Page 1 Wireless AP-3 User’s Guide For Software Release 2.5.2 Document No. 21-300403 Issue 1 October 2004...
Page 2 Be aware that there may be a risk of unauthorized intrusions associated with your system and/or its networked equipment. Also realize that, if such an intrusion should occur, it could result in a variety of losses to your company (including but not limited to, human/data privacy, intellectual property, material assets, financial resources, labor costs, and/or legal costs).
Page 3 Also, you will be advised of your right to file a complaint with the FCC if you believe it is For G350 and G700 Media Gateways: necessary.
Page 4 ACTA. A compliant telephone Voice 1.800.457.1235 or 1.207.866.6701 cord and modular plug is provided with this product. It is designed to be FAX 1.800.457.1764 or 1.207.626.7269 connected to a compatible modular jack that is also compliant. It is Write: Globalware Solutions recommended that repairs be performed by Avaya certified technicians.
Page 5: Table Of Contents
802.11b ........
Page 6 LED Indicators ........Related Topics ........
Page 7 Syslog ........
Page 8 Intra BSS ........
Page 9 IP/ARP Table ........
Page 10 Appendix A: The Command Line Interface ....In This Appendix ........
Page 11 ........
Page 12 Configure Secure Socket Layer (HTTPS)....IAPP Commands ........
Page 13 Edit Management IP Access Table ..... . IP Commands ........
Page 14 SpectraLink VoIP Parameters (802.11b and b/g Modes Only) ..SSH Commands ........
Page 15 802.11a Parameters ....... . Syntax Examples ....... . .
Page 16 CLI Batch File ........
Page 17 Appendix D: Technical Support ..... . 325 Before You Seek Help ....... . .
Page 18 Contents 18 Wireless AP-3 User’s Guide...
Page 19: Chapter 1: Introduction
The term, 802.11, is used to describe features that apply to the 802.11a, 802.11b, and ● 802.11g wireless standards. A Dual-radio AP is an Access Point that includes two radios; it can support one or two ● IEEE radio standards (depending on the type of radios installed). The AP-3 is a Dual-radio An 802.11a AP is an Access Point that supports the IEEE 802.11a standard.
Page 20: Introduction To Wireless Networking
Introduction Introduction to Wireless Networking An AP extends the capability of an existing Ethernet network to devices on a wireless network. Wireless devices can connect to a single Access Point, or ● move between multiple Access Points located within the same vicinity. As wireless clients ●...
Page 21: Guidelines For Roaming
All workstations with an 802.11 client adapter installed must use either a Network Name of ● “any” or the same Network Name as the Access Points that they will roam between. If an AP has Closed System enabled, a client must have the same Network Name as the...
Page 22: Data Rates
319 for details. 802.11a Also in 1999, the IEEE modified the 802.11 standard to support devices operating in the 5 GHz frequency band. This standard is referred to as 802.11a. 802.11a devices are not compatible with 2.4 GHz 802.11 or 802.11b devices. 802.11a radios use a radio technology called Orthogonal Frequency Division Multiplexing (OFDM) to achieve data rates of up to 54 Mbits/ sec.
Page 23: Management And Monitoring Capabilities
AP; the other secure management option is SNMPv3. Enabling HTTPS makes it possible for you to access the AP in a secure fashion by using Secure Socket Layer (SSL) over port 443. The AP supports SSLv3 with a 128-bit encryption certificate maintained by the AP for secure communications between the AP and the HTTP client.
Page 24: Command Line Interface
How To Access the CLI You access the CLI over a HyperTerminal serial connection or via Telnet. During initial configuration, you can use the CLI over a serial port connection to configure an Access Point’s IP address. When accessing the CLI via Telnet, you can communicate with the Access Point from over your LAN (switch, hub, etc.), from over the Internet, or with a “crossover”...
Page 25: Snmpv3 Secure Management
Management and Monitoring Capabilities Avaya provides these MIB files on the CD included with each Access Point. You need to compile one or more of the above MIBs into your SNMP program’s database before you can manage an Access Point using SNMP. See the documentation that came with your SNMP manager for instructions on how to compile MIBs.
Page 26 The default SNMPv3 username is administrator, with SHA authentication, and DES privacy protocol. Note: The remainder of this guide describes how to configure an AP using the HTTP Note: Web interface or the CLI interface. For information on how to manage devices using SNMP, see the documentation that came with your SNMP program.
Page 27: Chapter 2: Getting Started
Name, which applies only to the Access Point. The network administrator typically provides the Network Name. AP’s IP Address If you do not have a DHCP server on your network, then you need to assign the Access Point an IP address that is valid on your network.
Page 28 RADIUS authentication server (so both passwords must be the same), and is typically provided by the network administrator. Authentication Server This is a port number (default is 1812) and is typically provided Authentication Port by the network administrator. Client IP Address Pool...
Page 29: Product Package
5 GHz Antenna Adapter or AP-3 11a Upgrade Kit The 5 GHz Antenna Adapter or 11a Upgrade Kit can be used in the Access Point. Because 802.11a requires an antenna adapter, only one 5 GHz radio can be installed in the AP. The second slot can be populated with an 802.11b or 802.11b/g card.
Page 30: System Requirements
802.11b AP 802.11b/g client device 802.11b/g AP A computer that is connected to the same IP network as the AP and has one of the ● following Web browsers installed: - Microsoft Internet Explorer 6 with Service Pack 1 or later and patch Q323308 - Netscape 6.1 or later...
Page 31: Hardware Installation
Figure 2: Insert Module into Mounting Bracket 2. Slide an 802.11b, 802.11b/g wireless card, or 802.11a card with antenna adapter (not included in the kit) into Slot A or B. If you are using two wireless cards, repeat this step for the second card. See...
Page 32 Getting Started Figure 3: Slide a PC Card into the AP 3. Connect power to the unit from a DC injector device, such as the Avaya Wireless 1-Port Active Ethernet DC Injector hub. This connection is made through the Ethernet port.
Page 33: Ap-3 With Power Supply
5. Conduct a Site Survey to determine the best location for your device. If you need assistance, contact your reseller for help. 6. Once you have chosen a final location for your unit, mount the wall bracket and the processor module and place the cover onto the unit as shown. See...
Page 34 Figure 6: Install the power supply 3. Slide the AP module onto the mounting bracket. Make sure it is properly seated. 4. Plug the DC connector from the power supply into the top of the AP module. See Figure Figure 7: Insert module in mounting bracket and attach power connector...
Page 35 Hardware Installation 5. Slide an 802.11b, 802.11b/g wireless card, or 802.11a card with antenna adapter (not included in the kit) into Slot A or B. If you are using two wireless cards, repeat this step for the second card. See...
Page 36 9. Conduct a Site Survey to determine the best location for your device. 10. Once you have chosen a final location for your unit, mount the wall bracket and the processor module and place the cover onto the unit as shown.
Page 37: Ghz Or Ap-3 11A Upgrade Kit
5 GHz or AP-3 11a Upgrade Kit If you are installing this kit on a new AP (an AP that has not been installed yet), skip to Step 4. 1. Remove the AP from your network by unplugging the power and Ethernet cables from the unit.
Page 38 Getting Started Figure 12: Insert Card and Antenna 6. Angle the antenna adapter slightly upwards, pinch the end tabs inwards and carefully slide the antenna adapter onto the mounting bracket. 7. Gently push forward while rotating the antenna downwards and clip the adapter into the small cutouts on the face of the mounting bracket.
Page 39: Initialization
● Setup Wizard on page 43 ● ScanTool is included on the Installation CD; the Setup Wizard launches automatically the first time you access the HTTP interface. Note: These initialization instructions describe how to configure an AP over an Ethernet Note: connection using ScanTool and the HTTP interface.
Page 40: Scantool
Default IP Address If your network does not contain a DHCP server, the Access Point’s IP address defaults to 10.0.0.1. In this case, you can use ScanTool to assign the AP a static IP address that is valid on your network.
Page 41 If the unit still does not appear in the list, see Chapter 7: Troubleshooting the AP-3 for suggestions. Note that after rebooting an Access Point, it may take up to five minutes for the unit to appear in the Scan List. Issue 1 October 2004...
Page 42 IP address and click Cancel to close ScanTool. Go to Setup Wizard for information on how to access the HTTP interface using this IP address. If the AP has not been assigned an IP address (in other words, the unit is using its default ●...
Page 43: Setup Wizard
Result: The Access Point will reboot automatically and any changes you made will take effect. i. When prompted, click OK a second time to return to the Scan List screen. j. Click Cancel to close the ScanTool. k. Proceed to Setup Wizard for information on how to access the HTTP interface.
Page 44 Getting Started 3. Enter the Access Point’s IP address in the browser’s Address field and press Enter. The AP’s IP address is either the dynamic IP address assigned by a network DHCP server or ● the static IP address you manually configured.
Page 45 If you exit from the Setup Wizard, any changes you submitted (by clicking the CAUTION: Save & Next button) up to that point will be saved to the unit but will not take effect until it is rebooted. 6. Configure the System Configuration settings and click Save & Next. See...
Page 46 7. Configure the Access Point’s Basic IP address settings, if necessary, and click Save & Next. See IP Configuration on page 66 for more information. 8. Assign the AP new passwords to prevent unauthorized access and click Save & Next. Each management interface has its own password: SNMP Read Password ●...
Page 47 Use the drop-down menu to select a specific transmit rate for the AP. Choose between 6, 9, 12, 18, 24, 36, 48, 54 Mbits/s, and Auto Fallback. The Auto Fallback feature allows the AP to select the best transmit rate based on the cell size.
Page 48 Set to Large, Medium, Small, Microcell, or Minicell depending on the Between APs site survey for your system. The distance value is related to the Multicast Rate (described next). In general, a larger distance between APs means that your clients operate a slower data rates (on average). This feature is available only if you are using an Orinoco Classic Gold client card or Avaya Gold client card.
Page 49 (SSIDs) detailed rules on configuring multiple SSIDs, VLANs, and security modes. Auto Channel By default, the AP scans the area for other Access Points and selects the Select best available communication channel, either a free channel (if available) or the channel with the least amount of interference. Remove the check mark to disable this option.
Page 50: Downloading The Latest Software
After making a change, click Save & Next to save the change and proceed to the next screen. 11. When finished, click Reboot on the Summary screen to restart the AP and apply your changes.
Page 51: Downloading Updates From A Tftp Server
5. Enter the File Name (including the file extension). Enter the full directory path and file name. If the file is located in the default TFTP directory, you need enter only the file name. 6. Select the File Type from the drop-down menu (use Img for software updates).
Page 52: Additional Hardware Features
● Installing the AP in a Plenum In an office building, plenum is the space between the structural ceiling and the tile ceiling that is provided to help air circulate. Many companies also use the plenum to house communication equipment and cables. However, these products and cables must comply with certain safety requirements, such as Underwriter Labs (UL) Standard 2043: “Standard for Fire Test for Heat...
Page 53: Active Ethernet
CAUTION: Do not drop the faceplate into the card slot in the AP. CAUTION: 4. To install a second radio card, the faceplate must be removed. Gently pry the faceplate off using the tab on the faceplate. Active Ethernet An Active Ethernet-enabled AP is equipped with an 802.3af-compliant Active Ethernet module.
Page 54: Led Indicators
Getting Started LED Indicators The AP-3 has four LED indicators, which operate as described in Table Table 5: LED Operation Power Ethernet PC Card A PC Card B Indication Green Green flash Green flash Green flash Normal Operation with data...
Page 55: Related Topics
Related Topics Related Topics The Setup Wizard helps you configure the basic AP settings required to get the unit up and running. The AP supports many other configuration and management options. The remainder of this user guide describes these options in detail.
Page 56 Getting Started 56 Wireless AP-3 User’s Guide...
Page 57: Chapter 3: Viewing Status Information
● Logging into the HTTP Interface Once the AP has a valid IP Address and an Ethernet connection, you may use your web browser to monitor the system status. Follow these steps to monitor an AP’s operating statistics using the HTTP interface: 1.
Page 58: System Status
Viewing Status Information Figure 18: Enter Network Password Screen 4. Enter the HTTP password in the Password field and click OK. Leave the User Name field blank. (By default, the HTTP password is “public”). Result: The System Status screen appears. See...
Page 59 See System Configuration on page 64 for information on these settings. System Alarms: System traps (if any) appear in this area. Each trap identifies a specific ● severity level: Critical, Major, Minor, and Informational. See Alarm Configuration page 117 for a list of possible alarms.
Page 60 Viewing Status Information 60 Wireless AP-3 User’s Guide...
Page 61: Chapter 4: Performing Advanced Configuration
- Configure security features such as MAC Access Control, WPA, WEP Encryption, and 802.1x. - Configure Rogue Access Point Detection (RAD) and define the Scan Interval. - Configure up to 16 VLAN and SSID pairs, and assign Security and RADIUS Profiles for each pair. Issue 1 October 2004...
Page 62: Configuring The Ap Using The Http/Https Interface
Result: The Enter Network Password screen appears. See Figure Figure 20: Enter Network Password Screen 4. Enter the HTTP password in the Password field and click OK. Leave the User Name field blank. (By default, the HTTP password is “public”). Result: The System Status screen appears.
Page 63 Configuring the AP Using the HTTP/HTTPS Interface Figure 21: Configure Main Screen 6. Click the tab that corresponds to the parameters you want to configure. For example, click Network to configure the Access Point’s TCP/IP settings. The parameters contained in each of the configuration categories are described later in this chapter.
Page 64: System Configuration
DNS is a distributed database that maps the user-readable names and IP addresses (and more) of every registered system on the Internet. Dynamic DNS is a lightweight mechanism that allows for modification of the DNS data of host systems whose IP addresses change dynamically.
Page 65: Access Point System Naming Convention
DNS-compliant system name. The rules of conversion of older system names are: If the length is greater than 63 then the string is truncated. (This will not happen since the ● system name is anyway limited to 31 bytes) All invalid characters at the beginning or end of the string are replaced with the character ●...
Page 66: Ip Configuration
These settings can be either entered manually (static IP address, subnet mask, and gateway IP address) or obtained automatically (dynamic). If you prefer to use host names to identify network servers rather than IP addresses, you can configure the AP to act as a Domain Name Service (DNS) client. When this feature is enabled, the Access Point contacts the network’s DNS server to translate a host name to the appropriate...
Page 67: Dhcp Server Configuration
2 of 2 DHCP Server Configuration If your network does not have a DHCP Server, you can configure the AP as a DHCP server to assign dynamic IP addresses to Ethernet nodes and wireless clients. To enable and configure the AP as a DHCP server, use the DHCP Server subtab. See...
Page 68 Performing Advanced Configuration When the DHCP Server functionality is enabled, you can create one or more IP address pools from which to assign addresses to network devices. Table 8 describes the parameters that you can configure and view on the DHCP Server subtab.
Page 69 Network Configuration Table 8: DHCP Server Parameters 1 of 2 Parameter Description Enable DHCP Place a check mark in the box provided to enable DHCP Server Server functionality. Note: You cannot enable the DHCP Server functionality unless Note: there is at least one IP Pool Table Entry configured.
Page 70: Link Integrity Configuration
The Link Integrity feature checks the link between the AP and the nodes on the Ethernet backbone. These nodes are listed by IP address in the Link Integrity IP Address Table. The AP periodically pings the nodes listed in the table. If the AP loses network connectivity (that is, the ping attempts fail), the AP disables its wireless interface until the connection is restored.
Page 71 Place a check mark in the box provided to enable Link Integrity. Integrity Poll Interval The interval between link integrity checks. Range is 500 - 15000 ms in (milliseconds) increments of 500 ms; default is 500 ms. 1 of 2...
Page 72: Interface Configuration
Range is 0 to 255; default is 5. Target IP Address This entry specifies the IP address of a host on the network that the AP will Entry periodically poll to confirm connectivity. The table can hold up to five entries.
Page 73: Operational Mode Configuration
Interface Configuration Operational Mode Configuration You can configure and view the following parameter within the Operational Mode screen. Operational Mode: the mode of communication between the wireless clients and the ● Access Point: - 802.11b only - 802.11g only - 802.11bg - 802.11a...
Page 74: Wireless 802.11A Interface Configuration
You must configure each wireless client to use this name as well. Auto Channel The AP scans the area for other Access Points and selects a free or Select relatively unused communication channel. This helps prevent interference problems and increases network performance. By default this feature is enabled.
Page 75: Dynamic Frequency Selection (Dfs)
During boot-up, the AP scans the available frequency and selects a channel that is free of interference. If the AP subsequently detects interference on its channel, it automatically reboots and selects another channel that is free of interference.
Page 76: Rts/Cts Medium Reservation
2347 bytes. When set to 2347 (the default setting), the RTS/CTS mechanism is disabled. When set to 0, the RTS/CTS mechanism is used for all packets. When set to a value between 0 and 2347, the Access Point uses the RTS/CTS mechanism for packets that are the specified size or greater.
Page 77: Wireless Service Status
Moreover, none of the frames received from the Ethernet interface will be forwarded to that wireless interface. Wireless service on a wireless interface of the AP can be resumed through the CLI, HTTP, or SNMP management interface. When wireless service on a wireless interface is resumed, the...
Page 78: Wireless 802.11B Interface Configuration
LED for that interface changes to an amber color. When wireless service is resumed on a wireless interface, the Wireless Interface Activity LED for that interface maintains an OFF state while there is no wireless link activity and changes to green color when there is wireless link activity.
Page 79 You must configure each wireless client to use this name as well. Auto Channel Select The AP scans the area for other Access Points and selects a free or relatively unused communication channel. This helps prevent interference problems and increases network performance. By default this feature is enabled;...
Page 80 The table below displays the possible Multicast Rates based on the Distance between APs setting. By default, this parameter is set to 2 Mbits/sec. This feature is available only if you are using an Orinoco Classic Gold client card or Avaya Gold client card.
Page 81: Distance Between Aps
4 of 4 Distance Between APs Distance Between APs defines how far apart (physically) your AP devices are located, which in turn determines the size of your cell. Cells of different sizes have different capacities and, therefore, suit different applications. For instance, a typical office has many stations that require high bandwidth for complex, high-speed data processing.
Page 82 In a typical office, a high density area consists of a number of Access Points installed every 20 feet and each Access Point generates a small radio cell with a diameter of about 10 feet. In contrast, a typical warehouse might have a low density area consisting of large cells (with a diameter of about 90 feet) and Access Points installed every 200 feet.
Page 83: Multicast Rate
The multicast rate determines the rate at which broadcast and multicast packets are transmitted by the Access Point to the wireless network. Stations that are closer to the Access Point can receive multicast packets at a faster data rate than stations that are farther away from the AP.
Page 84 Note: There is an interdependent relationship between the Distance between APs and Note: the Multicast Rate. In general, larger systems operate at a lower average transmit rate. The variation between Multicast Rate and Distance Between APs is presented in Table Table 13: Distance between APs and Multicast Rate Relationship 1.0 Mbit/s...
Page 85: Wireless 802.11B/G Interface Configuration
Interface Configuration The Distance Between APs must be set before the Multicast Rate, because when you select the Distance Between APs, the appropriate range of Multicast values automatically populates the drop-down menu. This feature is not available if you are using an ORiNOCO ComboCard or a non-ORiNOCO client with the AP.
Page 86 Name (SSID) network. You must configure each wireless client to use this name as well. Auto The AP scans the area for other Access Points and selects a free or relatively Channel unused communication channel. This helps prevent interference problems Select and increases network performance.
Page 87 Parameter Description Transmit Select a specific transmit rate for the AP. The values available depend on the Rate Operational Mode. Auto Fallback is the default setting; it allows the AP to select the best transmit rate based on the cell size.
Page 88: Wds Configuration
Figure 26: WDS Example Bridging WDS Each WDS link is mapped to a logical WDS port on the AP. WDS ports behave like Ethernet ports rather than like standard wireless interfaces: on a BSS port, an Access Point learns by association and from frames;...
Page 89: Wds Setup Procedure
Therefore, it is not possible to set up a WDS link. This only applies to ETSI 802.11a wireless radios. To setup a wireless backbone follow the steps below for each AP that you want to include in the Wireless Distribution System.
Page 90 Performing Advanced Configuration Figure 27: WDS Configuration 5. Click the Edit button to update the Wireless Distribution System (WDS) Table. The WDS Configuration screen will be displayed. See Figure 90 Wireless AP-3 User’s Guide...
Page 91 7. If security mode is enabled, enter a value for Encryption Key 0. 8. Click OK. 9. Enter the MAC Address that you wrote down in Step 2 in one of the Partner MAC Address fields of the Wireless Distribution Setup window.
Page 92: Ethernet Interface Configuration
Select the desired speed and transmission mode from the drop-down menu. Half-duplex means that only one side can transmit at a time and full-duplex allows both sides to transmit. When set to auto-duplex, the AP negotiates with its switch or hub to automatically select the highest throughput option supported by both sides.
Page 93: Password Configuration
Enter a password in both the Password field and the Confirm field. This Password password must be between 6 and 32 characters, but a length of at least at least 8 characters is recommended. The default password is “public”. Secure Management (Services tab) must be enabled to configure SNMPv3.
Page 94: Ip Access Table Configuration
Enter the IP Address for the management station. IP Mask Enter a mask that will act as a filter to limit access to a range of IP Addresses based on the IP Address you already entered. The IP mask 255.255.255.255 would authorize the single station defined by the IP Address to configure the Access Point.
Page 95: Services Configuration
RADIUS-Based Access on page 103 ● Automatic Configuration on page 104 ● Note: You must reboot the Access Point if you change the HTTP Port or Telnet Port. Note: Figure 29 shows the Management Services Configuration Screen. Issue 1 October 2004...
Page 96 Performing Advanced Configuration Figure 29: Management Services Configuration Screen 96 Wireless AP-3 User’s Guide...
Page 97: Secure Management
Management Configuration Secure Management Secure Management allows the use of encrypted and authenticated communication protocols such as SNMPv3, and Secure Socket Link (SSL), to manage the Access Point. Table 17 describes the Secure Management parameter. Table 17: Secure Management Parameter...
Page 98: Https Access (Ssl)
2 of 2 HTTPS Access (SSL) You can access the AP in a secure fashion by using Secure Socket Layer (SSL) over port 443. The AP comes preinstalled with all required SSL files: a default certificate and private key. The AP supports SSLv3 with a 128-bit encryption certificate maintained by the AP for secure communications between the AP and the HTTP client.
Page 99: Telnet Access
The SSH server (AP) has host keys - a pair of asymmetric keys - a private key that resides on the AP and a public key that is distributed to clients that need to connect to the AP. As the client has knowledge of the server host keys, the client can verify that it is communicating with the correct SSH server.
Page 100: Configuring Ssh
Externally Generated Host Keys on page 101), generated manually, or auto-generated at the time of SSH initialization if SSH is enabled and no host keys are present. There is no key present in an AP that is in a factory default state.
Page 101 Select Create to generate a new pair of host keys. ● Select Delete to remove the host keys from the AP. If no host keys are present, the AP will ● not allows connections using SSH. When host keys are created or deleted, the AP updates the fingerprint information displayed on the Management ->...
Page 102: Serial Port Access
The serial port interface on the AP is enabled at all times. See Setting IP Address using Serial Port on page 207 for information on how to access the CLI interface via the serial port. You can configure and view the parameters that are described in Table 23.:...
Page 103: Radius-Based Access
RADIUS server by setting the filter ID attribute (returned in the RADIUS Accept packet) for the user to a value of super user (not case sensitive). A user is considered a super user if the value of the filter-id attribute returned in the RADIUS Accept packet for the user is super user (not case sensitive).
Page 104: Automatic Configuration
CLI Batch file. The AP detects whether the file uploaded is TLV format or a CLI Batch file. If the AP detects a CLI Batch file (a file with extension .cli), the AP executes the file immediately.
Page 105 Note: 5. Click OK to save the changes. 6. Reboot the AP. When the AP reboots it receives the new configuration information and must reboot one additional time. If a Syslog server was configured, the following messages can be observed on the Syslog server: AutoConfig for Static IP ●...
Page 106 The configuration filename and TFTP server IP address are configured only Note: when the AP is configured for Static IP. If the AP is configured for Dynamic IP these parameters are not used and obtained from DHCP. 1. Click Configure > Management > AutoConfig. The Automatic Configuration Screen appears.
Page 107 4. Add the Boot Server Host Name and Bootfile Name parameters to the Active Options list. 5. Set the value of the Boot Server Host Name parameter to the host name or IP Address of the TFTP server. For example: 11.0.0.7. See Figure 6.
Page 108: Hardware Configuration Reset
AP (i.e., what effect pressing the reload button has on an AP operating in normal operating mode). If a user loses or forgets the AP’s HTTP, Telnet, or SNMP password, the reset button on the AP provides a way to reset the AP to default configuration values to gain access to the AP.
Page 109: Configuring Hardware Configuration Reset
3. Change the default Configuration Reset Password in the Configuration Reset Password and Confirm fields. Note: It is important to safely store the configuration reset password. If a user forgets Note: the configuration reset password, the user will be unable to reset the AP to factory default configuration if the AP becomes inaccessible and the hardware configuration reset functionality is disable.
Page 110: Resetting The Configuration Via The Serial Interface
AP has been reset to Factory Default Settings. The AP continues to boot up. If an incorrect configuration reset password is entered, the AP shows an error message and reprompts you. If the incorrect password is entered three times in a row, the AP proceeds to boot up.
Page 111: Static Mac Filter
Disable, or Delete from the Status drop-down menu. An entry’s status must be enabled in order for the protocol to be subject to the filter. 4. Reboot the AP for any changes to the Ethernet Protocol Filter Table to take effect.
Page 112: Example
“AND” operation between the MAC Address and the Mask at the bit level. However, for most users, you do not need to think in terms of bits. It should be sufficient to create a filter using only the hexadecimal digits 0 and F in the Mask (where 0 is any value and F is the value specified in the MAC address).
Page 113: Configuring Static Mac Filter Entries
The entry is enabled automatically when saved. See Figure To edit an entry, click Edit. To disable or remove an entry, click Edit and change the Status field from Enable to Disable or Delete. Figure 35: Static MAC Configuration Screen Static MAC Filter Examples Consider a network that contains a wired server and three wireless clients.
Page 114 Client 1 and Wireless Client 2 share the same prefix (00:02:2D), traffic between the Wired Server and Wireless Clients 1 and 2 is blocked. Wireless Client 3 can still communicate with the Wired Server since it has a different prefix (00:20:A6).
Page 115: Advanced Filters
If devices on your Ethernet network use multicast packets to communicate and these packets are not required by your wireless clients, you can set up a Static MAC filter to preserve wireless bandwidth. For example, if routers on your network use a specific multicast address (such as...
Page 116: Tcp/Udp Port Filters
● The AP can filter these protocols in the wireless-to-Ethernet direction, the Ethernet-to-wireless direction, or in both directions. Click Edit and use the Status field to Enable or Disable the filter. TCP/UDP Port Filters Port-based filtering enables you to control wireless user access to network services by selectively blocking TCP/UDP protocols through the AP.
Page 117: Editing Tcp/Udp Port Filters
There are seven alarm groups that can be enabled or disabled via the Web interface. Place a check mark in the box provided to enable a specific group. Clear the check mark from the box to disable the alarms. See Figure 36.
Page 118 Performing Advanced Configuration Figure 36: Alarm Groups Configuration The following tables list and describe the alarms included in each of these seven alarm groups. Configuration alarm. See Table ● Security alarms. See Table ● Wireless alarms. See Table ● Operational alarms. See Table ●...
Page 119 Alarm Configuration in the Alarm Host Table. For information on how to manage entries in the Alarm Host Table. See Alarm Host Table on page 124. Table 27: Configuration Alarms Trap Name Description oriTrapDNSIPNotConfigured The DNS IP Address is not configured.
Page 120 The firmware of the wireless interface/card is incompatible with the AP. Severity Level: Critical oriTrapWLCIncompatibleVendor An incompatible wireless vendor card is inserted or present in the AP. Severity Level: Critical oriTrapWLCFirmwareDownloadFailure Failure during the firmware download process of the wireless interface/ card.
Page 121 An error while downloading a file to the AP and no data is present in the flash memory. Severity Level: Informational oriTrapFlashMemoryCorrupted An error while downloading a file to the AP and the data in the flash memory is invalid or corrupted. Severity Level: Critical oriTrapFlashMemoryRestoringLastKnown...
Page 122 An incompatible image is loaded in the AP. Trap Severity Level: Major oriTrapInvalidImageDigitalSignature Invalid Image Digital Signature In addition, the AP supports the following two standard traps, which are always enabled: RFC 1215 Trap. See Table ● Bridge MIB (RFC 1493) Alarms. See Table ●...
Page 123: Severity Levels
Critical alarms will often result in severe disruption in network activity or an automatic reboot of the AP Major alarms are usually activated due to a breach in the security of the system. Clients cannot be authenticated or an attempt at unauthorized access into the AP has been detected.
Page 124: Alarm Host Table
Adding an Entry or Enabling the AP to Send Traps To add an entry and enable the AP to send SNMP trap messages to a Trap Host, click Add, and then specify the IP Address and Password for the Trap Host.
Page 125: Setting Syslog Event Notifications
Syslog Events are logged according to the level of detail specified by the administrator. Logging only urgent system messages will create a far smaller, more easily read log then a log of every event the system encounters. Determine which events to log by selecting a priority defined by...
Page 126: Syslog Messages
Syslog servers. Interval Syslog Host This table specifies the IP addresses of a network servers that the AP will Table send Syslog messages to. Click Add to create a new entry. Click Edit to change an existing entry. Each entry contains the following fields: IP Address: Enter the IP Address for the management host.
Page 127: Rad
Access Points within its coverage area using SNMP traps. For additional reliability the results are stored in the Access Point in a table, which can be queried via SNMP. The BSSID and Channel number of the detected Access Points are provided in the scan results.
Page 128: Rad Configuration Requirements
The Trusted AP has Rogue Access Detection enabled and the trap host is configured to be the management station. The Trusted AP on detecting the Rogue AP, will send a trap to the management station with the Channel and BSSID of the Rogue Access Point.
Page 129: Configuring Rad
The Scan Interval specifies the time period in minutes between scans and can be set to any value between 15 and 1440 minutes. 5. Select the Scan Interface as Wireless - Slot A, Wireless - Slot B, or Both Wireless - Slots A & B.
Page 130: Bridge Configuration
Spanning Tree protocol used for loop avoidance ● Once the AP is connected to your network, it learns which devices are connected to it and records their MAC addresses in the Learn Table. The table can hold up to 10,000 entries. To view the Learn Table, click on the Monitor tab and select the Learn Table tab.
Page 131: Storm Threshold
Specifying an absolute maximum number of messages per port. ● The Storm Threshold parameters allow you to specify a set of thresholds for each port of the AP, identifying separate values for the number of broadcast messages/second and Multicast messages/second.
Page 132: Packet Forwarding
AP and provides additional security by limiting potential destinations or by routing the traffic directly to a firewall. You can redirect to a specific port (Ethernet or WDS) or allow the bridge’s learning process (and the forwarding table entry for the selected MAC address) to determine the optimal port.
Page 133: Radius Profile Configuration
RADIUS Profile Configuration RADIUS Profile Configuration RADIUS Profiles on the AP define a profile for RADIUS Servers used by the system or by a VLAN. The network administrator can define RADIUS Servers per Authentication Mode and per VLAN. For more information, see...
Page 134: Radius Servers Per Authentication Mode And Per Vlan
VLAN 1. The type of authentication server used depends on whether the authentication is done for an 802.1x client or non-802.1x client. The clients in VLAN 2 are authenticated using a different set of authentication servers configured for authenticating users in VLAN 2.
Page 135: Radius-Based Vlan Assignment
The VLAN ID that is returned by the RADIUS server during authentication ● A RADIUS server can assign a VLAN ID to a wireless client only if both the server and client are associated with an SSID that is configured to use a RADIUS-based authentication security mode (802.1X, WPA, 802.11i/WPA2, and RADIUS based MAC Address Authentication).
Page 136: Configuring A Radius Server Profile
To modify an existing profile, select the profile and click Edit. To delete an existing profile, select the profile and click Delete. You cannot delete a RADIUS server profile if you are using it in an SSID. Also, the four default RADIUS server profiles cannot be deleted.
Page 137 After configuring these parameters, save them by clicking OK. Then, to configure the Secondary RADIUS Server, edit the profile from the main page. 3. Click OK. 4. Select the Profile and click Edit to configure the Secondary RADIUS Server, if required. Issue 1 October 2004...
Page 138 5. Reboot the AP. Table 39: RADIUS Server Profile Parameters 1 of 2 Parameter Description Server Profile Name The profile name. This is the name used to associated a VLAN to the profile. See Configuring Security Profiles on page 152. MAC Address Format This parameter should correspond to the format in which the clients’...
Page 139: Mac Access Control By Means Of Radius Authentication
MAC Access Control by Means of RADIUS Authentication If you want to control wireless access to the network and if your network includes a RADIUS Server, you can store the list of MAC addresses on the RADIUS server rather than configure each AP individually.
Page 140: Radius Accounting
● A client is detected on a different interface. ● If the client roams from one AP to another, one session is terminated and a new session is begun. Note: This feature requires RADIUS authentication using MAC Access Control or Note: 802.1x.
Page 141: Management Vlan
They simplify traffic flow between clients and their frequently-used or restricted resources. VLANs now extend as far as the reach of the access point signal. Clients can be segmented into wireless sub-networks via SSID and VLAN assignment. A Client can access the network by connecting to an AP configured to support its assigned SSID/VLAN.
Page 142 Figure 42, the numbered items correspond to the following components: 1. VLAN-enabled access point 2. VLAN-aware switch (IEEE 802.1Q uplink) 3. AP management via wired host (SNMP, Web interface or CLI) 4. DHCP Server 5. RADIUS Server 6. VLAN 1 7.
Page 143 In comparison, VLAN-capable AP is designed to efficiently manage delivery of broadcast, multicast, and unicast traffic to wireless clients. The AP assigns clients to a VLAN based on a Network Name (SSID). The AP can support up to 16 VLAN/SSID pairs per radio (based on model type).
Page 144: Enabling Or Disabling The Vlan Protocol
AP. 1. Click Configure > SSID/VLAN/Security 2. Set the VLAN Management ID to a value between -1 and 4094 (a value of 0 disables VLAN management). 3. Place a check mark in the Enable VLAN Protocol box.
Page 145: Mac Access
AP. Be careful to restrict VLAN membership to those with legitimate access to the AP. 1. Click Configure > SSID/VLAN/Security 2. Set the VLAN Management ID to use the same VLAN ID as one of the configured SSID/ VLAN pairs. See Typical User VLAN Configurations on page 143 for details.
Page 146: Configuring Mac Access Control
Performing Advanced Configuration Configuring MAC Access Control Note: MAC Access Control status is enabled or disabled when configuring each Note: Security Profile. Figure 43 shows the MAC Access subtab. Table 40 describes the parameters that you can configure and view on this tab.
Page 147: Security Profiles
If set to Passthru, only the addresses listed in the Control ● Table will pass through the bridge. If set to Block, the bridge will block traffic to or from the ● addresses listed in the Control Table. MAC Access Control Click Add to create a new entry.
Page 148: Wep Encryption
IEEE 802.1x is a standard that provides a means to authenticate and authorize network devices attached to a LAN port. A port in the context of IEEE 802.1x is a point of attachment to the LAN, either a physical Ethernet connection or a wireless link to an Access Point. 802.1x requires a RADIUS server and uses the Extensible Authentication Protocol (EAP) as a standards-based authentication framework, and supports automatic key distribution for enhanced security.
Page 149: Authentication Process
Prior to successful authentication, an unauthenticated client PC cannot send any data traffic through the AP device to other systems on the LAN. The AP inhibits all data traffic from a particular client PC until the client PC is authenticated. Regardless of its authentication status, a client PC can always exchange 802.1x messages in the clear with the AP (the client begins...
Page 150: Wi-Fi Protected Access (Wpa)
The AP acts as a pass-through device to facilitate communications between the client PC and the RADIUS server. The AP (2) and the client (1) exchange 802.1x messages using an EAPOL (EAP Over LAN) protocol (A). Messages sent from the client station are encapsulated by the AP and transmitted to the RADIUS (3) server using EAP extensions (B).
Page 151 - A client's key is different for every session; it changes each time the client associates with an AP - The AP uses a single global key to encrypt broadcast packets that are sent to all clients simultaneously - Encryption keys change periodically based on the Re-keying Interval parameter...
Page 152: Authentication Protocol Hierarchy
Configuring Security Profiles Security policies can be configured and applied on the AP as a whole, or on a per VLAN basis. When VLAN is disabled on the AP, you can configure a security profile for each interface of the AP.
Page 153 Figure Figure 45: Security Profile Subtab 2. Click Add in the Security Profile Table to create a new entry. To modify an existing profile, select the profile and click Edit. To delete an existing profile, select the profile and click Delete.
Page 154 Performing Advanced Configuration Figure 46: Security Profile Table - Add Entries Screen 3. Configure one or more types of wireless stations (security modes) that are allowed access to the AP under the security profile. The WEP/PSK parameters can be configured...
Page 155 Station, WEP Station, 802.1x Station, WPA Station, WPA-PSK Station, 802.11i Station, 802.11i-PSK Station), check the box next to the mode. If the security mode selected in a profile is WEP, WPA-PSK, or 802.11i-PSK, then you must configure the WEP or Pre-Shared Keys.
Page 156: Wireless-A And Wireless-B
To add or modify an SSID/VLAN that has VLAN protocol disabled: 1. Click on SSID/VLAN/Security > Wireless-A or Wireless-B. This tab allows you to select the index of the SSID/VLAN to be added or edited. It also allows you to configure the RADIUS Accounting and Authentication Status, the MAC ACL Status, the Rekeying Interval, the Security Profile, and the RADIUS Server Profiles for the VLAN.
Page 157 Security Configuration Figure 47: SSID and VLAN Data Table 3. Click Add to configure additional SSIDs, VLANs, and their associated security profiles and RADIUS server profiles, or click Edit to modify an existing VLAN/SSID. The Add Entry or Edit Entry screen appears. See...
Page 158 ● number from -1 to 4094. A value of -1 means that an entry is untagged. You can set the VLAN ID to -1, or untagged, if you do not want clients that are using a ● specific SSID to be members of a VLAN workgroup. Only one untagged VLAN ID is allowed per interface.
Page 159 Security Configuration Figure 50: SSID, VLAN, and Security Data Configuration Subtab (VLAN Protocol Disabled) Issue 1 October 2004...
Page 160: Adding Or Modifying An Ssid/Vlan With Vlan Protocol Enabled
To add or modify an SSID/VLAN that has VLAN protocol enabled: 1. Click on SSID/VLAN/Security > Wireless-A or Wireless-B. This tab allows you to select the index of the SSID/VLAN to be added or edited. It also allows you to enable Security Per SSID, and configure the RADIUS Accounting and Authentication Status, the MAC ACL Status, the Rekeying Interval, the Security Profile, and the RADIUS Server Profiles for the VLAN.
Page 161 Security Configuration Figure 51: SSID, VLAN, and Security Data Configuration Subtab (VLAN Protocol Enabled) 3. Click Add to configure additional SSIDs, VLANs, and their associated security profiles and RADIUS server profiles, or click Edit to modify an existing VLAN/SSID. The Add Entry or Edit Entry screen appears. See...
Page 162 Performing Advanced Configuration Figure 52: SSID, VLAN, and Security Table - Add Entries Screen (VLAN Protocol Enabled) 162 Wireless AP-3 User’s Guide...
Page 163 ● number from -1 to 4094. A value of -1 means that an entry is untagged. You can set the VLAN ID to -1, or, untagged, if you do not want clients that are using a ● specific SSID to be members of a VLAN workgroup. Only one untagged VLAN ID is allowed per interface.
Page 164: Broadcast Ssid And Closed System
SSID only if the client has specified the SSID in the probe request. If the client sends a probe request with a null or “ANY” SSID, the AP will respond with a null SSID. 164 Wireless AP-3 User’s Guide...
Page 165 Security Configuration If disabled, the AP will respond with each configured SSID, whether or not an SSID has been specified in the probe request. This option is disabled by default. To enable Closed System, click on Interfaces > Wireless-A or Wireless-B and check the Enable Closed System box.
Page 166 Performing Advanced Configuration 166 Wireless AP-3 User’s Guide...
Page 167: Chapter 5: Monitoring The Ap-3
System links. Logging into the HTTP Interface Once the AP has a valid IP Address and an Ethernet connection, you may use your web browser to monitor network statistics. The Command Line Interface (CLI) also provides a method for viewing network statistics using Telnet or a serial connection.
Page 168 Result: The AP Enter Network Password screen appears. See Figure Figure 54: Enter Network Password Screen 4. Enter the HTTP password in the Password field and click OK. Leave the User Name field blank. (By default, the HTTP password is “public”). Result: The Monitor screen appears. See Figure 168 Wireless AP-3 User’s Guide...
Page 169: Version
5. Click the Monitor button located on the left-hand side of the screen. 6. Click the tab that corresponds to the statistics you want to review. For example, click Learn Table to see the list of nodes that the AP has discovered on the network.
Page 170 Monitoring the AP-3 ID: The AP identifies a system component based on its ID. Each component has a unique ● identifier. Variant: Several variants may exist of the same component (for example, a hardware ● component may have two variants, one with more memory than the other).
Page 171: Icmp
This tab provides statistical information for both received and transmitted messages directed to the AP. See Figure 57. Not all ICMP traffic on the network is counted in the ICMP (Internet Control Message Protocol) statistics. Figure 57: ICMP Monitoring Screen...
Page 172: Ip/Arp Table
Monitoring the AP-3 IP/ARP Table This tab provides information based on the Address Resolution Protocol (ARP), which relates MAC Address and IP Addresses. See Figure Figure 58: IP ARP Table 172 Wireless AP-3 User’s Guide...
Page 173: Learn Table
Figure 59. It reports the MAC address for each node that the device has learned is on the network and the interface on which the node was detected. There can be up 10,000 entries in the Learn Table. Figure 59: Learn Table...
Page 174: Iapp
Monitoring the AP-3 IAPP This tab displays statistics relating to client handovers and communications between Avaya Wireless Access Points. See Figure Figure 60: IAPP Screen 174 Wireless AP-3 User’s Guide...
Page 175: Radius
This tab provides RADIUS authentication, EAP/802.1x authentication, and accounting information for both the Primary and Backup RADIUS servers. See Figure Note: RADIUS authentication and accounting must be enabled for this information to be Note: valid. Figure 61: RADIUS Monitoring Screen...
Page 176: Interfaces
Monitoring the AP-3 Interfaces This tab displays statistics for the Ethernet and wireless interfaces. See Figure 62. The Operational Status can be up, down, or testing. Figure 62: Wireless Interface 176 Wireless AP-3 User’s Guide...
Page 177: Station Statistics
Statistics and click OK. (Station Statistics are disabled by default.) You do not need to reboot the AP for the changes to take effect. If clients are connected to the device or WDS links are configured for the device, the statistics will now be shown on the screen.
Page 178: Refreshing Station Statistics
Monitoring the AP-3 Refreshing Station Statistics Click on the Refresh button in the browser window to view the latest statistics. If any new clients associate to the AP, you can see the statistics of the new clients after you click the refresh button.
Page 179: Chapter 6: Performing Commands
Logging into the HTTP Interface Once the AP has a valid IP Address and an Ethernet connection, you may use your web browser to issue commands. The Command Line Interface (CLI) also provides a method for issuing commands using Telnet or a serial connection.
Page 180 Result: The Enter Network Password screen appears. See Figure Figure 64: Enter Network Password Screen 4. Enter the HTTP password in the Password field and click OK. Leave the User Name field blank. (By default, the HTTP password is “public”). Result: The System Status screen appears. See Figure 180 Wireless AP-3 User’s Guide...
Page 181: Introduction To File Transfer By Tftp Or Http
Reboot to restart the unit. Introduction to File Transfer by TFTP or HTTP There are two methods of transferring files to or from the AP, TFTP or HTTP (or HTTPS if enabled). The following procedures describe downloading Configuration, AP Image, Bootloader, Private...
Page 182: Tftp File Transfer Guidelines
TFTP File Transfer Guidelines A TFTP server must be running and configured to point to the directory containing the file. If you do not have a TFTP server installed on your system, install the TFTP server from the Avaya Wireless CD.
Page 183: Updating The Ap By Using Tftp
If you do not have a TFTP server installed on your system, install the TFTP server from the Avaya Wireless CD. You can either install the TFTP server from the CD Wizard or run OEM-TFTP-Server.exe found in the CD’s Xtras/SolarWinds sub-directory.
Page 184: Updating The Ap By Using Http
Performing Commands 3. In the File Name field, enter the name of the file to be downloaded (including the file extension). Copy the updated AP Image file to the TFTP server’s root folder. The default AP Image is located at C:/Program Files/Avaya_Wireless/AP/.
Page 185 Use the Browse button or manually type in the name of the file to be downloaded (including the file extension) in the File Name field. If typing the file name, you must include the full path and the file extension in the file name text box.
Page 186: Uploading Ap Files By Using Tftp
Logs from the AP to a TFTP server. The TFTP server must be running and configured to point to the directory to which you want to copy the uploaded file. We suggest you assign the file a meaningful name, which may include version or location information.
Page 187 3. In the File Name field, enter the name of the file to be uploaded. 4. In the File Type field, select the type of file to be uploaded: Config file, CLI Batch File, or CLI Batch (Error) Log.
Page 188: Uploading Ap Files By Using Http
Figure Figure 69: Retrieve File via HTTP Command Screen 2. In the File Type field, select the type of file (Config, CLI Batch File, or CLI Batch Log). 3. Click on the Retrieve File button to initiate this operation. The AP displays the following message: You are retrieving Configuration file from the AP.
Page 189 Uploading AP Files by Using HTTP 4. Click OK to continue with the operation or Cancel to abort the operation. The File Download dialog box is displayed. See Figure Figure 70: File Download Dialog Box 5. On clicking the Save button the following Save As window displays, where you are prompted to choose the filename and location where the file is to be downloaded.
Page 190: Rebooting The Ap
Use the Reboot tab to save configuration changes (if any) and reset the AP. See Figure Entering a value of 0 (zero) seconds causes an immediate reboot. Note that the Reset feature, unlike the Reboot feature, does not save configuration changes. For information on the Reset...
Page 191: Resetting The Ap
Use the Reset tab to restore the AP to factory default conditions. See Figure 73. The AP may also be reset from the RESET button located on the side of the unit. Since this will reset the Access Point’s current IP address, a new IP address must be assigned. See Recovery Procedures on page 201 for more information.
Page 192 Spanish, and Japanese. The Help files are copied to your computer in one language only. If you want to place these files on a shared drive, copy the Help Folder to the new location, and then specify the new path in the Help Link box.
Page 193: Chapter 7: Troubleshooting The Ap-3
Factory default units are set for “Dynamic” (DHCP) IP Address assignment. ● The default IP address for the AP is 10.0.0.1 if your network does not have a DHCP server. If you connect the AP to a network with an active DHCP server, then use ScanTool to locate the IP address of your unit.
Page 194: Symptoms And Solutions
1. Make sure your power source is operating. 2. Make sure all cables are connected to the AP correctly. 3. If you are using Active Ethernet, make sure you are using a Category 5, foiled, twisted pair cable to power the AP.
Page 195: Serial Link Does Not Work
1. Double-check the physical network connections. Use a known-good unit to make sure the network connection is present. Once you have the AP IP address, you can use the “Ping” command over Ethernet to test the IP Address. If the AP responds to the Ping, then the Ethernet Interface is working properly.
Page 196: Lost Ap, Telnet, Or Snmp Password
(due to an IP address conflict). In this case, assign each AP a static IP address via the serial cable or turn off all units but one and change the IP address using ScanTool one at a time.
Page 197: Http (Browser) Or Telnet Interface Does Not Work
When the Enter Network Password window appears, leave the User Name field empty and enter the HTTP password in the Password field. The default HTTP password is “public”. 3. Use the CLI over the serial port to check the IP Access Table, which can be restricting access to Telnet and HTTP.
Page 198: Tftp Server Does Not Work
If a TFTP server does not work: 1. Make sure the TFTP Server has been started. 2. Verify the IP address of the TFTP Server. The server may be local or remote, so long as it has a valid IP address.
Page 199: Client Does Not Receive An Ip Address - Cannot Connect To Internet
Configure button and then the Network tab to make sure the proper DHCP settings are being used. 2. If you are not using the DHCP server feature on the AP, then make sure that your local DHCP server is accessible from the Access Point’s subnet.
Page 200: Vlan Workgroups
1. Verify that you are using a standard UTP Category 5 cable. 2. Try a different port on the same AE hub (remember to move the input port accordingly) – if it works, there is probably a faulty port or bad RJ-45 port connection.
Page 201: There Is No Data Link
(approximately 325 feet) in length from the Ethernet source to the AP. 4. Try to connect a different device to the same port on the AE hub – if it works and a link is established, there is probably a faulty data link in the AP.
Page 202: Reset To Factory Default Procedure
Result: The AP reboots, and the factory default network values are restored. 2. If not using DHCP, use the ScanTool or CLI over a serial connection to set the IP address, subnet mask, and other IP parameters. See Appendix A: The Command Line Interface CLI information.
Page 203: Forced Reload Procedure
Factory Default Procedure. For this procedure, you will first erase the AP Image currently installed on the unit and then use either ScanTool or the Bootloader CLI (over the serial port) to set the IP address and download a new AP Image. Follow these steps: 1.
Page 204 DHCP client functionality is not available when no image is installed on the device. 6. Enter an unused IP address that is valid on your network in the IP Address field. You may need to contact your network administrator to get this address.
Page 205: Download A New Image Using The Bootloader Cli
Download a New Image Using the Bootloader CLI To download the AP Image, you will need an Ethernet connection to the computer on which the TFTP server resides. This can be any computer on the LAN or connected to the AP with a cross-over Ethernet cable.
Page 206 [Device name]> show tftp [Device name]> reboot 0 Result: The AP will reboot and then download the image file. You should see downloading activity begin after a few seconds within the TFTP server’s status screen. 8. When the download process is complete, configure the AP as described in...
Page 207: Setting Ip Address Using Serial Port
1. Unlock and remove the cable cover from the AP. 2. Remove the front cover from the AP to reveal the serial port. 3. Connect one end of the serial cable to the AP and the other end to a serial port on your computer.
Page 208 Troubleshooting the AP-3 2. Under File > Properties > Settings > ASCII Setup, enable the Send line ends with line feeds option. Result: HyperTerminal sends a line return at the end of each line of code. 3. Press the RESET button on the AP (see...
Page 209: Related Applications
AP. Remember that the TFTP server does not have to be local, so long as you have a valid TFTP IP address. Note that you do not need a TFTP server running unless you want to transfer files to or from the AP.
Page 210 Troubleshooting the AP-3 210 Wireless AP-3 User’s Guide...
Page 211: Appendix A: The Command Line Interface
A CLI Batch file is a user-editable configuration file that provides a user-friendly way to change the AP configuration through a file upload. The CLI Batch file is an ASCII file that facilitates Auto Configuration because it does not require the user to access one of the AP’s management interfaces to make configuration changes as is required with the proprietary TLV format configuration file.
Page 212 802.11b Wireless Interface Commands on page 290 ● 802.11b/g Wireless Interface Commands on page 295 ● Wireless Interface SSID/VLAN/Profile Commands on page 300 ● VLAN/SSID Pair Commands on page 302 ● CLI Batch File on page 303 ● 212 Wireless AP-3 User’s Guide...
Page 213: General Notes
General Notes Prerequisite Skills and Knowledge To use this document effectively, you should have a working knowledge of Local Area Networking (LAN) concepts, network access infrastructures, and client-server relationships. In addition, you should be familiar with software setup procedures for typical network operating systems and servers.
Page 214: Navigation And Special Keys
Table 43: Important Terminology 2 of 2 Term Description Groups can also All items for a given Group can be displayed with a show <Group> CLI contain Tables. Command. Image File The Access Point software executed from RAM. To update an Access Point you typically download a new Image File.
Page 215: Cli Error Messages
Go to the next line in the history buffer Complete the command line List available commands 2 of 2 CLI Error Messages Table 45 describes the error messages associated with improper inputs or expected CLI behavior. Table 45: Error Message Descriptions Error Message Description Syntax Error Invalid syntax entered at the command prompt.
Page 216: Bootloader Cli
AP when the current AP image is bad or missing. The Bootloader CLI allows you to assign an IP Address and download a new image. Once the image is downloaded and running, the Access Point uses the normal CLI.
Page 217: Cli Conventions
CLI Conventions Figure 77: Results of “help” bootloader CLI command Figure 78 shows the results of using the show command in the Bootloader CLI: Figure 78: Results of “show” bootloader CLI command CLI Conventions This section contains the following topics:...
Page 218: Command Conventions
● - The table name is required. - The table index is required. To modify the table, “index” must be the index of the entry to be modified. - Only the table objects that are to be modified need to be specified. Not all the table objects are required.
Page 219: Entering Text Strings
When you enter a text string that contains spaces for a parameter, you must use a string delimiter for the AP to correctly interpret the text string. For this CLI implementation, the single quote or double quote character can be used at the beginning and at the end of the string. For example: [Device-Name]>...
Page 220: The Question Mark
The Command Line Interface The Question Mark This command can be used in a number of ways to display available commands and parameters. Table 47 lists each operation and provides a basic example. Detailed examples and display results for each operation follow the table.
Page 221: Example 2. Displaying Specific Commands
Example 3a allows you to see every possible parameter for the set (or show) commands. Notice from example 3a that the list is very long. Example 3b shows how to display a subset of the parameters based on initial parameter letters.
Page 222 Example 3b. Displaying parameters based on letter sequence This example shows entries for parameters that start with the letter “i”. The more letters you enter, the fewer the results returned. Notice that there is no space between the letters and the question mark.
Page 223: Example 4. Displaying Prompts For Successive Parameters
Result: The parameter is changed and a new CLI line is echoed with the new value (in the first part of the following example, the value is the IP Address of the TFTP server). After entering one parameter, you may add another ? to the new CLI line to see the next parameter prompt, and so on until you have entered all of the required parameters.
Page 224: Accessing The Ap Cli
- [Device-Name]> help <command name> - [Device-Name]> <command name> help Accessing the AP CLI You can use HyperTerminal or Telnet to access the AP CLI: Using HyperTerminal to Log in to the AP ● Using Telnet to Log in to the AP ●...
Page 225: Using Hyperterminal To Log In To The Ap
● Parity: None ● 2. Under File > Properties > Settings > ASCII Setup, enable the Send line ends with line feeds option. Result: HyperTerminal sends a line return at the end of each line of code. 3. Enter the CLI password (default is public).
Page 226: Cli Commands
● set: Configures the value of the specified parameter. ● show: Displays the value of the specified parameter, or displays all parameter values of a ● specified group (parameter table). upload: Uses TFTP server to upload configuration files from Access Point to TFTP default ●...
Page 227: Download
Downloads the specified file from a TFTP server to the Access Point. Executing download in combination with the asterisk character (*) will make use of the previously set TFTP parameters. Executing download without parameters will display command help and usage information.
Page 228: Syntax
The Command Line Interface Syntax Table 49: help Command Syntax Action Syntax Use help as the only argument. See the [Device-Name]> help following example. Display complete command description [Device-Name]> help <command name> and command usage [Device-Name]> <command name> help Example Results of “help”...
Page 229: History
Ends a CLI session: [Device-Name]> quit done exit commands perform the same action. reboot Reboots the Access Point after specified number of seconds. Specify a value of 0 (zero) for immediate reboot. [Device-Name]> reboot 0 [Device-Name]> reboot 30 Issue 1 October 2004...
Page 230: Search
Configures the value of the specified parameter. To see a definition and syntax example, type only set and then press the Enter key. To see a list of available parameters, enter a space, then a question mark (?) after set (example: set?).
Page 231: Examples
0 (zero) at the CLI prompt. Create a table entry or row Use 0 (zero) as the table index when you create an entry. When creating a table row, only the mandatory table elements are required (comment is usually an optional table element). For optional table elements, the default value is generally applied if you do not specify a value.
Page 232: Show
(parameter table). Groups contain Parameters and Tables. Tables contain parameters for a series of similar entities. To see a definition and syntax example, type only show and then press the Enter key. To see a list of available parameters, enter a question mark (?) after show (example: show ?).
Page 233: Examples
[Device-Name]> show <group name> Syntax: [Device-Name]> show network Example: The CLI displays network group parameters. Note show network and show ip Result: return the same data. Figure 84: Results of “show network” and “show ip” CLI Commands Issue 1 October 2004...
Page 234: Upload
Result: upload Uploads a text-based configuration file from the AP to the TFTP Server. Executing upload with the asterisk character (*) will make use of the previously set/stored TFTP parameters. Executing upload without parameters will display command help and usage information.
Page 235: Syntax
● Type—Data type ● Values—Value range, and default value, if any ● Access—access type, R = Read Only (show), RW = Read-Write (can be “set”), W = Write ● Only CLI Parameter—Parameter name as used in the Access Point ●...
Page 236: Auto Configuration Commands
[Device-Name]> set autoconfigstatus <enable/disable> [Device-Name]> set autoconfigfilename <filename> Enter the filename of the configuration file that is used if the AP is configured for Static [Device-Name]> set autoconfigTFTPaddr <IP address> Enter the TFTP server address that is used if the AP is configured for Static IP.
Page 237: Dhcp Server Commands
Number of IP Pool Integer32 dhcpippooltblent Table Entries Note: You must have at least one entry in the DHCP Server IP Address Pool Table Note: before you can set the DHCP Server Status (dhcpstatus) to Enable. Issue 1 October 2004...
Page 238: Ip Address Pool Parameters
(1) status disable (2) delete (3) Note: Set either End IP Address or Width (but not both) when creating an IP address Note: pool. Syntax Examples [Device-Name]> set dhcpstatus disable [Device-Name]> set dhcpippooltbl 0 startipaddr <start ip address> endipaddr <end ip address>...
Page 239: Dns Client Commands
(up to 254 characters) Syntax Examples [Device-Name]> set dnsstatus enable [Device-Name]> set dnsprisvripaddr <IP address of primary DNS server> [Device-Name]> set dnssecsvripaddr <IP address of secondary DNS server> [Device-Name]> set dnsdomainname <default domain name> [Device-Name]> show dns Issue 1 October 2004...
Page 240: Ethernet Interface Commands
The Command Line Interface Figure 86: Results of “show dns” CLI command Ethernet Interface Commands Ethernet Interface Parameters Table 55: Ethernet Interface Parameters Name Type Values Access CLI Parameter Ethernet Interface Group ethernet Speed Integer 10halfduplex etherspeed 10fullduplex 10autoduplex 100halfduplex...
Page 241: Filtering Commands
Filtering Commands [Device-Name]> reboot 0 Table 56: Ethernet Speed and Transmission Mode Ethernet Speed and Transmission Mode Value 10 Mbits/sec - half duplex 10halfduplex 10 Mbits/sec - full duplex 10fullduplex 10 Mbits/sec - auto duplex 10autoduplex 100 Mbits/sec - half duplex...
Page 242: Ethernet Protocol Filtering Table Parameters
The filter Operation Type (passthru or block) applies only to the protocol filters Note: that are enabled in this table. Note: The AP requires a reboot for changes to the Ethernet Protocol Filtering Table to Note: take effect. Static MAC Address Filter Table...
Page 243: Proxy Arp Parameters
Filtering Commands Table 59: Static MAC Address Filter Table Parameters Name Type Values Access CLI Parameter Static MAC Address on PhysAddress User Defined wiredmacaddr Wired Network Static MAC Address Mask on PhysAddress User Defined wiredmask Wired Network Static MAC Address on...
Page 244: Ip Arp Filtering Parameters
The Command Line Interface IP ARP Filtering Parameters Table 61: IP ARP Filtering Parameters Name Type Values Access CLI Parameter IP ARP Filtering Group iparp Status Integer enable iparpfltstatus disable (default) IP Address IpAddress User Defined iparpfltipaddr Subnet Mask IpAddress...
Page 245: Tcp/Udp Port Filtering
Filtering Commands TCP/UDP Port Filtering The following parameters are used to enable or disable the Port filter feature. Table 63: TCP/UDP Port Filtering Parameters Name Type Values Access CLI Parameter Port Filtering Group portflt Port Filter Status Integer enable (default)
Page 246: Hardware Configuration Reset Commands
2 of 2 Hardware Configuration Reset Commands The Hardware Configuration Reset commands allow you to enable or disable the hardware reset functionality and to change the password to be used for configuration reset during boot up. 246 Wireless AP-3 User’s Guide...
Page 247: Hardware Configuration Reset Parameters
Hardware Configuration Reset Commands Hardware Configuration Reset Parameters The Hardware Configuration Reset commands allows you to enable or disable the feature and to change the password to be used for configuration reset during boot up. Table 65: Hardware Configuration Reset Parameters...
Page 248: Http And Https Commands
HTTP and HTTPS Commands HTTP (Web browser) Parameters CAUTION: Avaya strongly urges you to change the default passwords to restrict access to CAUTION: your network devices to authorized personnel. If you lose or forget your password settings, you can always perform the Reset to Factory Default Procedure page 202.
Page 249: Syntax Examples
Enabling SSL and configuring a passphrase allows encrypted Secure Socket Layer communications to the AP through the HTTPS interface. [Device-Name]> set sslstatus <enable/disable> You must change the SSL passphrase when uploading a new certificate/private key pair, which will have a corresponding passphrase. [Device-Name]> set sslpassphrase <SSL certificate passphrase>...
Page 250: Iapp Commands
IAPP Commands Note: These parameters configure the Inter Access Point Protocol (IAPP) for roaming. Note: Leave these settings at their default value unless a technical representative asks you to change them. IAPP Parameters Table 69: IAPP Parameters 1 of 2...
Page 251: Intra Bss Commands
Intra BSS Commands Intra BSS Parameters The following parameters control the Intra Basic Service Set (BSS) traffic feature, which prevents wireless clients that are associated with the same AP from communicating with each other: Table 70: Intra BSS Parameters Name...
Page 252: Inventory Management Commands
When only the argument value is specified, then enter the values in the order depicted by the following table. CLI applies default values to the omitted arguments. Due to the nature of the information, the only argument that can be omitted is the “comment”...
Page 253: Syntax Examples
Integer enable (default) status disable delete 2 of 2 Syntax Examples Edit Management IP Access Table [Device-Name]> set mgmtipaccesstbl <index> ipaddr <IP address> ipmask <subnet mask> IP Commands IP Configuration Parameters Table 73: IP Configuration Parameters Name Type Values Access...
Page 254: Syntax Examples
(default) 2 of 2 Note: The IP Address Assignment Type (ipaddrtype) must be set to static before the IP Note: Address (ipaddr), IP Mask (ipmask) or Default Gateway IP Address (ipgw) values can be entered. Note: The IP Subnet Mask of the AP must match your network’s Subnet Mask.
Page 255: Link Integrity Commands
500ms) 500 ms (default) Link Integrity Poll Integer 0 - 255 linkintpollretx Retransmissions 5 (default) IP Target Table Parameters Table 75: IP Target Table Parameters Name Type Values Access CLI Parameter Link Integrity IP Target Table Table linkinttbl...
Page 256: Syntax Examples
Syntax Examples [Device-Name]> show linkinttbl (this shows the current links) [Device-Name]> set linkinttbl <1-5> (depending on what table row you wish to address) ipaddr <ip address of the host computer you want to check> [Device-Name]> set linkintpollint <the interval between link integrity checks>...
Page 257: Mac Access Control Table Parameters
Add an Entry to the MAC Access Control Table [Device-Name]> set macacltbl <index> macaddr <MAC Address> status enable [Device-Name]> show macacltbl Disable or Delete an Entry in the MAC Access Control Table [Device-Name]> set macacltbl <index> status <disable/delete> [Device-Name]> show macacltbl...
Page 258: Monitoring Parameters
RADIUS parameters (see RADIUS Commands on page 261). Monitoring Parameters Using the show command with the following parameters will display operating statistics for the AP (these are the same statistics that are described in Chapter 5: Monitoring the AP-3 for the HTTP Web interface).
Page 259: Packet Forwarding Commands
802.11b/g APs at this time. RAD Commands The Rogue AP Detection (RAD) feature enables an additional security level for wireless LAN deployments. The RAD feature provides a mechanism for detecting Rogue Access Points by utilizing the coverage of the trusted Access Point deployment.
Page 260: Rad Parameters
The Command Line Interface The Rogue AP Scan employs background scanning using low-level 802.11 scanning functions for effective wireless detection of Access Points in its coverage area with minimal impact on the normal operation of the Access Point. The set radstatus command enables Rogue Access Point Detection. The scan repetition duration (radscanint) can also be configured.
Page 261: Radius Commands
Client Invalid Server Address Counter32 radcliinvsvradd RADIUS Server Configuration Parameters Note: Use a server name only if you have enabled the DNS Client functionality. See Note: DNS Client Commands on page 239. Table 81: RADIUS Server Configuration Parameters 1 of 2...
Page 262: Syntax Examples
Syntax Examples Configure RADIUS Authentication servers Use the following command to configure a RADIUS Server and assign it to a VLAN. The RADIUS Server Profile index is specified by the index parameter and the subindex parameter specifies whether you are configuring a primary or secondary RADIUS server.
Page 263 RADIUS Commands [Device-Name]> set radiustbl <Index> profname <Profile Name> seraddrfmt <1 - IP Address 2 - Name> sernameorip <IP Address or Name> port <value> ssecret <value> responsetm <value> maxretx <value> acctupdtintrvl <value> macaddrfmt <value> authlifetm <value> radaccinactivetmr <value> vlanid <vlan id -1 to 4094> status enable...
Page 264 Server Status : notReady Server Addressing Format : ipaddr IP Address/Host Name : 0.0.0.0 Destination Port : 1813 VLAN Identifier : -1 MAC Address Format : dashdelimited Response Time Maximum Retransmission Authorization Lifetime Accounting Update Interval 264 Wireless AP-3 User’s Guide...
Page 265: Radius-Based Management Access Commands
Radius Management Access, enable or disable local user access, and configure the local user password. The default local user ID is root and the default local user password is public. “Root” cannot be configured as a valid user for RADIUS based management access when local user access is enabled.
Page 266: Radius-Based Management Access Parameters
Access CLI Parameter Secure Management Integer Enable/Disable securemgmtstatus Security Profile Commands Security Profile Table The Security Profile Table allows you to configure security profiles. A maximum of 16 security profiles are supported per wireless interface. 266 Wireless AP-3 User’s Guide...
Page 267 Security Profile Commands Each security profile can enable and configure one or more security modes (None Secure Station, WEP Station, 802.1x Station, WPA Station, WPA-PSK Station). The WEP/PSK parameters can be configured separately for each security mode. Table 84: Security Profile Parameters...
Page 268: Syntax Examples
The Command Line Interface Syntax Examples Configure a Security Profile with Non Secure Security Mode set secprofiletbl <index> secmode nonsecure status enable Syntax: set secprofiletbl 2 secmode nonsecure status enable Example: Configure a Security Profile with WEP Security Mode set secprofiletbl <index> secmode wep encryptkey0 <value> encryptkeylength Syntax: <value>...
Page 269: Configure A Security Profile With 802.11I Security Mode
Stop Bits Integer serstopbits Flow Control Value none (default) serflowctrl xonxoff Note: To avoid unexpected performance issues, leave Flow Control at the default Note: setting (none) unless you are sure what this setting should be. Issue 1 October 2004...
Page 270: Syntax Examples
The Command Line Interface Syntax Examples [Device-Name]> set serbaudrate <2400, 4800, 9600, 19200, 38400, 57600> [Device-Name]> set serflowctrl <none, xonxoff> [Device-Name]> show serial Figure 88: Result of “show serial” CLI Command 270 Wireless AP-3 User’s Guide...
Page 271: Snmp Commands
SNMP Commands SNMP Commands SNMP Parameters CAUTION: Avaya strongly urges you to change the default passwords to restrict access to CAUTION: your network devices to authorized personnel. If you lose or forget your password settings, you can always perform the Reset to Factory Default Procedure page 202.
Page 272: Snmp Trap Host Table Parameters
When creating table entries, you specify the argument name followed by an argument value. The CLI applies default values to the omitted arguments. Due to the nature of the information, the only argument that can be omitted is the “comment” argument.
Page 273: Configure Management Interfaces
12 = Wireless A and Wireless B Wireless A and Wireless B enabled 13 or 15 = all interfaces All management channels enabled Spanning Tree Commands Spanning Tree Parameters Table 89: Spanning Tree Parameters 1 of 2 Name Type Values Access CLI Parameter...
Page 274: Spanning Tree Priority And Path Cost Table
(in 0.01 sec intervals; for example, 4 to 30 seconds) 1500 (default) 2 of 2 Spanning Tree Priority and Path Cost Table Table 90: Spanning Tree Priority and Path Cost Table Parameters 1 of 2 Name Type Values Access CLI Parameter...
Page 275: Spectralink Voip Commands
802.11 Spectralink telephones are used. This parameter will set the basic rates of the AP to be 1 and 2 Mbps in 802.11bg mode and will allow old telephones that operate only at the 1 and 2 Mbps basic rate to connect to the AP.
Page 276: Ssh Commands
Create sshkeystatus Delete The AP SSH feature, open-SSH, confirms to the SSH protocol, and supports SSH version 2. Table 93 lists the SSH clients that have been verified to interoperate with the AP’s server. The table lists the clients, version number, and the Web site of the client.
Page 277: Storm Threshold Commands
0 – 255 packets/sec stmbrdthres (default is 0) Multicast Threshold Integer 0 – 255 packets/sec stmmultithres (default is 0) Storm Threshold Table Table 95: Storm Threshold Table Parameters Name Type Values Access CLI Parameter Storm Threshold Table Table stmthrestbl Table Index...
Page 278: Syslog Commands
Note: interface. When Heartbeat is enabled, the AP periodically sends a message to the Syslog server to indicate that it is active. The frequency with which the heartbeat message is sent depends upon the setting of the Heartbeat Interval. 278 Wireless AP-3 User’s Guide...
Page 279: Syslog Host Table Parameters
Syslog Commands Syslog Host Table Parameters The Syslog Host Table configures the Syslog hosts that will receive message from the AP. You can configure up to ten Syslog hosts. Table 97: Syslog Host Table Parameters Name Type Values Access CLI Parameter...
Page 280: System Information Commands
– hours mm – minutes ss – seconds Emergency Resets all sysresettodefaults Restore to parameters to Note: You must enter the defaults default factory following command twice values to reset to defaults: set sysresettodefaults 1 280 Wireless AP-3 User’s Guide...
Page 281: Syntax Examples
System Information Commands Syntax Examples [Device-Name]> set sysname <system name> sysloc <Unit Location> [Device-Name]> set sysctname <Contact Name> (person responsible for system) [Device-Name]> set sysctphone <Contact Phone Number> sysctemail <Contact E-mail address> [Device-Name]> show system Figure 89: Result of “show system” CLI Command...
Page 282: Telnet Commands
Values Access CLI Parameter Telnet Group telnet Telnet Management Interface 0 or 2 - no interfaces telifbitmask Interface Bitmask Bitmask (disable) 1 or 3 - Ethernet 4 or 6 - Wireless A 8 or 10 - Wireless B 12 = Wireless A & B...
Page 283: Set Tcp Port
Set TCP Port [Device-Name]> set telport <Telnet port number> (default is 23) Set Telnet Session Timeouts [Device-Name]> set tellogintout <time in seconds between 1 and 300> (default is 30) [Device-Name]> set telsessiontout <time in seconds between 1 and 36000> (default is 900)
Page 284: Syntax Examples
[Device-Name]> show tftp (to ensure the filename, file type, and the IP address are correct) [Device-Name]> download * [Device-Name]> reboot 0 After following the complete process (above) once, you can download a file of the same name (as long as all the other parameters are the same), with the following command: [Device-Name]> download *...
Page 285: Backup Your Ap Configuration File To A Tftp Server
[Device-Name]> show tftp (to ensure the filename, file type, and the IP address are correct) After setting the TFTP parameters, you can back up your current file (as long as all the other parameters are the same), with the following command: [Device-Name]>...
Page 286: Wireless Distribution System (Wds) Security Table Parameters
WEPKeyType encryptkey0 802.11a Wireless Interface Commands 802.11a Parameters The wireless interface group parameter is wif. Dual-radio APs use index 3 for slot A and index 4 for slot B. Interface Configuration on page 72 for information on these parameters. Table 104: 802.11a Wireless Interface Parameters 1 of 3...
Page 287 802.11a Wireless Interface Commands Table 104: 802.11a Wireless Interface Parameters 2 of 3 Name Type Values Access CLI Parameter Auto Channel Select Integer enable (default) autochannel (ACS)1 disable DTIM Period Integer 1 – 255 dtimperiod 1 = default RTS/CTS Medium Integer 0 –...
Page 288: Syntax Examples
(orthogonal phytype frequency division multiplexing) for 802.11a Note 1: For 802.11a APs in Europe, Auto Channel Select is a read-only parameter; it is always enabled 3 of 3 Syntax Examples Network Name (SSID) [Device-Name]> set wif <index 3 (Slot A) or 4 (Slot B)> netname <Network Name (SSID) for wireless interface>...
Page 289: Operational Mode
TX Power Control The TX Power Control feature lets the user configure the transmit power level of the card in the AP at one of four levels: 100% of the maximum transmit power level of the card ●...
Page 290: Shutdown/Resume Wireless Service
[Device-Name]> set wif <index> wssstatus <1 (resume)/2 (shutdown)> 802.11b Wireless Interface Commands 802.11b Parameters The wireless interface group parameter is wif. For dual-radio APs, Slot A uses table index 3 and Slot B uses table index 4. Interface Configuration on page 72 for information on these parameters.
Page 291 802.11b Wireless Interface Commands Table 106: 802.11b Wireless Interface Parameters 2 of 3 Name Type Values Access CLI Parameter Supported Octet String Depends on suppchannels Frequency Regulatory Domain Channels Transmit Power Integer 1=100% currenttxpowerlevel Level 2=50% 3=25% 4=12.5% Load Balancing...
Page 292: Syntax Examples
U.S./Canada -- FCC regdomain List Europe -- ETSI Japan -- MKK Note 1: For 802.11a APs in Europe, Auto Channel Select is a read-only parameter; it is always enabled 3 of 3 Syntax Examples Network Name (SSID) [Device-Name]> set wif <index 3 (Slot A) or 4 (Slot B)> netname <Network Name (SSID) for wireless interface>...
Page 293: Tx Power Control
2 of 2 TX Power Control The TX Power Control feature lets the user configure the transmit power level of the card in the AP at one of four levels: 100% of the maximum transmit power level of the card ●...
Page 294: Enable/Disable Interference Robustness (802.11B Only)
The distance between APs should not be approximated. It is calculated by means Note: of a manual Site Survey, in which an AP is set up and clients are tested throughout the area to determine signal strength and coverage, and local limits such as physical interference are investigated.
Page 295: 802.11B/G Wireless Interface Commands
1, 2, 5.5 and 11 Mbits/sec 802.11b/g Wireless Interface Commands 802.11b/g Parameters The wireless interface group parameter is wif. For dual-radio APs, Slot A uses table index 3 and Slot B uses table index 4. Interface Configuration on page 72 for information on these parameters.
Page 296 The Command Line Interface Table 109: 802.11b/g Wireless Interface Parameters 2 of 3 Name Type Values Access CLI Parameter MAC Address Physical 12 hex digits macaddr Address Closed System Integer enable closedsys disable (default) Wireless Integer 1 = resume wssstatus...
Page 297 802.11b/g Wireless Interface Commands Table 109: 802.11b/g Wireless Interface Parameters 3 of 3 Name Type Values Access CLI Parameter Transmit Rate Integer 32 For 802.11b-only mode: txrate 0 (auto fallback - ● default) 1 Mbits/sec ● 2 Mbits/sec ● 5.5 Mbits/sec ●...
Page 298: Syntax Examples
TX Power Control The TX Power Control feature lets the user configure the transmit power level of the card in the AP at one of four levels: 100% of the maximum transmit power level of the card ●...
Page 299: Autochannel Select (Acs)
802.11b/g Wireless Interface Commands Autochannel Select (ACS) ACS is enabled by default. Reboot after disabling or enabling ACS. [Device-Name]> set wif <index> autochannel <enable/disable> [Device-Name]> reboot 0 Enable/Disable Closed System [Device-Name]> set wif <index> closedsys <enable/disable> Shutdown/Resume Wireless Service [Device-Name]> set wif <index> wssstatus <1 (resume)/2 (shutdown)>...
Page 300: Wireless Interface Ssid/Vlan/Profile Commands
The Command Line Interface Wireless Interface SSID/VLAN/Profile Commands Wireless Interface SSID Table Parameters The Wireless Interface SSID table manages the SSID/VLAN pairs, and the Security Profile and RADIUS Profiles associated to the VLAN Note: The ability to configure up to 16 VLAN/SSID pairs and to configure security and Note: RADIUS profiles per SSID is available only for 802.11b/g APs and 802.11a...
Page 301: Syntax Examples
Disable 2 of 2 Syntax Examples To configure an SSID/VLAN pair, and to assign a Security Profile and RADIUS Profiles to it, use the following command: [Device-Name]> set wifssidtbl <Index.subindex> ssid <Network Name> Syntax: vlanid <-1 to 1094> ssidauth <enable/disable> acctstatus <enable/disable>...
Page 302: Vlan/Ssid Pair Commands
1-4094 Syntax Examples Enable VLAN Management [Device-Name]> set vlanstatus enable [Device-Name]> set vlanmgmtid <1-4094> [Device-Name]> show wifssidtbl (to review your settings) [Device-Name]> reboot 0 Disable VLAN Management [Device-Name]> set vlanstatus disable or 2 [Device-Name]> set vlanmgmtid 0 [Device-Name]> reboot 0...
Page 303: Cli Batch File
The Auto Configuration feature allows download of the TLV format configuration file or the CLI Batch file. The AP detects whether the file uploaded is TLV format or a CLI Batch file. If the AP detects a CLI Batch file (a file with extension .cli), the AP executes the file immediately.
Page 304: Sample Cli Batch File
CLI Batch File Error Log If there is any error during the execution of the CLI Batch file, the AP will stop executing the file. The AP generates traps for all errors and each trap contains the following information: Start of execution ●...
Page 305 Line number and description of failures that occurred during execution ● The AP logs all the errors during execution and stores them in the Flash memory in a CLI Batch File Error Log named “CBFERR.LOG”. The CLI Batch File Error Log can be downloaded though TFTP, HTTP, or CLI file transfer to a specified host.
Page 306 The Command Line Interface 306 Wireless AP-3 User’s Guide...
Page 307: Appendix B: Ascii Character Chart
You can configure WEP Encryption Keys in either Hexadecimal or ASCII format. Hexadecimal digits are 0-9 and A-F (not case sensitive). ASCII characters are 0-9, A-F, a-f (case sensitive), and punctuation marks. Each ASCII character corresponds to two hexadecimal digits.
Page 308 ASCII Character Chart Table 113: ASCII Character Chart 2 of 2 ASCII ASCII ASCII ASCII Character Equivalent Character Equivalent Character Equivalent Character Equivalent 2 of 2 308 Wireless AP-3 User’s Guide...
Page 309: Appendix C: Specifications
314 ● Radio Specifications on page 316 ● Software Features The tables below compares the software features available depending on the card type in the Access Point: Number of Stations per BSS ● Management Functions on page 310 ●...
Page 310: Management Functions
Specifications Table 114: Number of Stations per BSS Feature AP-3 AP-3 AP-3 AP-3 802.11b card 5GHz Kit 11a Kit 802.11b/g card With 802.1x up to 50 up to 44 up to 88 up to 88 Authentication With WPA up to 27...
Page 311: Medium Access Control (Mac) Functions
Software Features Table 116: Advanced Bridging Functions Feature 802.11b 802.11a 802.11b/g TCP/UDP Port Filtering Blocking Intra BSS Clients Packet Forwarding 2 of 2 Medium Access Control (MAC) Functions Table 117: MAC Functions Feature 802.11b 802.11a 802.11b/g Automatic Channel Selection (ACS)
Page 312: Security Functions
Note 2: EAP-MD5, EAP-TLS, EAP-TTLS, and PEAP client supplicant supported. Note 3: Use in conjunction with WPA or 802.1x Authentication. Note 4: Support is provided for a primary and backup RADIUS authentication server for both MAC-based authentication and 802.1x authentication.
Page 313: Network Functions
5 GHz Upgrade Kit: 1 VLAN ID per wireless interface Note 1: Includes Fallback to Primary RADIUS Server, RADIUS Session Timeout, RADIUS Multiple MAC Address Formats, RADIUS DNS Host Name Support, RADIUS Start/Stop Accounting. Issue 1 October 2004...
Page 314: Advanced Wireless Functions
— SpectraLink VoIP Support — Note 1: Available only one way (AP to client) if using an Avaya 802.11a/b Card or a non-Avaya Wireless client. Note 2: No client support in 802.11a or 802.11b/g. Note 3: This feature is not available if you are using an Avaya 802.11a/b Card or a non-Avaya Wireless client with an 802.11b AP.
Page 315: Physical Specifications
● Physical Specifications AP-3 Unit Dimensions (H x W x L) = 6.5 x 18.5 x 26 cm (2.5 x 7.25 x 10.25 in.) Weight = 1.75 Kg (3.5 lb.) 802.11a Antenna Adapter Dimensions (H x W x L) = 11.3 x 2.10 x 26.2 cm (4.5 x 0.83 x 10.3in.) Weight = 0.18kg (0.4lb)
Page 316: 802.11A Antenna Adapter
Specifications Storage = -10° to 60°C (14° to 140°F) @ 10 to 90% relative humidity (no condensation allowed) 802.11a Antenna Adapter Operating = 0° to 70°C (32° to 158 °F) @ 20 to 90% relative humidity Transport = -40° to 75°C (-40° to 167 °F) @ 15 to 95% relative humidity Storage = -20°...
Page 317: 802.11A Channel Frequencies
● TW: Taiwan ● There are five sets of frequency bands that determine the available channels depending on the regulatory domain. Some countries restrict 802.11a operation to specific frequency bands. The Web interface and CLI display the available channels for a radio's particular regulatory domain. In the CLI, any channels that are not available are labeled Not Supported.
Page 318 Specifications Note: The original 5 GHz Upgrade Kit only supports the Lower and Middle U-NII bands. Note: The 11a Upgrade Kit supports all of the frequency bands described in Table 121. Table 121: 802.11a Channel Frequencies 1 of 2 Frequency...
Page 319: 802.11B Channel Frequencies
The available 802.11b channels vary by regulatory domain and/or country. 802.11b radio certification is available in the following regions: FCC - U.S./Canada, Mexico, and Australia ● ETSI - Most of Europe, including the United Kingdom and some Eastern block countries ● MKK - Japan ●...
Page 320: 802.11G Channel Frequencies
Specifications Some countries restrict 802.11b operation to specific frequency bands. The web interface will always display the available channels depending in the cards regulatory domain. In the CLI, any channels that are not available are labeled Not Supported. Table 122: 802.11b Channel Frequencies...
Page 321: Wireless Communication Range
Note 2: Channel 14 is only available when using 802.11b only mode. Wireless Communication Range The range of the wireless signal is related to the composition of objects in the radio wave path and the transmit rate of the wireless communication. Communications at a lower transmit range may travel longer distances.
Page 322: 802.11B Wireless Communication Ranges
Specifications values provide a rule of thumb and may vary according to the actual radio conditions at the location where the product is used. The range of your wireless devices can be affected when the antennas are placed near metal surfaces and solid high-density materials.
Page 323: 802.11A (5 Ghz Upgrade Kit) Wireless Communication Ranges
Radio Specifications 802.11a (5 GHz Upgrade Kit) Wireless Communication Ranges Table 125: 802.11a (5 GHz Upgrade Kit) Wireless Communication Ranges Range Mbits/s Mbits/s Mbits/s Mbits/s Mbits/s Mbits/s Mbits/s Mbits/s Open Office 19 m 33 m 55 m 74 m 92 m...
Page 324: 802.11B/G Wireless Communication Ranges
(85 ft.) (108 ft.) (167 ft.) (256 ft.) (341 ft.) (423 ft.) Tx Power (dBm) Receiver Sensitivity (dBm) Antenna Gain 3 dBi (integrated diversity antenna module; 2.4-2.5 GHz) Range Mbits/s Mbits/s Mbits/s Mbits/s Mbits/s Mbits/s Open Office 292 m 314 m...
Page 325: Appendix D: Technical Support
Appendix D: Technical Support Before You Seek Help If you are having a problem using an AP and cannot resolve it with the information in Chapter 7: Troubleshooting the AP-3, gather the following information and contact your local authorized reseller or see http://www.avaya.com/support...
Page 326 Technical Support 326 Wireless AP-3 User’s Guide...

Avaya AP-3 User Manual

Chapter 1: Introduction

Chapter 2: Getting Started

Chapter 3: Viewing Status Information

Chapter 4: Performing Advanced Configuration

Chapter 5: Monitoring the AP-3

Chapter 6: Performing Commands

Chapter 7: Troubleshooting the AP-3

Appendix A: the Command Line Interface

Quick Links

Need help?

Questions and answers

Related Manuals for Avaya AP-3

Summary of Contents for Avaya AP-3