Page 1 ORiNOCO AP-4000, AP-4000M and AP-4900M User Guide...
Page 2 Proxim Wireless Corporation. Trademarks ORiNOCO and Proxim are registered trademarks, and the Proxim logo is a trademark, of Proxim Wireless Corporation. Acrobat Reader is a registered trademark of Adobe Systems Incorporated. Ekahau is a trademark of Ekahau, Inc.
Page 3: Table Of Contents
AP-4000/4000M/4900M Hardware Description ........
Page 4 AP-4000/4000M/4900M User Guide System ................45 Dynamic DNS Support .
Page 5 AP-4000/4000M/4900M User Guide Radius Profiles ..............125 RADIUS Servers per Authentication Mode and per VLAN.
Page 6 AP-4000/4000M/4900M User Guide Retrieve File ............... 171 Retrieve File via TFTP .
Page 7 AP-4000/4000M/4900M User Guide Log into the AP using HyperTerminal............204 Log into the AP using Telnet .
Page 8 AP-4000/4000M/4900M User Guide Support Options ..............270 Proxim eService Web Site Support .
Page 9: Introduction
• Operation in the 4.9 GHz Public Safety band NOTE: Unless otherwise noted, screen captures in this User Guide are from the AP-4000. Introduction to Wireless Networking An Access Point extends the capability of an existing Ethernet network to devices on a wireless network. Wireless devices can connect to a single Access Point, or they can move between multiple Access Points located within the same vicinity.
Page 10 Introduction AP-4000/4000M/4900M User Guide Introduction to Wireless Networking Figure 1-1 Typical Wireless Network Access Infrastructure...
Page 11: Mesh Networking
AP-4000/4000M/4900M User Guide Mesh Networking Mesh Networking Using the ORiNOCO Mesh Creation Protocol (OMCP), the AP-4000/4000M/4900M supports structured Mesh networking. In a Mesh network, access points use their wireless interface as a backhaul to the rest of the network. Access points connected directly to the wired infrastructure are called “Portals;”...
Page 12 Introduction AP-4000/4000M/4900M User Guide Mesh Networking are discovered, MAP2 through MAP8 will build a neighbor table from the beacons and probe responses they receive. The neighbor table contains three kinds of links: • Active: Link with a Mesh neighbor that has gone through association and authentication, and the port is open.
Page 13: Mesh Network Configuration
MAP7 may decide to switch channels and establish and activate a link to MAP4. Mesh Network Configuration In the AP-4000/4000M/4900M, either of the wireless interfaces may be configured for Mesh functionality, with the following considerations in mind: •...
Page 14: Guidelines For Roaming
Introduction AP-4000/4000M/4900M User Guide Guidelines for Roaming – Average utilization (time that a client is actually transferring data) is 10%. If the conditions on your network are different than the assumptions above, then the maximum number of APs should be adjusted accordingly.
Page 15: Http/Https Interface
Introduction AP-4000/4000M/4900M User Guide Management and Monitoring Capabilities • HTTP/HTTPS Interface • Command Line Interface • SNMP Management • SSH (Secure Shell) Management HTTP/HTTPS Interface The HTTP Interface (Web browser Interface) provides easy access to configuration settings and network statistics from any computer on the network.
Page 16: Ssh (Secure Shell) Management
Introduction AP-4000/4000M/4900M User Guide Management and Monitoring Capabilities Enterprise MIB for more information; the MIB can be opened with any text editor, such as Microsoft Word, Notepad, or WordPad. SNMPv3 Secure Management SNMPv3 is based on the existing SNMP framework, but addresses security requirements for device and network management.
Page 17: Installation And Initialization
AP-4000/4000M/4900M User Guide Installation and Initialization In this chapter: • AP-4000/4000M/4900M Hardware Description – Overview – LED Indicators – Power-over-Ethernet (PoE) – Antennas • Prerequisites – General Prerequisites – Mesh Prerequisites – PXU (ProximUnify) Prerequisites • System Requirements • Product Package •...
Page 18: Ap-4000/4000M/4900M Hardware Description
The AP-4000/4000M/4900M can be powered through either PoE (802.3af Power-over-Ethernet) or through an external DC power source using the power cord. The AP-4000/4000M/4900M includes a a power jack, a 10/100 base-T Ethernet port, and an RS-232 serial data communication port. See Figure 2-1.
Page 19: Power-Over-Ethernet (Poe)
Also see Hardware Installation. NOTE: The AP’s 802.3af-compliant PoE module is backwards compatible with all ORiNOCO Active Ethernet (PoE) hubs that do not support the IEEE 802.3af standard. Antennas Each radio on the AP-4000/4000M/4900M employs two internal antennas for antenna diversity: one is vertically polarized, and the other is horizontally polarized to provide optimal spatial and polarization diversity.
Page 20 AP-4000/4000M/4900M User Guide AP-4000/4000M/4900M Hardware Description External Antennas The AP-4000/4000M/4900M also has four antenna connectors, two on each radio, for use with external antennas.External antennas can be used with either radio on the AP-4000/4000M/4900M. NOTE: All AP-4900M units, and AP-4000/4000M units using external antennas, must be installed by a suitably trained professional installation technician or by a qualified installation service.
Page 21 Installation and Initialization AP-4000/4000M/4900M User Guide AP-4000/4000M/4900M Hardware Description 4.9 GHz Antenna On the AP-4900M, antenna connector 3 is equipped with a pigtail adaptor for connection to a 4.9 GHz antenna. When the AP-4900M is configured to operate in the 4.9 GHz Public Safety operational mode, antenna diversity is automatically disabled by default, and antenna 3 is configured for use.
Page 22: Prerequisites
Installation and Initialization AP-4000/4000M/4900M User Guide Prerequisites Prerequisites General Prerequisites Before installing your unit, you need to gather certain network information. The following table identifies the information you need. Parameter Description Network Name (SSID of the You must assign the Access Point a Network Name before wireless users can wireless cards) communicate with it.
Page 23: Mesh Prerequisites
Installation and Initialization AP-4000/4000M/4900M User Guide System Requirements Mesh Prerequisites Before setting up a Mesh network, gather the following information: Parameter Description Mesh Mode The mode in which the AP will be used. If the AP will be connected directly to the wired backbone, it should be configured for Mesh Portal mode;...
Page 24: Product Package
AP-4000/4000M/4900M User Guide Product Package Product Package Each AP-4000/4000M/4900M shipment includes the items in the following table. Verify that you have received all parts of the shipment. NOTE: Unless noted in this table, cables are not supplied with the unit.
Page 25: Hardware Installation
Hardware Installation Hardware Installation NOTE: All AP-4900M units, and AP-4000/4000M units using external antennas, must be installed by a suitably trained professional installation technician or by a qualified installation service. NOTE: Before installing and using this product, visit the Proxim Support site at http://support.proxim.com...
Page 26 Cabling with Power Over Ethernet (PoE) 1. To use PoE, you must use a PoE adapter such as the ORiNOCO 1-Port Active Ethernet DC Injector (ordered separately). Connect one end of an Ethernet cable (not supplied) to the unit’s LAN port. Connect the other end to the Data and Power Out port of the DC Injector (see figure).
Page 27: Install The Security Cover (Optional)
Note that the AP-4000/4000M/4900M has been certified under UL Standard 2043 and can be installed in the plenum. In an office building, plenum is the space between the structural ceiling and the tile ceiling that is provided to help air circulate.
Page 28 Installation and Initialization AP-4000/4000M/4900M User Guide Hardware Installation Wall Mounting Follow these steps to mount the unit on a wall: 1. If the unit’s power supply is plugged in, unplug it. 2. Put the mounting plate up to the wall so that the embossed letter “L” is on top (see figure). If the plate is correctly oriented, the circular tab that is vertically aligned with the square hole should be on top.
Page 29: Power On The Unit
EIRP is in compliance with the limit specified by the regulatory authority of the country of application. See the following sections for more information: • Connecting Antenna(s) to the AP-4000/4000M • Connecting Antenna(s) to the AP-4900M for 4.9 GHz Operation •...
Page 30 Figure 2-8 Opening the Antenna Compartment 2. There are four antenna connectors in the AP-4000/4000M/4900M, labeled 1 through 4. Connectors 1 and 2 are for the 802.11b/g radio, and connectors 3 and 4 and for the 802.11a/4.9 GHz radio. Connect the antenna cable to connector 1 or 4 (the connector closer to the LED panel in the compartment), depending on the radio.
Page 31 Installation and Initialization AP-4000/4000M/4900M User Guide Hardware Installation Connecting Antenna(s) to the AP-4900M for 4.9 GHz Operation To attach an external antenna to the AP-4900M, attach the selected antenna to the pigtail attachment connected to the AP’s antenna connector 3 (see Figure 2-10).
Page 32 Installation and Initialization AP-4000/4000M/4900M User Guide Hardware Installation Antenna Types and Maximum Gain For devices using external antennas, professional installers should select only the antenna types listed in the following table, with gain not exceeding the listed maximum gain for each type.
Page 33: Initialization
2. Double-click the ScanTool icon on the Windows desktop to launch the program (if the program is not already running). If the icon is not on your desktop, click Start > All Programs > ORiNOCO > AP-4000 or AP-4000M, or AP-4900M >...
Page 34 Installation and Initialization AP-4000/4000M/4900M User Guide Initialization NOTE: If your Access Point does not appear in the Scan List, click the Rescan button to update the display. If the unit still does not appear in the list, see Troubleshooting for suggestions. Note that after rebooting an Access Point, it may take up to five minutes for the unit to appear in the Scan List.
Page 35: Logging In
Installation and Initialization AP-4000/4000M/4900M User Guide Initialization k. Click the Change button to return to the Change screen. Click the Web Configuration button at the bottom of the Change screen. m. Proceed to the Logging In section for information on how to access the HTTP interface using this IP address.
Page 36: Using The Setup Wizard
Installation and Initialization AP-4000/4000M/4900M User Guide Initialization Figure 2-14 System Status Screen The buttons on the left of the screen provide access to the monitoring and configuration options for the AP. See Advanced Configuration to begin configuring the AP manually.
Page 37 Select the Operational Mode as follows and click Save & Next: The Wireless-A interface operates in 802.11a mode on the AP-4000/4000M and in either 802.11a mode or 4.9 GHz Public Safety mode on the AP-4900M. In 4.9 GHz Public Safety mode, you must also select a Channel Bandwidth.
Page 38: Installing The Software
Installation and Initialization AP-4000/4000M/4900M User Guide Initialization — Primary Network Name (SSID): Enter a Network Name (between 1 and 32 characters long) for the wireless network. You must configure each wireless client to use this name as well. Note that the unit supports up to 16 SSIDs/VLANs per wireless interface.
Page 39 NOTE: The Knowledgebase is available to all website visitors. First-time users will be asked to create an account to gain access. 3. Click Search Knowledgebase. 4. In the Search Knowledgebase field, enter one of the following: • For the AP-4000: 1250. • For the AP-4000M: 1934. • For the AP-4900M: 1851.
Page 40 Installation and Initialization AP-4000/4000M/4900M User Guide Initialization Figure 2-17 Warning Message 5. Click OK to continue with the operation or Cancel to abort the operation. 6. If the operation is unsuccessful, you will receive an error message. If this occurs, see the...
Page 41 Installation and Initialization AP-4000/4000M/4900M User Guide Initialization 4. Enter the IP address of your TFTP server in the field provided. 5. Enter the File Name (including the file extension). If the file is located in the default TFTP directory, you need enter only the file name.
Page 42: System Status
AP-4000/4000M/4900M User Guide System Status The first screen displayed after Logging In is the System Status screen. You can always return to this screen by clicking the Status button. Figure 3-1 System Status Screen The System Status screen provides the following information: •...
Page 43: Advanced Configuration
AP-4000/4000M/4900M User Guide Advanced Configuration This chapter contains information on configuring settings in the following categories: • System: Configure specific system information such as system name and contact information. • Network: Configure IP, DNS client, DHCP server, DHCP Relay Agent, DHCP Relay Servers, Link Integrity, and SNTP settings.
Page 44 Advanced Configuration AP-4000/4000M/4900M User Guide Figure 4-1 Configure Main Screen 2. Click the tab that corresponds to the parameter you want to configure. For example, click Network to configure the Access Point’s TCP/IP settings. Each Configure tab is described in the remainder of this chapter.
Page 45: System
Advanced Configuration AP-4000/4000M/4900M User Guide System System You can configure and view the following parameters within the System Configuration screen: • Name: The name assigned to the AP. See the Dynamic DNS Support Access Point System Naming Convention sections for rules on naming the AP.
Page 46: Dynamic Dns Support
Advanced Configuration AP-4000/4000M/4900M User Guide System Figure 4-2 System Tab Dynamic DNS Support DNS is a distributed database mapping the user readable names and IP addresses (and more) of every registered system on the Internet. Dynamic DNS is a lightweight mechanism which allows for modification of the DNS data of host systems whose IP addresses change dynamically.
Page 47: Network
Advanced Configuration AP-4000/4000M/4900M User Guide Network Network The Network tab contains the following sub-tabs: • IP Configuration • DHCP Server • DHCP Relay Agent • Link Integrity • SNTP (Simple Network Time Protocol) IP Configuration This tab is used to configure the internet (TCP/IP) settings for the access point.
Page 48: Dhcp Server
Advanced Configuration AP-4000/4000M/4900M User Guide Network • IP Address: The Access Point’s IP address. When IP Address Assignment Type is set to Dynamic, this field is read-only and reports the unit’s current IP address. The Access Point will default to 169.254.128.132 if it cannot obtain an address from a DHCP server.
Page 49 Advanced Configuration AP-4000/4000M/4900M User Guide Network Figure 4-4 DHCP Server Configuration Screen You can configure and view the following parameters within the DHCP Server Configuration screen: NOTE: You must reboot the AP before changes to any of these DHCP server parameters take effect.
Page 50: Dhcp Relay Agent
Advanced Configuration AP-4000/4000M/4900M User Guide Network NOTE: The Default Lease Time cannot be larger than the Maximum Lease Time. If you set the Maximum Lease Time, you should also set the Default Lease Time to ensure that the Default Lease Time is less than the Maximum.
Page 51: Link Integrity
Advanced Configuration AP-4000/4000M/4900M User Guide Network To add entries to the table of DHCP Relay Agents, click Add in the DHCP Server IP Address Table; to edit existing entries, click Edit. The following window is displayed. Figure 4-6 DHCP Server IP Address Table - Edit Entries To add an entry, enter the IP Address of the DHCP Server and a comment (optional), and click OK.
Page 52: Sntp (Simple Network Time Protocol)
Advanced Configuration AP-4000/4000M/4900M User Guide Network Figure 4-7 Link Integrity Configuration Screen SNTP (Simple Network Time Protocol) SNTP allows a network entity to communicate with time servers in the network/internet to retrieve and synchronize time of day information. When this feature is enabled, the AP will attempt to retrieve the time of day information from the configured time servers (primary or secondary), and, if successful, will update the relevant time objects in the AP.
Page 53 Advanced Configuration AP-4000/4000M/4900M User Guide Network Figure 4-8 SNTP Configuration Screen You can configure and view the following parameters within the SNTP screen: • SNTP Status: Select Enable or Disable from the drop-down menu. The selected status will determine which of the parameters on the SNTP screen are configurable.
Page 54: Interfaces
System tab before any of these sub-tabs are available. Operational Mode From this tab, you can configure and view the operational mode for the Wireless-A (802.11a radio/4.9 GHz radio) or Wireless-B (802.11b/g radio) interface. Figure 4-9 Operational Mode Screen (AP-4000/4000M)
Page 55 Figure 4-10 Operational Mode Screen (AP-4900M) The Wireless-A interface operates in 802.11a mode on the AP-4000/4000M and in either 802.11a mode or 4.9 GHz Public Safety mode on the AP-4900M. In 4.9 GHz Public Safety mode, you must also select a Channel Bandwidth.
Page 56 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Enable H Band Support In compliance with FCC regulations, Dynamic Frequency Selection is required in the middle frequency band (M band: 5.26 GHz - 5.32 Ghz) and high frequency band (H band: 5.470 GHz - 5.725 GHz). DFS is enabled automatically when you use one or both of these frequency bands.
Page 57 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces The beacon frame contains information on the country code, the maximum allowable transmit power, and the channels to be used for the regulatory domain. The same information is transmitted in probe response frames in response to a client’s probe requests. Once the client has acquired the information required to meet the transmit requirements of the regulatory domain, it configures itself for operation in the regulatory domain.
Page 58 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces 3. Enter the desired backoff from the maximum Transmit Power level (between 0 and 35 dBm) in the Wireless-A: Transmit Power Level Back-Off or Wireless-B: Transmit Power Level Back-Off field. 4. Click OK.
Page 59: Wireless-A (802.11A/4.9 Ghz Radio) And Wireless-B (802.11B/G Radio)
Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Wireless-A (802.11a/4.9 GHz Radio) and Wireless-B (802.11b/g Radio) Figure 4-11 Wireless Interface A...
Page 60 NOTE: You must reboot the Access Point before any changes to these parameters take effect. • Physical Interface Type: For Wireless Interface A on the AP-4000/4000M, this field reports “802.11a (OFDM 5 GHz).” On the AP-4900M, this field reports “802.11a (OFDM 5 GHz)” when operating in 802.11a mode, and “Public Safety (OFDM 4.9 GHz)”...
Page 61 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces – For 802.11b/g -- Auto Fallback, 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbits/sec – For 802.11g-wifi -- Auto Fallback, 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbits/sec NOTE: 802.11g-wifi has been defined for Wi-Fi testing purposes.
Page 62 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces In shutdown state, AP will not transmit and receive frames from the wireless interface and will stop transmitting periodic beacons. Moreover, none of the frames received from the Ethernet interface will be forwarded to that wireless interface.
Page 63: Dynamic Channel Selection (Dcs)
Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Figure 4-12 Channel Blacklist Table 3. Click Edit in the Channel Blacklist Table 4. Set Blacklist Status to Enable. Figure 4-13 Channel Blacklist Table - Edit Screen • Wireless Distribution System: A Wireless Distribution system can be used to establish point-to-point (i.e. wireless backhaul) connections with other access points.
Page 64 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces the background and triggers ACS to perform an Auto Scan Function to select the channel with lowest interference and dynamically switches to the new channel. The DCS is triggered under the following conditions: 1. Dynamic channel change required (Radar Detection and Configuration change) 2.
Page 65 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Figure 4-15 A complete Interfaces page...
Page 66 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces DCS can be configured using the following interfaces: • Web (HTTP) Interface • Command Line Interface (CLI) • MIB (SNMP) Requirements Web (HTTP) Interface The HTTP Interface (Web browser Interface) provides easy access to configuration settings and network statistics from any computer on the network.
Page 67 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Command Line Interface (CLI) See the Command Line Interface (CLI) section in Appendix A. MIB (SNMP) Requirements DCS feature can be managed and monitored by MIB objects too. All the configuration parameters are present for both Interface A and Interface B separately.
Page 68: Vlan On Ethernet Port
Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces • You cannot manually select the device’s operating channel; you must let the unit select the channel. You may make channels unavailable by manually “blacklisting” them and preventing those channels being selected, in accordance with local regulations or interference.
Page 69 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Transparent Mode Transparent mode is the default mode and is equivalent to the NO VLAN support. The VLAN receievs both the tagged and untagged frames from the network. Transparent mode simply forwards both the tagged and untagged frames received on the Ethernet port to WDS, Mesh or BSS and is not able to read any VLAN information.
Page 70 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Trunk Mode Trunk mode works as a filter. Trunk links provide VLAN identification for frames travelling between switches. Once this mode is enabled, the frames received from the WDS, Mesh or wireless ports are filtered and compared with the trunk tables entries.
Page 71: Management Vlan Configuration
Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Management VLAN Configuration Trunk Mode: In trunk mode if any management VLAN ID is configured then that management VLAN ID should present in trunk table, then only we can able to manage the device.
Page 72 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Web Interface The HTTP Interface (Web browser Interface) provides easy access to configuration settings and network statistics from any computer on the network. You can access the HTTP Interface over your LAN (switch, hub, etc.), over the Internet, or with a “crossover”...
Page 73 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces • When VLAN Mode is Access, text boxes Access VLAN ID and Access VLAN Priority are enabled and VLAN 1 to VLAN 16 text boxes are disabled. • When VLAN Mode is Mixed, all the text boxes from VLAN 1 to VLAN 16, Access VLAN ID and Access VLAN Priority are enabled.
Page 74 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces In the WDS example below, AP 1 and AP 2 communicate over a WDS link (represented by the blue line). This link provides Client 2 with access to network resources even though AP 2 is not directly connected to the Ethernet network.
Page 75 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces WDS Setup Procedure NOTE: You must disable Auto Channel Select to create a WDS. Each Access Point that is a member of the WDS must have the same channel setting to communicate with each other.
Page 76 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Figure 4-21 Adding WDS Links 6. Select which encryption method to use (if any) from the WDS Security Mode drop-down menu. 7. If you selected a WDS Security Mode, do one of the following: •...
Page 77: Ethernet
Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Ethernet Select the desired speed and transmission mode from the drop-down menu. Half-duplex means that only one side can transmit at a time and full-duplex allows both sides to transmit. When set to auto-duplex, the AP negotiates with its switch or hub to automatically select the highest throughput option supported by both sides.
Page 78: Mesh
CAUTION: Mesh mis-configuration may cause problems in your wireless network. Before configuring an interface for Mesh functionality, see Mesh Network Configuration. NOTE: AP-4000 units must use software version 3.4 (or later) to enable mesh functionality. For information on upgrading your unit’s software, see Installing the Software.
Page 79 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces • Security Mode: Select None to use Mesh networking without security, or AES to enable AES encryption between Mesh links. • Shared Secret: Enter a password between 6 and 32 characters. This is the password shared between a Mesh AP and the Portal to which it is connected when AES is selected as the security mode.
Page 80 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces Mesh Link Parameters To reset these parameters to their default settings, click the Default button. NOTE: Changes to these parameters require a reboot in order to take effect. • Maximum Active Mesh Links: Select a number between 1 and 32 to configure the number of Mesh links that can be connected to a single Mesh portal or Mesh AP, as follows: –...
Page 81 Advanced Configuration AP-4000/4000M/4900M User Guide Interfaces • Disable Client Access on No Uplink Connection: When this option is enabled, the AP will not provide wireless connections to clients on both radios if the unit does not have an uplink connection.
Page 82: Management
Advanced Configuration AP-4000/4000M/4900M User Guide Management Management The Management tab contains the following sub-tabs: • Passwords • IP Access Table • Services • Automatic Configuration (AutoConfig) • Hardware Configuration Reset (CHRD) Passwords Passwords are stored in flash memory and secured using encryption. You can configure the following passwords: •...
Page 83: Ip Access Table
Advanced Configuration AP-4000/4000M/4900M User Guide Management Figure 4-25 Management-Password Page IP Access Table The Management IP Access table limits in-band management access to the IP addresses or range of IP addresses specified in the table. This feature applies to all management services (SNMP, HTTP, and CLI) except for CLI management over the serial port.
Page 84 Advanced Configuration AP-4000/4000M/4900M User Guide Management • Secure Management Status: Enables the further configuration of HTTPS Access, SNMPv3, and Secure Shell (SSH). After enabling Secure Management, you can choose to configure HTTPS (SSL) and Secure Shell access on the Services tab, and to configure SNMPv3 passwords on the Passwords tab.
Page 85 Advanced Configuration AP-4000/4000M/4900M User Guide Management Figure 4-26 Management Services Configuration Screen...
Page 86 Advanced Configuration AP-4000/4000M/4900M User Guide Management Telnet Configuration Settings • Telnet Interface Bitmask: Select the interface (Ethernet, Wireless-Slot A, Wireless-Slot B, All Interfaces) from which you can manage the AP via telnet. This parameter can also be used to Disable telnet management.
Page 87 Advanced Configuration AP-4000/4000M/4900M User Guide Management NOTE: When Secure Management is enabled on the AP, SSH will be enabled by default and cannot be disabled. Host keys must either be generated externally and uploaded to the AP (see Uploading Externally Generated Host Keys), generated manually, or auto-generated at the time of SSH initialization if SSH is enabled and no host keys are present.
Page 88 Advanced Configuration AP-4000/4000M/4900M User Guide Management Serial Configuration Settings The serial port interface on the AP is enabled at all times. See Setting IP Address using Serial Port for information on how to access the CLI interface via the serial port. You can configure and view the following parameters: •...
Page 89: Automatic Configuration (Autoconfig)
Advanced Configuration AP-4000/4000M/4900M User Guide Management • RADIUS Profile for Management Access Control: Specifies the RADIUS Profile to be used for RADIUS Based Management Access. • Local User Status: Enables or disables the local user when RADIUS Based Management is enabled. The default local user ID is root.
Page 90 Advanced Configuration AP-4000/4000M/4900M User Guide Management Figure 4-28 Automatic Configuration Screen Set up Automatic Configuration for Dynamic IP Perform the following procedure to enable and set up Automatic Configuration when you have a dynamic IP address for the TFTP server via DHCP.
Page 91: Hardware Configuration Reset (Chrd)
Advanced Configuration AP-4000/4000M/4900M User Guide Management Figure 4-29 DHCP Options: Setting the Boot Server Host Name 4. Add the Boot Server Hostname and Boot Filename parameters to the Available Options list. 5. Set the value of the Boot Server Hostname Parameter to the hostname or IP Address of the TFTP server. For example: 11.0.0.7.
Page 92 Advanced Configuration AP-4000/4000M/4900M User Guide Management • If secure mode is enabled in the AP, only secure (SSL, SNMPv3, SSH) users can modify the values of the Hardware Configuration Reset Status and the configuration reset password. Configuration Reset via Serial Port During Bootup If hardware configuration reset is disabled, the user gets prompted by a configuration reset option to reset the AP to factory defaults during boot up from the serial interface.
Page 93 Advanced Configuration AP-4000/4000M/4900M User Guide Management When the correct configuration reset password is entered, the AP gets reset to factory defaults and displays the message “AP has been reset to Factory Default Settings.” The AP continues to boot up. If an incorrect configuration reset password is entered, the AP shows an error message and reprompts the user.
Page 94: Filtering
Advanced Configuration AP-4000/4000M/4900M User Guide Filtering Filtering The Access Point’s Packet Filtering features help control the amount of traffic exchanged between the wired and wireless networks. There are four sub-tabs under the Filtering heading: • Ethernet Protocol • Static MAC •...
Page 95: Static Mac
Advanced Configuration AP-4000/4000M/4900M User Guide Filtering Figure 4-32 Ethernet Protocol Filter Configuration 3. Configure the Ethernet Protocol Filter Table. This table is pre-populated with existing Ethernet Protocol Filters, however, you may enter additional filters by specifying the appropriate parameters. •...
Page 96 Advanced Configuration AP-4000/4000M/4900M User Guide Filtering For example, you can set up a Static MAC filter to prevent wireless clients from communicating with a specific server on the Ethernet network. You can also use this filter to block unnecessary multicast packets from being forwarded to the wireless network.
Page 97 Advanced Configuration AP-4000/4000M/4900M User Guide Filtering • To block traffic between a specific wired MAC address and a specific wireless MAC address, configure all four parameters. A maximum of 200 entries can be created in the Static MAC filter table. To create an entry, click Add and enter the appropriate MAC addresses and Masks to setup a filter.
Page 98: Advanced
Advanced Configuration AP-4000/4000M/4900M User Guide Filtering Result: When a logical “AND” is performed on the Wireless MAC Address and Wireless Mask, the result corresponds to any MAC address beginning with the 00:20:2D prefix. Since Wireless Client 1 and Wireless Client 2 share the same prefix (00:02:2D), traffic between the Wired Server and Wireless Clients 1 and 2 is blocked.
Page 99 Advanced Configuration AP-4000/4000M/4900M User Guide Filtering Figure 4-37 Advanced Filter Configuration The following protocols are listed in the Advanced Filter Table: • Deny IPX RIP • Deny IPX SAP • Deny IPX LSP • Deny IP Broadcasts • Deny IP Multicasts The AP can filter these protocols in the wireless-to-Ethernet direction, the Ethernet-to-wireless direction, or in both directions.
Page 100: Tcp/Udp Port
Advanced Configuration AP-4000/4000M/4900M User Guide Filtering Figure 4-38 Static MAC Filter Table - Edit Entries TCP/UDP Port Port-based filtering enables you to control wireless user access to network services by selectively blocking TCP/UDP protocols through the AP. A user specifies a Protocol Name, Port Number, Port Type (TCP, UDP, or TCP/UDP), and filtering interfaces (Wireless radio A or B only, Ethernet only, a combination of Wireless radio A or B and Ethernet, or all interfaces) in order to block access to services, such as Telnet and FTP, and traffic, such as NETBIOS and HTTP.
Page 101 Advanced Configuration AP-4000/4000M/4900M User Guide Filtering Figure 4-39 TCP/UDP Port Filter Configuration 2. Click Add under the TCP/UDP Port Filter Table heading. 3. In the TCP/UDP Port Filter Table enter the Protocol Names to filter. 4. Set the destination Port Number (a value between 1 and 65535) to filter. See the IANA Web site at http://www.iana.org/assignments/port-numbers...
Page 102 Advanced Configuration AP-4000/4000M/4900M User Guide Filtering Figure 4-40 TCP/UDP Port Filter Table - Add Entries Editing TCP/UDP Port Filters 1. Click Edit under the TCP/UDP Port Filter Table heading. 2. Make any changes to the Protocol Name or Port Number for a specific entry, if necessary.
Page 103: Alarms
Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Alarms The Alarms tab has the following sub-tabs: • Groups • Alarm Host Table • Syslog • Rogue Scan Groups Alarm groups can be enabled or disabled via the Web interface. Place a check mark in the box provided to enable a specific group.
Page 104 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Trap Name Description Severity Level oriTrapAuthenticationFailure Client authentication failure has occurred. Major Authentication failures can range from: • MAC Access Control table • RADIUS MAC authentication • 802.1x authentication specifying the EAP-Type • WORP mutual authentication •...
Page 105 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Trap Name Description Severity Level oriTrapDHCPFailed Response to the DHCP client request not Major received; device not dynamically assigned an IP address oriTrapDNSClientLookupFailure DNS client attempts to resolve a specified Major hostname (DNS lookup) and a failure occurs because either the DNS server is unreachable or there is an error for the hostname lookup.
Page 106 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Trap Name Description Severity Level oriTrapInvalidImage Invalid image loaded onto device Major oriTrapImageTooLarge Image loaded on the device exceeds the size Major limitation of flash oriTrapIncompatibleImage Incompatible image loaded onto device Major oriTrapInvalidImageDigitalSignature Image with invalid digital signature is loaded onto...
Page 107 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms RFC 1215-Trap Trap Name Description Severity Level coldStart AP is on or rebooted Informational linkUp AP's Ethernet interface link is up (working) Informational linkDown AP's Ethernet interface link is down (not working) Informational Bridge MIB (RFC 1493) Alarms...
Page 108: Syslog
Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Syslog The Syslog messaging system enables the AP to transmit event messages to a central server for monitoring and troubleshooting. The access point logs “Session Start (Log-in)” and “Session Stop (Log-out)” events for each wireless client as an alternative to RADIUS accounting.
Page 109 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms • Syslog Heartbeat Status: When Heartbeat is enabled, the AP periodically sends a message to the Syslog server to indicate that it is active. • Syslog Heartbeat Interval: If Syslog Heartbeat Status is enabled this field provides the interval for the heartbeat in seconds (between 1 and 604800).
Page 110 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Syslog Message Name Priority Severity Description Client Login Authentication Informational Client logs in/authenticates. Message includes: Status • Client MAC Address • Authentication Type = None, ACL, RADIUS MAC, 802.1X • Cipher Type = None, WEP, TKIP, AES •...
Page 111 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Syslog Message Name Priority Severity Description CLI Configuration File Execution Minor There is an error in execution of the CLI Errors configuration file. The message specifies the filename, line number, and error reason. SSH Initialization Failure...
Page 112 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Syslog Message Name Priority Severity Description PXU Registration Successful Informational AP successfully registers with the PXU. Message also includes PXU IP address. PXU Registration Failure Major AP fails to register with the PXU. Message also includes PXU IP address.
Page 113 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Background Scanning Mode In background scanning mode the AP performs background scanning while performing normal AP operations on the wireless interface. You can configure the scan cycle time between 1-1440 minutes (24 hours). The scan cycle time indicates how frequently a channel is sampled and defines the minimum attack period that can go unnoticed.
Page 114 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms NOTE: Rogue Scan cannot be enabled on a wireless interface when the Wireless Service Status on that interface is shutdown. First, resume service on the wireless interface. NOTE: Enabling Rogue Scan simultaneously with Broadcast Unique Beacon will cause a drift in the beacon interval and the occasional missing of beacons.
Page 115 Advanced Configuration AP-4000/4000M/4900M User Guide Alarms Figure 4-44 Rogue Scan Screen...
Page 116: Bridge
Advanced Configuration AP-4000/4000M/4900M User Guide Bridge Bridge The AP is a bridge between your wired and wireless networking devices. As a bridge, the functions performed by the AP include: • MAC address learning • Forward and filtering decision making •...
Page 117: Storm Threshold
Advanced Configuration AP-4000/4000M/4900M User Guide Bridge Figure 4-45 Spanning Tree Sub-Tab Storm Threshold Storm Threshold is an advanced Bridge setup option that you can use to protect the network against data overload by: • Specifying a maximum number of frames per second as received from a single network device (identified by its MAC address).
Page 118: Intra Bss
Advanced Configuration AP-4000/4000M/4900M User Guide Bridge Intra BSS The wireless clients (or subscribers) that associate with a certain AP form the Basic Service Set (BSS) of a network infrastructure. By default, wireless subscribers in the same BSS can communicate with each other. However, some administrators (such as wireless public spaces) may wish to block traffic between wireless subscribers that are associated with the same AP to prevent unauthorized communication and to conserve bandwidth.
Page 119: Qos
Advanced Configuration AP-4000/4000M/4900M User Guide Wi-Fi Multimedia (WMM)/Quality of Service (QoS) Introduction The AP supports Wi-Fi Multimedia (WMM), which is a solution for QoS functionality based on the IEEE 802.11e specification. WMM defines enhancements to the MAC for wireless LAN applications with Quality of Service requirements, which include transport of voice traffic over IEEE 802.11 wireless LANs.
Page 120 Advanced Configuration AP-4000/4000M/4900M User Guide 2. To enable QoS, check the Enable Quality of Service checkbox. 3. Configure the QoS Maximum Medium Threshold for all Admission Controls. Admission will be granted if the new requested traffic stream and already admitted time is less than the medium maximum threshold.
Page 121: Priority Mapping
Advanced Configuration AP-4000/4000M/4900M User Guide Priority Mapping Use this page to configure QoS 802.1p to 802.1d priority mappings (for layer 2 policies) and IP DSCP to 802.1d priority mappings (for layer 3 policies). The first entry in each table contains the recommended priority mappings. Custom entries can be added to each table with different priority mappings.
Page 122: Enhanced Distributed Channel Access (Edca)
Advanced Configuration AP-4000/4000M/4900M User Guide Figure 4-49 Add Priority Mapping Entry 3. Select the 802.1p Priority (from 0-7) for 802.1d Priorities 0-7. 4. Click OK. 5. Click Add in the IP Precedence/DSCP ranges and 802.1d Priority table. 6. Select the IP DSCP Range for each 802.1d Priority.
Page 123 Advanced Configuration AP-4000/4000M/4900M User Guide Figure 4-50 EDCA Tables 2. Click Edit and configure the following parameters in each table: NOTE: Changes to EDCA parameters require a reboot of the AP to take effect. • Index: read-only. Indicates the index of the Access Category (1-4) being defined: –...
Page 124 Advanced Configuration AP-4000/4000M/4900M User Guide • CWMax: maximum Contention Window. Configurable range is 0 to 65535. • AIFSN: Arbitration IFS per access category. Configurable range is 2 to 15. • Tx OP Limit: The Transmission Opportunity Limit. The Tx OP is an interval of time during which a particular QoS enhanced client has the right to initiate a frame exchange sequence onto the wireless medium.
Page 125: Radius Profiles
Advanced Configuration AP-4000/4000M/4900M User Guide Radius Profiles Radius Profiles Configuring Radius Profiles on the AP allows the administrator to define a profile for RADIUS Servers used by the system or by a VLAN. The network administrator can define RADIUS Servers per Authentication Mode and per VLAN.
Page 126: Configuring Radius Profiles
Advanced Configuration AP-4000/4000M/4900M User Guide Radius Profiles This figure shows a network with separate authentication servers for each authentication type and for each VLAN. The clients in VLAN 1 are authenticated using the authentication servers configured for VLAN 1. The type of authentication server used depends on whether the authentication is done for an 802.1x client or a non-802.1x client.
Page 127 Advanced Configuration AP-4000/4000M/4900M User Guide Radius Profiles NOTE: This page configures only the Primary RADIUS Server associated with the profile. After configuring these parameters, save them by clicking OK. Then, to configure the Secondary RADIUS Server, edit the profile from the main page.
Page 128: Mac Access Control Via Radius Authentication
Advanced Configuration AP-4000/4000M/4900M User Guide Radius Profiles – No delimiters/MAC: MAC addresses are formatted with no characters or spaces between pairs of hexadecimal digits (xxyyzzaabbcc) and the password sent to the RADIUS server is the MAC address of the client.
Page 129 Advanced Configuration AP-4000/4000M/4900M User Guide Radius Profiles accounting is initiated by sending an “Accounting Start” request to the RADIUS server. When the wireless client session ends, an “Accounting Stop” request is sent to the RADIUS server. NOTE: Each VLAN can be configured to use a separate RADIUS accounting server (and backup accounting server).
Page 130 Advanced Configuration AP-4000/4000M/4900M User Guide Radius Profiles Accounting Attributes • Acct-Delay-Time – Indicates how many seconds the AP has been trying to send a particular packet related to a particular user. This time can be used at the server to determine the approximate time of the event generating this accounting request.
Page 131: Pxu (Proximunify) Profile And Vlan Roaming
Advanced Configuration AP-4000/4000M/4900M User Guide PXU (ProximUnify) Profile and VLAN Roaming PXU (ProximUnify) Profile and VLAN Roaming ProximUnify architecture enables VLAN roaming for both data and voice clients. VLAN roaming support is required when a client device roams between APs connected to switches with different VLANs configured. IP Tunnels are used to forward the STAs traffic to and from the Home of the STA.
Page 132 Advanced Configuration AP-4000/4000M/4900M User Guide PXU (ProximUnify) Profile and VLAN Roaming Figure 4-54 PXU Profile Interface To configure the PXU Profile, click Configure>Radius/PXU Profiles>PXU Profile. The PXU Profile page appears. Following are the configurable fields to set up the PXU Profile to function.
Page 133: Ssid/Vlan/Security
Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security SSID/VLAN/Security The AP provides several security features to protect your network from unauthorized access. This section gives an overview of VLANs and then discusses the SSID/VLAN/Security configuration options in the AP: • VLAN Overview •...
Page 134 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security Figure 4-55 Components of a Typical VLAN VLAN Workgroups and Traffic Management Access Points that are not VLAN-capable typically transmit broadcast and multicast traffic to all wireless Network Interface Cards (NICs). This process wastes wireless bandwidth and degrades throughput performance. In comparison, a VLAN-capable AP is designed to efficiently manage delivery of broadcast, multicast, and unicast traffic to wireless clients.
Page 135: Management Vlan
Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security Management VLAN Figure 4-56 Mgmt VLAN VLAN Tagging Management Control Access to the AP Management access to the AP can easily be secured by making management stations or hosts and the AP itself members of a common VLAN. Simply configure a non-zero management VLAN ID and enable VLAN to restrict management of the AP to members of the same VLAN.
Page 136 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security 2. Set the VLAN Management ID to use the same VLAN ID as one of the configured SSIDs. 3. Place a check mark in the Enable VLAN Tagging box. Disable VLAN Tagging 1. Click Configure > SSID/VLAN/Security > Mgmt VLAN.
Page 137: Security Profile
Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security Figure 4-58 To Edit Uplink VLAN Configuration interface To Delete Uplink VLAN Configuration 1. Select the Index number of the uplink table by clicking the radio button. 2. Click the DELETE button. Security Profile See the following sections: •...
Page 138 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security (EAP) as a standards-based authentication framework, and supports automatic key distribution for enhanced security. The EAP-based authentication framework can easily be upgraded to keep pace with future EAP types. Popular EAP types include: •...
Page 139 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security Wi-Fi Protected Access (WPA/802.11i [WPA2]) Wi-Fi Protected Access (WPA) is a security standard designed by the Wi-Fi Alliance in conjunction with the Institute of Electrical and Electronics Engineers (IEEE). The AP supports 802.11i (WPA2), based on the IEEE 802.11i security standard.
Page 140 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security If you have both 802.1x and MAC Access Control authentication enabled, the 802.1x authentication takes precedence because it is higher in the authentication protocol hierarchy. This is required in order to propagate the WEP/TKIP/AES keys to the clients in such cases.
Page 141 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security Figure 4-60 Security Profile Configuration 2. Click Add in the Security Profile Table to create a new entry. To modify an existing profile, select the profile and click Edit. To delete an existing profile, select the profile and click Delete. You cannot delete a Security Profile used in an SSID.
Page 142 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security NOTE: When VLAN tagging is enabled, only Key 0 can be configured. • 802.1x Station: • Authentication Mode: 802.1x • Cipher: WEP • Encryption Key Length: 64 or 128 Bits. — If 802.1x is enabled simultaneously with WEP, the 802.1x Station’s encryption key length is determined by the WEP encryption key.
Page 143: Mac Access
Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security Figure 4-61 Security Profile Table - Add Entries MAC Access The MAC Access sub-tab allows you to build a list of stations, identified by their MAC addresses, authorized to access the network through the AP. The list is stored inside each AP within your network. Up to 1000 entries can be made in the table.
Page 144: Wireless-A Or Wireless-B
Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security The following list details the configurable MAC Access parameters. • Operation Type: Choose between Passthru and Block. This determines how the stations identified in the MAC Access Control Table are filtered. – If set to Passthru, only the addresses listed in the Control Table will pass through the bridge.
Page 145 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security Figure 4-63 SSID, VLAN, and Security Configuration (VLAN Tagging Disabled) 2. Enable or disable RADIUS accounting on the VLAN/SSID by selecting Enable or Disable from the Accounting Status drop-down menu. 3. Control the functionality of RADIUS MAC Authentication on the VLAN/SSID by selecting one of the following from the the RADIUS Authentication Status drop-down menu.
Page 146 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security • Strict: MAC ACL settings are enabled. If a higher-priority authentication protocol is also enabled, MAC ACL settings will be applied in addition to the higher priority authentication protocol settings. See Authentication Protocol Hierarchy. When MAC ACL Status is set to Strict, changes to the MAC ACL table (configured on the MAC Access page) will take effect without a device reboot.
Page 147 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security NOTE: A PXU AP will not allow wireless client association to an SSID having CMOB status enabled until it registers to either Primary or Secondary PXU module. 11. Enter a unique VLAN ID. This parameter is mandatory.
Page 148 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security Figure 4-65 SSID/VLAN Configuration (VLAN Tagging Enabled) NOTE: If you disable (uncheck) the Enable Security per SSID option, you will be able to add multiple SSID/VLANs, but the same configuration parameters (described below) will applied to all of them.
Page 149 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security Figure 4-66 SSID/VLAN Add Entries Screen (VLAN Tagging Enabled) 4. Enter a unique Network Name (SSID) between 1 and 32 characters. This parameter is mandatory. NOTE: Do not use quotation marks (single or double) in the Network Name; this will cause the AP to misinterpret the name.
Page 150 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security • Enable: The SSID is not advertised in the beacon, and the AP will respond to probe requests with an SSID only if the client has specified the SSID in the probe request. If the client sends a probe request with a null or “ANY”...
Page 151 Advanced Configuration AP-4000/4000M/4900M User Guide SSID/VLAN/Security 21.Reboot the AP.
Page 152: Monitoring
AP-4000/4000M/4900M User Guide Monitoring This chapter discusses the following monitoring options: • Version: Provides version information for the Access Point’s system components. • ICMP: Displays statistics for Internet Control Message Protocol packets sent and received by the AP. • IP/ARP Table: Displays the AP’s IP Address Resolution table.
Page 153: Version
Monitoring AP-4000/4000M/4900M User Guide Version Version From the HTTP interface, click the Monitor button and select the Version tab. The list displayed provides you with information that may be pertinent when calling Technical Support. With this information, your Technical Support representative can verify compatibility issues and make sure the latest software are loaded.
Page 154: Icmp
Monitoring AP-4000/4000M/4900M User Guide ICMP ICMP This tab provides statistical information for both received and transmitted messages directed to the AP. Not all ICMP traffic on the network is counted in the ICMP (Internet Control Message Protocol) statistics. Figure 5-3 ICMP Monitoring Tab...
Page 155: Ip/Arp Table
Monitoring AP-4000/4000M/4900M User Guide IP/ARP Table IP/ARP Table This tab provides information based on the Address Resolution Protocol (ARP), which relates MAC Address and IP Addresses. Figure 5-4 IP/ARP Table Monitoring Tab...
Page 156: Learn Table
Monitoring AP-4000/4000M/4900M User Guide Learn Table Learn Table This tab displays information relating to network bridging. It reports the MAC address for each node that the device has learned is on the network and the interface on which the node was detected. There can be up 10,000 entries in the Learn Table.
Page 157: Iapp
Monitoring AP-4000/4000M/4900M User Guide IAPP IAPP This tab displays statistics relating to client handovers and communications between Access Points. Figure 5-6 IAPP Monitoring Tab...
Page 158: Radius
Monitoring AP-4000/4000M/4900M User Guide RADIUS RADIUS This tab provides RADIUS authentication, EAP/802.1x authentication, and accounting information for both the Primary and Backup RADIUS servers for each RADIUS Server Profile. NOTE: Separate RADIUS servers can be configured for each RADIUS Server Profile.
Page 159: Interfaces
Monitoring AP-4000/4000M/4900M User Guide Interfaces Interfaces This tab displays statistics for the Ethernet and wireless interfaces. Figure 5-8 Interface Monitoring Tab (Ethernet) Description of Interface Statistics The following statistics are displayed for the Ethernet interface only, either of the wireless interfaces only, or for all interfaces: •...
Page 160 Monitoring AP-4000/4000M/4900M User Guide Interfaces • Ethernet Chipset (Ethernet): Identifies the chipset used to realize the interface. • Excessive Collisions (Ethernet): The number of frames for which transmission fails due to excessive collisions. • Failed ACK Count (Wireless-Slot A/B): The number of times an acknowledgment (or ACK) is not received when expected.
Page 161 Monitoring AP-4000/4000M/4900M User Guide Interfaces • Out Discards (Ethernet/Wireless-Slot A/B): The number of error-free outbound packets chosen to be discarded to prevent their being transmitted. One possible reason for discarding such a packet could be to free up buffer space.
Page 162: Station Statistics
Monitoring AP-4000/4000M/4900M User Guide Station Statistics Station Statistics This tab displays information on wireless clients attached to the AP and on Wireless Distribution System. Enable the Monitoring Station Statistics feature (Station Statistics are disabled by default) by checking Enable Monitoring Station Statistics and click OK.
Page 163 Monitoring AP-4000/4000M/4900M User Guide Station Statistics • Time since Last Frame Received: The time elapsed since the last frame from the associated wireless station (or WDS link partner) was received. • Number of Stations and WDS Links: The number of stations and WDS links monitored.
Page 164: Mesh Statistics
Monitoring AP-4000/4000M/4900M User Guide Mesh Statistics Mesh Statistics This Mesh tab and its related sub-tabs display statistics relating to Mesh functionality. See the following sections: • Topology • Neighbors • Link Statistics • Link Test Topology The Topology sub-tab displays the network topology of the Mesh network.
Page 165: Link Test
Monitoring AP-4000/4000M/4900M User Guide Mesh Statistics Figure 5-12 Mesh Statistics Link Statistics Sub-Tab Link Test The Link Test tab allows you to run two types of Mesh link tests: Tree Type or Neighbor Type. The Tree Type link test is initiated from the Portal to any point on the Mesh tree. The Mesh units involved in the test must be in the "Active"...
Page 166 Monitoring AP-4000/4000M/4900M User Guide Mesh Statistics Figure 5-13 Mesh Statistics Link Test Sub-Tab To execute a Link Test, set the following parameters: • Test Type: Tree Type or Neighbor Type • Destination System Name: The destination Mesh unit. • Test Traffic Rate: The number of frames per second to test.
Page 167: Commands
AP-4000/4000M/4900M User Guide Commands This chapter contains information on the following Command functions: • Introduction to File Transfer via TFTP or HTTP: Describes the available file transfer methods. • Update AP: Download files via TFTP or HTTP to the AP.
Page 168: Introduction To File Transfer Via Tftp Or Http
Commands AP-4000/4000M/4900M User Guide Introduction to File Transfer via TFTP or HTTP Introduction to File Transfer via TFTP or HTTP There are two methods of transferring files to or from the AP: TFTP or HTTP (or HTTPS if enabled): •...
Page 169: Update Ap
Commands AP-4000/4000M/4900M User Guide Update AP Update AP Update AP via TFTP Use the Update AP via TFTP tab to download Configuration, AP Image, License file, Bootloader files, Certificate and Private Key files, and CLI Batch File to the AP. A TFTP server must be running and configured to point to the directory containing the file.
Page 170: Update Ap Via Http
Commands AP-4000/4000M/4900M User Guide Update AP – SSH Private Key: the private key in SSH communications. See Secure Shell (SSH) Settings for more information. – CLI Batch File: a CLI Batch file that contains CLI commands to configure the AP. This file will be executed by the AP immediately after being uploaded.
Page 171 Commands AP-4000/4000M/4900M User Guide Update AP A warning message gets displayed that advises the user that a reboot of the device will be required for changes to take effect. Figure 6-4 Warning Message 4. Click OK to continue with the operation or Cancel to abort the operation.
Page 172: Retrieve File
Commands AP-4000/4000M/4900M User Guide Retrieve File Retrieve File Retrieve File via TFTP Use the Retrieve File via TFTP tab to upload files from the AP to the TFTP server. The TFTP server must be running and configured to point to the directory to which you want to copy the uploaded file. We suggest you assign the file a meaningful name, which may include version or location information.
Page 173: Retrieve File Via Http
Commands AP-4000/4000M/4900M User Guide Retrieve File Retrieve File via HTTP Use the Retrieve File via HTTP tab to retrieve configuration files, CLI Batch Files, or CLI Batch Logs from the AP. For more information on CLI Batch Files and CLI Batch Logs see CLI Batch File.
Page 174 Commands AP-4000/4000M/4900M User Guide Retrieve File Figure 6-10 File Download Dialog Box 4. On clicking the Save button the Save As window displays. Select an appropriate filename and location and click OK.
Page 175: Reboot
Commands AP-4000/4000M/4900M User Guide Reboot Reboot Use the Reboot tab to save configuration changes (if any) and reset the AP. Enter a value between 0 and 65535 seconds; entering a value of 0 (zero) seconds causes an immediate reboot. Note that Reset, described below, does not save configuration changes.
Page 176: Reset
Commands AP-4000/4000M/4900M User Guide Reset Reset Use the Reset tab to restore the AP to factory default conditions. Since this will reset the AP’s current IP address, a new IP address must be assigned. See Logging In for more information.
Page 177: Help Link
Commands AP-4000/4000M/4900M User Guide Help Link Help Link Use the Help tab to configure the location of the AP Help files. During initialization, the AP on-line help files are downloaded to the default location: C:/Program Files/ORiNOCO/AP4x00x/HTML/index.htm. To enable the Help button on each page of the Web interface to access the help files, however, copy the entire Help folder to a web server, then specify the new HTTP path in the Help Link box.
Page 178: Troubleshooting
AP-4000/4000M/4900M User Guide Troubleshooting This chapter provides information on the following: • Troubleshooting Concepts • Symptoms and Solutions • Recovery Procedures • Related Applications NOTE: This section helps you locate problems related to the AP device setup. For details about RADIUS, TFTP, serial communication programs (such as HyperTerminal), Telnet applications, or web browsers, please see the documentation that came with the respective application for assistance.
Page 179: Symptoms And Solutions
Troubleshooting AP-4000/4000M/4900M User Guide Symptoms and Solutions Symptoms and Solutions Connectivity Issues Connectivity issues include any problem that prevents you from powering up or connecting to the AP. AP Unit Will Not Boot - No LED Activity 1. Make sure your power source is operating.
Page 180 Troubleshooting AP-4000/4000M/4900M User Guide Symptoms and Solutions 2. The AP only contacts a DHCP server during boot-up. If your network’s DHCP server is not available while the AP is booting, the device will use the default IP address (169.254.128.132). Reboot the AP once your DHCP server is on-line again or use the ScanTool to find the Access Point’s current IP address.
Page 181: Client Connection Problems
802.1Q compliant VLAN headers or tags. The VLAN ID in the headers should correspond to one of the VLAN User IDs configured for the AP. NOTE: The AP-4000/4000M/4900M supports 16 VLAN/SSID pairs per wireless interface, each with a configured security profile.
Page 182: Cmob Operation Issues
Troubleshooting AP-4000/4000M/4900M User Guide Symptoms and Solutions CAUTION: The Forced Reload procedure disconnects all users and resets all values to factory defaults. CMOB Operation Issues • Client Computer can not connect to a CMOB-enabled SSID — The PXU profile should have at least one PXU Module (Primary/Secondary) enabled —...
Page 183 Troubleshooting AP-4000/4000M/4900M User Guide Symptoms and Solutions “Overload” Indications 1. Verify that you are not using a cross-over cable between the PoE output port and the AP. 2. Verify that there is no short over any of the twisted pair cables.
Page 184: Recovery Procedures
Troubleshooting AP-4000/4000M/4900M User Guide Recovery Procedures Recovery Procedures The most common installation problems relate to IP addressing. For example, without the TFTP server IP Address, you will not be able to download a new AP Image to the AP. IP Address management is fundamental. We suggest you create a chart to document and validate the IP addresses for your system.
Page 185 Troubleshooting AP-4000/4000M/4900M User Guide Recovery Procedures – Download a New Image Using the Bootloader CLI Because the CLI option requires a physical connection to the unit’s serial port, Proxim recommends the ScanTool option. Download a New Image Using ScanTool To download the AP Image, you will need an Ethernet connection to the computer on which the TFTP server resides and to a computer that is running ScanTool (this is either two separate computers connected to the same network or a single computer running both programs).
Page 186 Troubleshooting AP-4000/4000M/4900M User Guide Recovery Procedures You must also connect the AP to a computer with a standard serial cable and use a terminal client, such as HyperTerminal. From the terminal, enter CLI Commands to set the IP address and download an AP Image.
Page 187: Setting Ip Address Using Serial Port
Troubleshooting AP-4000/4000M/4900M User Guide Recovery Procedures [Device name]> reboot The AP will reboot and then download the image file. You should see downloading activity begin after a few seconds within the TFTP server’s status screen. 8. When the download process is complete, configure the AP.
Page 188 Troubleshooting AP-4000/4000M/4900M User Guide Recovery Procedures Figure 7-1 Result of “show ip” CLI Command 6. Change the IP address and other network values using set and reboot CLI commands, similar to the example below (use your own IP address and subnet mask). Note that IP Address Type is set to Dynamic by default. If you have a DHCP server on your network, you should not need to manually configure the Access Point’s IP address;...
Page 189: Related Applications
Troubleshooting AP-4000/4000M/4900M User Guide Related Applications Related Applications RADIUS Authentication Server If you enabled RADIUS Authentication on the AP, make sure that your network’s RADIUS servers are operational. Otherwise, clients will not be able to log in. There are several reasons the authentication server services might be unavailable, here are two typical things to check: •...
Page 190: A Command Line Interface (Cli)
AP-4000/4000M/4900M User Guide Command Line Interface (CLI) This section discusses the following: • General Notes • Command Line Interface (CLI) Variations • CLI Command Types • Using Tables and Strings • Configuring the AP using CLI commands • CLI Monitoring Parameters •...
Page 191: Prerequisite Skills And Knowledge
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide General Notes General Notes Prerequisite Skills and Knowledge To use this document effectively, you should have a working knowledge of Local Area Networking (LAN) concepts, network access infrastructures, and client-server relationships. In addition, you should be familiar with software setup procedures for typical network operating systems and servers.
Page 192: Cli Error Messages
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide General Notes Key Combination Operation Complete the command line List available commands CLI Error Messages The following table describes the error messages associated with improper inputs or expected CLI behavior. Error Message Description Syntax Error Invalid syntax entered at the command prompt.
Page 193: Command Line Interface (Cli) Variations
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Command Line Interface (CLI) Variations Command Line Interface (CLI) Variations Administrators use the CLI to control Access Point operation and monitor network statistics. The AP supports two types of CLI: the Bootloader CLI and the normal CLI. The Bootloader CLI provides a limited command set, and is used when the current AP Image is bad or missing.
Page 194 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Command Line Interface (CLI) Variations Figure A-2 Results of “show” bootloader CLI command...
Page 195: Cli Command Types
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Command Types CLI Command Types This guide divides CLI Commands into two categories: Operational and Parameter Controls. Operational CLI Commands These commands affect Access Point behavior, such as downloading, rebooting, and so on. After entering commands (and parameters, if any) press the Enter key to execute the Command Line.
Page 196 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Command Types Example 2. Display specific Commands To show all commands that start with specified letters, enter one or more letters, then ? with no space between letters and ?. [Device-Name]>s? Figure A-4 Result of “s?” CLI command Example 3.
Page 197 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Command Types Figure A-7 Result of “show iparp?” CLI command Example 4. Display Prompts for Successive Parameters Enter the command, a space, and then ?. Then, when the parameter prompt appears, enter the parameter value. The parameter is changed and a new CLI line is echoed with the new value (in the first part of the following example, the value is the IP Address of the TFTP server).
Page 198 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Command Types help Displays instructions on using control-key sequences for navigating a Command Line and displays command information and examples. 1. Using help as the only argument: [Device-Name]>help Figure A-8 Results of “help” CLI command 2.
Page 199: Parameter Control Commands
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Command Types search Lists the parameters supported by the specified table. This list corresponds to the table information displayed in the HTTP interface. In this example, the CLI returns the list of parameters that make up an entry in the IP Access Table.
Page 200 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Command Types [Device-Name]>show network [Device-Name]>show mgmtipaccesstbl “set” CLI Command Sets (modifies) the value of the specified parameter. To see a definition and syntax example, type only set and then press the Enter key. To see a list of available parameters, enter a space, then a question mark (?) after set (example: set?).
Page 201 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Command Types Example 2 - Create a table entry or row Use 0 (zero) as the index to a table when creating an entry. When creating a table row, only the mandatory table elements are required (comment is usually an optional table element).
Page 202 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Command Types Figure A-10 Results of “show network” and “show ip” CLI Commands Example 6 - Show Individual and Table Parameters 1. View a single parameter. Syntax: [Device-Name]>show <parameter name> Example: [Device-Name]> show ipaddr Displays the Access Point IP address.
Page 203: Using Tables And Strings
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Using Tables and Strings Using Tables and Strings Working with Tables Each table element (or parameter) must be specified, as in the example below. [Device-Name]>set mgmtipaccesstbl 0 ipaddr 10.0.0.10 ipmask 255.255.0.0 Below are the rules for creating, modifying, enabling/disabling, and deleting table entries.
Page 204 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Using Tables and Strings The string delimiter does not have to be used for every string object. The single quote or double quote only has to be used for string objects that contain blank space characters. If the string object being used does not contain blank spaces,...
Page 205: Configuring The Ap Using Cli Commands
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Configuring the AP using CLI commands Log into the AP using HyperTerminal 1. Open your terminal emulation program (like HyperTerminal) and set the following connection properties: •...
Page 206: Set Basic Configuration Parameters Using Cli Commands
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Set Basic Configuration Parameters using CLI Commands There are a few basic configuration parameters that you may want to setup right away when you receive the AP. For example: •...
Page 207 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands [Device-Name]>set snmprpasswd <New Password> (SNMP read password) [Device-Name]>set snmprwpasswd <New Password> (SNMP read/write) [Device-Name]>set snmpv3authpasswd <New Password> (SNMPv3 authentication password) [Device-Name]>set snmpv3privpasswd <New Password> (SNMPv3 privacy password) [Device-Name]>reboot 0...
Page 208 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Country Code Country Code Country Code Argentina Hungary Peru Armenia Iceland Philippines Australia India Poland Austria Indonesia Portugal Azerbaijan Ireland 5.8 GHz Puerto Rico Bahrain Israel Qatar...
Page 209 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Enable and Configure TX Power Control for the Wireless Interface(s) The TX Power Control feature lets the user configure the transmit power level of the card in the AP.
Page 210 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Set up Auto Configuration The Auto Configuration feature which allows an AP to be automatically configured by downloading a specific configuration file from a TFTP server during the boot up process.
Page 211: Other Network Settings
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Other Network Settings There are other configuration settings that you may want to set for the AP. Some of them are listed below. • Configure the AP as a DHCP Server •...
Page 212 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Configure DHCP Relay Perform the following command to enable or disable DHCP Relay Agent Status. NOTE: You must have at least one entry in the DHCP Relay Server Table before you can set the DHCP Relay Status to Enable.
Page 213 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Dynamic Channel Selection (DCS) [Device-Name]>set dcs <1 (enable)/2 (disable)> [Device-Name]>set dcsthreshold <value 1-10> The values for the DCS Threshold range from 1 to 10. The default value is 5.
Page 214 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Value Corresponding Antenna Enabled 802.11b/g (connector 1) 802.11b/g (connector 2) 802.11a/4.9 GHz (connector 3) 802.11a/4.9 GHz (connector 4) 5 (auto) Both antennas on interface NOTE: See Antennas for more information on internal and external antenna ports.
Page 215 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands [Device-Name]>ethvlanaccessid <value 1-4094> This command stands for the Access VLAN ID configuration. The values range from 1 to 4094. [Device-Name]>set ethvlanpriority <value 0-7> For Access VLAN Priority, there are eight values. The default is 0 and the maximum is 7.
Page 216 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Set Telnet Session Timeouts [Device-Name]>set tellogintout <time in seconds between 1 and 300 (default is 30)> [Device-Name]>set telsessiontout <time in seconds between 1 and 36000 (default is 900)>...
Page 217 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Configure MAC Access Control Setup MAC (Address) Access Control [Device-Name]>set wifssidtbl <index> aclstatus enable/disable [Device-Name]>set macacloptype <passthru, block> [Device-Name]>reboot 0 Add an Entry to the MAC Access Control Table [Device-Name]>set macacltbl 0 macaddr <MAC Address>...
Page 218 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands MAC Address Format : dashdelimited Response Time Maximum Retransmission Authorization Lifetime Accounting Update Interval Accounting Inactivity Timer Index Primary/Backup : Backup Profile Name : MAC Authentication Server Status...
Page 219 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Set Hardware Configuration Reset Parameters The Hardware Configuration Reset commands allows you to enable or disable the hardware reset functionality and to change the password to be used for configuration reset during boot up.
Page 220 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Configuring the AP using CLI commands Configure a Security Profile with 802.1x Security Mode [Device-Name]>set secprofiletbl <index> secmode 802.1x encryptkeylength <value> status enable Example: [Device-Name]>set secprofiletbl 4 secmode 802.1x encryptkeylength 1 status enable Configure a Security Profile with WPA Security Mode [Device-Name]>set secprofiletbl <index>...
Page 221: Cli Monitoring Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Monitoring Parameters CLI Monitoring Parameters Using the show command with the following table parameters will display operating statistics for the AP (these are the same statistics that are described in the Monitoring section).
Page 222: Parameter Tables
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Parameter Tables Objects contain groups that contain both parameters and parameter tables. Use the following Tables to configure the Access Point. Columns used on the tables include: • Name - Parameter, Group, or Table Name •...
Page 223 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables – Broadcast Filtering Table - Control the type of broadcast packets forwarded to the wireless network – TCP/UDP Port Filtering - Filter IP packets based on TCP/UDP port • Alarms Parameters –...
Page 224: System Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables System Parameters Name Type Value Access CLI Parameter System Group system Name DisplayString User Defined sysname Location DisplayString User Defined sysloc Country Identifier* DisplayString Country Identifiers sysworldcountrycode below Contact Name DisplayString...
Page 225 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Country Indoor/Outdoor Identifier Finland Indoor Outdoor France Indoor Outdoor Germany Indoor Outdoor Greece Indoor Outdoor Hungary Indoor Outdoor Ireland Indoor Outdoor Italy Indoor Outdoor Latvia Indoor Outdoor Lithuania Indoor Outdoor Luxembourg...
Page 226: Network Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Inventory Management Information The inventory management commands display advanced information about the AP’s installed components. You may be asked to report this information to a representative if you contact customer support.
Page 227 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables DNS Client for RADIUS Name Resolution Name Type Value Access CLI Parameter DNS Client Group DNS Client status Integer enable dnsstatus disable (default) Primary DNS Server IP IpAddress User Defined dnspridnsipaddr...
Page 228 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables DHCP Relay Group The DHCP Relay Group allows you to enable or disable DHCP Relay Agent Status. Name Type Value Access CLI Parameter DHCP Relay Group Group dhcprelay Status Integer enable...
Page 229 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables SNTP Parameters Name Type Value Access CLI Parameter SNTP Group Group sntp SNTP Status Integer enable sntpstatus disable Primary Server Name or DisplayString 0 - 255 characters sntpprisvr IP Address Secondary Server Name...
Page 230: Interface Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Interface Parameters Wireless Interface Parameters The wireless interface group parameter is wif. Wireless Interface A (802.11a/4.9 GHz radio) uses table index 3 and Wireless Interface B (802.11b/g radio) uses table index 4.
Page 231 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Common Parameters to 802.11a, 4.9 GHz, and 802.11b/g Name Type Value Access CLI Parameter Wireless Interfaces Group Table Index Integer 3 (Wireless Interface A) or 4 index (Wireless Interface B) Operational Mode...
Page 232 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Distance Between Receive Sensitivity Transmit Defer Threshold Threshold (dBm) (dBm) Large Medium Small Mini Micro ** Each 802.11 packet is acknowledged by the receiving station. On links longer than about 100m, the time that it takes for the ACK to get back to the sending station is long enough to cause the sending station to believe that the packet was not properly received.
Page 233 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables 4.9 GHz Specific Parameters Name Type Value Access CLI Parameter Operating Frequency Integer Varies by regulatory channel Channel domain and country. See Available Channels Supported Data Rates Octet String See Transmit Rate,...
Page 234 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter Regulatory Domain List DisplayString Varies by regulatory domain: regdomain USA -- FCC Hong Kong -- HK Australia -- AU Europe -- ETSI Russia -- RU...
Page 235 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables 802.11b Specific Parameters Name Type Value Access CLI Parameter Operating Frequency Integer 1 - 14; available channels vary by channel Channel regulatory domain/country; see Available Channels Multicast Rate Integer 1 Mbits/sec (1)
Page 236 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter Transmit Rate Integer32 For 802.11b-only mode: txrate 0 (auto fallback; default) 1 Mbits/sec 2 Mbits/sec 5.5 Mbits/sec 11 Mbits/sec For 802.11g-only mode:* 0 (auto fallback; default)
Page 237 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Wireless Distribution System (WDS) Parameters Name Type Value Access CLI Parameter WDS Table Table wdstbl Port Index Integer 3.1 - 3.6 (Wireless) portindex Status Integer enable, disable status Partner MAC Address...
Page 238 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter RADIUS Accounting Integer enable acctstatus Status per VLAN disable MAC ACL Status per Integer enable aclstatus VLAN disable Security Profile Integer32 User defined secprofile RADIUS MAC Profile...
Page 239 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter Medium Occupancy Integer32 0–10 meshmedocfactor Factor Signal Strength Cutoff Integer32 0–26 meshsignalstrengthcutoff Max Hops to Portal Integer32 1–4 meshmaxhops Mesh Mobility Mode Integer 1 (static)
Page 240: Management Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Management Parameters Secure Management Parameters Name Type Value Access CLI Parameter Secure Management Integer 1 (enable) securemgmtstatus 2 (disable) SNMP Parameters Name Type Value Access CLI Parameter SNMP Group snmp SNMP Management...
Page 241 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Telnet Parameters Name Type Value Access CLI Parameter Telnet Group telnet Telnet Management Interface Bitmask 0 or 2 = No interfaces telifbitmask Interface Bitmask (disable) 1 or 3 = Ethernet 4 or 6 = Wireless A 8 or 10 = Wireless B 12 = Wireless A &...
Page 242 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables SSH Parameters The following commands enable or disable SSH and set the SSH host key. Name Type Value Access CLI Parameter SSH Status Integer enable sshstatus disable SSH Public Host Key...
Page 243: Filtering Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter TFTP File Type Integer tftpfiletype config bootloader sslcertificate sslprivatekey sshprivatekey sshpublickey clibatchfile (CLI Batch File) cbflog (CLI Batch Error Log) IP Access Table Parameters When creating table entries, you may either specify the argument name followed by argument value or simply enter the argument value.
Page 244 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter Protocol Number Octet String protonumber Protocol Name (optional) DisplayString protoname Status (optional) Integer enable (1) status disable (2) delete (3) NOTE: The filter Operation Type (passthru or block) applies only to the protocol filters that are enabled in this table.
Page 245 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Proxy ARP Parameters Name Type Value Access CLI Parameter Proxy ARP Group parp Status Integer enable parpstatus disable (default) IP ARP Filtering Parameters Name Type Value Access CLI Parameter IP ARP Filtering...
Page 246: Alarms Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter Port Number Octet String User Defined portnum (there are also 4 pre-defined protocols: Index 1: NetBios Name Service - 137, Index 2: NetBios Datagram Service - 138, Index 3:...
Page 247 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Syslog Parameters The following parameters configure the Syslog settings. Name Type Value Access CLI Parameter Syslog Group syslog Syslog Status Integer enable syslogstatus disable (default) Syslog Port Octet String syslogport Syslog Lowest Priority...
Page 248: Bridge Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Bridge Parameters Spanning Tree Parameters Name Type Value Access CLI Parameter Spanning Tree Group Spanning Tree Status Integer enable stpstatus disable (default) Bridge Priority Integer 0 - 65535 stppriority 32768 (default)
Page 249 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Storm Threshold Table Name Type Value Access CLI Parameter Storm Threshold Table Table stmthrestbl Table Index Integer 1 = Ethernet index 3 = Wireless Broadcast Threshold Integer 0 - 255 packets/sec...
Page 250: Radius Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables RADIUS Parameters General RADIUS Parameters Name Type Value Access CLI Parameter RADIUS Group radius Client Invalid Server Counter32 radcliinvsvradd Address RADIUS Server Configuration Parameters NOTE: Use a server name only if you have enabled the DNS Client functionality. See DNS Client for RADIUS Name Resolution.
Page 251: Security Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Security Parameters MAC Access Control Parameters Name Type Value Access CLI Parameter MAC Address Control Group macacl Status Integer enable aclstatus disable (default) Operation Type Integer passthru (default) macacloptype block MAC Access Control Table...
Page 252 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter Hardware Configuration Integer enable (1) hwconfigresetstatus Reset Status disable (2) Configuration Reset DisplayString User Defined configresetpasswd Password Security Profile Table The Security Profile Table allows you to configure security profiles. A maximum of 16 security profiles are supported per wireless interface.
Page 253: Vlan/Ssid Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Encryption Key Format If WEP security mode is configured, then the appropriate key size must be configured. The AP supports 63-, 128-, and 152-bit encryption keys. Encryption keys may be configured using either hexadecimal or ASCII values, as described in the following table.
Page 254: Wireless Multimedia Enhancements (Wme)/Quality Of Service (Qos) Parameters
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Wireless Multimedia Enhancements (WME)/Quality of Service (QoS) parameters The Wireless Multimedia Enhancements commands enable and configure Wireless Multimedia Enhancement/Quality of Service parameters per wireless interface. The following two commands are part of the Wireless Interface Properties table.
Page 255 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter Table Row Status Row Status enable status disable delete Specifying the Mapping between IP Precedence/DSCP Ranges and 802.1D Priorities The QoS IP DSCP to 802.1D Mapping Table specifies the mapping between IP Precedence/DSCP Ranges and 802.1D priorities.
Page 256 Command Line Interface (CLI) AP-4000/4000M/4900M User Guide Parameter Tables Name Type Value Access CLI Parameter Table Index Integer 3 (Wireless A) — 4 (Wireless B) QoS Access Category Integer 1 (Best Effort) — 2 (Background) 3 (Video) 4 (Voice) CWmin...
Page 257: Cli Batch File
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Batch File CLI Batch File A CLI Batch file is a user-editable file that lists a series of CLI set commands, that can be uploaded to the Access Point to change its configuration. The Access Point executes the CLI commands specified in the CLI Batch file after upload and the configuration gets changed accordingly.
Page 258: Reboot Behavior
Command Line Interface (CLI) AP-4000/4000M/4900M User Guide CLI Batch File Reboot Behavior When a CLI Batch file contains a reboot command, the reboot will occur only after the entire CLI Batch file has been executed. There are two methods of uploading the CLI Batch File: •...
Page 259: B Proximunify (Pxu) Management
AP-4000/4000M/4900M User Guide ProximUnify (PXU) Management This section discusses the MIB Parameters: • To manage CMOB • To manage the PXU • To manage the Uplink VLAN ID table To manage CMOB Name Type Value Access MIB Objects Wireless Interface...
Page 260 ProximUnify (PXU) Management AP-4000/4000M/4900M User Guide To manage the Uplink VLAN ID table Name Type Access MIB Objects Uplink VLAN ID Table Table oriUplinkVLANIDTable Uplink VLAN ID Table Entry Table Entry oriUplinkVLANIDTableEntry Uplink VLAN ID Table Index Integer32 oriUplinkVLANIDTableIndex Uplink VLAN ID Table Start...
Page 261: Ascii Character Chart
AP-4000/4000M/4900M User Guide ASCII Character Chart You can configure WEP Encryption Keys in either Hexadecimal or ASCII format. Hexadecimal digits are 0-9 and A-F (not case sensitive). ASCII characters are 0-9, A-F, a-f (case sensitive), and punctuation marks. Each ASCII character corresponds to two hexadecimal digits.
Page 262: Software Features
Specifications • Software Features • Hardware Specifications • Available Channels Software Features The tables below list the software features available on the AP-4000/4000M/4900M. • Number of Stations per BSS • Management Functions • Advanced Bridging Functions • Medium Access Control (MAC) Functions •...
Page 263: Advanced Bridging Functions
Specifications AP-4000/4000M/4900M User Guide Software Features Advanced Bridging Functions Feature Supported by AP-4000/4000M/4900M IEEE 802.1d Bridging WDS Relay Roaming Protocol Filtering Multicast/Broadcast Storm Filtering Proxy ARP TCP/UDP Port Filtering Blocking Intra BSS Clients Packet Forwarding Medium Access Control (MAC) Functions...
Page 264: Security Functions
Specifications AP-4000/4000M/4900M User Guide Software Features Security Functions Feature Supported by AP-4000/4000M/4900M Security Profiles per VLAN RADIUS Profiles per VLAN IEEE 802.11 WEP* MAC Access Control RADIUS MAC-based Access Control † IEEE 802.1x Authentication ‡ Multiple Authentication Server Support per VLAN...
Page 265: Network Functions
Specifications AP-4000/4000M/4900M User Guide Software Features Network Functions Feature Supported by AP-4000/4000M/4900M † DHCP Client † DHCP Server DHCP Relay Agent and IP Lease Renewal Inter Access Point Protocol (IAPP) Link Integrity System Logging (Syslog) RADIUS Accounting Support* DNS Client...
Page 266: Hardware Specifications
Specifications AP-4000/4000M/4900M User Guide Hardware Specifications Hardware Specifications Category Specification Physical Dimensions (H x W x L) 1 x 4.75 x 7.1 in (25 x 121 x 180 mm) plus additional antenna adaptor for AP-4900M Weight AP:4000/4000M Unit: .65 lb (.295 kg) AP-4900M Unit: .75 lb (.34 kg) for AP-4900M...
Page 267: Available Channels
Specifications AP-4000/4000M/4900M User Guide Available Channels Available Channels Available channels vary based on radio, country, and frequency band. To verify which channels are available for your product: 1. Locate the product model number on the underside of your AP unit or on the unit’s box.
Page 268: Ghz Channels (Ap-4900M Only)
Specifications AP-4000/4000M/4900M User Guide Available Channels 4.9 GHz Channels (AP-4900M Only) Channel Center Frequency (MHz) 10 MHz 20 MHz 4945 4950 4955 4960 4965 4970 4975 4980 4985 WD SKU Channels by Country Available channel bands depend on the selected country and mode of use (indoor/outdoor).
Page 269 Specifications AP-4000/4000M/4900M User Guide Available Channels Country Indoor/Outdoor 802.11a Radio 802.11b/g Country .11d Country Radio Identifier Code France Indoor L, M, H 1 - 13 Outdoor 1 - 13 Germany Indoor L, M, H 1 - 13 Outdoor 1 - 13...
Page 270: E Technical Services And Support
AP-4000/4000M/4900M User Guide Technical Services and Support See the following sections: • Obtaining Technical Services and Support • Support Options – Proxim eService Web Site Support – Telephone Support – ServPak Support Obtaining Technical Services and Support If you are having trouble utilizing your Proxim product, please review this manual and the additional documentation provided with your product.
Page 271: Support Options
Technical Services and Support AP-4000/4000M/4900M User Guide Support Options Support Options Proxim eService Web Site Support The Proxim eService Web site is available 7x24x365 at http://support.proxim.com On the Proxim eService Web Site, you can access the following services: • New Product Registration: Register your product for free support.
Page 272 Technical Services and Support AP-4000/4000M/4900M User Guide Support Options • 8x5 Technical Support: This service provides unlimited, direct access to Proxim’s world-class technical support 8 hours a day, 5 days a week from 8:00AM - 5:00PM (PST (US)). Technical Support is available at no charge for the first 90 days from the purchase date.
Page 273: Warranty Coverage
AP-4000/4000M/4900M User Guide Statement of Warranty Warranty Coverage Proxim Wireless Corporation warrants that its Products are manufactured solely from new parts, conform substantially to specifications, and will be free of defects in material and workmanship for a Warranty Period of 1 year from the date of purchase.
Page 274: Other Information
"ORiNOCO" devices. Customers having such devices should contact the laptop vendor's technical support for assistance. For support for a PCMCIA card carrying a brand name other than Proxim, ORiNOCO, Lucent, Wavelan, or Skyline, Customer should contact the brand vendor's technical support for assistance.

This manual is also suitable for:

Ap-4000mOrinoco ap-4000

Proxim AP-4000 User Manual

1 Introduction

2 Installation and Initialization

3 System Status

4 Advanced Configuration

5 Monitoring

6 Commands

7 Troubleshooting

A Command Line Interface (CLI)

B Proximunify (PXU) Management

100 C ASCII Character Chart

500 D Specifications

E Technical Services and Support

Quick Links

Need help?

Questions and answers

Related Manuals for Proxim AP-4000

Summary of Contents for Proxim AP-4000

This manual is also suitable for:

Table of Contents