Page 2
SAMSUNG ELECTRONICS AMERICA reserves the right without prior notice to revise information in this publication for any reason. SAMSUNG ELECTRONICS AMERICA also reserves the right without prior notice to make changes in design or components of equipment as engineering and...
Page 3
This manual describes the overview, management, and setup of Samsung Wireless Enterprise Access Point Controllers (APC) models WEC8500 & WEC8050. This manual is written for WEC8500 version 3.1.8R, WEC8050 version 3.1.8R. Document Content and Organization This manual consists of ten Chapters, three Annexes, and a list of Abbreviations.
Page 4
Open source list used in the APC and its license notices. ANNEX C. Open Source Announcement (WEA300/WEA400 Series) Open source list used in the Samsung Wireless Enterprise WLAN AP and its license notice. ABBREVIATION Describes the acronyms used in this manual.
Page 5
WEC8050 / WEC8500 Operation Manual Version 7.1 Conventions The following types of paragraphs contain special information that must be carefully read and thoroughly understood. Such information may or may not be enclosed in a rectangular box, separating it from the main text, but is always preceded by an icon and/or a bold title.
Page 6
Updated the content overall in accordance with the package version 2.0.0 01. 2014 - Changed contents 1.3.1 WEC8500 Configuration and Functions 4.2.6.3 Tech Support Information 10. 2013 - Updated the content overall in accordance with the package version (WEC8500 version 1.4.4, WEC8050 version 1.0.0)
Page 7
Basic Configuration .....................33 1.4.2 Configuration of Multiple APC for Redundancy ............34 1.4.3 Clustering Configuration using Multiple APC (WEC8500) ...........35 1.4.4 Configuration of Multiple Sites Consisting of Headquarters and Branches ....38 NAT Configuration between AP and APC ................40 CHAPTER 2. Basic System Configuration Basic System Configuration ....................41...
Page 8
WEC8050 / WEC8500 Operation Manual Version 7.1 Initial Setup Wizard ......................... 49 2.3.1 Overview ........................49 2.3.2 Connecting ........................49 2.3.3 How to Use ........................50 CHAPTER 3. Data Network Function Port Configuration ........................53 3.1.1 Port management ......................53 Interface Configuration ......................
Page 9
WEC8050 / WEC8500 Operation Manual Version 7.1 3.9.3 Checking Statistics by Category ................137 3.10 mDNS Snooping ........................145 CHAPTER 4. AP Connection Management APC Management ........................148 4.1.1 Managing APC List ....................148 4.1.2 Management Interface Configuration ................150 4.1.3 CAPWAP Configuration .....................151 4.1.4 AP Registration (Auto Discovery) Configuration ............153...
Page 10
WEC8050 / WEC8500 Operation Manual Version 7.1 5.4.3 DHCP Proxy ......................258 5.4.4 Option 82 Configuration .................... 259 5.4.5 Primary/Secondary Server Configuration ..............261 Radio Service Configuration ....................264 CHAPTER 6. Wi-Fi Configuration 802.11a/b/g/n/ac Radio Property ..................266 6.1.1 802.11a/b/g Configuration ..................266 6.1.2...
Page 17
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 74. AP retrieving window ....................158 Figure 75. AP redundancy Configuration Window ..............159 Figure 76. AP groups configuration Window ................161 Figure 77. AP Group Addition Window ..................161 Figure 78. General Configuration Window for AP Group ............164 Figure 79.
Page 22
LAN AP and provides the functions for Wireless LAN (WLAN) services such as handover and QoS, security/authentication, etc. The Samsung WEC8500 provides its services up to 500 APs. It can provide its services up to 10,000 connected user devices. Meanwhile, the WEC8050 can accommodate a maximum of 200 APs and provides service to a maximum of 1500 user devices.
Access Points (AP), Wireless Enterprise AP Controller (APC), and Wireless Enterprise WLAN Manager (WEM). The Samsung APC and Wireless Enterprise wireless LAN AP are core devices that provide various services such as user authentication, wireless management, voice and data service, etc.
WEC8050 / WEC8500 Operation Manual Version 7.1 Network Configuration The network configuration of Samsung Wireless Enterprise solution that includes APC is shown below. IP-PBX WEC8050/WEC8500 Router Internet … Ethernet Switch Wireless … Enterprise FMC client Figure 2. Wireless Enterprise Network Configuration...
Page 25
Terminal that provides the 802.11a/b/g/n interface such as smart phone, tablet PC, or notebook computer, etc. In an Android smart phone, an enterprise Voice over IP (VoIP) application equipped with the Samsung voice engine is called a FMC client (The FMC client is an option).
Page 26
WEC8050 / WEC8500 Operation Manual Version 7.1 WES (Wireless Enterprise Security) (WIPS Solution) It monitors the properness of the implementation of the wireless network infrastructure by detecting penetration via unauthorized wireless equipment installed in the internal network, the detoured gateway segment of the internal officers and employees who illegally connect to the commercial WLAN service, etc.
WEC8050 / WEC8500 Operation Manual Version 7.1 APC Configuration and Functions 1.3.1 WEC8500 Configuration and Functions The Configuration and the purpose of each item of WEC8500 are as follows: Console port USB port System LED Management port 1G Optic port...
2 is installed. Power module 2 is not installed. Console port (RS232C) A console port is used to check the operational status of WEC8500 or for input through the CLI. Its basic requirements are as follows: Baud rate: 115200 bps ...
- Blinking for data exchange 1G 1~1G 8 1 GbE Optic module connector USB port (Host 2.0) The WEC8500 provides a USB host port that supports the upgrade of WEC8500 operation software. A typical USB memory stick is supported. page 29 of 673...
WEC8050 / WEC8500 Operation Manual Version 7.1 Power module AC LED DC LED Power Power input connector switch Figure 7. Power module configuration Configuration item Description Power input connector Connector to connect the power cable to Power switch Switch to turn on/off power AC LED Turned on when there is a normal AC power input.
WEC8050 / WEC8500 Operation Manual Version 7.1 1.3.2 WEC8050 Configuration and Functions The configuration and the purpose of each item of WEC8050 are as follows: Status LED Console Port Ethernet Port Ground hole Power Figure 8. WEC8050 interface-Front/Back Status LED This LED indicates the various statuses of system.
WEC8050 / WEC8500 Operation Manual Version 7.1 Console port (RS232C) A console port is provided to check the operational status of WEC8050 or for input through the CLI. Its basic requirements are as follows: Default baud rate: 115200 bps ...
LAN. With this, the wire/wireless integrated voice service can be provided. An example of service configuration diagram using the Wireless Enterprise wireless LAN system is shown in the below figure. The configuration diagram is based on Samsung APC (WEC8500).
WEC8050 / WEC8500 Operation Manual Version 7.1 The basic Wireless Enterprise wireless LAN network configuration is a centralized structure where all the wireless user traffics go through tunneling between APC and Wireless Enterprise wireless LAN AP. Therefore, the network information such as subnet information allocated to a wireless user depends on the configuration of backbone network where the APC is connected.
Page 35
If only a single APC is required for service and management, the complexity of network configuration or management is not high. However, if the capacity of a single APC is not sufficient, multiple APC s must be installed for service. The WEC8500 is a Samsung APC model providing the clustering environment.
Page 36
1.4.3.1 Configuration of Distributed Clustering Service The configuration of distributed clustering is to install each WEC8500 in a building or a local site according to its capacity. This option can be used when there is no integrated backbone configuration in a site or networks are separated for each building. It is suitable for a site where several buildings are apart from each other.
Page 37
WEC8050 / WEC8500 Operation Manual Version 7.1 1.4.3.2 Configuration of Centralized Clustering Service In the centralized cluster configuration, all the WEC8500s in a site are installed in the center. This is suitable when all the networks in a site are configured around the backbone.
Page 38
WEC8050 / WEC8500 Operation Manual Version 7.1 1.4.4 Configuration of Multiple Sites Consisting of Headquarters and Branches The Wireless Enterprise wireless LAN network environment usually consists of one headquarters and several branches. In this case, there are two types of network configuration.
Page 39
WEC8050 / WEC8500 Operation Manual Version 7.1 If user traffic is concentrated on a single centralized APC when there are many branches or they are far from headquarters, performance may be deteriorated due to the time delay of packet transmission, etc. Therefore, use different operation schemes according to the location of Wireless Enterprise wireless LAN AP in the configuration of headquarters and branches.
WEC8050 / WEC8500 Operation Manual Version 7.1 NAT Configuration between AP and APC The APC system provides the same services even when the APC or AP is in a NAT environment. If the APC system is in a NAT environment and obtaining a public IP address is difficult,...
Page 42
WEC8050 / WEC8500 Operation Manual Version 7.1 2.1.2 Managing Operator Account An operator who has an administrator privilege (level 1) can create or delete a new operator account. When creating an account, specify the account’s privilege level (level 1-4). To set up operator account related functions, go to configure mode by executing the following command.
Page 43
WEC8050 / WEC8500 Operation Manual Version 7.1 2.1.3 APC Management Port Configuration To connect to the APC remotely using telnet/SSH or web, it is necessary to set up an IP address to the management port. Set up the management port as follows: 1) Go to configure ...
Page 44
WEC8050 / WEC8500 Operation Manual Version 7.1 A usage example is given below. WEC8500# show ? 80211a Display 802.11a network settings 80211bg Display 802.11bg network settings 80211h Display 802.11h configuration access-list List IP access lists alarm Show alarm information Show ap information...
Page 45
WEC8050 / WEC8500 Operation Manual Version 7.1 Command error When a command that is not supported by the system is entered, an error message is displayed. WEC8500# command-unknown Error : Command ‘command-unknown’ does not exist When a parameter that is not supported by a command is entered, an error message according to the situation is displayed.
When connecting to the IP address of APC ethernet port in a web browser, the below login window is displayed. Log in using a default connection account ‘samsung’. After the first login, you go through the course of changing the password. If you have changed the password by connecting to the CLI, you don't have to go through the course of changing the password.
WEC8050 / WEC8500 Operation Manual Version 7.1 2.2.2 WEC Main Window The WEC Main window consists of menu bar, sub-menus, and detail windows of each menu. Menu Bar Sub-menus Figure 17. WEC Main Window Menu bar The menu bar consists of the following items: ...
WEC8050 / WEC8500 Operation Manual Version 7.1 2.2.3 Managing Operator Account To add a operator account in Web UI, follow the below procedure. In the menu bar of <WEC Main window>, select <Administration> and then select <Local Management Users> menu in the sub menu. The subtree shows the <APC> and <AP>...
Page 49
WEC8050 / WEC8500 Operation Manual Version 7.1 Initial Setup Wizard 2.3.1 Overview The initial setup wizard aims to finish the basic settings by guiding the settings required for the basic WLAN service in order when the APC is installed. It supports only the basic settings to operate the WLAN service and the settings which are additional or are not frequently used are not supported here.
WEC8050 / WEC8500 Operation Manual Version 7.1 2.3.3 How to Use If the access to the APC is made through the web browser, follow the login procedure as shown in ‘2.2.1 Web UI Connection’. After that, you can see the Welcome message by connecting to the wizard.
Page 51
WEC8050 / WEC8500 Operation Manual Version 7.1 : Show the current setup step and the whole setup step by being located on the top of the screen. When you hover the mouse over each number, it shows the name of the step and you can click to move to the step just before or after the current step.
Page 52
WEC8050 / WEC8500 Operation Manual Version 7.1 The APC gets DNS information from a DNS server and provides the DNS relay function that relays the DNS server and a client. If a DNS server is connected to the APC and a UE connected to the APC configures the DNS server as the APC, the DNS service can be received.
Page 53
3.1.1 Port management The WEC8500 Management port is used to manage the WEC8500. It does not support VLAN and its interface name is ‘mgmt0’. The 8 ports at the right side of Management port are 10/100/1000 BASE T-ports and their names are GE1-8.
Page 54
WEC8050 / WEC8500 Operation Manual Version 7.1 The port related CLI commands are as follows: [auto-nego, speed, duplex] The commands used to configure an auto-nego, speed, and duplex addresses are shown below. To delete the configuration, enter the ‘no’ parameter.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Ports> menu in the sub-menus. Operator can configure the ports. The Ports initial window is shown below.
Page 57
3.2.1 Interface management The WEC8500 Management port is used to manage the WEC8500. It does not support VLAN and its interface name is ‘mgmt0’. The 8 ports at the right side of Management port are 10/100/1000 BASE T-ports and their names are GE1-8.
WEC8050 / WEC8500 Operation Manual Version 7.1 [shutdown] This is a command that makes the interface not working. The ‘no’ parameter is used to restart the interface. shutdown no shutdown Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller>...
WEC8050 / WEC8500 Operation Manual Version 7.1 3) Perform detail configuration in the VLAN detail configuration window. If you specify PRIMARY DHCP SERVER or SECONDARY DHCP SERVER in the DHCP area, you can specify the configuration of a DHCP server.
WEC8050 / WEC8500 Operation Manual Version 7.1 3.2.2 Managing Interface Group To use WLAN and other services, it is necessary to configure an interface into an interface group. Configuration using CLI An example of entering into the group configuration mode of ifg_01 interface is shown below.
WEC8050 / WEC8500 Operation Manual Version 7.1 Follow the below procedure to add an interface group. 1) In the Interface group initial window, click the <Add> button. 2) Enter information on GROUP NAME and GROUP DESCRIPTION and then add or delete an interface to or from an interface group.
Page 62
WEC8050 / WEC8500 Operation Manual Version 7.1 VLAN Configuration 3.3.1 VLAN Configuration using CLI To configure VLAN, go to the VLAN interface mode by executing the following command. WEC8500# configure terminal WEC8500/configure# interface vlan WEC8500/configure/interface vlan# The related command is shown below and the range of VLAN ID is 1-4094.
Page 63
WEC8050 / WEC8500 Operation Manual Version 7.1 [switchport trunk allowed vlan] This command configures the mode of switch port to trunk. The ‘no’ parameter is used to delete the configuration. switchport trunk allowed vlan: Configure VLAN to the trunk mode.
Page 64
WEC8050 / WEC8500 Operation Manual Version 7.1 3.3.2 Bridge To set up bridge related functions, go to configure mode by executing the following command WEC8500# configure terminal The bridge related commands are as follows: [bridge address] This command configures a bridge address. The ‘no’ parameter is used to clear the configuration.
Page 65
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description - rstp: RSTP [clear mac address-table] This command deletes the filtering database of a default bridge. clear mac address-table [OPTION] [KIND] [WORD] Parameter Description OPTION Filtering database option (static/multicast) - static: Filtering database item that is configured as static...
Page 66
WEC8050 / WEC8500 Operation Manual Version 7.1 [show bridge] This command retrieves bridge information. show bridge [show interface switchport bridge] This command retrieves the bridge information, i.e. the layer 2 protocol characteristic information of the current VLAN, of a switch port.
Page 67
WEC8050 / WEC8500 Operation Manual Version 7.1 3.3.3 Spanning Tree Configuration using CLI To set up spanning tree related functions, go to configure mode by executing the following command. WEC8500# configure terminal The related command is as follows. [bridge forward-time] This command configures the forward time of a bridge.
Page 68
WEC8050 / WEC8500 Operation Manual Version 7.1 [bridge max-age] This command configures the max-age of a bridge. The ‘no’ parameter is used for default configuration. bridge 1 max-age [MAXAGE] no bridge 1 max-age Parameter Description MAXAGE Configures a maximum time (range: 6-40 s)
WEC8050 / WEC8500 Operation Manual Version 7.1 [bridge priority] This command configures the priority of a bridge. The ‘no’ parameter is used to delete a priority. bridge 1 priority [PRIORITY] no bridge 1 priority Parameter Description PRIORITY Bridge priority (range: 0-61440) [bridge shutdown] This command clears bridge settings.
WEC8050 / WEC8500 Operation Manual Version 7.1 [Managing the MSTP VLAN instance] When you select the <Instance> menu, the configured MSTP VLAN Instance list is displayed on the window. Click the <Add> or <Delete> button to add or delete an instance.
Page 71
WEC8050 / WEC8500 Operation Manual Version 7.1 Layer 3 Protocol Configuration This provides the IP address configuration and static/dynamic routing configuration of an interface. The APC provides the Open Shortest Path First (OSPF) routing protocol. 3.4.1 IP Address Configuration The procedure for IP address configuration is given below.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Network> <Static Route> menu in the sub-menus. The configured static route list is displayed on the window. When you click the <Add> or <Delete>...
Page 73
WEC8050 / WEC8500 Operation Manual Version 7.1 3.4.4 PIM Configuration The procedure for Protocol Independent Multicast (PIM) configuration is given below. 1) Go to configure interface configuration mode of CLI. WEC8500# configure terminal WEC8500/configure# interface ge2 2) Configure the PIM sparse mode to an interface.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Network> <OSPF> <General> menu in the sub-menus. The OSPF initial window is shown below.
Page 75
Use reference bandwidth method to assign OSPF cost WEC8500/configure/router/ospf 2# auto-cost reference-bandwidth ? 1 - 4294967 The reference bandwidth in terms of Mbits per second WEC8500/configure/router/ospf 2# auto-cost reference-bandwidth 200 ? <cr> WEC8500/configure/router/ospf 2# auto-cost reference-bandwidth 200 Parameter Description reference-bandwidth Enter a value from 1-4294967.
Page 76
WEC8050 / WEC8500 Operation Manual Version 7.1 5) CAPABILITY OPAQUE configuration Enter the capability opaque. WEC8500/configure/router/ospf 2# capability ? opaque Opaque LSA WEC8500/configure/router/ospf 2# capability opaque ? <cr> WEC8500/configure/router/ospf 2# capability opaque Parameter Description Capability opaque Enabled when the CLI is entered.
Page 78
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Network> <OSPF> <General> menu in the sub-menus. Click a PROCESS ID that user wants to configure. The OSPF configuration window is shown below.
Page 79
WEC8050 / WEC8500 Operation Manual Version 7.1 3.4.5.2 Default Information Configuration of General Settings Configuration using CLI 1) Detail configuration of OSPF default-information WEC8500/configure/router/ospf 2# default-information ? originate Distribute a default route WEC8500/configure/router/ospf 2# default-information originate ? always Always advertise default route...
Page 80
WEC8050 / WEC8500 Operation Manual Version 7.1 4) Configuration of default-information METRIC-TYPE Configure the OSPF metric-type (1/2) value. WEC8500/configure/router/ospf 2# default-information originate metric- type ? Set OSPF External Type 1 metrics Set OSPF External Type 2 metrics WEC8500/configure/router/ospf 2# default-information originate metric- type 1 ? <cr>...
Page 82
Enter the OSPF INTER-AREA distance value. WEC8500/configure/router/ospf 2# distance ospf inter-area ? 1 - 255 <1-255> Distance for external/inter- area/intra-area routes WEC8500/configure/router/ospf 2# distance ospf inter-area 50 ? <cr> WEC8500/configure/router/ospf 2# distance ospf inter-area 50 WEC8500/configure/router/ospf 2# 5) Configuration of INTRA-AREA distance ospf Enter the OSPF INTRA-AREA distance value.
Page 83
Maximum number of LSAs WEC8500/configure/router/ospf 2# overflow database external 3 ? 0 - 65535 Time to recover (0 not recover) WEC8500/configure/router/ospf 2# overflow database external 3 10 ? <cr> WEC8500/configure/router/ospf 2# overflow database external 3 10 3) Configuration of maximum number of LSAs Enter the maximum number of LSAs and hard limit value.
Page 84
Soft limit; Warning will be given if exceed <cr> WEC8500/configure/router/ospf 2# overflow database 100 hard ? <cr> WEC8500/configure/router/ospf 2# overflow database 100 hard Enter the maximum number of LSAs and soft limit value. WEC8500/configure/router/ospf 2# overflow ? database...
Page 85
WEC8050 / WEC8500 Operation Manual Version 7.1 3.4.5.5 Network Configuration Configuration using CLI Go to configure ospf configuration mode of CLI. WEC8500/configure/router/ospf 2# ? area OSPF area parameters auto-cost Calculate OSPF interface cost according to bandwidth capability Enable specific OSPF feature...
Page 86
Network number A.B.C.D/M OSPF network prefix WEC8500/configure/router/ospf 2# network 100.100.100.1 ? A.B.C.D OSPF wild card bits(network mask) WEC8500/configure/router/ospf 2# network 100.100.100.1 255.255.255.0 ? area Set the OSPF area ID WEC8500/configure/router/ospf 2# network 100.100.100.1 255.255.255.0 ? area Set the OSPF area ID WEC8500/configure/router/ospf 2# network 100.100.100.1 255.255.255.0...
Page 87
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Network> <OSPF> <Network> menu in the sub-menus. Enter the NETWORK ADDRESS, NETMASK, and AREA ID and click the <Apply>...
Page 89
Description metric-type Select 1 or 2. 4) Route-map configuration WEC8500/configure/router/ospf 2# redistribute connected route-map ? <WORD> Pointer to route-map entries WEC8500/configure/router/ospf 2# redistribute connected route-map a ? <cr> WEC8500/configure/router/ospf 2# redistribute connected route-map a Parameter Description route-map entries Enter <WORD>.
Page 90
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Network> <OSPF> <Redistribute> menu in the sub-menus. After configuring Redistribute default, select a PROCESS ID for detail configuration.
Page 91
Configuration using CLI WEC8500/configure/router/ospf 2# area 1 stub ? no-summary Do not inject inter-area routes into stub <cr> WEC8500/configure/router/ospf 2# area 1 stub no-summary ? <cr> WEC8500/configure/router/ospf 2# area 1 stub no-summary Parameter Description no-summary Select Stub or No Summary.
Page 92
WEC8050 / WEC8500 Operation Manual Version 7.1 2) NSSA configuration Configuration using CLI WEC8500/configure/router/ospf 2# area 1 nssa ? default-information-originate Originate Type 7 default into NSSA area no-redistribution No redistribution into this NSSA area no-summary Do not send summary LSA into NSSA...
Page 93
WEC8050 / WEC8500 Operation Manual Version 7.1 Metric-type configuration of NSSA default-information-originate WEC8500/configure/router/ospf 1# area 2 nssa default-information- originate metric-type ? 1 - 2 OSPF Link State type WEC8500/configure/router/ospf 1# area 2 nssa default-information- originate metric-type 2 WEC8500/configure/router/ospf 1# Parameter...
Page 94
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuring translator-role of NSSA default-information-originate WEC8500/configure/router/ospf 1# area 2 nssa default-information- originate translator-role ? always Translate always candidate Candidate for translator (default) never Do not translate WEC8500/configure/router/ospf 1# area 2 nssa default-information- originate translator-role always ?
Page 95
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Network> <OSPF> <Area> <NSSA> menu in the sub- menus. The default window is shown below.
Page 96
Define a virtual link and its parameters WEC8500/configure/router/ospf 1# area 2 virtual-link ? A.B.C.D ID (IP addr) associated with virtual link neighbor WEC8500/configure/router/ospf 1# area 2 virtual-link 10.10.10.1 ? authentication Enable authentication authentication-key Set authentication key dead-interval Dead router detection time...
Page 97
10 sec., the dead-interval will be 40 seconds if the hello-interval is not configured. In addition, operator can change it to a value between 1 second and 65535 seconds. WEC8500/configure/router/ospf 2# area 2 virtual-link 10.10.10.1 dead- interval ? 1 - 65535 Seconds WEC8500/configure/router/ospf 2# area 2 virtual-link 10.10.10.1 dead-...
Page 98
WEC8050 / WEC8500 Operation Manual Version 7.1 WEC8500/configure/router/ospf 2# area 2 virtual-link 10.10.10.1 message-digest-key 2 md5 ? <WORD> Authentication key (16 chars) WEC8500/configure/router/ospf 2# area 2 virtual-link 10.10.10.1 message-digest-key 2 md5 b WEC8500/configure/router/ospf 2# Retransmit-interval configuration The default retransmit-interval is 5 seconds. In addition, operator can change it to a value between 1 second and 65535 seconds.
Page 99
WEC8050 / WEC8500 Operation Manual Version 7.1 Unlike other configurations, there are two tabs at the top; General page and Authentication page. Start configuration in the General page for the basic configuration of Virtual-Link. In the default configuration page, configure PROCESS ID, AREA ID, or LINK ID.
Page 100
To configure the Range detail items, start detail configuration after entering an Area range prefix value. WEC8500/configure/router/ospf 2# area 2 range ? A.B.C.D/M Area range prefix WEC8500/configure/router/ospf 2# area 2 range 10.10.10.1/16 ? advertise Advertise this range (default) not-advertise DoNotAdvertise this range <cr>...
Page 101
Configure OSPF area as stub virtual-link Define a virtual link and its parameters Authentication configuration Operator can select whether to use authentication or message-digest function. WEC8500/configure/router/ospf 2# area 2 authentication ? message-digest Use message-digest authentication <cr> WEC8500/configure/router/ospf 2# area 2 authentication message-digest <cr>...
Page 102
‘% The area is neither stub, nor NSSA’ WEC8500/configure/router/ospf 2# area 0.0.0.1 default-cost ? 0 - 16777215 Stub's advertised default summary cost WEC8500/configure/router/ospf 2# area 0.0.0.1 default-cost 3 ? <cr> WEC8500/configure/router/ospf 2# area 0.0.0.1 default-cost 3 Shortcut configuration For Shortcut configuration, operator can select one out of 3 selections including default, disable, and enable.
Page 104
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Network> <OSPF> <Summary> menu in the sub-menus. The configuration page is as follows: After default configuration, select a PROCESS ID for detail configuration.
Page 105
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Network> <OSPF> <Passive Interface> menu in the sub- menus. The configuration page is as follows: After selecting a PROCESS ID that a user will use, select an interface to apply.
Page 106
Link state transmit delay DISABLE OSPF configuration WEC8500/configure/interface ge2# ip ospf disable ? All functionality WEC8500/configure/interface ge2# ip ospf disable all ? <cr> WEC8500/configure/interface ge2# ip ospf disable all MTU configuration The default does not use Maximum Transmission Unit (MTU) configuration.
Page 107
WEC8500/configure/interface ge2# ip ospf database-filter ? Filter all LSA WEC8500/configure/interface ge2# ip ospf database-filter all ? Outgoing LSA WEC8500/configure/interface ge2# ip ospf database-filter all out ? <cr> WEC8500/configure/interface ge2# ip ospf database-filter all out Dead-interval configuration The default value of dead-interval is 4 times of hello-interval. Because the default hello-interval is configured to 10 sec., the dead-interval will be 40 seconds if the hello-...
Page 108
WEC8050 / WEC8500 Operation Manual Version 7.1 WEC8500/configure/interface ge2# ip ospf dead-interval 30 ? <cr> WEC8500/configure/interface ge2# ip ospf dead-interval 30 Hello-interval configuration The default hello-interval is 10 seconds. In addition, operator can change it to a value between 1 second and 65535 seconds.
Page 109
Version 7.1 PRIORITY configuration The default OSPF Priority value is 1. A user can configure the priority between 1 and 255. WEC8500/configure/interface ge2# ip ospf priority ? 0 - 255 Priority WEC8500/configure/interface ge2# ip ospf priority 2 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration>...
Page 110
WEC8050 / WEC8500 Operation Manual Version 7.1 The detail item configuration page is as follows: When you select the name of an enabled interface, the below detail item configuration page is displayed. After entering a value that a user wants for the item configured in the above CLI, click the <Apply>...
Page 111
WEC8050 / WEC8500 Operation Manual Version 7.1 3.4.6 VRRP Configuration The Virtual Router Redundancy Protocol (VRRP) is an Internet protocol that provides the backup router operation method in a LAN. If a fault occurs with a router that transmits a packet from a host in a LAN, decide a virtual IP address in a DHCP manually or by default by using a virtual router fault recovery protocol and share it among routers.
Page 112
WEC8050 / WEC8500 Operation Manual Version 7.1 [preempt-delay] This command configures the preempt delay time. preempt-delay [DELAY_TIME] Parameter Description DELAY_TIME Preempt delay time (range: 0-3600 s) [preempt-mode] This command configures whether to use the preempt mode. preempt-mode [MODE]...
Page 113
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Network> <VRRP> menu in the sub-menus. The VRRP menu provides two sub menus, i.e. Operation and Circuit Failover.
Page 114
WEC8050 / WEC8500 Operation Manual Version 7.1 3.4.7 Configuring IPWATCHD The IP WATCH Deamon (IPWATCHD) provides the function of detecting active or passive IP collision. Regardless of IP collision attacker or victim, the information including source ip/mac is transmitted as an evm fault event when the IP collision occurs. At the collision time, the Gratuitous Address Resolution Protocol (GARP) reply is transmitted 3 times to the unicast at every 1 second.
Page 115
WEC8050 / WEC8500 Operation Manual Version 7.1 The Access Control List (ACL) allows or blocks a specific network traffic based on an operator’s configuration. The APC provides QoS using ACL. 3.5.1 ACL Configuration 3.5.1.1 Access List Configuration You can create or delete an access list for ACL configuration. To delete an access list, an operator can enter the name of an access list directly or enter a command by copying a value retrieved from the ‘show running-config network’.
Page 116
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Security> <Access Control Lists> <IP ACL> menu in the sub-menus. The initial window of ACL rule configuration is shown below. When you click the <Add>...
Page 117
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description ACL_NAME ACL name to configure An example of entering a command that configures ‘acl1’ to the ‘ge2’ interface is shown below. APC# configure terminal APC/configure# interface ge2 APC/configure/interface ge2#ip access-group fqm in acl1 3) To check the configuration information, use the ‘show running-config network’...
Page 118
WEC8050 / WEC8500 Operation Manual Version 7.1 3.5.1.3 WLAN ACL Configuration 1) Go to the fqm mode to configure the configure ACL rule of CLI. APC# configure terminal APC/configure# fqm-mode 2) Configure WLAN ACL by entering the ‘ip access-group wireless’ command.
Page 119
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 42. Admin ACL Configuration Window 3.5.2 Class-map Configuration 1) Go to the fqm mode to configure the configure ACL rule of CLI. APC# configure terminal APC/configure# fqm-mode 2) Go to Class-map mode.
Page 120
WEC8050 / WEC8500 Operation Manual Version 7.1 3.5.3 Policy-map Configuration 1) Go to the fqm mode to configure the configure ACL rule of CLI. APC# configure terminal APC/configure# fqm-mode 2) Go to policy-map mode. To delete a policy map, enter ‘no’ parameter in front of the command.
Page 121
WEC8050 / WEC8500 Operation Manual Version 7.1 3.5.4 Service Policy Configuration Apply the policy configured in the policy-map to an interface. 1) Go to configure interface configuring mode to apply the service policy of CLI. APC# configure terminal APC/configure# interface ge2 APC/configure/interface ge2# 2) Apply the policy configured in the policy-map to an interface.
Page 122
WEC8050 / WEC8500 Operation Manual Version 7.1 3.5.5 Time Profile The procedure of configuring a time profile and applying it to ACL is described. 3.5.5.1 Time Profile Configuration Configuration using CLI 1) Go to configure of CLI fqm mode. APC# configure terminal APC/configure# fqm-mode 2) Configure a time profile.
Page 123
WEC8050 / WEC8500 Operation Manual Version 7.1 Select an item in the list and perform detail configuration. Figure 44. Time Profile Configuration Window (2) After finishing configuration in the window, click the <Apply> button to apply it to the system.
Page 124
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Security> <Access Control Lists> <IP ACL> menu in the sub-menus. To change the configuration of ACL rule, click ACLNAME to change. You can change the configuration using the <Add>...
Page 125
WEC8050 / WEC8500 Operation Manual Version 7.1 3.5.6 OS-AWARE OS-AWARE is a function to use the option value of the DHCP Discover/Request transmitted from a station to check the type of the operating system used by the station. The procedures to set OS-AWARE and apply the OS-AWARE settings to ACL are described below.
Page 126
WEC8050 / WEC8500 Operation Manual Version 7.1 os-aware ‘window7’ modification: APC# configure terminal APC/configure# os-aware APC/configure/os-aware # os-aware window7 seq 8 dhcp-option 2 eq FF os-type windows os-aware ‘window7’ deletion: APC# configure terminal APC/configure# os-aware APC/configure/os-aware # no os-aware window7 3) Check the settings by using the ‘show OS-AWARE-all’...
Page 127
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description OS_AWARE NAME os-aware name to configure An example of applying ‘window7’ to ‘acl’ is as follows. APC# configure terminal APC/configure# fqm-mode access-list ip acl1 permit seq 1 icmp any any os-aware window7 3) To check the configuration information, use the ‘show running-config network’...
Page 128
PIM Configuration As a multicast layer3 transmission protocol, the PIM has two modes, i.e. Dense mode and Sparse mode. The WEC8500 supports only PIM Sparse mode and the PIM Sparse mode can be configured for each interface. Configuration using CLI 1) Go to configure of CLI ...
Page 129
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Perform PIM configuration. ip pim sparse-mode: Enable no ip pim sparse-mode: Disable Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller>...
Page 131
WEC8050 / WEC8500 Operation Manual Version 7.1 IGMP Snooping Configuration using CLI Use the ‘ip igmp snooping’ command to enable or disable Internet Group Management Protocol (IGMP) Snooping. ip igmp snooping no ip igmp snooping When this command is executed in the Configure mode, the IGMP Snooping of a bridge is enabled or disabled.
Page 132
WEC8050 / WEC8500 Operation Manual Version 7.1 [ip igmp snooping mroute] This command enables or disables the Mroute function. ip igmp snooping mroute [INTERFACE] no ip igmp snooping mroute [INTERFACE] Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller>...
Page 133
WEC8050 / WEC8500 Operation Manual Version 7.1 3) Select a VLAN interface that will be added to the Mroute. Figure 54. IGMP Snooping Mroute Creation Window (3) 4) The selected interface is displayed on the window. Click the <Apply> button to apply the configuration.
Page 134
WEC8050 / WEC8500 Operation Manual Version 7.1 Deep Packet Inspection It supports QoS by application. It may allow drop, bandwidth contract, and DSCP marking and it provides statistics by detailed category. The application of DPI in a unit of WLAN is possible and it also provides a monitoring function.
Page 135
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description NAME Profile name WLAN ID Configuration using Web UI In the menu bar of <WEC Main Window>, select <Configuration>, and then select <Wireless QoS > Application QoS> in the submenus. Select <Profile>.
Page 136
WEC8050 / WEC8500 Operation Manual Version 7.1 3.9.2 Configuring Application Group Possible to configure one or more applications as a group. Configuration using CLI 1) Enter the DPI Configuration mode. APC# configure terminal APC/configure# dpi APC/configure/dpi# 2) Make a group and add an application.
Page 137
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 59. Application Group Configuration Screen 3.9.3 Checking Statistics by Category The category provides statistical information by application, WLAN, station, device-os- type, and group. Configuration using CLI 1) Check the statistical information on all applications.
Page 140
WEC8050 / WEC8500 Operation Manual Version 7.1 | Top 10 Stations |----1----2-- --3----4----5----6----7----8----9---|% | 1. 00:12:47:F3:CF:A4 100.00% 355 bytes |||||||||||||||||||||||||||||||||||||||||||||||||| | Top 10 Stations(History) |----1----2-- --3----4----5----6----7----8----9---|% | Top 10 WLANs |----1----2-- --3----4----5----6----7----8----9---|% | 1. 1 100.00% 355 bytes |||||||||||||||||||||||||||||||||||||||||||||||||| | Top 10 Device types...
Page 141
WEC8050 / WEC8500 Operation Manual Version 7.1 6) Check the statistical information on specific stations. APC# show dpi stat station [MAC] Parameter Description Station MAC 7) Check the statistical information on all device-os-types. APC# show dpi stat device-os-type 8) Check the statistical information on specific device-os-types.
Page 145
WEC8050 / WEC8500 Operation Manual Version 7.1 3.10 mDNS Snooping Bonjour is a zero-configuration support protocol by Apple Inc. The Bonjour protocol supports service and device discovery in home networks. To support the Bonjour protocol on enterprise networks, the APC mDNS snooping supports the following functions.
Page 146
WEC8050 / WEC8500 Operation Manual Version 7.1 3) Configure the mDNS snooping profile object in the WLAN and the wired interface. The Bonjour service configured in the mDNS snooping profile is forwarded to the configured WLAN and wired interface.
Page 147
WEC8050 / WEC8500 Operation Manual Version 7.1 3) Create an mDNS snooping profile object and configure a service object. Select <Controller> <mDNS Snooping> <Profile>. Figure 65. mDNS Snooping Profile Configuration Click the <Add> button to create a new mDNS snooping profile object.
Page 148
WEC8050 / WEC8500 Operation Manual Version 7.1 CHAPTER 4. AP Connection Management This chapter describes the various configuration methods to manage the connection between the APC and AP. APC Management 4.1.1 Managing APC List To enable the APC system to provide cluster or redundancy service, several APC systems must be installed at a site and each APC must have the information of other APC systems.
Page 149
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using CLI The procedures for configuration are as follows. 1) Go to the configure mode of the CLI. WEC8500# configure terminal WEC8500/configure# apc WEC8500/configure/apc/apc-list# 2) Go to the apc-list item of CLI.
Page 150
WEC8050 / WEC8500 Operation Manual Version 7.1 4.1.2 Management Interface Configuration The APC can communicate with a Wireless Enterprise wireless LAN AP using management interface. This is one of the information that must be configured first of all for wireless LAN service.
Page 151
WEC8050 / WEC8500 Operation Manual Version 7.1 4.1.3 CAPWAP Configuration A secured tunnel is created between APC and Wireless Enterprise wireless LAN AP using Control And Provisioning Wireless Access Point (CAPWAP), i.e. a standard protocol, and data is transmitted through the tunnel. An encrypted data is used for both wire and wireless sections, high security is provided.
Page 152
WEC8050 / WEC8500 Operation Manual Version 7.1 discovery-by-multicast: Configures whether to allow connection to CAPWAP multicast. (The ‘add-multicast-if’ must be configured before configuring whether to allow multicast connection.) discovery-del-timer: If the Join message is not received after receiving a Discovery message, this configures the timeout to discard the previously received Discovery messages.
Page 153
WEC8050 / WEC8500 Operation Manual Version 7.1 4.1.4 AP Registration (Auto Discovery) Configuration The APC provides the AP auto-discovery function that automatically registers APs in the same network without having to configure any settings in advance. To configure the function, execute the following commands.
Page 154
WEC8050 / WEC8500 Operation Manual Version 7.1 4.1.5 Managing AP File Transmission It provides the configuration and transmission management function for the tech support file of the AP. 4.1.5.1 Tech Support Information File 1) Go to configure APC mode of CLI.
Page 155
WEC8050 / WEC8500 Operation Manual Version 7.1 Operator can also configure fallback to return to the original APC from the backup APC during the service. If the fallback operation is configured, the AP periodically performs health check to check whether the primary APC can be connected. When the connection is required, it can immediately perform fallback according to the fallback option or can perform fallback on a specified time.
Page 156
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description PORT CAPWAP PORT number of the APC to add This port number is required by an AP to connect to the APC. If no port number is entered, it is set to 5246, the default port number of CAPWAP protocol.
Page 157
WEC8050 / WEC8500 Operation Manual Version 7.1 4) To check the configured apc list, execute the ‘show apc summary’ command. 5) To check the redundancy information, execute the ‘show redundancy summary’ command. 6) To check the configured AP profile, execute the ‘show ap detail [AP_PROFILE_ NAME]’...
After configuring the DISCOVERY TYPE of AP to ‘APC Referal’, select the PRIMARY CONTROLLER NAME, SECONDARY CONTROLLER NAME, and TERTIARY CONTROLLER NAME. For the WEC8500 model, the TERTIARY CONTROLLER NAME is not shown in the menu.
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 74. AP redundancy Configuration Window Parameter Description APC_NAME Enter the name of an APC registered to redundancy. - Primary apc: The first APC that the AP attempts to connect. It is usually configured with the currently connected APC.
Page 160
WEC8050 / WEC8500 Operation Manual Version 7.1 AP Management 4.2.1 AP Group Configuration The APC manages the services provided to the AP by group. An operator can add or delete several APs to/from a group. It is also possible to add/remove WLANs to/from an AP group so that the same WLAN services can be provided for each group.
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Create or delete an AP group. Use ‘no’ parameter in front of the command to delete an AP group. ap-group [AP_GROUP_NAME] no ap-group [AP_GROUP_NAME] 3) Add or delete an AP to or from the AP group. Use ‘no’ parameter in front of the command to delete an AP from the AP group.
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.1.1 General AP Group Settings To aid management of APs in groups, the APC allows configuration of settings which can be applied commonly to each group. The following functions are provided: Parameter Description Description This configures the description of the AP group.
Page 163
WEC8050 / WEC8500 Operation Manual Version 7.1 overwrite-ip-mode no overwrite-ip-mode ip-mode overwrite-state no overwrite-state shutdown no shutdown no overwrite-redundancy discovery primary-apc no primary-apc secondary-apc no secondary-apc ...
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description AP are used. - apc-referral: The APC list configured for the APC is used as the discovery list. - DHCP: The APC list information relayed by DHCP option 138 (IPv4) or option 52 (IPv6) is used as the discovery list.
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.1.2 Adding/Removing APs To aid management of APs in groups, the APC allows addition/removal of APs to/from AP groups. Configuration using CLI 1) Go to the configure mode of the CLI. WEC8500# configure terminal WEC8500/configure# 2) Create an AP group or enter the AP group configuration mode.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main Window>, select <Configuration>, select <AP Groups> in the submenu, and then select an AP group to configure. Under the ‘APs’ tab of the AP group, APs can be added or removed.
WEC8050 / WEC8500 Operation Manual Version 7.1 4) Use the ‘show ap-group summary’ command to check the AP group information. Configuration using Web UI In the menu bar of <WEC Main Window>, select <Configuration>, select <AP Groups> in the submenu, and then select an AP group to configure. Under the ‘WLANs’ tab of the AP group, WLANs can be added or removed.
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.1.4 802.11a/n/ac Configuration Configuration using Web UI In the menu bar of <WEC Main Window>, select <Configuration>, select <AP Groups> in the submenu, and then select an AP group to configure. Settings can be configured under the ‘802.11a/n/ac’...
Page 169
WEC8050 / WEC8500 Operation Manual Version 7.1 [Channel Configuration] CURRENT CHANNEL: Channel configuration (range: 36-165) CHANNEL FIX: The configured channel is configured as fixed and it is not affected by automatic adjustment functions such as RRM. When the <Monitor> <Access Points>...
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.1.5 802.11b/g/n Configuration Configuration using Web UI In the menu bar of <WEC Main Window>, select <Configuration>, select <AP Groups> in the submenu, and then select an AP group to configure. Settings can be configured under the ‘802.11b/g/n’...
Page 171
WEC8050 / WEC8500 Operation Manual Version 7.1 To check the configured channel and TX power information, go to <Monitor> <Access Points> <Radio> <802.11b/g/n>. [General] Max. Allowed Stations on an AP: Define max allowed stationsfor each Radio.
Page 172
WEC8050 / WEC8500 Operation Manual Version 7.1 no ssh-enable overwrite-console no overwrite-console console-enable no console-enable overwrite-dtls no overwrite-dtls dtls-policy overwrite-led-control no overwrite-led-control led-config overwrite-vlan no overwrite-vlan ...
Page 173
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description information provided by the CAPWAP (unit: seconds). RETRANSMIT-INTERVAL The APC waits for this length of time before retransmitting an echo request message when there is no response. The APC sets double the length of echo-interval as the echo timeout time. If no...
Page 174
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description OVERWRITE- If the overwrite-temperature-alarm is activated, the temperature TEMPERATURE-ALARM alarm information set in the AP group is applied to all APs in the group. TEMPERATURE-ALARM-ON- If the temperature of the AP exceeds the Temperature-Alarm-On- LEVEL Level, the temperature alarm occurs.
Page 175
WEC8050 / WEC8500 Operation Manual Version 7.1 target-ap: This option is used for selecting APs which will be applied with the changes made to the group settings. If 'all' is selected, changes are applied to all APs and config priority of the APs also change to group. If 'keep-ap-config' is selected, only the APs whose config priority is set to group have the airmove value of the group applied to them.
Page 176
WEC8050 / WEC8500 Operation Manual Version 7.1 5) Use the ‘show airmove group [ap_group_name]’ command to check the AP group information. WEC8500# show airmove group default Airmove Group Configurations ---------------------------- Airmove State Disable Target AP Keep Ap Config Scan trigger level...
Page 177
WEC8050 / WEC8500 Operation Manual Version 7.1 number-of-channel Set the number of channel required during one time scanning number-of-proreq Set the number of probe request required during one time scanning scan-time-channel Set time required for one channel scanning scan-time-interleave Set interval time required for new...
WEC8050 / WEC8500 Operation Manual Version 7.1 Scan trigger level -70 dBm Scanning time for one channel 5 ms Service time during scanning 100 ms Scanning interval time 1000 ms Number of probe requests Number of scanning channels Value of station roam delta WEC8500# Figure 82.
Page 179
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description OVERWRITE-IP-SEC If overwrite-ip-sec is enabled, the ip-sec information set for the AP group is applied to all APs within the group. ENABLE Enables/disables the IPSec function. PRIMARY-IP Configures the address of the primary security gateway.
Page 181
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.2 Configuring Remote AP Group If the APs are located in an area where the APC is not located, those APs must be classified into a separate group for service. The APC can manage the APs in another area by grouping them into a remote AP group.
WEC8050 / WEC8500 Operation Manual Version 7.1 3) Designate remote AP group properties to the AP group. group-type remote 4) When the remote AP group is deleted, use the 'no' parameter in front of the ap-group command to delete the remote AP group.
WEC8050 / WEC8500 Operation Manual Version 7.1 no remote secondary-radius[RADIUS_SERVER_INDEX] remote tertiary-radius[RADIUS_SERVER_INDEX] no remote tertiary-radius[RADIUS_SERVER_INDEX] 3) Add or delete users (stations) connecting to the remote AP. add-user [USER NAME] no add-user [USER NAME] 4) Execute the ‘show remote-ap-group detail [REMOTE AP GROUP NAME]’ command to check the AP group information.
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.2.3 Role-based Access Control Configuration of Remote AP Group Explanation on the configuration of the role based access control of the remote AP group is separately made in the “Role Based Access Control” chapter.
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 86. Window for Configuring Tunneling Forwarding of Remote AP Group 4.2.2.5 Configuring Local Bridging Forwarding of Remote AP Group You can configure the VLAN ID, ACL, and PreAuth ACL to a WLAN set with local bridging among WLANs included in the remote AP group.
WEC8050 / WEC8500 Operation Manual Version 7.1 4) Use the ‘send-remote-acl-to-ap profile-only’ command to send the ACL Profile information of the remote AP group to APs. 5) Use the ‘send-remote-acl-to-ap all’ command to send the information on the ACL Profile, Tunneling Forwarding and Local Bridging Forwarding of the remote AP group to APs.
Page 187
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.3 AP Time Synchronization per Group The AP can configure its time information using either the time stamp method or the NTP method. In the Time Stamp type, the APC periodically transmits the time of APC to an AP and the AP is operating based on the received time.
WEC8050 / WEC8500 Operation Manual Version 7.1 add-ntp [NTP_SERVER_ADDRESS] no add-ntp [NTP_SERVER_ADDRESS] ntp-interval [NUMBER] 3) Configure the method of transmitting the time information to an AP as ‘ntp’. mode ntp 4) Use the ‘show apc ap-time-config’ command to check the configured information.
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.4 AP Configuration The management interface of APC must be configured for the connection between APC and Wireless Enterprise AP. 4.2.4.1 Configuring MAC address Configuration using CLI To configure AP information, execute the command as follows: 1) Go to configure ...
Page 190
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.4.2 Configuring AP Profile Configuration using CLI To configure an AP profile configuration, execute the command as follows: 1) Go to configure AP configuration AP profile mode of CLI. WEC8500# configure terminal...
Page 191
WEC8050 / WEC8500 Operation Manual Version 7.1 edge-ap: Configures whether to enable the Edge AP function. edge-ap-opmode: Smart Handover is enabled as operation mode of the edge AP. In RSSI mode, handover is determined by looking up the RSSI value. In Force mode, handover is performed by force.
Page 192
WEC8050 / WEC8500 Operation Manual Version 7.1 ssh-enable: Configures whether to enable the SSH server of an AP. static-ip [IP_ADDRESS] [NETMASK] [GATEWAY]: Configures the static IP address of an AP. statistics-timer [TIMER]: Configures the time interval of transmitting the statistics information provided by CAPWAP (unit: seconds) ...
Page 193
WEC8050 / WEC8500 Operation Manual Version 7.1 primary-ip right-subnet right-subnet-mask auth-mode ike-version ike-lifetime ipsec-lifetime Parameter Description ENABLE Enables/disables the IPSec function. PRIMARY-IP Configures the address of the primary security gateway. RIGHT-SUBNET Configures the address of the traffic selector for IPSec.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Access Points> AP selection <General> menu in the sub-menus. The setting options in the General tab are as follows. Click the <Apply> button to apply the settings.
Page 195
WEC8050 / WEC8500 Operation Manual Version 7.1 IP SEC: IPSec service specific features In the menu bar of <WEC Main window>, select <Configuration> and then select the <Access Points> AP <Advanced> menu in the sub-menus. he setting options in the Advance tab are as follows. Fill in each item and click the <Apply>...
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 91. AP Profile Setting (2) 4.2.4.3 AP Mode Configuration Configuration using CLI To configure AP mode, execute the command as follows. 1) Go to configure AP configuration AP profile mode of CLI.
The APC operator can add or remove account information relating to the AP CLI. When the APC is first installed, a default account is provided (id: root, password: samsung). Up to three AP CLI accounts can be added, and at least one account must be configured.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using CLI Execute the following commands to configure the AP access account. 1) Go to configure APC mode of CLI. WEC8500# configure terminal WEC8500/configure# apc WEC8500/configure/apc # 2) Add an AP CLI account.
Page 199
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.4.5 AP SNMP Agent Configuration The APC operator can configure SNMP Agent settings for all APs. Configuration using CLI Execute the following commands to configure the SNMP Agent settings of the AP. 1) Go to configure snmp ap mode of CLI.
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description PRIVATE KEY A number in the range of 8 to 20 can be entered. 3) Use the ‘show snmp ap’ command to retrieve the agent information configured for the Configuration using Web UI In the menu bar of <WEC Main Window>, select <Administration>, select <AP>...
Page 201
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.5 Information Management The APC manages the history statistics information, real-time interface statistics information, and tech support information of the AP. AP History Statistics The AP transmits the interface (WAN and WLAN) and CPU load/memory usage statistics information collected for 5 min.
WEC8050 / WEC8500 Operation Manual Version 7.1 4.2.5.2 Real-time Interface Statistics Information Configuration using CLI 1) Go to configure AP configuration. WEC8500# configure terminal WEC8500/configure# ap ap_1 WEC8500/configure/ap ap_1# 2) Configure to make real-time interface statistics information updated periodically.
WEC8500# configure terminal WEC8500/configure# ap [ap profile name] WEC8500/configure/ap ap_1# tech-support WEC8500/configure/ap ap_1/tech-support# 2) Request the coredump file of the AP. WEC8500/configure/ap ap_1/tech-support# get-coredump (system / radio- coredump) 3) Request the crashfile of the AP. WEC8500/configure/ap ap_1/tech-support# get-crash-file (system / radio-coredump) 4) Request the log file of the AP.
Page 204
1) Outdoor APs are not included in the AP count of the APC license. 2) Outdoor APs are not included in the ordinary AP count. 3) The maximum up-ported outdoor AP count is 300 for the WEC8500 model and 75 for the WEC8050 model.
Are you sure you want to continue? (y/n) : y WEC8500/configure/ap ap_1# 3) To check the upgrade file information of the requested AP, use the following command. WEC8500/configure/ap ap_1# show ap upgrade list /* (RC/FR/RC) : RetryCount/FailReason/RebootCause /* Pri : VersionPriority (MD-model,A-AP config)
Page 206
- keeping-individual: While maintaining individually configured ap version, perform upgrade for the rest APs. [transfer-protocol] This command selects a transmission protocol that is used to transmit the package file of an AP from the WEC8500 to the AP. Transfer-protocol [AP TRANSFER MODE] Parameter...
Page 207
WEC8050 / WEC8500 Operation Manual Version 7.1 [max-download] This command configures the maximum number of simultaneous downloads when transmitting the package file of an AP from the APC to the AP. Max-download [COUNT] Parameter Description COUNT Maximum number of simultaneous downloads of AP image...
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Administrator> and then select <Package Upgrade> <AP> menu in the sub menu. You can perform AP upgrade in the AP Upgrade tab and configure upgrade related environment in the Advanced tab.
WEC8050 / WEC8500 Operation Manual Version 7.1 SCOPE: Selects upgrade method. To make the AP working as the package immediately after upgrade, select Quick Upgrade. To download the package to the AP, select the Predownload menu. TARGE AP: Select an AP target to upgrade. If you select <Keeping individual setting>, an AP that is configured as individual is excluded from upgrade.
WEC8050 / WEC8500 Operation Manual Version 7.1 [Advanced tab] Configures AP upgrade related environment settings. Figure 103. AP upgrade-advanced TRANSFER MODE: Selects a protocol that transmits an AP package. MAX DOWNLOAD: Configures maximum number of sessions that can be downloaded simultaneously.
Page 219
WEC8050 / WEC8500 Operation Manual Version 7.1 CHAPTER 5. WLAN Management This chapter describes how to create and configure WLAN that is the most fundamental basis for Wireless Enterprise wireless LAN service. WLAN Configuration 5.1.1 Basic WLAN Configuration The WLAN profile helps configure and manage the WLAN connection service of an AP in the APC.
Page 220
WEC8050 / WEC8500 Operation Manual Version 7.1 A newly created WLAN is added to the ‘default’ AP group if the WLAN ID is in the range of 1-16. If its WLAN ID is 17 or above, the WLAN is not included in the AP group.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <WLANs> menu in the sub-menus. Select a WLAN ID to change in the WLANs screen and go to the <General>...
Page 222
WEC8050 / WEC8500 Operation Manual Version 7.1 AAA OVERRIDE: If the WLAN is enabled with the device authentication function using a AAA server, the AAA-override function can be enabled so that the user- specific settings configured in the AAA server are applied with priority over the APC settings.
Page 223
WEC8050 / WEC8500 Operation Manual Version 7.1 6) Select a radio bandwidth to provide the WLAN service. radio [RADIO] Parameter Description RADIO - 1: 5 GHz - 2: 2.4 GHz - 3: Supports both 5/2.4 GHz 7) Select whether to provide the SSID as hidden. If it is set to ‘hidden’, the SSID is not found when other devices do searching.
Page 224
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <WLANs> menu in the sub-menus. For more information about configuration, see ‘5.1 Basic WLAN Configuration’.
Page 225
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <WLANs> menu in the sub-menus. Select a WLAN ID to change in the WLANs screen and go to the <Advanced>...
Page 227
WEC8050 / WEC8500 Operation Manual Version 7.1 [Changing to Repeater AP] The procedure of changing a Wireless Enterprise AP to a Repeater AP is as follows: 1) Go to the configure mode of the CLI. WEC8500# configure terminal 2) Check the registered AP list.
Page 228
WEC8050 / WEC8500 Operation Manual Version 7.1 In the menu bar of <WEC Main window>, select <Configuration> and then select the <Access Points> AP selection <General> menu in the sub-menus. After selecting AP MODE item, click the <Apply> button and restart the AP.
Page 229
WEC8050 / WEC8500 Operation Manual Version 7.1 5.1.5 MCS Configuration Management by WLAN This is a function of configuring data rate and MCS by WLAN. You can configure MCS, etc. by each WLAN differently because it is necessary to configure MCS, etc. differently depending on the types of services such as FMC.
Page 230
WEC8050 / WEC8500 Operation Manual Version 7.1 5) Configure the 802.11ac Modulation and Coding Scheme (MCS) rate. Only 5G bandwidth for 802.11ac MCS is configurable. WEC8500/configure/wlan 1/80211a# mcs-11ac num-ss 2/3 enter the maximum MCS(7~9) for 1 spatial stream(s): 7 the maximum MCS : 7...
Page 232
WEC8050 / WEC8500 Operation Manual Version 7.1 Local Switching The APC provides the local switching function to support a service to an individual network such as a branch office. The local switching function enables an AP to be connected to WAN for external connection in an individual network where the APC is not installed.
Page 233
WEC8050 / WEC8500 Operation Manual Version 7.1 WEC8500# configure terminal WEC8500/configure# ap ap_1 WEC8500/configure/ap ap_1# profile WEC8500/configure/ap ap_1/profile# local-bridging [WLAN_ID][VLAN_ID/ACL_NAME/PRE_AUTH_ACL_NAME] Parameter Description WLAN_ID WLAN ID (Range: 1-254) (available only for WLANs the tunnel-mode of which is local-bridging) VLAN_ID VLAN ID (Range: 1-4094)
Page 234
WEC8050 / WEC8500 Operation Manual Version 7.1 In the menu bar of <WEC Main window>, select <Configuration> and then select the <Access Points> menu in the sub-menus. In the Access Points screen, select an AP to change and go to the <Remote AP> tab.
Page 235
WEC8050 / WEC8500 Operation Manual Version 7.1 Security and Authentication The Samsung Wireless Enterprise AP/APC supports the security and authentication function defined in the IEEE 802.11-based wireless LAN security standard and its main mechanism is as follows: Wired Equivalent Privacy (WEP) ...
Page 236
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <WLANs> menu in the sub-menus. Select a WLAN ID to change in the WLANs screen and go to the <Security>...
Page 237
WEC8050 / WEC8500 Operation Manual Version 7.1 Item Description - 64-characters of hexadecimal value PMK LIFETIME PMK effective time (unit: s, range: 0-1000000, default: 43200) EAPOL REAUTHENTICATION EAP re-authentication interval (unit: s, range: 0-100000, PERIOD default: 0) PROTECTED MANAGEMENT Protected management frames (802.11w) function...
Page 238
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Go to security configuration mode and initialize the configuration. WEC8500/configure/wlan 1# security WEC8500/configure/wlan 1/security# setDefault 3) Configure the WPA type. WEC8500/configure/wlan 1/security# [WPA_TYPE] Parameter Description WPA_TYPE WPA type (wpa/wpa2): WPA Version 2 must be enabled at all times.
Page 239
WEC8050 / WEC8500 Operation Manual Version 7.1 6) Configure the key management algorithm to PSK. WEC8500/configure/wlan 1/security# keymgmt psk 7) Disable the 802.1x key management algorithm. WEC8500/configure/wlan 1/security# no keymgmt ieee8021x 8) Disable the 802.1x authentication. WEC8500/configure/wlan 1/security# no ieee8021x 9) After applying the changed configuration, exit the security configuration mode.
Page 240
WEC8050 / WEC8500 Operation Manual Version 7.1 For more information about detail configuration item, see ‘5.3.1 Initialization of WLAN Security Function’. 5.3.3 WPA/WPA2 802.1x Configuration The WPA/WPA2 802.1x, one of wireless LAN authentication types does authentication through an authentication server such as a Remote Authentication Dial-In User Service (RADIUS) server.
Page 241
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description configured before. WPA Version 2 must be enabled at all times. - wpa: WPA Version 1 - wpa2: WPA Version 2 ENC_TYPE Encryption type (tkip/ ccmp) - tkip: TKIP type. TKIP cannot be configured for WPA Version 2.
Page 242
WEC8050 / WEC8500 Operation Manual Version 7.1 10) After applying the changed configuration, exit the security configuration mode. WEC8500/configure/wlan 1/security# apply WEC8500/configure/wlan 1/security# exit 11) To check the configuration information, use the following command. WEC8500/configure# show wlan security summary 12) To check configuration information, use the ‘show wlan security summary’ command.
Page 243
WEC8050 / WEC8500 Operation Manual Version 7.1 Item Description ACCOUNTI Enable/ Whether the accounting function is enabled. Disable - Enable: The accounting function is enabled. SERVER - Disable: The accounting function is disabled. RADIUS Accounting server that will be used as the first priority SERVER 1 (Can select one out of pre-configured RADIUS servers.)
Page 244
WEC8050 / WEC8500 Operation Manual Version 7.1 5.3.4 Static WEP Configuration The WEP is a security algorithm defined in the initial wireless LAN standard. It provides security by using a cryptographic key and Initial Vector (IV) to encrypt the wireless transmission data exchanged between an AP and a wireless terminal connected to a wireless LAN.
Page 245
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description KEY_TYPE WEP key Input format of WEP cryptographic key (ascii/hex) - ASCII: ASCII character string - HEX: Hexadecimal value KEY STRING WEP cryptographic key KEY_INDEX Key index (range: 1-4) KEY_LENGTH Key length (Bit unit)
Page 246
WEC8050 / WEC8500 Operation Manual Version 7.1 5.3.5 Dynamic WEP Configuration The Dynamic WEP is a security algorithm that improves the security vulnerabilities of a static WEP by using 802.1x authentication. Unlike the static WEP that is based on a configured fixed key, it creates a cryptographic key by executing 802.1x authentication...
Page 247
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description RADIUS_SERVER_ID_LIST RADIUS server ID list (Up to 3 IDs can be configured.) 6) After enabling the RADIUS server function for accounting, specify the index of account RADIUS server. The RADIUS server information must be configured in advance.
Page 248
WEC8050 / WEC8500 Operation Manual Version 7.1 Select the L2 Security Type as Dynamic WEP. After configuring the rest values as required, click the <Apply> button. For more information about detail configuration item of L2 tab, see ‘5.3.1 Initialization of WLAN Security Function’.
Page 249
WEC8050 / WEC8500 Operation Manual Version 7.1 DHCP Configuration The DHCP service of APC consists of DHCP server, DHCP relay, and DHCP proxy. 5.4.1 DHCP Server 5.4.1.1 DHCP Server Configuration A DHCP server in the APC dynamically allocates an IP address to a client.
Page 250
To configure the DHCP Pool related function, execute the command as follows to go to the DHCP pool mode. WEC8500# configure terminal WEC8500/configure # ip dhcp pool test WEC8500/configure/ip/dhcp/pool test# [Configuring IP address] Before configuring a DHCP pool, you should configure a network first. If the network is not configured, you cannot execute other commands.
Page 252
WEC8050 / WEC8500 Operation Manual Version 7.1 [Configuring Fixed IP Address to MAC Address] This command configures a fixed IP address to a specific MAC address or deletes the configuration. The ‘range’ of IP address to configure cannot be overlapped with the IP range and maximum 255 IP addresses can be configured.
Page 253
WEC8050 / WEC8500 Operation Manual Version 7.1 [Ping check] When a DHCP server allocates an IP address to a client, ping check can be used to check if an IP address to allocate is being used in the current network.
Page 254
- no user-option [1-254] ipaddress A.B.C.D [active/passive] no user-option all Deletes all the configured options. A usage example is given below. WEC8500/configure/ip/dhcp/pool test# user-option 3 string “hi, there” active WEC8500/configure/ip/dhcp/pool test# user-option 200 octet 33:4A:5C:6F:DD passive WEC8500/configure/ip/dhcp/pool test# user-option 201 int -3000...
Page 255
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <DHCP> <Internal Server> menu in the sub-menus. Click the <Add> or <Delete> button to add or delete a DHCP pool.
Page 256
WEC8050 / WEC8500 Operation Manual Version 7.1 POOL NAME: DHCP pool name (mandatory input item) NETWORK: Network bandwidth IP that a DHCP server will serve (mandatory input item) MASK: Netmask length IP of an IP that is entered into the NETWORK item (mandatory input item) ...
Page 257
The relay and proxy are operating in the switching mode. If a proxy is not used, it is operating in the relay mode. WEC8500/configure # no ip dhcp-proxy enable 3) To check the configured DHCP information, use the ‘show ip dhcp-proxy’ command.
Page 258
WEC8050 / WEC8500 Operation Manual Version 7.1 5.4.3 DHCP Proxy The procedure of changing to the DHCP proxy is as follows. Configuration using CLI The CLI configuring a DHCP proxy is located as a command under ‘ip dhcp-proxy’ in the configure mode.
Page 259
WEC8050 / WEC8500 Operation Manual Version 7.1 5.4.4 Option 82 Configuration The APC uses the DHCP Option 82 to provide various services during IP allocation by forwarding the information such as access control, QoS, or security policy, etc. when a wireless terminal connected to an AP receives an IP address.
Page 260
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Interfaces> menu in the sub-menus. In the interface, you can see the page where you can change the Option 82.
Page 261
WEC8050 / WEC8500 Operation Manual Version 7.1 5.4.5 Primary/Secondary Server Configuration The DHCP relay/proxy can transmit a DHCP packet received from a client through broadcast to maximum two DHCP servers. Here, the two servers are called a primary server and a secondary server.
Page 262
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI [Configuration at Interface] In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Interfaces> menu in the sub-menus. In the interface, you can see the page where you can change the Option 82.
Page 263
WEC8050 / WEC8500 Operation Manual Version 7.1 [Configuration at Global] In the menu bar of <WEC Main window>, select <Configuration> and then select the <DHCP> <Proxy> menu in the sub-menus. Configure the PRIMARY SERVER and SECONDARY SERVER of the Global Parameter.
Page 264
WEC8050 / WEC8500 Operation Manual Version 7.1 Radio Service Configuration The APC supports WLAN-based radio configuration. You can enable or disable WMM based on WLAN and change DTIM and station idle timeout. Configuration using CLI 1) Go to configure wlan-radio-service mode of CLI.
Page 265
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <WLANs> menu in the sub-menus. Select a WLAN ID to change in the WLANs screen and go to the <Advanced>...
Page 266
WEC8050 / WEC8500 Operation Manual Version 7.1 CHAPTER 6. Wi-Fi Configuration This chapter describes how to manage the 802.11a, 80211.bg, 802.11n or 80211ac device of Wireless Enterprise AP. An 802.11n device supports 2.4 GHz and 5 GHz wireless bandwidth and high data processing speed.
Page 267
WEC8050 / WEC8500 Operation Manual Version 7.1 3) Configure channel of multiple APs belonging to the group. channel [CHANNEL] group [GROUP_ID] all-ap/active-ap: Channel is configured for multiple APs. channel [CHANNEL] group [GROUP_ID] all-ap/active-ap fixed: Channel is fixed and is not affected by automatic adjustment functions such as RRM. (Channel values are indicated as * when retrieved by ‘show 80211a summary’...
Page 268
WEC8050 / WEC8500 Operation Manual Version 7.1 6) To check the configured channel and TX power information, use the following command. WEC8500# show 80211a[|80211bg] summary AP Name MAC Address Operation State Channel TxPower ----------------- ----------------- --------------- -------- -------- AP_f4d9fb23bfb9 F4:D9:FB:23:BF:B9 1...
Page 269
WEC8050 / WEC8500 Operation Manual Version 7.1 11) Configure the bandwidth of the AP. Bandwidth can be configured only for 80211a/n/ac. bandwidth [BANDWIDTH] ap [AP_ID]: Bandwidth is configured for a specific AP. bandwidth [BANDWIDTH] global: Bandwidth is configured for all APs.
Page 270
WEC8050 / WEC8500 Operation Manual Version 7.1 CHANNEL FIX: The configured channel is configured as fixed and it is not affected by the automatic adjustment function such as RRM. When selecting the <Monitor> <Access Points> <Radio> <802.11a/n/ac> or <802.11b/g/n> menu, the channel value is displayed as *.
Page 271
WEC8050 / WEC8500 Operation Manual Version 7.1 Supported: A connected terminal that supports the supported rate can communicate with an AP at the supported rate. Data Rates: data rate Range for 80211a: 6, 9, 12, 18, 24, 36, 48, or 54 Mbps ...
Page 272
WEC8050 / WEC8500 Operation Manual Version 7.1 6.1.2 802.11n Configuration The 802.11n configuration is as follows: Configuration using CLI 1) Go to configure radio mode (80211a or 80211bg) to configure of CLI. WEC8500# configure terminal WEC8500/configure# 80211a 2) Go to the 11n-support mode.
Page 273
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Access Points> <802.11a/n/ac> or <802.11b/g/n> <General> menu in the sub- menus. Select <Configuration> in the menu bar of <WEC Main Window> and select <WLANs>...
Page 274
Applies to all APs in the group active-ap Applies to all live APs in the group 4) Configure the Modulation and Coding Scheme (MCS) rate. WEC8500/configure/80211a/11ac-support# mcs num-ss [SPATIAL STREAM ] global Parameter Description SPATIAL STREAM Number of spatial streams (range: 2~3)
Page 275
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main Window>, select <Configuration> and select <Access Points> <802.11a/n/ac> or <802.11b/g/n> <General> submenus. Select <Configuration> in the menu bar of <WEC Main Window> and select <WLANs>...
Page 276
WEC8050 / WEC8500 Operation Manual Version 7.1 [OPERATIONAL TYPE] Enable/disable 11ac operation. [VHT (802.11AC) MCS SETTING] Determine the spatial stream count for each AP model and enter maximum MCS value for each spatial stream count. Example: maximum of seven MCS for one spatial stream, maximum of eight MCS for two spatial streams, and maximum of nine MCS for three spatial streams ...
Page 277
WEC8050 / WEC8500 Operation Manual Version 7.1 Wi-Fi QoS Configuration The APC provides various QoS in the wire/wireless section for every packet type (voice, video, best-effort, or background). The QoS can be configured for each wireless section (2.4 GHz, 5 GHz).
Page 279
WEC8050 / WEC8500 Operation Manual Version 7.1 6.2.2 QoS Configuration of AP 6.2.2.1 Wire Section The APC provides QoS in a wire section using 802.1p and Differentiated Services Code Point (DSCP) marking and it can adjust packet traffics because it can adjust queue length depending on packet type.
Page 280
WEC8050 / WEC8500 Operation Manual Version 7.1 4) Configure a default DSCP value per packet. dscp-tag [PACKET_TYPE] [DSCP TAG] Parameter Description PACKET_TYPE Packet type configuration (voice/video/best_effort/background) DSCP_TAG Default DSCP value 5) Configure a protocol to distinguish packet types. ...
Page 281
WEC8050 / WEC8500 Operation Manual Version 7.1 4) Select one out of None/802.1p/DSCP in the PROTOCOL drop-down list. 5) Enter 802.1p or a DSCP value into the QoS Default Values. 6) Click the <Apply> button to apply. 6.2.2.2 Wireless Section The system can provide QoS service in a wireless section for each AP downward packet type (voice, video, best effort, background).
Page 282
WEC8050 / WEC8500 Operation Manual Version 7.1 In the Access Point tab, enter 802.1p or a DSCP value into the QoS Default Values. Click the <Apply> button to apply. 6.2.3 Configuring QoS Profile of a Specific Terminal You can configure a QoS profile that is applied to a specific wireless terminal.
Page 283
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <User QoS> menu in the sub-menus. To create a QoS profile to apply to a terminal, click the <Add>...
Page 284
WEC8050 / WEC8500 Operation Manual Version 7.1 6.2.4 Voice Optimization Configuration The APC configures an EDCA parameter value that is optimized for voice service to an AP in real-time. Configuration using CLI 1) Go to configure radio cvo mode to configure of CLI.
Page 285
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 150. Configuring voice optimization by each AP Group 3) Configure for each AP In the menu bar of <WEC Main window>, select <Configuration> and then select the <Radio> <802.11a/n> or <802.11b/g/n> <General> menu in the sub- menus.
Page 286
WEC8050 / WEC8500 Operation Manual Version 7.1 802.11h Configuration The APC supports the configuration and transmission power limitation for the Dynamic Frequency Selection (DFS) function in an AP. When the AP detects radar, an event is sent to the WEM and a detouring channel can be configured in the AP.
Page 287
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Radio> <802.11a/n> <802.11h> menu in the sub-menus. Figure 152. Configuring 802.11h POWER CONSTRAINT: Power constraint value (0-100) ...
Page 288
WEC8050 / WEC8500 Operation Manual Version 7.1 Country Code You can use a country code to restrict the number of channels that can be used in an AP and the maximum transmission power of each channel. Configuration using CLI To configure the country code function, go to country mode first by executing the following command.
Page 289
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description AP group ID AP group ID (range: 1-3000) COUNTRY_CODE Country code to configure VALUE Environment configuration (both/outdoor/indoor/none) To check the configuration information, use the ‘show country group-config[AP group ID]’command. [Editing Country Code] You can add or delete an operation channel per country and change maximum transmission power per channel.
Page 290
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller> <Country> menu in the sub-menus. Figure 153. Country code window (1) [Global Country Code Configuration] 1) Select a country in the DEFAULT COUNTRY drop-down list of Configured Country Code item.
Page 291
WEC8050 / WEC8500 Operation Manual Version 7.1 [AP Country Code Configuration] In the menu bar of <WEC Main window>, select <Configuration> and then select the <Access Points> <Advanced> menu in the sub-menus. Figure 154. AP Country Code Configuration After selecting COUNTRY and ENVIRONMENT, click the <Apply> button.
Page 292
WEC8050 / WEC8500 Operation Manual Version 7.1 CHAPTER 7. WLAN Additional Services This chapter covers how to configure WLAN additional services such as wireless terminal management, spectrum analysis, Call Admission Control (CAC) and Radio Resource Management (RRM), etc. Managing Wireless Terminal 7.1.1...
Page 293
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Monitor> and then select the <Stations> menu in the sub-menus. The brief information of each station is displayed in the window.
Page 294
AirMove handover is performed by the collaboration between wireless terminals compatible with the APC. Therefore, the packet loss or handover time is optimized. Some Samsung smartphones such as Galaxy S2 or S3, etc. provide the AirMove function.
Page 295
WEC8050 / WEC8500 Operation Manual Version 7.1 AirMove Configuration Item Description scan interleaving time Configures the scanning interval of a wireless terminal. - OPTION: scan-time-interleave - OPTION_DETAIL: Time (ms) Service time in scanning period Configures a period when an wireless terminal transmits/receives an actual data traffic after scanning.
Page 296
WEC8050 / WEC8500 Operation Manual Version 7.1 [AirMove Enable/Disable Configuration] The AirMove is enabled by default, so use the following command to disable it. no handover mode NCHO To check the configuration information, use the ‘show handover configuration’ command.
Page 297
WEC8050 / WEC8500 Operation Manual Version 7.1 Call Admission Control (CAC) Configuration The CAC function is provided to protect existing calls from the calls incoming to a wireless LAN. The APC does not allow an additional call when maximum allowed number of calls per radio is reached.
Page 298
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Enable the SIP ALG. APC/configure# sipalg enable 3) To check the configuration information, use the ‘show sipalg configuration’ command. Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Controller>...
Page 299
WEC8050 / WEC8500 Operation Manual Version 7.1 7.3.2 Voice CAC Configuration To protect existing calls, the voice CAC function configures maximum allowed number of calls and rejects any call request when the maximum number is exceeded. You can configure the number of marginal voice calls for handover.
Page 300
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Radio> <802.11a/n> or <802.11b/g/n> <Admission Control> menu in the sub- menus. Figure 159. Admission control configuration of 802.11a/n After configuring the below item in the Call Admission Control, click the <Apply>...
Page 301
WEC8050 / WEC8500 Operation Manual Version 7.1 7.3.3 Video CAC Configuration To protect existing video calls, the video CAC function configures the maximum allowed number of video calls and rejects any call request when the maximum number is exceeded. You can configure the number of marginal calls for handover.
Page 302
WEC8050 / WEC8500 Operation Manual Version 7.1 6) Configure the maximum allowed usage of channels. max-chan-util [VALUE] Parameter Description VALUE Maximum allowed usage of channels 7) Configure the usage of marginal channels with consideration for handover. reserved-ho-chan-util [VALUE]...
Page 304
WEC8050 / WEC8500 Operation Manual Version 7.1 Radio Resource Management (RRM) RRM performs automatic setup function for AP’s channel and Tx Power. RRM is functionally divided into Dynamic Channel Selection (DCS), Dynamic Power control (DPC), and Coverage Hole Detection and Control (CHDC). The DCS automatically sets the channels of the APs.
Page 305
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Radio> <802.11a/n/ac> or <802.11b/g/n> <RRM> menu in the sub-menus. Enable or disable the RRM service at the top of the menu. The RRM can be set in either 802.11a/n/ac screen or 802.11b/g/n screens.
Page 306
7) Execute the following command to change the Tx Power range which is automatically set by DPC. The default minimum is 3 and the default maximum is 30 for both 80211a and 80211b. WEC8500/configure/rrm/80211a/dpc# txPower min [value] max [value] 8) Check the settings using the ‘show rrm config-summary’ command. Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration>...
Page 307
WEC8050 / WEC8500 Operation Manual Version 7.1 7.4.3 DCS Configuration This section describes the setting options of the DCS function which automatically sets the channel of the AP. Configuration using CLI 1) Go to configure rrm configuration mode of CLI.
Page 308
4, end time 5. If both start time and end time are set to the same time, Anchor Run function is disabled. WEC8500/configure/rrm/80211a/dcs# anchor-time start [value] end [value] 9) Execute the following command to change the channels that is automatically set by the DCS.
Page 309
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Radio> <802.11a/n/ac> or <802.11b/g/n> <RRM> menu in the sub-menus. Enable or disable the DCS in the SERVICE field in Dynamic Channel Selection.
Page 310
WEC8050 / WEC8500 Operation Manual Version 7.1 WEC8500/configure/rrm/80211a/chdc# statsCollectEnable Success: DBI set for DPC 11A Stats collect Enable : 1 5) If a coverage hole is estimated from the statistics for the pre-alarm function, a warning can be transmitted. After entering into the chdc configuration mode, complete configuration (statsWarningEnable).
Page 311
WEC8050 / WEC8500 Operation Manual Version 7.1 10) Configure a value that requests an interval to an AP to collect statistics for the pre- alarm function. The default is 120 seconds and it can be 30~3600 seconds. WEC8500/configure/rrm/80211a/chdc# statsCollectInterval 60...
Page 313
WEC8050 / WEC8500 Operation Manual Version 7.1 7.4.5 Sleeping Cell Detection This is a function that allows the APC to detect the statuses of APs that are not performing basic functions and transmit an alarm/warning. Configuration using CLI 1) Enable/Disable: Configure whether the silent alarm detection function will be performed.
Page 316
WEC8050 / WEC8500 Operation Manual Version 7.1 7.4.6 Energy Saving Groups The purpose is to reduce the power consumption of the APC by turning off the RF radios of APs without any connected STA at a specific time when the number of STAs connected to the APC drops drastically.
Page 317
WEC8050 / WEC8500 Operation Manual Version 7.1 6) DEL-AP: Delete AP members from the energy saving group. WEC8500/configure/rrm/energy-saving-group 1# del-ap Configuration using Web UI From the menu bar of <WEC Main Window>, select <Configuration> and then select <Radio> <Advanced> <Energy Saving Groups> <GROUP NAME> in the submenus.
Page 318
WEC8050 / WEC8500 Operation Manual Version 7.1 Up to 20 groups can be designated (Same as WEC8500/WEC8050). Energy Saving Auto Classification is not a method under which the operator configures a standby group but a method under which the system automatically classifies an energy saving group by using the analysis of each AP.
Page 319
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select <Radio> <Advanced> <Energy Saving> <Automatic Classification> menus in the sub-menus. page 319 of 673...
Page 320
WEC8050 / WEC8500 Operation Manual Version 7.1 Location Tracking The APC tracks the location information of several terminals in a wireless LAN network based on the wireless data collected from Wireless Enterprise wireless LAN APs. To configure the location tracking function, execute the command as follows: 7.5.1...
Page 321
WEC8050 / WEC8500 Operation Manual Version 7.1 3) The scanning interval for location tracking can be configured using the following command. scan-report-intv[NUM] Parameter Description NUM (range: 5-3600) default: 10 4) To check the configuration information, execute the following command.
Page 322
WEC8050 / WEC8500 Operation Manual Version 7.1 Spectrum Analysis A non-802.11 device such as a microwave oven, bluetooth, or Closed Circuit Television (CCTV), etc. deteriorates data transmitting/receiving performance because it causes interference in a wireless LAN environment. As a function that measures surrounding interference, the spectrum analysis analyzes wireless or Radio Frequency (RF) signals to resolve interference problem instantly.
Page 323
WEC8050 / WEC8500 Operation Manual Version 7.1 Operational Status....... Up Map Location........Channel Information: Channel Interval........2000 ms Channel........... 1 2 3 4 5 6 7 8 9 10 11 12 13 Channel ID........... 1 ----------------------------- Num Maximum RSSI Average RSSI...
Page 324
WEC8050 / WEC8500 Operation Manual Version 7.1 IP Address........100.100.100.220 Mode..........General Operational Status....... Up Map Location........Affected Channels: Channel Interval......... 2000 ms Channel.......... 1 2 3 4 5 6 7 8 9 10 11 12 13 Real Time Duty Cycle Report:...
Page 325
WEC8050 / WEC8500 Operation Manual Version 7.1 802.11bgn Video Camera......Enabled ZigBee........... Enabled 802.11an Continuous Transmitter....Enabled 802.11an DECT-like Phone......Enabled 802.11an Video Camera......Enabled Real Time Interference Report: Number of Interferers......... 1 Num Evoke Time Interferer Type RSSI Minimum Frequency Maximum...
Page 326
WEC8050 / WEC8500 Operation Manual Version 7.1 [Enable/Disable Spectrum] The command that enables or disables the spectrum analysis function is shown below. service [MODE] Parameter Description MODE Enables or disables spectrum analysis - enable: Enable (default) - disable: Disable [Spectrum Analysis Report Configuration] The command used to enable or disable each spectrum analysis data item is shown below.
Page 327
WEC8050 / WEC8500 Operation Manual Version 7.1 7.6.3 Interference Type Configuration The interference type of 2.4 GHz or 5 GHz that can be detected by the Wireless Enterprise wireless LAN is shown below. Wireless bandwidth Interference type 2.4 GHz continuous_transmitter, cordless_phone, video_camera...
Page 328
WEC8050 / WEC8500 Operation Manual Version 7.1 Controlling Usage per User A wireless terminal can control traffic usage per user by receiving a QoS profile that specifies traffic usage (bandwidth) from the RADIUS server at the authentication stage. You can configure upward and downward usage per wireless terminal.
Page 329
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <QoS> menu in the sub-menus. To create a QoS profile to apply to a terminal, click the <Add>...
Page 330
WEC8050 / WEC8500 Operation Manual Version 7.1 Remote Packet Capture APC can capture a packet exchanged between the wireless terminals on a remote PC in real-time by using the remote packet capture protocol. To configure the remote packet capture function, you must go to the pcap mode by...
Page 331
WEC8050 / WEC8500 Operation Manual Version 7.1 Starting Service You must start the remote packet capture service to connect to a device using a program that supports the remote packet capture protocol on a remote PC. The related commands are given below.
Page 332
[Cluster Setting] To use the clustering function, you must configure each APC according to the following procedure. Maximum 12 WEC8500 can be grouped in a cluster. Maximum 2 WEC8050 can be grouped in a cluster. 1) Go to the configure mode of the CLI.
Page 333
WEC8050 / WEC8500 Operation Manual Version 7.1 ENABLE : YES OWN-APC-INDEX ======================================================== [Adding APC to APC List] To add an APC to the cluster, the APC must be added to the APC list first. APC information is automatically added to the APC list.
Page 334
WEC8050 / WEC8500 Operation Manual Version 7.1 [Deleting APC from cluster] Delete the APC added in cluster. To delete an APC from a cluster, you must delete the APC from the cluster configuration of all the APCs in the cluster.
Page 335
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Mobility Management> <Clustering> menu in the sub-menus. The Clustering window is shown below. Figure 167. Clustering window Configure a clustering configuration value in the <Information>...
Page 336
WEC8050 / WEC8500 Operation Manual Version 7.1 7.10 Limiting the Number of Connected Users The Wireless Enterprise wireless LAN system limits the number of wireless terminals connected to each AP. The limitation is per radio (2.4/5 GHz bandwidth) or WLAN for each AP.
Page 337
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI [Configures per Radio] In the menu bar of <WEC Main window>, select <Configuration> and then select the <Radio> <802.11a/n> or <802.11b/g/n> <General> menu in the sub-menus. Figure 169. Configuring connection limitation per radio After configuring MAX CLIENT COUNTS, click the <Apply>...
Page 338
WEC8050 / WEC8500 Operation Manual Version 7.1 7.10.2 Connection Limitation per WLAN Configuration using CLI To configure connection limitation per WLAN, execute the command as follows: 1) Go to configure wlan configuration mode of CLI. APC# configure terminal APC/configure# wlan 1 APC/configure/wlan 1# 2) Disable the WLAN.
Page 340
WEC8050 / WEC8500 Operation Manual Version 7.1 7.11 Voice Statistics and Communication Failure Detection Because APC provides voice statistics and the WLAN-based communication failure detection function, you can easily know communication failure reason. 7.11.1 Voice Statistics Function It provides the number of successful voice communication and call time.
Page 342
WEC8050 / WEC8500 Operation Manual Version 7.1 7.11.2 Detecting WLAN-based Communication Failure You can configure whether to detect WLAN-based communication failure. Configuration using CLI 1) Go to the configure mode of the CLI. APC# configure terminal APC/configure# 2) Enable or disable communication failure detection.
Page 343
WEC8050 / WEC8500 Operation Manual Version 7.1 7.12 Voice Signal and Media Monitoring For voice call fault analysis, the APC provides VoIP wireless terminal, call information, event and RTP media voice quality statistics. 7.12.1 Checking Voice Related Wireless Information Configuration using CLI Execute the following command to check voice related fault analysis statistics.
Page 344
WEC8050 / WEC8500 Operation Manual Version 7.1 3) Check the information of a completed call. WEC8500# show voice complete-call summary CONN Start Time SSID MAC Address Tel-no IPv4 Address Port Rat MOS LQ/CQ/PQ Pkt Cnt ==== ==================== ==== ==== =============== === ==============...
Page 346
WEC8050 / WEC8500 Operation Manual Version 7.1 WLAN (A_toanyone_1) Voice Statistis ------ ------ ------- ------ ----- --- ------ ------ --- ------ ------ Type Total Success Failed Active UpstreamTime Downstream Calls Call Call Call MOS Jitter Delay MOS Jitter Delay ------ ------ ----- ------ ------ --- ------ ------ --- ------ ------ Total 2 0.0...
Page 347
WEC8050 / WEC8500 Operation Manual Version 7.1 Model Name OS Version Build Version ---- -------------------- -------------------- -------------------- SHV-E160S 4.0.4 VH29 SHV-E210S E210SKSUGND1 SHV-E300L 4.2.2 E300LKSANMH3 SHV-E330S E330SKSUBMK4 SHV-E250S E250SKSUENC3 SHV-E300S 4.2.2 E300SKSANMH3 SHV-E160S 4.1.2 E160SKSJMJ1 SHW-M250S 4.1.2 M250SKSJMJ1 SHW-M440S M440SKSUGNK2 SHV-E120S 4.1.2...
Page 348
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Check the connection status of an active call. In the menu bar of <WEC Main window>, select <Monitor> and then select the <VoIP Call> <Active Calls>menu in the sub-menus. Figure 176. Active Call Retrieval Screen 3) Check the information of a completed call.
Page 351
Execute the following command to check the voice related quality analysis (Voice Quality Monitoring) information. 1) Operator can check the voice quality analysis information of a wireless terminal that has an active call. WEC8500# show voice vqm current-stats brief ======================================================== [CONN-740 Start Time=2013/7/19.14:47:27, Duration=47 sec(s) Call-ID[f03c77b50564418855587192e12b889d <-> ca371fce-6e10-401a- 9a4e-dd53678804c6@ug1.scm.com] Session id :0...
Page 353
Upload Fail Count = 0 Requested Count = 1141 WEC8500# 4) Operator can check the alarm information that occurs during call. WEC8500# show voice vqm alarms brief ======================================================== VQM ActiveRfactor/ActivePktLoss/ActivePktDly/ActiveMos = 1/1/1/1 VQM QualityThresh/LossThresh/DelayThresh/MOSThresh = 50/50/195/35 ALARMS REPORTED : Src Call Id = f03c77b50564418855587192e12b889d Dst Call Id = ca371fce-6e10-401a-9a4e-dd53678804c6@ug1.scm.com Session = 0...
Page 354
WEC8050 / WEC8500 Operation Manual Version 7.1 7.13 Multicast Stream Admission Control The multicast stream admission control is provided to protect the currently running multicast streams from new streams that flow into the wireless LAN. When the maximum allowed usage of streams or channels per radio is reached, the APC does not allow any additional streams.
Page 355
WEC8050 / WEC8500 Operation Manual Version 7.1 4) Set the maximum allowed usage of channels. max-chan-util [VALUE] Parameter Description VALUE Maximum allowed usage of channels 5) Configure the number of marginal streams with consideration for handover. reserved-ho-streams [VALUE]...
Page 356
WEC8050 / WEC8500 Operation Manual Version 7.1 After configuring the items below in the Multicast Stream Admission Control, click the <Apply> button. ADMISSION CONTROL: Configure the CAC function METHOD: Select the method of admission control MAX STREAMS: Maximum allowed number of streams (range: 1-20) ...
Page 357
WEC8050 / WEC8500 Operation Manual Version 7.1 7.14 Wi-Fi Band Steering This is a function of leading a UE which supports the Dual Band (2.4/5.0 GHz) to be connected to 2.4 GHz or 5.0 GHz to secure more stabilized performance if many resources are used in a specific radio.
Page 358
WEC8050 / WEC8500 Operation Manual Version 7.1 4) Add an entry to the dual band station database. band-steering add-station [MAC] Parameter Description Station MAC Address WEC8500/configure/wlan 1# band-steering add-station 00:00:00:00:00:01 WLAN(1): add station(00:00:00:00:00:01), prefer a band(5-GHz) are set 5) Delete an entry from the dual band station database.
Page 360
WEC8050 / WEC8500 Operation Manual Version 7.1 7.15 Wi-Fi Load Balancing The load balancing function in the AP Controller is a function of load balancing by transferring the message that the connections to wireless stations among APs have been permitted or cannot be permitted based on the set threshold value and then controlling the number of stations connected to APs.
Page 361
WEC8050 / WEC8500 Operation Manual Version 7.1 WEC8500/configure/wlan 1# load-balancing threshold_station 100 Wi-Fi Load Balancing threshold: 100 stations 4) Configure the maximum denial count value. load-balancing denial_count [VALUE] Parameter Description VALUE 1-10 (2 by default) WEC8500/configure/wlan 1# load-balancing denial_count 4...
Page 362
WEC8050 / WEC8500 Operation Manual Version 7.1 7.16 Station-based Adaptive Load Balancing Station-based Adaptive Load Balancing performs load balancing based on the number of stations and RSSI in an individual radio unit of the AP group. Configuring Basic Function and Setting Load Balancing Parameters of AP Group are available and the settings of the load balancing parameters in individual APs are available to apply a different value set only for a specific AP.
Page 363
WEC8050 / WEC8500 Operation Manual Version 7.1 6) To calibrate the RSSI value depending on types of stations, the calibration value must be set. calibration mobile [NUMBER] calibration pc [NUMBER] calibration others [NUMBER] Parameter Description NUMBER RSSI calibration value (-dbm)
Page 364
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description NUMBER Interval for performing load balancing (sec) 5) Set the station threshold to perform the Load Balancing function. threshold [NUMBER] Parameter Description NUMBER Station threshold as the standard for the performance of load balancing 6) Set the time of blocking the reconnection after the load of the station is now balanced.
Page 365
WEC8050 / WEC8500 Operation Manual Version 7.1 7.16.3 Setting AP Parameters Station-based Adaptive Load Balancing operates as the default value of the setting of the AP group but it is possible to set other parameter value to an individual AP. Because it operates in a radio unit, the parameters to change must be set to the individual radio of the corresponding AP must be set.
Page 366
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description NUMBER Reconnection limit time (0~100 sec.) 7) To lead the station which performs load balancing to connect to a specific AP, set the probe response limit time to other APs. ...
Page 367
WEC8050 / WEC8500 Operation Manual Version 7.1 CHAPTER 8. Security The Wireless Enterprise wireless LAN system supports security functions, required in a wire/wireless network environment, such as RADIUS server interoperation function, system user management, guest connection service, unauthorized AP/terminal detection and simple blocking function, firewall, access control (ACL), etc.
Page 368
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description IP_ADDRESS The IP address of a RADIUS server 3) Configure the key of a RADIUS server. WEC8500/configure/security/radius 1# secret [KEY_TYPE] [KEY_STRING] Parameter Description KEY_TYPE RADIUS server key input format - ASCII: ASCII character string...
Page 369
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description RETRY_INTERVAL Retransmission interval for a RADIUS message (unit: seconds, range: 1-60, default value: 2) RETRY_COUNT Maximum retransmission count of a RADIUS message (range: 1-20, default value: 10) FO_RETRY_COUNT Maximum retransmission count of a RADIUS message before...
Page 370
WEC8050 / WEC8500 Operation Manual Version 7.1 Item Description - Auth: Performs authentication - Acct: Performs accounting - Auth/Acct: Performs authentication and accounting IP ADDRESS IP address of the RADIUS server SHARED SECRET FORMAT Key input format for communications with the RADIUS server...
Page 371
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description PW_TYPE Password type (default value: mac) - mac: MAC address of the device. Note: it must be a string whose type must be the same as that of the MAC string which is used as a...
Page 372
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select <Security> <AAA> <RADIUS> menus in the sub-menus. After selecting a RADIUS server to configure, configure the MAC authentication item.
Page 373
RADIUS server. To use the internal RADIUS server, operator can add, delete, or edit a user (WEC8500: maximum 2048 users, WEC8050: maximum 512 users). Configuration using CLI To configure a local network user related function, enter into the ‘radiuscm’ of configure mode by executing the following command.
Page 374
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description - Korean is not allowed. - Special characters ‘, *, ?, \, ; cannot be used. department Division information - Character varying (1-63) - OPTIONAL - Korean is not allowed. - Special characters ‘, *, ?, \, ; cannot be used.
Page 375
WEC8050 / WEC8500 Operation Manual Version 7.1 [Importing User] To import the Local Net Users list file, execute the following command. Import-local-userdb {filename} Parameter Description Filename File to import - CSV file format - Filename (1-512) [Exporting User] To export the Local Net Users list file, execute the following command.
Page 376
WEC8050 / WEC8500 Operation Manual Version 7.1 To add a user, click the <Add> button. 1) Enter an item according to each parameter description, and click the <Apply> button. ID: ID of a user to add PASSWORD: User’s initial password ...
Page 377
WEC8050 / WEC8500 Operation Manual Version 7.1 Unauthorized AP/Terminal Detection and Blocking As the security function, the Wireless Enterprise wireless LAN device provides the detection service for an unauthorized AP using the Wireless Intrusion Detection System (WIDS)/WIPS function. This function detects any AP that is illegally installed without an administrator’s approval and also any wireless terminals connected to the AP.
Page 378
WEC8050 / WEC8500 Operation Manual Version 7.1 8.2.2 Detection The Wireless Enterprise wireless LAN system detects all the packets in a wireless LAN network, classifies unauthorized APs and wireless terminals, and creates related alarms and logs. The detected unauthorized APs are classified as follows according to the configured classification policy.
Page 379
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description SSID_NAME is classified as a friendly type unauthorized AP.) SSID_NAME SSID that is used when the SSID_TYPE is entered as user-configured-ssid 3) To check the configured information, use the ‘show wids device rule managed’...
Page 380
WEC8050 / WEC8500 Operation Manual Version 7.1 8.2.2.2 Configuring the unmanaged AP classification policy To configure the unmanaged type unauthorized AP classification policy, execute the command as follows: Configuration using CLI 1) Go to configure wi device configuration mode of CLI.
Page 381
WEC8050 / WEC8500 Operation Manual Version 7.1 3) To check the configured information, use the ‘show wids device rule unmanaged’ command. Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Wireless Intrusion> <Policy> <User Defined Rule> menu in the sub-menus. And then, select <Unmanaged>...
Page 382
WEC8050 / WEC8500 Operation Manual Version 7.1 8.2.2.3 Manual configuration (Move) A user can change the classification of an unauthorized AP that is detected by the WI or that is classified according to the rule configured by a user. Configuration using CLI 1) Go to configure ...
Page 383
WEC8050 / WEC8500 Operation Manual Version 7.1 1) In the AP list screen, go to the detail view screen by clicking a MAC address. Figure 188. List Window to Manually Change Classification 2) In the AP detail screen, change the classification and click Apply, then the configuration is changed.
Page 384
WEC8050 / WEC8500 Operation Manual Version 7.1 8.2.2.4 Manual configuration (Remove) A user can manually change the status of an unauthorized AP to ‘Removed’, that is detected by the WIDS or that is classified according to the rule configured by a user.
Page 386
WEC8050 / WEC8500 Operation Manual Version 7.1 2) If you change the setting of REMOVE MANUALLY to ‘On’ in the AP detail screen and click Apply, the AP status is changed to ‘Removed’. Figure 191. Manual Remove Change Window in AP Detail Screen 8.2.2.5...
Page 387
WEC8050 / WEC8500 Operation Manual Version 7.1 The description of OPTION parameter is as follows: Parameter Description ap-blacklist-check Allocates Rogue ID = 101 by checking a rogue included in the black list. managed_ssid_invalid_security Allocates Rogue ID = 102 for an AP that uses a managed SSID and its managed client is in the association status.
Page 388
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 192. Configuration Window for Unauthorized AP Detection Option 8.2.2.6 Unauthorized client detection option Operator can enable or disable the client detection option pre-defined in the system. Configuration using CLI 1) Go to configure wi device client configuration mode.
Page 389
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description threshold as an unauthorized client. auth-request-det Classifies a client that exceeds the authentication request threshold as an unauthorized client. deauth-request-det Classifies a client that exceeds the de-authentication request threshold as an unauthorized client.
Page 390
WEC8050 / WEC8500 Operation Manual Version 7.1 8.2.2.7 Unauthorized Channel Validation Configuration The unauthorized channel validation function helps an operator detect an AP that uses an unauthorized channel other than configured channels. The configuration procedure is as follows: Configuration using CLI 1) Go to configure ...
Page 391
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 194. Configuration Window for Channel Validation 8.2.2.8 Configuring and Searching Black/White List Operator can configure classification to distinguish authorized and unauthorized APs/stations. The administrator configurable lists include <AP black-list, Station black-list, Managed OUI, Managed/Neighbor AP>. The <Managed AP, Managed Station, Managed SSID>...
Page 392
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description First 3 bytes of station MAC address 5) Configure the Managed/Neighbor AP. Managed [MAC] [TYPE] Parameter Description AP MAC address of Managed/Neighbor AP TYPE - Managed: Indicates that the address is located internally...
Page 393
WEC8050 / WEC8500 Operation Manual Version 7.1 2) In the [Managed AP] tab, operator can search for a Managed AP. Figure 196. Managed AP Window 3) In the [Station Blacklist] tab, operator can add a station blacklist by entering a MAC and click Add.
Page 394
WEC8050 / WEC8500 Operation Manual Version 7.1 4) In the [Managed Station] tab, operator can search Managed Station. Figure 198. Managed Station Search Window 5) In the [Managed OUI] tab, operator can add a Managed OUI by entering an OUI and click Add.
Page 395
WEC8050 / WEC8500 Operation Manual Version 7.1 6) In the [Managed SSID] tab, you can check the SSID that the WLAN is using. Figure 199. Managed SSID Window 7) If you click Add in the [Managed/Neighbor AP] tab, operator can go to the Managed/ Neighbor AP list addition screen and can add a Managed/Neighbor AP list.
Page 396
WEC8050 / WEC8500 Operation Manual Version 7.1 Managed/Neighbor AP list addition screen Figure 201. Managed/Neighbor AP List Addition Window 8.2.2.9 Station Allow Limit The WIDS counts the number of frames and number of authentication failures to distinguish a station that generates too many management frames in a network or that is continuously failed for authentication.
Page 397
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Wireless Intrusion> <Station Allow Limit> menu in the sub-menus. And then, enter a threshold value and click Apply to configure the value in the screen.
Page 398
WEC8050 / WEC8500 Operation Manual Version 7.1 8.2.3 Enabling Blocking Function The setting of enabling the blocking function is as follows: Configuration using CLI 1) Go to the configure mode of the CLI. WEC8500# configure terminal 2) Enable the blocking function.
Page 399
WEC8050 / WEC8500 Operation Manual Version 7.1 8.2.4.1 Configuring Manual Blocking To configure manual blocking, execute the command as follows: Configuration using CLI 1) Go to configure wids containment configuration mode of CLI. WEC8500# configure terminal WEC8500/configure# wids...
Page 400
WEC8050 / WEC8500 Operation Manual Version 7.1 2) After selecting a station in the station list, possible to block by using the containment. Figure 205. List Window for Blocking Station 8.2.4.2 Configuring Automatic Blocking To configure automatic blocking, execute the command as follows: Configuration using CLI 1) Go to configure ...
Page 401
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description unmanaged-ap-uses-managed- If the honeypot is detected, it is automatically blocked. ssid unmanaged-ap If the unmanaged AP is detected, it is automatically blocked. 3) To check the configuration of automatic blocking, it is possible to use the following command: ...
Page 402
WEC8050 / WEC8500 Operation Manual Version 7.1 Captive Portal The Wireless Enterprise WLAN system provides the Captive Portal function. A Web Certified user can receive a normal service after connected to a specific WLAN (SSID) and going through user authentication.
Page 403
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select <Security> <AAA> <Local Net Users> <Web Authentication Users> menus in the sub-menus. Figure 207. Web Certification User Configuration Window The operator can check and delete a Web Certification User created in the <Web...
Page 404
WEC8500/configure# fqm-mode 2) Configure an access list. WEC8500/configure/fqm-mode# WEC8500/configure/fqm-mode# access-list ip guest_acl permit seq 1 udp any eq * any eq 53 os-aware * WEC8500/configure/fqm-mode# access-list ip guest_acl permit seq 2 tcp 192.168.20.10 255.255.255.255 eq 80 any eq * os-aware * WEC8500/configure/fqm-mode# access-list ip guest_acl permit seq 3 tcp any eq * 192.168.20.10 255.255.255.255 eq 80 os-aware *...
Page 406
WEC8050 / WEC8500 Operation Manual Version 7.1 8.3.3 Configuring Web Authentication To provide the web authentication service, the security L3 item of the WLAN and the web authentication of the captive portal must be configured. Configuration using CLI [WLAN Configuration] To configure web authentication in the WLAN, execute the command as follows: 1) Go to configure ...
Page 408
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <WLANs> menu in the sub-menus. Select a WLAN ID in the WLANs screen and go to <L3>...
Page 409
WEC8050 / WEC8500 Operation Manual Version 7.1 8.3.4 Configuring Web Authentication on MAC Authentication Failure To provide the service of Web Authentication on MAC Authentication Failure, the MAC Authentication of security L2 of the WLAN must be enabled and the web policy of L3 and the web authentication of the captive portal must be configured.
Page 410
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <WLANs> menu in the sub-menus. In the WLANs screen, select WLAN ID and go to the <L2> of the <Security> tab.Enable <MAC AUTHENTICATION>.
Page 411
WEC8050 / WEC8500 Operation Manual Version 7.1 8.3.5 Configuring Web Pass-through The APC provides the web pass-through function to move to a specific address all the time when the user uses the web. Configuration using CLI [WLAN Configuration] To configure web pass-through in the WLAN, execute the command as follows: 1) Go to configure ...
Page 412
WEC8050 / WEC8500 Operation Manual Version 7.1 6) The configuration can be checked using the ‘show wlan security detail’ command. WEC8500# show wlan security detail 1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <WLANs>...
Page 413
WEC8050 / WEC8500 Operation Manual Version 7.1 8.3.6 Configuring One Time Redirection To provide the One Time Redirection service, the security L3 of the WLAN must be configured. Configuration using CLI [WLAN Configuration] To configure one time redirection in the WLAN, execute the command as follows: 1) Go to configure ...
Page 414
WEC8050 / WEC8500 Operation Manual Version 7.1 6) To check the configuration, use the ‘show wlan security detail’ command. WEC8500# show wlan security detail 1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <WLANs>...
Page 415
WEC8050 / WEC8500 Operation Manual Version 7.1 8.3.7 Redirection Address Format The Captive Portal attempts at first redirection for the request of the web service of the station. The redirection address transmitted by the station in the APC to perform redirection is...
Page 416
WEC8050 / WEC8500 Operation Manual Version 7.1 WEB PAGE TYPE Description Customized Editing internal web pages Logo, Header, Body, Footer, etc. can be edited on internal web pages. After enabling the GUEST SELF REGISTRATION option in Customized, the user only needs to enter the name, email, etc. to access the Internet service.
Page 417
1) Go to the configure mode of the CLI. WEC8500# configure terminal 2) Create an access-list. WEC8500/configure# access-list fw fw4 deny tcp any any eq 23 3) Configure a firewall to the interface using an access-list. WEC8500/configure# interface vlan1.10 WEC8500/configure/interface vlan1.10# ip access-group fw forward fw4 WEC8500/configure/interface vlan1.10# exit...
Page 418
WEC8050 / WEC8500 Operation Manual Version 7.1 In the menu bar of <WEC Main window>, select <Configuration> and then select the <Security> <Firewall> <Interface> menu in the sub-menus. You can configure an interface for which a firewall will be applied by clicking the <Add>...
Page 421
WEC8500/configure/interface vlan1.30#ip nat outside WEC8500/configure/interface vlan1.30#exit 3) Configure a NAT rule using a static IP (A port can be also specified for DNAT). WEC8500/configure# ip nat outside destination static tcp 10.10.10.1 4300 30.30.30.2 23 [Checking NAT Configuration] To check the created NAT, use the following command.
Page 422
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Click the <Add> button in the Translation Rule window and configure the Translation Rule. Select NAT TYPE as either SNAT or DANT. Select STATIC checkbox to configure Static and configure the values of Original IP Addr: Port and Translated IP Addr: Port.
Page 423
WEC8050 / WEC8500 Operation Manual Version 7.1 MAC Filter The Wireless Enterprise wireless LAN system provides the MAC filter function. A user may experience connection restriction due to MAC filtering when connecting to a specific WLAN (SSID). Configuration using CLI...
Page 425
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description MAC_FILTER_ID MAC FILTER ID (range: 1-20) 6) You can check the configured information below. show security mac-filter summary WEC8500# show security mac-filter detail Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <Security>...
Page 426
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Configure the policy in the Edit configuration screen by selecting the index of MAC filter list. Figure 223. MAC entry configuration(2) 3) Select a WLAN for which the MAC filter will be applied. Check a MAC FILTER ID to apply in the Security >...
Page 427
WEC8050 / WEC8500 Operation Manual Version 7.1 Operator Authentication through Interoperation with TACACS+ Server A Wireless Enterprise wireless LAN system provides an operator authentication function by interoperating with an external TACACS+ server. 8.6.1 Configuring External TACACS+ Server A Wireless Enterprise wireless LAN system provides an operator authentication function by interoperating with an external TACACS+ server and the procedure detailed below is carried out for interoperation with a TACACS+ server.
Page 428
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description PORT_NUMBER Port number of the TACACS+ server (range: 1-65,535, default value: 49) 5) Configure the items related to retransmissions in TACACS+ communications. You can use default values without changing configuration. WEC8500/configure/security/tacacs 1# retransmit-interval...
Page 429
WEC8050 / WEC8500 Operation Manual Version 7.1 9) You can view configuration information by using the ‘show security tacacs server config’ and ‘show security tacacs server detail [SERVER ID]’ commands. Configuration using Web UI In the menu bar of <WEC Main Window>, select <Configuration>, and then select <Security>...
Page 430
WEC8050 / WEC8500 Operation Manual Version 7.1 8.6.2 Configuring Authentication Type of Operator Account The steps for configuring the authentication type of the operator account are as follows: Configuration using CLI 1) Go to the configure mode of the CLI.
Page 431
WEC8050 / WEC8500 Operation Manual Version 7.1 Role Based Access Control The Wireless Enterprise WLAN system can manage the user's access authority depending on a designated role. It can designate ACL, limit the bandwidth, designate the interface, or manage redirecting URL, etc.
Page 432
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI Configuration > Security > Role Based Access Control > Role Profile Example: Figure 227. Role Profile Configuration Figure 228. Role Profile Add Configuration 8.7.2 Configuring Derivation Profile The Wireless Enterprise WLAN system can edit conditions to allocate roles and manage by profile.
12 user start-with derivation role role_2 condition priority 13 user contain vation role role_3 condition priority 14 user end-with User role role_4 condition priority 15 user not-equal samsung role role_5 Configuration using Web UI Configuration > Security > Role Based Access Control > Derivation Profile Example: Figure 229.
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 231. Derivation Profile Configuration Figure 232. Derivation Profile Add Configuration 8.7.2.2 WLAN Configuration The method for configuring a derivation profile in the WLAN is as follows: Configuration using CLI Example: WEC8500# configure terminal...
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration > WLANs > Security > L3 Example: Figure 234. Wlan Derivation Profile Configuration 8.7.3 Configuring ACL Profile The Wireless Enterprise WLAN system can manage ACL to apply to a user if the AP of the remote group operates as local bridge.
WEC8050 / WEC8500 Operation Manual Version 7.1 Figure 236. Acl Profile Add Configuration Figure 237. Acl Profile Edit Configuration 8.7.3.2 Remote Ap Group Configuration The method for configuring the ACL profile to the remote AP group is as follows: Configuration using CLI...
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI Configuration > AP Groups > Remote AP Group > ACL Profile Change the configuration of the ACL PROFILE NAME and then press Apply. After that, press Send To APs to transmit the ACL profile and the relevant settings to APs.
Page 440
WEC8050 / WEC8500 Operation Manual Version 7.1 8.7.4 Configuration Synchronization (Remote AP Group) The Wireless Enterprise WLAN system provides a function of synchronizing the configuration of the AP of the remote group and ACL if the AP of the remote group operates as a local bridge.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI Configuration > Security > Role Based Access Control > ACL Profile ‘Send To APs’ Figure 239. ACL Configuration Synchronization - All Configuration > AP Groups > Remote AP Group > ACL Profile ...
Page 443
WEC8050 / WEC8500 Operation Manual Version 7.1 External BYOD Server The Wireless Enterprise WLAN system provides a function of interoperating with the external BYOD server. To use the BYOD function, a separate BYOD server is necessary. Employees and guest users can receive a service after being connected to a specific WLAN (SSID) and going through authentication.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select <Security> <AAA> <External BYOD Server> in the sub-menus. Figure 242. External BYOD Server Configuration Window 1) Service Enable the function of interoperating with the external BYOD server.
Page 445
WEC8500# configure terminal WEC8500/configure# fqm-mode WEC8500/configure/fqm-mode # access-list ip preauth permit seq 1 udp any eq * any eq 53 os-aware * WEC8500/configure/fqm-mode # access-list ip preauth permit seq 2 tcp 192.168.20.10 255.255.255.255 eq 80 any eq * os-aware * WEC8500/configure/fqm-mode # access-list ip preauth permit seq 3 tcp any eq * 192.168.20.10 255.255.255.255 eq 80 os-aware *...
Page 446
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI 1) Configuring PreAuthentication ACL PRE-AUTH ACL must have the basic permit rules for the HTTP port to DNS and web servers. 2) Configuring WLAN To use the Captive Portal function, enable a web policy in Security of WLAN > L3 tab and select Web Authentication.
Page 447
WEC8050 / WEC8500 Operation Manual Version 7.1 CHAPTER 9. IP Application In this chapter, the IP application functions available in the APC and each configuration method are described. DNS is a network service that interprets a domain or host name into an IP address.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <DNS> menu in the sub-menus. Figure 243. DNS client You can enable or disable a DNS client using the QUERY of a DNS SERVER item.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <DNS> menu in the sub-menus. Figure 244. DNS proxy The DNS Relay item supports DNS Proxy configuration. In the SERVICE, you can enable or disable a DNS proxy and configure the cache size of the DNS proxy in the CACHING SIZE.
Page 450
WEC8050 / WEC8500 Operation Manual Version 7.1 The Network Time Protocol (NTP) is a protocol used to receive time from a configured server and synchronize the local time. The APC can operate as a NTP server and a client. If you configure the APC as a NTP client, it receives the Coordinated Universal Time (UTC) information from the configured NTP server and synchronizes the local time.
Page 451
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description INDEX Server index (range: 1-5) Configure the version of a server that a NTP client will refer to. (Use a default value 1 if it is not configured.) ntp client server-addr hostname <WORD> version [1-4]: Enable ...
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Configure a NTP server. ntp server enable: Configures a NTP server. no ntp server enable: Disables a NTP server. [Checking NTP Configuration Status] To check the status of a NTP client or server, enter the ‘show ntp’ command.
Page 453
WEC8050 / WEC8500 Operation Manual Version 7.1 FTP/sFTP The FTP is a network service for file transmission. The APC support the client and server function for FTP and sFTP (Secure FTP). Configuration using CLI [SFTP Server Configuration] The secure FTP server configuration is as follows: 1) Go to the configure mode of the CLI.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI To configure the FTP/SFTP server configuration, in the menu bar of <WEC Main window>, select <Administrator> and then select the <FTP-SFTP> menu in the sub- menus. Figure 246. FTP/SFTP server configuration The FTP and SFTP can be configured using the Enable/Disable radio box.
Page 456
WEC8050 / WEC8500 Operation Manual Version 7.1 Telnet/SSH The telnet or Secure Shell (SSH) is an Internet protocol that helps login to another computer in a network or connects to a virtual remote system. Using telnet or SSH, you can connect to another computer while staying at a current computer.
WEC8050 / WEC8500 Operation Manual Version 7.1 [Checking Server Configuration Status] To check the status of telnet or ssh server, enter the following command. You can retrieve the configured port number as well as server status. show ssh-server: Retrieves the status of SSH server ...
Page 458
WEC8050 / WEC8500 Operation Manual Version 7.1 Utilities The APC provides the functions such as ping, traceroute, or tcpdump to check a network and its problems. [ping] Used to check network connection status. ping [IP_ADDRESS] [traceroute] Used to check a route path.
Page 459
WEC8050 / WEC8500 Operation Manual Version 7.1 CHAPTER 10. System Management In this chapter, the various functions used by an operator to manage the system and troubleshooting method are described. In addition, the configurations required for system operation such as system configuration management, resource management, alarm management, and package management, etc.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Administrator> and then select the <SNMP> <Community> menu in the sub-menus. When you click the <Add> button in the Community window, the community creation window is displayed. When you enter a configuration value and click the <Apply>...
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Administrator> and then select the <SNMP> <Trap Receiver> menu in the sub-menus. When you click the <Add> button in the Trap Receiver window, the trap creation window is displayed.
Page 462
By using the ‘show system info’ command, you can check the system configuration information of the APC system such as version information, memory information, disk information, temperature sensor and fan status, etc. The execution results of the command in WEC8500 are as follows: WEC8500/configure# show system info -----------------------------------------------------...
Page 463
WEC8050 / WEC8500 Operation Manual Version 7.1 The execution results of the command in WEC8050 are as follows: WEC8050# show system info ----------------------------------------------------- Item System Info ----------------------------------------------------- System Info : model type WEC8050 system description Samsung AP Controller board version...
Page 464
For WEC8050: Parameter Description Fan [0]~[1] Fan operation status (OK, NOK) [Power Supply Status] The WEC8500 has dual detachable power module as shown below. Parameter Description Power Supply [0]~[1] Whether a power module is equipped (Equipped, Not Equipped) Status Power module operation status (OK, NOK) The WEC8050 has only one power module as shown below.
WEC8050 / WEC8500 Operation Manual Version 7.1 10.2.2 System Reboot There is a command that can reboot the system. Rebooting can be reserved and you can cancel or retrieve the reservation. Configuration using CLI Use the ‘reboot’ command to reboot the system.
Page 469
Retrieves system temperature (°C). The result of system status retrieval using each command is as follows: [CPU Load] The retrieving CLI execution result of WEC8500 is as follows: WEC8500# show system cpu Average CPU usage (%) control plane : 3.84...
Page 470
: 13520032 KBytes Used Disk 4338296 KBytes Free Disk 9181736 KBytes [Fan RPM Level] The retrieving CLI execution result of WEC8500 is as follows: WEC8500# show system fan FAN ID rpm Level(0-3) ------- -------------- FAN[0] 1 level FAN[1] 1 level...
Page 471
WEC8050 / WEC8500 Operation Manual Version 7.1 [System Temperature (°C)] The retrieving CLI execution result of WEC8500 is as follows: WEC8500# show system temp Sensor Location Temperature --------------- ----------- CPU sensor 1 CPU sensor 2 Board The retrieving CLI execution result of WEC8050 is as follows:...
Page 472
WEC8050 / WEC8500 Operation Manual Version 7.1 10.3.2 Retrieving and Configuring Threshold If each resource of the system exceeds its configured threshold, there occurs an alarm. The APC helps an operator check and configure each threshold. Configuration using CLI To check each threshold, use the below command.
Page 474
WEC8050 / WEC8500 Operation Manual Version 7.1 10.4 Managing Alarm and Event The system alarms and events are saved into a system log and transmitted to an external server according to the filtering policy. An alarm is managed in terms of occurrence and release and an event is managed in the report format.
2012-12-17 09:56:13 MAJ APC xe2 1301 NET Link dn AdminStatus[up] OperStatus[down] … To selectively retrieve a group or level, execute the command as follows: WEC8500# show alarm list group network 1 network 2012-12-17 09:56:13 MAJ APC ge8 1301 NET Link dn AdminStatus[up] OperStatus[down]...
Page 476
[Event History] You can retrieve event information using the following command. WEC8500# show event 1 system 2012-08-31 13:59:46 NOT APC MGMT User Login ID=samsung, IP=192.168.0.91 2 system 2012-08-31 13:48:33 NOT SWM:system Boot Complete - … An event is managed per group and you can retrieve it selectively using the following command.
Page 478
WEC8050 / WEC8500 Operation Manual Version 7.1 10.4.3 External Transmission Configuration All the alarms and events in the system are transmitted to outside through the SNMP trap and syslog. If the alarm filter information is configured, only filtered alarm is transmitted to an external management server.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Administrator> and then select the <SNMP> <Trap Control> <Alarm Information> menu in the sub-menus. You can retrieve the configuration related to alarm filter and alarm level.
Page 480
WEC8050 / WEC8500 Operation Manual Version 7.1 10.5 Managing Traffic Performance You can manage the traffic performance statistics information and accumulated data for the APC system and the interface of each AP. 10.5.1 Managing History Information When the traffic performance information management is enabled, the APC system creates history information at every 5 minute.
Page 481
WEC8050 / WEC8500 Operation Manual Version 7.1 Stopping information collection 1) Go to the configure mode of the CLI. WEC8500# configure terminal 2) ‘Disable’ the traffic performance information management. WEC8500/configure# no stats-report enable 3) To check the configured information, use the ‘show stats-report conf’ command.
Page 482
WEC8050 / WEC8500 Operation Manual Version 7.1 10.6 Managing License Key The Samsung Electronics Common License Method (SLM) is applied to Version 1.5 or newer of the APC system. Therefore, SLM licensing is applied to new websites that are installed using Version 1.5 or later.
Page 483
WEC8050 / WEC8500 Operation Manual Version 7.1 Installation Only two activation keys can be installed/registered in an APC system. If two unexpired activation keys co-exist, available services are offered as shown in the following example: (Example) - Activation Key 1: AP (100 units), VQM (Disable), Firewall (Disable)
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <License> menu in the sub-menus. In the figure below, the ‘SLM License Key Status’ shows the installation and application statuses of SLM activation keys.
Page 485
WEC8050 / WEC8500 Operation Manual Version 7.1 10.6.2 Managing Old License Key An old license key can differ in regard to the number of manageable APs, whether to support the VQM function, whether to support the firewall function, and the period of use of a function.
Page 486
WEC8050 / WEC8500 Operation Manual Version 7.1 Parameter Description LICENSE_KEY Issued license key IP_ADDRESS IP address PORT_NUMBER Port number login ID PASSWORD Password PATH Server path [Deleting License Key] You can delete a license key directly. no install-key [LICENSE_KEY]...
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select the <License> menu in the sub-menus. From the APC Version 1.5 and later, in respect of old license keys, the web UI does not provide input/deletion functions and shows only whether they are installed properly.
Page 488
3) Configure the IP address and UDP port of a target syslog server (The default of the UDP port is ‘514’.). WEC8500/configure# syslog add 192.168.0.91 WEC8500/configure# syslog add 192.168.0.99 udpport 510 4) Configure a log level to filter. WEC8500/configure# syslog level information 5) To check the configured syslog information, use the ‘show syslog conf’...
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Administrator> and then select the <Logs> <SysLog Configuration> menu in the sub-menus. It provides syslog related configuration and retrieving function.
Page 490
WEC8050 / WEC8500 Operation Manual Version 7.1 10.8 Upgrade The APC provides the upgrade function and version checking function that applies a new version of package when it is distributed. 10.8.1 Checking Package Version You can check the version of a current system by using the following command.
Page 491
2) Execute the ‘show system cpu detail’ an internal error command to check the CPU status. 3) Transmit the logs above to the Samsung Technical Support. 1) Execute the ‘show process status’ command Upgrade saving the configuration-...
WEC8050 / WEC8500 Operation Manual Version 7.1 4) After system rebooting, check if the new package is applied to the system. WEC8500# show reboot cause Reboot Cause: Block: Upgrade/ Code: Package Upgrade WEC8500# show version Samsung package version information Primary (currently running) : 0.7.1.R...
Page 493
WEC8050 / WEC8500 Operation Manual Version 7.1 10.9 Configuration Management The APC supports the following functions for configuration management. Saves the current configuration information. Exports/imports the current configuration information (import/export). Initializes system Configuration using CLI To save the current configuration information in the system, execute the command as...
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Administrator> and then select the <DB backup/restore> menu in the sub-menus. Figure 261. DB Backup/Restore In the DB backup/restore window, enter FILE NAME and click the <Apply> button to create the configuration information as a file or apply an external configuration information file.
Page 495
WEC8050 / WEC8500 Operation Manual Version 7.1 10.10 Configuration Synchronization For all APCs in an environment configured with multiple APCs to provide the same WLAN service, all their service-related settings, other than the individual network settings, must be identical. For this, the system provides a function for automatically synchronizing service-related configurations across multiple APCs.
Page 496
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Delete APCs from the Sync List. To delete all APCs from the Sync List, enter the ‘del- apc-all’ command. del-apc[INDEX] del-apc-all Parameter Description INDEX Index on the Sync List (range: 1-2) [Retrieving APC information registered on Sync List] You can check the APC information registered on the Sync List using the ‘show...
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI [Adding APC to APC List] Add APCs to synchronize to the APC list by referring to 'APC List Management'. [Synchronization Configuration] In the menu bar of <WEC Main window>, select <Configuration> and then select the <Configuration Synchronization>...
Page 498
WEC8050 / WEC8500 Operation Manual Version 7.1 Click the Sync button to retrieve the mismatching configuration information. The Mismatched count indicates the number of mismatching configurations. Click the count to view details. 2) Periodic retrieval of mismatching configuration information Monthly/weekly/daily audits can be performed for mismatching configuration information.
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Administrator> and then select the <DB backup/restore> menu in the sub-menus. Figure 264. DB Backup/Restore/Periodic-Upload Window In the DB backup/restore window, enter FILE NAME and click the <Apply> button to create the configuration information as a file or apply an external configuration information file.
Page 500
WEC8050 / WEC8500 Operation Manual Version 7.1 10.11 Debug and Diagnosis 10.11.1 Process The APC can retrieve the status of an active process in the system and an error associated with each process. Retrieving the Process Status WEC8500# show processes Processes Info.
Page 501
2522. 2012-12-21 15:59:50 guestService 2294 SIGTERM(15) In addition, you can check the detail information corresponding to the ‘id’ of each error log by using the following command. WEC8500# show processes log id 15 id date name signal backtrace...
Page 502
WEC8050 / WEC8500 Operation Manual Version 7.1 10.11.2 Retrieving Crash Information When a critical problem occurs in the system platform during operation, the APC saves important system information at that time to provide the crash information that can be used for post mortem analysis.
Page 503
WEC8050 / WEC8500 Operation Manual Version 7.1 If no parameter is entered, the most recent reboot information is retrieved. WEC8500# show debug reboot info ###################################################################### [REBOOT_SUMMARY]====================================================== : 0001 EVENT NAME : DIE EVENT DESC : DIE_VAL[1] - Unhandled kernel unaligned access...
Page 504
WEC8050 / WEC8500 Operation Manual Version 7.1 10.11.2.2 Retrieving Core Dump Information Use the ‘show debug coredump summary’ command to retrieve the status of core dump. WEC8500# show debug coredump summary CORE_DUMP enable DUMP_QUOTA 1024 (MB) CORE_SIZE 204800 (KB) POLL_PERIOD...
Page 505
WEC8050 / WEC8500 Operation Manual Version 7.1 10.12 File Management The APC provides the file management functions of copying, moving, or retrieving a file and also file download and upload. In addition, it checks the integrity of a package file and provides version retrieving method.
Page 506
WEC8050 / WEC8500 Operation Manual Version 7.1 To change a directory, use the ‘cd [TARGET_DIR]’ command. WEC8500/file# cd etc WEC8500/file# pwd disk:/etc Parameter Description TARGET_DIR Name of a directory to change 10.12.2 Retrieving Directory List To retrieve a file or directory in a specific directory, use the ‘ls’ command. If you enter only ‘ls’, all the contents in the current directory are displayed.
Page 507
WEC8050 / WEC8500 Operation Manual Version 7.1 10.12.3 Revising File To copy a file, use the ‘copy [SRC_FILENAME] [DES_FILENAME]’ command. The below command copies the ‘test’ file into ‘disk:/test2’. WEC8500/file# copy test disk:/test2 To delete a file, use the ‘remove [FILENAME]’ command. If you enter the below command and enter ‘y’, the ‘test2’...
Page 508
To download a file, use the ‘download’ command. An example of downloading the ‘test’ file from ‘192.168.1.1’ to ‘disk:/test’ is shown below. WEC8500/file# download guest guest 192.168.1.1 test disk:/test Following is example of file downloading ‘test’ file from ‘3ffe:500::862b:2bff:fe6d:2199’ to ‘disk:/test’.
Page 509
WEC8050 / WEC8500 Operation Manual Version 7.1 [Checking AP package file] WEC8500/file# verify package/ap/wea302.img Verify: success!! Retrieving the information of a package file A package file includes the information such as version information, model information, package build information, etc. To check the content of a package file, use the ‘version’...
Page 510
Version 7.1 10.12.7 Retrieving Storage Media The WEC8500 supports a disk and USB memory as a storage media. And the WEC8050 supports only a disk as a storage media. Both current directory-based relative path and absolute path are all supported during command execution and the path of each device is shown in the below table.
WEC8050 / WEC8500 Operation Manual Version 7.1 10.12.8 Managing File in Web UI 10.12.8.1 File Uploading and Downloading In the menu bar of <WEC Main window>, select < Administration > and then select the <File Management> <APC-Local PC> menu in the sub-menus.
Page 512
WEC8050 / WEC8500 Operation Manual Version 7.1 Deleting a file After selecting the checkbox of a file to delete, click the <Delete> button. Changing a filename After selecting the checkbox of a file to change its name, click the <Rename> button.
Page 513
WEC8050 / WEC8500 Operation Manual Version 7.1 When the operator configures an encoding method, the APC system automatically converts the encoding method of the file and allows the exported file to the WEC to be properly displayed in the PC. In addition, if the file stored in the PC is imported to the system through the WEC, it is properly processed in the system.
Page 514
../network-stats/alert/voip/call-setup# enable ../network-stats/alert/voip/call-setup# threadhold 50 3) Retrieve the status of configuration of the VoIP statistics. WEC8500# show network-stats statistics voip configuration 4) Retrieve the status of configuration of the VoIP alert. WEC8500# show network-stats alert voip configuration 5) Retrieve call statistics by radio.
Page 515
7) Retrieve call statistics by WLAN. WEC8500# show network-stats statistics voip wlan 8) Retrieve call statistics by device type. WEC8500# show network-stats statistics voip de vice Configuration using Web UI In the menu bar of <WEC Main window>, select <Monitoring> and then select <Statistics>...
Page 516
WEC8050 / WEC8500 Operation Manual Version 7.1 In the menu bar of <WEC Main window>, select <Monitoring> and then select <Statistics> <Network Quality> <by AP> <802.11a/n/ac> <VoIP> in the sub-menus. Radio Frequency (RF) Statistics The statistics of RF show the statistics by channel for Channel-Utilization and Air-Quality and by radio for Rx(Tx)-Utilization and Noise-Level.
Page 518
WEC8050 / WEC8500 Operation Manual Version 7.1 Configuration using Web UI In the menu bar of <WEC Main window>, select <Configuration> and then select <Statistics> <Network Quality> <APs> <802.11a/n/ac> <RF> in the sub- menus. Data Traffic Statistics Data traffic statistics on the air section.
Page 519
3) To retrieve the statistical information of RTP of a specific AP, give a RTP option as follows: WEC8500# show network-stats statistics data ap-stat 1 rtp 4) To retrieve the statistical information of all APs, enter as follows: WEC8500# show network-stats statistics data apc-stat...
Page 520
WEC8050 / WEC8500 Operation Manual Version 7.1 Station Statistics They provide the statistics of the network optimization to check service, tracking, debugging, status transition, etc. of a station. Main statistics items provided include station latency upon connection and handover, attempt count, statistics by failure reason, RSSI, success rate, data rate by AP, Disassoc/Deauth statistics, statistics by reason, handover path statistics, kickout statistics by AP, number of users, scanning statistics by AP, etc.
Page 521
WEC8050 / WEC8500 Operation Manual Version 7.1 3) Configure the alert period (Duration). network-stats alert station alert-duration [VALUE] Parameter Description VALUE 30~60 Min. (default: 30 min) APC/configure# network-stats alert station alert-duration 40 Alert Duration: 40 4) Configure the alert boundary value of the assoc. success rate.
Page 522
WEC8050 / WEC8500 Operation Manual Version 7.1 7) Configure the alert boundary value of the disassoc. attempt count. network-stats alert station alert-disassoc-try [VALUE] Parameter Description VALUE 2~1000 (default: 30) APC/configure# network-stats alert station alert-disassoc-try 40 Disassoc Try Alert Threshold: 40 8) Configure the alert boundary value of the handover success rate.
Page 523
WEC8050 / WEC8500 Operation Manual Version 7.1 Checking Statistical Information Using CLI 1) Check the station association latency (by AP/Device/Radio/WLAN). ex.) by WLAN APC# show network-stats statistics station association latency wlan 1 Station Association Latency [WLAN ID (1)]: [Total] Station Association Latency Minimum....0 ms Station Association Latency Maximum....
Page 524
WEC8050 / WEC8500 Operation Manual Version 7.1 3) Check the statistics by station association failure reason (by AP/Device/Radio/WLAN). ex.) by WLAN APC# show network-stats statistics station association num-of-fail-by- reason wlan 1 [WLAN ID (1)] Reason Total 5Min 1Hour 1Day ======================================================================...
Page 525
WEC8050 / WEC8500 Operation Manual Version 7.1 4) Check the station association RSSI MIN/MAX/AVG statistics (by AP/Device/Radio/WLAN). ex.) by WLAN APC# show network-stats statistics station association rssi wlan 1 [WLAN ID (1)] Reason Total 5Min 1Hour 1Day ====================================================================== ======== Minimum...
Page 536
WEC8050 / WEC8500 Operation Manual Version 7.1 7) Check the statistics by station disassoc./Deauth reason (by AP/Device/Radio/WLAN). ex.) by WLAN APC# show network-stats statistics station disassoc-deauth wlan 1 [WLAN ID (1)] number of In/Out Reason Total 5Min 1Hour 1Day ======================================================================...
Page 540
WEC8050 / WEC8500 Operation Manual Version 7.1 AUTH AUTH_SUCCESS AUTH_FAILURE IPFAIL NORMAL DeauthStateInReason Reason Total 5Min 1Hour 1Day ====================================================================== ======== UNKNOWN AUTH AUTH_SUCCESS AUTH_FAILURE IPFAIL NORMAL DsassocStateOutReason Reason Total 5Min 1Hour 1Day ====================================================================== ======== UNKNOWN AUTH AUTH_SUCCESS AUTH_FAILURE IPFAIL NORMAL...
Page 541
WEC8050 / WEC8500 Operation Manual Version 7.1 [5 Min] Station H/O Latency Minimum....... 0 ms Station H/O Latency Maximum....... 0 ms Station H/O Latency Average....... 0 ms Station H/O Latency Total Count....0 [1 Hour] Station H/O Latency Minimum....... 0 ms Station H/O Latency Maximum.......
Page 543
WEC8050 / WEC8500 Operation Manual Version 7.1 12) Check the statistics of the station handover success rate (by AP/Device/Radio/WLAN). ex.) by WLAN APC# show network-stats statistics station hand-over success-rate wlan Station H/O Success Rate [WLAN ID (1)]: [Total] Station H/O Succ Try......0 Station H/O Succ Success......
Page 545
WEC8050 / WEC8500 Operation Manual Version 7.1 destAp(30)[destAp/statsCnt] destAp(31)[destAp/statsCnt] destAp(32)[destAp/statsCnt] 14) Check the station kickout statistics (by AP/Radio). ex.) by AP/Radio APC# show network-stats statistics station kick-out 1 [AP ID (1), Radio 5-GHz] Reason Total 5Min 1Hour 1Day ====================================================================== ========...
Page 546
WEC8050 / WEC8500 Operation Manual Version 7.1 16) Check the station scanning count statistics (by AP/Radio). ex.) by AP/Radio APC# show network-stats statistics station scan 1 [AP ID (1), Radio 5-GHz] Reason Total 5Min 1Hour 1Day ====================================================================== ======== ScanStat [AP ID (1), Radio 2.4-GHz]...
Page 547
WEC8050 / WEC8500 Operation Manual Version 7.1 AP Total Transmission Failure Mgmt Frame Count ... 0 AP Total Retry Success Mgmt Frame Count ..0 [RADIO 2.4-GHz] AP Total Transmitted Success Data Frame Count ..0 AP Total Transmission Failure Data Frame Count ... 0 AP Total Retry Success Data Frame Count ..
Page 548
WEC8050 / WEC8500 Operation Manual Version 7.1 Alert checking: [Monitoring] > [Network Quality] > Alert List Checking Statistical Value of Network Network Statistics Root Path: [Monitoring] > [Statistics] > [Network Quality] 1) Check the station association latency and success rate (by AP/Device/Radio/WLAN).
Page 549
WEC8050 / WEC8500 Operation Manual Version 7.1 2) Check the Management Frame statistics(Station connection, Handover, AP/System Disassoc, Deauth) (by AP/Device/Radio/WLAN). ex.) by WLAN [Monitoring] > [Statistics] > [Network Quality] > [by WLAN] > [Association/Handover] > Management Frame 3) Check the station handover latency and success rate (by AP/Device/Radio/WLAN).
Page 550
WEC8050 / WEC8500 Operation Manual Version 7.1 6) Check the statistics by cause of station association and handover failure (by AP/Device/Radio/WLAN). ex.) by WLAN [Monitoring] > [Statistics] > [Network Quality] > [by WLAN] > [Association/Handover] > Cause of Failure ※ Check the association/handover statistics by using the tab on the top of the right.
Page 551
WEC8050 / WEC8500 Operation Manual Version 7.1 7) Check the statistics of disassoc. (by AP/Device/Radio/WLAN). ex.) by WLAN [Monitoring] > [Statistics] > [Network Quality] > [by WLAN] > [Association/Handover] > Disassoc/Deauth ※ Check the disassoc/deauth statistics by station/system by using the tab on the top of the right.
Page 552
WEC8050 / WEC8500 Operation Manual Version 7.1 ※ Check the disassoc/deauth statistics by station/system by using the tab on the top of the right. 9) Check the statistics of disassoc. count of the UE by status (by AP/Radio). ex.) by AP/Radio [Monitoring] >...
Page 553
WEC8050 / WEC8500 Operation Manual Version 7.1 10) Check the statistics of disassoc. count of the UE by status (by AP/Radio). ex.) by AP/Radio [Monitoring] > [Statistics] > [Network Quality] > [by AP] > [802.11a/n/ac] > Handover Trace ※ To change a radio, press 'Convert Radio' button by using the tab on the top of the right.
Page 554
WEC8050 / WEC8500 Operation Manual Version 7.1 12) Check the statistics of extracted UEs (by AP/Radio). ex.) by AP/Radio [Monitoring] > [Statistics] > [Network Quality] > [by AP] > [802.11a/n/ac] > [Association/Handover] > RSSI/SKO ※ To change a radio, press 'Convert Radio' button by using the tab on the top of the right.
Page 555
WEC8050 / WEC8500 Operation Manual Version 7.1 ANNEX A. CLI Command Structure The structure of CLI command is as follows. A.1 configure |-- configure |-- spectrum-analysis |-- ap |-- service |-- channel-request |-- channel-interval |-- channel-control |-- dot11b |-- dot11aLow...
Page 614
WEC8050 / WEC8500 Operation Manual Version 7.1 ANNEX B. Open Source Announcement (WEC8500/WEC8050) Some software components of this product incorporate source code covered under the GNU General Public License (GPL), the GNU Lesser General Public License (LGPL) and BSD License etc.
Page 616
WEC8050 / WEC8500 Operation Manual Version 7.1 Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. “License” shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.
Page 617
WEC8050 / WEC8500 Operation Manual Version 7.1 “Contribution” shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner.
Page 618
WEC8050 / WEC8500 Operation Manual Version 7.1 (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a “NOTICE”...
Page 619
WEC8050 / WEC8500 Operation Manual Version 7.1 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any...
Page 620
WEC8050 / WEC8500 Operation Manual Version 7.1 BSD 2.0 License Copyright(c) <YEAR>, <OWNER> All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Page 621
WEC8050 / WEC8500 Operation Manual Version 7.1 THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE...
Page 622
WEC8050 / WEC8500 Operation Manual Version 7.1 Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it.
Page 623
WEC8050 / WEC8500 Operation Manual Version 7.1 TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0) This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License.
Page 624
WEC8050 / WEC8500 Operation Manual Version 7.1 this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you;...
Page 625
WEC8050 / WEC8500 Operation Manual Version 7.1 5) You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License.
Page 626
WEC8050 / WEC8500 Operation Manual Version 7.1 9) The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Page 627
WEC8050 / WEC8500 Operation Manual Version 7.1 How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
Page 628
WEC8050 / WEC8500 Operation Manual Version 7.1 ISIC License (BSD -) ISIC is Copyright(c) 1999 Mike Frantzen, Chicago, IL, USA. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1) Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Page 629
WEC8050 / WEC8500 Operation Manual Version 7.1 When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish);...
Page 630
WEC8050 / WEC8500 Operation Manual Version 7.1 For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries.
Page 631
WEC8050 / WEC8500 Operation Manual Version 7.1 1) You may copy and distribute verbatim copies of the Library’s complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty;...
Page 632
WEC8050 / WEC8500 Operation Manual Version 7.1 3) You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License.
Page 633
WEC8050 / WEC8500 Operation Manual Version 7.1 6) As an exception to the Sections above, you may also combine or link a “work that uses the Library” with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer’s own use and reverse engineering for...
Page 634
WEC8050 / WEC8500 Operation Manual Version 7.1 7) You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work...
Page 635
WEC8050 / WEC8500 Operation Manual Version 7.1 It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices.
Page 636
WEC8050 / WEC8500 Operation Manual Version 7.1 16) IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL,...
Page 637
WEC8050 / WEC8500 Operation Manual Version 7.1 Yoyodyne, Inc., hereby disclaims all copyright interest in the library ‘Frob’ (a library for tweaking knobs) written by James Random Hacker. Signature of Ty Coon, 1 April 1990 Ty Coon, President of Vice That’s all there is to it!
Page 638
WEC8050 / WEC8500 Operation Manual Version 7.1 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge,...
Page 639
WEC8050 / WEC8500 Operation Manual Version 7.1 NTP License Copyright(c) David L. Mills 1992-2001 Permission to use, copy, modify, and distribute this software and its documentation for any purpose with or without fee is hereby granted, provided that the above copyright notice...
Page 640
WEC8050 / WEC8500 Operation Manual Version 7.1 THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT “AS IS” AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL...
Page 641
WEC8050 / WEC8500 Operation Manual Version 7.1 “This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)” The word ‘cryptographic’ can be left out if the rouines from the library being used are not cryptographic related:-). 4) If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: “This product...
Page 642
WEC8050 / WEC8500 Operation Manual Version 7.1 ANNEX C. Open Source Announcement (WEA300/WEA400 Series) Some software components of this product incorporate source code covered under the GNU General Public License (GPL), the GNU Lesser General Public License (LGPL) and BSD License etc.
Page 643
WEC8050 / WEC8500 Operation Manual Version 7.1 Component License BSD 3-clause “New” or “Revised” License hostapd BSD 3-clause “New” or “Revised” License OpenSSH BSD 3-clause “New” or “Revised” License DHCPv6 BSD 3-clause “New” or “Revised” License IPsec Tools BSD 3-clause “New” or “Revised” License IP Utils BSD 3-clause “New”...
Page 644
WEC8050 / WEC8500 Operation Manual Version 7.1 Component License Linux Kernel GNU General Public License v2.0 binutils GNU General Public License v2.0 gkernel-ethtool GNU General Public License v2.0 LZ4 Compression CLI program GNU General Public License v2.0 LZO real-time data compression library GNU General Public License v2.0...
Page 645
WEC8050 / WEC8500 Operation Manual Version 7.1 2) ACM shall not be held liable for direct, indirect, incidental or consequential damages arising from any claim by User or any third party with respect to uses allowed under this Agreement, or from any use of the Software.
Page 646
WEC8050 / WEC8500 Operation Manual Version 7.1 BSD 3-clause “New” or “Revised” License Copyright(c) <YEAR>, <OWNER> All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: ...
Page 647
WEC8050 / WEC8500 Operation Manual Version 7.1 THE SOFTWARE IS PROVIDED “AS IS” AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR...
Page 648
WEC8050 / WEC8500 Operation Manual Version 7.1 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright(c) 1989, 1991 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Page 649
WEC8050 / WEC8500 Operation Manual Version 7.1 The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0) This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License.
Page 650
WEC8050 / WEC8500 Operation Manual Version 7.1 If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works.
Page 651
WEC8050 / WEC8500 Operation Manual Version 7.1 4) You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License.
Page 652
WEC8050 / WEC8500 Operation Manual Version 7.1 9) The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Page 653
WEC8050 / WEC8500 Operation Manual Version 7.1 How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
Page 654
WEC8050 / WEC8500 Operation Manual Version 7.1 [This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.] Preamble The licenses for most software are designed to take away your freedom to share and change it.
Page 655
WEC8050 / WEC8500 Operation Manual Version 7.1 This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs.
Page 656
WEC8050 / WEC8500 Operation Manual Version 7.1 The “Library”, below, refers to any such software library or work which has been distributed under these terms. A “work based on the Library” means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language.
Page 657
WEC8050 / WEC8500 Operation Manual Version 7.1 But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.
Page 658
WEC8050 / WEC8500 Operation Manual Version 7.1 If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work.
Page 659
WEC8050 / WEC8500 Operation Manual Version 7.1 e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the “work that uses the Library” must include any data and utility programs needed for reproducing the executable from it.
Page 660
WEC8050 / WEC8500 Operation Manual Version 7.1 11) If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.
Page 661
WEC8050 / WEC8500 Operation Manual Version 7.1 NO WARRANTY 15) BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY “AS IS”...
Page 662
WEC8050 / WEC8500 Operation Manual Version 7.1 This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
Page 663
WEC8050 / WEC8500 Operation Manual Version 7.1 Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimers. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimers in the documentation and/or other materials provided with the distribution.
Page 664
WEC8050 / WEC8500 Operation Manual Version 7.1 3) All advertising materials mentioning features or use of this software must display the following acknowledgment: “This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)” 4) The names “OpenSSL Toolkit” and “OpenSSL Project” must not be used to endorse or promote products derived from this software without prior written permission.
Page 665
WEC8050 / WEC8500 Operation Manual Version 7.1 This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package. Redistribution and use in source and binary forms, with or without modification, are...
Page 666
WEC8050 / WEC8500 Operation Manual Version 7.1 II) It is allowed to distribute a modified (or extended) version of Vim, including executables and/or source code, when the following four conditions are met: 1. This license text must be included unmodified.
Page 667
WEC8050 / WEC8500 Operation Manual Version 7.1 4. The contact information as required under 2)a) and 2)d) must not be removed or changed, except that the person himself can make corrections. III) If you distribute a modified version of Vim, you are encouraged to use the Vim license for your changes and make them available to the maintainer, including the source code.
Page 668
WEC8050 / WEC8500 Operation Manual Version 7.1 Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1) The origin of this software must not be misrepresented; you must not claim that you wrote the original software.
Page 669
WEC8050 / WEC8500 Operation Manual Version 7.1 ABBREVIATION Access Control List Advanced Encryption Standard Application Layer Gateway Access Point Access Point Controller BPDU Bridge Protocol Data Unit Call Admission Control CAPWAP Control And Provisioning Wireless Access Point Counter mode encryption with CBC-MAC...
Page 670
WEC8050 / WEC8500 Operation Manual Version 7.1 Extensible Authentication Protocol EAPOL EAP over LANs EDCA Enhanced Distributed Channel Access Fast Fourier Transform FIFO First-In-First-Out Fixed Mobile Convergence File Transfer Protocol GARP Gratuitous Address Resolution Protocol Giga Bit Ethernet Guard Interval...
Page 671
WEC8050 / WEC8500 Operation Manual Version 7.1 Opportunistic Key Caching OSPF Open Shortest Path First Organizationally Unique Identifier Physical layer PIM-SM Protocol Independent Multicast-Sparse Mode Power over Ethernet Pairwise Master Key Pre-Shared Key Quality of Service RADIUS Remote Authentication Dial-In User Service...
Page 672
WEC8050 / WEC8500 Operation Manual Version 7.1 Virtual Access Point VATS Voice-Aware Traffic Scheduling VLAN Virtual Local Area Network VoIP Voice over IP Virtual Private Network Voice Quality Monitoring VRRP Virtual Router Redundancy Protocol Wide Area Network Wireless Distribution Service...