Page 1 ORiNOCO AP-700 User Guide...
Page 2 Copyright © 2010 Proxim Wireless Corporation. All rights reserved. Covered by one or more of the following U.S. patents: 5,231,634; 5,875,179; 6,006,090; 5,809,060; 6,075,812; 5,077,753. This User Guide and the software described in it are copyrighted with all rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form by any means without the written permission of Proxim Wireless Corporation.
Page 3: Table Of Contents
AP-700 User Guide Contents Introduction ..............9 Introduction to Wireless Networking .
Page 4 AP-700 User Guide Link Integrity................45 SNTP (Simple Network Time Protocol) .
Page 5 AP-700 User Guide Wireless Domain Configuration ............. . 122 Configuring the ProximUnify Profile .
Page 6 AP-700 User Guide Connectivity Issues ............... 168 Basic Software Setup and Configuration Problems .
Page 7 Proxim eService Web Site Support ........
Page 8 AP-700 User Guide Ask a Question or Open an Issue ............257 Other Adapter Cards .
Page 9: Introduction
Guidelines for Roaming • Typical voice network cell coverages vary based on environment. Proxim recommends having a site survey done professionally to ensure optimal performance. For professional site surveyors, Ekahau™ Site Survey software is included in the Xtras folder of the Installation CD.
Page 10: Management And Monitoring Capabilities
The Access Points’ cells should overlap to ensure that there are no gaps in coverage and to ensure that the roaming client will always have a connection available. To ensure optimal AP placement, Proxim recommends having a site survey done professionally to ensure optimal performance. For professional site surveyors, Ekahau™ Site Survey software is included in the Xtras folder of the Installation CD.
Page 11: Snmp Management
ORiNOCO Enterprise MIB Proxim provides these MIB files on the CD-ROM included with each Access Point. You need to compile one or more of the above MIBs into your SNMP program’s database before you can manage an Access Point using SNMP. See the documentation that came with your SNMP manager for instructions on how to compile MIBs.
Page 12 Introduction AP-700 User Guide Management and Monitoring Capabilities The SSH server (AP) has host keys - a pair of asymmetric keys - a private key that resides on the AP and a public key that is distributed to clients that need to connect to the AP. As the client has knowledge of the server host keys, the client can verify that it is communicating with the correct SSH server.
Page 13: Installation And Initialization
AP-700 User Guide Installation and Initialization In this chapter: • AP-700 Hardware Description – Overview – LED Indicators – Power-over-Ethernet (PoE) – Antennas • Prerequisites – PXU (ProximUnify) Prerequisites • System Requirements • Product Package • Hardware Installation – Attach Cables –...
Page 14: Ap-700 Hardware Description
Installation and Initialization AP-700 User Guide AP-700 Hardware Description AP-700 Hardware Description Overview The AP-700 is a tri-mode AP that supports 802.11b, 802.11g, or 802.11a clients. The unit contains one embedded 802.11a/b/g radio that supports the following operational modes: • 802.11a only mode •...
Page 15: Power-Over-Ethernet (Poe)
When transmitting, the AP chooses the antenna with the highest success rate, and broadcasts are transmitted on alternating antennas. Antenna diversity is enabled by default (set to “auto”). When using the internal antennas, Proxim recommends leaving antenna diversity enabled. However, you may disable antenna diversity by manually selecting which antenna to use through the Command Line Interface.
Page 16 With external antennas connected, you may wish to manually select a particular antenna for use. To do so, disable antenna diversity by manually selecting which antenna to use through the Command Line Interface. NOTE: Using two external antennas is not recommended. For a list of recommended antennas, see http://www.proxim.com/products/wifi/accessories. For installation instructions, see Install External Antennas (Professional Installation...
Page 17: Prerequisites
Installation and Initialization AP-700 User Guide Prerequisites Prerequisites Before installing your unit, you need to gather certain network information. The following table identifies the information you need. Network Name (SSID of the You must assign the Access Point a Network Name before wireless users can wireless cards) communicate with it.
Page 18: System Requirements
Installation and Initialization AP-700 User Guide System Requirements Response Time This is the maximum time, in seconds, that the AP should wait for the PXU module to respond to a request. The range is 1-10 seconds; the default is 3 seconds. Retransmission The maximum number of times an authentication request may be transmitted.
Page 19: Product Package
Installation and Initialization AP-700 User Guide Product Package Product Package Each AP-700 shipment includes the items in the following table. Verify that you have received all parts of the shipment. NOTE: Unless noted in this table, cables are not supplied with the unit. AP-700 Unit Power Cord Security Cover...
Page 20: Hardware Installation
NOTE: AP-700 units using external antennas must be installed by a suitably trained professional installation technician or by a qualified installation service. NOTE: Before installing and using this product, visit the Proxim Support site at http://support.proxim.com Regulatory Information. NOTE: Avant d’installer et d’utiliser ce produit, consultez le manuel Safety and Regulatory Compliance Guide.
Page 21 Installation and Initialization AP-700 User Guide Hardware Installation • Use a straight-through Ethernet cable if you intend to connect the unit to a switch, hub, or patch panel. • Use a cross-over Ethernet cable or adapter if you intend to connect the unit to a single computer. Figure 2-4 Cabling without PoE 3.
Page 22: Install The Security Cover (Optional)
Figure 2-6 Installing the Security Cover Mount the AP-700 Proxim recommends that you have a site survey professionally conducted to determine the best location for the AP. For professional site surveyors, Ekahau Site Survey software is included in the Xtras folder on the Installation CD-ROM.
Page 23: Power On The Unit
Installation and Initialization AP-700 User Guide Hardware Installation 5. Carefully slide the unit to the right until the tabs snap securely onto the narrow holes of the unit. If the unit is mounted correctly, no portion of the mounting plate should protrude from any of the sides of the unit. Figure 2-7 Mounting the AP to a Wall Ceiling Mounting Follow these steps to mount the unit to a ceiling:...
Page 24: Install External Antennas (Professional Installation Required)
Installation and Initialization AP-700 User Guide Hardware Installation The LED indicators exhibit the following behavior: Indication Ethernet Wireless Interface Power (802.11a/b/g radio) Solid Green Ethernet interface is connected Wireless interface is preparing AP image running. at 100 Mbps with no traffic. for use.
Page 25 Installation and Initialization AP-700 User Guide Hardware Installation Figure 2-8 Opening the Antenna Compartment 2. There are two antenna connectors in the AP-700, labeled 1 and 2 Connect the antenna cable to connector 1 (the connector closer to the LED panel in the compartment). Figure 2-9 Antenna Connectors 3.
Page 26 Installation and Initialization AP-700 User Guide Hardware Installation FL = Feeder loss including loss of connectors G = Antenna Gain Band EIRP Limit (dBm) USA and Canada 2.4 - 2.4835 GHz (Point-to-Multipoint 2.4 - 2.4835 GHz (Point-to-Point) When G < 6: 36 When G >/= 6, use the following equation: –...
Page 27: Initialization
Installation and Initialization AP-700 User Guide Initialization Initialization The following sections detail how to initialize the AP using ScanTool, log in to the HTTP interface, perform an initial configuration of the AP using the Setup Wizard, and download the required AP software. •...
Page 28 Installation and Initialization AP-700 User Guide Initialization NOTE: If your Access Point does not appear in the Scan List, click the Rescan button to update the display. If the unit still does not appear in the list, see Troubleshooting for suggestions. Note that after rebooting an Access Point, it may take up to five minutes for the unit to appear in the Scan List.
Page 29: Logging In
Installation and Initialization AP-700 User Guide Initialization k. Click the Change button to return to the Change screen. Click the Web Configuration button at the bottom of the Change screen. m. Proceed to the Logging In section for information on how to access the HTTP interface using this IP address. Logging In Once the AP has a valid IP Address and an Ethernet connection, you may use your web browser to monitor and configure the AP.
Page 30: Using The Setup Wizard
Installation and Initialization AP-700 User Guide Initialization Figure 2-13 System Status Screen The buttons on the left of the screen provide access to the monitoring and configuration options for the AP. See Advanced Configuration to begin configuring the AP manually. You can also exit the Web interface or reboot the AP using these buttons.
Page 31 Installation and Initialization AP-700 User Guide Initialization • Save & Next Button: Each Setup Wizard screen has a Save & Next button. Click this button to submit any changes you made to the unit’s parameters and continue to the next page. The instructions below describe how to navigate the Setup Wizard using the Save &...
Page 32: Installing The Software
7. When finished, click Reboot on the Summary screen to restart the AP and apply your changes. Installing the Software Proxim periodically releases updated software for the AP on its Web site, http://support.proxim.com. Check the Web site for the latest updates after you have installed and initialized the unit.
Page 33 3. Use the Browse button to locate or manually type in the name of the file (including the file extension) you downloaded from the Proxim Knowledgebase. If typing the file name, you must include the full path and the file extension in the file name text box.
Page 34 SSH Private Key • CLI Batch File Install Updates from your TFTP Server using the Web Interface 1. Download the latest software from http://support.proxim.com. See Download the Software for instructions. 2. Copy the latest software updates to your TFTP server.
Page 35 Installation and Initialization AP-700 User Guide Initialization 4. Enter the CLI password when prompted. 5. Enter the command: download <tftpaddr> <filename> img The download will begin, and the image will be downloaded to the Access Point. 6. When the download is complete, type reboot 0 and press Enter.
Page 36: System Status
AP-700 User Guide System Status The first screen displayed after Logging In is the System Status screen. You can always return to this screen by clicking the Status button. Figure 3-1 System Status Screen The System Status screen provides the following information: •...
Page 37: Advanced Configuration
AP-700 User Guide Advanced Configuration This chapter contains information on configuring settings in the following categories: • System: Configure specific system information such as system name and contact information. • Network: Configure IP, DNS client, DHCP server, DHCP Relay Agent, DHCP Relay Servers, Link Integrity, and SNTP settings.
Page 38 Advanced Configuration AP-700 User Guide Figure 4-1 Configure Main Screen 2. Click the tab that corresponds to the parameter you want to configure. For example, click Network to configure the Access Point’s TCP/IP settings. Each Configure tab is described in the remainder of this chapter.
Page 39: System
Advanced Configuration AP-700 User Guide System System You can configure and view the following parameters within the System Configuration screen: • Name: The name assigned to the AP. See the Dynamic DNS Support Access Point System Naming Convention sections for rules on naming the AP. •...
Page 40: Dynamic Dns Support
Advanced Configuration AP-700 User Guide System Figure 4-2 System Tab Dynamic DNS Support DNS is a distributed database mapping the user readable names and IP addresses (and more) of every registered system on the Internet. Dynamic DNS is a lightweight mechanism which allows for modification of the DNS data of host systems whose IP addresses change dynamically.
Page 41: Network
Advanced Configuration AP-700 User Guide Network Network The Network tab contains the following sub-tabs: • IP Configuration • DHCP Server • DHCP Relay Agent • Link Integrity • SNTP (Simple Network Time Protocol) IP Configuration This tab is used to configure the internet (TCP/IP) settings for the access point. These settings can be either entered manually (static IP address, subnet mask, and gateway IP address) or obtained automatically (dynamic).The DNS Client functionality can also be configured, so that host names used for configuring the access point can be resolved to their IP addresses.
Page 42: Dhcp Server
• DNS Client Default Domain Name: The default domain name for the Access Point’s network (for example, “proxim.com”). Contact your network administrator if you need assistance setting this parameter. Advanced •...
Page 43 Advanced Configuration AP-700 User Guide Network Figure 4-4 DHCP Server Configuration Screen You can configure and view the following parameters within the DHCP Server Configuration screen: NOTE: You must reboot the AP before changes to any of these DHCP server parameters take effect. •...
Page 44: Dhcp Relay Agent
Advanced Configuration AP-700 User Guide Network NOTE: The Default Lease Time cannot be larger than the Maximum Lease Time. If you set the Maximum Lease Time, you should also set the Default Lease Time to ensure that the Default Lease Time is less than the Maximum.
Page 45: Link Integrity
Advanced Configuration AP-700 User Guide Network DHCP Server IP Address Table The AP supports the configuration of a maximum of 10 server settings in the DHCP Relay Agents server table. At least one server must be configured to enable DHCP Relay. To add entries to the table of DHCP Relay Agents, click Add in the DHCP Server IP Address Table;...
Page 46: Sntp (Simple Network Time Protocol)
Advanced Configuration AP-700 User Guide Network Figure 4-7 Link Integrity Configuration Screen SNTP (Simple Network Time Protocol) SNTP allows a network entity to communicate with time servers in the network/internet to retrieve and synchronize time of day information. When this feature is enabled, the AP will attempt to retrieve the time of day information from the configured time servers (primary or secondary), and, if successful, will update the relevant time objects in the AP.
Page 47 Advanced Configuration AP-700 User Guide Network Figure 4-8 SNTP Configuration Screen You can configure and view the following parameters within the SNTP screen: • SNTP Status: Select Enable or Disable from the drop-down menu. The selected status will determine which of the parameters on the SNTP screen are configurable.
Page 48 Advanced Configuration AP-700 User Guide Network – Hour: Enter the hour in digits (0-23). – Minutes: Enter the minutes in digits (0-59). – Seconds: Enter the seconds in digits (0-59).
Page 49: Interfaces
Advanced Configuration AP-700 User Guide Interfaces Interfaces From the Interfaces tab, you configure the Access Point’s operational mode settings, power control settings, wireless interface settings and Ethernet settings. You may also configure a Wireless Distribution System for AP-to-AP communications. The Interfaces tab contains the following sub-tabs: •...
Page 50 Advanced Configuration AP-700 User Guide Interfaces • 802.11b mode only: The radio uses the 802.11b standard only. • 802.11g mode only: The radio is optimized to communicate with 802.11g devices. This setting will provide the best results if this radio interface will only communicate with 802.11g devices. •...
Page 51 Advanced Configuration AP-700 User Guide Interfaces IEEE 802.11d Support for Additional Regulatory Domains The IEEE 802.11d specification allows conforming equipment to operate in more than one regulatory domain over time. IEEE 802.11d support allows the AP to broadcast its radio’s regulatory domain information in its beacon and probe responses to clients.
Page 52 Advanced Configuration AP-700 User Guide Interfaces original power level to maintain a good link. For a full discussion of DFS, see Dynamic Frequency Selection/Radar Detection (DFS/RD). Configuring TX Power Control 1. Click Configure > Interfaces > Operational Mode. 2. Select Enable Transmit Power Control. 3.
Page 53: Wireless A (802.11A/B/G Radio)
Advanced Configuration AP-700 User Guide Interfaces Wireless A (802.11a/b/g Radio) Figure 4-10 Wireless Interface...
Page 54 Advanced Configuration AP-700 User Guide Interfaces You can view and configure the following parameters for the Wireless interface: NOTE: You must reboot the Access Point before any changes to these parameters take effect. • Physical Interface Type: Depending on the Operational Mode, this field reports: –...
Page 55 Advanced Configuration AP-700 User Guide Interfaces NOTE: Turbo mode is supported in only in 802.11a mode in the FCC regulatory domain when DFS is not required. If turbo mode is enabled, then this is displayed in the web UI and the transmit speeds and channels pull-down menus are updated with the valid values.
Page 56 Advanced Configuration AP-700 User Guide Interfaces – Start the AP services to wireless clients – Indicate the wireless service resume status of the wireless interface through LED and traps After wireless service resumes, the AP resumes beaconing, transmitting and receiving frames to/from the wireless interface and bridging the frames between the Ethernet and the wireless interface.
Page 57: Dynamic Channel Selection (Dcs)
Advanced Configuration AP-700 User Guide Interfaces 3. Click Edit in the Channel Blacklist Table 4. Set Blacklist Status to Enable. Figure 4-12 Channel Blacklist Table - Edit Screen • Wireless Distribution System: A Wireless Distribution system can be used to establish point-to-point (i.e. wireless backhaul) connections with other access points.
Page 58 Advanced Configuration AP-700 User Guide Interfaces Figure 4-13 DCS Trap Message The Access Point monitors the current channel for interference and errors. The DCS Threshold controls how aggressively the Access Point changes the channels. The lowest value of the DCS Threshold is 1 which means channel switch would happen even for minimum interference and the highest value (10) means the channel has to be significantly bad.
Page 59 Advanced Configuration AP-700 User Guide Interfaces Figure 4-14 A complete Interfaces page...
Page 60 Advanced Configuration AP-700 User Guide Interfaces DCS can be configured using the following interfaces: • Web (HTTP) Interface • Command Line Interface (CLI) • MIB (SNMP) Requirements Web (HTTP) Interface The HTTP Interface (Web browser Interface) provides easy access to configuration settings and network statistics from any computer on the network.
Page 61 Advanced Configuration AP-700 User Guide Interfaces Command Line Interface (CLI) See the Command Line Interface (CLI) section in Appendix A. MIB (SNMP) Requirements DCS feature can be managed and monitored by MIB objects too. All the configuration parameters are present for both Interface A and Interface B separately.
Page 62: Vlan On Ethernet Port
Advanced Configuration AP-700 User Guide Interfaces • You cannot manually select the device’s operating channel; you must let the unit select the channel. You may make channels unavailable by manually “blacklisting” them and preventing those channels being selected, in accordance with local regulations or interference.
Page 63 Advanced Configuration AP-700 User Guide Interfaces Transparent Mode Transparent mode is the default mode and is equivalent to the NO VLAN support. The VLAN receievs both the tagged and untagged frames from the network. Transparent mode simply forwards both the tagged and untagged frames received on the Ethernet port to WDS, Mesh or BSS and is not able to read any VLAN information.
Page 64 Advanced Configuration AP-700 User Guide Interfaces Trunk Mode Trunk mode works as a filter. Trunk links provide VLAN identification for frames travelling between switches. Once this mode is enabled, the frames received from the WDS, Mesh or wireless ports are filtered and compared with the trunk tables entries.
Page 65: Management Vlan Configuration
Advanced Configuration AP-700 User Guide Interfaces Management VLAN Configuration Trunk Mode: In trunk mode if any management VLAN ID is configured then that management VLAN ID should present in trunk table, then only we can able to manage the device. Access Mode : In Access mode if any management VLAN ID is configured then that management VLAN ID should be same as Access VLAN ID, then only we can able to manage the device .
Page 66 Advanced Configuration AP-700 User Guide Interfaces Web Interface The HTTP Interface (Web browser Interface) provides easy access to configuration settings and network statistics from any computer on the network. You can access the HTTP Interface over your LAN (switch, hub, etc.), over the Internet, or with a “crossover”...
Page 67 Advanced Configuration AP-700 User Guide Interfaces • When VLAN Mode is Mixed, all the text boxes from VLAN 1 to VLAN 16, Access VLAN ID and Access VLAN Priority are enabled. Select your mode manually and configure the parameters and finally click OK. Command Line Interface (CLI) See the Command Line Interface (CLI)
Page 68 Advanced Configuration AP-700 User Guide Interfaces In the WDS example below, AP 1 and AP 2 communicate over a WDS link (represented by the blue line). This link provides Client 2 with access to network resources even though AP 2 is not directly connected to the Ethernet network. Packets destined for or sent by the client are relayed between the Access Points over the WDS link.
Page 69 Advanced Configuration AP-700 User Guide Interfaces WDS Setup Procedure NOTE: You must disable Auto Channel Select to create a WDS. Each Access Point that is a member of the WDS must have the same channel setting to communicate with each other. To setup a wireless backbone follow the steps below for each AP that you wish to include in the Wireless Distribution System.
Page 70: Ethernet
Advanced Configuration AP-700 User Guide Interfaces Figure 4-20 Adding WDS Links 6. Select which encryption method to use (if any) from the WDS Security Mode drop-down menu. 7. If you selected a WDS Security Mode, do one of the following: •...
Page 71 Figure 4-21 Ethernet Sub-tab For best results, Proxim recommends that you configure the Ethernet setting to match the speed and transmission mode of the device the Access Point is connected to (such as a hub or switch). If in doubt, leave this setting at its default, auto-speed-auto-duplex.
Page 72: Management
Password field and the Confirm field. The default password is public. NOTE: For security purposes Proxim recommends changing ALL PASSWORDS from the default “public” immediately, to restrict access to your network devices to authorized personnel. If you lose or forget your password settings, you...
Page 73: Ip Access Table
Advanced Configuration AP-700 User Guide Management Figure 4-22 Management-Password Page IP Access Table The Management IP Access table limits in-band management access to the IP addresses or range of IP addresses specified in the table. This feature applies to all management services (SNMP, HTTP, and CLI) except for CLI management over the serial port.
Page 74 • SSL Certificate Passphrase: After enabling SSL, the only configurable parameter is the SSL passphrase. The default SSL passphrase is proxim. The AP supports SSLv3 with a 128-bit encryption certificate maintained by the AP for secure communications between the AP and the HTTP client. All communications are encrypted using the server and the client-side certificate.
Page 75 Advanced Configuration AP-700 User Guide Management Figure 4-23 Management Services Configuration Screen...
Page 76 Advanced Configuration AP-700 User Guide Management Telnet Configuration Settings • Telnet Interface Bitmask: Select the interface (Ethernet, Wireless, All Interfaces) from which you can manage the AP via telnet. This parameter can also be used to Disable telnet management. • Telnet Port Number: The default port number for Telnet applications is 23.
Page 77 Advanced Configuration AP-700 User Guide Management NOTE: When Secure Management is enabled on the AP, SSH will be enabled by default and cannot be disabled. Host keys must either be generated externally and uploaded to the AP (see Uploading Externally Generated Host Keys), generated manually, or auto-generated at the time of SSH initialization if SSH is enabled and no host keys are present.
Page 78 Serial Flow Control: Select either None (default) or Xon/Xoff (software controlled) data flow control. NOTE: To avoid potential problems when communicating with the AP through the serial port, Proxim recommends that you leave the Flow Control setting at None (the default value).
Page 79: Automatic Configuration (Autoconfig)
Advanced Configuration AP-700 User Guide Management • RADIUS Profile for Management Access Control: Specifies the RADIUS Profile to be used for RADIUS Based Management Access. • Local User Status: Enables or disables the local user when RADIUS Based Management is enabled. The default local user ID is root.
Page 80 Advanced Configuration AP-700 User Guide Management Figure 4-25 Automatic Configuration Screen Set up Automatic Configuration for Dynamic IP Perform the following procedure to enable and set up Automatic Configuration when you have a dynamic IP address for the TFTP server via DHCP. The Configuration filename and the TFTP server IP address are contained in the DHCP response when the AP gets its IP address dynamically from the DHCP server.
Page 81: Hardware Configuration Reset (Chrd)
Advanced Configuration AP-700 User Guide Management Figure 4-26 DHCP Options: Setting the Boot Server Host Name 4. Add the Boot Server Hostname and Boot Filename parameters to the Available Options list. 5. Set the value of the Boot Server Hostname Parameter to the hostname or IP Address of the TFTP server. For example: 11.0.0.7.
Page 82 Advanced Configuration AP-700 User Guide Management access to the AP is not protected, an unauthorized person could reset the AP to factory defaults and thus gain control of the AP. The user can disable the hardware configuration reset functionality to prevent unauthorized access. The hardware configuration reset feature operates as follows: •...
Page 83 Advanced Configuration AP-700 User Guide Management 2. Check (enable) or uncheck (disable) the Enable Hardware Configuration Reset checkbox. 3. Change the default Configuration Reset Password in the “Configuration Reset Password” and “Confirm” fields. 4. Click OK. 5. Reboot the AP. NOTE: It is important to safely store the configuration reset password.
Page 84: Filtering
Advanced Configuration AP-700 User Guide Filtering Filtering The Access Point’s Packet Filtering features help control the amount of traffic exchanged between the wired and wireless networks. There are four sub-tabs under the Filtering heading: • Ethernet Protocol • Static MAC •...
Page 85 Advanced Configuration AP-700 User Guide Filtering Figure 4-29 Ethernet Protocol Filter Configuration 3. Configure the Ethernet Protocol Filter Table. This table is pre-populated with existing Ethernet Protocol Filters, however, you may enter additional filters by specifying the appropriate parameters. • To add an entry, click Add, and then specify the Protocol Number and a Protocol Name.
Page 86: Static Mac
Advanced Configuration AP-700 User Guide Filtering Figure 4-30 Ethernet Protocol Filter Table - Add Entries • To edit or delete an entry, click Edit and change the information, or select Enable, Disable, or Delete from the Status drop-down menu. NOTE: An entry’s status must be enabled in order for the protocol to be subject to the filter. Figure 4-31 Ethernet Protocol Filter Table - Edit Entries Static MAC The Static MAC Address filter optimizes the performance of a wireless (and wired) network.
Page 87 Advanced Configuration AP-700 User Guide Filtering NOTE: The Static MAC Filter is an advanced feature. You may find it easier to control wireless traffic via other filtering options, such as Ethernet Protocol Filtering. Figure 4-32 Static MAC Filter Configuration Each static MAC entry contains the following fields: •...
Page 88 Advanced Configuration AP-700 User Guide Filtering • To block traffic between a specific wired MAC address and a specific wireless MAC address, configure all four parameters. A maximum of 200 entries can be created in the Static MAC filter table. To create an entry, click Add and enter the appropriate MAC addresses and Masks to setup a filter.
Page 89: Advanced
Advanced Configuration AP-700 User Guide Filtering • Wireless Mask: FF:FF:FF:00:00:00 Result: When a logical “AND” is performed on the Wireless MAC Address and Wireless Mask, the result corresponds to any MAC address beginning with the 00:20:2D prefix. Since Wireless Client 1 and Wireless Client 2 share the same prefix (00:02:2D), traffic between the Wired Server and Wireless Clients 1 and 2 is blocked.
Page 90 Advanced Configuration AP-700 User Guide Filtering Figure 4-34 Advanced Filter Configuration The following protocols are listed in the Advanced Filter Table: • Deny IPX RIP • Deny IPX SAP • Deny IPX LSP • Deny IP Broadcasts • Deny IP Multicasts The AP can filter these protocols in the wireless-to-Ethernet direction, the Ethernet-to-wireless direction, or in both directions.
Page 91: Tcp/Udp Port
Advanced Configuration AP-700 User Guide Filtering Figure 4-35 Static MAC Filter Table - Edit Entries TCP/UDP Port Port-based filtering enables you to control wireless user access to network services by selectively blocking TCP/UDP protocols through the AP. A user specifies a Protocol Name, Port Number, Port Type (TCP, UDP, or TCP/UDP), and filtering interfaces (Wireless only, Ethernet only, a combination of Wireless and Ethernet, or all interfaces) in order to block access to services, such as Telnet and FTP, and traffic, such as NETBIOS and HTTP.
Page 92 Advanced Configuration AP-700 User Guide Filtering Figure 4-36 TCP/UDP Port Filter Configuration 2. Click Add under the TCP/UDP Port Filter Table heading. 3. In the TCP/UDP Port Filter Table enter the Protocol Names to filter. 4. Set the destination Port Number (a value between 1 and 65535) to filter. See the IANA Web site at http://www.iana.org/assignments/port-numbers for a list of assigned port numbers and their descriptions.
Page 93 Advanced Configuration AP-700 User Guide Filtering Figure 4-37 TCP/UDP Port Filter Table - Add Entries Editing TCP/UDP Port Filters 1. Click Edit under the TCP/UDP Port Filter Table heading. 2. Make any changes to the Protocol Name or Port Number for a specific entry, if necessary. 3.
Page 94: Alarms
Advanced Configuration AP-700 User Guide Alarms Alarms The Alarms tab has the following sub-tabs: • Groups • Alarm Host Table • Syslog • Rogue Scan Groups Alarm groups can be enabled or disabled via the Web interface. Place a check mark in the box provided to enable a specific group.
Page 95 Advanced Configuration AP-700 User Guide Alarms Trap Name Description Severity Level oriTrapAuthenticationFailure Client authentication failure has occurred. Major Authentication failures can range from: • MAC Access Control table • RADIUS MAC authentication • 802.1x authentication specifying the EAP-Type • WORP mutual authentication •...
Page 96 Advanced Configuration AP-700 User Guide Alarms Trap Name Description Severity Level oriTrapDHCPFailed Response to the DHCP client request not Major received; device not dynamically assigned an IP address oriTrapDNSClientLookupFailure DNS client attempts to resolve a specified Major hostname (DNS lookup) and a failure occurs because either the DNS server is unreachable or there is an error for the hostname lookup.
Page 97 Advanced Configuration AP-700 User Guide Alarms Trap Name Description Severity Level oriTrapInvalidImage Invalid image loaded onto device Major oriTrapImageTooLarge Image loaded on the device exceeds the size Major limitation of flash oriTrapIncompatibleImage Incompatible image loaded onto device Major oriTrapInvalidImageDigitalSignature Image with invalid digital signature is loaded onto Major device SNTP Trap Group...
Page 98 Advanced Configuration AP-700 User Guide Alarms Bridge MIB (RFC 1493) Alarms Trap Name Description Severity Level New Root AP has become the new root in the Spanning Informational Tree network topologyChange Trap is not sent if a newRoot trap is sent for the Informational same transition All these alarm groups correspond to System Alarms that are displayed in the...
Page 99: Syslog
Advanced Configuration AP-700 User Guide Alarms Syslog The Syslog messaging system enables the AP to transmit event messages to a central server for monitoring and troubleshooting. The access point logs “Session Start (Log-in)” and “Session Stop (Log-out)” events for each wireless client as an alternative to RADIUS accounting.
Page 100 Advanced Configuration AP-700 User Guide Alarms • Syslog Lowest Priority Logged: The AP will send event messages to the Syslog server that correspond to the selected priority number and any priority numbers below it. For example, if set to 6, the AP will transmit event messages labeled priority 1 to 6 to the Syslog server.
Page 101 Advanced Configuration AP-700 User Guide Alarms Syslog Message Name Priority Severity Description Client Login Authentication Informational Client logs in/authenticates. Message includes: Status • Client MAC Address • Authentication Type = None, ACL, RADIUS MAC, 802.1X • Cipher Type = None, WEP, TKIP, AES •...
Page 102: Rogue Scan
Advanced Configuration AP-700 User Guide Alarms Syslog Message Name Priority Severity Description CLI Configuration File Execution Minor There is an error in execution of the CLI Errors configuration file. The message specifies the filename, line number, and error reason. SSH Initialization Failure Major One of the following failures occurs: Keys not present...
Page 103 Advanced Configuration AP-700 User Guide Alarms Figure 4-40 Preventing Rogue AP Attacks The figure above shows Client 1 connected to a Trusted AP and Client 2 connected to a Rogue AP. The Trusted AP scans the networks, detects Client 2, and notifies the Network Manager. The Network Manager uses SNMP/CLI to query the wired switch to find the inbound switch port of Client 2’s packets.
Page 104 Advanced Configuration AP-700 User Guide Alarms Rogue Scan Data Collection The AP stores information gathered about detected stations during scanning in a Rogue Scan result table. The Rogue Scan result table can store a maximum of 2000 entries. When the table fills, the oldest entry gets overwritten. The Rogue Scan result table lists the following information about each detected station: •...
Page 105 Advanced Configuration AP-700 User Guide Alarms 8. Configure the Scan Results Trap Report Style to control the way detected stations are reported in the notification: • Report all detected stations since last scan (default) • Report all detected stations since start of scan 9.
Page 106: Bridge
For more information on Spanning Tree protocol, please see Section 8.0 of the IEEE 802.1d standard. The Spanning Tree configuration options are advanced settings. Proxim recommends that you leave these parameters at their default values unless you are familiar with the Spanning Tree protocol.
Page 107: Storm Threshold
Advanced Configuration AP-700 User Guide Bridge Figure 4-42 Spanning Tree Sub-Tab Storm Threshold Storm Threshold is an advanced Bridge setup option that you can use to protect the network against data overload by: • Specifying a maximum number of frames per second as received from a single network device (identified by its MAC address).
Page 108: Intra Bss
Advanced Configuration AP-700 User Guide Bridge Intra BSS The wireless clients (or subscribers) that associate with a certain AP form the Basic Service Set (BSS) of a network infrastructure. By default, wireless subscribers in the same BSS can communicate with each other. However, some administrators (such as wireless public spaces) may wish to block traffic between wireless subscribers that are associated with the same AP to prevent unauthorized communication and to conserve bandwidth.
Page 109: Qos
WME supports Enhanced Distributed Channel Access (EDCA) for prioritized QoS services. The WME/QoS feature can be enabled or disabled per wireless interface. For more information on QoS, see “Technical Bulletin 69504 Revision 2” at <http://keygen.proxim.com/support/orinoco/tb/tb69504_3wmm.pdf>. Policy Perform the following procedure to enable QoS and add QoS policies:...
Page 110 Advanced Configuration AP-700 User Guide Figure 4-43 QoS Policy Sub-Tab 2. To enable QoS, check the Enable Quality of Service checkbox. 3. Configure the QoS Maximum Medium Threshold for all Admission Controls. Admission will be granted if the new requested traffic stream and already admitted time is less than the medium maximum threshold. 4.
Page 111 Advanced Configuration AP-700 User Guide Figure 4-44 Add QoS Policy 5. Enter the Policy Name. 6. Select the Policy Type: • inlayer2: inbound traffic direction, Layer 2 traffic type • inlayer3: inbound traffic direction, Layer 3 traffic type • outlayer2: outbound traffic direction, Layer 2 traffic type •...
Page 112: Priority Mapping
Advanced Configuration AP-700 User Guide Priority Mapping Use this page to configure QoS 802.1p to 802.1d priority mappings (for layer 2 policies) and IP DSCP to 802.1d priority mappings (for layer 3 policies). The first entry in each table contains the recommended priority mappings. Custom entries can be added to each table with different priority mappings.
Page 113: Enhanced Distributed Channel Access (Edca)
NOTE: Default recommended values for EDCA parameters have been defined; Proxim recommends not modifying EDCA parameters unless strictly necessary. Perform the following procedure to configure the Station and AP EDCA tables.
Page 114 Advanced Configuration AP-700 User Guide 1. Click Configure > QoS > EDCA. Figure 4-47 EDCA Tables 2. Click Edit and configure the following parameters in each table: NOTE: Changes to EDCA parameters require a reboot of the AP to take effect. •...
Page 115 Advanced Configuration AP-700 User Guide – 4 = Voice • CWMin: minimum Contention Window. Configurable range is 0 to 255. • CWMax: maximum Contention Window. Configurable range is 0 to 65535. • AIFSN: Arbitration IFS per access category. Configurable range is 2 to 15. •...
Page 116: Radius Profiles
Advanced Configuration AP-700 User Guide Radius Profiles Radius Profiles Configuring Radius Profiles on the AP allows the administrator to define a profile for RADIUS Servers used by the system or by a VLAN. The network administrator can define RADIUS Servers per Authentication Mode and per VLAN.
Page 117: Configuring Radius Profiles
Advanced Configuration AP-700 User Guide Radius Profiles This figure shows a network with separate authentication servers for each authentication type and for each VLAN. The clients in VLAN 1 are authenticated using the authentication servers configured for VLAN 1. The type of authentication server used depends on whether the authentication is done for an 802.1x client or a non-802.1x client.
Page 118 Advanced Configuration AP-700 User Guide Radius Profiles 1. Click Add to create a new profile. To Modify an existing profile, select the profile and click Edit. To delete an existing profile, select the profile and click Delete. You cannot delete a RADIUS server profile if it is applied to an SSID. 2.
Page 119: Mac Access Control Via Radius Authentication
Advanced Configuration AP-700 User Guide Radius Profiles – Dash delimited/MAC: MAC addresses are formatted with a dash between each pair of digits (xx-yy-zz-aa-bb), and the password sent to the RADIUS server is the MAC address of the client. – Colon delimited/MAC: MAC addresses are formatted with a colon between each pair of digits (xx:yy:zz:aa:bb:cc) and the password sent to the RADIUS server is the MAC address of the client.
Page 120: Radius Accounting
Advanced Configuration AP-700 User Guide Radius Profiles RADIUS Accounting Using an external RADIUS server, the AP can track and record the length of client sessions on the access point by sending RADIUS accounting messages per RFC2866. When a wireless client is successfully authenticated, RADIUS accounting is initiated by sending an “Accounting Start”...
Page 121 Advanced Configuration AP-700 User Guide Radius Profiles • Acct-Interim-Interval – Obtained during the Authentication process and used for determining the time interval for sending Accounting Update messages. – This attribute value takes precedence over the value of the Accounting Update Interval. Accounting Attributes •...
Page 122: Pxu (Proximunify) Profile And Vlan Roaming
Advanced Configuration AP-700 User Guide PXU (ProximUnify) Profile and VLAN Roaming PXU (ProximUnify) Profile and VLAN Roaming ProximUnify architecture enables VLAN roaming for both data and voice clients. VLAN roaming support is required when a client device roams between APs connected to switches with different VLANs configured. IP Tunnels are used to forward the STAs traffic to and from the Home of the STA.
Page 123 Advanced Configuration AP-700 User Guide PXU (ProximUnify) Profile and VLAN Roaming Figure 4-51 PXU Profile Interface To configure the PXU Profile, click Configure>Radius/PXU Profiles>PXU Profile. The PXU Profile page appears. Following are the configurable fields to set up the PXU Profile to function. 1.
Page 124: Ssid/Vlan/Security
Advanced Configuration AP-700 User Guide SSID/VLAN/Security SSID/VLAN/Security The AP provides several security features to protect your network from unauthorized access. This section gives an overview of VLANs and then discusses the SSID/VLAN/Security configuration options in the AP: • VLAN Overview •...
Page 125 Advanced Configuration AP-700 User Guide SSID/VLAN/Security Figure 4-52 Components of a Typical VLAN VLAN Workgroups and Traffic Management Access Points that are not VLAN-capable typically transmit broadcast and multicast traffic to all wireless Network Interface Cards (NICs). This process wastes wireless bandwidth and degrades throughput performance. In comparison, a VLAN-capable AP is designed to efficiently manage delivery of broadcast, multicast, and unicast traffic to wireless clients.
Page 126: Management Vlan
Advanced Configuration AP-700 User Guide SSID/VLAN/Security Management VLAN Figure 4-53 Mgmt VLAN VLAN Tagging Management Control Access to the AP Management access to the AP can easily be secured by making management stations or hosts and the AP itself members of a common VLAN. Simply configure a non-zero management VLAN ID and enable VLAN to restrict management of the AP to members of the same VLAN.
Page 127: Uplink Vlan Id Table
Advanced Configuration AP-700 User Guide SSID/VLAN/Security Disable VLAN Tagging 1. Click Configure > SSID/VLAN/Security > Mgmt VLAN. 2. Remove the check mark from the Enable VLAN Tagging box (to disable all VLAN functionality) or set the VLAN Management ID to -1 (to disable VLAN Tagging only). NOTE: If you disable VLAN Tagging, you will be unable to configure security per SSID.
Page 128: Security Profile
Advanced Configuration AP-700 User Guide SSID/VLAN/Security Figure 4-55 Edit Uplink VLAN Configuration interface To Delete Uplink VLAN Configuration 1. Select the Index number of the uplink table by clicking the radio button. 2. Click the DELETE button. Security Profile See the following sections: •...
Page 129 Advanced Configuration AP-700 User Guide SSID/VLAN/Security (EAP) as a standards-based authentication framework, and supports automatic key distribution for enhanced security. The EAP-based authentication framework can easily be upgraded to keep pace with future EAP types. Popular EAP types include: • EAP-Message Digest 5 (MD5): Username/Password-based authentication;...
Page 130 Advanced Configuration AP-700 User Guide SSID/VLAN/Security Wi-Fi Protected Access (WPA/802.11i [WPA2]) Wi-Fi Protected Access (WPA) is a security standard designed by the Wi-Fi Alliance in conjunction with the Institute of Electrical and Electronics Engineers (IEEE). The AP supports 802.11i (WPA2), based on the IEEE 802.11i security standard.
Page 131 Advanced Configuration AP-700 User Guide SSID/VLAN/Security If you have both 802.1x and MAC Access Control authentication enabled, the 802.1x authentication takes precedence because it is higher in the authentication protocol hierarchy. This is required in order to propagate the WEP/TKIP/AES keys to the clients in such cases.
Page 132 Advanced Configuration AP-700 User Guide SSID/VLAN/Security Figure 4-57 Security Profile Configuration 2. Click Add in the Security Profile Table to create a new entry. To modify an existing profile, select the profile and click Edit. To delete an existing profile, select the profile and click Delete. You cannot delete a Security Profile used in an SSID.
Page 133 Advanced Configuration AP-700 User Guide SSID/VLAN/Security — For 152-bit encryption, an encryption key is 32 hexadecimal characters or 16 ASCII characters. • Encryption Transmit Key: select Key 0, Key 1, Key 2, or Key 3 NOTE: When VLAN tagging is enabled, only Key 0 can be configured. •...
Page 134: Mac Access
Advanced Configuration AP-700 User Guide SSID/VLAN/Security Figure 4-58 Security Profile Table - Add Entries MAC Access The MAC Access sub-tab allows you to build a list of stations, identified by their MAC addresses, authorized to access the network through the AP. The list is stored inside each AP within your network. Up to 1000 entries can be made in the table.
Page 135: Wireless
Advanced Configuration AP-700 User Guide SSID/VLAN/Security NOTE: When MAC ACL table is in Strict mode, any change done in the MAC ACL web page takes effect dynamically. When not set to Strict, all the changes in the MAC ACL web page requires a reboot. The following list details the configurable MAC Access parameters.
Page 136 Advanced Configuration AP-700 User Guide SSID/VLAN/Security 1. Click SSID/VLAN/Security > Wireless. The SSID, VLAN, and Security Configuration page is displayed. Figure 4-60 SSID, VLAN, and Security Configuration (VLAN Tagging Disabled) 2. Enable or disable RADIUS accounting on the VLAN/SSID by selecting Enable or Disable from the Accounting Status drop-down menu.
Page 137 Advanced Configuration AP-700 User Guide SSID/VLAN/Security • Strict: RADIUS MAC ACL settings are enabled. If a higher-priority authentication protocol is also enabled, RADIUS MAC ACL settings will be applied in addition to the higher priority authentication protocol settings. See Authentication Protocol Hierarchy.
Page 138 Advanced Configuration AP-700 User Guide SSID/VLAN/Security Figure 4-61 SSID/VLAN Edit Entries Screen (VLAN Tagging Disabled) 9. Enter a unique Network Name (SSID) between 1 and 32 characters. This parameter is mandatory. NOTE: Do not use quotation marks (single or double) in the Network Name; this will cause the AP to misinterpret the name.
Page 139 Advanced Configuration AP-700 User Guide SSID/VLAN/Security • Partial: The SSID is advertised in the beacon, and the AP will not respond to "ANY" SSID requests. The Partial setting reduces network traffic by eliminating the repeated broadcast of SSIDs in probe responses. •...
Page 140 Advanced Configuration AP-700 User Guide SSID/VLAN/Security Figure 4-62 SSID/VLAN Configuration (VLAN Tagging Enabled) NOTE: If you disable (uncheck) the Enable Security per SSID option, you will be able to add multiple SSID/VLANs, but the same configuration parameters (described below) will applied to all of them. 3.
Page 141 Advanced Configuration AP-700 User Guide SSID/VLAN/Security Figure 4-63 SSID/VLAN Edit Entries Screen (VLAN Tagging Enabled) 4. Enter a unique Network Name (SSID) between 1 and 32 characters. This parameter is mandatory. NOTE: Do not use quotation marks (single or double) in the Network Name; this will cause the AP to misinterpret the name.
Page 142 Advanced Configuration AP-700 User Guide SSID/VLAN/Security • When VLAN is "untagged" and CMOB Status is enabled, the Converged Mobility (CMOB) functionality does not work. 6. Select the status of Closed System to control whether the SSID is advertised in the beacon and manage the way probe requests are handled, as follows: •...
Page 143 Advanced Configuration AP-700 User Guide SSID/VLAN/Security 18.Set the Maximum TX Bandwidth in Kbps. If this parameter is set to 0, full bandwidth is available. 19.Set the Maximum RX Bandwidth in Kbps. If this parameter is set to 0, full bandwidth is available. 20.If editing an entry, enable or disable the parameters on this page using Status drop-down menu.
Page 144: Monitoring
AP-700 User Guide Monitoring This chapter discusses the following monitoring options: • Version: Provides version information for the Access Point’s system components. • ICMP: Displays statistics for Internet Control Message Protocol packets sent and received by the AP. • IP/ARP Table: Displays the AP’s IP Address Resolution table.
Page 145: Version
Monitoring AP-700 User Guide Version Version From the HTTP interface, click the Monitor button and select the Version tab. The list displayed provides you with information that may be pertinent when calling Technical Support. With this information, your Technical Support representative can verify compatibility issues and make sure the latest software are loaded.
Page 146: Icmp
Monitoring AP-700 User Guide ICMP ICMP This tab provides statistical information for both received and transmitted messages directed to the AP. Not all ICMP traffic on the network is counted in the ICMP (Internet Control Message Protocol) statistics. Figure 5-3 ICMP Monitoring Tab...
Page 147: Ip/Arp Table
Monitoring AP-700 User Guide IP/ARP Table IP/ARP Table This tab provides information based on the Address Resolution Protocol (ARP), which relates MAC Address and IP Addresses. Figure 5-4 IP/ARP Table Monitoring Tab...
Page 148: Learn Table
Monitoring AP-700 User Guide Learn Table Learn Table This tab displays information relating to network bridging. It reports the MAC address for each node that the device has learned is on the network and the interface on which the node was detected. There can be up 10,000 entries in the Learn Table.
Page 149: Iapp
Monitoring AP-700 User Guide IAPP IAPP This tab displays statistics relating to client handovers and communications between Access Points. Figure 5-6 IAPP Monitoring Tab...
Page 150: Radius
Monitoring AP-700 User Guide RADIUS RADIUS This tab provides RADIUS authentication, EAP/802.1x authentication, and accounting information for both the Primary and Backup RADIUS servers for each RADIUS Server Profile. NOTE: Separate RADIUS servers can be configured for each RADIUS Server Profile. Select the RADIUS Server Profile to view statistics on from the Select Server Profile drop-down menu.
Page 151: Interfaces
Monitoring AP-700 User Guide Interfaces Interfaces This tab displays statistics for the Ethernet and wireless interfaces. Figure 5-8 Interface Monitoring Tab (Ethernet) Description of Interface Statistics The following statistics are displayed for the Ethernet interface only, the wireless interface only, or for both the Ethernet and Wireless interfaces: •...
Page 152 Monitoring AP-700 User Guide Interfaces • Ethernet Chipset (Ethernet): Identifies the chipset used to realize the interface. • Excessive Collisions (Ethernet): The number of frames for which transmission fails due to excessive collisions. • Failed ACK Count (Wireless): The number of times an acknowledgment (or ACK) is not received when expected. •...
Page 153 Monitoring AP-700 User Guide Interfaces • Out Errors (Ethernet/Wireless): The number of outbound packets that could not be transmitted because of errors. • Out Non-unicast Packets (Ethernet/Wireless): The total number of packets that higher-level protocols requested be transmitted to a non-unicast (i.e., a subnetwork-broadcast orsubnetwork-multicast) address, including those that were discarded or not sent.
Page 154: Station Statistics
Monitoring AP-700 User Guide Station Statistics Station Statistics This tab displays information on wireless clients attached to the AP and on Wireless Distribution System. Enable the Monitoring Station Statistics feature (Station Statistics are disabled by default) by checking Enable Monitoring Station Statistics and click OK. You do not need to reboot the AP for the changes to take effect.
Page 155 Monitoring AP-700 User Guide Station Statistics • Time since Last Frame Received: The time elapsed since the last frame from the associated wireless station (or WDS link partner) was received. • Number of Stations and WDS Links: The number of stations and WDS links monitored. The following stations statistics are available through SNMP: •...
Page 156: Mesh Statistics
Monitoring AP-700 User Guide Mesh Statistics Mesh Statistics As the AP-700 does not support Mesh functionality, this tab contains no information. Visit www.proxim.com information on Mesh. Figure 5-10 Mesh Monitoring Tab...
Page 157: Commands
AP-700 User Guide Commands This chapter contains information on the following Command functions: • Introduction to File Transfer via TFTP or HTTP: Describes the available file transfer methods. • Update AP: Download files via TFTP or HTTP to the AP. •...
Page 158: Introduction To File Transfer Via Tftp Or Http
Commands AP-700 User Guide Introduction to File Transfer via TFTP or HTTP Introduction to File Transfer via TFTP or HTTP There are two methods of transferring files to or from the AP: TFTP or HTTP (or HTTPS if enabled): • Downloading files (Configuration, AP Image, Bootloader, License, Private Key, Certificate, CLI Batch File) to the AP using one of these two methods is called “Updating the AP.”...
Page 159: Update Ap
Commands AP-700 User Guide Update AP Update AP Update AP via TFTP Use the Update AP via TFTP tab to download Configuration, AP Image, Bootloader files, Certificate and Private Key files, and CLI Batch File to the AP. A TFTP server must be running and configured to point to the directory containing the file. Figure 6-2 Update AP via TFTP Command Screen If you do not have a TFTP server installed on your system, install the TFTP server from the installation CD.
Page 160: Update Ap Via Http
Commands AP-700 User Guide Update AP – CLI Batch File: a CLI Batch file that contains CLI commands to configure the AP. This file will be executed by the AP immediately after being uploaded. See CLI Batch File for more information. •...
Page 161 Commands AP-700 User Guide Update AP Figure 6-4 Warning Message 4. Click OK to continue with the operation or Cancel to abort the operation. NOTE: An HTTP file transfer using SSL may take extra time. If the operation completes successfully the following screen appears. Figure 6-5 Update AP Successful If the operation did not complete successfully the following screen appears, and the reason for the failure is displayed.
Page 162: Retrieve File
Commands AP-700 User Guide Retrieve File Retrieve File Retrieve File via TFTP Use the Retrieve File via TFTP tab to upload files from the AP to the TFTP server. The TFTP server must be running and configured to point to the directory to which you want to copy the uploaded file. We suggest you assign the file a meaningful name, which may include version or location information.
Page 163: Retrieve File Via Http
Commands AP-700 User Guide Retrieve File Retrieve File via HTTP Use the Retrieve File via HTTP tab to retrieve configuration files, CLI Batch Files, or CLI Batch Logs from the AP. For more information on CLI Batch Files and CLI Batch Logs see CLI Batch File.
Page 164 Commands AP-700 User Guide Retrieve File Figure 6-10 File Download Dialog Box 4. On clicking the Save button the Save As window displays. Select an appropriate filename and location and click OK.
Page 165: Reboot
Commands AP-700 User Guide Reboot Reboot Use the Reboot tab to save configuration changes (if any) and reset the AP. Enter a value between 0 and 65535 seconds; entering a value of 0 (zero) seconds causes an immediate reboot. Note that Reset, described below, does not save configuration changes.
Page 166: Reset
Commands AP-700 User Guide Reset Reset Use the Reset tab to restore the AP to factory default conditions. Since this will reset the AP’s current IP address, a new IP address must be assigned. See Logging In for more information. CAUTION: Resetting the AP to its factory default configuration will permanently overwrite all changes that have made to the unit.
Page 167: Help Link
Commands AP-700 User Guide Help Link Help Link Use the Help tab to configure the location of the AP Help files. During initialization, the AP on-line help files are downloaded to the default location: C:/Program Files/ORiNOCO/AP700/HTML/index.htm. To enable the Help button on each page of the Web interface to access the help files, however, copy the entire Help folder to a web server, then specify the new HTTP path in the Help Link box.
Page 168: Troubleshooting
AP-700 User Guide Troubleshooting This chapter provides information on the following: • Troubleshooting Concepts • Symptoms and Solutions • Recovery Procedures • Related Applications NOTE: This section helps you locate problems related to the AP device setup. For details about RADIUS, TFTP, serial communication programs (such as HyperTerminal), Telnet applications, or web browsers, please see the documentation that came with the respective application for assistance.
Page 169: Symptoms And Solutions
Troubleshooting AP-700 User Guide Symptoms and Solutions Symptoms and Solutions Connectivity Issues Connectivity issues include any problem that prevents you from powering up or connecting to the AP. AP Unit Will Not Boot - No LED Activity 1. Make sure your power source is operating. 2.
Page 170 Troubleshooting AP-700 User Guide Symptoms and Solutions 2. The AP only contacts a DHCP server during boot-up. If your network’s DHCP server is not available while the AP is booting, the device will use the default IP address (169.254.128.132). Reboot the AP once your DHCP server is on-line again or use the ScanTool to find the Access Point’s current IP address.
Page 171: Client Connection Problems
Client PC Card Does Not Work 1. Make sure you are using the latest PC Card driver software. 2. Download and install the latest ORiNOCO client software from http://support.proxim.com. Intermittent Loss of Connection 1. Make sure you are within range of an active AP.
Page 172: Cmob Operation Issues
Troubleshooting AP-700 User Guide Symptoms and Solutions CAUTION: The Forced Reload procedure disconnects all users and resets all values to factory defaults. CMOB Operation Issues • Client Computer can not connect to a CMOB-enabled SSID — The PXU profile should have at least one PXU Module (Primary/Secondary) enabled —...
Page 173 Troubleshooting AP-700 User Guide Symptoms and Solutions “Overload” Indications 1. Verify that you are not using a cross-over cable between the PoE output port and the AP. 2. Verify that there is no short over any of the twisted pair cables. 3.
Page 174: Recovery Procedures
Troubleshooting AP-700 User Guide Recovery Procedures Recovery Procedures The most common installation problems relate to IP addressing. For example, without the TFTP server IP Address, you will not be able to download a new AP Image to the AP. IP Address management is fundamental. We suggest you create a chart to document and validate the IP addresses for your system.
Page 175 Recovery Procedures – Download a New Image Using the Bootloader CLI Because the CLI option requires a physical connection to the unit’s serial port, Proxim recommends the ScanTool option. Download a New Image Using ScanTool To download the AP Image, you will need an Ethernet connection to the computer on which the TFTP server resides and to a computer that is running ScanTool (this is either two separate computers connected to the same network or a single computer running both programs).
Page 176 Download Procedure 1. Download the latest software from http://support.proxim.com. 2. Copy the latest software updates to your TFTP server’s default directory. 3. Use a straight-through serial cable to connect the Access Point’s serial port to your computer’s serial port.
Page 177: Setting Ip Address Using Serial Port
Troubleshooting AP-700 User Guide Recovery Procedures [Device name]> reboot The AP will reboot and then download the image file. You should see downloading activity begin after a few seconds within the TFTP server’s status screen. 8. When the download process is complete, configure the AP. Setting IP Address using Serial Port Use the following procedure to set an IP address over the serial port using the CLI.
Page 178 Troubleshooting AP-700 User Guide Recovery Procedures Figure 7-1 Result of “show ip” CLI Command 6. Change the IP address and other network values using set and reboot CLI commands, similar to the example below (use your own IP address and subnet mask). Note that IP Address Type is set to Dynamic by default. If you have a DHCP server on your network, you should not need to manually configure the Access Point’s IP address;...
Page 179: Related Applications
Troubleshooting AP-700 User Guide Related Applications Related Applications RADIUS Authentication Server If you enabled RADIUS Authentication on the AP, make sure that your network’s RADIUS servers are operational. Otherwise, clients will not be able to log in. There are several reasons the authentication server services might be unavailable, here are two typical things to check: •...
Page 180: General Notes
AP-700 User Guide Command Line Interface (CLI) This section discusses the following: • General Notes • Command Line Interface (CLI) Variations • CLI Command Types • Using Tables and Strings • Configuring the AP using CLI commands • CLI Monitoring Parameters •...
Page 181: Prerequisite Skills And Knowledge
Command Line Interface (CLI) AP-700 User Guide General Notes General Notes Prerequisite Skills and Knowledge To use this document effectively, you should have a working knowledge of Local Area Networking (LAN) concepts, network access infrastructures, and client-server relationships. In addition, you should be familiar with software setup procedures for typical network operating systems and servers.
Page 182: Cli Error Messages
Command Line Interface (CLI) AP-700 User Guide General Notes Key Combination Operation Complete the command line List available commands CLI Error Messages The following table describes the error messages associated with improper inputs or expected CLI behavior. Error Message Description Syntax Error Invalid syntax entered at the command prompt.
Page 183: Command Line Interface (Cli) Variations
Command Line Interface (CLI) AP-700 User Guide Command Line Interface (CLI) Variations Command Line Interface (CLI) Variations Administrators use the CLI to control Access Point operation and monitor network statistics. The AP supports two types of CLI: the Bootloader CLI and the normal CLI. The Bootloader CLI provides a limited command set, and is used when the current AP Image is bad or missing.
Page 184 Command Line Interface (CLI) AP-700 User Guide Command Line Interface (CLI) Variations Figure A-2 Results of “show” bootloader CLI command...
Page 185: Cli Command Types
Command Line Interface (CLI) AP-700 User Guide CLI Command Types CLI Command Types This guide divides CLI Commands into two categories: Operational and Parameter Controls. Operational CLI Commands These commands affect Access Point behavior, such as downloading, rebooting, and so on. After entering commands (and parameters, if any) press the Enter key to execute the Command Line.
Page 186 Command Line Interface (CLI) AP-700 User Guide CLI Command Types Example 2. Display specific Commands To show all commands that start with specified letters, enter one or more letters, then ? with no space between letters and ?. [Device-Name]>s? Figure A-4 Result of “s?” CLI command Example 3.
Page 187 Command Line Interface (CLI) AP-700 User Guide CLI Command Types Figure A-7 Result of “show iparp?” CLI command Example 4. Display Prompts for Successive Parameters Enter the command, a space, and then ?. Then, when the parameter prompt appears, enter the parameter value. The parameter is changed and a new CLI line is echoed with the new value (in the first part of the following example, the value is the IP Address of the TFTP server).
Page 188 Command Line Interface (CLI) AP-700 User Guide CLI Command Types help Displays instructions on using control-key sequences for navigating a Command Line and displays command information and examples. 1. Using help as the only argument: [Device-Name]>help Figure A-8 Results of “help” CLI command 2.
Page 189: Parameter Control Commands
Command Line Interface (CLI) AP-700 User Guide CLI Command Types search Lists the parameters supported by the specified table. This list corresponds to the table information displayed in the HTTP interface. In this example, the CLI returns the list of parameters that make up an entry in the IP Access Table. [Device-Name]>...
Page 190 Command Line Interface (CLI) AP-700 User Guide CLI Command Types [Device-Name]>show network [Device-Name]>show mgmtipaccesstbl “set” CLI Command Sets (modifies) the value of the specified parameter. To see a definition and syntax example, type only set and then press the Enter key. To see a list of available parameters, enter a space, then a question mark (?) after set (example: set?).
Page 191 Command Line Interface (CLI) AP-700 User Guide CLI Command Types Example 2 - Create a table entry or row Use 0 (zero) as the index to a table when creating an entry. When creating a table row, only the mandatory table elements are required (comment is usually an optional table element).
Page 192 Command Line Interface (CLI) AP-700 User Guide CLI Command Types Figure A-10 Results of “show network” and “show ip” CLI Commands Example 6 - Show Individual and Table Parameters 1. View a single parameter. Syntax: [Device-Name]>show <parameter name> Example: [Device-Name]> show ipaddr Displays the Access Point IP address.
Page 193: Using Tables And Strings
Command Line Interface (CLI) AP-700 User Guide Using Tables and Strings Using Tables and Strings Working with Tables Each table element (or parameter) must be specified, as in the example below. [Device-Name]>set mgmtipaccesstbl 0 ipaddr 10.0.0.10 ipmask 255.255.0.0 Below are the rules for creating, modifying, enabling/disabling, and deleting table entries. •...
Page 194 Command Line Interface (CLI) AP-700 User Guide Using Tables and Strings The string delimiter does not have to be used for every string object. The single quote or double quote only has to be used for string objects that contain blank space characters. If the string object being used does not contain blank spaces, then the string delimiters, single or double quotes, mentioned in this section are not required.
Page 195: Configuring The Ap Using Cli Commands
2. Under File > Properties > Settings > ASCII Setup, enable the Send line ends with line feeds option. HyperTerminal sends a line return at the end of each line of code. 3. Enter the CLI password (default is public). NOTE: Proxim recommends changing your default passwords immediately. To perform this operation using CLI commands, see Change Passwords.
Page 196: Set Basic Configuration Parameters Using Cli Commands
Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Set Basic Configuration Parameters using CLI Commands There are a few basic configuration parameters that you may want to setup right away when you receive the AP. For example: •...
Page 197 [Device-Name]>set snmpv3privpasswd <New Password> (SNMPv3 privacy password) [Device-Name]>reboot 0 CAUTION: Proxim strongly urges you to change the default passwords to restrict access to your network devices to authorized personnel. If you lose or forget your password settings, you can always perform the...
Page 198 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Country Code Country Code Country Code Armenia Iceland Philippines Australia India Poland Austria Indonesia Portugal Azerbaijan Ireland 5.8 GHz Puerto Rico Bahrain Israel Qatar Belarus Italy Romania Belgium Jamaica Russia...
Page 199 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Perform the following commands to enable TX Power Control and set the transmit power level: [Device-Name]>set txpowercontrol enable [Device-Name]>set wif <interface number> currentbackofftpcvalue <0-9 dBm1-35 dBm> Configure SSIDs (Network Names), VLANs, and Profiles Perform the following command to configure SSIDs and VLANS, and to assign Security and RADIUS Profiles.
Page 200 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands NOTE: The configuration filename and TFTP server IP address are configured only when the AP is configured for Static IP. If the AP is configured for Dynamic IP these parameters are not used and obtained from DHCP. The default filename is “config”.
Page 201: Other Network Settings
Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Other Network Settings There are other configuration settings that you may want to set for the AP. Some of them are listed below. • Configure the AP as a DHCP Server •...
Page 202 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Configure DHCP Relay Perform the following command to enable or disable DHCP Relay Agent Status. NOTE: You must have at least one entry in the DHCP Relay Server Table before you can set the DHCP Relay Status to Enable.
Page 203 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands The values for the DCS Threshold range from 1 to 10. The default value is 5. Enable/Disable Closed System [Device-Name]>set wif 3 closedsys <enable/disable> Shutdown/Resume Wireless Service [Device-Name]>set wif 3 wssstatus <1 (resume)/2 (shutdown)>...
Page 204 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Value Distance Between APs Large Medium Small Mini Micro Set Ethernet Speed and Transmission Mode [Device-Name]>set etherspeed <value> (see below) [Device-Name]>reboot 0 Ethernet Speed and Value Transmission Mode 10 Mbits/sec - half duplex 10halfduplex 10 Mbits/sec - full duplex...
Page 205 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Configure Management Ports [Device-Name]>set snmpifbitmask <(see below)> [Device-Name]>set httpifbitmask <(see below)> [Device-Name]>set telifbitmask <(see below)> Choose from the following values: Interface Bitmask Description 0 or 2 = Disable (all interfaces) All management channels disabled 1 or 3 = Ethernet only Ethernet only enabled 4 or 6 = Wireless only...
Page 206 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Configure Syslog [Device-Name]>set syslogpriority <1–7 (default is 6)> [Device-Name]>set syslogstatus <enable/disable> [Device-Name]>set sysloghbstatus <enable/disable> (default is disable) [Device-Name]>set sysloghbinterval <1–604800> (default is 900 seconds) [Device-Name]>set sysloghosttbl <index> ipaddr <ipaddress> cmt <comment> status <enable/disable>...
Page 207 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands maxretx <value> acctupdtintrvl <value> macaddrfmt <value> authlifetm <value> radaccinactivetmr <value> vlanid <vlan id -1 to 4094> status enable NOTE: To create a new RADIUS profile, use 0 for <Index>. Examples of Configuring Primary and Secondary RADIUS Servers and Displaying the RADIUS Configuration Primary server configuration: [Device-Name]>set radiustbl 1.1 profname "MAC Authentication"...
Page 208 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Server Status : notReady Server Addressing Format : ipaddr IP Address/Host Name : 0.0.0.0 Destination Port : 1812 VLAN Identifier : -1 MAC Address Format : dashdelimited Response Time Maximum Retransmission Authorization Lifetime...
Page 209 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Disable VLAN Management [Device-Name]>set vlanstatus disable or [Device-Name]>set vlanmgmtid -1 [Device-Name]>reboot 0 Add a Entry to the WIFSSID Table [Device-Name]>set wifssidtbl <index> ssid <Network Name> vlanid <-1 (untagged) or 1–4094> status enable Set Security Profile Parameters Configure a Security Profile with Non Secure Security Mode...
Page 210 Command Line Interface (CLI) AP-700 User Guide Configuring the AP using CLI commands Example: [Device-Name]>set secprofiletbl 8 secmode 802.11i-psk passphrase 12345678 status enable...
Page 211: Cli Monitoring Parameters
Command Line Interface (CLI) AP-700 User Guide CLI Monitoring Parameters CLI Monitoring Parameters Using the show command with the following table parameters will display operating statistics for the AP (these are the same statistics that are described in the Monitoring section).
Page 212: Parameter Tables
Command Line Interface (CLI) AP-700 User Guide Parameter Tables Parameter Tables Objects contain groups that contain both parameters and parameter tables. Use the following Tables to configure the Access Point. Columns used on the tables include: • Name - Parameter, Group, or Table Name •...
Page 213: Alarms Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables – TCP/UDP Port Filtering - Filter IP packets based on TCP/UDP port • Alarms Parameters – SNMP Table Host Table Parameters - Enter the list of IP addresses that will receive alarms from the AP –...
Page 214: System Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables System Parameters Name Type Value Access CLI Parameter System Group system Name DisplayString User Defined sysname Location DisplayString User Defined sysloc Country Identifier* DisplayString Country Identifiers sysworldcountrycode below Contact Name DisplayString User Defined sysctname Contact E-mail...
Page 215 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Country Indoor/Outdoor Identifier Finland Indoor Outdoor France Indoor Outdoor Germany Indoor Outdoor Greece Indoor Outdoor Hungary Indoor Outdoor Ireland Indoor Outdoor Italy Indoor Outdoor Latvia Indoor Outdoor Lithuania Indoor Outdoor Luxembourg Indoor Outdoor Malta...
Page 216: Network Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables Inventory Management Information The inventory management commands display advanced information about the AP’s installed components. You may be asked to report this information to a representative if you contact customer support. Name Type Value...
Page 217 Command Line Interface (CLI) AP-700 User Guide Parameter Tables DNS Client for RADIUS Name Resolution Name Type Value Access CLI Parameter DNS Client Group DNS Client status Integer enable dnsstatus disable (default) Primary DNS Server IP IpAddress User Defined dnspridnsipaddr Address Secondary DNS Server IpAddress...
Page 218 Command Line Interface (CLI) AP-700 User Guide Parameter Tables DHCP Relay Group The DHCP Relay Group allows you to enable or disable DHCP Relay Agent Status. Name Type Value Access CLI Parameter DHCP Relay Group Group dhcprelay Status Integer enable dhcprelaystatus disable DHCP Relay Server...
Page 219 Command Line Interface (CLI) AP-700 User Guide Parameter Tables SNTP Parameters Name Type Value Access CLI Parameter SNTP Group Group sntp SNTP Status Integer enable sntpstatus disable Primary Server Name or DisplayString 0 - 255 characters sntpprisvr IP Address Secondary Server Name DisplayString 0 - 255 characters sntpsecsvr...
Page 220: Interface Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables Interface Parameters Wireless Interface Parameters The wireless interface group parameter is wif. The wireless interface uses table index 3. Common Parameters to 802.11a and 802.11b/g Name Type Value Access CLI Parameter Wireless Interfaces Group Table Index...
Page 221 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Distance Between Receive Sensitivity Transmit Defer Threshold Threshold (dBm) (dBm) Large Medium Small Mini Micro ** Each 802.11 packet is acknowledged by the receiving station. On links longer than about 100m, the time that it takes for the ACK to get back to the sending station is long enough to cause the sending station to believe that the packet was not properly received.
Page 222 Command Line Interface (CLI) AP-700 User Guide Parameter Tables 802.11b Specific Parameters Name Type Value Access CLI Parameter Operating Frequency Integer 1 - 14; available channels vary by channel Channel regulatory domain/country; see Available Channels Multicast Rate Integer 1 Mbits/sec (1) multrate 2 Mbits/sec (2) (default) 5.5 Mbits/sec (3)
Page 223 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Name Type Value Access CLI Parameter Transmit Rate Integer32 For 802.11b-only mode: txrate 0 (auto fallback; default) 1 Mbits/sec 2 Mbits/sec 5.5 Mbits/sec 11 Mbits/sec For 802.11g-only mode:* 0 (auto fallback; default) 6 Mbits/sec 9 Mbits/sec 12 Mbits/sec...
Page 224 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Wireless Distribution System (WDS) Parameters Name Type Value Access CLI Parameter WDS Table Table wdstbl Port Index Integer 3.1 - 3.6 (Wireless) portindex Status Integer enable, disable status Partner MAC Address PhysAddress User Defined partnermacaddr...
Page 225 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Name Type Value Access CLI Parameter RADIUS EAP Profile DisplayString User defined radeapprofile RADIUS Accounting DisplayString User defined radacctprofile Profile QoS Policy Integer32 User defined qospolicy Ethernet Interface Parameters Name Type Value Access CLI Parameter...
Page 226: Management Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables Management Parameters Secure Management Parameters Name Type Value Access CLI Parameter Secure Management Integer 1 (enable) securemgmtstatus 2 (disable) SNMP Parameters Name Type Value Access CLI Parameter SNMP Group snmp SNMP Management Interface Bitmask 0 or 2 = No interfaces snmpifbitmask...
Page 227 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Telnet Parameters Name Type Value Access CLI Parameter Telnet Group telnet Telnet Management Interface Bitmask 0 or 2 = No interfaces telifbitmask Interface Bitmask (disable) 1 or 3 = Ethernet 4 or 6 = Wireless 5 or 7 = All interfaces (default is 7) Telnet Port...
Page 228 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Name Type Value Access CLI Parameter SSH Public Host Key DisplayString AP Generated sshkeyfprint Fingerprint SSH Host Key Status Integer create sshkeystatus delete The AP SSH feature, open-SSH, confirms to the SSH protocol, and supports SSH version 2. The following SSH clients have been verified to interoperate with the AP’s server.
Page 229: Filtering Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables IP Access Table Parameters When creating table entries, you may either specify the argument name followed by argument value or simply enter the argument value. When only the argument value is specified, then enter the values in the order depicted by the following table.
Page 230 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Name Type Value Access CLI Parameter Static MAC Address on PhysAddress User Defined wiredmacaddr Wired Network Static MAC Address PhysAddress User Defined wiredmask Mask on Wired Network Static MAC Address on PhysAddress User Defined wirelessmacaddr...
Page 231: Alarms Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables TCP/UDP Port Filtering Table The following parameters are used to configure TCP/UDP Port filters. Name Type Value Access CLI Parameter Port Filtering Table Table portflttbl Table Index User Defined index (there are also 4 pre-defined indices, see Port Number below for...
Page 232 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Name Type Value Access CLI Parameter Password DisplayString User Defined (up to 64 passwd characters) Comment (optional) DisplayString User Defined (up to 254 characters) Status (optional) Integer enable (default) status disable delete Syslog Parameters The following parameters configure the Syslog settings.
Page 233: Bridge Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables Bridge Parameters Spanning Tree Parameters Name Type Value Access CLI Parameter Spanning Tree Group Spanning Tree Status Integer enable stpstatus disable (default) Bridge Priority Integer 0 - 65535 stppriority 32768 (default) Maximum Age Integer 600 - 4000...
Page 234 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Storm Threshold Table Name Type Value Access CLI Parameter Storm Threshold Table Table stmthrestbl Table Index Integer 1 = Ethernet index 3 = Wireless Broadcast Threshold Integer 0 - 255 packets/sec bcast (default is 0) Multicast Threshold...
Page 235: Radius Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables RADIUS Parameters General RADIUS Parameters Name Type Value Access CLI Parameter RADIUS Group radius Client Invalid Server Counter32 radcliinvsvradd Address RADIUS Server Configuration Parameters NOTE: Use a server name only if you have enabled the DNS Client functionality. See DNS Client for RADIUS Name Resolution.
Page 236: Security Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables Security Parameters MAC Access Control Parameters Name Type Value Access CLI Parameter MAC Address Control Group macacl Status Integer enable aclstatus disable (default) Operation Type Integer passthru (default) macacloptype block MAC Access Control Table Name Type Value...
Page 237 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Name Type Value Access CLI Parameter Hardware Configuration Integer enable (1) hwconfigresetstatus Reset Status disable (2) Configuration Reset DisplayString User Defined configresetpasswd Password Security Profile Table The Security Profile Table allows you to configure security profiles. A maximum of 16 security profiles are supported. Each security profile can contain one or more enabled security modes (Non-secure station, WEP station, 802.1x station, WPA station, WPA-PSK station, 802.11i, 802.11i-PSK).
Page 238: Vlan/Ssid Parameters
Command Line Interface (CLI) AP-700 User Guide Parameter Tables Key Length Hexadecimal ASCII 128-bit 26 characters (0 - F) 13 alphanumeric characters 152-bit 32 characters (0 - F) 16 alphanumeric characters Each ASCII character corresponds to two hexadecimal digits. See ASCII Character Chart for ASCII/Hexadecimal correspondence.
Page 239 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Enabling QoS Name Type Value Access CLI Parameter QoS Status Object Status enable qosstatus disable (default) QoS Maximum Medium Integer 50 - 90 qosmaximummediumthresh Threshold Configuring QoS Policies The QoS group manages the QoS policies: Name Type Value...
Page 240 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Specifying the Mapping between IP Precedence/DSCP Ranges and 802.1D Priorities The QoS IP DSCP to 802.1D Mapping Table specifies the mapping between IP Precedence/DSCP Ranges and 802.1D priorities. Name Type Value Access CLI Parameter QoS IP DSCP to 802.1D...
Page 241 Command Line Interface (CLI) AP-700 User Guide Parameter Tables Name Type Value Access CLI Parameter CWmax Integer 0 - 65535 cwmax AIFSN Integer 2 - 15 aifsn Tx OP Limit Integer 0 - 65535 txoplimit MSDU Lifetime Integer 0 - 500 msdulifetime AC Mandatory Truth Value...
Page 242: Cli Batch File
Command Line Interface (CLI) AP-700 User Guide CLI Batch File CLI Batch File A CLI Batch file is a user-editable file that lists a series of CLI set commands, that can be uploaded to the Access Point to change its configuration. The Access Point executes the CLI commands specified in the CLI Batch file after upload and the configuration gets changed accordingly.
Page 243: Reboot Behavior
Command Line Interface (CLI) AP-700 User Guide CLI Batch File Reboot Behavior When a CLI Batch file contains a reboot command, the reboot will occur only after the entire CLI Batch file has been executed. There are two methods of uploading the CLI Batch File: •...
Page 244: B Proximunify (Pxu) Management
AP-4000/4000M/4900M User Guide ProximUnify (PXU) Management This section discusses the MIB Parameters: • To manage CMOB • To manage the PXU • To manage the Uplink VLAN ID table To manage CMOB Name Type Value Access MIB Objects Wireless Interface Table oriWirelessIfSSIDTable SSID Table...
Page 245 ProximUnify (PXU) Management AP-4000/4000M/4900M User Guide To manage the Uplink VLAN ID table Name Type Access MIB Objects Uplink VLAN ID Table Table oriUplinkVLANIDTable Uplink VLAN ID Table Entry Table Entry oriUplinkVLANIDTableEntry Uplink VLAN ID Table Index Integer32 oriUplinkVLANIDTableIndex Uplink VLAN ID Table Start VLAN ID oriUplinkVLANIDTableStartVLANID VLAN ID...
Page 246: Ascii Character Chart
AP-700 User Guide ASCII Character Chart You can configure WEP Encryption Keys in either Hexadecimal or ASCII format. Hexadecimal digits are 0-9 and A-F (not case sensitive). ASCII characters are 0-9, A-F, a-f (case sensitive), and punctuation marks. Each ASCII character corresponds to two hexadecimal digits.
Page 247: Software Features
AP-700 User Guide Specifications • Software Features • Hardware Specifications • Available Channels Software Features The tables below list the software features available on the AP-700. • Number of Stations per BSS • Management Functions • Advanced Bridging Functions • Medium Access Control (MAC) Functions •...
Page 248: Advanced Bridging Functions
Specifications AP-700 User Guide Software Features Advanced Bridging Functions Feature Supported by AP-700 IEEE 802.1d Bridging WDS Relay Roaming Protocol Filtering Multicast/Broadcast Storm Filtering Proxy ARP TCP/UDP Port Filtering Blocking Intra BSS Clients Packet Forwarding Medium Access Control (MAC) Functions Feature Supported by AP-700 Automatic Channel Selection (ACS)
Page 249: Security Functions
Specifications AP-700 User Guide Software Features Security Functions Feature Supported by AP-700 Security Profiles per VLAN RADIUS Profiles per VLAN IEEE 802.11 WEP* MAC Access Control RADIUS MAC-based Access Control † IEEE 802.1x Authentication ‡ Multiple Authentication Server Support per VLAN Rogue Scanning to Detect Rogue Access Points and Clients §...
Page 250: Hardware Specifications
Specifications AP-700 User Guide Hardware Specifications Hardware Specifications Category Specification Physical Dimensions (H x W x L) 1 x 4.75 x 7.1 in (25 x 121 x 180 mm) Weight Unit: .65 lb (.295 kg) Power Supply: .45 lbs (.20 kg) Electrical Voltage 100 to 240 VAC +/- 10% (50-60 Hz) (power supply)
Page 251: Available Channels
Specifications AP-700 User Guide Available Channels Available Channels Available channels vary based on operational mode and country. To verify which channels are available for your product: 1. Locate the product model number on the underside of your AP unit or on the unit’s box. 2.
Page 252: Wd Sku Channels By Country
Specifications AP-700 User Guide Available Channels WD SKU Channels by Country Available channel bands depend on the selected country and mode of use (indoor/outdoor). The typical channels available in each 802.11a frequency band are as follows: Band Supported Channels All Channels (A) 30 to 215 Lower (L) 36, 40, 44, 48...
Page 253 Specifications AP-700 User Guide Available Channels Country Indoor/Outdoor 802.11a 802.11b/g Country .11d Country Identifier Code Latvia Indoor L, M, H 1 - 13 Outdoor 1 - 13 Lithuania Indoor L, M, H 1 - 13 Outdoor 1 - 13 Luxembourg Indoor L, M, H 1 - 13...
Page 254: E Technical Services And Support
If you are having trouble utilizing your Proxim product, please review this manual and the additional documentation provided with your product. If you require additional support and would like to use Proxim’s free Technical Service to help resolve your issue, please be ready to provide the following information before you contact Proxim’s Technical Services: •...
Page 255: Support Options
Hours of Operations: 8.00AM-6.00PM, Monday through Friday, Pacific Time ServPak Support Proxim understands that service and support requirements vary from customer to customer. It is our mission to offer service and support options that go above-and-beyond normal warranties to allow you the flexibility to provide the quality of service that your networks demand.
Page 256 There is no waiting in line for those urgent calls for technical support. To purchase ServPak support services, contact your authorized Proxim distributor. To receive more information or for questions on any of the available ServPak support options, call Proxim Support at 408-383-7700 or send an email to servpak@proxim.com.
Page 257: F Statement Of Warranty
The express warranties set forth in this Agreement will not apply to defects in a Product caused; (i) through no fault of Proxim Wireless during shipment to or from Buyer, (ii) by the use of software other than that provided with or installed in...
Page 258: Other Information
Calls to the Customer Service Center for reasons other than Product failure will not be accepted unless Buyer has purchased a Proxim Wireless Service Contract or the call is made within the first thirty (30) days of the Product’s invoice date.

Proxim ORiNOCO AP-700 User Manual

1 Introduction

2 Installation and Initialization

3 System Status

4 Advanced Configuration

5 Monitoring

6 Commands

7 Troubleshooting

B Proximunify (PXU) Management

100 C ASCII Character Chart

500 D Specifications

E Technical Services and Support

F Statement of Warranty

Quick Links

Related Manuals for Proxim ORiNOCO AP-700

Summary of Contents for Proxim ORiNOCO AP-700

Table of Contents