Page 1 Spectrum24 AP-4131 Access Point Product Reference Guide 72E-56316-01 Revision A February 2002 www.symbol.com...
Page 2 Symbol reserves the right to make changes to any product to improve reliability, function, or design. No license is granted, either expressly or by implication, estoppel, or otherwise under any Symbol Technologies, Inc., intellectual property rights. An implied license only exists for equipment, circuits, and subsystems contained in Symbol products.
Page 3: Reference Documents
About This Document Reference Documents This reference guide refers to the following documents: Part Number Document Title 72E-51753-01 Wireless LAN Adapter 4100 Series PC Card & PCI Adapter Product Reference Guide 72E-51754-01 Spectrum24 DS Plus Pack Users Guide 72E-51755-01 Spectrum24 Site Survey System Administrators Guide Conventions Keystrokes are indicated as follows: ENTER...
Page 4 This document uses the following for certain conditions or information: Indicates tips or special requirements. Indicates conditions that can cause equipment damage or data loss. Indicates a potentially dangerous condition or procedure that only Symbol- trained personnel should attempt to correct or perform. AP-4131 Access Point Product Reference Guide...
Page 5: Table Of Contents
Contents Chapter 1 Introduction 1.1 Access Point (AP)...1 1.2 Radio Basics ...3 1.2.1 S24 Network Topology...3 1.2.2 Cellular Coverage ...8 1.2.3 Site Topography ...11 1.3 Access Point Functional Theory ...12 1.3.1 MAC Layer Bridging...13 1.3.2 Auto Fallback to Wireless Mode ...14 1.3.3 DHCP Support...15 1.3.4 Media Types...16 1.3.5 Direct-Sequence Spread Spectrum...18...
Page 6 2.1.4 Using a Web Browser...41 2.2 Navigating the UI ...48 2.2.1 Entering Admin Mode ...50 2.2.2 Changing the Access to the UI ...51 2.2.3 Configuring for Dial-Up to the UI ...53 2.2.4 Navigating the UI Using a Web Browser ...54 2.3 Access Point Installation...54 2.4 Configuring System Parameters...59 2.4.1 Encryption Administration ...66...
Page 7 2.9 Configuring Address Filtering...118 2.9.1 Adding Disallowed MUs ...119 2.9.2 Removing Disallowed MUs ...119 2.10 Configuring Type Filtering ...120 2.10.1 Adding Filter Types ...120 2.10.2 Removing Filter Types...120 2.10.3 Controlling Type Filters...120 2.11 Clearing MUs from the AP ...121 2.12 Manually Updating the AP Configuration ...121 2.12.1 Updating Using TFTP ...129 2.12.2 Updating Using Xmodem ...132 2.13 Setting Logging Options ...137...
Page 8 3.9 Miscellaneous Statistics...182 3.9.1 Analyzing Channel Use ...184 3.9.2 Analyzing Retries ...185 3.10 Event History ...186 3.11 Clearing Statistics...187 Chapter 4 Hardware Installation 4.1 Precautions ...189 4.2 Package Contents ...189 4.3 Requirements ...190 4.3.1 Network Connection ...190 4.3.2 10/100Base-T UTP ...190 4.3.3 Single Cell ...191 4.4 Placing the AP ...191 4.5 Power Options...192...
Page 9 Appendix E Installing and Configuring Kerberos Setup Service E.1 Creating a Windows 2000 Environment for the KSS ... E-1 E.2 Installing the KSS in a Windows 2000 Environment ... E-2 E.3 Preparing the KSS for Access Point Validation ... E-5 E.4 Manually Creating an Access Point Setup Account...
Page 10 AP-4131 Access Point Product Reference Guide...
Page 11: Chapter 1 Introduction
Introduction Chapter 1 Spectrum24 is a spread spectrum cellular network that operates between 2.4 and 2.5 GHz (gigahertz). This technology provides a high-capacity network using multiple access points within any environment. The Symbol AP-4131Access Point (AP) is a Spectrum24 direct-sequence (DS) product.
Page 12 The AP meets the following: • the regulatory requirements for Europe and many other areas of the world • FCC part 15, class A with no external shielding • FCC part 15 class B, ETS 300-339 compliance, including CE mark. The AP has the following features: •...
Page 13: Radio Basics
Radio Basics Spectrum24 devices use electromagnetic waves to transmit and receive electric signals without wires. Users communicate with the network by establishing radio links between MUs and APs. Spectrum24 products use DSSS (direct sequence spread spectrum) to transmit digital data from one device to another. Using FM, a radio signal begins with a carrier signal that provides the base or center frequency.
Page 14 A WLAP communicates only with its root AP through the wireless interface. Select from the following topologies: • A single AP used without the wired network provides a single-cell wireless network for peer-to-peer MUs. • A single AP can bridge the Ethernet and radio networks. AP-4131 Access Point Product Reference Guide...
Page 15 • Multiple APs can coexist as separate, individual networks at the same site without interference using different Net_IDs. The Net_ID (ESS) can be thought of as a Wireless LAN Network Identifier. These separate Wireless LANs may be configured to use different channel assignments to avoid RF interference.
Page 16 Introduction In WLAP mode, a wireless AP-to-AP connection functions: • as a bridge to connect two Ethernet networks Kerberos, EAP-TLS and the Mobile IP feature are not available when the access point is operating in WLAP mode. AP-4131 Access Point Product Reference Guide...
Page 17 In WLAP mode, APs and MUs are required to have the same Preamble settings to interoperate. Additionally, the root AP is required to be running before the “leaf” or WLAP connection is established. • as a repeater to extend coverage area without additional network cabling.
Page 18: Cellular Coverage
Using more than two WLAPs to establish a connection slows network performance for all topologies. To increase WLAP performance, disable WNMP Functions and AP-AP State Xchg parameters under the Set System Configuration screen. To set up an AP for wireless operation automatically, select the option for the WLAP Mode parameter.
Page 19 Introduction APs with the same Net_ID (ESS) define a coverage area. The MU searches for APs with a matching Net_ID (ESS) and synchronizes with an AP to establish communications. This allows MUs within the coverage area to move about or roam. As the MU roams from cell to cell, it switches APs. The switch occurs when the MU analyzes the reception quality at a location and decides which AP to communicate with based on the best signal strength and lowest MU load distribution.
Page 20: The Root Ap And Association Process
Introduction The Root AP and Association Process By default, APs with WLAP Mode enabled and within range of each other automatically associate and configure wireless operation parameters at power up. This association process determines the wireless connection viability and establishes the Root AP and subsequently designated WLAPs. APs communicating wirelessly with one another require the same: Net_ID (ESS), Encryption mode, Data Rate and Short RF Preamble settings.
Page 21: Site Topography
If AP D on Ethernet II has data for a device on Ethernet I, it requires a bridge or a repeater. In this configuration, AP C functions as a repeater. To ensure transmission to devices on Ethernet I, AP D has to use the AP A channel, DTIM and TIM interval.
Page 22: Access Point Functional Theory
Symbol recommends conducting a new site survey and developing a new coverage area floor plan when switching from 1 or 2 Mbps frequency- hopping access points to 11 Mbps direct-sequence access points. Access Point Functional Theory To improve AP management and performance, users need to understand basic AP functionality and configuration options.
Page 23: Mac Layer Bridging
1.3.1 MAC Layer Bridging The AP listens to all packets on all interfaces and builds an address database using the unique IEEE 48-bit address (MAC address). An address in the database includes the interface media that the device uses to associates with the AP .
Page 24: Filtering And Access Control
Transmitted ARP request packets echo back to other MUs. The AP removes from its database the destination or interface information that is not used for a specified time. The AP refreshes its database when it transmits or receives data from these destinations and interfaces. Filtering and Access Control The AP provides facilities to limit the MUs that associate with it and the data packets that can forward through it.
Page 25: Dhcp Support
See section 2.4 “Configuring System Parameters” on page 59 and section 2.5.1: ”Wireless AP Operation Parameters” on page 80. To enable this feature, set the 1.3.3 DHCP Support The AP can use Dynamic Host Configuration Protocol (DHCP) to obtain a leased IP address and configuration information from a remote server.
Page 26: Media Types
Program the DHCP or BOOTP server to transfer these files (Kerberos security information, HTML, firmware or network configuration files) with these DHCP options for the specific file or information to download: DHCP Option Firmware and HTML file ESSID Configuration filename ACL filename Kerberos enable/disable flag KDC name...
Page 27 Introduction The DB-9, 9-pin, RS-232 serial port provides a UI (User Interface) connection. The UI provides basic management tools for the AP . The serial link supports short haul (direct serial) or long haul (telephone-line) connections. The AP is a DTE (Data Terminal Equipment) device with male pin connectors for the RS-232 port.
Page 28: Direct-Sequence Spread Spectrum
1.3.5 Direct-Sequence Spread Spectrum Spread spectrum (broadband) uses a narrowband signal to spread the transmission over a segment of the radio frequency band or spectrum. Direct-sequence is a spread spectrum technique where the transmitted signal is spread over a particular frequency range. The Spectrum24 AP-4131access point uses Direct-Sequence Spread Spectrum (DSSS) for radio communication.
Page 29: Mu Association Process
Mobile Units receiving a direct-sequence transmission use the spreading code to map the chips within the chipping sequence back into bits to recreate the original data transmitted by the access point. Intercepting and decoding a direct-sequence transmission requires a predefined algorithm to associate the spreading code used by the transmitting access point to the receiving MU.
Page 30 Introduction Scanning is a periodic process where the MU sends out probe messages on all channels defined by the country code. The statistics enable an MU to reassociate by synchronizing its channel to the AP . The MU continues communicating with that AP until it needs to switch cells or roam. MUs perform full scans at start-up.
Page 31: Mobile Ip
An MU can roam within a coverage area by switching APs. Roaming occurs when: • an unassociated MU attempts to associate or reassociate with an available AP • the supported rate changes or the MU finds a better transmit rate with another AP •...
Page 32 Introduction Mobile IP is like giving an individual a local post office forwarding address when leaving home for an extended period. When mail arrives for the individual home address, it is forwarded by the local post office to the current care-of-address. Using this method, only the local post office requires notification of the individual current address.
Page 33 Introduction The scanning and association process continues for active MUs. This allows the MUs to find new APs and discard out-of-range or deactivated APs. By testing the airwaves, the MUs can choose the best network connection available. The following diagram illustrates Mobile IP (roaming across routers): Set the MU for Mobile IP as specified in the MU user documentation.
Page 34: Supporting Cam And Psp Stations
1.3.8 Supporting CAM and PSP Stations CAM (Continuously Aware Mode) stations leave their radios on continuously to hear every beacon and message transmitted. These systems operate without any adjustments by the AP . A beacon is a uniframe system packet broadcast by the AP to keep the network synchronized.
Page 35: Data Encryption
A TIM is a compressed virtual bitmap identifying the AP associated MUs in PSP mode that have buffered directed messages. MUs issue a poll request when APs issue a TIM. A beacon with the broadcast-indicator bit set causes the MU to note DTIM Count field value. The value informs the MU of the beacons remaining before next DTIM.
Page 36: Kerberos Authentication
IEEE 802.11 defines two types of authentication, Open System and Shared Key. Open system authentication is a null authentication algorithm. Shared key authentication is an algorithm where both the AP and the MU share an authentication key to perform a checksum on the original message. Both 40-bit and 128-bit shared key encryption algorithms are supported in the Symbol Spectrum24 Access Point.
Page 37 Introduction For a detailed description of the Kerberos authentication service protocol refer to RFC 1510: Kerberos Network Authentication Service (V5). A basic understanding of RFC 1510 Kerberos Network Authentication Service (V5) is helpful in understanding how Kerberos functions. Kerberos requires the installation of the KSS on a Windows 2000 server.
Page 38 • Authentication Service (AS) – Provides the authentication ticket containing information about the client and the session key used with the KDC. • Ticket Granting Ticket Service (TGS) – Permits devices to communicate with a service (this could be any application or service such as the AP RF services).
Page 39 Introduction When the AP boots up it contacts the KSS to obtain KDC information. The AP sends an Authentication Service Request (AS_REQ) to the KDC. The KDC looks up the username (ESSID in the case of APs), the associated password, and other authentication information including the current time stamp.
Page 40 Introduction with a WNMP header and forwards the response to the MU. Once the MU has verified the message it prepares an Application Request (AP_REQ) for the AP . This AP_REQ contains the ticket the KDC has sent to the MU. The AP decrypts the ticket.
Page 41: Kss Open Enrollment
Enabling Kerberos disables Telnet, SNMP and Web services. Configure the AP through a direct serial connection if needed. Configure SNMP to be "Read Only" or "Read/Write" from the KSS. Disabling Kerberos returns (Kerberos disabled is the default setting) Telnet, SNMP and Web services to their previous setting.
Page 42: Kss Databases
1.3.12 KSS Databases The KSS has two databases. One database stores valid access points (AP setup account). The other database stores Kerberos account information (Kerberos entry account). The AP setup account database stores validation information for an AP . This database uses the AP MAC address as a Primary Key.
Page 43: Mixed Mode Security
1.3.14 Mixed Mode Security Mixed mode security allows a single access point to transmit and receive with mobile units operating with different encryption algorithms (WEP , Kerberos, EAP-TLS). Using mixed mode, additional access points are not needed to support mobile units simply because they are using different encryption schemes.
Page 44: Management Options
1.3.16 Management Options Managing Spectrum24 includes viewing network statistics and setting configuration options. Statistics track the network activity of associated MUs and data transfers on the AP interfaces. The AP requires one of the following to perform a custom installation or maintain the Spectrum24 network: •...
Page 45: Using Snmp
Introduction Using SNMP The AP includes SNMP agent versions accessible through an SNMP manager application such as, HP Open View or Cabletron Spectrum MIB browser. The SNMP agent supports SNMP versions 1 and a subset of version 2, MIB II, the 802.11 MIB and one Symbol proprietary MIB (Management Information Base).
Page 46: Using The Ui
Using the UI The UI (User Interface) is a maintenance tool integrated into the AP . It provides statistical displays, AP configuration options and firmware upgrades. Access to the UI requires one of the following: Telnet Client Direct Serial Connection Dial Up Access SNMP Using a MIB Browser...
Page 47: Chapter 2 Configuring The Ap
Configuring the AP Chapter 2 AP configuration requires setting up a connection to the AP and gaining access to the UI (User Interface). The methods of accessing the UI are Serial, Telnet, Web, and SNMP . DHCP is enabled on the AP by default. Initial network configuration can be obtained from a DHCP server.
Page 48 2. At the prompt type the password: The password is case-sensitive. 3. Press the ESC key. The AP displays the Main Menu: – If the session is idle (no input) for the configured time, the session terminates. – Press CTRL+D to manually terminate the session. 4.
Page 49: Using A Direct Serial Connection
2.1.2 Using a Direct Serial Connection The factory-configured AP accepts a dial-up connection between the AP and a modem. A UI connection requires a straight-through cable between the modem and the AP . See section 2.2.3: ”Configuring for Dial-Up to the UI” on page 53.
Page 50: Using A Dial-Up Connection
5. Press ESC to refresh the display. The AP displays the Main Menu. 6. Refer to section 2.12.2: ”Updating Using Xmodem” on page 132 to update the AP firmware or HTML file or to section 2.2: ”Navigating the UI” on page 48. 7.
Page 51: Using A Web Browser
5. Select the correct serial port along with the following parameters. emulation baud rate data bits stop bits parity flow control 6. Dial out to the AP with the correct telephone number. No password is required. 7. Press ESC to refresh the display. The AP displays the Main Menu. 2.1.4 Using a Web Browser A Web browser is a program used to view Web documents or pages.
Page 52: Setup Network Web Server Help File Access
The Web browser (Internet Explorer 4.0 or greater or Netscape) requires JavaScript to gain access to the UI. Setup Network Web Server Help File Access A network Web server is required to access the Help file from the Access Point Configuration Management System Web pages.
Page 53: Accessing Web Browser Ui
6. From this menu select Internet Information Server Service Manager. 7. Click on the Web service. Ensure the server WWW service is running. 8. Select 9. Select for the server. WWW Service Properties 10. Select Directories. 11. Select 12. Type the Directory/Folder path of the directory created in step one. 13.
Page 54 To ensure the 1. Access the UI using a Serial or Telnet connection. 2. From the 3. Verify the is enabled. 4. Select To reset the AP for changes to take effect. 1. Select the 2. Select 3. Select To enable Help file access, change the Help URL parameter: 1.
Page 55 To access the AP UI using a Web browser from a workstation: 1. From the NCPA properties window set the IP address of the workstation and the subnet mask. The system tells the user to reboot for property changes to take effect. The workstation, in this case, is the workstation or laptop computer running the Web browser.
Page 56 4. The Spectrum24 Access Point Configuration Management System main page displays: The Web pages look different than the Telnet, Direct Serial or Dial-Up Connections, but the contents are the same. Access the different pages using the links located in the left frame. Refer to the online help file for Web page navigation, page contents and parameter use.
Page 57 – For Internet Explorer, from the menu bar select View, Internet Options, Temporary Internet files and Settings. – Select If this property/option is not turned off, the browser returns the previous view of the page without the changes. To ensure the latest version of a Web page is viewed, set this option in the browser.
Page 58: Navigating The Ui
Navigating the UI The AP displays a Main Menu when gaining access to the UI: The top line displays the System Name for the AP (default is Symbol Access Point) and the name of the configuration screen. The UI uses the following keystrokes to navigate through the menus and screens depending on the terminal emulation.
Page 59 The following conventions also apply when navigating screens and menus: • To select menu items, press the key corresponding to the bold letter for the item (case-sensitive hot key). Press ENTER to select the item. • Press TAB to scroll through menu items. •...
Page 60: Entering Admin Mode
Administration screens include options for saving or clearing data that appear on the bottom line of the screen. Confirmation prompts include the following: Save Save ALL APs Cancel 2.2.1 Entering Admin Mode The UI defaults to User when in Serial mode allowing read-only access to the APs functions (e.g., view statistics).
Page 61: Changing The Access To The Ui
– If the password is correct, the AP displays the Main Menu with the Enter Admin Mode menu item changed to Exit Admin Mode. – If the password is incorrect, the AP continues to display the Main Menu with the Enter Admin Mode menu item. Set the System passwords in the Set System Configuration screen.
Page 62 3. The Change System Passwords screen displays: 4. Change the passwords using the following parameters: User Password Admin Password 5. Select Selecting 6. The system prompts 7. Select screen and return to the previous menu. Allows the user to only monitor or view the screens. Select any alphanumeric, case-sensitive entry up to 13 characters, the characters selected are displayed as asterisks.
Page 63: Configuring For Dial-Up To The Ui
2.2.3 Configuring for Dial-Up to the UI A dial-up connection requires a straight-through cable between the modem and the AP . The remote PC requires a modem and a communication program (e.g. Microsoft Windows Terminal program). Refer to Appendix B for information on the modems supported by the AP . 1.
Page 64: Navigating The Ui Using A Web Browser
7. Press ESC to refresh the display. The AP displays the Main Menu. 2.2.4 Navigating the UI Using a Web Browser Refer to the online help file for information on Web Browser navigation and basic functionality. For file download instructions and the associated file(s) refer to the Web page: (http://www.symbol.com/services/downloads/download_spec24.html) and select...
Page 65 Configuring the AP 3. Select AP Installation from the Main Menu: 4. Verify the AP parameters reflect the network environment. Change them as needed. 5. Press TAB to scroll to the item and press ENTER to select. AP-4131 Access Point Product Reference Guide...
Page 66 If this is the first time the AP has been installed or has been moved to a new country, verify that the proper country specific code is entered for the AP . Refer to Appendix D for a list of supported country codes. Verify that the proper country specific code is entered for the AP to conform to the set of rules defined in national or international regulations.
Page 67 Subnet Mask DNS IP Address Additional DNS Net_ID (ESS) Antenna Selection AP-4131 Access Point Product Reference Guide The first two sets of numbers specify the network domain, the next set specifies the subset of hosts within a larger network and the final set specifies an individual computer.
Page 68 Additional Gateways DHCP/BOOTP 5. In the Antenna Selection field, use the SPACE BAR or LEFT/RIGHT- ARROW keys to toggle between , or 6. Select Selecting 7. Select configuration information to all APs with the same Net_ID (ESS). This option saves the configuration changes for the current AP on the Known APs table to update their configuration and reset after the configuration has been modified.
Page 69: Configuring System Parameters
8. The system prompts 9. Select return to the previous menu. Configuring System Parameters The AP provides configuration options for how the unit operates, including security access and interface control. Some parameters do not require modification. 1. Select Set System Configuration from the Main Menu to display: AP-4131 Access Point Product Reference Guide Type .
Page 70 Once the country has been configured Installation screen the channel can be set manually or automatically. 2. Configure the AP system settings as required: Channel Auto Channel Select Specifies the channel that is requested by all associated MUs when associating with this particular access point.
Page 71 Ethernet Timeout Telnet Logins AP-4131 Access Point Product Reference Guide Disables radio interface if no activity is detected on the Ethernet line after the seconds indicated ). The AP disassociates MUs and prevents further associations until it detects Ethernet activity. The default value disables this feature.
Page 72 Encryption Admin Agent Ad Interval S24 Mobile IP If enabled, this feature allows MUs to roam Mobile-Home MD5 key Web Server Indicates which interface can change the encryption keys and the encryption key index. Without admin privileges users cannot access the encryption maintenance page to change the encryption keys.
Page 73 Access Control Type Filtering WNMP Functions AP-AP State Xchg Associated MU-MU Disallowed Modem Connected Inactivity Timeout AP-4131 Access Point Product Reference Guide Allows the user to set one of three Access Control modes: Disabled, Allowed, or Disallowed. • When (default) is selected, no filtering is performed.
Page 74 System Password Admin Allows the user to change the passwords for the AP . This screen can be accessed only when the AP is in Telnet mode. Serial mode provides read-only privileges and does not allow the user to view this screen. AP-4131 Access Point Product Reference Guide...
Page 75 3. To enable or disable interfaces on the AP , modify the following parameters: Ethernet Interface RF Interface Default Interface Specifies the default interface ( 4. Verify the values set reflect the network environment. Change as needed. 5. Select Selecting 6.
Page 76: Encryption Administration
2.4.1 Encryption Administration The ability to change, view or restrict access to encryption administration settings depends on the options for this parameter are configurable via the Serial UI located in the System Configuration screen. (Serial, Telnet, HTML Web browser and SNMP). The tables in this section are useful for determining the access level (to encryption parameters) available to the user through each type of interface.
Page 77 Encryption Parameter Access to Telnet and Serial Interfaces Parameter Encryption Admin System Configuration Shared Key Key Width Encryption Key ID Encryption Keys Encryption Parameter Access to Web Interface Parameter Encryption Administration Shared Key Key Width Encryption Key Encryption Keys AP-4131 Access Point Product Reference Guide Access Method Interface Telnet/Serial...
Page 78 Encryption Parameter Access for SNMP Interface Parameter apEncryptAdmin apWEPAlgorithm ap128WEPKeyValue dot11PrivacyInvoked dot11Authentication Algorithm dot11Authentication AlgorithmEnable dot11WEPDefaultKey Access Method s24dsap.mib - apConfigMgmt - apSystemConfig group s24dsap.mib - apConfigMgmt - apRFConfig group s24dsap.mib - (1..4) apConfigMgmt - ap128WEPKeyTable 802dot11.mib - dot11smt - dot11PrivacyTable 802dot11.mib - dot11smt -...
Page 79: System Password Administration
2.4.2 System Password Administration This screen allows the network administrator to configure the passwords for the AP . The user password allows the user to Telnet into the AP or use the serial port and have read-only privileges. Accessing the UI in an Admin mode session through the serial port the session does not time-out.
Page 80 2. Change the passwords using the following parameters: User Password Allows the user to monitor or view the screens. Select Admin Password 3. Select Selecting 4. Select return to the previous menu. any alphanumeric, case-sensitive entry up to 13 characters, the characters selected are displayed as asterisks.
Page 81: Configuring Radio Parameters
Configuring Radio Parameters The AP automatically configures most radio parameters. Only advanced users, Symbol trained users or Symbol representatives should adjust the radio parameters for the AP or the options in the RF Configuration screen. 1. Select Set RF Configuration from the Main Menu to display: The dot in front of certain parameters, functions or options (for example ) indicates these items update to all APs with the same Net_ID (ESS) when choosing the...
Page 82 2. Configure the settings as required: DTIM Interval BC/MC Q Max Max Retries (d) Max Retries (v) Multicast Mask Multicast Mask Configure DTIM packet frequency as a multiple of beacon packets. The DTIM Interval indicates how many beacons equal one cycle. Users should not modify this setting or risk damaging the configuration.
Page 83 Beacon Interval Accept Broadcast ESSID MU inactivity Timeout AP-4131 Access Point Product Reference Guide The time between beacons in Kilo-microseconds. The default is . Avoid changing this parameter as it can adversely affect performance. Allows the AP to respond to any station sending probe packets with the industry-standard broadcast ESS.
Page 84 Rate Control RTS Threshold Extended Range Defines the data transmission rate, the defaults are: • 11 Mbps - Optional • 5.5 Mbps - Optional • 2 Mbps - Required • 1 Mbps - Required. The defaults allow the AP to automatically select the the best transmit rate allowed by the conditions.
Page 85 WLAP Mode WLAP Priority AP-4131 Access Point Product Reference Guide Specifies the APs wireless-AP operation status. • the AP sets up automatically for wireless operation. The AP can operate in any of these configurations: Wireless, Repeater or Ethernet Bridge. • no wireless operation possible.
Page 86 WLAP Manual BSS ID WLAP Hello Time Sets the time lapse, in seconds, between Config WLAP Max Age Specifies the BSS_ID of a particular WLAP and forces the current AP to associate only with that WLAP . If setting the WLAP Manual BSS_ID to the current BSS_ID, the current AP jumps into Functional State immediately and waits for an Association Request from the other WLAP .
Page 87 WLAP Forward Delay WLAP MU Table Aging Time Short RF Preamble Tx Power Control AP-4131 Access Point Product Reference Guide Specifies the time, in seconds, to prevent an AP from forwarding data packets to and from an interface during initialization. The WLAPs involved and the wireless operation state, see section 3.8: ”Radio Statistics”...
Page 88 EPP Setup - [F3] EIAP - [F4] Enhanced Packet Prioritization (EPP) allows system administrators the ability to prioritize packet transmissions from an AP to MUs. Media content (streaming video, phones etc.) can be prioritized over a heavily loaded access point. EPP allows prioritization of the media for smooth delivery, at the cost of reduced bandwidth.
Page 89 3. Verify the values set to reflect the network environment. Change them as needed. 4. Select Selecting 5. Select information to all APs with the same Net_ID (ESS). This option saves the configuration changes for the current AP , sends two WNMP messages to all other APs on the Known APs table to update their configuration and resets after the configuration has been modified.
Page 90: Wireless Ap Operation Parameters
2.5.1 Wireless AP Operation Parameters The AP supports up to four WLAP interfaces. Symbol recommends using one WLAP as an interface on high traffic networks and no more than two WLAPs for low traffic networks. Excessive channel contention causes the WLAP to miss beacons from the Root APs shown in the example.
Page 91 Configuring the AP 3. Set the default interface for AP C to This allows the MUs to roam and transmit data between AP B and C. If an AP functions as a bridge between wired LANs, Symbol recommends one LAN contain all the lower WLAP IDs. In WLAP mode, APs and MUs are required to have the same Preamble settings for interoperability.
Page 92 To configure the AP for wireless operation: 1. Select Set RF Configuration from the Main Menu. 2. Configure the settings as required: WLAP Mode WLAP Priority Specifies the APs wireless-AP operation status. • the AP sets up automatically for wireless operation.
Page 93 WLAP Manual BSS_ID WLAP Hello Time WLAP Max Age AP-4131 Access Point Product Reference Guide Specifies the BSS_ID of a particular WLAP and forces the current AP to associate only with that WLAP . If setting the WLAP Manual BSS_ID to the current BSS_ID, the current AP jumps into Functional State immediately and waits for an Association Request from the other WLAP .
Page 94 WLAP Forward Delay WLAP MU Table Aging Time Specifies the time, in seconds, to prevent an AP from forwarding data packets to and from an interface during initialization. The WLAPs involved and the wireless operation state affect the WLAP Forward Delay time (see section 3.8: ”Radio Statistics”...
Page 95: Enhanced Packet Prioritization (Epp)
2.5.2 Enhanced Packet Prioritization (EPP) Enhanced Packet Prioritization (EPP) enables system administrators to prioritize packet transmissions from an AP to MUs. For example, media content (streaming video, phones etc.) can be prioritized over a heavily loaded access point. EPP allows prioritization of the media for smooth delivery or selected data traffic for expedited delivery at some cost in aggregate bandwidth through the access point.
Page 96: Enhanced Interference Avoidance Properties (Eiap)
For data types not listed, classify them by using the Port number corresponding to that data type. Use 65537 as a code defining a port as not used, otherwise assign port values of 1 through 1023. Up to 10 assigned port numbers can be priority controlled. 4.
Page 97 Configuring the AP 3. 802.15 (draft) Bluetooth Co-existence allows access points and MUs to share Spectrum24 network resources with Bluetooth RF terminals. The 802.15 (draft) Bluetooth Co-existence value is communicated to MUs via access point beacons. When a non zero-value is entered, Symbol 802.11b devices stop transmitting for the duration of that interval.
Page 98: Encryption Configuration And Key Maintenance
Encryption Configuration and Key Maintenance The Encryption Key Maintenance screens allow the user to configure the encryption keys used for the site network. The Key Width determines which encryption Key screen displays. To enable the Open System option, select This table shows the association capability with the selected Key Width. AP Selected WEP Algorithm Open (disable)
Page 99 Configuring the AP Two screens are available, one for 40-bit encryption and one for 128-bit encryption. Considerable care is required when assigning keys. Keys have to be in the same order with the same value per key for the AP and MU to authenticate data transmission using encryption.
Page 100: 40-Bit Wep Encryption
2.6.1 40-Bit WEP Encryption Select 40-bit from the Key Width field of the WEP Encryption Configuration screen, and select the Encryption Key Maintenance option to display the Encryption Key Maintenance screen. Each key has 40-bits available to the user for configuration and are displayed in two 20-bit segments.
Page 101 The PassKey can be no longer than 32 characters in length. 2. Select the desired key and enter the new value to change the Key value. 3. Verify and change the values as needed to reflect the network environment. 4. Select Selecting 5.
Page 102: 128-Bit Wep Encryption
2.6.2 128-Bit WEP Encryption Select 128-bit from the Key Width field of the WEP Encryption Configuration screen, and select the Encryption Key Maintenance option to display the Encryption Key Maintenance screen. Each key has 104-bits available to the user for configuration and are displayed in two 20-bit segments and four 16-bit segments.
Page 103 The PassKey can be no longer than 32 characters in length. 2. Select the desired key and enter the new value to change the Key value. 3. Verify and change the values as needed to reflect the network environment. 4. Select Selecting 5.
Page 104: Manual Kerberos Authentication Configuration
2.6.3 Manual Kerberos Authentication Configuration The Configure Kerberos Authentication screen allows the network administrator to change or verify the AP parameters for Kerberos authentication. If a DHCP server is not available use the Configure Kerberos Authentication screen to manually configure and enable Kerberos, save and reset the AP .
Page 105 Configuring the AP 1. To access and enable the Kerberos configuration, select from the Special Functions Menu. The Configure Kerberos Authentication screen displays: 2. Verify the KSS port/name to enable Kerberos. Modify as needed. 3. Verify the KDC name. Only enter a if not using a KSS.
Page 106 5. Verify the KSS Port KSS Secret KSS Name/ IP Address KDC Server Name/IP Address Backup KDC Name/IP Address Realm Name User ID Password 6. Select 7. Select previous menu. matches the password in the KDC and AP . Allows the user to enable Kerberos authentication. Telnet, SNMP , and Web services are disabled when Kerberos is enabled.
Page 107: Configuring Eap-Tls Support
2.6.4 Configuring EAP-TLS Support The Extensible Authentication Protocol-Transport Level Security (EAP-TLS) feature affords access points and their associated MU’s an additional measure of security for data transmitted over the Spectrum24 wireless network. Using EAP-TLS, authentication between devices is achieved through the exchange and verification of certificates.
Page 108 Configuring the AP Configure Authenticator screen displays. AP-4131 Access Point Product Reference Guide...
Page 109 2. Configure the EAP-TLS authentication settings as required: EAP-TLS/RADIUS Quiet Period Tx Period Re-authentication When enabled, the access point forces the MU to Re-auth Period Re-auth Max Supplicant Timeout Server Timeout Max Req Retries IAS Name/IP Address Backup IAS Name/IP IAS Password AP-4131 Access Point Product Reference Guide When enabled, the access point assumes the role...
Page 110: Configuring Mixed Mode Security
2.6.5 Configuring Mixed Mode Security Mixed mode security allows a single access point to transmit and receive data with mobile units operating with different encryption algorithms. In mixed mode, additional APs are not needed to support mobile units simply because they are using different encryption schemes. 128-bit WEP , Kerberos and EAP-TLS can be used together to provide mixed mode security.
Page 111 SNMP and Mixed Mode Security The configuration of SNMP shared key WEP is set with the MIB file. The objects involved include: • apRFConfig.apWEPAlgorithm Edit the AP serial UI entry using the Summary screen. • ap128bWEPKeyTable.ap128bWepKeyValue (1..4) Edit the AP serial UI entry by selecting of the WEP Encryption Configuration screen.
Page 112: Configuring The Snmp Agent
Configuring the SNMP Agent The SNMP agent functions as a command responder and is a multilingual agent responding to SNMPv1, v2c and v3 managers (command generators). The factory default configuration maintains SNMPv1/2c support of the community names, hence providing backward compatibility. However, Agents with the default configuration are "Open"...
Page 113 Configuring the AP 1. Select Set SNMP Configuration from the Main Menu to AP display: AP-4131 Access Point Product Reference Guide...
Page 114 2. Configure the settings as required: SNMP Agent Mode Read-Only Community Read-Write Community Trap Host1 Trap Host2 All Traps Cold Boot Authentication failure SNMPv3 Security Admin Radio Restart Access Cntrl Violation Defines the SNMP agent mode: disables SNMP functions, while allows SNMP functions.
Page 115 MU State Change DHCP Change AP-4131 Access Point Product Reference Guide If enabled, the following enterprise-specific traps are generated: • MU Association Additions Indicates when a device has been added to the list of access point associated MUs. • MU Association Removals Indicates when a device has been removed from the list of access point associated MUs.
Page 116 WLAP Connection Change Security Protocol Errors 3. Verify the values reflect the network environment. Change as needed. 4. Select Selecting 5. Select information to all APs with the same Net_ID (ESS). This option saves the configuration changes for the current AP , sends two WNMP messages to all other APs on the Known APs table to update their configuration and resets after the configuration has been modified.
Page 117 Configuring the AP 6. The system prompts Type . 7. Select to disregard any changes made to this screen and return to the previous menu. AP-4131 Access Point Product Reference Guide...
Page 118: Configuring Snmpv3 Security
2.7.1 Configuring SNMPv3 Security SNMPv3 defines a method of access point data control known as the View- Based Access Control Model (VACM). It is a means of restricting access to a particular subset of data based on the security level used in the request and specifies whether access should be allowed.
Page 119 To configure the properties of a user group: 1. Highlight the specific user group and select Enter. User/Group Security Configuration user group. 2. Configure the settings as required for the selected user/group: User/Group Name Context Name Read View Write View Security Level AP-4131 Access Point Product Reference Guide screen displays for the selected...
Page 120 Authentication Protocol Authentication Password Privacy Protocol Privacy Password Defines the authentication protocol and security privileges for the user/group. Options include (default MD5 authentication protocol), (no data protection, but does have password protection) and protection). Password required to initiate the authentication scheme defined in the Authentication protocol field.
Page 121: Acl And Address Filtering
ACL and Address Filtering Only 512 maximum combined entries are available for the ACL. The three modes available (Disabled, Allowed, and Disallowed) are selected in the Access Control section of the System Configuration Menu. The dot in front of certain parameters, functions or options (for example (ESS) when choosing the option only among the same hardware platforms and same firmware versions.
Page 122 There are three mutually exclusive modes used by the AP to control association: Disabled, Allowed and Disallowed. Access Control Disabled Allowed Disallowed Allowed Disallowed Address Filtering Access Control List List The presence or The presence or absence of MAC absence of MAC addresses does addresses does not not affect the...
Page 123: Configuring The Acl
2.8.1 Configuring the ACL The ACL supports adding MU entries by individual MAC address or by a range of MAC addresses. 1. Select the Set Access Control List option from the Main Menu to display: 2. Use the UP/DOWN-ARROW keys to toggle between 2.8.2 Range of MUs To select a range of MAC addresses:...
Page 124 7. Select 8. Select 9. Select Units information to all APs with the same Net_ID (ESS). This option saves the configuration changes for the current AP , sends two WNMP messages to all other APs on the Known APs table to update their configuration and resets after the configuration has been modified.
Page 125: Adding Allowed Mus
2.8.3 Adding Allowed MUs The Access Control List screen provides a facility to add MUs to the ACL. 1. Select the Set Access Control List option from the Main Menu to display: 2. Use the UP/DOWN-ARROW keys to toggle between 3.
Page 126: Acl Options
2.8.5 ACL Options To switch between the System Configuration screen. Use ACL options from the Set System Configuration menu. Where: Option Allowed Disallowed Disabled 1. Select 2. Press TAB to select 3. Press SPACE BAR to select 4. Select 2.8.6 Removing All Allowed MUs The AP provides a facility to remove all MUs from the ACL.
Page 127: Load Acl From File
2.8.8 Load ACL from File This option loads an ACL from a user defined ACL file (AP_ACL.TXT) entered on the secondary screen of the Special Functions Menu. The following is an example of the AP_ACL.TXT. [ACLIndividual] Flush 00:A0:F8:FF:01:FB 00:A0:F8:FF:01:FC 00:A0:F8:FF:01:FD 00:A0:F8:FF:01:FE 00:A0:F8:FF:01:FF ;Delete00:A0:F8:FF:00:0A...
Page 128: Configuring Address Filtering
Configuring Address Filtering The AP can keep a list of MU MAC addresses not allowed to associate. The Disallowed Addresses option provides security by preventing unauthorized access by known devices. Use it for preferred association of MUs to APs. • Select from the Main Menu to display: AP-4131 Access Point Product Reference Guide...
Page 129: Adding Disallowed Mus
2.9.1 Adding Disallowed MUs The Disallowed Addresses screen provides a facility to add MUs to the list: 1. Select 2. Enter the MAC address. Users can enter MAC addresses without colons. 2.9.2 Removing Disallowed MUs The Disallowed Addresses screen provides a facility to remove MUs from the list: 1.
Page 130: Configuring Type Filtering
2.10 Configuring Type Filtering Packet types supported for the type filtering function include the 16-bit DIX Ethernet types. The list can include up to 16 types. 2.10.1 Adding Filter Types The Type Filtering screen provides a facility to add types to the list. 1.
Page 131: Clearing Mus From The Ap
6. Select return to the previous menu. Users can only enable one type filtering option at a time. 2.11 Clearing MUs from the AP Clear the MU association table for diagnostic purposes. Clear MUs from the AP if the AP has many MU associations no longer in use. Use this option to ensure that MUs associating with the AP are active.
Page 132 Configuring the AP Change the AP-4131 AP_CFG.TXT file (required for manual AP configuration) to match site specific network settings. AP-4131 Access Point Product Reference Guide...
Page 133 Configuring the AP AP-4131 Access Point Product Reference Guide...
Page 134 Configuring the AP AP-4131 Access Point Product Reference Guide...
Page 135 Configuring the AP AP-4131 Access Point Product Reference Guide...
Page 136 Configuring the AP AP-4131 Access Point Product Reference Guide...
Page 137 Configuring the AP AP-4131 Access Point Product Reference Guide...
Page 138 Configuring the AP AP-4131 Access Point Product Reference Guide...
Page 139: Updating Using Tftp
2.12.1 Updating Using TFTP The Ethernet TFTP update method requires a connection between the AP and a computer on the same Ethernet segment. Verify the computer has a TFTP server running on it. Running the server requires third party software like FTP PC/TCP for DOS or OnNet™...
Page 140 The AP displays the Main Menu. 4. Select 5. At the 6. Select 7. Enter the configuration filename in the Config. Filename field: Change this only if the user or system/network administrator requires a new filename. The default is from the Main Menu and press enter. press to view the AP-4131 Access Point Product Reference Guide...
Page 141 Ensure the Filename is AP_CFG.TXT unless the user changed the Filename. Verify the paths accuracy for the filename. See step one. 8. Enter the TFTP Server IP address or name in the TFTP Server field. 9. Press 10. The Firmware Update Menu displays If using telnet to connect to the AP through an Ethernet interface, do not use reset and look for the configuration file over the serial interface.
Page 142: Updating Using Xmodem
15. At the prompt enter the password: The password is case-sensitive. The AP displays the Main Menu. 16. Verify the network settings are correct on the System Summary screen. 17. Press CTRL+D to end Telnet session. 18. Repeat process for other APs in the network. 2.12.2 Updating Using Xmodem The Xmodem upgrade method requires a direct connection between the AP and a computer using a null modem serial cable and using software like...
Page 143 5. Select the correct communication port, typically with the following parameters: emulation baud rate data bits stop bits parity flow control 6. Select OK. 7. Press ENTER to display the Main Menu. 8. Select The password is case-sensitive. AP-4131 Access Point Product Reference Guide ANSI 19200 bps none...
Page 144 Configuring the AP 9. From the Main Menu select AP-4131 Access Point Product Reference Guide...
Page 145 Configuring the AP 10. Press to view the Firmware Update Menu. 11. Under the function heading , select 12. Press ENTER. Selecting downloads the file AP_CFG.TXT. 13. The Special Functions Menu displays Type . When using Xmodem, verify the file is correct before a send. An incorrect file can render the AP inoperable.
Page 146 16. Select 17. Select 18. Select Send. 19. The terminal or computer displays the transfer process through a progress bar and the screen flashes: 20. The download is complete when the UI displays: If the Config update fails, the UI displays an error message. The AP automatically resets after the file transfer completes.
Page 147: Setting Logging Options
2.13 Setting Logging Options The events logged by the access point depend on how the logging options are configured in the Event Logging Configuration screen. The event log allows the administrator to select and log important events. Event logging can be either enabled or disabled in its entirety, or various access point events and violations can be enabled.
Page 148 2. Set Any Event Logging to that do not require logging when disabling Any Event Logging. Use SPACE BAR or LEFT/RIGHT-ARROW keys to toggle between Enabled and Disabled. Any Event Logging Security Violations MU State Changes WNMP Events AP-AP Msgs Telnet Logins System Events Ethernet Events...
Page 149: Updating Ap Firmware
2.14 Updating AP Firmware When updating or downgrading the files the user is required to use the . Both the firmware and HTML files are required to be loaded on the TFTP server or users hard disk. Access points with firmware and HTML file version 3.00 can not be downgraded.
Page 150 Use the TAB key to scroll through menu items. To update the AP firmware: 1. Copy the Firmware files dsap3_fw.bin and dsapt3htm.bin on the terminal or PC hard disk. 2. Telnet to the AP using its IP address. 3. At the prompt type the password: The password is case-sensitive.
Page 151 Configuring the AP 5. Select from the Main Menu and press ENTER. 6. Press to view the Firmware Update Menu. AP-4131 Access Point Product Reference Guide...
Page 152 7. Select 8. Press ENTER. 9. Enter the firmware filename in the firmware field Change this only if the user or system/network administrator requires a new filename. The default files for a 4131 model access point are dsap3_fw.bin and dsapt3htm.bin. Verify the path for the filename is accurate.
Page 153: Updating Using Xmodem
The WIRED LAN ACTIVITY indicator on the AP does NOT flash. To view the file transfer log, switch to the TFTP application. The AP resets when the file transfer and FLASH programming completes. 16. Telnet to the AP using its IP address. 17.
Page 154 Configuring the AP The default filenames for a 4131 model access point are dsap3_fw.bin and dsapt3htm.bin 2. Attach a null modem serial cable from the AP to the PC serial port. 3. On the PC, start the emulation program. 4. Name the session Spectrum24 AP and select OK. The procedure described below is for Windows 98.
Page 155 5. Select the correct communication port, typically with the following parameters: emulation baud rate data bits stop bits parity flow control 6. Select OK. 7. Press ENTER to display the Main Menu. 8. Select The password is case-sensitive. AP-4131 Access Point Product Reference Guide ANSI 19200 bps none...
Page 156 Configuring the AP 9. From the Main Menu select and press ENTER. 10. Press to view the AP-4131 Access Point Product Reference Guide...
Page 157 11. Under the function heading 12. Press ENTER. Selecting files are located in the same directory before the download begins. 13. At the confirmation prompt, press dsap3_fw.bin and dsapt3htm.bin are the files for a 4131 model access point. When using Xmodem, verify the accuracy of the file before a send. An incorrect file can render the AP inoperable.
Page 158: Auto Upgrade All Aps Through Messaging
20. The download is complete when the UI displays: If the firmware update fails, the UI displays an error code indicating the cause. The AP automatically resets after all file transfers are completed. • Exit the communication program to terminate the session. •...
Page 159 Configuring the AP To update the AP firmware: 1. Copy the Firmware files on the terminal or PC hard disk. 2. Telnet to the AP using its IP address. 3. At the prompt type the password: The password is case-sensitive. Set the System Passwords in the Set System Configuration screen.
Page 160 5. Select Press 6. Select 7. Type the firmware filename in the Download Filename field: Change the filename only if the user or system/network administrator requires a different name. The default firmware filename is dsap3_fw.bin for the 4131 model access point. For the 4131 model access point, ensure the firmware filename is dsap3_fw.bin and the HTML filename is dsapt3htm.bin unless the user changed the filename.
Page 161 9. Press ENTER. 10. Select 11. Select 12. Press 13. Select The Telnet session ends when the user answers To view the file transfer log, switch to the TFTP application. The AP resets when the file transfer and FLASH programming completes. 14.
Page 162: Performing Pings
The AP displays the Main Menu. 16. Verify the accuracy of the version number on the System Summary screen. 17. Press CTRL+D to end the Telnet session. 2.16 Performing Pings An access point sends a ping packet to an MU and waits for a response. Use pings to evaluate signal strength between two stations.
Page 163 Configuring the AP To ping another station: 1. Select the screen from the Main Menu to display: 2. Select Regular to display: 3. Press TAB to highlight the MAC address of the station to ping AP-4131 Access Point Product Reference Guide...
Page 164 4. Select 5. Enter the MAC address of the station to ping. 6. Enter the number of echo requests (1 to 539), length of packets in bytes (1 to 539) and data content in hex (0x00 to 0xFF). 7. Select transmitted and received: to display the to begin.
Page 165: Mobile Ip Using Md5 Authentication
2.17 Mobile IP Using MD5 Authentication Users can achieve authentication by using the MD5 algorithm with a shared key configured into the AP and its MU. MD5 is a message-digest algorithm that takes an arbitrarily long message and computes a fixed-length digest version, consisting of 16 bytes (128 bits), of the original message.
Page 166: Saving The Configuration
2.18 Saving the Configuration The AP keeps only saved configuration changes after a reset. To make configuration changes permanent, save changes as needed. To save all changes: Press F1 in the configuration screens displaying the the following procedure: 1. Select Special Functions from the Main Menu to display: 2.
Page 167: Resetting The Ap
2.19 Resetting the AP Resetting an AP clears statistics and restores the last saved configuration. If users make unsaved changes, the AP clears those changes and restores the last saved configuration on reset. • Select Special Functions from the Main Menu. •...
Page 168: Configuring Network Time
2.21 Configuring Network Time The access point is able to display the local time of the server used to validate requests for secured (password protected) resources. To view the access point network time: 1. From the Main Menu, select the Special Functions Menu. Only use the Configure Network Time screen when the WLAN KSS utility is not being used.
Page 169: Chapter 3 Monitoring Statistics
Monitoring Statistics Chapter 3 The AP keeps statistics of its transactions during operation. These statistics indicate traffic, transmission success and the existence of other radio network devices. Clear statistics as needed. System Summary The Show System Summary screen displays information about the APs configuration.
Page 170 2. Configure the AP system settings as required: Unit Name MAC Address (BSS) IP Address Net_ID (ESS) Channel Country Antenna Selection Shared Key Kerberos EAP/TLS Key Width Start Flashing All LEDs Reset AP Identifies the AP name. Identifies the unique 48-bit, hard-coded Media Access Control address.
Page 171 AP Configuration ACL & Filters AP-4131 Access Point Product Reference Guide Specifies the outcome of reading and processing the downloaded ap_cfg.txt. Messages displayed can be: • Unchanged • File Download Failed • Set Successfully • Unknown Menu Page • Unknown Menu Item •...
Page 172 Access Control WLAP Mode Model Number Serial Number Hardware Revision AP Firmware Ver RF Firmware Ver HTML File Ver Current MUs Total Assoc System Up Time 3. Press ESC to return to the previous menu. Specifies if the access control feature is set to one of three Access Control modes: Disabled, Allowed, or Disallowed.
Page 173: Interface Statistics
3.2 Interface Statistics The Interface Statistics screen provides: • packet forwarding statistics for each interface (Ethernet or RF) • performance information for each interface in packets per second (pps) and bytes per second (bps). The AP interface indicates packets sent to the AP protocol stack (e.g.
Page 174: Forwarding Counts
Forwarding Counts Forwarding Counts provides information on packets transmitted from one interface to another (Ethernet, radio, or AP). Forwarding Counts also displays the broadcast packets (Bcast) transmitted from the AP . • Select Forwarding Counts from the Main Menu to display: –...
Page 175: Mobile Units
Mobile Units Mobile Units (MU) statistics provide information on MUs associated with the AP . The statistics include information on data sent and received, activity and association. An MU shows only in the Home/Foreign Agent Table screens when an MU has roamed to another AP on a different subnet. Once an MU has roamed, the MU IP Address displays on the Home Agent Table screen of the MU “home”...
Page 176 Use TAB or arrow keys to highlight the desired screen. Press ENTER to display the selected screen. • Select Regular from the Mobile Units prompt to display: Where: addr P , C or A • To bring up the WNMP Packet Ping Function screen, press TAB to highlight the MU and select See section 2.16: ”Performing Pings”...
Page 177 Monitoring Statistics • To bring up detailed information on an MU, press TAB to highlight the MU and select to display: AP-4131 Access Point Product Reference Guide...
Page 178 Displayed information includes: Interface State Power Mode Station ID Begin Current Assoc Supported Rates Current Xmt Rate Priority Session User Name Authentication Method Session Time Session Packets Sent Session Packets Rcvd The number of data packets received from the target The AP interface shows the MU connection as: RF, Ethernet or AP .
Page 179 Sessions Bytes Sent Session Bytes Rcvd Session End Clause Packets Sent Packets Rcvd Bytes Sent Bytes Rcvd Discard Pkts/CRC Last Activity Last Data Activity • Select • Select • Press ESC to return to the previous menu. AP-4131 Access Point Product Reference Guide The number of data bytes sent from the target MU during the session.
Page 180: Mobile Ip
Mobile IP The following tables display the mapping of MUs to mobility agents. See section 1.3.7: ”Mobile IP” on page 21. • Select Home Agent from the Show Mobile Units prompt to display: • Select Foreign Agent from the Show Mobile Units prompt to display: AP-4131 Access Point Product Reference Guide...
Page 181: Known Aps
Known APs The AP displays a list of the known APs derived from AP-to-AP communication. The list includes the MAC and IP addresses and configuration information for each AP . The first AP on the list provides the information. The AP recognizes other APs listed in subsequent lines. A broadcast message to APs every 12 seconds determines this list.
Page 182 Monitoring Statistics • Select to view the Unit Name for each known AP . AP-4131 Access Point Product Reference Guide...
Page 183 The AP displays for each known AP: MAC Address IP Address DS Channel KBIOS FW_Ver Away • Select TAB key • Select using the TAB key • Select • Select • Select • Press ESC to return to the Main Menu. AP-4131 Access Point Product Reference Guide The unique 48-bit, hard-coded Media Access Control address, known as the devices station identifier...
Page 184: Ethernet Statistics
Ethernet Statistics The AP keeps Ethernet performance statistics including packet transmission and data retries until reset. • Select Ethernet Statistics from the Main Menu to display: Packet display for Ethernet statistical units: Packets Seen Packets Forwarded Discarded/NoMatch The packets discarded because of unknown destinations Discarded/Forced Discarded/Buffer Discarded/CRC...
Page 185 Packets Sent Any Collision 1 + Collisions Maximum Collisions Late Collisions Defers – Select – Select – Press ESC to return to the previous menu. AP-4131 Access Point Product Reference Guide The total packets sent out. The packets affected by at least one collision. The packets affected by more than one collision.
Page 186: Radio Statistics
3.8 Radio Statistics The AP keeps radio performance statistics including packet and communication information. To view RF statistics: • Select Show RF Statistics from the Main Menu to display: AP-4131 Access Point Product Reference Guide...
Page 187 Radio performance statistics include: Data Packets Sent Data Bytes Sent BC/MC Packets Sent BC/MC Bytes Sent Sys Packets Sent SBC/MC Packets Sent Succ Frag Packets Unsucc Frag Packets Fragments Sent Packets w/o Retries Packets w/ Retries Packets w/ Max Retries The transmitted packets affected by the maximum Total Retries Data Packets Rcvd Encrypted Pkts Rcvd...
Page 188 Succ Reass Packets Unsucc Reass Packets Fragments Rcvd Rcv Duplicate Pkts Undecryptable Pkts Rcv CRC Errors Rcv ICV Errors – Select – Select – Select – Select WNMP packets once per second, the graph displays the signal strength of each reply, the received packet TX rate, and the number of retries required.
Page 189 Monitoring Statistics • To display the WLAP RF Statistics screen select AP-4131 Access Point Product Reference Guide...
Page 190 Where: Current # WLAP Itf Current State Priority Root Interface Root Priority Root MAC Address Root Path Cost Itf ID Refers to the current Wireless AP interfaces in use in range. On initialization, the AP can be in any of the following states of wireless operation: •...
Page 191 WLAP Itf MAC Addr Itf State Path Cost Designated Root ID Designated Cost Designated WLAP ID A WLAP ID assigned by the Root AP . Designated Itf ID – Select – Select – Press ESC to return to the previous menu. AP-4131 Access Point Product Reference Guide States the MAC address of the associated WLAP .
Page 192: Miscellaneous Statistics
Miscellaneous Statistics The AP keeps statistics on WNMP and SNMP packets, filtering and Mobile IP . The Miscellaneous Statistics screen shows grouped statistics. • Select Show Misc Statistics from the Main Menu to display: AP-4131 Access Point Product Reference Guide...
Page 193 WNMP statistics include: Echoes Pings Passthrough Echoes SNMP statistics include: Requests Traps Filter statistics include: ACL Violations Address Type Mobile IP statistics include: Agent Ad Sent Reg Request Received Reg Reply Sent – Select – Select – Press ESC to return to the previous menu. AP-4131 Access Point Product Reference Guide echo requests received by the AP ping requests received by the AP...
Page 194: Analyzing Channel Use
3.9.1 Analyzing Channel Use The AP keeps statistics for individual Channels (frequencies). These identify channels that have difficulty transmitting or receiving due to retries. To view statistics for individual channels: 1. Select Show Misc Statistics from the Main Menu. 2. Select Per Channel Statistics to display: The display shows counters for the packets sent, received and retries for each channel.
Page 195: Analyzing Retries
3.9.2 Analyzing Retries The AP keeps statistics of packets with multiple retries. Use these statistics to identify severe occurrences of retries. Retries occur when the transmitting station fails to receive an acknowledgment for a transmitted packet. This lack of acknowledgment can result from: •...
Page 196: Event History
3.10 Event History The AP tracks specific events. The types of events logged are configurable. The log is a 128-entry circular buffer. After the 128th entry, the earliest event entry deletes. The Event History displays the most recent event at the top of the list. Each event lists a time stamp recorded in hh:mm:ss from the time the AP powered up or reset.
Page 197: Clearing Statistics
3.11 Clearing Statistics To clear statistics: 1. Select Special Functions from the Main Menu. 2. Select Clear All Statistics. The AP zeroes all statistics. Resetting the AP also clears statistics. AP-4131 Access Point Product Reference Guide...
Page 198 Monitoring Statistics AP-4131 Access Point Product Reference Guide...
Page 199: Chapter 4 Hardware Installation
Hardware Installation Chapter 4 AP installation includes connecting the AP to the wired network, AP placement and power up. Installation procedures vary for different environments. Precautions Before installing the AP verify the following: • Do not install in wet or dusty areas without additional protection. Contact a Symbol representative for more information.
Page 200: Requirements
Requirements The minimum installation requirements for a single-cell, peer-to-peer network: • a power outlet • an AP antenna. The 4131 AP supports a 10/100Base-T unshielded twisted pair (UTP) wired LAN cabling connection. For management user interface access to the serial connector, use a standard null-modem cable for direct serial connection.
Page 201: Single Cell
The secondary antenna is marked with two vertical bars. The standard antenna performs well in most office environments. Obtain additional or higher-performance antennas from Symbol Technologies, Inc. Contact Symbols representative to order the following models. •...
Page 202: Power Options
If installing two antennas, enable the Antenna Selection in the User Interface found in section 2.3: ”Access Point Installation” on page 54. Power Options Power options are as follows: • Standard 24 volt, 1 amp power supply115/230VAC, 50/60Hz. • US line cord. A Symbol BIAS-T system can also be used to combine low-voltage DC with Ethernet data in a single cable connecting to an access point.
Page 203: Mounting The Ap
Mounting the AP The AP rests on a flat surface or attaches to a wall, or any hard, flat, stable surface. Use the standard-mounting kit provided with the Spectrum24 AP-4131access point. Choose one of the options based on the environment Resting flat Attaching on the wall Connecting the Power Adapter...
Page 204: Bias-T Low Power Distribution System
BIAS-T Low Power Distribution System The BIAS-T system provides an economical and reliable method for powering access point(s) from a remote location. The BIAS-T system combines low- voltage DC with Ethernet data in a single cable connecting to an access point.
Page 205 The BIAS-T is a small lightweight unit with a RJ-45 patch cord input connector from the hub on the left-hand side and a RJ-45 patch cord output connector (via the wiring infrastructure) to an access point on the right-hand side. Also on the left-hand side of the BIAS-T is a 24-volt DC connector used to input DC power from the power supply.
Page 206 To install a BIAS-T system using a single BIAS-T unit and access point: Steps 1-3 could involve running Ethernet cabling through industrial walls or ceilings. Only a qualified contractor should perform this kind of cabling. 1. Attach one end of a RJ-45 patch cord (5-50 ft.) to the access point. Run the other end of the RJ-45 patch cord through a ceiling or wall into a punch down termination box.
Page 207 4. Attach a third RJ-45 patch cord from the input connector on the left-hand side of the BIAS-T unit to the HUB supporting the Spectrum24 component installation. 5. Attach the cable supplied with the Symbol Standard 24-volt power supply to the power-input connector on the left-hand side of the BIAS-T unit. 6.
Page 208: Led Indicators
LED Indicators The top panel LED indicators provide a status display indicating transmission and other activity. The indicators are: Power Wired LAN Activity Wireless LAN Activity AP-4131 Access Point Product Reference Guide Flashing indicates AP initialization. Steady Green during operation. Flashing indicates data transfers on wired connection.
Page 209: Wlap Mode Led Display
4.9.1 WLAP mode LED display. When in the WLAP mode the chart below signifies the APs LED indicator status. For the IEEE 802.11 protocol and APs using firmware version above only. 1. After power up, system initialization begins: Power Wired LAN Activity Wireless LAN Activity 2.
Page 210: Special Cases
5. When all WLAP connections are in Forward state: Power Wired LAN Activity Wireless LAN Activity Special cases: • If the WLAP manual BSS_ID is NOT set and no other WLAP is found, the WLAP goes to the functional state. •...
Page 211: Troubleshooting
4.10 Troubleshooting Check the following symptoms and their possible causes before contacting the Symbol Support Center. 4.10.1 Ensure wired network is operating Verify AP operation: 1. AP does not power up: – faulty AP power supply – failed AC supply –...
Page 212: Setting Up Mus
– Check that the radio driver loaded properly. – Check that the MU PROTOCOL.INI or NET.CFG file is compatible with the network operating system. 4. Slow or erratic performance: – Check MU and RF communications range. – Check antenna, connectors and cabling. –...
Page 213: Appendix A Specifications
Specifications Appendix A A.1 Physical Characteristics Dimensions Weight (w/power supply) Operating Temperature Storage Temperature -40º F to 149º F (-40º C to 65º C) Humidity Shock Drop AP-4131 Access Point Product Reference Guide 1.75” H x 6” L x 8.5” W (4.45” cm H x 15.24” cm L x 21.59”...
Page 214: Radio Characteristics
A.2 Radio Characteristics Frequency Range (country dependent; within 2400 MHz to 2500 MHz) Radio Data Rate 11 Mbps Range TX Max. Radiated EIRP Modulation TX Out-of-Band Emissions • 11 Mbps -- Optional • 5.5 Mbps -- Optional • 2 Mbps -- Required •...
Page 215: Network Characteristics
A.3 Network Characteristics Driver Support Ethernet Frame Filtering Packet Rate Ethernet Connection Serial SNMP AP-4131 Access Point Product Reference Guide NDIS v4.0 and v5.0 DIX, Ethernet_II and IEEE 802.3 14,400 frames per second filtering and forwarding 10/100Base-T (AP-4131 model access point only) PC/AT serial port - DB9 Male, RS-232 using a DTE termination, 19200 bps s24dsap.mib, MIB-II and 802.1x.mib...
Page 216 Specifications AP-4131 Access Point Product Reference Guide...
Page 217: Appendix B Supported Modems
Supported Modems Appendix B The AP uses Hayes commands and is capable of working with various modems of 19200 baud or faster. Symbol does not support modems the company has not qualified. The following modems qualify to work with the AP-4131access point: •...
Page 218 Supported Modems AP-4131 Access Point Product Reference Guide...
Page 219: Appendix C Customer Support
Customer Support Appendix C Symbol Technologies provides its customers with prompt and accurate customer support. Use the Symbol Support Center as the primary contact for any technical problem, question or support issue involving Symbol products. If the Symbol Customer Support specialists cannot solve a problem, access to all technical disciplines within Symbol becomes available for further assistance and support.
Page 220: Additional Information
International Contacts Outside North America, contact Symbol by: • Symbol Technologies Symbol Place Winnersh Triangle, Berkshire, RG41 5TP United Kingdom 0800-328-2424 (Inside UK) +44 118 945 7529 (Outside UK) Symbol Developer Program Web Site http://software.symbol.com/devzone Symbol Knowledge Base http://kb.symbol.com/register.asp Additional Information Obtain additional information by contacting Symbol at: •...
Page 221: Appendix D Country Identification Codes
Country Identification Codes Appendix D Use the table below to select a Country Name, First Channel, Number (No.) of Channels, Default Channel, Maximum Transmit Power, Regulatory Domain, and Country ID. Update these values in the AP installation screen. Contact a local representative for any country not listed. Country Name Argentina Australia...
Page 222 Country Name Finland France Germany Greece Guatemala Hong Kong Hungary Iceland India Indonesia Ireland Israel Italy Japan Jordan Kuwait Liechtenstein Lithuania Luxembourg Malaysia Mexico Morocco Netherlands New Zealand Norway Peru Country ID Channels First No. Default AP-4131 Access Point Product Reference Guide Max.
Page 223 Country Name Panama Philippines Poland Portugal Qatar Romania Russian Federation RU Saudi Arabia Singapore Slovak Republic Slovenia South Africa South Korea Spain Sri Lanka Taiwan Thailand Turkey Ukraine Venezuela AP-4131 Access Point Product Reference Guide Country ID Channels First No. Default Max.
Page 224 Country Identification Codes A site license is required for India. To support this regulatory requirement, enter the Site License ID in the field on the AP Installation Screen. AP-4131 Access Point Product Reference Guide...
Page 225: Appendix E Installing And Configuring Kerberos Setup Service
Installing and Configuring Appendix E Kerberos Setup Service The Kerberos Setup Service (KSS) program runs on the Key Distribution Center (KDC) server. The KSS can be used optionally to administer Spectrum24 access points authorized on the network. For example, an AP on the Access Control List (ACL) is lost or stolen.
Page 226: Installing The Kss In A Windows 2000 Environment
Java Runtime is on the Spectrum24 High Rate 11 Mbps Wireless LAN Software CDROM within the KSS directory. For information on installing Windows 2000 Server, setting up the KDC and enabling ActiveDirectory services, refer to the documentation shipped with Windows 2000 server. E.2 Installing the KSS in a Windows 2000 Environment Install the KSS from the Spectrum24 High Rate 11 Mbps Wireless LAN Software CDROM or go to the Symbol Website...
Page 227 5. Click to install KSS to the default destination folder. The user has the option of clicking folder if necessary. A progress bar displays showing the progress of the KSS files installation. 6. The Setup Complete KSS. Clear the it selected to view the Read Me file. 7.
Page 228 3. Enter the user name (20 characters maximum) in the Last name 4. Enter and confirm a password for the user. 5. Select the A confirmation dialog box displays. Click Finish. 6. Right-click the newly created user account from the window.
Page 229: Preparing The Kss For Access Point Validation
E.3 Preparing the KSS for Access Point Validation To prepare the KSS to validate access points: 1. Click Kerberos Setup Service 2. Using the user account created in the previous section, select from the Kerberos Setup Service information. 3. Click 4.
Page 230 Preference 5. Select different from the default key. If the default secret key is acceptable, leave the The same secret key entered in the KSS Secret screen. Network Port conflicts occur. 6. Click 7. From the Kerberos Account Options Kerberos Setup Service dialog box displays.
Page 231 Kerberos Account Entry 8. Select the 9. Enter the Do not set an ESSID or create a Password at this time. ESSID/Principal Enrollment. APs with the same ESSID share common Kerberos account information. The ESSID is the Kerberos Principal for APs. AP-4131 Access Point Product Reference Guide dialog box displays.
Page 232 10. Click Kerberos Account Entry 11. Click 12. Click the AP Setup Account Database Open Enrollment Default Properties If required, select If the the user has the ability to restrict KSS authentication for the single access point displayed in the Use the down menus to specify the time period the selected access point is allowed to authenticate with the KSS.
Page 233 Selecting enables KSS authentication for the selected access point at all times. Selecting enables KSS authentication for the selected access point only during the time period specified within the pull-down menus. Selecting with the KSS. 13. Click Save. AP Setup Account Database settings.
Page 234 Listen For Connection 17. Select Kerberos Setup Service The next step is to configure the access points for Kerberos support if they have not already been configured. 18. Reboot the access points. Refer to the AP-4131 Access Point Product Reference Guide for Kerberos setup information. The connection port is required to match the AP connection port.
Page 235 When the APs initialize, the AP list view window displays the Events KSS). 19. When the access points have successfully initialized, select Enrollment icon once the access points have been granted access. Disable Open Enrollment to prevent foreign access points from getting information from the KSS.
Page 236: Manually Creating An Access Point Setup Account
E.4 Manually Creating an Access Point Setup Account Manually create an AP Setup Account for the AP and create a Kerberos account with the KDC. The AP Setup Account database stores validation information for an AP . Manually create an access point setup account only if the user does not want to use the Open Enrollment option.
Page 237 To create an access point setup account: 1. From the 2. Enter the AP MAC Address as a Primary Key in the AP Setup Account Database dialog box. 3. Enter the ESSID. The ESSID is used as the Kerberos Principal for the AP . The AP Setup Account is used to control which access points are permitted Kerberos Setup information.
Page 238: Implementing Kerberos Without The Kss
4. Enter the AP access range set the time and status information using the Setup Start Time 5. Set the SNMP Setting. 6. Click After the AP initializes, the AP list view window displays the Events E.5 Implementing Kerberos without the KSS Kerberos support is available for the AP-4131 access point without the use of the KSS.
Page 239 The access point can now be configured for Kerberos support via the Serial or Telnet interfaces. The Kerberos Configuration parameters have been moved to the Functions 6. From the 7. Set the KDC Server Name/IP to the IP Address where the KDC is setup. 8.
Page 240 Installing and Configuring Kerberos Setup Service E-16 AP-4131 Access Point Product Reference Guide...
Page 241: Index
Index Numerics 10/100Base-T unshielded twisted pair 190 10/100Base-T UTP 190 access control 14 disallowed address 14 MU 14 unauthorized access 14 Access Control List 14 Access Point 1 access control 162 Access Control List 1 adding allowed MUs 115 adding disallowed MUs 119 advanced radio theory 12 analyzing retries 185 antenna selection 160...
Page 242 monitoring statistics 159 mounting 193 network connection 190 power adapter 193 power options 192 PSP 24 Radio Characteristics A-2 radio performance statistics 176 removing allowed MUs 115 RF statistics 176 roaming across routers 22 RSSI 21 shared key authentication 26 single-cell connection 191 site survey 11 site topography 11...
Page 243 additional DNS 57 additional gateways 56, 58 antenna selection 57 country config 56 dhcp disabled 58 dhcp/bootp enabled 58 dhcp/bootp options 58 DNS IP address 57 enable bootp only 58 enable only dhcp 58 gateway IP address 56 IP address 56 Net_ID (ESS) 57 subnet mask 57 unit name 56...
Page 244 saving 156 Setting Logging Options 137 Special Functions 156 system parameters 59 System Password Administration 69 TCP/IP 37 Telnet 37 type filtering 120 UI 37 updating using Xmodem 132 wireless operation parameters 80 WLAP forward delay 77, 84 WLAP hello time 76, 83 WLAP manual BSS ID 76, 83 WLAP Max Age 76, 83 WLAP mode 75, 82...
Page 245 DTIM AP 10 association process 10 root AP 10 electromagnetic waves 3 encryption 25 128 Bit 92 40 Bit 90 administration 66 environment 3 ESSID 73 Ethernet interface 16 ethernet statistics 174 Ethernet wired LAN 1 features 2 10/100baseT Ethernet port interface 2 BOOTP support 2 built-in diagnostics 2 built-in dual antenna assembly 2...
Page 246 Kerberos AP proxy 29 authentication 26 authentication service (AS) 28 default setting 31 disabling 31 enabling 31 implementation 26 Key Distribution Center (KDC) 27 kss function 28, E-1 manual authentication configuration 94 MU authentication 29 realm 27 TGS_REP 29 TGS_REQ 29 Ticket Granting Ticket Server 28 known APs 171 MAC and IP addresses 171...
Page 247 data encryption 25 DTIM 25 filtering 14 home agent 23 known APs 171 Mobile IP 21, 170 performing pings 152 power mode 168 priority 168 removing allowed MUs 116 scanning 23 security 25 statistics 165 supported rates 168 MU association process multiple APs 5 network topology 3 programmable SNMP trap 34...
Page 248 roaming across routers 22 AP 23 home agent 23 IP address 22 Mobile IP 21 MU 23 TIM 24 root AP association process 10 Bridge Protocol Data Unit 10 DTIM 10 TIM 10 WLAP mode 10 security 25 decryption 25 encryption 25 kdc name 96 kerberos 96...
Page 249 kerberos 96 kss name 96 kss port 96 MD5 key 62 Modem Connected 63 MU-MU Disallowed 63 password 96 realm name 96 rf Interface 65 S24 Mobile IP 62 System Password Admin 64 Telnet logins 60, 61 type filtering 63 user id 96 user password 70 WNMP functions 63...
Page 250 WLAP Max Age 75, 76, 83 WLAP mode 75, 82 WLAP priority 75, 82 WLAP priority value 10 WLAP forward delay configuration 77, 84 WLAP hello time configuration 76, 83 WLAP manual BSS ID configuration 76, 83 WLAP Max Age configuration 76, 83 WLAP mode AP 6, 7, 81...

This manual is also suitable for:

Ap-4131

Symbol Spectrum24 AP-4131 Product Reference Manual

Chapter 1 Introduction

Chapter 2 Configuring the AP

Chapter 3 Monitoring Statistics

Chapter 4 Hardware Installation

Appendix A Specifications

Appendix B Supported Modems

Appendix C Customer Support

Appendix E Installing and Configuring Kerberos Setup Service

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Symbol Spectrum24 AP-4131

Summary of Contents for Symbol Spectrum24 AP-4131

This manual is also suitable for:

Table of Contents