Cerio eXtreme OW-408 A1-MESH User Manual
  1. Manuals
  2. Brands
  3. Cerio Manuals
  4. Wireless Access Point
  5. eXtreme OW-408 A1-MESH
  6. User manual

Cerio eXtreme OW-408 A1-MESH User Manual

Power wave2 4x 2x2 +8dbi dual-band man-mesh outdoor cpe/ap, cenos 5.0
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
CERIO Corporation
CenOS 5.0
User Manual
for
OW-408 A1-MESH
eXtreme Power Wave2 4X 2x2 +8dBi Dual-Band
MAN-MESH Outdoor CPE/AP
V4.0

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the eXtreme OW-408 A1-MESH and is the answer not in the manual?

Questions and answers

Related Manuals for Cerio eXtreme OW-408 A1-MESH

Summary of Contents for Cerio eXtreme OW-408 A1-MESH

  • Page 1 CERIO Corporation CenOS 5.0 User Manual OW-408 A1-MESH eXtreme Power Wave2 4X 2x2 +8dBi Dual-Band MAN-MESH Outdoor CPE/AP V4.0...

  • Page 2: Table Of Contents

    Content Device and Software Configuration ....................7 Device & Antenna appearance & RJ-45 Ports description ..........7 Setup preparation of AP ....................7 Login Web Page ......................10 Operating Mode Introduction ......................11 MAN-Mesh Mode (Default ) ..................11 Access Point Mode ....................... 12 Client Bridge + Repeater Mode..................
  • Page 3 4.2.1 Mesh Radio 0 (2.4G) Setup .................... 48 4.2.2 Mesh Radio 1 (5G) Setup ....................51 4.2.3 Advanced Setup ......................55 4.2.3 WMM Setup ......................... 57 MAN-Mesh ........................60 4.3.1 MAN-Mesh Common Setup................... 60 4.3.2 MAN-Mesh Device Setup ....................63 Change Other Setup modes ...................
  • Page 4 Walled Garden ......................97 iii. Privilege Address ......................97 Bulk MAC Address ......................98 Profile .......................... 99 RADIUS Server ......................100 RADIUS Account Setup ....................100 Wireless Configuration ....................102 5.6.1 Radio 0 (2.4G) Setup ....................102 5.6.2 Radio 1(5G) Setup ....................... 104 5.6.3 Advanced Setup ......................
  • Page 5 WISP Mode ..........................136 Change Setup mode ....................136 Configure WAN Setup ....................136 Configure LAN Setup ....................140 Configure DHCP Setup ....................143 Wireless General Setup ....................145 7.5.1 Radio 0 (2.4G) Basic Setup ..................145 7.5.2 Radio 1 (5G) Basic Setup ..................... 147 7.5.3 Advanced Setup ......................
  • Page 6 System Log ......................... 196 11. [ Other technical documents] ...................... 197 11.1 Point to Point / Multi-Point for WDS settings .............. 197 11.2 Apply CERIO web authentication login page sample ............ 198 Appendix A. WEB GUI Valid Characters....................205 V4.0...

  • Page 7: Device And Software Configuration

    Device and Software Configuration 1.1 Device & Antenna appearance & RJ-45 Ports description 1. 2x2 Antenna Description Built in 8dBi dual band Wide Coverage Directional Antenna 2. RJ-45 Ports Description Gigabit ETH1 / PoE in Gigabit ETH2 1.2 Setup preparation of AP Please PC link to Device used cat5/6 Ethernet cable.
  • Page 8 Basic connection diagram: Step 1: Please click on the computer icon in the bottom right window, and click “Open Network and Internet settings” Step 2: After click left side "Ethernet" function, click on the right side “Change adapter options” again. V4.0...
  • Page 9 Step 3: In “Change adapter options” Page. Please find Ethernet (Local LAN) and Click the right button on the mouse and Click “Properties” Step 4: In Properties page to setting IP address, please find “Internet Protocol Version 4 (TCP/IPv4)” and double click or click “OK” button. Step 5 : Select “Use the following IP address”, and fix in IP Address : 192.168.2.# V4.0...

  • Page 10: Login Web Page

    ex. The # is any number by 1 to 253 Subnet mask : 255.255.255.0 And Click "OK" to complete the fixed computer IP setting Login Web Page Launch Web Browser Launch as web browser to access the web management interface of system by entering the default IP Address, http://192.168.2.254, in the URL field, and then press Enter.

  • Page 11: Operating Mode Introduction

    Operating Mode Introduction The default mode for the first login of the system is "MAN-Mesh mode". Please decide which mode to use the application requirements. You can refer to the following model application instructions to use the correct model. If administrators need to switch to other modes, they can apply the change mode under "System Management Mode Setup"...

  • Page 12: Access Point Mode

    It’s suitable for a backbone network development and solution for backhaul deployment of Semi-Mobile mesh network, such as data transmission of the public transport system (ex. Railways, Ships, Bus, MRT, Gondola, etc.) In addition, it’s also the perfect solution for the Intersection monitor Backhaul Deployment.
  • Page 13 This enables the wireless interconnection of Access Point in a IEEE802.11 network and accepts  wireless Support Captive Portal authentication.  Application of WDS function in Access Point mode WDS can be used for long-distance point-to-point wireless connections, as well as applications for long-distance point-to-multipoint wireless connections.

  • Page 14: Client Bridge + Repeater Mode

    2.3 Client Bridge + Repeater Mode Please click on System ->Mode Setup and choose Client Bridge Mode Client Bridge mode, which is responsible for wireless connection with the upper Access Point station(AP). the device must be bridged with the upper Access Point station(AP) for normal operation, and the Repeater extended Access Point station(AP) can be used normally after bridging with the upper AP.

  • Page 15: Wisp + Repeater Ap Mode

    2.4 WISP + Repeater AP Mode Please click on System ->Mode Setup and choose WISP Mode WISP's WAN end wirelessly bridges the upper xDSL AP. The connection method supports dynamic IP, static IP, PPPoE and PPTP. When sharing to all network through NAT. V4.0...

  • Page 16: Cap Mode (Centralizes Access Point)

    It can be used as an WISP (Wireless Internet Service Provide) to receive wireless signals over last  mile application, helping WISPs deliver wireless broadband Internet service to residents and business customers In the WISP (CPE) mode, the CenOS 5.0 AP is a gateway enabled with NAT and DHCP Server ...

  • Page 17: System Configuration

    System Configuration There are common functions in any mode have management / Time Server / SNMP and Time Policy. Please refer to the following detailed instructions. Management Administrators can specify geographical location of the system via instructions in this page and modify system login password and select use system login protocol by 80, 443, 23, 22 Port.
  • Page 18  System Language: Administrator can select system language for English and Traditional Chinese  System Information: Administrator can set the system name / Description and Location.  Root Password: Administrator can change system login password.  LED Control:When system working the moment, device LED will flashes. Administrator can select close the LED flashes in the function.
  • Page 19  System Log Setup: Administrator can be backup system log or authentication log to remote server. Please enter IP address and port of remote syslog server. Auto Reboot: The functions can Auto-reboot the system by Date/time management.  Daily: Setting time to system reboot. ...

  • Page 20: Configure Time Server

    Configure Time Server Administrator can select manual or via a NTP server to modify system time for the right local time. If select update the system time for manual, when administrator reboot system the system time will reply default. If select update the system time for the NTP Server, system must set gateway and DNS server, the system can be connected internet.

  • Page 21: Snmp

    3.3 SNMP SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. By enabling SNMP function, the administrator can obtain the system information remotely. Please click on System -> SNMP and follow the below setting. SNMP v2c function Active: Administrator can select Enable or Disable the service.

  • Page 22: Configure Time Policy

    assigned server. Active: Administrator can select Enable or Disable the service.  Community: Set a community string required by the remote host computer that will receive trap  messages or notices send by the system. IP(1~4) : Enter the IP addresses of the remote hosts to receive trap messages. ...
  • Page 23 Comment: Enter the description of Time Policy rule.  Mode: Administrator can select On schedule or Out of schedule to execution the rules.  Create New Policy button: Administrator can set time for week / start time and end time. Click “Save”...

  • Page 24: Man-Mesh Mode

    MAN-MESH Mode MAN-Mesh WiFi has the capability of dynamic routing automatic path selection. The dynamic path selection includes the best path transmission of the Mesh Backbone network and the best dynamic path transmission of the WAN / Internet route. # Single LAN physical WAN Internet / backhaul access architecture Under the interconnected MAN-Mesh AP environment, all the backhaul or WAN Internet access of the WiFi AP Station extension and its downstream LAN line will be transmitted through the Mesh backbone to the best link path back to the LAN physical line to the upstream connection.
  • Page 25 When IPv4 IP Application : When IPv6 IP Application : V4.0...

  • Page 26: Vlan Setup

    4.1 VLAN Setup Under Man-Mesh mode, the administrator must set up the system's IP address, the network segment must be the same as the internal network domain, and the IP address can’t be the same as other devices, otherwise it will cause conflicts Setting the AP's (LAN) IP address and other functions, please click "System "...
  • Page 27 Radio 0 :It is a 2.4Ghz radio. It can display the SSID name of 2.4Ghz in each VLAN and whether it  is enabled (green is enabled, red is disabled). Radio 1 :It is a 5Ghz radio, it can display the SSID name of 5Ghz in each VLAN and whether it is ...

  • Page 28: Vlan Wireless Access Point Network Setup

    You can set the IP address of the gateway in the architectural environment or the external DNS IP address (if there is no special needs, it is recommended to set at 8.8.8.8 which provided by Google or 168.95.1.1 provided by Chunghwa Telecom for public 4.1.2 VLAN Wireless Access Point Network Setup Click the "Network"...

  • Page 29: Network Pull-Down Menu

    Tree Protocol, which is also referred to as STP, is defined in the IEEE Standard 802.1d IAPP:Administrator can select radio 2.4G or 5G for IAPP roaming.  VLAN Tag Setup: Set the VLAN used tags.  The IAPP condition must use WPA2-PSK Wi-Fi security and AES algorithm) That if ETH0 is set to use a VLAN tag, you must enter the management interface with the same VLAN as the tag to enter the management settings.

  • Page 30: Ipv4 Bridge

    4.1.3 IPv4 Bridge For the MAN-Mesh routing device operating with Layer 3 core in the MESH routing architecture environment, it will determine how to forward data packets based on the data in the Routing Table. Each Mesh host has its own IP address definition for different network segments. The Routing Table exchanges information with each other for communication and interconnection.
  • Page 31 Static peer It has the same meaning as Static Routing. The manager manually enters and sets the IP location of the back-end LAN device to participate in the Mesh environment interconnection,manually specify the local physical LAN connection manually specify the LAN IP address, must have a LAN IP address which can connect in Mesh environment .
  • Page 32 Wrong static routing settings, such as adding a non-own MAN-Mesh AP back-end device to the MAN-Mesh AP settings of different stations (different network segments), or cross-setting or repeating to static backends of other stations (different network segments) When Peer (Static Routing) specifies the host IP, it will cause a conflict error in the specified Mesh routing.
  • Page 33 Layer2 Mode Layer2 : Select and enable the VxLan mode of this Layer 2 as the IPv4 Bridge. The Layer2 VxLan mode establishes a logical connection between entities between networks, and handles flow control and error detection during transmission. Layer2 encapsulates the digital signal of the physical layer into a data frame, where the frame contains the data link layer The MAC address used to identify the source address of the host data.
  • Page 34 VXLAN VNI:Virtual Network ID(VNI) Virtual identification designation, the specified ● value of the virtual identification of each MAN-Mesh host connected to each other in the environment must be the same, and a maximum of 16,000,000 VxLAN logical network virtual identifications are supported. If there is no need for large-scale or multi-VLAN custom settings, it is recommended to keep the default tag value as 0.
  • Page 35 Uplink Backup  Uplink IP Address You can choose to enable or disable, the default is "off", when the ● "off" state, it will automatically monitor the connection. When Uplink Backup is enabled, the five groups of IPv4 bridge Uplink IP in the ...
  • Page 36 Star Tree Mesh Uplink IP Address List  Uplink IP Address List: Display and fill in the IPv4 list of MAN-Mesh devices with priority ● designated connection. Currently there are five groups of customizable fill-in settings open. The fill-in value in this part is based on the IPv4 “Bridge address” system displayed by the host system of other stations (to be uplinked) as the main fill-in IP identification value.

  • Page 37: Dhcp Server

    be set to allow connection. The Link IP of the opposite host that is not on the list cannot be connected. It is a whitelist for WiFi MAN-Mesh MESH connection, which can avoid automatic interconnection and access of other unnecessary MESH devices. (The allowed IP is the IPv4 address of MESH/ Mask is the subnet mask) Auto Link Allow Address List: ...
  • Page 38 The DHCP server includes "DHCP service" and "DHCP Relay ", it can only choose one way to enable, if your DHCP Client IP and DHCP Server IP in the same "net segment / subnet", it is able to set and obtain the dynamically assigned IP address through the DHCP service, if it is not in the same "net segment / subnet", you must be choose DHCP Relay mode setting, DHCP Relay can forward the message and assign it to a different network segment / subnet or DHCP Server can also broadcast and forward the messages back to...
  • Page 39 If there are 2 DHCP servers in the network environment, please pay attention to the distribution of IP addresses, do not repeat, to avoid IP conflicts  Start IP : Set Start IP for DHCP Service.  End IP : Set End IP for DHCP Service. ...
  • Page 40 Static Lease IP Setup:If the client device needs to obtain a fixed IP from the dhcp server, please  enter a comment, ip address, mac address in "Static Lease IP Setup" Static Lease IP List  Static Lease IP List:After finished Static Lease IP Setup, the information will be added to this list. Click “Save”...
  • Page 41 DHCP Relay (DHCPR), the relay service can exchange DHCP packets between DHCP clients and DHCP servers located in different "network segments / subnets". Relay service is used to send DHCP Clinet IP request packets from different subnets / segments to the DHCP server when the DHCP Client sends an IP request to the server, so that the DHCP server can assign IP to different subnets / network segments DHCP Clinet.

  • Page 42: Radio 0(2.4G)/Radio 1(5G) Access Point Setup

    4.1.5 Radio 0(2.4G)/Radio 1(5G) Access Point Setup Administrator can Enable or Disable Radio 0(2.4G)/Radio 1(5G)Wi-Fi. If Radio are enabled, administrators can set the SSID and security for the Radio 0(2.4G) and Radio 1(5G) access point. Access Point: Administrator can Enable or Disable the Radio 0(2.4G)/Radio 1(5G). ...
  • Page 43 WPA/WPA2 is short for W-Fi Protected Access-Pre-Shared Key. WPA/WPA2 uses the same encryption way with WPA, and the only difference between them is that WPA/WPA2 recreates a simple shared key, instead of using the user’s certification. WPA Mode: Administrator can select security for Auto or only WPA or only WPA2. ...
  • Page 44 Radius Server:Enter the IP address of the Authentication RADIUS server.  Radius Port: The port number used by Authentication RADIUS server. Use the default  1812 or enter port number specified. Radius Secret: The secret key for system to communicate with Authentication RADIUS ...

  • Page 45: Mac Filter

    4.1.6 MAC Filter (1 ) Only Deny List MAC:Administrator can add wireless users MAC address in MAC list. The access point will deny connection in MAC address list. (2) Only Allow List MAC:Administrator can add wireless users MAC address in MAC list. The access point will allow connection in MAC address list.

  • Page 46: Fast Roaming Setup

    4.1.7 802.11r Fast Roaming Setup The dual band Access Point supports 802.11r/802.11k function for 2.4G and 5G radio. 802.11r, which is the IEEE standard for fast roaming, introduces a new concept of roaming where the initial handshake with the new AP is done even before the client roams to the target AP. If this feature is enabled when using 802.11r fast roaming, the wireless user equipment must support 802.11k functionality to work properly Mobility Domain: MDID is used to indicate a group of APs (within an ESS, i.e., sharing the same...
  • Page 47 R0/NAS Identifier: PMK-R0 Key Holder identifier. When using IEEE 802.11r, nas_identifier must  be set and must be between 1 and 48 octets long. R1 Identifier: PMK-R1 Key Holder identifier 6-octet identifier as a hex string.  R1 Push: Administrator can select Enable or disable. If enable the function will automatically ...

  • Page 48: Wireless Configuration

    4.2 Wireless Configuration Radio 0 (2.4G) or Radio 1 (5G) AP station, channel, advanced funcation and WMM setup..etc. Setting the AP's (LAN) IP address and other functions, please click "System " -> Setup". "VLAN Click the “Wireless “ to set Radio 0 (2.4G), Radio 1 (5G) MAN-Mesh basic setup, click "Radio 0 or Radio 1” or select the regional for settings, and select the "...
  • Page 49 settings can be changed in “HT Physical Mode” ” Extension Channel” can select Upper or Lower channels. The MAN-Mesh AP provides intelligent and quickly automatic connections between multiple channels. When selected more channels then the search range becomes bigger then the longer time will be required.
  • Page 50 HT Physical Mode TX / RX Stream: Build in 2.4GHz 2 antennas and support 2TX/2RX streams.  Administrator can select 1 or 2 TX/RX. The default is 2TX/2RX. This product has a built-in 2x2 (2T2R) antenna for 2.4Ghz, which has been matched with the default setting of 2T2R.

  • Page 51: Mesh Radio 1 (5G) Setup

    transmission rate will be selected. You have the option of selecting the speed if necessary. Shout GI: Short Guard Interval is “Enabled” by default to increase throughput. However, it can  also increase error rate in some installations, due to increased sensitivity to radio-frequency reflections.
  • Page 52 MAC Address:  Display Radioi 1(5G) WiFi MAC address. Country: Administrator can select country: United States(US) , Europe(EU) or Taiwan(TW).  Band Mode: Administrator can select 5G Band for 802.11a or 802.11a/n or 802.11n(5G) or  802.11ac. The default is 802.11ac etc.. Channel: Administrator can select priority automatic connection channel selection of mark in ...
  • Page 53 5660MHz, CH136 5680MHz, CH140 5700MHz) 3. 5725 ~ 5825MHz (CH149 5745MHz, CH153 5765MHz, CH157 5785MHz, CH161 5805MHz, CH165 5825MHz) Among them, the frequency band 5470 ~ 5725MHz conflicts with the military and meteorological Doppler radar frequencies. Under the logic of military priority and civilians, if these frequencies are to be used, it is equipped with equipment that starts DFS and TPC (EIRP value greater than 500mW ) Function, when the device senses that other people in the military are using the current frequency, DFS will automatically...
  • Page 54 TX / RX Stream: Administrator can select 1 or 2 TX/RX. The default is 2TX/2RX This product has a built-in 2x2 (2T2R) antenna for 5Ghz, which has been matched with the default setting of 2T2R. If there is no special demand, please keep this default setting . Channel Bandwidth: The "20/40 and 802.11ac 80”...

  • Page 55: Advanced Setup

    If the packet aggregation Size is not particularly necessary, please do not modify the default setting, which will affect the transmission rate quality After setting, please click the "Save" button to save your settings, and press the "Restart" button to complete the application of the new settings. 4.2.3 Advanced Setup Beacon Interval: Beacon Interval is in the range of 40~3500 and set in unit of millisecond.
  • Page 56 which support power saving mode, when to wake up to receive multicast frame. DTIM is necessary and critical in wireless environment as a mechanism to fulfill power-saving synchronization. A DTIM interval is a count of the number of beacon frames that must occur before the access point sends the buffered multicast frames.

  • Page 57: Wmm Setup

    Band Streeing: When 2.4GHz and 5GHz network cards coexist, the 5GHz network cable is  automatically used as the main connection to improve the performance. The threshold for connecting RSSI can be set, that is, when the signal value of the wireless user and the AP is better, the local machine will automatically interrupt the 2.4G user and force the use of 5G.
  • Page 58 AC Type:  Data Transmitted Queue Priority Description AP to Clients AC_BK Background High throughput. Bulk data that requires maximum throughput and is not time-sensitive is sent to this queue (FTP data, for example). AC_BE Best Effort Medium Medium throughput and delay. Most traditional IP data is sent to this queue.
  • Page 59 doubling continues until either the data frame is sent or the Maximum Contention Window size is reached. Once the Maximum Contention Window size is reached, retries will continue until a maximum number of retries allowed is reached. Valid values for the "cwmax" are 1, 3, 7, 15, 31, 63, 127, 255, 511, or 1024.

  • Page 60: Man-Mesh

    4.3 MAN-Mesh MAN-Mesh common Setup and MAN-Mesh Device 0,1,2 Setup. 4.3.1 MAN-Mesh Common Setup Click ”MAN-Mesh “  “ MAN-Mesh Common Setup”, setting MAN-Mesh AP SSID, MAN-Mesh AP Security Type, MAN-Mesh NAT setup, after completed please save your setting。 SSID: In the same MAN-Mesh architecture, the SSID must be the same which can work properly.
  • Page 61  NAT : Enable or disable the NAT network address conversion function of the MAN-Mesh AP. The administrator can selectively enable this NAT function for a specific node in the environment when the Mesh is connected. The default value is disabled. When the backbone mesh interconnection completed by the MAN-Mesh is completed.
  • Page 62 If the source interface of WAN selects wireless "Mesh" as the upper layer interface (NAT WAN), other interfaces of the host (including wired VLAN (0 ~ 15) and wireless AP) will become the lower layer interface interface (NAT LAN), this application Designed to allow the use of every Mesh NAT AP unit (small block) environment host that is not connected to each other and users can connect to the Internet Host planning the entire MAN-Mesh environment.

  • Page 63: Man-Mesh Device Setup

    4.3.2 MAN-Mesh Device Setup Click "MAN-Mesh" "MAN-Mesh Device 0 Setup"-> Device Setup to set MAN-Mesh Device 0 /" MAN-Mesh Device 1 Setup "  Device Setup to set MAN-Mesh Device 1, enable or disable MAN-Mesh AP radio 0,1 , MAN-Mesh IPv4 / IPv6 setup , MAN-Mesh deployment method, MAN-Mesh mandatory MAC address, MAN- Mesh MAC address list:。...
  • Page 64  MAN-Mesh Setup : Enable or disable the radio of MAN-Mesh AP. Enable or disable this radio be used as the MAN-Mesh radio for mesh auto link . The default value is “Disable”. When any Radio of MAN-Mesh AP is enabled, At the same time, you must set Mesh interface IP address of Mesh AP.
  • Page 65 Note: Mesh interface IP is different from the LAN interface IP of the device. When each MAN-Mesh AP sets its own unique Mesh interface IP address, please be note when setting the IP address, it can't be the same as the IP address of other interfaces of it own or any interface of other MAN-Mesh APs in the environment The IPv4 format is from 0.0.0.0 to 255.255.255.255.
  • Page 66 environment Example of IPv6 input network range: 2001: 8E4D: EAFF: FE01: 0000: 0000: 0000: 0002 ~ FFFF: FFFF: FFFF: FFFE. (For IPv6 IP acquisition, please contact your ISP provider ) Sub Prefix Length : the Sub Prefix Length of the IPv6 address of the MAN-Mesh AP device . The ...
  • Page 67 Priority the connection of nearby MAN-Mesh AP that can be meshed, and add a designated priority MAN-Mesh AP. MAN-Mesh MAC Address List : Manage the MAC list of designated priority links. The MAC addresses of all hosts added by MAN-Mesh Force MAC Address will be displayed here, and you can choose to delete them.

  • Page 68: Change Other Setup Modes

    MAN-Mesh Block MAC Address : In the case of automatic interconnection, you can set the specified model to block the MAC of the MAN-Mesh AP host. Please add the specified non-connected MAN-Mesh AP host based on the IPv4 MAC address. MAN-Mesh Block MAC Address List : Manage the MAC list that specifies the priority to block connections.

  • Page 69: Access Point Mode

    Access Point mode When AP mode is chosen, the system can be configured as an Access Point. This section provides detailed explanation for users to configure in the AP mode with help of illustrations. In the AP mode, functions listed in the table below are also available from the Web-based GUI interface.
  • Page 70 Here are the instructions to setup the local IP Address / Netmask / Gateway / DNS and management Access Point Radio 0(2.4G) or Radio 1(5G) on/off. Administrators can change settings such as LAN Spanning Tree and Tag VLAN functions. VLAN Mode:Display on/off for the VLAN network. ...

  • Page 71: Network Setup

    DNS: Set DNS IP address  You can set the gateway IP address or external DNS IP address in the architecture environment. You can use Google's DNS IP of 8.8.8.8 Action:The button can set VLAN network functions and radio functions. ...

  • Page 72: Network Pull-Down Menu

    At least one VLAN will always be enabled by default Management Access Point 0:Administrator can Enable or Disable Radio 0(2.4G).  Access Point 1:Administrator can Enable or Disable Radio 1(5G).  802.1d Spanning Tree : The spanning tree network protocol provides a loop free topology for ...

  • Page 73: Dhcp Server

    Please click pull-down button. 5.2.1 DHCP Server If there is no DHCP server in the network or if you want to use a second DHCP server to assign IP, the administrator can enable this function to set the network segment to assign IP addresses.
  • Page 74  Start IP : Set Start IP for DHCP Service.  End IP : Set End IP for DHCP Service.  Netmask: Set IP Netmask, the default is 255.255.255.0  Gateway: Set Gateway IP for DHCP Service.  DNS(1-2) IP : Set DNS IP for DHCP Service. WINS IP : Enter IP address of the Windows Internet Name Service (WINS) server;...

  • Page 75: Bandwidth Control

    Comment : Enter rule description.  IP Address : Enter access point IP.  MAC Address : Enter Client MAC Address of PC network.  Click “Save” button to save your changes. Then click Reboot button to activate your changes. 5.2.2 Bandwidth Control Administrators can set bandwidth limit the max/min bandwidth of the Wi-Fi users, Bandwidth...

  • Page 76: Radio 0(2.4G)/Radio 1(5G) Access Point Setup

    QoS Rule List: Administrator can set bandwidth limit by IP/MASK, IP Range, Port(Service), SIP,  RTP/RTSP, WEB protocol , each VLAN can set 10 bandwidth management rule. Click “Save” button to save your changes. Then click Reboot button to activate your changes. 5.2.3 Radio 0(2.4G)/Radio 1(5G) Access Point Setup Administrator can Enable or Disable Radio 0(2.4G)/Radio 1(5G) Wi-Fi.
  • Page 77 Access Point: Administrator can Enable or Disable the Radio 0(2.4G)/Radio 1(5G).  ESSID: Administrator can set Wi-Fi SSID name  SSID Visibility: Administrator can select Enable or Disable the Visibility.  Client Isolation: Enable or Disable the client isolation function. ...
  • Page 78 the final output of ciphertext. Each round consists of several processing steps, including one that depends on the encryption key. A set of reverse rounds are applied to transform ciphertext back into the original plaintext using the same encryption key. TKIP is short for “Temporal Key Integrity Protocol”, TKIP scrambles the keys using a hashing algorithm and, by adding an integrity-checking feature, ensures that the keys haven’t been tampered with.

  • Page 79: Mac Filter

    5.2.4 MAC Filter (1 ) Only Deny List MAC:Administrator can add wireless users MAC address in MAC list. The access point will deny connection in MAC address list. (2) Only Allow List MAC:Administrator can add wireless users MAC address in MAC list. The access point will allow connection in MAC address list.

  • Page 80: Fast Roaming Setup

    5.2.5 802.11r Fast Roaming Setup The dual band Access Point supports 802.11r/802.11k function for 2.4G and 5G radio. 802.11r, which is the IEEE standard for fast roaming, introduces a new concept of roaming where the initial handshake with the new AP is done even before the client roams to the target AP. If this feature is enabled when using 802.11r fast roaming, the wireless user equipment must support 802.11k functionality to work properly Mobility Domain: MDID is used to indicate a group of APs (within an ESS, i.e., sharing the same...
  • Page 81 R0/NAS Identifier: PMK-R0 Key Holder identifier. When using IEEE 802.11r, nas_identifier must  be set and must be between 1 and 48 octets long. R1 Identifier: PMK-R1 Key Holder identifier 6-octet identifier as a hex string.  R1 Push: Administrator can select Enable or disable. If enable the function will automatically ...

  • Page 82: Authentication

    Authentication This function used to operate in Access Point mode, the function is for Web Authentication. It supports authentication for local users / RADIUS Server / OAuth2.0 and Guest. The system supports in N VLANs with web authentication. Please click on System -> Authentication When enable web authentication function, please does make the Access Point can be connected to gateway.
  • Page 83 Authentication:Administrator can enable or disable authentication function.  Multiple Login:Administrator can set one account to multiple users simultaneously login and  the users can set limit.( 0 = not limited) Login Timeout:After account login for some time no traffic, system will automatic timeout ...

  • Page 84: Set Authentication Function

    information for remote RADIUS Server. Click “Save” button to save your changes. Then click Reboot button to activate your changes. 5.3.2 Set Authentication function : By Clicking the Dropdown button, Administrators can set authentication functions. V4.0...
  • Page 85 # Guest Administrator can enable or disable guest authentication. If enabled, the administrator can set guest Count Limit / login time and type and flow control. Service:Administrator can select enable or disable this function.  Login Type :  One Time: Login to start counting until the end of time. ...

  • Page 86: Google Oauth2.0 Setup Sample

    # OAuth2.0 The OAuth2.0 function supports Facebook and Google by default. Users can add additional OAuth2.0 servers through UI settings. #:Display items.  Active:Display on/off status for authentication.  Provider :Display authentication server. The system default use authentication server for Google ...
  • Page 87 Step.2 Click Credentials to create OAuth client ID in the API manager page. Step.3 Select web application in the “Application Type” section and set “Restrictions” URL. V4.0...
  • Page 88 Step.4 Set Authorized JavaScript origins and Authorized redirect URLs (important) Administrator must set login URL in the device function. After complete set of login URL go to the “Restrictions” function in web page. Follow the steps below to set login URLs Setup login URL in the device.
  • Page 89 Step.5 After completing the “Restrictions” setup, click the create button. An OAuth Client page will pop-up with your “client ID” and “client secret”. Administrators must copy and paste their client ID and secret into the OAuth 2.0 Setup page in our software UI. Save and reboot the AP system, complete the setup.

  • Page 90: Facebook Oauth2.0 Setup Sample

    # Facebook OAuth2.0 setup sample Please complete the application on the Facebook website to receive an account ID and password, follow the steps below. Step.1 Please to Facebook developer’s page and add a New App Step.2 Select WWW function Step.3 Administrator must set www for your information.
  • Page 91 Step.5 Select Platform for “Website” Step.6 Enter URL is http://domain0.login.com/login/index.cgi?cgi=CALLBACK Administrator must set login URL in the device function. After complete set of login URL go to the “Facebook function in web page. Follow the steps below to set login URLs Site URL”...
  • Page 92 After complete set of login URL go to the “Facebook function in web page. Copy and Site URL” paste the login URL from the system display into the “ Site URL” page on the Facebook website. Step.7 Click Advanced function to enable the “Native or desktop app?”...

  • Page 93: Pop3/Imap Server

    Client ID and Client Secret setup by third parties such as Facebook and Google are subject to change. The instructions above follow the 2016 setup procedure. Any future changes to the Facebook/Google process may lead to our instructions becoming invalid. 5.3.3 POP3/IMAP Server The purpose of this integrated function is to allow clients to link a POP3 server for receiving emails from a remote server.

  • Page 94: Customize Page

    Host : Define the desired Host server name.  Port : Input the proper port number for the corresponding server.  Connect Type : Select the Connect type with options of “STARTTLS”, “SSL/TTL”, or “None”.  POP3 Server Test : Use this tool to test if the POP3 server is operating correctly with your ...
  • Page 95 When using html and css and other syntax editing, it is recommended that editors have html and css and other editing capabilities. Cerio does not support the use of assisted teaching of grammar. The field must be within 190 lines. If you write the source code...

  • Page 96: Language

    1. This editing html system has a certain length limit, and at the same time, it is not possible to upload the image file to the system, so if there is CSS syntax or image file, it must be uploaded to the web server first, and the image file is linked by hyperlink. 2.

  • Page 97: Walled Garden

    Click “Create New Language” button go to add or edit language for login page. Language: Set description of language.  Default Language: Display default language.  Walled Garden This function provides certain free services or advertisement web pages for users to access the websites listed before login and authentication.

  • Page 98: Bulk Mac Address

    Device Name: Enter Device or Users Name.  IP Address: Enter used IP Address of Device or Users PC.  MAC Address: Enter MAC Address of Device or Users PC.  A list of up to 10 websites can be created in the form. Click “Save”...

  • Page 99: Profile

    When the confirmation is complete, click Restart the system to make the function work normally. Profile Administrator can backup current authentication configuration and login page for HTML Source code. But also can recover. Click “Save” button to save your changes. Then click Reboot button to activate your changes. V4.0...

  • Page 100: Radius Server

    RADIUS Server This function only used to operate in Access Point mode. Service:Administrator can select Enable or disable the function.  Radius:Administrator must to set remote RADIUS Server use Port.  Radius Secret:Administrator must to set remote RADIUS Server use Key. ...
  • Page 101 User Name:Create users name for RADIUS account.  Password:Enter password for user name.  Export User File:Administrator can export account list in RADIUS Server.  Import From PC:Administrator can import account list to the RADIUS Server.  Click “Save” button to save your set function. Then click Reboot button to activate your changes. V4.0...

  • Page 102: Wireless Configuration

    Wireless Configuration This wireless functions administrator can set Radio 0(2.4G) or Radio 1(5G) application of the Access Point. 5.6.1 Radio 0 (2.4G) Setup MAC Address: Display 2.4G WiFi MAC address.  Country: Administrator can select country: United States(US) , Europe(EU) or Taiwan(TW). ...
  • Page 103 Setting Slot Time and ACK Timeout can strengthen the long-distance connection. Changing the value can optimize the setting. If the value is too low, the length transmission will be reduced. If the value is too high, there may be disconnection. HT Physical Mode TX/RX Stream: Build in 2.4GHz 2 antennas and support 2TX/2RX streams.

  • Page 104: Radio 1(5G) Setup

    5.6.2 Radio 1(5G) Setup MAC Address: Display Radioi 1(5G) WiFi MAC address.  Country: Administrator can select country: United States(US) , Europe(EU) or Taiwan(TW).  Band Mode: Administrator can select 5G Band for 802.11a or 802.11a/n or 802.11n(5G) or  802.11ac.
  • Page 105 TX/RX Stream: Administrator can select 1 or 2 TX/RX. The default is 2TX/2RX.  This product has a built-in 2x2 (2T2R) antenna for 5Ghz, which has been matched with the default setting of 2T2R. If there is no special demand, please keep this default setting . Channel Bandwidth: The "20/40 and 802.11ac 80”...

  • Page 106: Advanced Setup

    5.6.3 Advanced Setup Beacon Interval: Beacon Interval is in the range of 40~3500 and set in unit of millisecond. The  default value is 100 msec. Access Point (AP) in IEEE 802.11 will send out a special approximated 50-byte frame, called “Beacon”.
  • Page 107 Fragmentation Threshold: Fragmentation Threshold is one more parameter which is given in  all stations and Access points. Fine tuning Fragmentation Threshold parameter can result in good throughput but not using it properly can results in low throughput. In simple words it does the same thing which MTU do in Ethernet.

  • Page 108: Wmm Setup

    Click “Save” button to save your set function. Then click “Reboot” button to activate your changes. 5.6.4 WMM Setup This affects traffic flowing from the access point to the client station. Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic.
  • Page 109 AC Type:  Data Transmitted Queue Priority Description AP to Clients AC_BK Background High throughput. Bulk data that requires maximum throughput and is not time-sensitive is sent to this queue (FTP data, for example). AC_BE Best Effort Medium Medium throughput and delay. Most traditional IP data is sent to this queue.

  • Page 110: Wds Setup

    is reached. Once the Maximum Contention Window size is reached, retries will continue until a maximum number of retries allowed is reached. Valid values for the "cwmax" are 1, 3, 7, 15, 31, 63, 127, 255, 511, or 1024. The value for "cwmax" must be higher than the value for "cwmin".。...
  • Page 111 V4.0...
  • Page 112 WDS Setup: Administrator can select Enable or Disable.  Security Type: Enable or Disable AES 128bit encryption function.  Pass Phrase : AES encryption custom key can input 0 ~ 9 numbers or A ~ Z uppercase and  lowercase English format, it can support 8 ~ 32 characters key encryption algorithm in each WDS connecting each other with secure encrypted transmission.

  • Page 113: Wds Status

    5.6.6 WDS Status Displays 2.4G and 5G radio WDS link status through MAC and Date (TX/RX) Please click on Wireless -> WDS status MAC Address:Display connected MAC Address.。  Rate(TX/RX):Display Tx/Rx rate of the point to point。  RSSI: Display signal connection value of RSSI ...

  • Page 114: Client Bridge Mode

    6. Client Bridge Mode When Client Bridge is chosen, the system can be configured as a Client Bridge and support Repeater AP function. This can setup VLAN and DHCP server in the system menu. 6.1 Change Setup mode If the administrator needs to switch to Client Bridge mode, Please click "System"-> " Mode Setup " to change Client Bridge mode.
  • Page 115 Mode: Administrator can select the IP used Static or Dynamic IP address.  Static IP : A set of fixed IP addresses can be manually set for the system to use.  Dynamic IP : If there is a DHCP server on the top, you can use the dynamic IP address to let ...
  • Page 116  Primary DNS: The IP address of the primary DNS server.  Secondary: The IP address of the secondary DNS server. 802.1d Spanning Tree :  The spanning tree network protocol provides a loop free topology for a bridged LAN between LAN interface and 8 WDS interfaces from wds0 to wds7.

  • Page 117: Configure Dhcp Setup

    Configure DHCP Setup The DHCP Service function in the Client Bridge device can select a separate IP Address range within the same network segment of the source AP, and allocate those IP Addresses to connecting clients. Start IP / End IP: Specify the range of IP addresses to be used by the DHCP server when assigning IP ...
  • Page 118 could introduce potential conflicts. Lowering the lease time will avoid potential address conflicts, but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server. Default is 86400 seconds DHCP Clients List: When users link to CenOS 5.0 AP and use IP address of the DHCP service, the DHCP Client List will display users the information and used IP address.

  • Page 119: Wireless General Setup

    6.4 Wireless General Setup The main setup Client Bridge connection to AP Station and Repeater AP functions setting, MAC filter, WMM and 802.11r/802.11k Fast Roaming etc in wireless menu. When the upper limit of the 2.4G frequency is used, the repeater AP will only be able to use the other two 5G extension Repeater AP APs.
  • Page 120 Tx Power: Administrator can adjust the output power of the system to get the appropriate  coverage for your wireless network. Specify digit numbers between level 1 to level 9 (the unit is %) for your environment. If you are not sure which setting to choose, then keep the default setting level 9 (100%).

  • Page 121: Radio 1 (5G) Basic Setup

    Channel Bandwidth: The "20/40” MHz option is usually best. The other option is available for  special circumstances. MCS: This parameter represents transmission rate. By default (Auto) the fastest possible  transmission rate will be selected. You have the option of selecting the speed if necessary. Shout GI: Short Guard Interval, by default, it's “Enable”.
  • Page 122 Band Mode: If Client Bridge want to use 5G link to Access Point then administrator can enable  the function (Radio 1(5G). Auto Channel: Administrator can Enable or Disable the function. If select disable function the  WiFi channel can be fixed a channel. Channel: Support US / EU / Taiwan country by 5G Channel.

  • Page 123: Advanced Setup

    This product has a built-in 2x2 (2T2R) antenna for 5Ghz, which has been matched with the default setting of 2T2R. If there is no special demand, please keep this default setting . Channel Bandwidth: The "20/40 and 802.11ac 80” MHz option is usually best. The other ...
  • Page 124 Beacon Interval: Beacon Interval is in the range of 40~3500 and set in unit of millisecond. The  default value is 100 msec. Access Point (AP) in IEEE 802.11 will send out a special approximated 50-byte frame, called “Beacon”. Beacon is broadcast to all the stations, provides the basic information of AP such as SSID, channel, encryption keys, signal strength, time stamp, support data rate.
  • Page 125 The main purpose of enabling RTS by changing RTS threshold is to reduce possible collisions due to hidden wireless clients. RTS in AP will be enabled automatically if the packet size is larger than the Threshold value. By default, RTS is disabled in a normal environment supports non-jumbo frames.

  • Page 126: Wmm Setup

    6.4.4 WMM Setup His affects traffic flowing from the access point to the client station. Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic. You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent.
  • Page 127 AC Type:  Data Transmitted Queue Priority Description AP to Clients AC_BK Background High throughput. Bulk data that requires maximum throughput and is not time-sensitive is sent to this queue (FTP data, for example). AC_BE Best Effort Medium Medium throughput and delay. Most traditional IP data is sent to this queue.

  • Page 128: Station Setup

    TxOP Limit:Transmission Opportunity is an interval of time when a WME AP has the right to  initiate transmissions onto the wireless medium (WM). This value specifies (in milliseconds) the Transmission Opportunity (TXOP) for AP; that is, the interval of time when the WMM AP has the right to initiate transmissions on the wireless network.。...
  • Page 129 MAC Address List: The function can discovery AP Station and select want to link the AP station,  please click site survey button. If want to discovery 2.4G station then administrator need to enable station mode in Radio 0 (2.4G) function page (reference manual 6.4.1 “Radio 0 Basic Setup”). Same practice if want to discovery 5G station will need to enable station mode in Radio 1(5G) function page (reference manual 6.4.2 “Radio 1(5G) Basic Setup”).

  • Page 130: Repeater Ap Setup

    6.4.6 Repeater AP Setup Administrators can configure ESSID, SSID broadcasting, Maximum number of client associations. 1. If want to use Repeater AP function then Clinet Bridge must determine connection to Access Point then Repeater AP can operate normally. 2. The default is enabling of Repeater AP. If want to used pure Client Bridge will can disable it.
  • Page 131  Open System: Data are not unencrypted during transmission when this option is selected.  WPA/WPA2 Personal: WPA/WPA2 is short for W-Fi Protected Access-Pre-Shared Key. WPA/WPA2 uses the same encryption way with WPA, and the only difference between them is that WPA/WPA2 recreates a simple shared key, instead of using the user’s certification.

  • Page 132: Mac Filter Setup

    6.4.7 MAC Filter Setup Administrator can setup allow or reject WiFi clients(MAC address) to access Repeater AP. Rule: Select the desired access control type from the drop-down list; the options are Disable,  Allow or Reject. Only Allow List MAC: Define certain wireless clients in the list which will have granted ...

  • Page 133: Fast Roaming Setup

    Only Deny List MAC: Define certain wireless clients in the list which will have denied  access to the Access Point while the access will be granted for all the remaining clients - Action Type is set to “Only Deny List MAC”. MAC Address: Enter MAC Address for WiFi Clients.
  • Page 134 Please enter 2-octet identifier as a hex string. R0 Key Lifetime: Default lifetime of the PMK-RO in minutes, the default is 10000,  administrator can setting 1~65535. Reassoc deadline: Reassociation deadline in time units (TUs / 1.024 ms; range 1000~65535). ...
  • Page 135 MAC Address: Enter the main roaming device MAC address  R1 Identifier: Enter Shared identifier.  128-bit Key: Enter Shared Key of 128 bit.  R1 Key Holder List: After setting "R1 Key holders" function the information will appear in list. Click “Save”...

  • Page 136: Wisp Mode

    7. WISP Mode WISP Mode is a router function, if the Telecom company permits wireless connection to their WAN, administrators can change the CenOS 5.0 AP to WISP Mode to connect to the wifi network. The WISP Mode support PPPoE / Static IP / Dynamic IP and PPTP for WAN, and support Repeater AP function.
  • Page 137 WAN Setting Static IP: Users can manually setup the WAN IP address with a static IP provided by WISP.  IP Address: The IP address of the WAN port.  IP Netmask: The Subnet mask of the WAN port.  IP Gateway: The default gateway of the WAN port.
  • Page 138 Hostname : The Hostname of the WAN port  PPPoE : To create wireless PPPoE WAN connection to a PPPoE server in network.  User Name : Enter User Name for PPPoE connection  Password : Enter Password for PPPoE connection ...
  • Page 139 User Name: Enter account for PPTP.  Password: Enter user name account used password for PPTP.  PPTP Server IP: Enter remote IP address of PPTP Server.  WAN IP: The IP address of the WAN port.  Netmask: The Subnet mask of the WAN port. ...

  • Page 140: Configure Lan Setup

    default MAC or clone MAC from a PC. Default MAC Address: Keep the default MAC address of WAN port on the system.  Manual MAN Address: Enter the MAC address registered with your ISP.   Check “No Default DNS Server” or “Specify DNS Server IP” radial button as desired to set up system DNS.
  • Page 141 Mode: Administrator can select the IP used Static or Dynamic IP address.  Static IP : A set of fixed IP addresses can be manually set for the system to use.  Dynamic IP : If there is a DHCP server on the top, you can use the dynamic IP address to let ...
  • Page 142  Primary DNS: The IP address of the primary DNS server.  Secondary: The IP address of the secondary DNS server. 802.1d Spanning Tree :  The spanning tree network protocol provides a loop free topology for a bridged LAN between LAN interface and 8 WDS interfaces from wds0 to wds7.

  • Page 143: Configure Dhcp Setup

    Configure DHCP Setup The DHCP Service function in the Client Bridge device can select a separate IP Address range within the same network segment of the source AP, and allocate those IP Addresses to connecting clients. Start IP / End IP: Specify the range of IP addresses to be used by the DHCP server when assigning IP ...
  • Page 144 but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server. Default is 86400 seconds DHCP Clients List: When users link to CenOS 5.0 AP and use IP address of the DHCP service, the DHCP Client List will display users the information and used IP address.

  • Page 145: Wireless General Setup

    7.5 Wireless General Setup The main setup Client Bridge connection to AP Station and Repeater AP functions setting, MAC filter, WMM and 802.11r/802.11k Fast Roaming etc in wireless menu. When the upper limit of the 2.4G frequency is used, the repeater AP will only be able to use the other two 5G extension Repeater AP APs.
  • Page 146 Tx Power: Administrator can adjust the output power of the system to get the appropriate  coverage for your wireless network. Specify digit numbers between level 1 to level 9 (the unit is %) for your environment. If you are not sure which setting to choose, then keep the default setting level 9 (100%).

  • Page 147: Radio 1 (5G) Basic Setup

    Channel Bandwidth: The "20/40” MHz option is usually best. The other option is available for  special circumstances. MCS: This parameter represents transmission rate. By default (Auto) the fastest possible  transmission rate will be selected. You have the option of selecting the speed if necessary. Shout GI: Short Guard Interval, by default, it's “Enable”.
  • Page 148 the function (Radio 1(5G). Auto Channel: Administrator can Enable or Disable the function. If select disable function the  WiFi channel can be fixed a channel. Channel: Support US / EU / Taiwan country by 5G Channel.  Tx Power: Administrator can control the WiFi Tx output power. The power Max. Level 9. ...
  • Page 149 This product has a built-in 2x2 (2T2R) antenna for 5Ghz, which has been matched with the default setting of 2T2R. If there is no special demand, please keep this default setting . Channel Bandwidth: The "20/40 and 802.11ac 80” MHz option is usually best. The other ...

  • Page 150: Advanced Setup

    7.5.3 Advanced Setup Beacon Interval: Beacon Interval is in the range of 40~3500 and set in unit of millisecond. The  default value is 100 msec. Access Point (AP) in IEEE 802.11 will send out a special approximated 50-byte frame, called “Beacon”.
  • Page 151 higher DTIM interval will help power saving and possibly decrease wireless throughput in multicast applications. Fragmentation Threshold: Fragmentation Threshold is one more parameter which is given in  all stations and Access points. Fine tuning Fragmentation Threshold parameter can result in good throughput but not using it properly can results in low throughput.

  • Page 152: Wmm Setup

    Click “Save” button to save your set function. Then click “Reboot” button to activate your changes. 7.5.4 WMM Setup His affects traffic flowing from the access point to the client station. Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic.
  • Page 153 AC Type:  Data Transmitted Queue Priority Description AP to Clients AC_BK Background High throughput. Bulk data that requires maximum throughput and is not time-sensitive is sent to this queue (FTP data, for example). AC_BE Best Effort Medium Medium throughput and delay. Most traditional IP data is sent to this queue.

  • Page 154: Station Setup

    TxOP Limit:Transmission Opportunity is an interval of time when a WME AP has the right to  initiate transmissions onto the wireless medium (WM). This value specifies (in milliseconds) the Transmission Opportunity (TXOP) for AP; that is, the interval of time when the WMM AP has the right to initiate transmissions on the wireless network.。...
  • Page 155 MAC Address List: The function can discovery AP Station and select want to link the AP station,  please click site survey button. If want to discovery 2.4G station then administrator need to enable station mode in Radio 0 (2.4G) function page (reference manual 7.5.1 “Radio 0 Basic Setup”). Same practice if want to discovery 5G station will need to enable station mode in Radio 1(5G) function page (reference manual 7.5.2 “Radio 1(5G) Basic Setup”).

  • Page 156: Repeater Ap Setup

    7.5.6 Repeater AP Setup Administrators can configure ESSID, SSID broadcasting, Maximum number of client associations. 1. If want to use Repeater AP function then Clinet Bridge must determine connection to Access Point then Repeater AP can operate normally. 2. The default is enabling of Repeater AP. If want to used pure Client Bridge will can disable it.
  • Page 157  Open System: Data are not unencrypted during transmission when this option is selected.  WPA/WPA2 Personal: WPA/WPA2 is short for W-Fi Protected Access-Pre-Shared Key. WPA/WPA2 uses the same encryption way with WPA, and the only difference between them is that WPA/WPA2 recreates a simple shared key, instead of using the user’s certification.

  • Page 158: Mac Filter Setup

    7.5.7 MAC Filter Setup Administrator can setup allow or reject WiFi clients(MAC address) to access Repeater AP. Rule: Select the desired access control type from the drop-down list; the options are Disable,  Allow or Reject. Only Allow List MAC: Define certain wireless clients in the list which will have granted ...

  • Page 159: Fast Roaming Setup

    Action Type is set to “Only Allow List MAC”. Only Deny List MAC: Define certain wireless clients in the list which will have denied  access to the Access Point while the access will be granted for all the remaining clients - Action Type is set to “Only Deny List MAC”.
  • Page 160 Mobility Domain: MDID is used to indicate a group of APs (within an ESS, i.e., sharing the  same SSID) between which a STA can use Fast BSS Transition. Please enter 2-octet identifier as a hex string. R0 Key Lifetime: Default lifetime of the PMK-RO in minutes, the default is 10000, ...
  • Page 161 Enter a unified set of R1 Key Holder identification certification. MAC Address: Enter the main roaming device MAC address  R1 Identifier: Enter Shared identifier.  128-bit Key: Enter Shared Key of 128 bit.  R1 Key Holder List: After setting "R1 Key holders" function the information will appear in list. Click “Save”...

  • Page 162: Advanced Setup

    7.6 Advanced Setup Administrator can set basic routing security functions, including DMZ / IP and MAC filtering / virtual servers and access control management (basic firewall rules) in Advance memu. 7.6.1 DMZ DMZ is commonly work with the NAT functionality as an alternative of Virtual Server(Port Forwarding) while wanting all ports of DMZ host visible to Internet users.

  • Page 163: Ip Filter

    External IP Address: Enter external IP address  Internal IP Address: Enter Virtual IP for service device.  Click “Save” button to save your set function. Then click “Reboot” button to activate your changes. 7.6.2 IP Filter Can allow or deny filter ingress or egress packets from specific source and/or to destination IP address on wired (LAN) or Wireless (WAN) ports.
  • Page 164 Active: Administrator can select Enable or Disable the service.  Comment: Enter the description of IP filter rule.  Policy: Administrator can select the IP flow rule of Deny or Pass.  In/ Out: Administrator can select the IP flow rule of In/out bound. ...

  • Page 165: Mac Filter

    7.6.3 MAC Filter Allows creating MAC filter rules to allow or deny unicast or multicast packets from limited number of MAC addresses. Important and must note. That MAC filter rules have precedence over IP Filter rules. Mode: Administrator can select Deny or Allow. ...
  • Page 166 The “Virtual Server” can also referred to as “Port Forward” as well and used interchangeably. Resources in the network can be exposed to the Internet users in a controlled manner including on-line gaming, video conferencing or others via Virtual Server setup. Don’t repeat ports’ usage to avoid confusion.

  • Page 167: Access Control

    Active: Administrator can select Virtual server rule to Enable or disable.  Comment: Enter the description of virtual server rule.  Protocol: Administrator can select service protocol of TCP or UDP.  Public Port: Enter service port No. for public. ...
  • Page 168 Comment: Display information for the rule.  Protocol:Display information for the protocol.  Edit:Administrator can click the button to set Access Control rule.  # Access control rules: Active:Administrator can select Enable or Disable for the Access control rule.  Comment:Administrator can enter comment for the role.

  • Page 169: Cap Mode

    CAP Mode The CAP mode itself isn’t Access Point. This mode is primarily to control all the managed AP. The following describes setup function in system menu 8.1 Change Setup mode If the administrator needs to switch to CAP mode, Please click "System"-> " Mode Setup " to change CAP mode.
  • Page 170  #:Display VLAN No.  VLAN Mode:Display on /off line status for the VLAN mode  IP Address:Display IP address for the VLAN mode.  NetMask:Display netmask for the VLAN mode.  Action:Administrator can set VLAN IP、Radio 0(2.4) or Radio 1(5G) on/off、Spanning tree、IAPP and VLAN tag.
  • Page 171 There must always be at least one VLAN enabled. If the administrator disables all the VLANs, he/she will not be able to login to the manager page. The administrator must then reset to default. IP setup:Administrator can set the VLAN IP address and NetMask or disable IP. ...

  • Page 172: Ap Control

    DNS: Check either “No Default DNS Server” or “Specify DNS Server IP” button as desired to  set up the system DNS. Primary: The IP address of the primary DNS server.  Secondary: The IP address of the secondary DNS server. ...
  • Page 173 VLAN# : Administrator can select VLAN network to discovery managed Aps  Default Password: Set login system password by managed Aps.  Sort: Administrator can select discovery managed Aps Type. (IP or MAC)  #: Display managed APs items.  Device:Administrator can select all or single for managed Aps.

  • Page 174: Batch Setup

    IP Address:Administrator can set IP address for managed APs, the IP address is  auto-incrementally. NetMask:Administrator can set NetMask for managed APs.  When the setting managed APs is completed, please click Apply & Reboot button to complete the setup process. 8.3.2 Batch Setup The AP control function supports centralized configuration of managed APs.
  • Page 175 VLAN Setup:Administrator can set VLAN Tag, IP address and Wi-Fi on/off for the  managed APs. VLAN:The function can select VLAN (please refer to 5.2 Configure Access Point  VLAN Setup) for managed Aps. VLAN Mode : Administrator can enable or disable VLAN mode of the managed APs. ...
  • Page 176 IP Setup:Administrator can set IP address and Netmask of the managed APs.  ETH0/1 VLAN Tag Setup:Administrator can set VLAN Tag or disable VLAN function  of the managed APs. Authentication Profile:After creating Profiles, See: “8.3.6 Authentication Profile” users can ...

  • Page 177: Ap Setup

    8.3.3 AP Setup Administrator can monitor statuses and modify managed APs information. VLAN:Select desired VLAN for AP setup  Setup:Administrator can modify IP addresses, system login passwords, and web login port for  managed APs. If administrator has change AP devices, administrator can modify MAC address of the new managed AP.

  • Page 178: Group Setup

    8.3.4 Group Setup Administrator can create Groups within the same VLAN. VLAN:Select VLAN.  Create New Group:Click the button to create a new AP Group  Device button:Administrator can select managed APs and import them into the Group.  8.3.5 Map Setup V4.0...
  • Page 179 The Map Setup feature allows administrators to upload a floor plan image to a web server, then use the image URL to import the map into the AP user interface. Once the image is uploaded, administrators can use the Map Setup function to map out the locations of the AP network. reate New Map:Click the button to create map.
  • Page 180 View:Once complete, administrators can click the “View” button to monitor AP statuses and locations. V4.0...

  • Page 181: Authentication Profile

    8.3.6 Authentication Profile Administrator can pre-set authentication conditions in the profile, the authentication set can refer to manual “5.2 Authentication”. Create New Profile:Administrator can create authentication profile.  Edit: Click the Authentication button to Enable or Disable authentication  function. For more details, refer to Manaul“5.3 Authentication”. Click Dropdown to set authentication functions.
  • Page 182 Administrator can monitor Tx/Rx flow information, show online users and check system CPU / Memory information and on/off line for the managed APs. The information data display support graphical interface. VLAN #: Display the virtual local area network information.  System status: Shows the operating status of the managed AP, whether it is offline or online.

  • Page 183: Man-Mesh Control

    8.4 MAN-Mesh Control 8.4.1 MAN-Mesh Device list Create Man-Mesh device IP address and comment of MAN-Mesh devices to be monitored. Item Action “edit” the status of the MAN-Mesh Device's IP address, annotations, (root) password, HTTP port number, and delete MAN-Mesh Divice. 8.4.2 MAN-Mesh Status Display the system status, IP address, comment, I{time, firmware version, and firmware release date of the newly added MAN-Mesh Device.

  • Page 184: Utilities

    9. Utilities Administrator can backup or restore system configuration / firmware Upgrade / ping tools and system reset to default or reboot system. 9.1 Profile Setting This Functions purpose is to backup current configuration, restore prior configuration or reset back to factory default configurations.

  • Page 185: System Upgrade

    Load Settings from PC: Click Browse button to locate a configuration file to restore, and then click  Upload button to upload. Reset To Factory Default: Click Default button to reset back to the factory default settings and  expect Successful loading message. Then, click Reboot button to activate. 9.2 System Upgrade Firmware is the main software image that system needs to respond to requests and to manage real time operations.
  • Page 186 Select File: Administrator can select Firmware file in Local PC.  Upgrade Via Local PC and TFTP Server: The upgrade firmware will support via local PC and TFTP Server and HTTP URL to upgrade system. We strongly recommend that you perform the firmware update by following these steps: 1.

  • Page 187: Network Utility

    9.3 Network Utility The administrator can diagnose network connectivity via the PING or TRACEROUTE utility. Please click on Utilities -> Network Utility and follow the below setting. Ping: This utility will help ping other devices on the network to verify connectivity. Ping utility, ...

  • Page 188: Reboot

    9.4 Reboot This function allows user to restart system with existing or most current settings when changes are made. Click Reboot button to proceed and take around three minutes to complete. 10. Status The status mainly displays system related information, including system network information, wireless AP information, and wireless user connection information.

  • Page 189: Overview

    10.1 Overview Detailed information on System, Network can be reviewed via this page. Overview : It mainly displays the current mode, name, time, firmware version, network card address and related network settings. Information : Shows the performance / memory usage of the total CPU space used by the current system and the current number of connected wireless users.。...

  • Page 190: Wireless Client

    Radio 0 / Radio 1 wireless Information : Displays the basic operating mode information of the current Radio 0 (2.4GHz) / Radio 1 (5GHz) wireless AP. 10.2 Wireless Client V4.0...

  • Page 191: Online Users

    The page can be display Wireless user information link to access point. Administrator can monitor MAC In addition to CAP mode) address / rate and RSSI for the wireless users. ( Radio:Display information for wireless client connection Radio 0 or 1 ...

  • Page 192: Authentication Log

    Auth Type:Display authentication login type.  User name:Display authentication account.  IP Address:Display IP address for user.  MAC Address:Display MAC address for user.  Download Packets:Display total download packets amount information by user.  Upload Packets:Display total upload packets amount information by user. ...

  • Page 193: Man-Mesh Link Chart

    10.5 MAN-Mesh Link Chart This function works in MAN-Mesh mode. When the MAN-Mesh function is enable, the MAN-Mesh APs connection information will be displayed. (Please refer to the manual 4.3 "MAN-Mesh" function) Display MAN-Mesh connection information(MAN-Mesh Link Chart) or MAN-Mesh signal status(MAN-Mesh Client) to view MAN-Mesh related information.
  • Page 194 MAN-Mesh Neighbours MAN-Mesh Routes MAN-Mesh Redistributed Routes V4.0...

  • Page 195: Man-Mesh Client

    10.6 MAN-Mesh Client This function works in MAN-Mesh mode. When the MAN-Mesh function is enable, the MAN-Mesh APs connection information will be displayed. (Please refer to the manual 4.3 "MAN-Mesh" function) Display MAN-Mesh connection status of MAN-Mesh wireless signal . MAN-Mesh Client MAN-Mesh Radio 0 (2.4G) MAC Address : Peripheral MAN-Mesh MAC address connected to Radio 0...

  • Page 196: System Log

    Rate(RX/TX) : Peripheral MAN-Mesh equipment connected to Radio 0 transmission rate , RX  receive rate and TX transmit rate RSSI : Display the signal value between wireless users and Radio 0  MAN-Mesh Radio 1 (5G) MAC Address : Peripheral MAN-Mesh MAC address connected to Radio 1 ...

  • Page 197: Other Technical Documents]

    11. [ Other technical documents] Point to Point / Multi-Point for WDS settings 11.1 The WDS function is applied in the wireless AP mode. This function is mainly used for point-to-point wireless AP bridging. For the setting method,You can refer to the manual 5.6.5 “WDS Setting”. This document mainly guides the key WDS procedures.

  • Page 198: Apply Cerio Web Authentication Login

    5.2 "VLAN Setup" instructions, turn off the wireless AP, as shown below. 11.2 Apply CERIO web authentication login page sample If the device uses our company's wireless AP CenOS5.0, and the web authentication function is enabled, you will be able to customize the web authentication page.
  • Page 199 Step 3 : Please go to the pull-down function button of the authentication function, and enter the “User Name” and “password” , See as follows. 特別補充: * If want to use the system preset page, please refer to step step 5, * If want to apply our template, please refer to below for * If want to edit the webpage by yourself, please refer to step...
  • Page 200 Step 6 : Go to the company's Cerio website to download the sample file first. And open your download sample, select all the HTML syntax and copy it, then paste it on the custom edit page of the system and save it.
  • Page 201 Close "Template" first, then copy the sample html_code syntax and replace it in the HTML source code edit “ Customize HTML Source code” bar. After clearing the HTML source code content, then paste all the downloaded source code into the field, save and restart the device, and you can finish editing the login page. Login page for template below : V4.0...
  • Page 202 V4.0...
  • Page 203 This part must be within 190 lines. If the written HTML / CSS and other source code exceeds a certain line, it is recommended to save the CSS source code to the remote Web server, and then enter the IP address of the remote web server. Within Walled Garden. (Please refer to the manual 5.3.4 "Walled Garden"...
  • Page 204 Add <style> .form-signin-heading {display: none;} </ style> in the head to hide the description “Please Sign in” as shown in the figure below, and find the Please Sign in word disappeared, and so on. V4.0...

  • Page 205: Appendix A. Web Gui Valid Characters

    Appendix A. WEB GUI Valid Characters Table B WEB GUI Valid Characters Block Field Valid Characters IP Address IP Format; 1-254 IP Netmask 128.0.0.0 ~ 255.255.255.252 IP Gateway IP Format; 1-254 Primary DNS IP Format; 1-254 Secondary DNS IP Format; 1-254 Hostname Length : 32 0-9, A-Z, a-z...
  • Page 206 Block Field Valid Characters SNMP RO/RW community Length : 32 0-9, A-Z, a-z ~ ! @ # $ % ^ * ( ) _ + - { } | : < > ? [ ] ; ` , . = RO/RW user Length : 31 0-9, A-Z, a-z...
  • Page 207 Block Field Valid Characters Radius Server IP IP Format; 1-254 Radius Port 1 ~ 65535 Shared Secret 8 ~ 64 characters Session Timeout >= 60 seconds; 0 is disable WDS Setup AES Key 8 ~ 63 ASCII chars; 64 HEX chars Peer's MAC Address 12 HEX chars Description...

Table of Contents