1. Manuals
  2. Brands
  3. Intelicis Manuals
  4. Wireless Access Point
  5. Cedar 860AG
  6. User manual

Intelicis Cedar 860AG User Manual

Enterprise dual-radio access point
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Cedar 860AG
Enterprise Dual-Radio Access Point

User Guide

Release 1.1
September 2006

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Cedar 860AG and is the answer not in the manual?

Questions and answers

Related Manuals for Intelicis Cedar 860AG

Summary of Contents for Intelicis Cedar 860AG

  • Page 1: User Guide

    Cedar 860AG Enterprise Dual-Radio Access Point User Guide Release 1.1 September 2006...
  • Page 2 This product and documentation are protected by copyright. No part of this product or document may be reproduced, transmitted, transcribed and stored in a retrieval system in any form or by any means without prior written authorization of Intelicis. Third Party Copyright Acknowledgements Please refer to the license.pdf on the CD distributed with the Cedar860AG Enterprise...

  • Page 3: Table Of Contents

    Cedar 860AG Enterprise Dual-Radio Access Point 1 Introduction........................7 1.1 Wireless Network....................7 1.2 Wireless Distribution System (WDS)..............8 1.3 Access Point Deployment ................... 9 1.4 Application Deployment ................... 10 2 Installation........................11 2.1 Package Contents ....................11 2.2 Physical Description ..................11 2.2.1 Top Panel ....................
  • Page 4 Cedar 860AG Enterprise Dual-Radio Access Point 6.3 Examples......................43 6.3.1 802.1x Authentication................43 6.3.2 MAC Authentication................44 7 Wireless........................45 7.1 Overview......................45 7.1.1 WLAN....................45 7.2 Web Interface....................45 7.2.1 Wireless Setting ..................45 7.2.2 WLAN....................47 7.2.3 Radio ..................... 50 7.2.4 WDS......................
  • Page 5 Cedar 860AG Enterprise Dual-Radio Access Point 11.3.1 show interface ..................75 11.3.2 config interface ..................76 11.3.3 show vlan ....................76 11.3.4 config vlan .................... 77 11.3.5 show ip ....................77 11.3.6 config ip ....................78 11.4 Security Commands ..................80 11.4.1 show auth ....................
  • Page 6 Cedar 860AG Enterprise Dual-Radio Access Point...

  • Page 7: Introduction

    Cedar 860AG Enterprise Dual-Radio Access Point 1 Introduction This manual contains information on configuring and managing the Intelicis Enterprise Dual-Radio Access Point – Cedar860 product family. It is organized into the following chapters: • Introduction: Overview of the wireless network and access point deployment •...

  • Page 8: Wireless Distribution System (Wds)

    Cedar 860AG Enterprise Dual-Radio Access Point Figure 1.1 Wireless Networks Wireless Distribution System (WDS) With the inherent difficulties involved in physically connecting access points, a Wireless Distribution System (WDS) provides an excellent alternative by interconnecting the access points wirelessly. As illustrated in Figure 1.2, Access Point A has no cable access and can not be connected with a switch or router.

  • Page 9: Access Point Deployment

    Cedar 860AG Enterprise Dual-Radio Access Point Figure 1.2 Wireless Distribution Systems (WDS) Access Point Deployment The deployment of access point depends greatly on the building structure, the existing wiring and the type of service to be deployed. For example, RF signals transmit much easier through a wood-frame building than through a concrete one.

  • Page 10: Application Deployment

    Cedar 860AG Enterprise Dual-Radio Access Point Application Deployment Applications can be deployed easily after a network infrastructure is in place. Figure 1.3 illustrates a possible scenario: • High Speed Internet Access is available for all wireless clients. • Voice over IP applications can be used for calling over the Internet.

  • Page 11: Installation

    Cedar 860AG Enterprise Dual-Radio Access Point 2 Installation This chapter provides instructions on how to install Cedar 860AG. Package Contents Before installation, please inspect the package contents first and report any missing or damaged items to your sales representative. This package should contain the following: •...

  • Page 12: Rear Panel

    The DC power jack provides the connection to the external 5V DC 2A power supply. • Reset Button The Cedar 860AG rear panel contains one reset button which will reset the unit to the manufacturer’s default configuration. Press and hold the button down for at least 5 seconds and the unit will automatically reboot and reset to the manufacturer’s default...

  • Page 13: Install The Unit

    Cedar 860AG also supports the 802.3af PoE standard. If your switch or gateway has the capability to supply PoE to remote devices, simply connect the Ethernet cable from your switch or gateway to the RJ45 connector on the rear panel of Cedar 860AG. This will automatically supply power to the unit.
  • Page 14 Cedar 860AG Enterprise Dual-Radio Access Point • After 30 seconds, the 802.11a and 802.11g LEDs will be flashing.

  • Page 15: Initial Configuration

    • Command Line Interface Scan Tool Cedar 860AG by default acquires its IP address and subnet mask from the DHCP server. The administrator can use the Scan Tool to find out the AP’s IP address. Scan Tool is a utility that is included in the AP CD-ROM. It scans the network and displays all the available Cedar Access Points.
  • Page 16 Cedar 860AG Enterprise Dual-Radio Access Point Figure 3.1 Scan Tool Main Screen 4. Locate the AP you want to manage by using the MAC address (AP’s MAC address can be found at its back panel). If the AP has acquired an IP address from the DHCP server, use it to log in to AP’s web interface (section 3.3).
  • Page 17 8. In case SNMP, telnet or web interface are accidentally turned off, Scan Tool can be used to turn them back on again by clicking the Advanced tab. Intelicis Scan Tool scans Intelicis access points only. It does not scan access points from other manufactures.

  • Page 18: Default Setting

    Cedar 860AG Enterprise Dual-Radio Access Point Please run one instance of Scan Tool on a network. Running multiple instances may receive incorrect scan result. Default Setting Table 3.1 lists Cedar’s manufacturer default settings: Default login name admin Default login password...
  • Page 19 Cedar 860AG Enterprise Dual-Radio Access Point After the initial login, the home page is displayed. The administrator now has easy access to configuring system parameters as well as managing any AP activities.

  • Page 20: Menu

    Cedar 860AG Enterprise Dual-Radio Access Point 3.3.1 Menu The menu displayed on the left side of the screen allows the administrator to perform the following configurations: • System: Configure system parameters such as system name, password and upgrade • Network: Configure network parameters such as IP address, default route and VLAN •...
  • Page 21 Cedar 860AG Enterprise Dual-Radio Access Point All configuration changes must to be saved into the system. One efficient way of doing this is by clicking Save. The save operation is required; otherwise changes will be lost after reboot. Reboot Sometimes, you may need to reboot the system in order for any new changes to take effect.

  • Page 22: System

    Cedar 860AG Enterprise Dual-Radio Access Point 4 System This chapter contains information on the following topics: • Change system setting • Change password and privilege password • Upgrade • Execute CLI command file System Setting Select System >Setting to change system parameters.

  • Page 23: Change Password

    Cedar 860AG Enterprise Dual-Radio Access Point Session Timeout The Cedar Command Line Interface times out after the session is inactive for a period of time. This parameter specifies the time out period in minutes. The default is 10 minutes. SNTP Setting This Simple Network Time Protocol (SNTP) setting is used to synchronize computer clocks on the Internet.

  • Page 24: Upgrade

    Changes to Login Password and/or Privilege Password are saved automatically. You do not need to save the changes by clicking Save in the tool bar. Upgrade Intelicis offers free firmware upgrades for bug fixes and patches. Please visit the Intelicis web site at www.intelicis.com for the latest upgrade.
  • Page 25 An example of the Server IP is 192.168.15.184. File Name Enter the Cedar 860AG firmware name. The firmware name is composed of three parts: model name-date-version number. For example, cedar860ag-09302005- 1.1.0.88a.bin refers to Cedar model 860 version 1.1.0.88 created on 09/30/2005.

  • Page 26: System Configuration

    Cedar 860AG Enterprise Dual-Radio Access Point System Configuration Select System > Configuration to reset the system or execute CLI command batch files. Save System Configuration All configuration changes must be saved into the system. This step is required; otherwise changes will be lost after reboot.
  • Page 27 Cedar 860AG Enterprise Dual-Radio Access Point into the FTP server as “anonymous” with no password. Cedar retrieves the specified CLI command file and executes it immediately. Export Configuration The administrator can export the existing configuration to a file for archiving purpose.

  • Page 28: Network

    Cedar 860AG Enterprise Dual-Radio Access Point 5 Network This chapter contains information on the following topics: • Change network settings • Configure VLAN • Configure DHCP Server Overview 5.1.1 VLAN Virtual LAN (VLAN) logically groups users by their functionality instead of physical location.

  • Page 29: Dhcp

    Cedar 860AG Enterprise Dual-Radio Access Point Figure 5.1 VLANs 5.1.2 DHCP Dynamic Host Configuration Protocol (DHCP) is a protocol for assigning dynamic IP addresses to computers on a network. Dynamic addressing simplifies network administration because the software keeps track of IP addresses. This means a new computer can be added to a network without the hassle of manually assigning it a unique IP address.
  • Page 30 Cedar 860AG Enterprise Dual-Radio Access Point Mode: DHCP: If DHCP is chosen, a dynamic IP address is assigned to AP by the DHCP Server. In addition, the subnet mask, default gateway and DNS server addresses are also assigned. Because DHCP assigns the IP address dynamically, different IP addresses may be assigned to the AP after each reboot.

  • Page 31: Vlan

    VLAN support, click tagged and enter a VID value between 0 and 4095. Before enabling VLAN support, the VLAN setting needs to be pre-configured on a VLAN-aware switch, such as the Intelicis Cypress 1024. Primary or Secondary DNS Optionally enter the primary or secondary Domain Name Server (DNS) IP address.
  • Page 32 Cedar 860AG Enterprise Dual-Radio Access Point Click the VLAN name to display detailed VLAN information. The 802.1d Spanning Tree Protocol (STP) is used to prevent interfaces from looping. • On: STP is enabled. If a loop is detected, one of the connections will be disconnected.

  • Page 33: Dhcp

    Cedar 860AG Enterprise Dual-Radio Access Point Displays a list of MAC addresses associated with this VLAN. • MAC Address: MAC address of the client’s machine • Interface: The interface the client’s machine is associated with • Local: Whether or not the client’s machine is associated with the AP locally •...

  • Page 34: Examples

    Cedar 860AG Enterprise Dual-Radio Access Point Netmask Specify the network mask for the subnet. Range Enter a range of IP addresses which are to be allocated for dynamic IP addresses only. Each time a DHCP request comes in; the DHCP server assigns an IP address from this range to its users.

  • Page 35: Configure Management Vlan Id

    Cedar 860AG Enterprise Dual-Radio Access Point 5.3.2 Configure Management VLAN ID 1. Consult your IT department to acquire the VLAN ID setting. Make sure the device (e.g. switch) that the AP connects to will support VLAN. The VLAN ID needs to be pre-configured there.

  • Page 36: Security

    Cedar 860AG Enterprise Dual-Radio Access Point 6 Security This chapter contains information on the following topics: • Configure RADIUS profile • Configure 802.1x authentication • Configure MAC authentication • Configure Filter to block certain traffic Overview 6.1.1 802.1x Authentication Wireless Networks provide enormous flexibility, but they can also create potential security problems in the network.

  • Page 37: Mac Authentication

    Cedar 860AG Enterprise Dual-Radio Access Point Figure 6.1 802.1x authentication sequence 1. The supplicant sends an authentication request containing identification and connection information to the authenticator. 2. The authenticator performs an initial negotiation with the supplicant to establish connection information (username, password, etc). The authenticator then forwards the user information in an authentication request to the RADIUS Server.

  • Page 38: Web Interface

    Cedar 860AG Enterprise Dual-Radio Access Point MAC authentication provides an alternative solution. It controls wireless access to the network by storing a list of MAC addresses on a local or RADIUS server. This list of MAC addresses identifies the authorized stations that may access the wireless network.

  • Page 39: Profile

    Cedar 860AG Enterprise Dual-Radio Access Point Cedar first tries to use the primary RADIUS Server for authentication. If the primary RADIUS server is down, Cedar retries for a number of times. It then switches to the secondary RADIUS server for authentication. The parameter specifies the number of retries.
  • Page 40 Cedar 860AG Enterprise Dual-Radio Access Point Profile Name Enter a descriptive name for the profile. The maximum length is 15. Re-authentication • On: Cedar will automatically re-authenticate the clients based on the re- authentication period parameter. • Off: (default) Cedar will not automatically re-authenticate the clients.

  • Page 41: Mac Profile

    Cedar 860AG Enterprise Dual-Radio Access Point 6.2.3 MAC Profile The MAC profile is used to store MAC authentication information. The MAC authentication profile can be used alone or combined with the RADIUS profile to perform MAC authentication. Select Security->MAC Authentication to list the available MAC profiles in the system.

  • Page 42: Filter

    Cedar 860AG Enterprise Dual-Radio Access Point Deny List A local list of the entire MAC addresses which are to be denied access. 6.2.4 Filter A filter may be used to block traffic from certain users. Select Security->Filter to list the available filters in the system.

  • Page 43: Examples

    Cedar 860AG Enterprise Dual-Radio Access Point Next: Packets which match the filter rule will be examined by the immediate next rule for further checking. Deny: Packets which match the filter rule will be dropped. Protocol Select a protocol to be filtered. Options are TCP, UDP or ICMP.

  • Page 44: Mac Authentication

    Cedar 860AG Enterprise Dual-Radio Access Point Profile Name: my8021x Click Apply. Save the configuration. 6.3.2 MAC Authentication Identify a RADIUS server to be used for MAC authentication. Write down its IP address and server secret code. Confirm the authentication port is 1812.

  • Page 45: Wireless

    Cedar 860AG Enterprise Dual-Radio Access Point 7 Wireless This chapter contains information on the following topics: • Configure Wireless Setting • Configure WLAN • Configure Radio 1 and 2 • Configure WDS Overview 7.1.1 WLAN Similar to the Virtual LAN concept, WLAN is a way to logically group wireless users into sub-networks.
  • Page 46 Cedar 860AG Enterprise Dual-Radio Access Point Wireless Setting On: (default) Enable the wireless service. Off: Disable the wireless service. Wireless Status Display the status of the wireless service. Operation Mode AP: The AP operates as a regular access point. Repeater: The AP’s Ethernet port does not function and can not be connected to a wired LAN.

  • Page 47: Wlan

    Cedar 860AG Enterprise Dual-Radio Access Point 7.2.2 WLAN WLANs logically group users by their functionality. Each group may have a different access privilege, security level and encryption method. Select Wireless->WLAN to list the available WLANs in the system. Click the existing WLAN name to enter the editing screen or click the Add button to create a new one.
  • Page 48 Cedar 860AG Enterprise Dual-Radio Access Point Name Enter a descriptive name for the wireless network. The maximum length is 12. SSID SSID stands for Service Set Identifier, a 32 character unique identifier used by mobile users to connect to a wireless network.
  • Page 49 Cedar 860AG Enterprise Dual-Radio Access Point Using 802.1x Authentication A wireless client will authenticate himself via RADIUS Server before using the wireless network. The administrator must configure a RADIUS profile which contains the RADIUS location and password information, as well as an 802.1x profile which contains 802.1x specific information.

  • Page 50: Radio

    Cedar 860AG Enterprise Dual-Radio Access Point • On: wireless clients are required to authenticate using their MAC address. You must choose a MAC authentication profile to be used for authentication. • Off: (default) No MAC authentication is performed. MAC Auth Profile Specify the MAC authentication profile to be used for authentication.
  • Page 51 Cedar 860AG Enterprise Dual-Radio Access Point...
  • Page 52 Cedar 860AG Enterprise Dual-Radio Access Point Enable or disable the radio. • On: the default setting • Off: disables the radio Frequency Select one of the communication modes between wireless clients and the Access Point. Radio 1 operates in frequency a or super-ag. Radio 2 operates in frequency b, g, bg or super-ag.
  • Page 53 Cedar 860AG Enterprise Dual-Radio Access Point If WDS is configured, all WDS stations need to communicate on the same channel. • Auto: the default setting. It allows the AP to select a free or relatively unused communication channel. • 1-14: used for frequencies b, g, and bg •...
  • Page 54 Cedar 860AG Enterprise Dual-Radio Access Point • Short: The short preamble is provided to improve the efficiency of the network’s throughput. Fragmentation Threshold The fragmentation threshold limits the size of packets transmitted on the network. If a packet exceeds the threshold, packet will be fragmented and sent as multiple frames.

  • Page 55: Wds

    Cedar 860AG Enterprise Dual-Radio Access Point For security reasons, sometimes the administrator may need to disable communication between wireless clients. • On: The default setting. • Off: The AP blocks communication between wireless clients. Data traffic is allowed between the AP and its wireless clients and wired devices on the network, but not among wireless clients.
  • Page 56 Cedar 860AG Enterprise Dual-Radio Access Point All APs in a Wireless Distribution System must be configured to use the same radio channel. Auto channeling is not allowed. Once a WDS connection is established, it can be viewed by selecting Monitor- >Wireless Link.

  • Page 57: Examples

    Cedar 860AG Enterprise Dual-Radio Access Point Enter the SSID to be used between the AP and the remote station. Each WDS link should have its own SSID configured. The SSID is only needed if Static WEP Key or WPA PSK is chosen for the security policy.

  • Page 58: Wlan With Wep And Mac Authentication

    Cedar 860AG Enterprise Dual-Radio Access Point Click myWLAN from the available WLAN list box and add it to the selected WLAN list box. Click Apply. 10 Save the configuration. 7.3.2 WLAN with WEP and MAC Authentication You should already have a RADIUS profile and an MAC authentication profile configured in the system.

  • Page 59: Wds

    Cedar 860AG Enterprise Dual-Radio Access Point 7.3.3 WDS Click Wireless->WDS from the Cedar web interface to display all the WDSs. Click Add to add a new WDS. Enter the following sample data and use default fors the remainder of the parameters.

  • Page 60: Management

    In addition to the command line interface and web interface, the Cedar access point can be managed through SNMP (Simple Network Management Protocol). One of the applications that use SNMP to manage the Cedar AP is the Intelicis Multi-Service Wireless Switch, Cypress 1024.
  • Page 61 Cedar 860AG Enterprise Dual-Radio Access Point Setting Enable or disable SNMP. Read Only Community Name The SNMP community name for read only (GET) operations. The default value is “public”. Read/Write Community Name The SNMP community name for read and write (SET) operations. The default value...

  • Page 62: Log

    Cedar 860AG Enterprise Dual-Radio Access Point 9 Log The Cedar log file can be viewed by selecting Log from the menu.

  • Page 63: Monitor

    Cedar 860AG Enterprise Dual-Radio Access Point 10 Monitor This chapter contains information on the following topics: • Monitor interfaces • Monitor radios • Monitor Rogue APs • Monitor wireless users • Monitor wireless links 10.1 Interfaces Interface statistics are available for the administrator to monitor network activities. Select Monitor->Interface to list all interfaces in the system.

  • Page 64: Wireless Statistics

    Cedar 860AG Enterprise Dual-Radio Access Point 10.2 Wireless Statistics Radio statistics are available for the administrator to monitor wireless network activities. Select Monitor->Radio to display radio 1 and radio 2 statistics.

  • Page 65: Rogue Aps

    Cedar 860AG Enterprise Dual-Radio Access Point 10.3 Rogue APs Cedar periodically scans its coverage area for information about other access points. If any of the AP appears to be un-trusted or invalid, the administrator may consider to block its access by blocking the switch port that the AP is connected to.

  • Page 66: Wireless Link

    Cedar 860AG Enterprise Dual-Radio Access Point Description of the parameters: Wireless MAC: MAC address of the wireless user. Radio: The radio (1 or 2) being used by the wireless user. Signal: Signal to Noise Ratio at the AP when frames are received from the wireless user.
  • Page 67 Cedar 860AG Enterprise Dual-Radio Access Point Description of the parameters: Wireless MAC: MAC address of the remote WDS link. Radio: The radio (1 or 2) being used by the WDS link. Signal: Signal to Noise Ratio at the AP when frames are received from the WDS link.
  • Page 68 Cedar 860AG Enterprise Dual-Radio Access Point Description of the parameters: SNR: Signal to Noise Ratio at the AP when frames are received from the WDS link. Signal: Signal strength. Noise: Noise level.

  • Page 69: Command Line Interface

    Cedar 860AG Enterprise Dual-Radio Access Point 11 Command Line Interface The Command Line Interface is available through a serial console port, telnet or SSH. To establish a telnet or SSH connection, enter one of the following commands. telnet 192.168.1.188 ssh 192.168.1.188 11.1 Base Commands...

  • Page 70: Quit

    Cedar 860AG Enterprise Dual-Radio Access Point Description: Save the whole system configuration into non-volatile memory. Example: Cedar# config save 11.1.4 quit Syntax: quit Description: This command allows the user to quit from current CLI session. This command is equivalent to “exit”.

  • Page 71: Reset

    Cedar 860AG Enterprise Dual-Radio Access Point Description: Reboot the system. Example: Cedar# reboot 11.1.7 reset Syntax: reset Description: Reset the current system configuration to manufacturer default and reboot the system. Example: Cedar# reset 11.1.8 up arrow Syntax: ↑ Description: Display the previous typed command from the command history table.

  • Page 72: Debug

    Cedar 860AG Enterprise Dual-Radio Access Point Example: Cedar# ↓ 11.1.10 debug Syntax: debug { <module name> | <module name> <level 1-5> Description: This command is used for enabling debug messages. The global debug switch must be on in order to see the debug messages. The different debug level can be used to control the amount of debug messages in the specified module.

  • Page 73: System Commands

    Cedar 860AG Enterprise Dual-Radio Access Point Display the current available command options. Example: Cedar# help Cedar# ? 11.2 System Commands 11.2.1 show system Syntax show system Description: Display system information; including system login name, model, firmware version, system time and system up time.

  • Page 74: Show Sntp

    Cedar 860AG Enterprise Dual-Radio Access Point Description: Configure system related parameters. name: System name login_name: The username for system login. password: The password for system login. enable_password: The password to enter privilege mode to do advance configurations or operations sesssion_timeout: The idle timeout for the CLI session.

  • Page 75: Upgrade

    Cedar 860AG Enterprise Dual-Radio Access Point Description: Configure SNTP related parameters. server: SNTP server location. offset: Offset to the UTC time. Example: Cedar# config sntp on Cedar# config sntp offset -8 11.2.5 upgrade Syntax: upgrade { <ftp | tftp> server <host> | file <file name>...

  • Page 76: Config Interface

    Cedar 860AG Enterprise Dual-Radio Access Point Description: Display interface information. all: Display the information of all interfaces. Example: Cedar# show interface lan Cedar# show interface all 11.3.2 config interface Syntax: config interface <if name> { <on | off> | ip <0 | 1 | 2 | 3 | 4> { [addr <ip address>]...

  • Page 77: Config Vlan

    Cedar 860AG Enterprise Dual-Radio Access Point Example: Cedar# show vlan all Cedar# show vlan lan 11.3.4 config vlan Syntax: config vlan { mgmt_vid <vlan id #> | <vlan name> { aging <# in seconds>] | stp <on | off> Description: VLAN interface is created automatically by the system when management vid (mgmt_vid) or WLAN vid is configured to value other than “untagged”.

  • Page 78: Config Ip

    Cedar 860AG Enterprise Dual-Radio Access Point Description: dhcp: Display DHCP summary. dhcp table: Display client IP addresses assignment. dhcp pool: Display specific DHCP pool. dns: Display primary and secondary DNS. route: Display routing table. Example: Cedar# show ip dhcp Cedar# show ip dhcp table...
  • Page 79 Cedar 860AG Enterprise Dual-Radio Access Point [dns <ip address>] [wins <ip address>] [gw <ip address>] [lease_time <time in seconds>] Description: net: The network address of the specified DHCP pool. netmask: The network mask address of the specified DHCP range_start :...

  • Page 80: Security Commands

    Cedar 860AG Enterprise Dual-Radio Access Point config ip route Syntax: config ip route {add | del} { net <net address> netmask <netmask address> [gw <ip address>] if < if name> Description: add: Add a route entry in the routing table.

  • Page 81: Config Auth

    Cedar 860AG Enterprise Dual-Radio Access Point 11.4.2 config auth Syntax: config auth { 8021x … | mac … | radius … Description: Configure 802.1x, mac or radius authentication profile. See ‘config auth …’ sections for details. config auth radius Syntax: config auth radius profile { add <profile name>...
  • Page 82 Cedar 860AG Enterprise Dual-Radio Access Point Description: radius_failover_limit: Number of retries for the primary radius server before switching to the secondary radius server. Default is 4. primary_radius_retry_period: Retry period in seconds for the primary radius server. Default is 600. radius_nas_ip: IP address of the AP.
  • Page 83 Cedar 860AG Enterprise Dual-Radio Access Point add <profile name> | del <profile name> | <profile name> { [reauthentication <on | off>] [reauthentication_period <# in seconds>] [wep_key_len < 64 | 128 >] [wep_key_interval < 0 | 60-2592000>] Description: reauthentication: Enable/Disable re-authentication.

  • Page 84: Show Filter

    Cedar 860AG Enterprise Dual-Radio Access Point Description: permitadd: Add an MAC address to the Permit List. permitdel: Delete an MAC address from the Permit List. denyadd: Add an MAC address to the Deny List. denydel: Delete an MAC address from the Deny List.

  • Page 85: Wireless Commands

    Cedar 860AG Enterprise Dual-Radio Access Point [ip <ip address>] [protocol <tcp | udp | icmp>] [src_port <port #>] [dst_port <port #>] [priority <1-n>] [if <interface name>] [action <deny | permit | next>] Description: action: ‘deny’: packets that match the rules will be dropped.

  • Page 86: Config Wireless

    Cedar 860AG Enterprise Dual-Radio Access Point Description: summary: Display wireless summary information. rogue: Display all the rogue APs detected by Cedar. users: Display all the active wireless users which are using the AP. link: Display all the wireless WDS links.

  • Page 87: Config Wlan

    Cedar 860AG Enterprise Dual-Radio Access Point Description: all: Display a summary of all the WLANs. <wlan name>: Display detailed WLAN configuration. Example: Cedar# show wlan all Cedar# show wlan Intelicis-a 11.5.4 config wlan Syntax: config wlan { add <wlan name> | del <wlan name>...

  • Page 88: Show Radio

    Cedar 860AG Enterprise Dual-Radio Access Point Description: ssid: A unique identifier used by mobile users to connect to a wireless network. ssid broadcast: Enable/Disable SSID to be broadcast to all wireless devices. vid: Enable/Disable VLAN tag to be used. tx_rate: A transmission rate that will be used for all unicast frames.

  • Page 89: Config Radio

    Cedar 860AG Enterprise Dual-Radio Access Point Example: Cedar# show radio 1 11.5.6 config radio Syntax: config radio <1 | 2> { [rf < on | off >] [freq < a | super-ag > for radio 1, <b|g|bg|super-ag> for radio 2] [channel <...

  • Page 90: Show Wds

    Cedar 860AG Enterprise Dual-Radio Access Point basic_rates & Transmission rate used between wireless clients and the AP. supported_rates: freq a: 6, 9, 12, 18, 24, 36, 48, 54 freq b: 1, 2, 5.5, 11 freq g: 6, 9, 12, 18, 24, 36, 48, 54 freq bg: 1, 2, 5.5, 11, 6, 9, 12, 18, 24, 36, 48, 54...

  • Page 91: Config Wds

    Cedar 860AG Enterprise Dual-Radio Access Point Cedar# show wds myWDS 11.5.8 config wds Syntax: config wds { add <wds name> | del <wds name> | <wds name> { [remote_mac <address>] [role < ap | station >] [association < on | off >] [wds_ssid <...

  • Page 92: Show Telnet

    Cedar 860AG Enterprise Dual-Radio Access Point 11.6.1 show telnet Syntax: show telnet Description: Display TELNET server configuration. Example: Cedar# show telnet 11.6.2 config telnet Syntax: config telnet {<on | off> | [port <port #>] } Description: Configure TELNET server parameters.

  • Page 93: Show Web

    Cedar 860AG Enterprise Dual-Radio Access Point Syntax: config ssh {<on | off> | port <port #> } Description: Configure SSH server parameters. Example: Cedar# config ssh port 12000 Cedar# config ssh on 11.6.5 show web Syntax: show web Description: Display WEB server configuration.

  • Page 94: Config Snmp

    Cedar 860AG Enterprise Dual-Radio Access Point Description: Display SNMP configuration. Example: Cedar# show snmp 11.6.8 config snmp Syntax: config snmp { <on | off> | community <community name> { [name <string>] [write < on | off>] Description: Configure SNMP community settings.

  • Page 95: Config Syslog

    Cedar 860AG Enterprise Dual-Radio Access Point Example: Cedar# show syslog 11.6.10 config syslog Syntax: config syslog {<on | off> | clear} Description: Configure system log settings. Example: Cedar# config syslog on Cedar# config syslog clear 11.7 Miscellaneous Commands 11.7.1 ping Syntax: ping <host>...

  • Page 96: Show Arp

    Cedar 860AG Enterprise Dual-Radio Access Point Syntax: traceroute <host> Description: A network utility to retrieve network routing path information. Example: Cedar# traceroute www.yahoo.com 11.7.3 show arp Syntax: show arp Description: Display ARP table information. Example: Cedar# show arp 11.7.4 show memory...

  • Page 97: Network Commands

    Cedar 860AG Enterprise Dual-Radio Access Point 1. To change the system’s name: Cedar# config system name MyCedar 2. To change the login password: Cedar# config system password Current Password: New Password: Re-confirmed: 3. To change the privilege password: Cedar# config system enable_password...

  • Page 98: Authentication

    Cedar 860AG Enterprise Dual-Radio Access Point Cedar# show ip route 3. Configure domain name servers. For example, change the primary DNS to 192.168.1.1 Cedar# config primary dns 192.168.1.1 Cedar# show ip dns 4. Save the configuration changes. Cedar# config save 5.

  • Page 99: Wlan With Wpa And 802.1X Authentication

    Cedar 860AG Enterprise Dual-Radio Access Point Cedar# config radius user_db add 000cf157b3bc//mac 2. Create a RADIUS profile. Cedar# config auth radius profile add myRADIUS Cedar# config auth radius profile myRADIUS primary_auth_ip 192.168.1.1 Cedar# config auth radius profile myRADIUS primary_auth_secret xxx Cedar# show auth profile myRADIUS 3.

  • Page 100: Wds

    Cedar 860AG Enterprise Dual-Radio Access Point 1. Create a WLAN. Cedar# config wlan add myWLAN Cedar# config wlan myWLAN ssid myWLAN Cedar# config wlan myWLAN associate open encrypt wep Cedar# config wlan myWLAN default_wep_key 0 wep_key_0 wepke Cedar# config wlan myWLAN radius_profile myRADIUS...

  • Page 101: Appendix I - Recovery Procedure

    Please follow the procedure described below to recover the AP. 1. Download the firmware burner (FwBurner) and firmware images (FwFlash.img) from the Intelicis website support.intelicis.com and save them in a TFTP server. Do not change the names of the images. Configure the IP of the TFTP server to 192.168.1.237.
  • Page 102 Cedar 860AG Enterprise Dual-Radio Access Point Could not find valid MAC address for enet0. Using default! Ethernet eth0: MAC address 00:03:7f:e0:02:bf IP: 192.168.1.1/255.255.255.0, Gateway: 192.168.1.237 Default server: 192.168.1.237, DNS server IP: 192.168.1.237 RedBoot(tm) bootstrap and debug environment [RAM] Non-certified release, version v2_0 - built 18:22:58, May 13 2006 Copyright (C) 2000, 2001, 2002, Red Hat, Inc.

Table of Contents