Avaya AP-8 User Manual
  1. Manuals
  2. Brands
  3. Avaya Manuals
  4. Wireless Access Point
  5. AP-8
  6. User manual
Avaya AP-8 User Manual

Avaya AP-8 User Manual

Avaya ap-8 access point: user guide
Hide thumbs Also See for AP-8:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
Table Of Contents
445
Table of Contents

Advertisement

Quick Links

Download this manual

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the AP-8 and is the answer not in the manual?

Questions and answers

Related Manuals for Avaya AP-8

Summary of Contents for Avaya AP-8

  • Page 2 Copyrights • Avaya is a registered trademark of Avaya Inc. • Microsoft Windows is a registered trademark of the Microsoft Corporation. • All trademarks mentioned herein belong to their respective owners. Publication Information © Copyright 2004 Avaya, Inc. All rights reserved.

  • Page 3: Regulatory Information

    Regulatory Information See the Regulatory Flyer that came with your AP-8 unit or go to the CD- ROM to view the information. Warranty Avaya Inc. provides a limited warranty on this product. Refer to your sales agreement to establish the terms of the limited warranty. In addition, Avaya’s standard warranty language as well as information regarding...
  • Page 4 If you are: • Within the United States, click the Escalation Management link. Then click the appropriate link for the type of support you need. • Outside the United States, click the Escalation Management link. Then click the International Services link that includes telephone numbers for the international Centers of Excellence.

  • Page 5: Table Of Contents

    System Requirements ........2-9...

  • Page 6: Table Of Contents

    IP Configuration........4-10...

  • Page 7: Table Of Contents

    Alarm Host Table........4-90...

  • Page 8: Table Of Contents

    Image Error Checking During File Transfer....6-7 Update AP by Using TFTP........6-8 Update AP by Using HTTP .

  • Page 9: Table Of Contents

    Related Applications ........7-28...

  • Page 10: Table Of Contents

    CLI Command Types ........

  • Page 11: Table Of Contents

    Radio Specifications ........C-12...
  • Page 12 Before You Seek Help ........

  • Page 13: Introduction

    • The AP-8 is a dual-radio AP that includes two radios: one 802.11b/g radio and one 802.11a radio. • Blue text indicates a link to a topic or Web address. If you are viewing this documentation on your computer, click the blue text to jump to the linked item. NOTE: A Note indicates important information that helps you make better use of your computer.

  • Page 14: Introduction To Wireless Networking

    Introduction to Wireless Networking CAUTION: A Caution indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. Introduction to Wireless Networking An AP extends the capability of an existing Ethernet network to devices on a wireless network.

  • Page 15: Site Survey

    Introduction to Wireless Networking Site Survey To determine the best location for an Access Point, Avaya recommends conducting a Site Survey before placing the device in its final location. For information about how to conduct a Site Survey, contact your local reseller.

  • Page 16: Guidelines For Roaming

    • High speed network links Guidelines for Roaming Wireless Standard Support An AP can only communicate with client devices that support its wireless standard. For example, an 802.11a client cannot communicate with an 802.11b AP and an 802.11b client cannot communicate with an 802.11a AP.
  • Page 17 • All workstations with an 802.11 client adapter installed must use either a Network Name of “any” or the same Network Name as the Access Points that they will roam between. If an AP has Closed System enabled, a client must have the same Network Name as the Access Point to communicate (see Interfaces).

  • Page 18: Ieee 802.11 Specifications

    GHz frequency band. This standard includes provisions for three radio technologies: direct sequence spread spectrum, frequency hopping spread spectrum, and infrared. Devices that comply with the 802.11 standard operate at a data rate of either 1 or 2 Megabits per second (Mbits/sec). Avaya Wireless AP-8 User’s Guide...
  • Page 19 802.11b In 1999, the IEEE modified the 802.11 standard to support direct sequence devices that can operate at speeds of up to 11 Mbits/sec. The IEEE ratified this standard as 802.11b. 802.11b devices are backwards compatible with 2.4 GHz 802.11 direct sequence devices (that operate at 1 or 2 Mbits/sec).

  • Page 20: Management And Monitoring Capabilities

    HTTPS is one of two available secure management options on the AP; the other secure management option is SNMPv3. Enabling HTTPS allows you to access the AP in a secure fashion using Secure Socket Layer (SSL) over port 443. The AP supports SSLv3 with a 128-bit encryption certificate maintained by the AP for secure communications between the AP and the HTTP client.

  • Page 21: Command Line Interface

    Statements may be issued from the keyboard for real time control, or from scripts that automate configuration. For example, when downloading a file, administrators enter the download CLI Command along with IP Address, file name, and file type parameters. How To Access the CLI You access the CLI over a HyperTerminal serial connection or via Telnet.

  • Page 22: Snmp Management

    • Avaya Wireless Enterprise MIB Avaya provides these MIB files on the CD included with each Access Point. You need to compile one or more of the above MIBs into your SNMP program’s database before you can manage an Access Point using SNMP.

  • Page 23: Snmpv3 Secure Management

    Management and Monitoring Capabilities The Enterprise MIB defines the read and read-write objects that can be viewed or configured using SNMP. These objects correspond to most of the settings and statistics that are available with the other management interfaces. Refer to the Enterprise MIB for more information; the MIB can be opened with any text editor, such as Microsoft Word, Notepad, or WordPad.
  • Page 24 HTTP Web interface or the CLI interface. For information on how to manage devices using SNMP, refer to the documentation that came with your SNMP program. Also, refer to the MIB files for information on the parameters available via SNMP.

  • Page 25: Ap-8 Hardware Description

    Download the Latest Software • Additional Hardware Features AP-8 Hardware Description The AP-8 is a tri-mode AP that simultaneously supports 802.11b, 802.11g, and 802.11a clients. The AP-8 contains two embedded radios: • one 802.11b/g radio and • one 802.11a only radio.
  • Page 26 • an RS-232 serial data communication port (Figure 2-1). The AP-8 includes an optional security cover that can be installed to protect against access to the power and LAN cables and to the reset and reload buttons. Avaya Wireless AP-8 User’s Guide...

  • Page 27: Ap-8 Rear Panel

    The AP-8 has been designed to rest horizontally on a flat surface, but can be wall or ceiling mounted with the long axis vertical. The bottom of the unit includes screw slots in the bottom plastic for mounting to a flat wall or ceiling.

  • Page 28: Dual Band Range Extender Antenna Description

    2.4 GHz (802.11b/g) and 5 GHz (802.11a) radios. The Dual Band REA can be used with either radio on the AP-8, or with the AP-4, 5, or 6. The Dual Band REA allows for better antenna placement for optimizing cell size.

  • Page 29: Prerequisites

    Prerequisites Prerequisites Before installing an AP, you need to gather certain network information. The following section identifies the information you need. Information Description Network Name Assign the Access Point a Network Name (SSID of the before wireless users can communicate with wireless interface) it.
  • Page 30 “public”. SNMP Read-Write Each Access Point requires a password to Password allow get and set requests from an SNMP manager. The default password is “public”. Security Settings You need to determine what security features you will enable on the Access Point.
  • Page 31 Secret authentication server (so both passwords must be the same), and is typically provided by the network administrator. Authentication This is a port number (default is 1812) and is Server typically provided by the network Authentication Port administrator. Client IP Address...

  • Page 32: Product Package

    — MIBs — HTML Help — this user’s guide in PDF format • One AP-8 Quick Start Guide If any of these items are missing or damaged, please contact your reseller or Technical Support (see Technical Support for contact information).

  • Page 33: System Requirements

    • At least one of the following IEEE 802.11-compliant devices: — An 802.11a, 802.11b, or 802.11b/g client device • A computer that is connected to the same IP network as the AP and has one of the following Web browsers installed: —...

  • Page 34: Hardware Installation

    If using Power over Ethernet, connect power to the unit from a DC injector device, such as an Ethernet DC injector hub. c. Attach one end of an Ethernet cable to the AP’s LAN port (the center port, labeled “LAN”) and the other end to a network hub or switch.
  • Page 35 Hardware Installation NOTE: You cannot install security cover to the AP-8 if an RS-232 cable is connected. Figure 2-2. Cabling the AP-8 e. Verify the LED status. f. When the AP-8 boots, it performs a series of self-tests. g. Wait for the power LED to turn green before proceeding.
  • Page 36 You cannot connect an RS-232 cable to the AP-8 when a security cover is installed. a. Slide the hinge end of the security cover into the hole on the rear panel of the AP-8 to the left of the connectors.
  • Page 37 Hardware Installation Figure 2-3. AP-8 Mounting Plate FRONT BACK Avaya Wireless AP-8 User’s Guide 2-13...
  • Page 38 Put the mounting plate up to the wall. b. Screw through the mounting plate. c. Place the AP up against the mounting plate. Orient the AP with the long access vertical, with the connectors facing to the right. 6. Install the Range Extender Antennas.
  • Page 39 Main Base Main Base Metal Plate Metal Plate Bottom Plate Screw Cavity Perform the following procedures to mount the Dual Band REA to a wall or ceiling and to install it on the AP-8: Avaya Wireless AP-8 User’s Guide 2-15...
  • Page 40 Detach the Antenna Body from the Main Base. b. Press the Base Top upward to release it from the Main Base. c. Use a metal plate or a coin to push the tenon between the Antenna body and the Base Top to remove the Base Top.
  • Page 41 Hardware Installation 7. Attach the antenna(s) to the AP-8. Perform the following steps to attach a Dual Band REA to the AP-8: a. Press down near the center of the compartment covering and slide open the External Antenna Access compartment on the AP-8.
  • Page 42 Hardware Installation Figure 2-5. Opening an AP-8 Antenna Compartment b. When connecting the first REA cable to a radio, attach the cable to the outer connector in the compartment (connector 1 or connector 4). 2-18 Avaya Wireless AP-8 User’s Guide...
  • Page 43 (Figure 2-6). Connectors 1 and 2 are for the 802.11b/g radio, and connectors 3 and 4 and for the 802.11a radio. When connecting one REA to a radio, use connectors 1 or 4, as appropriate. The second REA for a radio should be connected to connectors 2 or 3.

  • Page 44: Initialization

    These initialization instructions describe how to configure an AP over an Ethernet connection using ScanTool and the HTTP interface. If you want to configure the unit over the serial port, see Setting IP Address using Serial Portfor information on how to...

  • Page 45: Scantool

    ScanTool is a software utility that is included on the installation CD-ROM. ScanTool allows you to find the IP address of an Access Point by referencing the MAC address in a Scan List, or to assign an IP address if one has not been assigned.
  • Page 46 Each unit has a unique MAC address, which is assigned at the factory. 2. Confirm that the AP is connected to the same LAN subnet as the computer that you will use to configure the AP. 3. Power up, reboot, or reset the AP.
  • Page 47 ScanTool to use before the Scan List appears. If prompted, select an adapter and click OK. You can change your adapter setting at any time by clicking the Select Adapter button on the Scan List screen.
  • Page 48 Initialization Figure 2-7. Scan List 7. Locate the MAC address of the AP you want to initialize within the Scan List. NOTE: If your Access Point does not show up in the Scan List, click the Rescan button to update the display. If the unit still does not appear...
  • Page 49 Initialization 8. Do one of the following: — If the AP has been assigned an IP address by a DHCP server on the network, write down the IP address and click Cancel to close ScanTool. Go to Setup Wizard for information on how to access the HTTP interface using this IP address.
  • Page 50 Initialization Step Action Highlight the entry for the AP you want to configure. Click the Change button. Result: The Change screen appears. Figure 2-8. Scan Tool Change Screen Continued 2-26 Avaya Wireless AP-8 User’s Guide...
  • Page 51 Initialization Step Action Set IP Address Type to Static. Enter a static IP Address for the AP in the field provided. You must assign the unit a unique address that is valid on your IP subnet. Contact your network administrator if you need assistance selecting an IP address for the unit.
  • Page 52 Click OK to save your changes. Result: The Access Point will reboot automatically and any changes you made will take effect. When prompted, click OK a second time to return to the Scan List screen. Click Cancel to close the ScanTool. Proceed to...

  • Page 53: Setup Wizard

    Initialization Setup Wizard The first time you connect to an AP’s HTTP interface, the Setup Wizard launches automatically. The Setup Wizard provides step-by-step instructions for how to configure the Access Point’s basic operating parameter, such as Network Name, IP parameters, system parameters, and management passwords.
  • Page 54 Initialization 3. Enter the Access Point’s IP address in the browser’s Address field and press Enter. This is either the — dynamic IP address assigned by a network DHCP server or — the static IP address you manually configured. ScanTool for information on how to determine the unit’s IP...

  • Page 55: Setup Wizard

    Initialization Figure 2-9. Enter Network Password Figure 2-10. Setup Wizard Avaya Wireless AP-8 User’s Guide 2-31...
  • Page 56 CAUTION: If you exit from the Setup Wizard, any changes you submitted (by clicking the Save & Next button) up to that point will be saved to the unit but will not take effect until it is rebooted. 6. Configure the System Configuration settings and click Save &...
  • Page 57 Initialization 8. Assign the AP new passwords to prevent unauthorized access and click Save & Next. Each management interface has its own password: — SNMP Read Password — SNMP Read-Write Password — SNMPv3 Authentication Password — SNMPv3 Privacy Password — CLI Password —...
  • Page 58 Initialization 9. Configure the basic wireless interface settings and click Save & Next. — The following options are available for the AP-8: Option Description Primary Network Enter a Network Name (between 2 Name (SSID) and 31 characters long) for the wireless network.
  • Page 59 Initialization Option Description Auto Channel Select By default, the AP scans the area for other Access Points and selects the best available communication channel, either a free channel (if available) or the channel with the least amount of interference. Remove the check mark to disable this option.
  • Page 60 Initialization Option Description Frequency Channel When Auto Channel Select is enabled, this field is read-only and displays the Access Point’s current operating channel. When Auto Channel Select is disabled, you can specify the Access Point’s channel. If you decide to manually set the unit’s channel, ensure that nearby devices do not use the same frequency.
  • Page 61 6, 9, 12, 18, 24, 36, 48, 54 Mbits/s, and Auto Fallback For the 802.11 b/g radio operating in 802.11bg mode, choose between 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbits/sec, and Auto Fallback. For the 802.11a radio, choose between 6, 9, 12, 18, 24, 36, 48, 54 Mbits/s, and Auto Fallback.
  • Page 62 Initialization Option Description WEP Encryption Place a check mark in the box provided to enable WEP encryption. WEP Encryption for more information. Set Encryption Key If you enabled Encryption, configure an Encryption Key. This key is used to encrypt and decrypt data between the AP and its wireless clients.
  • Page 63 Initialization Option Description Multicast Rate Sets the rate at which Multicast messages are sent. This value is related to the Distance Between APs parameter (described previously). The table below displays the possible Multicast Rates based on the Distance between APs. See Multicast Rate for more information.
  • Page 64 10. Review the configuration summary. If you want to make any additional changes, use the navigation panel on the left-hand side of the screen to return to an earlier screen. After making a change, click Save & Next to save the change and proceed to the next screen.

  • Page 65: Download The Latest Software

    Avaya recommends that you check the Web site for the latest updates after you have installed and initialized the unit. Three types of files can be downloaded to the AP from a TFTP server: • image (AP software image or kernel) • config (configuration file) •...

  • Page 66: Download Updates From A Tftp Server Using The Web Interface

    Download the Latest Software After the TFTP server is installed: • Check to see that TFTP is configured to point to the directory containing the AP Image. • Make sure you have the proper TFTP server IP address, the proper AP Image file name, and that the TFTP server is operational.

  • Page 67: Download Updates From A Tftp Server Using The Cli Interface

    4. Enter the CLI password when prompted. > 5. Enter the command: download <tftpaddr <filename> img — Result: The download will begin. Be patient while the image is downloaded to the Access Point. 6. When the download is complete, type reboot 0 and press Enter. NOTE: Command Line Interface (CLI) for more information.

  • Page 68: Additional Hardware Features

    Installing the AP in a Plenum In an office building, plenum is the space between the structural ceiling and the tile ceiling that is provided to help air circulate. Many companies also use the plenum to house communication equipment and cables.
  • Page 69 • The cable length between the PoE hub and the Access Point should not exceed 100 meters (approximately 325 feet). • The PoE hub is not a repeater and does not amplify the Ethernet data signal. • If connected to an PoE hub and an AC power simultaneously, the Access Point draws power from Power over Ethernet.

  • Page 70: Led Indicators

    LED Indicators LED Indicators The AP has four LED indicators. The LEDs are identified in Figure 2-11. Figure 2-11. LED Indicators on the AP-8 Top Panel The following table explains the functionality of each LED. 2-46 Avaya Wireless AP-8 User’s Guide...
  • Page 71 Blinking Amber The AP is Not Applicable Not Applicable Not Applicable reloading. Solid Red Power On Self Not Applicable Not Applicable Not Applicable Test (POST) running. Blinking Red Rebooting. Not Applicable Not Applicable Not Applicable Avaya Wireless AP-8 User’s Guide 2-47...

  • Page 72: Related Topics

    Related Topics Related Topics The Setup Wizard helps you configure the basic AP settings required to get the unit up and running. The AP supports many other configuration and management options. The remainder of this user guide describes these options in detail.

  • Page 73: Status Information

    System Status Logging into the HTTP Interface Once the AP has a valid IP Address and an Ethernet connection, you may use your web browser to monitor the system status. Follow these steps to monitor an AP’s operating statistics using the HTTP interface: 1.
  • Page 74 Select Tools > Internet Options..b. Click the Connections tab. c. Click LAN Settings..d. If necessary, remove the check mark from the Use a proxy server box. e. Click OK twice to save your changes and return to Internet Explorer.

  • Page 75: System Status

    System Status Figure 3-1. Enter Network Password Screen System Status System Status is the first screen to appear each time you connect to the HTTP interface. You can also return to this screen by clicking the Status button. Avaya Wireless AP-8 User’s Guide...
  • Page 76 System Status Figure 3-2. System Status Screen Avaya Wireless AP-8 User’s Guide...
  • Page 77 IP address and contact information. See System for information on these settings. — System Alarms: System traps (if any) appear in this area. Each trap identifies a specific severity level: Critical, Major, Minor, and Informational. See Alarms for a list of possible alarms.
  • Page 78 System Status Avaya Wireless AP-8 User’s Guide...

  • Page 79: Advanced Configuration

    Ethernet. Also describes configuring a Management. • Management: Configure the Access Point’s management Passwords, IP Access Table, and Services such as configuring secure or restricted access to the AP via SNMPv3, HTTPS, CLI, or Automatic Configuration. • Filtering: Configure Ethernet Protocol filters, Static MAC Address filters, Advanced filters, and Port filters.

  • Page 80: Configuring The Ap Using The Http/Https Interface

    WPA, WEP Encryption, and 802.1x. Configure Rogue Access Point Detection (RAD) and define the Scan Interval. Configure up to 16 VLAN and SSID pairs per wireless interface, and define the security mode for each pair. • RADIUS: Configure RADIUS features such as RADIUS Access...
  • Page 81 Select Tools > Internet Options..b. Click the Connections tab. c. Click LAN Settings..d. If necessary, remove the check mark from the Use a proxy server box. e. Click OK twice to save your changes and return to Internet Explorer.
  • Page 82 Configuring the AP Using the HTTP/HTTPS Interface Figure 4-1. Enter Network Password Screen Avaya Wireless AP-8 User’s Guide...
  • Page 83 Configuring the AP Using the HTTP/HTTPS Interface 5. Click the Configure button located on the left-hand side of the screen. Figure 4-2. Configure Main Screen 6. Click the tab that corresponds to the parameter you want to configure. For example, click Network to configure the Access Point’s TCP/IP settings.

  • Page 84: System

    7. Configure the Access Point’s parameters as necessary. After changing a configuration value, click OK to save the change. 8. Reboot the Access Point for all of the changes to take effect. System You can configure and view the following parameters within the System...
  • Page 85 System Parameters Description Object ID This is a read-only field that displays the Access Point’s MIB definition; this information is useful if you are managing the AP using SNMP. Ethernet MAC This is a read-only field that displays the Address unique MAC (Media Access Control) address for the Access Point’s Ethernet...

  • Page 86: Dynamic Dns Support

    DNS server. Access Point System Naming Convention The Access Point's system name is used as its host name. In order to prevent Access Points with default configurations from registering similar host names in DNS, the default system name of the Access Point is uniquely generated.
  • Page 87 DNS compliant system name. The rules of conversion of older system names are: • If the length is greater than 63 then the string is truncated. (This will not happen since the system name is anyway limited to 32 bytes) •...

  • Page 88: Network

    You can configure and view the following parameters within the IP Configuration screen: NOTE: You must reboot the Access Point in order for any changes to the Basic IP or DNS Client parameters take effect. 4-10 Avaya Wireless AP-8 User’s Guide...
  • Page 89 Configuration Protocol (DHCP) client; the Access Point will obtain IP settings from a network DHCP server automatically during boot-up. If you do not have a DHCP server or if you want to manually configure the Access Point’s IP settings, set this parameter to Static.
  • Page 90 DHCP server. DNS Client If you prefer to use host names to identify network servers rather than IP addresses, you can configure the AP to act as a Domain Name Service (DNS) client. When this feature is enabled, the Access Point contacts the network’s DNS server to translate a host name to the appropriate network...
  • Page 91 Advanced Default TTL (Time to Live): Time to Live (TTL) is a field in an IP packet that specifies how long in seconds the packet can remain active on the network. The Access Point uses the default TTL for packets it generates for which the transport layer protocol does not specify a TTL value.

  • Page 92: Dhcp Server

    Make sure there are no other DHCP servers on the network and do not enable the DHCP server without checking with your network administrator first, as it could bring down the whole network. Also, the AP must be con- figured with a static IP address before enabling this feature.
  • Page 93 Network Figure 4-3. DHCP Server Configuration Screen Avaya Wireless AP-8 User’s Guide 4-15...
  • Page 94 Network You can configure and view the following parameters within the DHCP Server Configuration screen: Parameter Description Enable DHCP Place a check mark in the box provided to Server enable DHCP Server functionality. NOTE: You cannot enable the DHCP Server functionality unless there is at least one IP Pool Table Entry configured.
  • Page 95 This entry specifies a range of IP addresses Entry that the AP can assign to its wireless clients. Click Add to create a new entry. Click Edit to change an existing entry. Each entry contains the following field: • Start IP Address •...

  • Page 96: Link Integrity

    Link Integrity The Link Integrity feature checks the link between the AP and the nodes on the Ethernet backbone. These nodes are listed by IP address in the Link Integrity IP Address Table. The AP periodically pings the nodes listed within the table.
  • Page 97 Network You can configure and view the following parameters within the Link Integrity Configuration screen: Parameter Description Enable Link Place a check mark in the box provided to Integrity enable Link Integrity. Poll Interval The interval between link integrity checks.
  • Page 98 Network Figure 4-4. Link Integrity Configuration Screen 4-20 Avaya Wireless AP-8 User’s Guide...

  • Page 99: Interfaces

    Interfaces Interfaces From the Interfaces tab, you configure the Access Point’s operational mode, power control settings, wireless interface settings and Ethernet settings. You may also configure a Wireless Distribution System for AP-to-AP communications. For the wireless interface configuration, refer to the wireless parameters below that correspond to your radio type.

  • Page 100: Operational Mode

    Interfaces Operational Mode You can configure and view the operational mode for Wireless Interface B (802.11b/g radio): • Operational Mode: the mode of communication between the wireless clients and the Access Point: — 802.11b only — 802.11g only — 802.11bg...
  • Page 101 1. Click Configure > Interfaces > Operational Mode. 2. Select Enable Transmit Power Control. 3. Select the transmit power level for interface A from the Wireless-A: Transmit Power Level drop-down menu. 4. Select the transmit power level for interface B from the Wireless-B: Transmit Power Level drop-down menu.
  • Page 102 Interfaces Figure 4-5. Operational Mode Screen - TX Power Control (AP-8) 4-24 Avaya Wireless AP-8 User’s Guide...

  • Page 103: Wireless Interface A (802.11A Radio)

    Interfaces Wireless Interface A (802.11a Radio) You can configure and view the following parameters within the Wireless Interface Configuration screen for the Wireless Interface A: NOTE: You must reboot the Access Point before any changes to these parameters take effect.
  • Page 104 Enter a Network Name (between 2 and 31 Name (SSID) characters long) for the primary wireless network. You must configure each wireless client to use this name as well. To configure additional SSIDs and VLANs, go to Configure and select SSID/VLAN/Security. Continued 4-26 Avaya Wireless AP-8 User’s Guide...
  • Page 105 Parameter Description Auto Channel The AP scans the area for other Select Access Points and selects a free or relatively unused communication channel. This helps prevent interference problems and increases network performance. By default this feature is enabled. See 802.11a Channel Frequencies for a list of Channels.
  • Page 106 Use the drop-down menu to select a specific transmit rate for the AP. Choose between 6, 9, 12, 18, 24, 36, 48, 54 Mbits/s, and Auto Fallback. Auto Fallback is the default setting; it allows the AP unit to select the best transmit rate based on the cell size.
  • Page 107 AP-8s sold in Europe use a technique called Dynamic Frequency Selection (DFS) to automatically select an operating channel. During boot-up, the AP scans the available frequency and selects a channel that is free of interference. If the AP subsequently detects interference on its channel, it automatically reboots and selects another channel that is free of interference.
  • Page 108 This typically occurs when there are hidden nodes (clients that can communicate with the Access Point but are out of range of each other) in very large cells. 4-30 Avaya Wireless AP-8 User’s Guide...
  • Page 109 0 and 2347 bytes. When set to 2347 (the default setting), the RTS/CTS mechanism is disabled. When set to 0, the RTS/CTS mechanism is used for all packets. When set to a value between 0 and 2347, the Access Point uses the RTS/CTS mechanism for packets that are the specified size or greater.

  • Page 110: Multicast Rate

    Access Point to the wireless network. Stations that are closer to the Access Point can receive multicast packets at a faster data rate than stations that are farther away from the AP. Therefore, you should set the Multicast Rate based on the size of the Access Point’s cell.
  • Page 111 • A large number of Access Points covering a small area is a high-density cell. • A few Access Points, or even a single unit, covering the same small area would result in a low-density cell. In both cases the actual area did not change — only the number of Access Points covering the area changed.
  • Page 112 Interfaces Figure 4-6. 1 Mbits/s and 11 Mbits/s Multicast Rate 11 Mbits/s 1 Mbit/s 4-34 Avaya Wireless AP-8 User’s Guide...

  • Page 113: Wireless Interface B (802.11B/G Radio)

    Interfaces Wireless Interface B (802.11b/g Radio) You can configure the following radio parameters for the Wireless B interface: NOTE: You must reboot the Access Point before any changes to these parameters take effect. Avaya Wireless AP-8 User’s Guide 4-35...
  • Page 114 802.11g devices. • 802.11b/g mode: This is the default mode. Use this mode if you want to support a mix of 802.11b and 802.11g devices. In general, you should use either 802.11g only mode (if you want to support 802.11g devices...
  • Page 115 Spectrum; this is the name for the radio technology used by 802.11b devices. MAC Address This is a read-only field that displays the unique MAC (Media Access Control) address for the Access Point’s wireless interface. The MAC address is assigned at the factory.
  • Page 116 VLANs by selecting the Configure tab and then SSID/VLAN Security. You can configure up to 16 SSID/VLAN pairs per wireless interface. Auto Channel The AP scans the area for other Access Points Select and selects a free or relatively unused communication channel. This helps prevent interference problems and increases network performance.
  • Page 117 • For 802.11g only -- Auto Fallback, 6, 9, 12, 18, 24, 36, 48, 54 Mbits/sec • For 802.11b/g -- Auto Fallback, 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbits/sec Continued Avaya Wireless AP-8 User’s Guide...
  • Page 118 DTIM Period The Deferred Traffic Indicator Map (DTIM) is used with clients that have power management enabled. DTIM should be left at 1, the default value, if any clients have power management enabled. This parameter supports a range between 1 and 255.

  • Page 119: Ethernet

    For best results, Avaya recommends that you configure the Ethernet setting to match the speed and transmission mode of the device the Access Point is connected to (such as a hub or switch). If in doubt, leave this setting at its default, auto-speed-auto-duplex. Choose between: •...
  • Page 120 WDS Example below, AP 1 and AP 2 communicate over a WDS link (represented by the blue line). This link provides Client 1 with access to network resources even though AP 1 is not directly connected to the Ethernet network. Packets destined for or sent by the client are relayed between the Access Points over the WDS link.
  • Page 121 Interfaces Bridging WDS Each WDS link is mapped to a logical WDS port on the AP. WDS ports behave like Ethernet ports rather than like standard wireless interfaces: on a BSS port, an Access Point learns by association and from frames;...
  • Page 122 4. Scroll down to the Wireless Distribution System heading. 5. Click the Edit button to update the Wireless Distribution System (WDS) Table. 6. Enter the MAC Address that you wrote down in Step 2 in one of the Partner MAC Address field of the Wireless Distribution Setup window.
  • Page 123 NOTE: To set up a Wireless Distribution System (WDS) with 802.1x, set each Access Point’s 802.1x Security Mode to Mixed and assign each unit in the WDS the same Encryption Key 1. See RADIUS. Avaya Wireless AP-8 User’s Guide 4-45...

  • Page 124: Management

    Enter a password in both the Password field and the Confirm field. The default password is “public”. SNMP Read/Write For read and write access to the AP using Password SNMP. Enter a password in both the Password field and the Confirm field. The default password is “public”.
  • Page 125 Enter a password in both the Password Password field and the Confirm field. The default password is “public”. Password length is recommended to be at least 8 characters. Secure Management (Services tab) must be enabled to configure SNMPv3. SNMPv3 Privacy For sending encrypted SNMPv3 data.

  • Page 126: Ip Access Table

    Add and set the following parameters: • IP Address: Enter the IP Address for the management station. • IP Mask: Enter a mask that will act as a filter to limit access to a range of IP Addresses based on the IP Address you already entered.

  • Page 127: Services

    AP’s management interfaces. • Comment: Enter an optional comment, such as the station name. To edit or delete an entry, click Edit. Edit the information, or select Enable, Disable, or Delete from the Status pull-down menu. Services You can configure the following management services: •...
  • Page 128 Management NOTE: You must reboot the Access Point if you change the HTTP Port or Telnet Port. Secure Management Secure Management allows the use of encrypted and authenticated communication protocols such as SNMPv3, and Secure Socket Link (SSL), to manage the Access Point.
  • Page 129 HTTP Interface Configure the interface or interfaces Bitmap (Ethernet, Wireless, All Interfaces) from which you will manage the AP via the Web interface. For example, to allow Web configuration via the Ethernet network only, set HTTP Interface Bitmask to Ethernet.
  • Page 130 Figure 4-9. Management Services Configuration Screen HTTPS Access (Secure Socket Layer) You can access the AP in a secure fashion using Secure Socket Layer (SSL) over port 443. The AP supports SSLv3 with a 128-bit encryption certificate maintained by the AP for secure communications between the AP and the HTTP client.
  • Page 131 After enabling SSL, the only configurable parameter is the SSL passphrase. If you decide to upload a new certificate and private key (using TFTP or HTTP File Transfer), you need to change the SSL Certificate Passphrase for the new SSL files.
  • Page 132 Management Accessing the AP through the HTTPS interface The user should use a SSL intelligent browser to access the AP through the HTTPS interface. After configuring SSL, access the AP using https:// followed by the AP’s management IP address. Telnet Configuration Settings...
  • Page 133 Enter the number of seconds the system (seconds) will wait for a login attempt. The AP terminates the session when it times out. The range is 1 to 300 seconds; the default is 30 seconds. Session Idle Enter the number of seconds the system...

  • Page 134: Serial Configuration Settings

    Management Serial Configuration Settings The serial port interface on the AP is enabled at all times. See Setting IP Address using Serial Port for information on how to access the CLI interface via the serial port. You can configure and view following...

  • Page 135: Automatic Configuration

    Automatic Configuration varies depending on whether the AP is configured for dynamic or static IP. When an AP is configured for dynamic IP, the Configuration filename and the TFTP server IP address are contained in the DHCP response when the AP gets its IP address dynamically from the DHCP server.
  • Page 136 Configuration Screen appears. 2. Check Enable Auto Configuration. 3. Enter the Configuration Filename. 4. Enter the IP address of the TFTP server in the TFTP Server Address field. NOTE: The default filename is “config”. The default TFTP IP address is “169.254.128.133”...
  • Page 137 Management 6. Reboot the AP. When the AP reboots it receives the new configuration information and must reboot one additional time. If a Syslog server was configured, the following messages can be observed on the Syslog server: — AutoConfig for Static IP —...
  • Page 138 Configuration success and failure messages to a Syslog server. NOTE: The configuration filename and TFTP server IP address are configured only when the AP is configured for Static IP. If the AP is configured for Dynamic IP these parameters are not used and obtained from DHCP.
  • Page 139 4. Add the Boot Server host name and Boot Filename parameters to the Active Options list. 5. Set the value of the Boot Server host name parameter to the host name or IP Address of the TFTP server. For example: 11.0.0.7.
  • Page 140 Figure 4-12. DHCP Options: Setting the Boot Server Host Name 6. Set the value of the Bootfile Name parameter to the Configuration filename. For example: AP-Config 7. If using Syslog, set the Log server IP address (option 7, Log Servers). 4-62...

  • Page 141: Filtering

    Filtering 8. Reboot the AP. When the AP reboots it receives the new configuration information and must reboot one additional time. If a Syslog server was configured, the following messages can be observed on the Syslog server: — AutoConfig for Dynamic IP —...

  • Page 142: Ethernet Protocol

    Ethernet protocols they support. Follow these steps to configure the Ethernet Protocol Filter: 1. Select the interface or interfaces that will implement the filter from the Ethernet Protocol Filtering drop-down menu. — Ethernet: Packets are examined at the Ethernet interface —...

  • Page 143: Static Mac

    — To edit or delete an entry, click Edit and change the information, or select Enable, Disable, or Delete from the Status drop-down menu. — An entry’s status must be enabled in order for the protocol to be subject to the filter. Static MAC The Static MAC Address filter optimizes the performance of a wireless (and wired) network.
  • Page 144 Filtering For example, you can set up a Static MAC filter to prevent wireless clients from communicating with a specific server on the Ethernet network. You can also use this filter to block unnecessary multicast packets from being forwarded to the wireless network.
  • Page 145 MAC Address and the Mask at the bit level. However, for most users, you do not need to think in terms of bits. It should be sufficient to create a filter using only the hexadecimal digits 0 and F in the Mask (where 0 is any value and F is the value specified in the MAC address).
  • Page 146 To create an entry, click Add and enter the appropriate MAC addresses and Masks to setup a filter. The entry is enabled automatically when saved. To edit an entry, click Edit. To disable or remove an entry, click Edit and change the Status field from Enable to Disable or Delete.
  • Page 147 Filtering Figure 4-13. Static MAC Configuration Screen Avaya Wireless AP-8 User’s Guide 4-69...
  • Page 148 • Wired Mask: FF:FF:FF:FF:FF:FF • Wireless MAC Address: 00:02:2D:51:94:E4 • Wireless Mask: FF:FF:FF:FF:FF:FF Result: Traffic between the Wired Server and Wireless Client 1 is blocked. Wireless Clients 2 and 3 can still communicate with the Wired Server. 4-70 Avaya Wireless AP-8 User’s Guide...
  • Page 149 00:20:2D prefix. Since Wireless Client 1 and Wireless Client 2 share the same prefix (00:02:2D), traffic between the Wired Server and Wireless Clients 1 and 2 is blocked. Wireless Client 3 can still communicate with the Wired Server since it has a different prefix (00:20:A6).
  • Page 150 • Wired MAC Address: 00:40:F4:1C:DB:6A • Wired Mask: FF:FF:FF:FF:FF:FF • Wireless MAC Address: 00:00:00:00:00:00 • Wireless Mask: 00:00:00:00:00:00 Result: The Access Point blocks all traffic between Wired Server 1 and all wireless clients. Prevent A Wireless Device From Communicating With the Wired Network Configure the following settings to prevent Wireless Client 3 from communicating with any device on the Ethernet.
  • Page 151 If there are devices on your Ethernet network that use multicast packets to communicate and these packets are not required by your wireless clients, you can set up a Static MAC filter to preserve wireless bandwidth. For example, if routers on your network use a specific multicast address...

  • Page 152: Advanced

    Advanced You can configure the following advanced filtering options: • Enable Proxy ARP: Place a check mark in the box provided to allow the Access Point to respond to Address Resolution Protocol (ARP) requests for wireless clients. When enabled, the AP answers ARP requests for wireless stations without actually forwarding them to the wireless network.

  • Page 153: Tcp/Udp Port

    AP. A user specifies a Protocol Name, Port Number, Port Type (TCP, UDP, or TCP/UDP), and filtering interfaces (Wireless only, Ethernet only, all interfaces, or no interfaces) in order to block access to services, such as Telnet and FTP, and traffic, such as NETBIOS and HTTP.
  • Page 154 2. Click Add under the TCP/UDP Port Filter Table heading. 3. In the TCP/UDP Port Filter Table, enter the Protocol Names to filter. 4. Set the destination Port Number (a value between 0 and 65535) to filter. See the IANA Web site at http://www.iana.org/assignments/port-numbers for a list of assigned port numbers and their descriptions.

  • Page 155: Alarms

    1. Click Edit under the TCP/UDP Port Filter Table heading. 2. Make any changes to the Protocol Name or Port Number for a specific entry, if necessary. 3. In the row that defines the port, set the Status to Enable, Disable, or Delete, as appropriate. 4. Select OK Alarms This category has three sub-categories.

  • Page 156: Groups

    Alarms Groups There are seven alarm groups that can be enabled or disabled via the Web interface. Place a check mark in the box provided to enable a specific group. Remove the check mark from the box to disable the alarms.
  • Page 157 Alarms • Security Alarms Trap Name Description This trap is generated when a client oriTrapAuthenticationFailure authentication failure occurs. The authentication failures can range from: - MAC Access Control Table - RADIUS MAC Authentication - 802.1x Authentication specifying the EAP-Type Severity Level: Major...
  • Page 158 Description This trap is generated when a oriTrapWLCFailure general failure occurs with the wireless interface/radio. Severity Level: Critical This trap is generated when a failure oriTrapWLCFirmwareDownlo adFailure occurs during the firmware download process of the wireless interface/radio. Severity Level: Critical •...
  • Page 159 This trap is generated when a certain oriTrapModuleNotInitialized software or hardware module is not initialized or fails to initialize. Trap Severity Level: Major This trap is generated when the AP is oriTrapDeviceRebooting rebooting. Trap Severity Level: Informational This trap is generated when a...
  • Page 160 This trap is generated when a certain oriTrapModuleNotInitialized software or hardware module is not initialized or fails to initialize. Trap Severity Level: Major This trap is generated when the AP is oriTrapDeviceRebooting rebooting. Trap Severity Level: Informational This trap is generated when a...
  • Page 161 In bootloader mode, this trap is oriTrapBootPFailed generated when the AP does not receive a response from the BootP server. The result is that the Access Point reverts to its static IP configuration and you will need to set reset configuration options.
  • Page 162 Trap Name Description This trap is generated when an error oriTrapFlashMemoryEmpty occurs while downloading a file to the AP and no data is present in the flash memory. Severity Level: Informational This trap is generated when an error oriTrapFlashMemoryCorrupt occurs while downloading a file to the AP and the data in the flash memory is invalid or corrupted.
  • Page 163 Alarms • TFTP Alarms Trap Name Description This trap is generated when a failure oriTrapTFTPFailedOperation occurs during a TFTP upload or download operation. Severity Level: Major This trap is generated when a TFTP oriTrapTFTPOperationInitiat upload or download operation is started.
  • Page 164 Alarms • Image Alarms Trap Name Description This trap is generated when a zero oriTrapZeroSizeImage size image is loaded on the AP. Trap Severity Level: Major This trap is generated when an oriTrapInvalidImage invalid image is loaded in the Access Point.
  • Page 165 Alarms In addition, the AP supports these standard traps, which are always enabled: • RFC 1215-Trap Trap Name Description coldStart The AP has been turned on or rebooted. Trap Severity Level: Informational linkUp The AP's Ethernet interface link is up (working).
  • Page 166 This trap is not sent if a newRoot trap is sent for the same transition. Trap Severity Level: Informational All these alarm groups correspond to System Alarms that are displayed in System Status screen, including the traps that are sent by the AP to...
  • Page 167 Critical alarms will often result in severe disruption in network activity or an automatic reboot of the AP Major alarms are usually activated due to a breach in the security of the system. Clients cannot be authenticated or an attempt at unauthorized access into the AP has been detected.

  • Page 168: Alarm Host Table

    Alarm Host Table Add an Entry or Enable the AP To add an entry and enable the AP to send SNMP trap messages to a Trap Host, click Add, and then specify the IP Address and Password. • IP Address: Enter the Trap Host IP Address.
  • Page 169 Alarms See RFC 3164 at http://www.rfc-editor.org for more information on the Syslog standard. Figure 4-14. Syslog Configuration Screen Avaya Wireless AP-8 User’s Guide 4-91...
  • Page 170 Alarms Setting Syslog Event Notifications Syslog Events are logged according to the level of detail specified by the administrator. Logging only urgent system messages will create a far smaller, more easily read log then a log of every event the system encounters.
  • Page 171 Configuring Syslog Event Notifications You can configure the following Syslog settings from the HTTP interface: • Enable Syslog: Place a check mark in the box provided to enable system logging. • Syslog Port Number: This field is read-only and displays the port number (514) assigned for system logging.

  • Page 172: Bridge

    Once the AP is connected to your network, it learns which devices are connected to it and records their MAC addresses in the Learn Table. The table can hold up to 10,000 entries. To view the Learn Table, click on the Monitor button in the web interface and select the Learn Table tab.

  • Page 173: Spanning Tree

    Spanning Tree protocol. Storm Threshold Storm Threshold is an advanced Bridge setup option that you can use to protect the network against data overload by: • Specifying a maximum number of frames per second as received from a single network device (identified by its MAC address).

  • Page 174: Intra Bss

    Bridge The Storm Threshold parameters allow you to specify a set of thresholds for each port of the AP, identifying separate values for the number of broadcast messages/second and Multicast messages/second. When the number of frames for a port or identified station exceeds the...

  • Page 175: Packet Forwarding

    Packet Forwarding The Packet Forwarding feature enables you to redirect traffic generated by wireless clients that are all associated to the same AP to a single MAC address. This filters wireless traffic without burdening the AP and provides additional security by limiting potential destinations or by routing the traffic directly to a firewall.
  • Page 176 You can redirect traffic to: — Ethernet — A WDS connection (see Management for details) — Any (traffic is redirected to a port based on the bridge learning process) 4. Click OK to save your changes. 4-98 Avaya Wireless AP-8 User’s Guide...

  • Page 177: Radius

    Primary and Secondary RADIUS Servers for each of the two supported Authentication types, 802.1x EAP Based authentication and MAC based authentication. You can configure the AP to communicate with up to six different RADIUS servers: • Primary Authentication Server (MAC-based authentication) •...

  • Page 178: Mac Access Control By Means Of Radius Authentication

    MAC Access Control by Means of RADIUS Authentication If you want to control wireless access to the network and if your network includes a RADIUS Server, you can store the list of MAC addresses on the RADIUS server rather than configure each AP individually. From the...
  • Page 179 Follow these steps to enable RADIUS MAC Access Control: 1. Within the RADIUS Auth screen, place a check mark in the box labeled Enable RADIUS MAC Access Control. 2. Place a check mark in the box labeled Enable Primary RADIUS Authentication Server.
  • Page 180 DNS Client for details. 7. Enter the server’s IP address or name in the field provided. 8. Enter the port number which the AP and the server will use to communicate. By default, RADIUS servers communicate on port 1812. 9. Enter the Shared Secret in the Shared Secret and Confirm Shared Secret field.
  • Page 181 11. Enter the maximum number of times an authentication request may be retransmitted in the Maximum Retransmissions field. Range is 1-4; default is 3. 12. If you are configuring a back-up server, repeat Steps 6 through 11 for the back-up server. 13. Click OK to save your changes.
  • Page 182 RADIUS Figure 4-15. RADIUS MAC-Based Access Control Screen 4-104 Avaya Wireless AP-8 User’s Guide...

  • Page 183: Radius Authentication With 802.1X

    DNS Client for details. 6. Enter the server’s IP address or name in the field provided. 7. Enter the port number which the AP and the server will use to communicate. By default, RADIUS servers communicate on port 1812. Avaya Wireless AP-8 User’s Guide...
  • Page 184 AP. The same password must also be configured on the RADIUS server. 9. Enter the maximum time, in seconds, that the AP should wait for the RADIUS server to respond to a request in the Response Time field.
  • Page 185 RADIUS Figure 4-16. RADIUS EAP/802.1x Authentication Screen Avaya Wireless AP-8 User’s Guide 4-107...

  • Page 186: Radius Accounting

    Accounting sessions continue when a client reauthenticates to the same AP. Sessions are terminated when: • A client disassociates. • A client does not transmit any data to the AP for a fixed amount of time. • A client is detected on a different interface.
  • Page 187 6. Enter the server’s IP address or name in the field provided. 7. Enter the port number which the AP and the server will use to communicate. By default, RADIUS accounting uses port 1813. Avaya Wireless AP-8 User’s Guide...
  • Page 188 AP. The same password must also be configured on the RADIUS server. 9. Enter the maximum time, in seconds, that the AP should wait for the RADIUS server to respond to a request in the Response Time field.
  • Page 189 RADIUS Figure 4-17. RADIUS Accounting Server Configuration Avaya Wireless AP-8 User’s Guide 4-111...

  • Page 190: Security Overview

    Security Overview Security Overview The AP provides several security features to protect your network from unauthorized access. • Authentication and Encryption Modes • Typical VLAN Management Configurations Authentication and Encryption Modes The AP supports the following Security features: Type Description...
  • Page 191 The IEEE 802.11 standards specify an optional encryption feature, known as Wired Equivalent Privacy or WEP, that is designed to provide a wireless LAN with a security level equal to what is found on a wired Ethernet network. WEP encrypts the data portion of each packet exchanged on an 802.11 network using an Encryption Key (also known...
  • Page 192 802.1x Authentication IEEE 802.1x is a standard that provides a means to authenticate and authorize network devices attached to a LAN port. A port in the context of IEEE 802.1x is a point of attachment to the LAN, either a physical Ethernet connection or a wireless link to an Access Point.
  • Page 193 Username/Password-based authentication; Digest 5 (MD5) does not support automatic key distribution EAP-Transport Certificate-based authentication (a Layer Security (TLS) certificate is required on the server and each client); supports automatic key distribution EAP-Tunneled Certificate-based authentication (a Transport Layer certificate is required on the server; a Security (TTLS) client’s username/password is tunneled to...
  • Page 194 1. supplicant (client PC) 2. authenticator (Access Point) 3. authentication server (RADIUS server) When using Authentication Mode is set to 802.1x, WPA, or Mixed mode (802.1x and WEP), you need to configure your RADIUS server for authentication purposes. 4-116...
  • Page 195 AP device to other systems on the LAN. The AP inhibits all data traffic from a particular client PC until the client PC is authenticated. Regardless of its authentication status, a client PC can always exchange 802.1x messages in the clear with the AP (the client...
  • Page 196 After the client has been successfully authenticated, the client receives an Encryption Key from the AP (if the EAP type supports automatic key distribution). The client uses this key to encrypt data after it has been authenticated. For 802.11a and 802.11b/g clients that communicate with an AP, each client receives its own unique encryption key;...
  • Page 197 Protocol (TKIP) and the Michael Message Integrity Check (MIC). • Per-user, per-session dynamic encryption keys: — Each client uses a different key to encrypt and decrypt unicast packets exchanged with the AP — A client's key is different for every session; it changes each time the client associates with an AP —...
  • Page 198 • WPA-PSK (Pre-Shared Key): For networks that do not have 802.1x implemented, you can configure the AP to authenticate clients based on a Pre-Shared Key. This is a shared secret that is manually configured on the AP and each of its clients. The Pre-Shared Key must be 256 bits long, which is either 64 hexadecimal digits.
  • Page 199 Security Overview Configuring Security Settings You can configure each wireless interface to operate in one of the following Security modes: Security Mode Description No Security This is the default setting for an AP. SSID, VLAN, and The AP and clients use the same static Security Modes WEP keys to encrypt data.
  • Page 200 (based on TKIP) to each client following successful authentication. This mode is for customers who want to use WPA but do not have a RADIUS server installed on their network. This mode is not available for all radio types.
  • Page 201 Security Overview You configure the AP to use a particular Security mode by setting the Authentication Mode parameter. The following table summarizes the Authentication Mode options available in the HTTP Interface's Configure > Security > Authentication screen and describes how each of these...

  • Page 202: Ssid, Vlan, And Security Modes

    Primary Network Name for each wireless interface. After initial setup and once VLAN is enabled, the AP can be configured to support up to 16 SSIDs per wireless interface to segment wireless networks based on VLAN membership.

  • Page 203: Vlan Overview

    VLANs now extend as far as the reach of the access point signal. Clients can be segmented into wireless sub-networks via SSID and VLAN assignment. A Client can access the network by connecting to an AP configured to support its assigned SSID/VLAN.
  • Page 204 VLAN tagged data is collected and distributed through an AP's wireless interface(s) based on Network Name (SSID). An Ethernet port on the access point connects a wireless cell or network to a wired backbone. The access points communicate across a VLAN-capable switch that analyzes VLAN-tagged packet headers and directs traffic to the appropriate ports.
  • Page 205 SSID, VLAN, and Security Modes Figure 4-19. Components of a Typical VLAN Avaya Wireless AP-8 User’s Guide 4-127...

  • Page 206: Vlan Workgroups And Traffic Management

    The AP assigns clients to a VLAN based on a Network Name (SSID). The AP can support up to 16 SSID/VLAN pairs per radio. The AP matches packets transmitted or received to a network name with the associated VLAN.

  • Page 207: Typical User Vlan Configurations

    SSID, VLAN, and Security Modes In this scenario, the AP would assign every packet it accepted to a VLAN. Each packet would then be identified as EMPLOYEE or GUEST, depending on which wireless NIC received it. The AP would insert VLAN headers or “tags”...

  • Page 208: Configure Multiple Ssid/Vlan/Security Mode Entries

    You must reboot the AP before any changes to these parameters take effect. 1. Click Configure > SSID/VLAN/Security > Mgmt VLAN. 2. Place a check mark in the Enable VLAN Protocol box to enable VLAN support. If VLAN is disabled, all table entries on the SSID/VLAN/Security page will be disabled.
  • Page 209 SSID, VLAN, and Security Modes Figure 4-20. SSID, VLAN, and Security Table - Wireless A 4. Add one or more new SSID/VLAN/security mode entries. Each wireless interface supports up to 16 entries. Follow these steps: a. Click Add to create a new SSID/VLAN/security mode entry.
  • Page 210 SSID, VLAN, and Security Modes Figure 4-21. SSID, VLAN, and Security Table - Wireless A - Add Entries b. Enter a Network Name (SSID), between 2 and 31 characters, in the field provided. This parameter is mandatory. c. Enter a VLAN ID in the field provided. This parameter is mandatory.
  • Page 211 1 and 4094. A value of -1 means that an entry is "untagged". — You can set the VLAN ID to "-1" or "untagged" if you do not want clients that are using a specific SSID to be members of a VLAN workgroup.
  • Page 212 Follow these steps to set up WEP encryption on an SSID/VLAN pair: 1. Set Security Mode to WEP (if necessary). 2. Enter Encryption Key 0 only; the transmit key (the key used to encrypt outgoing data) will automatically be set to zero. Keep in mind the following: —...
  • Page 213 Setting a fairly frequent rekey value (900 seconds=15 minutes) effectively protects against intrusion without disrupting network activities. 3. Click the Encryption tab. 4. Place a check mark in the box labeled Enable Encryption (WEP). Avaya Wireless AP-8 User’s Guide 4-135...
  • Page 214 SSID, VLAN, and Security Modes 5. Configure Encryption Key 1 only (for example, do not configure Keys 2 through 4). Keep in mind the following: — For 64-bit encryption, an encryption key is 10 hexadecimal characters (0-9 and A-F) or 5 ASCII characters (see...
  • Page 215 RADIUS Authentication with 802.1x for details). 5. Click Edit if you want to modify an existing entry. You can also disable or delete an entry from the Edit screen. NOTE: When editing the primary Network Name (SSID) entry, disabling or deleting that entry is not allowed.

  • Page 216: Typical Vlan Management Configurations

    CAUTION: If a non-zero management VLAN ID is configured then management access to the AP is restricted to wired or wireless hosts that are members of the same VLAN. Ensure your management platform or host is a mem- ber of the same VLAN before attempting to manage the AP.

  • Page 217: Mac Access

    CAUTION: Once a VLAN Management ID is configured and is equivalent to one of the VLAN User IDs on the AP, all members of that User VLAN will have management access to the AP. Be careful to restrict VLAN membership to those with legitimate access to the AP.
  • Page 218 — If set to Passthru, only the addresses listed in the Control Table will pass through the bridge. — If set to Block, the bridge will block traffic to or from the addresses listed in the Control Table. • MAC Access Control Table: Click Add to create a new entry. Click Edit to change an existing entry.
  • Page 219 SSID, VLAN, and Security Modes Figure 4-22. MAC Access Configuration Screen Avaya Wireless AP-8 User’s Guide 4-141...

  • Page 220: Rogue Access Point Detection (Rad)

    Points in its coverage area with minimal impact on the normal operation of the Access Point. This RAD feature can be enabled on an Access Point via its HTTP, CLI, or SNMP Interfaces. The scan repetition duration is configurable. The Access Point will periodically scan the wireless network and report all the available Access Points within its coverage area using SNMP traps.
  • Page 221 • The repetition interval of RAD can be configured. • The interface on which RAD can operate can be configured. • SNMP Traps are sent after completion of a RAD scan cycle and also whenever a new Access Point is detected.
  • Page 222 Trap Host on all these Access Points to the IP address of the management station. The Access Points on detecting a new Access Point sends a RAD Scan Result Trap to the management station.
  • Page 223 Configuring RAD Perform this procedure to enable RAD and define the Scan Interval. The RAD screen also displays the time of the last scan and the number of new access points detected in the last scan. 1. Enable the Security Alarm Group. Select the Security Alarm Group link from the RAD screen.
  • Page 224 Rogue Access Point Detection (RAD) Figure 4-24. Rogue Access Point Detection Screen (AP-8) 4-146 Avaya Wireless AP-8 User’s Guide...

  • Page 225: Monitor Information

    Statistics: Displays statistics for stations and Wireless Distribution System links. Logging into the HTTP Interface Once the AP has a valid IP Address and an Ethernet connection, you may use your web browser to monitor network statistics. Avaya Wireless AP-8 User’s Guide...
  • Page 226 HTTP interface. For more information about viewing network statistics with the CLI, refer to Command Line Interface (CLI). Follow these steps to monitor an AP’s operating statistics using the HTTP interface: 1. Open a Web browser on a network computer. NOTE: The HTTP interface supports the following Web browser: —...
  • Page 227 Logging into the HTTP Interface 3. Enter the Access Point’s IP address in the browser’s Address field and press Enter. — Result: The AP Enter Network Password screen appears. 4. Enter the HTTP password in the Password field and click OK.
  • Page 228 Figure 5-2. Monitor Main Screen 6. Click the tab that corresponds to the statistics you want to review. For example, click Learn Table to see the list of nodes that the AP has discovered on the network. 7. If applicable, click the Refresh button to update the statistics.

  • Page 229: Version

    • Serial Number: The component’s serial number, if applicable. • Component Name • ID: The AP identifies a system component based on its ID. Each component has a unique identifier. • Variant: Several variants may exist of the same component (for example, a hardware component may have two variants, one with more memory than the other).
  • Page 230 Version Figure 5-3. Version Information Screen Avaya Wireless AP-8 User’s Guide...

  • Page 231: Icmp

    ICMP ICMP This tab provides statistical information for both received and transmitted messages directed to the AP. Not all ICMP traffic on the network is counted in the ICMP (Internet Control Message Protocol) statistics. Figure 5-4. ICMP Monitoring Screen Avaya Wireless AP-8 User’s Guide...

  • Page 232: Ip/Arp Table

    IP/ARP Table IP/ARP Table This tab provides information based on the Address Resolution Protocol (ARP), which relates MAC Address and IP Addresses. Figure 5-5. IP/ARP Table Avaya Wireless AP-8 User’s Guide...

  • Page 233: Learn Table

    Learn Table This tab displays information relating to network bridging. It reports the MAC address for each node that the device has learned is on the network and the interface on which the node was detected. There can be up 10,000 entries in the Learn Table.

  • Page 234: Iapp

    IAPP IAPP This tab displays statistics relating to client handovers and communications between Avaya Wireless Access Points. Figure 5-7. IAPP Screen 5-10 Avaya Wireless AP-8 User’s Guide...
  • Page 235 RADIUS RADIUS This tab provides RADIUS authentication, EAP/802.1x authentication, and accounting information for both the Primary and Backup RADIUS servers. NOTE: RADIUS authentication and accounting must be enabled for this information to be valid. Avaya Wireless AP-8 User’s Guide 5-11...
  • Page 236 RADIUS Figure 5-8. RADIUS Monitoring Screen 5-12 Avaya Wireless AP-8 User’s Guide...
  • Page 237 Interfaces Interfaces This tab displays statistics for the Ethernet and wireless interfaces. The Operational Status can be up, down, or testing. Avaya Wireless AP-8 User’s Guide 5-13...
  • Page 238 Interfaces Figure 5-9. Wireless Interface Monitoring 5-14 Avaya Wireless AP-8 User’s Guide...

  • Page 239: Station Statistics

    Enable Monitoring Station Statistics and click OK. You do not need to reboot the AP for the changes to take effect. If clients are connected to the device or WDS links are configured for the device, the statistics will now be shown on the screen.
  • Page 240 Station Statistics Figure 5-10. Station Statistics Screen 5-16 Avaya Wireless AP-8 User’s Guide...
  • Page 241 Station Statistics Description of Station Statistics The following stations statistics are displayed: • MAC Address: The MAC address of the wireless client for which the statistics are gathered. For WDS links, this is the partner MAC address of the link.
  • Page 242 Station Statistics The following stations statistics are not displayed in the Graphical User Interface, but can be viewed from a MIB browser: • Octets Received: The number of octets received from the associated wireless station (or WDS link partner) by the AP.

  • Page 243: Commands

    Reboot the AP in the specified number of seconds. • Reset: Reset all of the Access Point’s configuration settings to factory defaults. • Help Link: Configure the location where the AP Help files can be found. Avaya Wireless AP-8 User’s Guide...

  • Page 244: Logging Into The Http Interface

    Logging into the HTTP Interface Logging into the HTTP Interface Once the AP has a valid IP Address and an Ethernet connection, you may use your web browser to issue commands. The Command Line Interface (CLI) also provides a method for issuing commands using Telnet or a serial connection.
  • Page 245 Select Tools > Internet Options..b. Click the Connections tab. c. Click LAN Settings..d. If necessary, remove the check mark from the Use a proxy server box. e. Click OK twice to save your changes and return to Internet Explorer.
  • Page 246 Logging into the HTTP Interface 4. Enter the HTTP password in the Password field and click OK. Leave the User Name field blank. (By default, the HTTP password is “public”). — Result: The System Status screen appears. Figure 6-1. Enter Network Password Screen 5.
  • Page 247 Logging into the HTTP Interface Figure 6-2. Commands Main Screen 6. Click the tab that corresponds to the command you want to issue. For example, click Reboot to restart the unit. Avaya Wireless AP-8 User’s Guide...

  • Page 248: Introduction To File Transfer Via Tftp Or Http

    Introduction to File Transfer via TFTP or HTTP Introduction to File Transfer via TFTP or HTTP There are two methods of transferring files to or from the AP, TFTP or HTTP (or HTTPS if enabled). The following procedures describe downloading Configuration, AP Image, Bootloader, Private Key, and Certificate files to the AP: •...

  • Page 249: Http File Transfer Guidelines

    • Large image size • Non VxWorks image • AP image • Digital signature verification If any of the above checks fail on the downloaded image, the Access Point deletes the downloaded image and retains the old image. Avaya Wireless AP-8 User’s Guide...

  • Page 250: Update Ap By Using Tftp

    If you do not have a TFTP server installed on your system, install the TFTP server from the Avaya Wireless CD. You can either install the TFTP server from the CD Wizard or run OEM-TFTP-Server.exe found in the...
  • Page 251 To locate the IP address assigned to the TFTP server, double-click the TFTP server icon on your desktop. NOTE: This is the IP address that will be used to point the Access Point to the AP Image file. Avaya Wireless AP-8 User’s Guide...
  • Page 252 Update AP by Using TFTP 3. In the File Name field, enter the name of the file to be downloaded (including the file extension). Copy the updated AP Image file to the TFTP server’s root folder. The default AP Image is located at C:/Program Files/Avaya Wireless/AP600/.

  • Page 253: Update Ap By Using Http

    Use the Update AP via HTTP tab to download Configuration, AP Image, Bootloader files, and Certificate and Private Key files to the AP. 1. Once on the Update AP screen, click on the via HTTP tab. The Update AP via HTTP tab shows version information and allows you to enter HTTP information as described below.
  • Page 254 — Private Key: the private key for encryption in SSL communications. 3. Use the Browse button or manually type in the name of the file to be downloaded (including the file extension) in the File Name field. If typing the file name, you must include the full path and the file extension in the file name text box.
  • Page 255 Update AP by Using HTTP 5. Click OK to continue with the operation or Cancel to abort the operation. NOTE: An HTTP file transfer using SSL may take extra time. If the operation completes successfully the following screen appears. Figure 6-6. Update AP Successful If the operation did not complete successfully the following screen appears, and the reason for the failure is displayed.

  • Page 256: Upload File By Using Tftp

    Use the Retrieve File via TFTP tab to upload Configuration files from the AP to a TFTP server. The TFTP server must be running and configured to point to the directory to which you want to copy the uploaded file. We suggest you assign the file a meaningful name, which may include version or location information.
  • Page 257 Upload File by Using TFTP 1. Once on the Retrieve File screen, click on the via TFTP tab. The Retrieve AP via TFTP tab shows version information and allows you to enter TFTP information as described below. Figure 6-8. Retrieve File via TFTP Command Screen 2.

  • Page 258: Upload File By Using Http

    Upload File by Using HTTP 3. In the File Name field, enter the name of the file to be uploaded. 4. Click the Retrieve Config File button to initiate the upload of the Configuration file from the AP to the TFTP server.
  • Page 259 Upload File by Using HTTP Figure 6-9. Retrieve File via HTTP Command Screen 2. Click on the Retrieve Config File button to initiate this operation. The AP displays a confirmation message that asks if you want to proceed with retrieving the configuration file.
  • Page 260 Upload File by Using HTTP Figure 6-10. Retrieve File Confirmation Message 3. Click OK to continue with the operation or Cancel to abort the operation. The File Download dialog box is displayed. 6-18 Avaya Wireless AP-8 User’s Guide...
  • Page 261 Upload File by Using HTTP Figure 6-11. File Download Dialog Box 4. After clicking the Save button the following Save As window displays, where the you are prompted to choose the filename and location where the Configuration file is to be downloaded.
  • Page 262 Upload File by Using HTTP Figure 6-12. Retrieve File Save As Dialog 5. Select an appropriate filename and location and click OK. 6-20 Avaya Wireless AP-8 User’s Guide...

  • Page 263: Reboot

    Reboot Reboot Use the Reboot tab to save configuration changes (if any) and reset the AP. Entering a value of 0 (zero) seconds causes an immediate reboot. Note that Reset, described below, does not save configuration changes. CAUTION: Rebooting the AP will cause all users who are currently connected to lose their connection to the network until the AP has completed the restart pro- cess and resumed operation.

  • Page 264: Reset

    Use the Reset tab to restore the AP to factory default conditions. The AP may also be reset from the RESET button located on the side of the unit. Since this will reset the Access Point’s current IP address, a new IP address must be assigned.
  • Page 265 Reset Figure 6-14. Reset to Factory Defaults Command Screen Avaya Wireless AP-8 User’s Guide 6-23...

  • Page 266: Help Link

    The Avaya Wireless AP Help information is available in English. If you want to place these files on a shared drive, copy the Help Folder to the new location, and then specify the new path in the Help Link box.
  • Page 267 Help Link Figure 6-15. Help Link Configuration Screen Avaya Wireless AP-8 User’s Guide 6-25...
  • Page 268 Help Link 6-26 Avaya Wireless AP-8 User’s Guide...

  • Page 269: Troubleshooting

    • Related Applications NOTE: This section helps you locate problems related to the AP device setup. For details about RADIUS, TFTP, serial communication programs (such as HyperTerminal), Telnet applications, or web browsers, please refer to the documentation that came with the application for assistance.

  • Page 270: Troubleshooting Concepts

    DHCP server, then use ScanTool to locate the IP address of your unit. If a DHCP server is not active on your subnet, then use ScanTool to assign a static IP address to the unit.

  • Page 271: A Command Line Interface (Cli)

    1. Make sure your power source is operating. 2. Make sure all cables are connected to the AP correctly. 3. If you are using Power over Ethernet, make sure you are using a Category 5, foiled, twisted pair cable to power the AP.
  • Page 272 3. Make sure your PC terminal program (such as HyperTerminal) is active and configured to the following values: — Com Port: (COM1, COM2, etc. depending on your computer); — Baud rate: 9600; Data bits: 8; Stop bits: 1; Flow Control: None; Parity: None; — Line Feeds with Carriage Returns (In HyperTerminal select: File ->...
  • Page 273 1. Double-check the physical network connections. Use a known-good unit to make sure the network connection is present. Once you have the AP IP address, you can use the “Ping” command over Ethernet to test the IP Address. If the AP responds to the Ping, then the Ethernet Interface is working properly.

  • Page 274: Basic Software Setup And Configuration Problems

    1. Client computers should have the same Network Name and security settings as the AP. 2. Network Names should be allocated and maintained by the Network Administrator. 3. Refer to the documentation that came with your client card for additional troubleshooting suggestions. Avaya Wireless AP-8 User’s Guide...
  • Page 275 (due to an IP address conflict). In this case, assign each AP a static IP address via the serial cable or turn off all units but one and change the IP address using ScanTool one at a time.
  • Page 276 Reset to Factory Default Procedure in this guide. This will reset the unit to “DHCP” mode. If there is a DHCP Server on the network, the DHCP Server will assign an IP Address to the AP. HTTP (browser) or Telnet Interface Does Not Work 1.
  • Page 277 1. Verify that the HTML Help files are installed in the default directory: C:\Program Files\Avaya_Wireless\AP8\HTML\ 2. If the Help files are not located in this folder, contact your network administrator to find out where the Help files are located on your server.

  • Page 278: Client Connection Problems

    IP address. 3. Configure the TFTP Server to “point” to the folder containing the file to be downloaded (or to the folder in which the file is to be uploaded). 4. Verify that you have entered the proper AP Image file name (including the file extension) and directory path.
  • Page 279 Interface and select the Configure button and then the Network tab to make sure the proper DHCP settings are being used. 2. If you are not using the DHCP server feature on the AP, then make sure that your local DHCP server is accessible from the Access Point’s subnet.

  • Page 280: Vlan Operation Issues

    Most problems can be avoided by ensuring that 802.1Q compliant VLAN tags containing the proper VLAN ID have been inserted in the bridged frames. The VLAN ID in the header should correspond to the user’s assigned network name.

  • Page 281: Power Over Ethernet (Poe)

    Symptoms and Solutions What if network traffic is being directed to a nonexistent host? • All sessions are disconnected, traffic is lost, and a manual override is necessary • Workaround: you can configure the switch to mimic the nonexistent host...
  • Page 282 100 meters (approximately 325 feet) in length from the Ethernet source to the AP. 4. Try to connect a different device to the same port on the PoE hub – if it works and a link is established, there is probably a faulty data link in the AP.

  • Page 283: Recovery Procedures

    We suggest you create a chart to document and validate the IP addresses for your system. If the password is lost or forgotten, you will need to reset the AP to default values. The Reset to Factory Default Procedure resets configuration settings, but does not change the current AP Image.

  • Page 284: Reset To Factory Default Procedure

    1. Press and hold the RELOAD button for 10 seconds. NOTE: You need to use a pin or the end of a paperclip to press a button. Result: The AP reboots, and the factory default network values are restored.

  • Page 285: Forced Reload Procedure

    1. While the unit is running, press the RESET button. NOTE: You need to use a pin or the end of a paperclip to press a button. Result: The AP reboots and the indicators begin to flash. Avaya Wireless AP-8 User’s Guide...
  • Page 286 Recovery Procedures CAUTION: By completing Step 2, the firmware in the AP will be erased. You will need an Ethernet connection, a TFTP server, and a serial cable (if using the Bootloader CLI) to reload firmware. 2. Press and hold the RELOAD button for about 20 seconds until the POWER LED turns amber.
  • Page 287 Access Point since its DHCP client functionality is not available when no image is installed on the device. 6. Enter an unused IP address that is valid on your network in the IP Address field. You may need to contact your network administrator to get this address.
  • Page 288 9. Enter the IP address of your TFTP server in the field provided. 10. Enter the Image File Name (including the file extension). Enter the full directory path and file name. If the file is located in the default TFTP directory, you need enter only the file name.
  • Page 289 TFTP server resides. This can be any computer on the LAN or connected to the AP with a cross-over Ethernet cable. You must also connect the AP to a computer with a standard serial cable and use a terminal client, such as HyperTerminal. From the terminal, enter CLI Commands to set the IP address and download an AP Image.
  • Page 290 — Stop bits: 1 — Flow Control: None — Parity: None 5. Under File -> Properties -> Settings -> ASCII Setup, enable the Send line ends with line feeds option. Result: HyperTerminal sends a line return at the end of each line of code.
  • Page 291 [Device-Name]> reboot 0 Result: The AP will reboot and then download the image file. You should see downloading activity begin after a few seconds within the TFTP server’s status screen. 8. When the download process is complete, configure the AP as...

  • Page 292: Setting Ip Address Using Serial Port

    • ASCII Terminal software, such as HyperTerminal. Attaching the Serial Port Cable 1. Connect one end of the serial cable to the AP and the other end to a serial port on your computer. 2. Power on the computer and AP, if necessary.
  • Page 293 Recovery Procedures Initializing the IP Address using CLI After installing the serial port cable, you may use the CLI to communicate with the AP. CLI supports most generic terminal emulation programs, such as HyperTerminal (which is included with the Windows operating systems).
  • Page 294 Recovery Procedures 3. Press the RESET button on the AP. Result: The terminal display shows Power On Self Tests (POST) activity, and then displays a CLI prompt, similar to the example below. This process may take up to 90 seconds. [Device-Name]>...
  • Page 295 AP from a network computer to confirm that the new IP address has taken effect. 8. When the proper IP address is set, use the HTTP interface or CLI over Telnet to configure the rest of the unit’s operating parameters.

  • Page 296: Related Applications

    The TFTP software is located on the Avaya Wireless AP Installation CD-ROM. If a TFTP server is not configured and running, you will not be able to download and upload images and configuration files to/from the AP. Remember that the TFTP server does not have to be local, so long as you 7-28 Avaya Wireless AP-8 User’s Guide...
  • Page 297 Related Applications have a valid TFTP IP address. Note that you do not need a TFTP server running unless you want to transfer files to or from the AP. After the TFTP server is installed: • Check to see that TFTP is configured to point to the directory containing the AP Image.
  • Page 298 Related Applications 7-30 Avaya Wireless AP-8 User’s Guide...

  • Page 299: In This Appendix

    Access Point. • CLI commands may be entered in real time through a keyboard or submitted with CLI scripts. • The CLI is available through both the Serial Port interface and over the Ethernet interface using Telnet.

  • Page 300: General Notes

    Notation Conventions • Computer prompts are shown as constant width type. For example: [Device-Name]> • Information that you input as shown is displayed in bold constant width type. For example: [Device-Name]> set ipaddr 10.0.0.12 • The names of keyboard keys, software buttons, and field names are displayed in bold type.

  • Page 301: Important Terminology

    A logical collection of network parameter information. For example, the System Group is composed of several related parameters. Groups can also All items for a given Group can be contain Tables. displayed with a show <Group> CLI Command. Continued Avaya Wireless AP-8 User’s Guide...
  • Page 302 Image File The Access Point software executed from RAM. To update an Access Point you typically download a new Image File. This file is often referred to as the “AP Image”. Parameter A fundamental network value that can be displayed and may be changeable.

  • Page 303: Navigation And Special Keys

    General Notes Navigation and Special Keys This CLI supports the following navigation and special key functions to move the cursor along the prompt line. Key Combination Operation Delete or Backspace Delete previous character Ctrl-A Move cursor to beginning of line...

  • Page 304: Cli Error Messages

    General Notes CLI Error Messages The following table describes the error messages associated with improper inputs or expected CLI behavior. Error Message Description Syntax Error Invalid syntax entered at the command prompt. Invalid Command A non-existent command has been entered at the command prompt.

  • Page 305: Command Line Interface (Cli) Variations

    CLI. The Bootloader CLI provides a limited command set, and is used when the current AP Image is bad or missing. The Bootloader CLI allows you to assign an IP Address and download a new image. Once the image is downloaded and running, the Access Point uses the normal CLI.
  • Page 306 Command Line Interface (CLI) Variations The parameters supported by the Bootloader CLI (for viewing and modifying) are: • System Name • IP Address Assignment Type • IP Address • IP Mask • Gateway IP Address • TFTP Server IP Address •...
  • Page 307 Command Line Interface (CLI) Variations The following lists display the results of using the help command in the Bootloader CLI: Figure A-1. Results of “help” bootloader CLI command Avaya Wireless AP-8 User’s Guide...
  • Page 308 Command Line Interface (CLI) Variations The following lists display the results of using the show command in the Bootloader CLI: Figure A-2. Results of “show” bootloader CLI command A-10 Avaya Wireless AP-8 User’s Guide...

  • Page 309: Cli Command Types

    This guide divides CLI Commands into two categories: Operational and Parameter Controls. Operational CLI Commands These commands affect Access Point behavior, such as downloading, rebooting, and so on. After entering commands (and parameters, if any) press the Enter key to execute the Command Line. Operational commands include: •...
  • Page 310 • upload: Uses TFTP server to upload “config” files from Access Point to TFTP default directory or specified path ? (List Commands) This command can be used in a number of ways to display available commands and parameters. The following table lists each operation and provides a basic example.
  • Page 311 [Device-Name]>? Figure A-3. Result of “?” CLI command Example 2. Display specific Commands To show all commands that start with specified letters, enter one or more letters, then ? with no space between letters and ?. Device-Name]>s? Figure A-4. Result of “s?” CLI command Avaya Wireless AP-8 User’s Guide...
  • Page 312 CLI Command Types Example 3. Display parameters for set and show Example 3a allows you to see every possible parameter for the set (or show) commands. Notice from example 3a that the list is very long. Example 3b shows how to display a subset of the parameters based on initial parameter letters.
  • Page 313 CLI Command Types Figure A-5. Result of “set ?” CLI command Avaya Wireless AP-8 User’s Guide A-15...
  • Page 314 CLI Command Types Example 3b. Display parameters based on letter sequence This example shows entries for parameters that start with the letter “i”. The more letters you enter, the fewer the results returned. Notice that there is no space between the letters and the question mark.
  • Page 315 Result: The parameter is changed and a new CLI line is echoed with the new value (in the first part of the following example, the value is the IP Address of the TFTP server).
  • Page 316 [Device-Name]> exit [Device-Name]> quit download Downloads the specified file from a TFTP server to the Access Point. Executing download in combination with the asterisks character (“*”) will make use of the previously set TFTP parameters. Executing download without parameters will display command help and usage information.
  • Page 317 CLI Command Types help Displays instructions on using control-key sequences for navigating a Command Line and displays command information and examples. 1. Using help as the only argument: [Device-Name]> help Figure A-8. Results of “help” CLI command Avaya Wireless AP-8 User’s Guide...
  • Page 318 “up arrow” (Ctrl-P) and “down arrow” (Ctrl-N) keys to recall previous statements from the Command History Buffer. When the desired statement reappears, press the Enter key to execute, or you may edit the statement before executing it. [Device-Name]> history passwd Changes the CLI Password.
  • Page 319 Lists the parameters supported by the specified table. This list corresponds to the table information displayed in the HTTP interface. In this example, the CLI returns the list of parameters that make up an entry in the IP Access Table.
  • Page 320 CLI Command Types upload Uploads a text-based configuration file from the AP to the TFTP Server. Executing upload with the asterisk character (“*”) will make use of the previously set/stored TFTP parameters. Executing upload without parameters will display command help and usage information.

  • Page 321: Parameter Control Commands

    • “set” CLI Command: Use this CLI Command to change parameter values. You can use a single CLI statement to modify Tables, or you can modify each parameter separately. “show” CLI Command Displays the value of the specified parameter, or displays all parameter values of a specified group (parameter table).
  • Page 322 “set” CLI Command Sets (modifies) the value of the specified parameter. To see a definition and syntax example, type only set and then press the Enter key. To see a list of available parameters, enter a space, then a question mark (?) after set (example: set?).
  • Page 323 Configuring Objects that Require Reboot Certain objects supported by the Access Point require a device reboot in order for the changes to take effect. In order to inform the end-user of this behavior, the CLI provides informational messages when the user has configured an object that requires a reboot.
  • Page 324 In addition to the above informational message, the CLI also provides a message as a result of the exit, quit, or done command if changes have been made to objects that require reboot. If you make changes to objects...
  • Page 325 CLI set Command to change parameter values. As shown in the following examples, parameters may be set individually or all parameters for a given table can be set with a single statement. Example 1 - Set the Access Point IP Address Parameter Syntax: [Device-Name]>...
  • Page 326 CLI Command Types Example 2 - Create a table entry or row Use 0 (zero) as the index to a table when creating an entry. When creating a table row, only the mandatory table elements are required (comment is usually an optional table element). For optional table elements, the default value is generally applied if you do not specify a value.
  • Page 327 CLI Command Types You can also modify several elements in the table entry. Enter the index number and specific table elements you would like to modify. (Hint: Use the search Command to see the elements that belong to the table.) [Device-Name]>...
  • Page 328 CLI Command Types Example 5 - Show the Group Parameters This example illustrates how to view all elements of a group or table. Syntax: [Device-Name]> show <group name> Example: [Device-Name]> show network Result: The CLI displays network group parameters. Note show return the same data.
  • Page 329 Result: Displays the Access Point IP address. Figure A-11. Result of “show ipaddr” CLI Command 2. View all parameters in a table. Syntax: [Device-Name]> show <table name> Example: [Device-Name]> show mgmtipaccesstbl Result: Displays the IP Access Table and its entries. Avaya Wireless AP-8 User’s Guide A-31...

  • Page 330: Using Tables & User Strings

    Using Tables & User Strings Using Tables & User Strings Working with Tables Each table element (or parameter) must be specified, as in the example below. [Device-Name]> set mgmtipaccesstbl 0 ipaddr 10.0.0.10 ipmask 255.255.0.0 Below are the rules for creating, modifying, enabling/disabling, and deleting table entries.
  • Page 331 Not all the table objects are required. — If multiple table objects are to be modified the order in which they are entered is not important. — If the entire table entry is to be modified, all the table objects have to be specified. • Enabling/Disabling —...

  • Page 332: Using Strings

    For this CLI implementation, the single quote or double quote character can be used at the beginning and at the end of the string. For example: - Does not need quote marks [Device-Name]>...

  • Page 333: Configuring The Ap Using Cli Commands

    Configuring the AP using CLI commands The string delimiter does not have to be used for every string object. The single quote or double quote only has to be used for string objects that contain blank space characters. If the string object being used does not contain blank spaces, then the string delimiters, single or double quotes, mentioned in this section are not required.

  • Page 334: Log Into The Ap Using Telnet

    Log into the AP using Telnet The CLI commands can be used to access, configure, and manage the AP using Telnet. Follow these steps: 1. Confirm that your computer’s IP address is in the same IP subnet as the AP. NOTE: If you have not previously configured the Access Point’s IP address...

  • Page 335: Set Basic Configuration Parameters

    Set Basic Configuration Parameters Set Basic Configuration Parameters There are a few basic configuration parameters that you may want to setup right away when you receive the AP. For example: • Set System Name, Location and Contact Information • Set Static IP Address for the AP •...
  • Page 336 Figure A-12. Result of “show system” CLI Command Set Static IP Address for the AP NOTE: The IP Subnet Mask of the AP must match your network’s Subnet Mask. [Device-Name]> set ipaddrtype static [Device-Name]> set ipaddr <fixed IP address of unit>...
  • Page 337 [Device-Name]> reboot 0 CAUTION: Avaya strongly urges you to change the default passwords to restrict access to your network devices to authorized personnel. If you lose or for- get your password settings, you can always perform the Reset to Factory Default Procedure.
  • Page 338 Enable and Configure TX Power Control for the Wireless Interface(s) The TX Power Control feature lets the user configure the transmit power level of the interface in the AP at one of four levels: • 100% of the maximum transmit power level of the interface •...
  • Page 339 Set Basic Configuration Parameters Perform the following commands to enable TX Power Control and set the transmit power level: [Device-Name]> set txpowercontrol enable [Device-Name]> set wif <interface number> currenttxpowerlevel <value> Allowed values are: 1 (100%), 2 (50%), 3 (25%), 4 (12.5%)
  • Page 340 Inactive Inactive Inactive NOTE: If you have two or more SSIDs per interface with a security mode of None, be aware that security being applied in the VLAN is not being applied in the wireless network. NOTE: If you set Authentication Mode to 802.1x, WPA, or Mixed, you also need to configure the RADIUS Authentication parameters.
  • Page 341 [Device-Name]> download * [Device-Name]> reboot 0 After following the complete process (above) once, you can download a file of the same name (as long as all the other parameters are the same), with the following command: [Device-Name]> download * Backup your AP Configuration File Start your TFTP program.
  • Page 342 NOTE: The configuration filename and TFTP server IP address are configured only when the AP is configured for Static IP. If the AP is configured for Dynamic IP these parameters are not used and obtained from DHCP. The default filename is “config”. The default TFTP IP address is “169.254.128.133”...

  • Page 343: Other Network Settings

    Other Network Settings Other Network Settings There are other configuration settings that you may want to set for the AP. Some of them are listed below. • Configure the AP as a DHCP Server • Configure the DNS Client •...

  • Page 344: Configure The Ap As A Dhcp Server

    Other Network Settings Configure the AP as a DHCP Server NOTE: You must have at least one entry in the DHCP Server IP Address Pool Table before you can set the DHCP Server Status to Enable. [Device-Name]> set dhcpstatus disable [Device-Name]>...

  • Page 345: Configure The Dns Client

    [Device-Name]> set dnsprisvripaddr <IP address of primary DNS server> [Device-Name]> set dnssecsvripaddr <IP address of secondary DNS server> [Device-Name]> set dnsdomainname <default domain name> [Device-Name]> show dns Figure A-14. Results of “show dns” CLI command Avaya Wireless AP-8 User’s Guide A-47...

  • Page 346: Maintain Client Connections Using Link Integrity

    [Device-Name]> reboot 0 Change Wireless Interface Settings Interfaces for information on the parameters listed below. The AP-8 uses index 3 for Wireless Interface A (802.11a radio) and index 4 for Wireless Interface B (802.11 b/g radio). • Operational Mode •...
  • Page 347 Operational Mode dot11b-only dot11g-only dot11bg Autochannel Select (ACS) ACS is enabled by default. Reboot after disabling or enabling ACS. [Device-Name]> set wif <index> autochannel <enable/disable> [Device-Name]> reboot 0 Enable/Disable Closed System [Device-Name]> set wif <index> closedsys <enable/disable> Set the Multicast Rate (802.11a) [Device-Name]>set wif 3 multrate <6, 12, 24...

  • Page 348: Set Ethernet Speed And Transmission Mode

    Other Network Settings Enable/Disable Turbo Mode (802.11a only) [Device-Name]>set wif 3 turbo <enable/disable> Set Ethernet Speed and Transmission Mode [Device-Name]> set etherspeed <value (see below)> [Device-Name]> reboot 0 Ethernet Speed and Transmission Mode Value 10 Mbits/sec - half duplex 10halfduplex...

  • Page 349: Set Interface Management Services

    • Configure Syslog • Configure Intra BSS Edit Management IP Access Table [Device-Name]> set mgmtipaccesstbl <index> ipaddr <IP address> ipmask <subnet mask> Configure Management Ports [Device-Name]> set snmpifbitmask <(see below)> [Device-Name]> set httpifbitmask <(see below)> [Device-Name]> set telifbitmask <(see below)>...
  • Page 350 Wireless A and Wireless B enabled Wireless B 13 or 15 = all interfaces All management channels enabled Set Communication Ports [Device-Name]> set httpport <HTTP port number (default is 80)> [Device-Name]> set telport <Telnet port number (default is 23)> A-52 Avaya Wireless AP-8 User’s Guide...
  • Page 351 Socket Layer communications to the AP through the HTTPS interface. [Device-Name]> set sslstatus <enable/disable> The user must change the SSL passphrase when uploading a new certificate/private key pair, which will have a corresponding passphrase. [Device-Name]> set sslpassphrase <SSL certificate passphrase>...
  • Page 352 Configure Serial Port Interface NOTE: To avoid unexpected performance issues, leave Flow Control at the default setting (none) unless you are sure what this setting should [Device-Name]> set serbaudrate <2400, 4800, 9600, 19200, 38400, 57600> [Device-Name]> set serflowctrl <none, xonxoff>...

  • Page 353: Configure Mac Access Control

    Setup MAC (Address) Access Control • Add an Entry to the MAC Access Control Table • Disable or Delete an Entry in the MAC Access Control Table Setup MAC (Address) Access Control [Device-Name]> set macaclstatus enable [Device-Name]> set macacloptype <passthru, block>...

  • Page 354: Set Radius Parameters

    Other Network Settings Disable or Delete an Entry in the MAC Access Control Table [Device-Name]> set macacltbl <index> status <disable/delete> [Device-Name]> show macacltbl NOTE: For larger networks that include multiple Access Points, you may prefer to maintain this list on a centralized location using the...
  • Page 355 [Device-Name]> set radiustbl <index> status enable seraddrfmt <ipaddr or name> ipaddr <RADIUS IP address or name> port <user defined> ssecret <user defined> responsetm <1 to 10 seconds> maxretx <0 to 4 times> [Device-Name]> show radiustbl Avaya Wireless AP-8 User’s Guide...
  • Page 356 Other Network Settings Figure A-16. Results of “show radiustbl” CLI command A-58 Avaya Wireless AP-8 User’s Guide...
  • Page 357 [Device-Name]> set radmacaccctrl enable [Device-Name]> reboot 0 Set MAC Address Format Type [Device-Name]> set radmacaddrformat <dashdelimited, colondelimited, singledashdelimited, nodelimiter> Set Authorization Lifetime (MAC-based authentication only) [Device-Name]> set radauthlifetm <900-43200 seconds; default is 900> Enable RADIUS Accounting [Device-Name]> set radaccstatus enable [Device-Name]>...
  • Page 358 Configure RADIUS Accounting Server [Device-Name]> set radacctbl <index> status <enable> seraddrfmt <ipaddr or name> ipaddr <RADIUS IP address or name> port <user defined> ssecret <user defined> responsetm <1 to 4 seconds> maxretx <1 to 10 times> [Device-Name]> show radacctbl A-60...

  • Page 359: Set Rogue Access Point Detection (Rad) Parameters

    Access Point deployment. The Rogue AP Scan employs background scanning using low-level 802.11 scanning functions for effective wireless detection of Access Points in its coverage area with minimal impact on the normal operation of the Access Point. Avaya Wireless AP-8 User’s Guide...

  • Page 360: Set Vlan/Ssid Parameters

    (radifbitmask) can be configured to maximize the scanning coverage area. [Device-Name]> set radstatus enable [Device-Name]> set radscanint <15-1440> [Device-Name]> set radifbitmask <4 (WiF A), 8 (WiF B), or 12 (both interfaces)> [Device-Name]> show rad Figure A-19. Results of “show rad” CLI command Set VLAN/SSID Parameters •...
  • Page 361 [Device-Name]> set vlanstatus disable or [Device-Name]> set vlanmgmtid 0 [Device-Name]> reboot 0 Add an Entry to the VLAN ID Table [Device-Name]> set vlanidtbl <index number; see table> id <1-4094, -1=untagged> ssid <enter network name> [Device-Name]> show vlandidtbl (to review your settings) [Device-Name]>...

  • Page 362: Cli Monitoring Parameters

    CLI Monitoring Parameters CLI Monitoring Parameters Using the show command with the following table parameters will display operating statistics for the AP (these are the same statistics that are described in Monitor Information for the HTTP Web interface). • staticmp: Displays the ICMP Statistics.

  • Page 363: Parameter Tables

    • Type - Data type • Values - Value range, and default value, if any • Access = access type, R = Read Only (show), RW = Read-Write (can be “set”), W = Write Only • CLI Parameter - Parameter name as used in the Access Point Access Point network objects are associated with Groups.

  • Page 364: Security Parameters

    Wireless Distribution System (WDS) Parameters - Configure the WDS partnerships — Wireless Interface SSID/VLAN/Security Parameters Configure the SSID and VLAN pairs and the security mode for each pair. Up to 16 pairs can be configured per wireless interface. — Ethernet Interface Parameters...
  • Page 365 - Enable or disable proxy ARP for wireless clients — IP ARP Filtering Parameters - Control which ARP messages are sent to wireless clients based on IP settings — Broadcast Filtering Table - Control the type of broadcast packets forwarded to the wireless network —...

  • Page 366: Radius Parameters

    Storm Threshold Parameters - Set threshold for number of broadcast packets — Intra BSS Subscriber Blocking - Enable or disable peer to peer traffic on the same AP — Packet Forwarding Parameters - Redirect traffic from wireless clients to a specified MAC address •...

  • Page 367: System Parameters

    User Defined sysname Location Display String User Defined sysloc Contact Name Display String User Defined sysctname Contact E-mail Display String User Defined sysctemail Contact Phone Display String User Defined sysctphone Maximum 254 characters Continued Avaya Wireless AP-8 User’s Guide A-69...
  • Page 368 – minutes ss – seconds Emergency Restore Resets all sysresettodefa to defaults parameters to ults default factory Note: You must values enter the following command twice to reset to defaults: sysresettodef aults 1 A-70 Avaya Wireless AP-8 User’s Guide...

  • Page 369: Network Parameters

    Subgroup sysinvmgmtcmpiftbl Table NOTE: The inventory management commands display advanced information about the AP’s installed components. You may be asked to report this information to a representative if you contact customer support. Network Parameters IP Configuration Parameters Name Type Values...

  • Page 370: Dns Client For Radius Name Resolution

    (default) NOTE: The IP Address Assignment Type (ipaddrtype) must be set to static before the IP Address (ipaddr), IP Mask (ipmask) or Default Gateway IP Address (ipgw) values can be entered. DNS Client for RADIUS Name Resolution...

  • Page 371: Dhcp Server Parameters

    Address Number of IP Pool Integer32 dhcpippooltblent Table Entries NOTE: The DHCP Server (dhcpstatus) can only be enabled after a DHCP IP Pool table entry has been created. DHCP Server table for IP pools Name Type Values Access CLI Parameter...
  • Page 372 86400 sec (default) Comment (optional) DisplayString User Defined Status (optional) Integer enable (1) status disable (2) delete (3) NOTE: Set either End IP Address or Width (but not both) when creating an IP address pool. A-74 Avaya Wireless AP-8 User’s Guide...

  • Page 373: Link Integrity Parameters

    Interval (in increments of 500ms) 500 ms (default) Link Integrity Poll Integer 0 - 255 linkintpollretx Retransmissions 5 (default) Link Integrity IP Target Table Access CLI Parameter Name Type Values Link Integrity IP Table linkinttbl Target Table Table Index Integer...

  • Page 374: Interface Parameters

    Interface Parameters Wireless Interface Parameters The wireless interface group parameter is wif. Wireless Interface A (802.11a radio) uses table index 3 and Wireless Interface B (802.11b/g radio) uses table index 4. Common Parameters to 802.11a, 802.11b, and 802.11b/g APs Access CLI Parameter...

  • Page 375: A Only Parameters

    Channels Regulatory Domain Load Balancing Integer enable (default) ldbalance disable Note 1: For 802.11a APs in Europe, Auto Channel Select is a read-only parameter; it is always enabled. 802.11a Only Parameters Access CLI Parameter Name Type Values Operating Frequency...

  • Page 376: B Only Parameters

    Operating Frequency Integer 1 - 14; available channel Channel channels vary by regulatory domain/country; 802.11b Channel Frequencies Multicast Rate Integer 1 Mbits/sec (1) multrate 2 Mbits/sec (2) (default) 5.5 Mbits/sec (3) 11 Mbits/sec (4) Continued A-78 Avaya Wireless AP-8 User’s Guide...
  • Page 377 Supported Frequency Octet String Depends on suppchannels Channels Regulatory Domain Physical Layer Type Integer dsss (direct phytype sequence spread spectrum) for 802.11b Regulatory Domain DisplayString U.S./Canada -- regdomain List Europe -- ETSI Japan -- MKK Avaya Wireless AP-8 User’s Guide A-79...
  • Page 378 Parameter Tables NOTE: There is an inter-dependent relationship between the Distance between APs and the Multicast Rate. In general, larger systems operate a lower average transmit rates. Distance between APs Multicast Rate Large 1 and 2 Mbits/sec Medium 1, 2, and 5.5 Mbits/sec Small 1, 2, 5.5 and 11 Mbits/sec...
  • Page 379 Mode dot11g-only dot11bg (default) Operating Frequency Integer 1 - 14; available channel Channel channels vary by regulatory domain/country; 802.11g Channel Frequencies Supported Data Octet String See Transmit Rate, suppdatarates Rates next. Continued Avaya Wireless AP-8 User’s Guide A-81...
  • Page 380 5.5 Mbits/sec 11 Mbits/sec For 802.11g-only mode: 0 (auto fallback - default) 6 Mbits/sec 9 Mbits/sec 12 Mbits/sec 18 Mbits/sec 24 Mbits/sec 36 Mbits/sec 48 Mbits/sec 54 Mbits/sec 36 Mbits/sec 48 Mbits/sec 54 Mbits/sec Continued A-82 Avaya Wireless AP-8 User’s Guide...
  • Page 381 802.11bg modes: 0 (auto fallback - default) 1 Mbits/sec 2 Mbits/sec 5.5 Mbits/sec 11 Mbits/sec 6 Mbits/sec 9 Mbits/sec 12 Mbits/sec 18 Mbits/sec 24 Mbits/sec Physical Layer Type Integer ERP (Extended phytype Rate Protocol) Avaya Wireless AP-8 User’s Guide A-83...
  • Page 382 Partner MAC PhysAddress User Defined partnermacaddr Address Wireless Interface SSID/VLAN/Security Parameters The Wireless Interface SSID table manages the SSID and VLAN pairs and the security modes of those pairs. Name Type Values Access CLI Parameter Wireless Interface SSID...
  • Page 383 0 to 255 characters passphrase Note 1: Configure either the Pre-Shared Key or the PSK Pass Phrase (but not both) to create a pre-shared key for WPA-PSK mode. Setting Pre-Shared Key will override a previous PSK Pass Phrase setting. Similarly, setting PSK Pass Phrase will override a previous Pre-Shared Key setting.

  • Page 384: Ethernet Interface Parameters

    Parameter Tables Wireless Distribution System (WDS) Security Table Parameters The WDS Security Table manages WDS related security objects. Name Type Values Access CLI Parameter WDS Security Table Table wdssectbl Table Index Integer Primary WNIC = 3 index Secondary WNIC = 4...

  • Page 385: Management Parameters

    0 or 2 - no snmpifbitmask Management Bitmask interfaces (disable) Interface Bitmask 1 or 3 - Ethernet 4 or 6 - Wireless A 8 or 10 - Wireless 12 = Wireless A and B 13 or 15 = all interfaces (default is 15) Continued Avaya Wireless AP-8 User’s Guide...
  • Page 386 DisplayString User Defined snmprwpasswd Password public (default) max 63 characters SNMPv3 DisplayString User Defined snmpv3authpassw Authentication public (default) Password max 63 characters SNMPv3 Privacy DisplayString User Defined snmpv3privpasswd Password public (default) max 63 characters A-88 Avaya Wireless AP-8 User’s Guide...
  • Page 387 The default path for the Help files is C:/Program Files/Avaya_ Wireless/AP8/HTML/index.htm. (Use the forward slash character (/) rather than the back slash character (\) when configuring the Help Link location.) The AP Help information is available in English, French, German, Italian, Spanish, and Japanese.

  • Page 388: Telnet Parameters

    0 or 2 - no telifbitmask Management Bitmask interfaces (disable) Interface Bitmask 1 or 3 - Ethernet 4 or 6 - Wireless A 8 or 10 - Wireless 12 = Wireless A and B 13 or 15 = all interfaces (default is 15)

  • Page 389: Auto Configuration Parameters

    Auto Configuration Parameters These parameters relate to the Auto Configuration feature which allows an AP to be automatically configured by downloading a specific configuration file from a TFTP server during the boot up process. Name Type Values Access...
  • Page 390 These parameters relate to upload and download commands. When a user executes an upload and/or download Command, the specified arguments are stored in TFTP parameters for future use. If nothing is specified in the command line when issuing subsequent upload and/or download commands, the stored arguments are used.
  • Page 391 When creating table entries, you may either specify the argument name followed by argument value or simply entering the argument value. When only the argument value is specified, then enter the values in the order depicted by the following table. CLI applies default values to the omitted arguments.

  • Page 392: Filtering Parameters

    Name Type Values Ethernet Filtering Group etherflt Filtering Interface Interface 0 or 2 - no interfaces etherfltifbitmask Bitmask Bitmask (disable) 1 or 3 - Ethernet 4 or 6 - Wireless A 8 or 10 - Wireless B 12 = Wireless A and...

  • Page 393: Ethernet Filtering Table

    Protocol Name DisplayString protoname (optional) Status (optional) Integer enable (1) status disable (2) delete (3) NOTE: The filter Operation Type (passthru or block) applies only to the protocol filters that are enabled in this table. Avaya Wireless AP-8 User’s Guide A-95...

  • Page 394: Static Mac Address Filter Table

    Parameter Tables Static MAC Address Filter Table Access CLI Parameter Name Type Values Static MAC Table staticmactbl Address Filter Table Table Index index Static MAC PhysAddress User Defined wiredmacaddr Address on Wired Network Static MAC PhysAddress User Defined wiredmask Address Mask on...

  • Page 395: Proxy Arp Parameters

    (default) IP ARP Filtering Parameters Access CLI Parameter Name Type Values IP ARP Filtering Group iparp Status Integer enable iparpfltstatus disable (default) IP Address IpAddress User Defined iparpfltipaddr Subnet Mask IpAddress User Defined iparpfltsubmask Avaya Wireless AP-8 User’s Guide A-97...
  • Page 396 Integer ethertowireless direction wirelesstoether both (default) Status Integer enable status disable (default) TCP/UDP Port Filtering The following parameters are used to enable/disable the Port filter feature. Access CLI Name Type Values Port Filtering Group portflt Port Filter Status Integer enable (default)
  • Page 397 Parameter Tables TCP/UDP Port Filtering Table The following parameters are used to configure TCP/UDP Port filters. Name Type Values Access CLI Port Filtering Table Table portflttbl Table Index User Defined index (there are also 4 pre-defined indices, see Port Number below for...
  • Page 398 (there are also 4 pre-defined protocols, see Port Number above) Interface Bitmask Integer32 0 or 2 - no ifbitmask interfaces (disable) 1 or 3 - Ethernet 4 or 6 - Wireless 5 or 7 - all interfaces (default is 7)

  • Page 399: Alarms Parameters

    SNMP Table Host Table Parameters When creating table entries, you may either specifying the argument name followed by argument value. CLI applies default values to the omitted arguments. Due to the nature of the information, the only argument that can be omitted is the “comment” argument.

  • Page 400: Syslog Parameters

    900 sec. (default) NOTE: When Heartbeat is enabled, the AP periodically sends a message to the Syslog server to indicate that it is active. The frequency with which the heartbeat message is sent depends upon the setting of the Heartbeat Interval.
  • Page 401 Parameter Tables Syslog Host Table The table described below configures the Syslog hosts that will receive message from the AP. You can configure up to ten Syslog hosts. Access CLI Parameter Name Type Values Syslog Host Table Table sysloghosttbl Table Index Integer 1 –...

  • Page 402: Bridge Parameters

    Integer 100 – 1000 stphellotime (in 0.01 sec intervals; i.e., 1 to 10 seconds) 200 (default) Forward Delay Integer 400 – 3000 stpfwddelay (in 0.01 sec intervals; i.e., 4 to 30 seconds) 1500 (default) A-104 Avaya Wireless AP-8 User’s Guide...
  • Page 403 Parameter Tables Spanning Tree Priority and Path Cost Table Access CLI Parameter Name Type Values Spanning Tree Table stpbl Table Table Index (Port) 1 – 15 index Priority Integer 0 – 255 priority 128 (default) Path Cost Integer 1 – 65535...

  • Page 404: Storm Threshold Parameters

    Table Table Index Integer 1 = Ethernet index 3 = Wireless Broadcast Integer 0 – 255 bcast Threshold packets/sec (default is 0) Multicast Threshold Integer 0 – 255 mcast packets/sec (default is 0) A-106 Avaya Wireless AP-8 User’s Guide...

  • Page 405: Packet Forwarding Parameters

    Parameter Tables Intra BSS Subscriber Blocking The following parameters control the Intra BSS traffic feature, which prevent wireless clients that are associated with the same AP from communicating with each other: Access CLI Name Type Values Intra BSS Traffic Group...
  • Page 406 Name Type Values Access CLI Packet Forwarding Integer 0 (any) (default) pktfwdif Interface Port 1 (Ethernet) 2 (WDS 1) 3 (WDS 2) 4 (WDS 3) 5 (WDS 4) 6 (WDS 5) 7 (WDS 6) A-108 Avaya Wireless AP-8 User’s Guide...

  • Page 407: Security Parameters

    Parameter Tables Security Parameters Refer to Configure SSID (Network Name) and VLAN Pairs, and Security Modes for information on configuring security modes for the AP-8. MAC Access Control Parameter Access CLI Parameter Name Type Values MAC Address Group macacl Control...

  • Page 408: Radius Parameters

    Avaya Wireless devices that use RADIUS authentication or accounting support a primary and backup RADIUS server for MAC-based authentication and a primary and backup RADIUS server for EAP/802.1x authentication. The configuration parameters and statistics are the same for both primary and backup servers.
  • Page 409 Parameter Tables The CLI differentiates the primary and backup RADIUS parameters by using the table index: • Index 1: Primary MAC-based authentication server • Index 2: Backup MAC-based authentication server • Index 3: Primary EAP/802.1x authentication server • Index 4: Backup EAP/802.1x authentication server...

  • Page 410: Radius Authentication

    Parameter Tables RADIUS Authentication NOTE: Use a server name only if you have enabled the DNS Client functionality. See DNS Client for RADIUS Name Resolution. Name Type Values Access CLI Parameter RADIUS Table radiustbl Authentication Primary Integer index MAC-based authentication...
  • Page 411 Maximum Integer 1 – 10 maxretx Retransmissions 3 (default) (optional) RADIUS Accounting NOTE: Use a server name only if you have enabled the DNS Client functionality. See DNS Client for RADIUS Name Resolution. Access CLI Parameter Name Type Values RADIUS...
  • Page 412 IpAddress User Defined ipaddr or Name Display (enter an IP String address if seraddrfmt is ipaddr or a name if set to name; up to 254 characters if using a name) Port (optional) Integer User Defined port 1813 (default) Shared Secret...
  • Page 413 Parameter Tables Rogue Access Point Detection (RAD) Parameters Name Type Values Access CLI Parameter Rogue Access Group Point Detection (RAD) Status Integer enable radstatus disable (default) Scan Interval Integer 15-1440 (minutes) radscanint VLAN/SSID Parameters Name Type Values Access CLI Parameter...

  • Page 414: Other Parameters

    (default) iappannreqstart Request on Startup disable NOTE: These parameters configure the Inter Access Point Protocol (IAPP) for roaming. Leave these settings at their default value unless a technical representative asks you to change them. A-116 Avaya Wireless AP-8 User’s Guide...

  • Page 415: Description

    0-9, A-F, a-f (case sensitive), and punctuation marks. Each ASCII character corresponds to two hexadecimal digits. The table below lists the ASCII characters that you can use to configure WEP Encryption Keys. It also lists the Hexadecimal equivalent for each ASCII character.
  • Page 416 Description ASCII ASCII ASCII ASCII Character Equivalent Character Equivalent Character Equivalent Character Equivalent Avaya Wireless AP-8 User’s Guide...

  • Page 417: Software Features

    • Software Features • Hardware Specifications • Radio Specifications Software Features The tables below compare the software features available depending on the interface type in the Access Point: • Number of Stations per BSS • Management Functions • Advanced Bridging Functions •...

  • Page 418: Number Of Stations Per Bss

    Software Features Number of Stations per BSS Feature AP-8 Without up to 64 encryption With WEP up to 64 encryption With 802.1x up to 64 Authentication With WPA up to 27 Management Functions Supported Feature by AP-8 Web User Interface...

  • Page 419: Advanced Bridging Functions

    Software Features Advanced Bridging Functions Feature 802.11b 802.11a 802.11b/g IEEE 802.1d Bridging WDS Relay Roaming Protocol Filtering Multicast/Broadcast Storm Filtering Proxy ARP TCP/UDP Port Filtering Blocking Intra BSS Clients Packet Forwarding Avaya Wireless AP-8 User’s Guide...

  • Page 420: Medium Access Control (Mac) Functions

    Dynamic Frequency Selection (DFS) Closed System Feature TX Power Control NOTE: Note 1: A user cannot manually select a channel for products sold in Europe; these products require automatic channel selection using Dynamic Frequency Selection (DFS). Avaya Wireless AP-8 User’s Guide...

  • Page 421: Security Functions

    Software Features Security Functions Feature Supported by AP-8 IEEE 802.11 WEP MAC Access Control RADIUS MAC-based Access Control IEEE 802.1x Authentication Multiple Authentication Server Support Rogue Access Point Detection Per User Per Session (PUPS) Encryption Continued Avaya Wireless AP-8 User’s Guide...
  • Page 422 Note 2: EAP-MD5, EAP-TLS, EAP-TTLS, and PEAP client supplicant supported. Note 3: Use in conjunction with WPA or 802.1x Authentication. Note 4: Support is provided for a primary and backup RADIUS authentication server for both MAC-based authentication and 802.1x authentication. Avaya Wireless AP-8 User’s Guide...

  • Page 423: Network Functions

    Software Features Network Functions Feature Supported by AP-8 DHCP Client DHCP Server Inter Access Point Protocol (IAPP) Link Integrity System Logging (Syslog) RADIUS Accounting Support DNS Client TCP/IP Protocol Support Continued Avaya Wireless AP-8 User’s Guide...
  • Page 424 SSIDs and VLANs, with specific security modes. For more information, refer to the Advanced Configuration chapter. Note 1: Includes Fallback to Primary RADIUS Server, RADIUS Session Timeout, RADIUS Multiple MAC Address Formats, RADIUS DNS Host Name Support, RADIUS Start/Stop Accounting.

  • Page 425: Advanced Wireless Functions

    Software Features Advanced Wireless Functions Supported Feature by AP-8 WEP Plus (Weak Key Avoidance) Avaya Wireless AP-8 User’s Guide...

  • Page 426: Hardware Specifications

    Hardware Specifications Physical Specifications AP-8 Dimensions (H x W x L) = 6.5 x 18.5 x 26 cm (2.5 x 7.25 x 10.25 in.) Weight = 0.68 kg (1.50 lb.) Electrical Specifications Voltage (Input) = 100 to 240 VAC (50-60 Hz) @ 0.2 A Power Consumption = <9 Watts...
  • Page 427 Serial Port Interface Standard RS-232C interface with DB-9, female connector Power over Ethernet Interface Category 5, foiled, twisted pair cables must be used to ensure compliance with FCC Part 15, subpart B, Class B requirements Standard 802.3af pin assignments HTTP Interface •...

  • Page 428: Radio Specifications

    Radio Specifications Radio Specifications • 802.11a Channel Frequencies • 802.11b Channel Frequencies • 802.11g Channel Frequencies • Wireless Communication Range NOTE: Refer to the Regulatory Flyer included with the AP for the latest regulatory information. C-12 Avaya Wireless AP-8 User’s Guide...

  • Page 429: A Channel Frequencies

    Some countries restrict 802.11a operation to specific frequency bands. The Web interface and CLI display the available channels for a radio's particular regulatory domain. In the CLI, any channels that are not available are labeled “Not Supported”.
  • Page 430 — 5.675 5.675 5.675 5.785 — — 5.785 5.785 5.785 5.805 — — 5.805 5.805 5.805 ISM Band 5.825 — — 5.825 — 5.825 Note 1: Channel 34 is the default channel for Japan C-14 Avaya Wireless AP-8 User’s Guide...

  • Page 431: B Channel Frequencies

    • IL - Israel Some countries restrict 802.11b operation to specific frequency bands. The web interface will always display the available channels depending on the radio’s regulatory domain. In the CLI, any channels that are not available are labeled “Not Supported”. Channel ID...
  • Page 432 (GHz) (GHz) (GHz) 2.442 2.442 2.442 2.442 2.447 2.447 2.447 2.447 2.452 2.452 2.452 2.457 2.457 2.457 2.462 2.462 2.462 2.467 2.467 2.472 2.472 2.484 Note 1: France is restricted to these four channels. C-16 Avaya Wireless AP-8 User’s Guide...

  • Page 433: G Channel Frequencies

    • IL - Israel Some countries restrict 802.11g operation to specific frequency bands. The web interface will always display the available channels depending in the radio’s regulatory domain. In the CLI, any channels that are not available are labeled “Not Supported”. Channel ID...
  • Page 434 2.452 2.452 2.452 2.457 2.457 2.457 2.462 2.462 2.462 2.467 2.467 2.472 2.472 2.484 Note 1: France is restricted to these channels. Note 2: Channel 14 is only available when using 802.11b only mode. C-18 Avaya Wireless AP-8 User’s Guide...

  • Page 435: Wireless Communication Range

    Radio Specifications Wireless Communication Range The range of the wireless signal is related to the composition of objects in the radio wave path and the transmit rate of the wireless communication. Communications at a lower transmit range may travel longer distances.
  • Page 436 Closed Office 67 m 84 m 104 m 129 m (276 ft.) (341 ft.) (423 ft.) (525 ft.) Tx Power (dBm) Receiver Sensitivity (dBm) Antenna Gain 1 dBi (integrated diversity antenna module; 2.4-2.5 GHz) C-20 Avaya Wireless AP-8 User’s Guide...
  • Page 437 92 m Office (72 ft.) (95 ft.) (128 ft.) (171 ft.) (210 ft.) (262 ft.) (282 ft.) (302 ft.) Tx Power (dBm) Receiver Sensitivity (dBm) Antenna 0 dBi (integrated diversity antenna module; 5.15-5.85 GHz) Gain Avaya Wireless AP-8 User’s Guide C-21...
  • Page 438 78 m 104 m 129 m Office (85 ft.) (108 ft.) (167 ft.) (256 ft.) (341 ft.) (423 ft.) Tx Power (dBm) Receiver Sensitivity (dBm) Antenna 1 dBi (integrated diversity antenna module; 2.4-2.5 GHz) Gain C-22 Avaya Wireless AP-8 User’s Guide...
  • Page 439 111 m 120 m 160 m Office (453 ft.) (489 ft.) (318 ft.) (364 ft.) (394 ft.) (525 ft.) Tx Power (dBm) Receiver Sensitivity (dBm) Antenna 0 dBi (integrated diversity antenna module; 2.4-2.5 GHz) Gain Avaya Wireless AP-8 User’s Guide C-23...

  • Page 440: Dual Band Rea Environmental And Mechanical Specifications

    Dual Band Range Extender Antenna Specifications Dual Band Range Extender Antenna Specifications The Dual Band REA has the following technical specifications. Dual Band REA Electrical Specifications Frequency Range 2400 MHz - 2500 MHz 5150 MHz - 5875 MHz Average gain including 0.5 dBi...

  • Page 441: Before You Seek Help

    Technical Support Before You Seek Help If you are having a problem using an AP and cannot resolve it with the information in Troubleshooting, gather the following information and contact your local authorized reseller or visit http://www.avaya.com/support for contact information: •...
  • Page 442 — Ethernet frame type (e.g., 802.3, Ethernet II), if known — IP addressing scheme (include address range and whether static or DHCP) — Network speed and duplex (10 or 100 Mbits/sec; full or half duplex) — Type of Ethernet device that the Access Points are connected to (e.g., Power over Ethernet power injector, hub, switch, etc.)
  • Page 443 Before You Seek Help Avaya Wireless AP-8 User’s Guide...
  • Page 444 Before You Seek Help Avaya Wireless AP-8 User’s Guide...

Table of Contents