet: It will provide interfaces to provide internet. When set 'on', the eth1 will be the interface to internet. The default gateway is set within WAN setting page. When set 'off', the default gateway will set on the AODV interface (ath0). RREQ Gratuitous: Force the gratuitous flag to be set on all RREQ's.
  • Page 222 Wireless Mode: Select which wireless mode that you want to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. SSID: The SSID (service set identifier) is an identifier of an AP in user’s wireless network. The SSID must be identical for all access points in the network.
  • Page 223 5-bytes and 13-bytes. The key format can either use 'ASCII' to set the key values (ie. 0~9, a~z) Or use 'HEX' to set the key value in hexadecimal. (ie. 0~9, a~f). User can set maximum 4 keys, but only one key will functional at one time. Figure 3-10-23 SSID Security Mode Authentication: User can choose which authentication type to...
  • Page 224 length of the key is (8-23 characters). WPA Encryption: User can choose the encryption method of the pre-shared key here; there are three options: Auto, AES and TKIP. Group Key Update Interval: Time interval for rekeying the GTK (broadcast/multicast encryption keys) in seconds. Figure 3-10-25 WPA-enterprise: WPA-Enterprise includes all of the features of WPA-PSK plus...
  • Page 225 ms) for bursting. AP Parameters: This affects traffic flowing from the access point to the client station. These parameters are used by the access point when transmitting frames to the clients. AP Tx-Best Effort: Medium Priority. Medium throughput and delay. Most traditional IP data is sent to this queue.
  • Page 226 Figure 3-10-27 3.10.5.2 WIFI MESH Setting General Radio Power: Turn this interface on or off Wireless Mode: Select which wireless mode that you want to use. The options available here are: 802.11a, 802.11b, 802.11g and 802.11b+g. SSID: The SSID (service set identifier) is an identifier of an AP in user’s wireless network.
  • Page 227 between 256 and 2346 to specify the Fragment Threshold. RTS/CTS Threshold: Packets larger than the value are transmitted by the RTS/CTS handshake. Enter a value between 1 and 2346 to specify the value of the RTS /CTS Threshold. Tx Power: To set the tx power as off to turn off the tx power, set auto to let device determine the tx power value automatically, or set manual to set the tx power value.

  • Page 228: Filtering

    Figure 3-10-30 3.10.6 Filtering The MAC address filter can be used to filter network access by machines based on the unique MAC addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to user’s network. A MAC address is a unique ID assigned by the manufacturer of the network adapter.

  • Page 229: Snmp

    PCs/interfaces can access this AP except those interfaces/PCs with MAC address in the MAC address table. Figure 3-10-32 3.10.7 SNMP The IWP-2000-68 support SNMP V1/V2C/V3, this page is for defines the SNMP access control and SNMP traps. 3.10.7.1 Basic Setting SNMP Agent Check the <Enable>...
  • Page 230 V1/V2C User can change user’s SNMP community settings on this screen. Access Right: Select an access right for the SNMP manager. 'Read' is read only, 'Write' is read-write, and 'Deny' means this community name is not implemented. Community: Specify the name of community for the SNMP manager.
  • Page 231 Figure 3-10-33 3.10.8.2 VACM Setting You can use the View-based Access Control Model (VACM) to define whether access to a specified managed object is authorized. Access control is done at the following points: When processing retrieval request messages from the SNMP manager.
  • Page 232 Index: Index of Group. Tick the checkbox to enable the recordset. Group Name: A group name is given to a group of users and is used when managing their access rights. Security Model: Assign security model for group. Security Name: Assign security name for group. This field will obtain from the ‘Security Name’...
  • Page 233 The Access table grants the groups access right to certain views. Each group can have multiple access rights. The most secure access right is chosen. Index: Index of Access. Tick the checkbox to enable recordset. Group: Returned and lookup the ‘Group Name’ from the Group table.

  • Page 234: Tools

    Figure 3-10-37 Trap Items Enable/Disable which trap items to send. Figure 3-10-38 3.10.8 Tools Command Ping It runs ping command to test the connection capability of this device with the other Ethernet device. Figure 3-10-39 3.10.9 Log Out User can manually logout by click on <Log Out>. Figure 3-10-40...
  • Page 235 Caution The Part 15 radio device operates on a non-interference basis with other devices operating at this frequency when using integrated antennas. Any changes or modification to the product not expressly approved by Original Manufacture could void the user's authority to operate this device. Caution To meet regulatory restrictions and the safety of the installation, strongly recommends this product to be professionally installed.

Table of Contents