1. Manuals
  2. Brands
  3. Cerio Manuals
  4. Network Hardware
  5. OW-400 A1
  6. User manual

Cerio OW-400 A1 User Manual

Extreme power wave2 4x 11n/ac 2.4/5ghz 2x2+18dbi outdoor bridge/ap
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
CERIO Corporation
CenOS 5.0
User Manual
For
OW-400 A1
eXtreme Power Wave2 4X 11N/ac 2.4/5Ghz 2x2
+18dBi Outdoor Bridge/AP
V4.0

Advertisement

Table of Contents
loading

Related Manuals for Cerio OW-400 A1

Summary of Contents for Cerio OW-400 A1

  • Page 1 CERIO Corporation CenOS 5.0 User Manual OW-400 A1 eXtreme Power Wave2 4X 11N/ac 2.4/5Ghz 2x2 +18dBi Outdoor Bridge/AP V4.0...

  • Page 2: Table Of Contents

    Content 1. Device and Software Configuration ..........6 Device & Antenna & RJ45 Ports appearance ................. 6 Setup preparation of AP ......................6 Login Web Page ........................9 2. Operating Mode Introduction ............10 Access Point Mode (Default) ....................10 Client Bridge + Repeater Mode.....................
  • Page 3 # Guest ..............................35 # Local User .............................. 36 # OAuth2.0 ............................... 36 Sample for Google OAuth2.0 setup ......................37 Sample for Facebook OAuth2.0 setup ....................41 # POP3/IMAP Server ..........................44 # Customize Page ............................ 45 # Language ............................... 47 # Walled Garden ............................
  • Page 4 5.3.4 Group Setup .......................... 68 5.3.5 Map Setup ..........................68 5.3.6 Authentication Profile ......................70 5.3.7 Status ............................. 70 6. Client Bridge Mode ................ 71 Change Setup mode ......................71 Configure LAN Setup ......................71 Configure DHCP Setup ......................74 Wireless General Setup ......................
  • Page 5 System Log ........................... 135 10. [ Other technical documents] ............136 10.1 Point to Point / Multi-Point for WDS settings..............136 10.2 Apply CERIO web authentication login page sample ............137 Appendix A. WEB GUI Valid Characters ..........144 V4.0...

  • Page 6: Device And Software Configuration

    Device and Software Configuration 1.1 Device & Antenna & RJ45 Ports appearance 1. 1T1R/2T2R Antenna Connector External for 2.4GHz(Radio1) 2x2 When the device's wireless signal selects the Radio output and only uses 1T1R, the ANT2 ANT1 main signal output position is ANT1, and ANT2 will have no signal output, Please refer to the manual 4.5.1“Radio0...
  • Page 7 Basic connection diagram: Step 1: Please click on the computer icon in the bottom right window, and click “Open Network and Internet settings” Step 2: After click left side "Ethernet" function, click on the right side “Change adapter options” again. V4.0...
  • Page 8 Step 3: In “Change adapter options” Page. Please find Ethernet (Local LAN) and Click the right button on the mouse and Click “Properties” Step 4: In Properties page to setting IP address, please find “Internet Protocol Version 4 (TCP/IPv4)” and double click or click “OK” button. V4.0...

  • Page 9: Login Web Page

    Step 5 : Select “Use the following IP address”, and fix in IP Address : 192.168.2.# ex. The # is any number by 1 to 253 Subnet mask : 255.255.255.0 And Click "OK" to complete the fixed computer IP setting Login Web Page Launch Web Browser Launch as web browser to access the web management interface of system by entering the default IP...

  • Page 10: Operating Mode Introduction

    Operating Mode Introduction Access Point Mode (Default) Please click on System ->Mode Setup and choose Access Point Mode It can be deployed as a traditional fixed wireless Access Point  It allow wireless clients or Stations ( STA ) to access ...
  • Page 11 V4.0...

  • Page 12: Client Bridge + Repeater Mode

    Client Bridge + Repeater Mode Please click on System ->Mode Setup and choose Client Bridge Mode It can be used as a Client Bridge + Repeater AP to receive wireless signals over last mile  applications, helping WISPs deliver wireless broadband Internet service to new residential and business customers In this mode, the AP is enabled with DHCP Server functions.

  • Page 13: Wisp + Repeater Ap Mode

    WISP + Repeater AP Mode Please click on System ->Mode Setup and choose WISP Mode It can be used as an WISP (Wireless Internet Service Provide) to receive wireless signals over last  mile application, helping WISPs deliver wireless broadband Internet service to residents and business customers In the WISP (CPE) mode, the CenOS 5.0 AP is a gateway enabled with NAT and DHCP Server ...

  • Page 14: Cap Mode (Centralizes Access Point)

    CAP mode (Centralizes Access Point) Please click on System ->Mode Setup and choose CAP Mode Control Management of CenOS5.0 APs  AP Management support 802.1Q VLAN infrastructure  Centralized setting Access Point function and firmware upgrade.  APs Group management for concept. ...

  • Page 15: System Configuration

    System Configuration There are common functions in any mode have Management / Time Server / SNMP and Time Policy. Please refer to the following detailed instructions. Management Administrators can specify geographical location of the system via instructions in this page and modify system login password and select use system login protocol by 80, 443, 23, 22 Port.
  • Page 16  System Language: Administrator can select system language for English and Traditional Chinese  System Information: Administrator can set the system name / Description and Location.  Root Password: Administrator can change system login password.  LED Control:When system working the moment, device LED will flashes. Administrator can select close the LED flashes in the function.

  • Page 17: Configure Time Server

    Monthly : Setting Every month, fixed date and time to system reboot  Click “Save” button to save your changes. And click “Reboot” button to activate your changes Configure Time Server Administrator can select manual or via a NTP server to modify system time for the right local time.
  • Page 18 Mode: Administrator can select NTP Server or Manual.   NTP Server: System can auto update the system time. Administrator needs setting as NTP Server.  Default NTP Server: Administrator can select NTP Server.  NTP Server: Administrator can setting as NTP Server. ...

  • Page 19: Snmp

    3.3 SNMP SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. By enabling SNMP function, the administrator can obtain the system information remotely. Please click on System -> SNMP and follow the below setting. SNMP v2c function Active: Administrator can select Enable or Disable the service.

  • Page 20: Configure Time Policy

    SNMP Trap Events such as cold start interface up & down, and association & disassociation will report to an assigned server. Active: Administrator can select Enable or Disable the service.  Community: Set a community string required by the remote host computer that will receive trap ...
  • Page 21 Please click Edit button to setting Time Policy rules. Comment: Enter the description of Time Policy rule.  Mode: Administrator can select On schedule or Out of schedule to execution the rules.  Create New Policy button: Administrator can set time for week / start time and end time. Click “Save”...

  • Page 22: Access Point Mode

    Access Point mode When AP mode is chosen, the system can be configured as an Access Point. This section provides detailed explanation for users to configure in the AP mode with help of illustrations. In the AP mode, functions listed in the table below are also available from the Web-based GUI interface.

  • Page 23: Network Setup

    Default Gateway: Set IP address of Gateway.  Port Isolate : When enable web authentication function, administrator can chooses Ethernet port  whether used web authentication.(This function need enable System Authentication function)  Enable: If chooses enable this function then client connection Ethernet port will need ...

  • Page 24: Network Pull-Down Menu

    IP Mode:Administrator can select enable or disable function for VLAN IP.  IP Address/ NetMask:Administrator can set IP address and netmask for the VLAN.  Management Access Point 0:Administrator can Enable or Disable 2.4G Radio.  Access Point 1:Administrator can Enable or Disable 5G Radio. ...

  • Page 25: Dhcp Server

    4.1.1 DHCP Server Administrator can select enable / disable the function  Start IP: Set Start IP address for DHCP Service.  End IP: Set End IP address for DHCP Service.  Netmask: Set IP Netmask, the default is 255.255.255.0 ...

  • Page 26: Bandwidth Control

    Static Lease IP Setup Administrator can set be delivered fixed IP address to the users. Comment: Enter rule description.  IP Address: Enter access point IP.  MAC Address: Enter Client MAC Address of PC network.  Click “Save” button to save your changes. Then click Reboot button to activate your changes. 4.1.2 Bandwidth Control Administrators can set bandwidth limit the max/min bandwidth of the...

  • Page 27: Radio 0(2.4G)/1(5G) Access Point Setup

    Administrator can set total bandwidth used limit in VLAN.  QoS Rule List: Administrator can set bandwidth limit by IP/MASK, IP Range, Port(Service), SIP,  RTP/RTSP, WEB protocol , each VLAN can set 10 bandwidth management rule. Click “Save” button to save your changes. Then click Reboot button to activate your changes. 4.1.3 Radio 0(2.4G)/1(5G) Access Point Setup Administrator can Enable or Disable radio 0/1 (2.4/5G) Wi-Fi.
  • Page 28 Access Point: Administrator can Enable or Disable the radio 0/1 (2.4G/5G).  ESSID: Administrator can set Wi-Fi SSID name  SSID Visibility: Administrator can select Enable or Disable the Visibility.  Client Isolation: Enable or Disable the client isolation function. ...
  • Page 29 TKIP is short for “Temporal Key Integrity Protocol”, TKIP scrambles the keys using a hashing algorithm and, by adding an integrity-checking feature, ensures that the keys haven’t been tampered with. Group Key Update Interval: The time interval is for re-keying GTK ...

  • Page 30: Mac Filter

    4.1.4 MAC Filter (1 ) Only Deny List MAC:Administrator can add wireless users MAC address in MAC list. The access point will deny connection in MAC address list. (2) Only Allow List MAC:Administrator can add wireless users MAC address in MAC list. The access point will allow connection in MAC address list.

  • Page 31: Fast Roaming Setup

    4.1.5 802.11r Fast Roaming Setup The dual band Access Point supports 802.11r/802.11k function for 2.4G and 5G radio. 802.11r, which is the IEEE standard for fast roaming, introduces a new concept of roaming where the initial handshake with the new AP is done even before the client roams to the target AP. If this feature is enabled when using 802.11r fast roaming, the wireless user equipment must support 802.11k functionality to work properly Mobility Domain: MDID is used to indicate a group of APs (within an ESS, i.e., sharing the same...
  • Page 32 R0/NAS Identifier: PMK-R0 Key Holder identifier. When using IEEE 802.11r, nas_identifier must  be set and must be between 1 and 48 octets long. R1 Identifier: PMK-R1 Key Holder identifier 6-octet identifier as a hex string.  R1 Push: Administrator can select Enable or disable. If enable the function will automatically ...

  • Page 33: Authentication

    Authentication This function used to operate in Access Point mode, the function is for Web Authentication. It supports authentication for local users / RADIUS Server / OAuth2.0 and Guest. The system supports in N VLANs with web authentication. Please click on System -> Authentication When enable web authentication function, please does make the Access Point can be connected to gateway.
  • Page 34 Authentication:Administrator can enable or disable authentication function.  Multiple Login:Administrator can set one account to multiple users simultaneously login and  the users can set limit.( 0 = not limited) Login Timeout:After account login for some time no traffic, system will automatic timeout ...

  • Page 35: Set Authentication Function

    Click “Save” button to save your changes. Then click Reboot button to activate your changes. 4.2.2 Set Authentication function : By Clicking the Dropdown button, Administrators can set authentication functions. # Guest Administrator can enable or disable guest authentication. If enabled, the administrator can set guest Count Limit / login time and type and flow control.

  • Page 36: Local User

    Service:Administrator can select enable or disable this function.  Login Type :  One Time: Login to start counting until the end of time.  Multiple Times: logout time will stop counting until the next re-login to time start counting. ...

  • Page 37: Sample For Google Oauth2.0 Setup

    #:Display items.  Active:Display on/off status for authentication.  Provider :Display authentication server. The system default use authentication server for Google  and Facebook Sample for Google OAuth2.0 setup Please complete the application on the Google website to receive an account ID and password, follow the steps below.
  • Page 38 Step.2 Click Credentials to create OAuth client ID in the API manager page. Step.3 Select web application in the “Application Type” section and set “Restrictions” URL. V4.0...
  • Page 39 Step.4 Set Authorized JavaScript origins and Authorized redirect URLs (important) Administrator must set login URL in the device function. After complete set of login URL go to the “Restrictions” function in web page. Follow the steps below to set login URLs Setup login URL in the device.
  • Page 40 Step.5 After completing the “Restrictions” setup, click the create button. An OAuth Client page will pop-up with your “client ID” and “client secret”. Administrators must copy and paste their client ID and secret into the OAuth 2.0 Setup page in our software UI. Save and reboot the AP system, complete the setup.

  • Page 41: Sample For Facebook Oauth2.0 Setup

    Sample for Facebook OAuth2.0 setup Please complete the application on the Facebook website to receive an account ID and password, follow the steps below. Step.1 Please to Facebook developer’s page and add a New App Step.2 Select WWW function Step.3 Administrator must set www for your information.
  • Page 42 Step.4 Please click “Setting” and add Platform Step.5 Select Platform for “Website” Step.6 Enter URL is http://domain0.login.com/login/index.cgi?cgi=CALLBACK Administrator must set login URL in the device function. After complete set of login URL go to the “Facebook function in web page. Follow the steps below to set login URLs Site URL”...
  • Page 43 After complete set of login URL go to the “Facebook function in web page. Copy and Site URL” paste the login URL from the system display into the “ Site URL” page on the Facebook website. Step.7 Click Advanced function to enable the “Native or desktop app?”...

  • Page 44: Pop3/Imap Server

    Client ID and Client Secret setup by third parties such as Facebook and Google are subject to change. The instructions above follow the 2016 setup procedure. Any future changes to the Facebook/Google process may lead to our instructions becoming invalid. # POP3/IMAP Server The purpose of this integrated function is to allow clients to link a POP3 server for receiving emails from a remote server.

  • Page 45: Customize Page

    Connect Type : Select the Connect type with options of “STARTTLS”, “SSL/TTL”, or “None”.  POP3 Server Test : Use this tool to test if the POP3 server is operating correctly with your  selected email # Customize Page This function is to customize the user Login Page. This supports Multiple Language and allows comprehensive customization through HTML editing.
  • Page 46  Sample: See sample login page below that is customized by html coding (sample login page html code templates are available on Cerio website) The following function uses the enabled Template Multiple Language:Administrator can select enable or disable multiple language for login ...

  • Page 47: Language

    Language Administrator can create other language for login page. Click “Create New Language” button go to add or edit language for login page. Language: Set description of language.  Default Language: Display default language.  # Walled Garden This function provides certain free services or advertisement web pages for users to access the websites listed before login and authentication.

  • Page 48: Profile

    Device Name: Enter Device or Users Name.  IP Address: Enter used IP Address of Device or Users PC.  MAC Address: Enter MAC Address of Device or Users PC.  Click “Save” button to save your changes. Then click Reboot button to activate your changes.. # Profile Administrator can backup current authentication configuration and login page for HTML Source code.

  • Page 49: Radius Server

    RADIUS Server This function only used to operate in Access Point mode. Service:Administrator can select Enable or disable the function.  Radius:Administrator must to set remote RADIUS Server use Port.  Radius Secret:Administrator must to set remote RADIUS Server use Key. ...

  • Page 50: Wireless Configuration

    User Name:Create users name for RADIUS account.  Password:Enter password for user name.  Export User File:Administrator can export account list in RADIUS Server.  Import From PC:Administrator can import account list to the RADIUS Server.  Click “Save” button to save your set function. Then click Reboot button to activate your changes. Wireless Configuration This wireless functions administrator can set radio 2.4/5G application of the Access Point.
  • Page 51 MAC Address: Display 2.4G WiFi MAC address.  Country: Administrator can select country: US or EU or Taiwan.  Band Mode: Administrator can select 802.11b/g/n for the 2.4G Band.  Auto Channel: Administrator can Enable or Disable the function. If disabled, the WiFi channel ...

  • Page 52: Radio 1 Setup(5G)

    This product has a built-in 2x2 (2T2R) antenna for 2.4Ghz, which has been matched with the default setting of 2T2R. If there is no special demand, please keep this default setting . Extension Channel: Sets channel select to Upper or Lower. The Upper supports 1 to 7 range ...
  • Page 53 The system will automatically calculate the ideal reference value for the Slot Time and ACK Timeout. The input distance is calculated in units (meters). ACK Timout : When waiting for the "ACKnowledgment frame" interval is too long to be received, ...

  • Page 54: Advanced Setup

    4.5.3 Advanced Setup Beacon Interval: Beacon Interval is in the range of 40~3500 and set in unit of millisecond. The  default value is 100 msec. Access Point (AP) in IEEE 802.11 will send out a special approximated 50-byte frame, called “Beacon”.
  • Page 55 Fragmentation Threshold: Fragmentation Threshold is one more parameter which is given in  all stations and Access points. Fine tuning Fragmentation Threshold parameter can result in good throughput but not using it properly can results in low throughput. In simple words it does the same thing which MTU do in Ethernet.

  • Page 56: Wmm Setup

    4.5.4 WMM Setup This affects traffic flowing from the access point to the client station. Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic. You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent.
  • Page 57 AC Type:  Data Transmitted Queue Priority Description AP to Clients AC_BK Background High throughput. Bulk data that requires maximum throughput and is not time-sensitive is sent to this queue (FTP data, for example). AC_BE Best Effort Medium Medium throughput and delay. Most traditional IP data is sent to this queue.

  • Page 58: Wds Setup

    While the No ACK policy helps improve transmission efficiency, it can cause increased packet loss when communication quality deteriorates. This is because when this policy is used, a sender does not retransmit packets that have not been received by the recipient. When the Normal ACK policy is used, the recipient acknowledges each received uncast packet.

  • Page 59: Wds Status

    WDS Setup: Administrator can select Enable or Disable.  Security Type: Enable or Disable AES 128bit encryption function.  Pass Phrase : AES encryption custom key can input 0 ~ 9 numbers or A ~ Z uppercase and  lowercase English format, it can support 8 ~ 32 characters key encryption algorithm in each WDS connecting each other with secure encrypted transmission.
  • Page 60 MAC Address:Display connected MAC Address.。  Rate(TX/RX):Display Tx/Rx rate of the point to point。  RSSI: Display signal connection value of RSSI  Click “Save” button to save your set function. Then click “Reboot” button to activate your changes. V4.0...

  • Page 61: Cap Mode

    CAP Mode The CAP mode itself isn’t Access Point. This mode is primarily to control all the managed AP. The following describes setup function in system menu 5.1 Change Setup mode If the administrator needs to switch to CAP mode, Please click "System"-> " Mode Setup " to change CAP mode.
  • Page 62  #:Display VLAN No.  VLAN Mode:Display on /off line status for the VLAN mode  IP Address:Display IP address for the VLAN mode.  NetMask:Display netmask for the VLAN mode.  Action:Administrator can set VLAN IP、Radio 2.4 or 5G on/off、Spanning tree、IAPP and VLAN tag. VLAN Mode:Administrator can Enable or disable the VLAN function.

  • Page 63: Ap Control

    ETH0:Administrator select Enable/disable the Ethernet port.  VLAN Tag:Administrator can set Tag ID for the Ethernet port.  Set Gateway / DNS address functions.  Gateway: The default Gateway IP Address is 192.168.2.1, Please check your Gateway IP and  change.

  • Page 64: Scan Device

    5.3.1 Scan Device This management page can discover all managed APs in the network. Administrator can set IP address / Password and VLAN tag for managed APs. After the setup is complete, Administrator must import all managed APs to databases. VLAN# : Administrator can select VLAN network to discovery managed Aps ...

  • Page 65: Batch Setup

    Control Port:Administrator can change VLAN network for managed APs.  VLAN TAG:Administrator can set VLAN TAG ID for managed APs.  IP Address:Administrator can set IP address for managed APs, the IP address is  auto-incrementally. NetMask:Administrator can set NetMask for managed APs. ...
  • Page 66 VLAN:The function can select VLAN (please refer to “Configure VLAN Setup”) for  managed APs. VLAN Mode:Administrator can enable or disable VLAN mode of the managed APs.  Access Point0/1:Administrator can enable or disable 2.4G or 5G radio of the ...

  • Page 67: Ap Setup

    of the managed APs. Authentication Profile:After creating Profiles, See: “Authentication Profile” users can  conveniently apply Authentication profiles Gateway & DNS: Setting Gateway and DNS for managed APs.  Time Server: Setting System Time for managed APs. (Please refer to Configure Time Server) ...

  • Page 68: Group Setup

    5.3.4 Group Setup Administrator can create Groups within the same VLAN. VLAN:Select VLAN.  Create New Group:Click the button to create a new AP Group  Device button:Administrator can select managed APs and import them into the Group.  5.3.5 Map Setup The Map Setup feature allows administrators to upload a floor plan image to a web server, then use the image URL to import the map into the AP user interface.
  • Page 69  Map Name:Enter map name.  Image URL:Paste Map image url  Description:Enter the description for the map. After the Map URL setup confirmation, please reboot the system. :Once the Map is created and properly in the Map List, administrators can click the “Layout”...

  • Page 70: Authentication Profile

    5.3.6 Authentication Profile Administrator can pre-set authentication conditions in the profile, the authentication set can refer “Authentication”. Create New Profile:Administrator can create authentication profile.  Edit: Click the Authentication button to Enable or Disable authentication  function. For more details, refer to “Authentication”. Click Dropdown to set authentication functions.

  • Page 71: Client Bridge Mode

    Client Bridge Mode When Client Bridge is chosen, the system can be configured as a Client Bridge and support Repeater AP function. This can setup VLAN and DHCP server in the system menu. 6.1 Change Setup mode If the administrator needs to switch to Client Bridge mode, Please click "System"-> " Mode Setup " to change Client Bridge mode.
  • Page 72 Mode: Administrator can select the IP used Static or Dynamic IP address.  Static IP : A set of fixed IP addresses can be manually set for the system to use.  Dynamic IP : If there is a DHCP server on the top, you can use the dynamic IP address to let ...
  • Page 73  Primary DNS: The IP address of the primary DNS server.  Secondary: The IP address of the secondary DNS server. 802.1d Spanning Tree :  The spanning tree network protocol provides a loop free topology for a bridged LAN between LAN interface and 8 WDS interfaces from wds0 to wds7.

  • Page 74: Configure Dhcp Setup

    Configure DHCP Setup The DHCP Service function in the Client Bridge device can select a separate IP Address range within the same network segment of the source AP, and allocate those IP Addresses to connecting clients. Start IP / End IP: Specify the range of IP addresses to be used by the DHCP server when assigning IP ...
  • Page 75 could introduce potential conflicts. Lowering the lease time will avoid potential address conflicts, but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server. Default is 86400 seconds DHCP Clients List: When users link to CenOS 5.0 AP and use IP address of the DHCP service, the DHCP Client List will display users the information and used IP address.

  • Page 76: Wireless General Setup

    6.4 Wireless General Setup The main setup Client Bridge connection to AP Station and Repeater AP functions setting, MAC filter, WMM and 802.11r/802.11k Fast Roaming etc in wireless menu. When the upper limit of the 2.4G frequency is used, the repeater AP will only be able to use the other two 5G extension Repeater AP APs.
  • Page 77 Tx Power: Administrator can adjust the output power of the system to get the appropriate  coverage for your wireless network. Specify digit numbers between level 1 to level 9 (the unit is %) for your environment. If you are not sure which setting to choose, then keep the default setting level 9 (100%).

  • Page 78: Radio 1 (5G) Basic Setup

    Channel Bandwidth: The "20/40” MHz option is usually best. The other option is available for  special circumstances. MCS: This parameter represents transmission rate. By default (Auto) the fastest possible  transmission rate will be selected. You have the option of selecting the speed if necessary. Shout GI: Short Guard Interval, by default, it's “Enable”.
  • Page 79 MAC Address: Display Radio 1(5G) used MAC address.  Country: Administrator can select country used channel by US / EU and Taiwan.  Band Mode: If Client Bridge want to use 5G link to Access Point then administrator can enable ...

  • Page 80: Advanced Setup

    This product has a built-in 2x2 (2T2R) antenna for 5Ghz, which has been matched with the default setting of 2T2R. If there is no special demand, please keep this default setting . Channel Bandwidth: The "20/40 and 802.11ac 80” MHz option is usually best. The other ...
  • Page 81 Beacon Interval: Beacon Interval is in the range of 40~3500 and set in unit of millisecond. The  default value is 100 msec. Access Point (AP) in IEEE 802.11 will send out a special approximated 50-byte frame, called “Beacon”. Beacon is broadcast to all the stations, provides the basic information of AP such as SSID, channel, encryption keys, signal strength, time stamp, support data rate.
  • Page 82 due to hidden wireless clients. RTS in AP will be enabled automatically if the packet size is larger than the Threshold value. By default, RTS is disabled in a normal environment supports non-jumbo frames. Short Preamble: By default, this function is “Enabled”. Disabling will automatically use the ...

  • Page 83: Wmm Setup

    6.4.4 WMM Setup His affects traffic flowing from the access point to the client station. Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic. You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent.
  • Page 84 AC Type:  Data Transmitted Queue Priority Description AP to Clients AC_BK Background High throughput. Bulk data that requires maximum throughput and is not time-sensitive is sent to this queue (FTP data, for example). AC_BE Best Effort Medium Medium throughput and delay. Most traditional IP data is sent to this queue.

  • Page 85: Station Setup

    TxOP Limit:Transmission Opportunity is an interval of time when a WME AP has the right to  initiate transmissions onto the wireless medium (WM). This value specifies (in milliseconds) the Transmission Opportunity (TXOP) for AP; that is, the interval of time when the WMM AP has the right to initiate transmissions on the wireless network.。...
  • Page 86 MAC Address List: The function can discovery AP Station and select want to link the AP station,  please click site survey button. If want to discovery 2.4G station then administrator need to enable station mode in Radio 0 (2.4G) function page (reference manual 6.4.1 “Radio 0 Basic Setup”).

  • Page 87: Repeater Ap Setup

    6.4.6 Repeater AP Setup Administrators can configure ESSID, SSID broadcasting, Maximum number of client associations. 1. If want to use Repeater AP function then Clinet Bridge must determine connection to Access Point then Repeater AP can operate normally. 2. The default is enabling of Repeater AP. If want to used pure Client Bridge will can disable it.
  • Page 88  Open System: Data are not unencrypted during transmission when this option is selected.  WPA/WPA2 Personal: WPA/WPA2 is short for W-Fi Protected Access-Pre-Shared Key. WPA/WPA2 uses the same encryption way with WPA, and the only difference between them is that WPA/WPA2 recreates a simple shared key, instead of using the user’s certification.

  • Page 89: Mac Filter Setup

    6.4.7 MAC Filter Setup Administrator can setup allow or reject WiFi clients(MAC address) to access Repeater AP. Rule: Select the desired access control type from the drop-down list; the options are Disable,  Allow or Reject. Only Allow List MAC: Define certain wireless clients in the list which will have granted ...

  • Page 90: Fast Roaming Setup

    Only Deny List MAC: Define certain wireless clients in the list which will have denied  access to the Access Point while the access will be granted for all the remaining clients - Action Type is set to “Only Deny List MAC”. MAC Address: Enter MAC Address for WiFi Clients.
  • Page 91 Please enter 2-octet identifier as a hex string. R0 Key Lifetime: Default lifetime of the PMK-RO in minutes, the default is 10000,  administrator can setting 1~65535. Reassoc deadline: Reassociation deadline in time units (TUs / 1.024 ms; range 1000~65535). ...
  • Page 92 MAC Address: Enter the main roaming device MAC address  R1 Identifier: Enter Shared identifier.  128-bit Key: Enter Shared Key of 128 bit.  R1 Key Holder List: After setting "R1 Key holders" function the information will appear in list. Click “Save”...

  • Page 93: Wisp Mode

    WISP Mode WISP Mode is a router function, if the Telecom company permits wireless connection to their WAN, administrators can change the CenOS 5.0 AP to WISP Mode to connect to the wifi network. The WISP Mode support PPPoE / Static IP / Dynamic IP and PPTP for WAN, and support Repeater AP function.
  • Page 94 WAN Setting Static IP: Users can manually setup the WAN IP address with a static IP provided by WISP.  IP Address: The IP address of the WAN port.  IP Netmask: The Subnet mask of the WAN port.  IP Gateway: The default gateway of the WAN port.
  • Page 95 Hostname : The Hostname of the WAN port  PPPoE : To create wireless PPPoE WAN connection to a PPPoE server in network.  User Name : Enter User Name for PPPoE connection  Password : Enter Password for PPPoE connection ...
  • Page 96 User Name: Enter account for PPTP.  Password: Enter user name account used password for PPTP.  PPTP Server IP: Enter remote IP address of PPTP Server.  WAN IP: The IP address of the WAN port.  Netmask: The Subnet mask of the WAN port. ...

  • Page 97: Configure Lan Setup

    default MAC or clone MAC from a PC. Default MAC Address: Keep the default MAC address of WAN port on the system.  Manual MAN Address: Enter the MAC address registered with your ISP.   Check “No Default DNS Server” or “Specify DNS Server IP” radial button as desired to set up system DNS.
  • Page 98 Mode: Administrator can select the IP used Static or Dynamic IP address.  Static IP : A set of fixed IP addresses can be manually set for the system to use.  Dynamic IP : If there is a DHCP server on the top, you can use the dynamic IP address to let ...
  • Page 99  Primary DNS: The IP address of the primary DNS server.  Secondary: The IP address of the secondary DNS server. 802.1d Spanning Tree :  The spanning tree network protocol provides a loop free topology for a bridged LAN between LAN interface and 8 WDS interfaces from wds0 to wds7.

  • Page 100: Configure Dhcp Setup

    Configure DHCP Setup The DHCP Service function in the Client Bridge device can select a separate IP Address range within the same network segment of the source AP, and allocate those IP Addresses to connecting clients. Start IP / End IP: Specify the range of IP addresses to be used by the DHCP server when assigning IP ...
  • Page 101 Lease Time: The IP addresses given out by the DHCP server will only be valid for the duration  specified by the lease time. Increasing the time ensure client operation without interruptions, but could introduce potential conflicts. Lowering the lease time will avoid potential address conflicts, but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server.

  • Page 102: Wireless General Setup

    7.5 Wireless General Setup The main setup Client Bridge connection to AP Station and Repeater AP functions setting, MAC filter, WMM and 802.11r/802.11k Fast Roaming etc in wireless menu. When the upper limit of the 2.4G frequency is used, the repeater AP will only be able to use the other two 5G extension Repeater AP APs.
  • Page 103 Band Mode: Select an appropriate wireless band; bands available are 801.11 b/g/n mixed  mode. Tx Power: Administrator can adjust the output power of the system to get the appropriate  coverage for your wireless network. Specify digit numbers between level 1 to level 9 (the unit is %) for your environment.

  • Page 104: Radio 1 (5G) Basic Setup

    Channel Bandwidth: The "20/40” MHz option is usually best. The other option is available for  special circumstances. MCS: This parameter represents transmission rate. By default (Auto) the fastest possible  transmission rate will be selected. You have the option of selecting the speed if necessary. Shout GI: Short Guard Interval, by default, it's “Enable”.
  • Page 105 the function (Radio 1(5G). Auto Channel: Administrator can Enable or Disable the function. If select disable function the  WiFi channel can be fixed a channel. Channel: Support US / EU / Taiwan country by 5G Channel.  Tx Power: Administrator can control the WiFi Tx output power. The power Max. Level 9. ...
  • Page 106 This product has a built-in 2x2 (2T2R) antenna for 5Ghz, which has been matched with the default setting of 2T2R. If there is no special demand, please keep this default setting . Channel Bandwidth: The "20/40 and 802.11ac 80” MHz option is usually best. The other ...

  • Page 107: Advanced Setup

    7.5.3 Advanced Setup Beacon Interval: Beacon Interval is in the range of 40~3500 and set in unit of millisecond. The  default value is 100 msec. Access Point (AP) in IEEE 802.11 will send out a special approximated 50-byte frame, called “Beacon”.
  • Page 108 multicast applications. Fragmentation Threshold: Fragmentation Threshold is one more parameter which is given in  all stations and Access points. Fine tuning Fragmentation Threshold parameter can result in good throughput but not using it properly can results in low throughput. In simple words it does the same thing which MTU do in Ethernet.

  • Page 109: Wmm Setup

    7.5.4 WMM Setup His affects traffic flowing from the access point to the client station. Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic. You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent.
  • Page 110 AC Type:  Data Transmitted Queue Priority Description AP to Clients AC_BK Background High throughput. Bulk data that requires maximum throughput and is not time-sensitive is sent to this queue (FTP data, for example). AC_BE Best Effort Medium Medium throughput and delay. Most traditional IP data is sent to this queue.

  • Page 111: Station Setup

    initiate transmissions onto the wireless medium (WM). This value specifies (in milliseconds) the Transmission Opportunity (TXOP) for AP; that is, the interval of time when the WMM AP has the right to initiate transmissions on the wireless network.。 ACM bit:Admission Control Mandatory, ACM only takes effect on AC_VI and AC_VO. When ...
  • Page 112 MAC Address List: The function can discovery AP Station and select want to link the AP station,  please click site survey button. If want to discovery 2.4G station then administrator need to enable station mode in Radio 0 (2.4G) function page (reference manual 7.5.1 “Radio 0 Basic Setup”).

  • Page 113: Repeater Ap Setup

    7.5.6 Repeater AP Setup Administrators can configure ESSID, SSID broadcasting, Maximum number of client associations. 1. If want to use Repeater AP function then Clinet Bridge must determine connection to Access Point then Repeater AP can operate normally. 2. The default is enabling of Repeater AP. If want to used pure Client Bridge will can disable it.
  • Page 114  Open System: Data are not unencrypted during transmission when this option is selected.  WPA/WPA2 Personal: WPA/WPA2 is short for W-Fi Protected Access-Pre-Shared Key. WPA/WPA2 uses the same encryption way with WPA, and the only difference between them is that WPA/WPA2 recreates a simple shared key, instead of using the user’s certification.

  • Page 115: Mac Filter Setup

    7.5.7 MAC Filter Setup Administrator can setup allow or reject WiFi clients(MAC address) to access Repeater AP. Rule: Select the desired access control type from the drop-down list; the options are Disable,  Allow or Reject. Only Allow List MAC: Define certain wireless clients in the list which will have granted ...

  • Page 116: Fast Roaming Setup

    Action Type is set to “Only Allow List MAC”. Only Deny List MAC: Define certain wireless clients in the list which will have denied  access to the Access Point while the access will be granted for all the remaining clients - Action Type is set to “Only Deny List MAC”.
  • Page 117 Mobility Domain: MDID is used to indicate a group of APs (within an ESS, i.e., sharing the  same SSID) between which a STA can use Fast BSS Transition. Please enter 2-octet identifier as a hex string. R0 Key Lifetime: Default lifetime of the PMK-RO in minutes, the default is 10000, ...
  • Page 118 Enter a unified set of R1 Key Holder identification certification. MAC Address: Enter the main roaming device MAC address  R1 Identifier: Enter Shared identifier.  128-bit Key: Enter Shared Key of 128 bit.  R1 Key Holder List: After setting "R1 Key holders" function the information will appear in list. Click “Save”...

  • Page 119: Advanced Setup

    7.6 Advanced Setup Administrator can set basic routing security functions, including DMZ / IP and MAC filtering / virtual servers and access control management (basic firewall rules) in Advance memu. 7.6.1 DMZ is commonly work with the NAT functionality as an alternative of Virtual Server(Port Forwarding) while wanting all ports of DMZ host visible to Internet users.

  • Page 120: Ip Filter

    External IP Address: Enter external IP address  Internal IP Address: Enter Virtual IP for service device.  Click “Save” button to save your set function. Then click “Reboot” button to activate your changes. 7.6.2 IP Filter Can allow or deny filter ingress or egress packets from specific source and/or to destination IP address on wired (LAN) or Wireless (WAN) ports.
  • Page 121 Active: Administrator can select Enable or Disable the service.  Comment: Enter the description of IP filter rule.  Policy: Administrator can select the IP flow rule of Deny or Pass.  In/ Out: Administrator can select the IP flow rule of In/out bound. ...

  • Page 122: Mac Filter

    7.6.3 MAC Filter Allows creating MAC filter rules to allow or deny unicast or multicast packets from limited number of MAC addresses. Important and must note. That MAC filter rules have precedence over IP Filter rules. Mode: Administrator can select Deny or Allow. ...

  • Page 123: Virtual Server

    7.6.4 Virtual Server The “Virtual Server” can also referred to as “Port Forward” as well and used interchangeably. Resources in the network can be exposed to the Internet users in a controlled manner including on-line gaming, video conferencing or others via Virtual Server setup. Don’t repeat ports’ usage to avoid confusion.

  • Page 124: Access Control

    Active: Administrator can select Virtual server rule to Enable or disable.  Comment: Enter the description of virtual server rule.  Protocol: Administrator can select service protocol of TCP or UDP.  Public Port: Enter service port No. for public. ...
  • Page 125 Comment: Display information for the rule.  Protocol:Display information for the protocol.  Edit:Administrator can click the button to set Access Control rule.  # Access control rules: Active:Administrator can select Enable or Disable for the Access control rule.  Comment:Administrator can enter comment for the role.

  • Page 126: Utilities

    8. Utilities Administrator can backup or restore system configuration / firmware Upgrade / ping tools and system reset to default or reboot system. 8.1 Profile Setting This Functions purpose is to backup current configuration, restore prior configuration or reset back to factory default configurations.

  • Page 127: System Upgrade

    Load Settings from PC: Click Browse button to locate a configuration file to restore, and then click  Upload button to upload. Reset To Factory Default: Click Default button to reset back to the factory default settings and  expect Successful loading message. Then, click Reboot button to activate. 8.2 System Upgrade Firmware is the main software image that system needs to respond to requests and to manage real time operations.
  • Page 128 Select File: Administrator can select Firmware file in Local PC.  Upgrade Via Local PC and TFTP Server: The upgrade firmware will support via local PC and TFTP Server and HTTP URL to upgrade system. We strongly recommend that you perform the firmware update by following these steps: 1.Please use a RJ-45 network cable to connect the computer and the wireless base AP mode to perform the update operation.

  • Page 129: Network Utility

    8.3 Network Utility The administrator can diagnose network connectivity via the PING or TRACEROUTE utility. Please click on Utilities -> Network Utility and follow the below setting. Ping: This utility will help ping other devices on the network to verify connectivity. Ping utility, ...

  • Page 130: Reboot

    8.4 Reboot This function allows user to restart system with existing or most current settings when changes are made. Click Reboot button to proceed and take around three minutes to complete. 9. Status The status mainly displays system related information, including system network information, wireless base station information, and wireless user connection information.

  • Page 131: Overview

    9.1 Overview Detailed information on System, Network can be reviewed via this page. Overview : It mainly displays the current mode, name, time, firmware version, network card address and related network settings. V4.0...
  • Page 132 Information : Shows the performance / memory usage of the total CPU space used by the current system and the current number of connected wireless users.。 Radio 0 / Radio 1 wireless Information : Displays the basic operating mode information of the current Radio 0 (2.4GHz) / Radio 1 (5GHz) wireless AP.

  • Page 133: Wireless Client

    9.2 Wireless Client The page can be display Wireless user information link to access point. Administrator can monitor MAC In addition to CAP mode) address / rate and RSSI for the wireless users. ( Radio:Display information for wireless client connection Radio 0 or 1 ...

  • Page 134: Authentication Log

    VLAN#:Display VLAN number.  Authentication:Display Captive Portal authentication function is on/off in the VLANs.  Users Count:Display the VLAN network connected user’s amount.  Download Packets: Display total download packets amount information of the VLAN.  Upload Packets:Display total upload packets amount information of the VLAN. ...

  • Page 135: System Log

    The authentication log can monitor account login/logout type and account use time. (This page only used AP mode) Date: Administrator can select dates.  VLAN: Administrator can select VLANs.  Detall: Administrator can clicl button to open detall information.  9.5 System Log The system log displays system events when system is up and running.

  • Page 136: Other Technical Documents]

    [ Other technical documents] Point to Point / Multi-Point for WDS settings 10.1 The WDS function is applied in the wireless AP mode. This function is mainly used for point-to-point wireless AP bridging. For the setting method,You can refer to the manual 4.5.5 “WDS Setting”. This document mainly guides the key WDS procedures.

  • Page 137: Apply Cerio Web Authentication Login

    10.2 Apply CERIO web authentication login page sample If the device uses our company's wireless AP CenOS5.0, and the web authentication function is enabled, you will be able to customize the web authentication page. You can follow the steps below to easily complete the sample login page.
  • Page 138 Step 3 : Please go to the pull-down function button of the authentication function, and enter the “User Name” and “password” , See as follows. 特別補充: * If want to use the system preset page, please refer to step * If want to apply our template, please refer to below for step 5, step * If want to edit the webpage by yourself, please refer to...
  • Page 139 Step 6 : Go to the company's Cerio website to download the sample file first. And open your download sample, select all the HTML syntax and copy it, then paste it on the custom edit page of the system and save it.
  • Page 140 Close "Template" first, then copy the sample html_code syntax and replace it in the HTML source code edit “ Customize HTML Source code” bar. After clearing the HTML source code content, then paste all the downloaded source code into the field, save and restart the device, and you can finish editing the login page. Login page for template below : V4.0...
  • Page 141 V4.0...
  • Page 142 This part must be within 190 lines. If the written HTML / CSS and other source code exceeds a certain line, it is recommended to save the CSS source code to the remote Web server, and then enter the IP address of the remote web server. Within Walled Garden.
  • Page 143 Add <style> .form-signin-heading {display: none;} </ style> in the head to hide the description “Please Sign in” as shown in the figure below, and find the Please Sign in word disappeared, and so on. V4.0...

  • Page 144: Appendix A. Web Gui Valid Characters

    Appendix A. WEB GUI Valid Characters Table B WEB GUI Valid Characters Block Field Valid Characters IP Address IP Format; 1-254 IP Netmask 128.0.0.0 ~ 255.255.255.252 IP Gateway IP Format; 1-254 Primary DNS IP Format; 1-254 Secondary DNS IP Format; 1-254 Hostname Length : 32 0-9, A-Z, a-z...
  • Page 145 Block Field Valid Characters SNMP RO/RW community Length : 32 0-9, A-Z, a-z ~ ! @ # $ % ^ * ( ) _ + - { } | : < > ? [ ] ; ` , . = RO/RW user Length : 31 0-9, A-Z, a-z...
  • Page 146 Block Field Valid Characters Radius Server IP IP Format; 1-254 Radius Port 1 ~ 65535 Shared Secret 8 ~ 64 characters Session Timeout >= 60 seconds; 0 is disable WDS Setup AES Key 8 ~ 63 ASCII chars; 64 HEX chars Peer's MAC Address 12 HEX chars Description...

Table of Contents