Gebruiksaanwijzing /service van het product ORiNOCO AP-2500 van de fabrikant Proxim
Ga naar pagina of 250
ORiNOCO AP-2500 User Guide.
2 Copyright © 2003 Prox im Corpora tion. All rights reser ved. Covered by one or more of the followi ng U.S. patents: 5,231,63 4; 5,875,179 ; 6,0 06,090; 5,809, 060; 6,0 75,81 2; 5,077 ,753. This use r ’s guide and t he softw are des cribed i n it a re copyright ed wit h all r ights reserve d.
3 ORiNOCO AP-2500 User Guide Content s 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Int roducing the AP-2500 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4 Contents Configure Net work Names for the Wirele ss Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Configure the Ethernet Int erface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5 Contents Disabling the AP’s DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 IP Upsell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6 Contents Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7 Contents Autho rized Su bscr ibers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 Authorized S ubscribers T able and th e Current S ubscribers T abl e . . . . . . . . . . . . . . . . . . . . 154 Manually Adding a S ubscriber .
8 Contents Client Con nection Pr oblems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 5 Client Ma nager Finds No Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9 Contents Command Line Inter face (CLI) V ariations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 Bootload er CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10 Contents Set the Mu lticast Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3 Set Etherne t S peed and Transmission M ode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
11 Contents URL Filtering Paramet ers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 URL Filterin g IP T able . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
12 External Aut hentication Procedur e (Detai led) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 Sample X ML Commun ications wi th the AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 C Credit Card I nterface Spe cification .
13 ORiNOCO AP-2500 User Guide 1 Intr oduction In This Chapter • Introduc ing the AP-2 500 • Overvi ew of Product Features • The P rod uct Packa ge • Minimum System R equirem ents • Manage me.
14 Intr oduc tion • Outgoing e-m ail (SMTP) Redirect ion: Y ou ca n con figure the AP-2 500 to redirect o utgoin g e-ma il mess ages to a specified Simple M ail Transfer Prot ocol (SM TP) ser ver . Subscrib ers can send e -mails as if they w ere con nected to the ir home ne twor k.
15 Intr oduc tion One of th e key feat ures o f DA T is a t ech nique known as Network Ad dress Translation (NA T) . NA T is an Internet standard tha t allows a dev ice (like the AP-2500) to u se a si.
16 Intr oduc tion Networking Features The AP-250 0 provid es wireles s access to the Internet for hotspot su bscriber s. This mea ns that your custom ers can surf the In ternet and send e-m ails from a nywhere w ithin rang e of the Access Point with out having to install extra wi res or ca blin g.
17 Intr oduc tion 802.11a and 802.11b Networks The AP-250 0 supports both the IEEE 80 2.1 1a and 802.1 1b standar ds. The AP-25 00 can be use d with the following combinat ions of 802 .1 1 a and 802. 1 1b rad io cards : • One 802.1 1b card ( second sl ot empty ) • One 802.
18 Intr oduc tion List of Networking Featur es The IEEE standards tha t governs w ireless communi cations ar e different for the 2. 4 GHz band and the 5 GHz band. The table belo w compares the software featur es suppor ted for each type of ca rd in the AP-2500 device: *This feature is not available if y ou are using an OR iNOCO 802.
19 Intr oduc tion The follow ing table provi des detailed infor mation o n the differences between t he 802.1 1a and 802 .1 1b f eature sets. 2.4 G Hz (802.
20 Intr oduc tion The Product Package Each AP-2500 comes with the following: • AP proces sor modul e • AP cover • Mount ing plate • Mount ing hardwar e – Four 3.
21 Intr oduc tion W eb Br owser Inter face The Web Browse r interface (also kno wn as the HTTP i nterface ) provides easy acces s to configura tion setti ngs and network statistics from an y comp uter in the ne twork. Us e the Web brows er interfac e throug h your LAN (switch, hub, etc.
22 Intr oduc tion The Nomadix MIB con trols the followin g settings: • All of the Publ ic S pace features found unde r the PublicSpace and Subscrib er head ings w ithin t he Web browser interface (describe d in Publ ic S pace Pa rame ters ).
23 ORiNOCO AP-2500 User Guide 2 Instal lation & Basic Co nfigurati on In This Chapter This c hapter d escribe s how to ins tall the AP -2500 hardwa re a nd per form ba sic co nfigurati on oper ations.
24 Installation & Basic Configurati on Hardwar e Installation Refer to th e steps below that corres pond to yo ur configu ration: • AP-2500 with Active E thernet • AP-2500 with Pow er S upply .
25 Installation & Basic Configurati on NOTE If you wan t to install a second 802.1 1 b wirele ss card in Slot B, you will first need to rem ove the slot cover (which is pr ovided for plenum-rat ing purpos es). See Inst alli ng a Card in Slot B for instr uctions.
26 Installation & Basic Configurati on AP-2500 with Power Supply Follow these inst allation st eps if you purc hased an AP with a power su pply: 1. Clip t he power supply int o the mounting brac ket. 2. Plug the AC power cor d into the powe r supply .
27 Installation & Basic Configurati on Figur e 2 -7 Slid e a PC C ard i nto th e AP NOTE If you wan t to install a second 802.1 1 b wirele ss card in Slot B, you will first need to rem ove the slot cover (which is pr ovided for plenum-rat ing purpos es).
28 Installation & Basic Configurati on NOTE Proxim reco mmends that you perf orm a Site Survey p rior to determi ne the inst allation locati on for your AP-2500. For informa tion about how to condu ct a Site Survey , contact yo ur local rese ller .
29 Installation & Basic Configurati on Figure 2-1 1 Remo ve the A P cover 4. Remove the powe r and Ethern et cables from the unit. 5. Position the antenna adapter, card inward, fa cing the top of the unit (see di agram) an d insert th e 5 GHz card into the avail able card sl ot.
30 Installation & Basic Configurati on 8. Position the antenna for best rec eption: • at a 90° angle for flat surfac e moun ts • at a 180° ang le for wall m ounts 9. Re-attach th e power and Ethernet cab ling. 10. Re-ins tall the cove r and moun t the AP bac k in place.
31 Installation & Basic Configurati on Initialization (ScanT ool) ScanT ool is a sof tware utility that is inclu ded on the inst allation CD-ROM. The to ol automatically dete cts the Access Poi nts installed on your netwo rk, regard less of IP ad dress, an d lets you config ure each un it’s IP settings.
32 Installation & Basic Configurati on 7. Locate the MAC add ress of the AP y ou want to ini tialize with in the Scan List . NOTE If your Acce ss Point does not show up i n the Scan L ist, click the Rescan bu tton to upda te the disp lay . If the unit still doe s not appea r in the list, se e T roubl eshoot ing for sugg estions.
33 Installation & Basic Configurati on Basic Configuration Once yo u have a valid IP Address assigned to your AP-25 00 and you ca n commu nicate w ith it over an Ethe rnet network , use you r web bro wser to c onfigure the AP-25 00.
34 Installation & Basic Configurati on Figure 2-17 Ente r Netwo rk Passw ord Figure 2-18 W eb In terf ace’s System S t atus S creen.
35 Installation & Basic Configurati on Set System Name, Location and Contact Information Figure 2-19 System Config uratio n 1. Click C onfi gure > System .
36 Installation & Basic Configurati on Figure 2-20 Netwo rk IP C onfigura tion Config ure Network Names for the Wireless Interfaces During bo ot-up, the AP au tomat ically dete cts the numbe r and type of radi o cards ins talled and upd ates the wireless configur ation param eters accor dingly .
37 Installation & Basic Configurati on Config ure the Ethern et Interface 1. Click C onfi gure > Interfaces > Ethernet . 2. Set the Speed and Transmission Mo de for the A P’s Ethernet inter face. • This is the s peed and dup lex at which the AP com municat es with your Ethe rnet net work.
38 Installation & Basic Configurati on 5. Select the Key that the Access Point will use to encrypt outgoing data from the E ncrypt Data T ransmi ssions Using drop-dow n menu. By default, th is parameter is se t to Key 1. 6. Repea t these steps f or the second slot ( if appl icable).
39 Installation & Basic Configurati on NOTE For security purpos es Proxim recom mends that you ch ange ALL P ASSWORDS from the d efault “public” immedi ately to rest rict acce ss to author ized per sonnel. If yo u lose or for get your password setti ngs, you can always pe rform the R eset to Fact ory Defaul t Procedure .
40 Installation & Basic Configurati on Reboot the AP Most of the AP’s co nfigurati on setting s take effect immedia tely; they do not require a reboot.
41 Installation & Basic Configurati on Download Updates fr om your T F TP Server us ing the CLI I nterface 1. Downl oad the late st software at http://www .proxim. com/ . 2. Copy the la test softwar e updates to your TFTP server . 3. Open t he CLI inter face via T elnet or a se rial conne ction.
42 Installation & Basic Configurati on Downloading Con figuration Files Follow these step s to download confi guration files to the AP: 1. Copy co nfig.sys and current.txt to yo ur TFTP serv er ’s root director y (if neces sary). 2. Login to th e AP’s Web browser inte rface.
43 ORiNOCO AP-2500 User Guide 3 AP-2500 Au thentication Methods The AP-250 0 is a versat ile Access Po int for hotspot lo cations th at suppo rts multiple authe ntication methods. The unit includes all of the feat ures nec essary for a user to set up a h otspot quickly and easil y withou t requiring s ervers or advanced Web desig n skills.
44 AP-2500 Au thentica tion Methods Intern al Authentication In this con figuratio n, the AP-250 0 provid es all authent ication services to sub scribe rs using its Inter nal Web Server (IWS). Th is is the easi est configur ation to des ign and im plement but it offers limited fun ctionality .
45 AP-2500 Au thentica tion Methods NOTE If you wan t to provide th e user with t he ability to lo g in or out of the c onnection , you need t o use a RADI US server .
46 AP-2500 Au thentica tion Methods • Y ou can disable the AP’s DHCP server if there is another DHCP server that you want to use instead . See Disabling the AP’ s DHCP Server for details . 4. Config ure IP Upsel l , if desi red. See IP Up sell for d etai ls.
47 AP-2500 Au thentica tion Methods NOTE Advanced users can al so mana ge the AP from a networ k comput er using XM L comm ands (tasks suc h as adding an d deleting users). See AAA Basic for conf iguration informat ion and XML Interfac e Specification for informat ion on XML comm ands.
48 AP-2500 Au thentica tion Methods 17. If you wan t to char ge custome rs for ac cess time via credit car d, config ure the Credit Card Services options.
49 AP-2500 Au thentica tion Methods • If you wan t all outgoin g mail traffic redir ected to the specifie d server , enable b oth the M isconfigu red and Properly Configured option s.
50 AP-2500 Au thentica tion Methods 6. Confi gure the Amoun t Paid field, if d esired. The AP au tomat ically fills in this f ield after a s ucces sful cre dit card pu rchase. 7. Confi gure the opt ional User Alias fields, if desi red. These ar e for notes only and do not have an im pact on the au thentica tion proce ss.
51 AP-2500 Au thentica tion Methods Intern al Authentication with RADIUS In this con figuration, the AP-25 00 provides all of the aut henticati on services describ ed in Internal Authe ntication , but it also communica tes with a Remote Authentic ation Dial-In User Service (RADIUS) server on the network to determine if a user is v alid.
52 AP-2500 Au thentica tion Methods 3. Client sends AP its login c redent ials (Us er nam e/passwor d or MAC address ). 4. AP chec ks i ts Authoriz ed Subscr ibers T able. If the client is not listed , the AP forwards the authenticatio n request to the RADIUS server .
53 AP-2500 Au thentica tion Methods 1. Install the RA DIUS ap plication on your net work serv er , if necess ary . • IAS is include d with Wi ndows 200 0 Serve r . If yo u want to in stall IAS, follow these steps: 1. Click Start > C ontrol Panel .
54 AP-2500 Au thentica tion Methods 16. Retur n to the Internet Au thentica tion Serv ices window and right- click the Remote A ccess Policies entr y in the na viga tion tree. 17. Selec t New Remote Access P olicy f rom th e dr op-do wn men u. 18. Enter a Policy friendly name in the field provide d and cli ck Next .
55 AP-2500 Au thentica tion Methods Configure the AP- 2500 After you have installed and con figured yo ur RADI US server, you need to conf igure your AP to commun icate wit h the RADIUS server and provide internal aut henticatio n. Follow thes e steps: 1.
56 AP-2500 Au thentica tion Methods 5. Config ure the Retrans mission Options . • Select a Retran smissi on Me thod . Thi s opt ion i s on ly v alid if yo u hav e conf igu red s etti ngs f or a Secon dary Server . — Fail ove r: The AP make mult iple attempts to reac h the Primary Server .
57 AP-2500 Au thentica tion Methods • Place a che ck mark i n the Send NA S Port T ype box if you wan t to includ e the port typ e in the messa ges sen t to the RADIUS server . • Set the NAS Port T y pe to 19 if y ou enab led Se nd NAS Port T ype .
58 AP-2500 Au thentica tion Methods Exte r nal Authen ticat ion The Externa l Web Server (EWS) interf ace was des igned fo r custome rs who wan t to develo p and use the ir own content. It allow s for more c ustomiz ation than if us ing the Internal Web Serv er (IWS ).
59 AP-2500 Au thentica tion Methods • The cu stomer m ust try to acce ss a val id Web sit e to initiat e a redir ect. En tering an unreac hable UR L or inv alid Web ad dress will not initiate a red irect to the Ex ternal port al page. • Custom ers who try to access e-mail first w ill not have a connec tion.
60 AP-2500 Au thentica tion Methods • Some app licatio ns require a public IP add ress to func tion prope rly over th e Internet (such as ce rtain VPN applicati ons, on-line gaming, a nd Web hostin g). Customers who requi re a public IP a ddress may be willin g to a premium for this ser vice.
61 AP-2500 Au thentica tion Methods 22. Click t he AAA Port tab and con figure the AAA Passthro ugh Port set tings, if appl icable. For ex ample, if you ar e redirecti ng custom ers to a secur e HTTPS page, you should set the AAA Passt hrough Port for port 443.
62 ORiNOCO AP-2500 User Guide 4 Network Parameters In This Chapter This chap ter describe s all of the network op erating param eters that can be conf igured usi ng the Acc ess Point’s Web browser interfac e (that is, the para meters acc essible after clicking the Configure butt on).
63 Network Parameters Network The Netw ork catego ry contains fo ur sub-cat egorie s. – IP Co nfiguration – DHCP Server – DNS Server – VLAN IP Configurat ion Y ou can co nfigure an d view the .
64 Network Parameters Overview of DHCP Server Parameters Y ou can co nfigure an d view the following parameters wit hin the DHC P Server Configuratio n screen : • Enable DHCP Server: Place a check mark in the box provided to enable DHCP Ser ver functionality .
65 Network Parameters Fig ure 4-1 DHC P Serv er Conf igur atio n Scr een Configuring the AP to Serve Public IP Addr esses If you have a pool of public IP a ddresses and do not want th e AP to perform .
66 Network Parameters 5. In the Relay T ype field, s elect the type o f addresses your DHCP server will assign to subscrib ers: Public or Private . 6. In the DHCP Relay Server IP field, enter the IP address of your DHCP server .
67 Network Parameters Figure 4-2 En abling IP U psell 1 1. Config ure the billing plans that you want to offer . – At least on e plan sho uld offer priv ate IP addre sses and a t least one plan shou ld offer publi c IP address es (you can config ure up to si x different billing pl ans).
68 Network Parameters • If you use e xternal au thentica tion, you ca n add an IP_ T y pe attribute t o the User_A dd XML co mmand and specify the addr ess type (pu blic or priva te), as show n in t.
69 Network Parameters 4. Enter the DNS Do main na me. T his na me is prov ided b y you r ISP or ne twor k admi nist rator . 5. Enter up to thr ee DNS S erver IP addr esses in th e fields provi ded. Y ou m ust configur e at least the Primary D NS Server IP address.
70 Network Parameters VLAN W orkgrou ps and T raff ic Management T radi tional, dua l-slot acc ess po int devic es that ar e not VLA N-capable typically b roadcas t and m ulticast tr affic over bo th wireless cells. This pr ocess w astes wirel ess band width and deg rades throu ghput per formanc e.
71 Network Parameters Figure 4-5 VLAN Configuration Scr een (Wir eless A and Wirele ss T agged with Different VLAN IDs ) 1. Login to th e Web interface. 2. Click C onfi gure > Interfaces > Wire less A . 3. Set the SSID for card A. 4. Click the Wi reless B tab .
72 Network Parameters Figure 4-6 V LAN Configurat ion Screen (Sl ot A tagge d; Slot B unta gged) 1. Login to th e Web interface. 2. Click C onfi gure > Interfaces > Wire less A . 3. Set the SSID for card A. 4. Click the Wi reless B tab . 5. Set the SSID for card B (this shoul d be different from the SSID f or card A).
73 Network Parameters Figure 4-7 VLAN Configuration Scr een (Wir eless A and Wirele ss B Use Same VLAN ID) 1. Login to th e Web interface. 2. Click C onfi gure > Interfaces > Wire less A . 3. Set the SSID for card A. 4. Click the Wi reless B tab .
74 Network Parameters Wireless (802.11a) Y ou can co nfigure an d view the following parameters wit hin the Wi reless I nterfa ce Confi gura tion scre en for an 802. 1 1a radi o: NOTE Y o u must rebo ot the Acc ess Point be fore any c hanges to these parameter s take effect.
75 Network Parameters Dynamic Frequency Selec tion (DFS) 802.1 1a devices sold in E urope use a te chniqu e called Dy namic Frequen cy Selec tion (DFS) to autom atical ly select an operat ing chann el. During boo t-up, the AP scans the availab le frequen cy and sele cts a channel that is free of interfere nce.
76 Network Parameters • Distance Betwee n APs: Set to Large , Medium , Small , Microcell , or Minicell depending on th e site surv ey for your system. By default, this parameter is set to Large . The distance val ue is related to th e Multicast Rate (descr ibed next) .
77 Network Parameters • Multicast Rate: Sets the rate at which Mu lticast m essages are sen t. This v alue is r elated to the Distanc e Between APs paramete r (describ ed previou sly). The table be low displa ys the possi ble Multicas t Rates bas ed on the Distance bet ween APs s etting.
78 Network Parameters CAUTION ! Y o u should con duct a Site Sur vey to determ ine the streng th of the wirele ss conne ction on the bo rders of your hotspot.
79 Network Parameters Wir eless Distribution System (WDS) A Wireless D istributio n System (W DS) crea tes a link betw een two AP s over the ir radio interfa ces. This link relays traffic from one AP th at does no t have Ether net connect ivity to a seco nd AP that has Et hernet con nectivity .
80 Network Parameters • The WD S link share s the comm unication ba ndwidth w ith the clients. Ther efore, whi le the max imum data rate fo r the Acce ss Point’s cell is still 1 1 Mbits/sec, cl ient through put will de crease whe n the WDS l ink is active .
81 Network Parameters 14. Click C onfi gure > Interfaces > Wireles s (A or B, if appl icable) to op en the confi guration screen for the r adio that will use WDS. 15. Disable Auto Channel Select if necess ary . 16. Chang e the Frequ ency Chan nel to match t he AP-2500 ’s Frequenc y Channe l, if necessa ry .
82 Network Parameters NOTE For sec urity p urposes Proxi m recom mends cha nging A LL P ASSWO RDS f rom th e defau lt “pub lic” immediat ely , to restrict acc ess to you r network devices to authorized personne l. If you lose or forget yo ur password set tings, yo u can alway s perfor m the Res et to Factory Def ault Proc edure .
83 Network Parameters Fig ure 4-13 Ma nage ment Se rvic es Co nfig urat ion Sc ree n T el net Co nfig urati on Set tings • T eln et Int erface Bi tmask: T o a llow ma nagemen t of the AP using the C LI ove r a T elnet connec tion, set this parame ter to Etherne t (the defaul t setting).
84 Network Parameters • Serial Dat a Bit s: This is a rea d-only fiel d and displa ys the num ber of data bits used in serial comm unicati on (8 data bits by defau lt). • Serial Parity: This is a read -only fie ld and display s the num ber of parity bits used in serial comm unicati on (no parity bits by def ault).
85 Network Parameters • T o edi t or delete an ent ry , click Edit and c hange the inf ormation , or select Enable , Disable , or De let e from the Statu s drop-do wn men u. • An entry’s status m ust be enab led in orde r for the proto col to be subj ect to the fi lter .
86 Network Parameters • Exam ples: — If y ou set the Wired M AC A ddress to 00: 03:8F:00 :00:00 and yo u wan t to block all car ds tha t begin with 00:03:8F , enter FF:FF:FF:00:00:00 as the Wired Mask. This will block any cards whose MAC addre ss begi ns wit h th ose di git s, rangi ng fr om 00 :03 :8F:00 :00: 00 to 00:0 3:8F :FF:F F:FF .
87 Network Parameters Alarms This c ategory has two sub -categories . – Groups – Alarm Host T able Gro ups There are seven ala rm groups tha t can be enab led or disa bled: • Enable Configuratio.
88 Network Parameters Bridge A tradition al access poi nt oper ates as a tran sparent bridge b etwee n your wired an d wirele ss networki ng devic es. The AP-2500 takes t his a step fu rther and prov ides Publ ic S pace features that facilitate ho tspot operatio n (see Public S pace Featur es and Public Space Param eters for details).
89 Network Parameters 9. Select a n Operation T ype from the d rop-dow n menu . Thi s dete rmines how the stations identifi ed in the MA C Access C ontrol T a ble are filter ed. • If set to Passthru , o nly the addresses listed in the Control T able will pass through the AP .
90 Network Parameters RADIUS • RADIUS Overview • Unique AP- 2500 RA DIUS Clie nt Features • RADIUS Messages and RADIUS Attributes • Sample RADIUS T ransmissions • RADIUS Configuration Parameters RADIUS Overview RADIUS is a proven carrier-class protocol to perform a ccurate time and volume-based billin g.
91 Network Parameters Data V olume Information T ransmission ( bytes sent/re ceived) The A P’ s RADI US cl ient imple ment ati on al lows a hot spo t ope rator to a ccura tely trac k th e exac t num.
92 Network Parameters Acce ss- Acce pt Pa rsin g – Reply-Me ssage • Used for ch allenge/ respons e authenticat ion; since t he AP uses th e Passwo rd Authen tication Prot ocol (P AP) for authen tication pu rposes, this attribute is no t curren tly in use.
93 Network Parameters Acct-Requ est – Usern ame – Called-Station-Id – Calling-S tation-Id – Acct-St atus-Type (S tart/St op/Al ive) – Acct-Se ssion-ID – Acc t-O utp ut-O cte ts • Number of octets (bytes) sent by sub scriber . – Acct-Inp ut-Octets • Number of octets (bytes) received by subscri ber .
94 Network Parameters Sample RADIUS T ransmissions Thes e are ac tual accoun ting l ogs fr om a Lucen t Navi s RADIUS server with al l VSAs enabled . Accounting Start Message Thu Aug 29 12 :45:32 2 002 User -Name = “t est flo” NAS-IP -Addre ss = 64.
95 Network Parameters Accounti ng Alive Mess age Caused by Explicit Servi ce Plan Ch ange Thu Aug 29 12 :49:20 2 002 User -Name = “t est flo” NAS-IP -Addre ss = 64.
96 Network Parameters RADIUS Configuration Parameters Y ou can co nfigure the AP to comm unicate w ith up to four different RADIU S server s: • Primary Authentication Ser ver • Back-up Authen tica.
97 Network Parameters • Server IP Address: The IP addre ss of the RA DIUS serve r (separate f ields for Aut henticatio n and Accoun ting). • Server DNS Name: The DNS Name of the RADIU S server (s eparate fields fo r Authentica tion and Accounting ).
98 Network Parameters • Enable RADIUS Profile Caching : When enabled , the AP ma intains the user ’s infor mation in the Current Subs crib ers T able ( S tate: Pend ing ) afte r a user log s out or times out.
99 Network Parameters Encryption The IEE E 802 .1 1 s tandards specify an o ptional encryp tion fea ture, k nown a s Wired Equiv alent Privacy o r WEP , that i s designe d to provid e a wireless L AN with a security lev el equal to what is found on a wired E thernet ne twork.
100 Network Parameters Special Considerations Regar ding VPN Support The most co mmon VPN protoco l is IPSec. Whe n a subsc riber who ha s a private I P address (assigned vi a NA T ) attempts to cr eate a VPN se ssion, the AP-250 0 perform s a mapping betwee n the subsc riber ’s private I P address a nd the AP’s public IP address.
101 ORiNOCO AP-2500 User Guide 5 Public Space Parameters In this Chapter This chap ter describe s all of the Public S pace oper ating paramet ers that ca n be configur ed using the Access Poi nt’s Web browser interface (tha t is, the para meters acc essible after clicking the PublicSp ace or Subscr iber butt on).
102 Public Space Parameters Home Page Redir ection (HPR) This tab is used to redirect the subscri ber ’s browser to a specifie d home page fo llowing su ccessfu l authent ication.
103 Public Space Parameters Figure 5 -1 Home Page Redirectio n Configuration Authentication, Auth orization, and Accounting (AAA) The AP-250 0 uses AA A services to aut hentica te, authoriz e, and sub sequently bill subscribe rs for their use of the custom er ’s network.
104 Public Space Parameters • Enable AAA Services: Enable thi s option to supp ort any of the authent ication me thods de scribed in AP-250 0 Authentica tion Me thods . Wh en disabled, wireles s users will have a ccess to the Internet without authentic ation; this is the defa ult setting.
105 Public Space Parameters AAA Services with the Internal Web Server (IWS) This screen lets you set th e configur ation option s when au thorizing su bscrib ers using th e IWS (that is, when PublicSpace > AAA > Basic > Aut hen tica tio n M eth od is set to Intern al ).
106 Public Space Parameters Creati ng SSL Keys Y ou need to downloa d three keys to the AP-2 500 before en abling SSL. Y ou mus t create two of these ke ys yours elf: a Private Key file ( cakey .pem ) and a Public Ke y file ( serve r .pe m ). Proxi m provid es the third key ( cacert .
107 Public Space Parameters 8. When pr ompted , follow the on -scree n instruct ions and en ter the info rmation re quested (such as you r company’s name an d address ). • Y ou will be prompted to enter a Common Name . The Common Name is typically composed of t he Host name and Domai n Name ( taking the form of “www.
108 Public Space Parameters 14. Click OK . • Result: The TFTP o peration b egins. A n ew TFTP Oper ation Status window opens. 15. Click Close after the TFTP operat ion is compl ete. 16. Ent er server .pem in the File Na m e fiel d. 17. Le ave File T ype set to Ge neric .
109 Public Space Parameters Figur e 5-5 Inte rnal Auth entica tion with Portal Page The f ollo wing sec ti ons prov ide ba sic in stru ction s for us ing a Po rt al Page. Setting up a W eb Server (Micr osoft IIS ) If you have a W indow s 2000 Serv er , follow the se basic steps t o setup the I IS Web server .
110 Public Space Parameters Designing a Portal Pag e A Portal Page is a Web page; you can des ign it using w hatever Web desig n tools you have availab le. The Portal Page does not have to be ver y complica ted. At its most basic, th e Portal Page nee ds a link to the AP’s Lo gin page.
111 Public Space Parameters Decidi ng which sa mple is righ t for your hotspot de pends on the custom er exper ience yo u want to prov ide. The sections below de scribe how the custom er interac ts with the AP-2 500 under the followin g scena rios: – No Portal Page – HTML Portal Page – ASP Portal Pages No Portal Page 1.
112 Public Space Parameters 7. Follow ing succe ssful authen ticatio n, the custo mer is red irected to th e page he origin ally request ed or to the page you speci fied in the Home Page Redirection URL fiel d (i f ena bled ; se e Home Pa ge Redire ction (HPR) ).
113 Public Space Parameters Figure 5-6 Po rtal Pag e Config uration 6. Click the Pa ssthrou gh ta b. 7. Place a ch eck mark in the Enable P assthrough Address b ox, if ne cessary . 8. Add the DN S names for the Web sites in yo ur walle d garden to th e Passthrough DNS T able .
114 Public Space Parameters Figure 5-7 Sa mple Pa ssthrough T a bles 10. Click OK . 1 1. Click the HPR tab . 12. Plac e a check m ark in the Enab le Home Page Red irection box. 13. Ente r the Web site to whi ch you wa nt to direct custom ers follow ing succe ssful aut henticat ion in the Red irection URL field (for exa mple, http://www .
115 Public Space Parameters Figure 5-8 Po rtal Pag e Config uration 6. Click the Pa ssthrou gh ta b. 7. Place a ch eck mark in the Enable P assthrough Address b ox, if ne cessary . 8. Add the DN S names for the Web sites in yo ur walle d garden to th e Passthrough DNS T able .
116 Public Space Parameters Figure 5-9 Sa mple Pa ssthrough T a bles 10. Click OK . NOTE If you dis able Home Page Redirec tion, your subscrib ers will be auto matically redirecte d to the p age they originall y requested (following succes sful authe ntication ).
117 Public Space Parameters Figure 5-10 H PR (with Parameter Passing) 15. Click OK . 16. Click Comman ds > R eboot . 17. Click OK to r eboot the AP so y our changes will t ake ef fect. 18. T e st the Portal Page feature by t urning on a w ireless com puter and launch ing its Web browser .
118 Public Space Parameters Figure 5-1 1 AP Co mmun icatin g with Ho tspot A ggrega tor The follow ing steps descr ibe how you should co nfigure t he AP-2500 if you are partner ed with a ho tspot aggrega tor: 1. Follow the ins tallation steps des cribed in In ter nal A uth en tica tio n and Internal Authentication wit h RADIUS .
119 Public Space Parameters Figure 5-12 A AA Int ernal Se ttings if Ena bling Sm art Clien t 3. Click OK to s ave the settin gs. 4. Reboot the AP . User Name & New Subscribers The User Name and N .
120 Public Space Parameters Figure 5-13 Sa mple Lo gin Screen Presented to Subscrib ers Sample sce narios include: • If you are re nting car ds to cust omers, disa ble User Name and New Sub scriber s . Only cards whose MAC address es are enter ed in the Aut horized S ubscriber T able w ill have acces s to the Int ernet.
121 Public Space Parameters 13. AP adds c ustomer to its Author ized Subscr iber s T able for th e period of time purch ased by th e customer ; the AP also add s the cust omer to the C urrent Sub scribers T able . 14. AP redirec ts customer to home page or to page sp ecified by the Home Pa ge Redirect ion featu re.
122 Public Space Parameters NOTE If you wan t the AP to send copies of cre dit card tran sactions to a mirrori ng server , see Credi t Card Mirroring for inst ructio ns.
123 Public Space Parameters Enabling Bill Mirroring Follow the se steps the enable bill mirr oring: 1. Login to th e AP’s Web browser inte rface. 2. Click Subscriber > Billing > Mirrori ng . Figure 5-14 Credit Ca rd Mirroring Screen 3. Place a ch eck mark in the Enab le Mi rro rin g box.
124 Public Space Parameters 9. Enter the f ollowing settings for the primary server , secon dary serv er (if any), and carbon copy serve r that will receive bi lling records from the AP: • IP: Enter the se rver ’s IP addre ss in the fiel d provided.
125 Public Space Parameters Example of a Positive Ack nowle dgment: <AP COMMAND=”RMTLOG_ACK”> <ACK_V ALUE>OK</ACK _V ALUE> <IP_ADDR>205.
126 Public Space Parameters Conf igurati on Instr uctions Follow the se steps to en able the AP ’s syslog features : 1. Login to th e AP’s Web browser inte rface. 2. Click PublicSp ace > Logging . 3. Place a ch eck mark in the Syst em L og box to enab le the logg ing of syst em mess age.
127 Public Space Parameters Sample Logging Events • AAA Mess ages – Cr edit Card • AAA Mess ages – Int ernal Web Server – Us er Name Lo gin • AAA Messages – RADIUS • AAA Mess ages – .
128 Public Space Parameters AAA Mess ages – XML Bill M irror DHCP Messag e Mea ning USG_AAA: 4007 AAA_Interface added_by_administrator 00:50:0 4:29:3 7:56 Exp_ time:24 hr s 0 min User ad ded USG_AAA.
129 Public Space Parameters DNS Home Page Redir ect Mess age Mean ing USG_DNS:ndxDNSRedirectionTable::pro cessFromNetwork(): could not get su bid This syslog su ggests that the AP cou ld not g et the subscriber associate d with a p articula r DNS redir ection request.
130 Public Space Parameters Other AAA Messages Reboot R equests Messag e Mea ning AAA: 4121 AAA_lookup Tried to add bl acklisted IP 210.155 .227.2 44 or MAC 00:50:E 8:00: 07:99 Attempting t o add a bla cklisted IP to subscriber table. IP is 'bl ackli sted' when its on e of t he IPs known t o not belong to a subscriber (i.
131 Public Space Parameters URL Filtering The AP-250 0 can rest rict acces s to specif ied web site s based on URLs. U RL filterin g will block acc ess to these list of sites and/ or doma ins. Y ou ca n restric t access to sp ecific Web site s based on I P address , DNS n ame (for ex ample www .
132 Public Space Parameters URL Filtering by IP Address 1. Login to th e AP’s Web browser inte rface. 2. Click PublicSp ace > URLFilter . 3. Place a ch eck mark in the Enab le U RL Filt eri ng bo x. 4. Click the Ad d button abov e the URL Filtering by IP Address heading.
133 Public Space Parameters ICC Appearance The I CC sc reen cont ains the follo win g ite ms: •T i t l e B a r — Appe ars at the to p of the scre en near th e Web browser name. • Ad Banner — Y ou can specify up to 5 different bann ers that sha re this space.
134 Public Space Parameters Figure 5-19 ICC Scree n -- Credit C ard Authentica ted by RADIUS If a subscri ber has been authenti cated by a RADIUS serve r (if using In ternal authenticati on with RADIUS), the ICC includes a L ogout button so cu stomers can end their s ession.
135 Public Space Parameters Figure 5-21 ICC Set up Screen 9. Place a ch eck mark in the Enab le IC C box. 10. Ente r the Titl e for the ICC. • This is the n ame that ap pears at the top of the ICC next to the Web browse r name. 1 1. Co nfigure the I C C on subscri ber session cl ose option .
136 Public Space Parameters 12. Conf igure the ISP Log o Button setti ngs. • Enter the Nam e or Ti tle of th e ISP Button in the I SP Logo Butto n’s Na me /T ext field. — This i s the text that will appear in the text bar at the bottom of the ICC when a subs criber ro lls over the icon wi th his/her m ouse cur sor .
137 Public Space Parameters • Configu re the optiona l bann er Start Time and Stop Ti me . — The St art Time is in hh:mm AM/PM format an d deter mines w hen th e banner will b e display ed on the IC C. After the start tim e elapses, the banner app ears in the I CC for the spec ified Bann er Dur ation along w ith the other enabled banners.
138 Public Space Parameters Follow the se steps to enabl e SMTP Redi rection : 1. Login to th e AP’s Web browser inte rface. 2. Click PublicSp ace > SMTP . 3. If you wan t all outgoin g mail traffic redire cted to the sp ecified se rver , enable both the Miscon figured a nd Prope rly Configured options.
139 Public Space Parameters The DNS an d IP Addres s tables can hold up to 50 entrie s each. The AAA port option s upports only pass through por t. • Passthrou gh DN S T able • Passthrou gh IP T a ble • Passthrou gh AAA Port Figure 5-24 IP/D NS Passth rough T ab le Passthr ough DNS T able 1.
140 Public Space Parameters Passthr ough IP T able 1. Login to th e AP’s Web browser inte rface. 2. Click PublicSp ace > Passthrough > IP/DNS . 3. Place a ch eck mark in the Enable P assthrough Address box. 4. Click the Ad d button bel ow the Passthr ough IP Table heading.
141 Public Space Parameters 4. Enter the sp eed of the con nectio n between the AP and the Ethernet ne twork in the Band widt h u plink (to network) speed field (in Kb ps). 5. Enter the sp eed of the con nectio n between the AP and the wireless cl ients in the Bandw id th downlink (to subsc ribers) speed field (in Kbps).
142 Public Space Parameters Billing Options for Subscribers The Web browse r interface ’s Subscriber butto n links to thre e screens that allow you to confi gure Subsc riber billing plans ( Billing tab), login an d error mes sages ( Mes sages tab), and the Au thorized Subs cribers database ( Authorized tab).
143 Public Space Parameters Figure 5-27 Defa ult New U ser Screen that Appear s to Subsc ribers • Edit the Introduction M essage . — The d efault Intr oduction Message is “Please C hoose from the follow ing plans .” • Edit the Offer Messa ge .
144 Public Space Parameters 7. Click OK . 8. Click the Plan 0 ta b . 9. Config ure the setti ngs for billin g plan 0. • Place a check ma rk in the Ena ble P lan box to make the plan ac tive. It will appear as an opti on in the New User screen pres ented to subscribe rs.
145 Public Space Parameters Creating a Fr ee Billing Pl an Unde r som e cir cumst anc es yo u may w ant t o of fer free Inte rnet acce ss to y our subsc ribe rs. For ex ample , you might offer a low bandw idth connec tion for free bu t charge f or faster connection s.
146 Public Space Parameters Figure 5-30 Subscr iber s Can Sele ct a Plan th at Off ers Free Int ernet Acc ess Subs crib er Me ssag es The Web browse r interface ’s Subscriber butto n links to thre e.
147 Public Space Parameters Figure 5-31 Su bscribe r Login M essage s 3. Edit the logi n messa ges as nece ssary . • Service S election Messag e • Existing Use r Name Mess age — Appe ars on the main login sc reen wh en the User N ame opt ion i s en able d in PublicSp ace > AAA > Internal .
148 Public Space Parameters Figure 5-32 Sa mple Lo gin Screen Presented to Subscrib ers 4. JavaScr ipt suppor t on the AP’s internal Web pages are ena bled by defau lt. Remo ve the chec k mark from the Enable Ja vaScrip t to disable th is feature. 5.
149 Public Space Parameters Figure 5-33 Su bscr iber Me ssages Screen 12. Click t he Sub Msgs 2 ta b. 13. Edit th e subscrib er messa ges as ne cessa ry .
150 Public Space Parameters 16. Edit th e subscrib er messa ges as ne cessa ry . • Thank you for you r busines s • We are verifying y our account. P lease wait — This messag e app ears if RADIU S is en abled. T he AP displays this page whi le it wa it for an authe ntication response from t he RADIUS server .
151 Public Space Parameters 4. Edit the Reme mber M e Message . • This me ssage appe ars on the login scree n to let the user know th at his/he r user name a nd passwor d can be stor ed for fu ture lo gi n at tem pts. • The defau lt messag e is “Remem ber my usernam e and password .
152 Public Space Parameters Figure 5-35 Lo gin Screen wi th Custo m Logo Follow the se steps to add you r own partner im age and log o to the AP: 1. Create the image files that you want to add to the l ogin pages. Kee p in mind th e following: • The file s hould in JPG or a GIF f ormat.
153 Public Space Parameters Authorized Subscr ibers The AP-250 0 stores information about subs cribers in t he Author ized Subs cribers T a ble. Y ou ca n view the table by clicking Subscriber > Autho ri zed withi n the Web brows er interfac e.
154 Public Space Parameters • Custom fields for inter nal use (User Alias 1 or User Alias 2) • Upstream and Downs tream ban dwidth setting s •S t a t u s — Shou ld be Active at all t imes. — Chan ge to Destroy to delete an entry . — The other opti ons are no t ap plic able when u sing the W eb br owse r int erf ace.
155 Public Space Parameters 5. If authori zing a user bas ed on MA C address (in other wor ds, the PublicSpace > AAA > Internal > Enable User Name option is disa bled), ent er the MAC addres s of the subsc riber ’s wireles s card in the field prov ided.
156 ORiNOCO AP-2500 User Guide 6 Monitor Informat ion In This Chapter This chap ter describe s the statisti cs that can be viewed usi ng the Acc ess Point’s Web brows er interfac e (that is, th e options ac cessibl e after clicking the Statu s or Monitor button).
157 Monitor In formatio n Syst em Stat us Syst em Stat us is the first screen to appear eac h time you c onnect to th e Web browser interface. Y o u can also r eturn to t his screen b y cl ickin g the Stat us button .
158 Monitor In formatio n Ve r s i o n From the Web br owser inte rface, clic k the Monitor button and sele ct the Ve r s i o n t ab. The l ist displaye d provides you wit h inf ormat ion that may be pert inen t whe n call ing T echni cal S uppor t.
159 Monitor In formatio n ICMP This tab provide s statistical inf ormation fo r both recei ved and tran smitte d messag es directed t o the Acces s Point. For example, if you ping the AP from ano ther comp uter , the AP rep orts the ping requ ests (Echos ) and replies ( Echo Rep ly) on this scr een (as sho wn in the ex ample bel ow).
160 Monitor In formatio n IP/ARP T able This tab provide s informat ion based on the Address Resol ution Protoc ol (ARP), w hich maps IP Addr esses to MAC Ad dresses. Th e AP adds an ent ry to this list for ea ch station with wh ich the AP direc tly commun icates.
161 Monitor In formatio n Lear n T able This tab display s inform ation relat ing to netwo rk bridging. It reports the MAC addres s for each node that the AP has learned is on the netw ork and the i nterface on which the node was detected. There can be up to 2,000 entries in the Learn T able.
162 Monitor In formatio n Current Subscribers T able This table lists all of the active subscrib ers tha t are co mmun icating with the A P . (See A uthori zed Subsc ribers T able and the Curr ent Subs cribers T able for an explan ation of ho w this table di ffers from the A uthorized Subsc ribers T able.
163 Monitor In formatio n A subscribe r is remov ed from th e Current Subscriber s T abl e under the f ollowing circumstan ces: • The netw ork admi nistrator ch anges the subsc riber ’s St atus from Active to Destroy . • The sub scriber ha s logged ou t (applicabl e to RAD IUS-aut henticat ed users an d RADIUS Profile Caching is disabled) .
164 Monitor In formatio n Interfaces This tab disp lays statistic s for the Ethe rnet and wireless int erfaces. The Ope rational St atu s can be up, do wn, or testing.
165 Monitor In formatio n Link T est (802.11b Only) Thi s tab di spla ys inf ormat ion on t he qual ity of the wir eless l ink to client s and other 80 2.1 1b APs in the Wi rele ss Distribu tion System . During a Link T est, t he Acces s Point and the selec ted devi ce exch ange a series of pack ets to test the streng th of the con nectio n.
166 Monitor In formatio n • No ise (d Bm ): The str ength of the no ise detecte d at the receive r reported in dB m (decibe ls reference d to 1 milliwatt). The displayed v alue is the r unning average si nce the start of the test a nd is report ed as a nega tive num ber .
167 ORiNOCO AP-2500 User Guide 7 Comman ds In This Chapter This ch apter d escribes the com mands that ca n be is sued usi ng the A ccess P oint’s Web bro wser interface ( that is, t he options ac cessibl e after clicking the Commands button). • Download: Download fi les from a TFTP server to th e Access Point.
168 Commands File T ype Overview For Downloads, the Fil e T ype parameter supports four opt ions: Conf ig, Img, Bs pBl, and Gener ic. For Upl oads, File Ty p e supports two option s: Confi g and Gen eric.
169 Commands Upl oad Use the Upload tab to upl oad C onfiguration and i mage files from the AP-2500 to the TFTP server. NOTE The Download and Upload c omma nds are fro m the A P’s perspective . In other word s, to send f iles to th e AP , use the Dow nload command; to obtain files from t he AP , use the U pload com mand.
170 Commands Reboot Use t he Reboot tab to save co nfigurat ion chan ges (if any) and reset the AP-2500. Entering a va lue of 0 (zero ) causes an immed iate reboo t.
171 Commands Figur e 7-4 Reset to Fact ory Defa ults Comman d Scr een Hel p Lin k T o o pen Help , c lick the Help button on any di splay scr een. During ini tializatio n, the Acces s Point’s on-line he lp files are do wnloade d to the defau lt locatio n: C:Program FilesORiNOCOAP2500HTMLin dex.
172 ORiNOCO AP-2500 User Guide 8 T roublesho oting In This Chapter • Tr oubl eshoot ing Conce pts • Symptoms and Solutions • Connec tivity Issues • AP-2500 Unit Will Not Boot - No LED Activi t.
173 T roublesh ooting NOTE This section hel ps you locate prob lems related to the AP-2500 devi ce setup. For details ab out RADIUS , TFTP , Serial c ommun ications p rogram (such as H yperT er minal) , T eln et appli cations or web brows ers, p lease ref er to their respec tive doc umentation.
174 T roublesh ooting Ethernet Link Does Not Work 1. Double- check th e physica l networ k connect ions. Use a kn own-g ood unit to make sure the netwo rk connec tion is present. Once you have the AP-25 00 IP Add ress, you ca n use the “Pi ng” comm and ov er Ethernet to test the IP Addres s.
175 T roublesh ooting HTML Help Files Do Not Appear 1. V erify that th e HTML He lp files are installed in the defau lt directo ry listed in the Help Link scre en. 2. If the Help files are not located in this f older , contact you r networ k adminis trator to find out where t he Help files ar e located on your se rver .
176 T roublesh ooting VLAN Operation Issues V erifying Proper Operat ion of the VLAN Feature The corr ect VLAN con figuratio n can be ve rified by “ping ing” both w ired and w ireless hosts from both s ides of the AP-2500 de vice and the network s witch.
177 T roublesh ooting Recovery Procedur es The most co mmon i nstallation pro blems relat e to IP Addres sing. Fo r example , without the TFTP server IP address, you will not be able to down load an AP Im age to the AP -2500. IP Ad dress m anageme nt is fundam ental.
178 T roublesh ooting Download Proce dur e Follow the se steps to us e ScanT ool to down load a softwar e image to an Access P oint with a miss ing image : 1. Downl oad the late st software fro m http://www .proxim.com/ . 2. Copy the la test softwar e updates to your TFTP server .
179 T roublesh ooting 4. Open yo ur terminal emulatio n program (like Hype rT erm inal) and s et the followin g conne ction prop erties: • Com Port: < COM1, C OM2, etc. , depending on your com puter > • Baud rate : 9600 • Data Bits: 8 • S top bits: 1 • Flow Contro l: None • Parity: None 5.
180 T roublesh ooting Setting IP Address using Serial Port and Normal CLI Use the followi ng proce dure t o set an IP Addr ess ove r the s erial po rt using the nor mal C LI. The ne twork a dminist rator typ icall y pr ovid es the AP-2 500 IP Addr ess.
181 T roublesh ooting 6. Chang e the IP Addr ess and ot her netwo rk values us ing set an d reboot CLI com mand s, similar to the exampl e dialog bel ow (use yo ur own IP Address an d IP Mask ). Result: After ea ch entry the CLI remind s you to re boot; howev er wait to reboo t until all com mands have bee n entered.
182 T roublesh ooting Image Alarms Standard MIB-II (RFC 1213) Alarms AAA Alarms Ther e ar e two ente rpris e tr aps sent f rom t he P ublic S p ace fu nct ions: Related Applications RADIUS Server If you hav e confi gured the AP ’s RADIUS s ettings, make s ure your ne twork’s RADI US ser ver is confi gured an d running.
183 T roublesh ooting LED Indicator s POWER ETHERNET PC CARD A PC CARD B INIDICAT ION Gre en Green flash with data activi ty Green fl ash with data activi ty Green fl ash with data a ctivity Norm al O.
184 ORiNOCO AP-2500 User Guide A Using the Command Line Interface In This Chapter This section provide s details for the Com mand Line (CLI) Interf ace used to m anage an AP- 2500 devi ce. CLI comm ands can be u sed to initia lize, configu re, and man age netw ork operat ion of the Ac cess Poin t.
185 Using the Command Line Inte rface Prer equisite Skills and Knowledge T o use t his docum ent effectively , you shoul d have a wo rking know ledge of Lo cal Area Ne tworking ( LAN) conce pts, network access in frastruc tures, and client-s erver rel ationships.
186 Using the Command Line Inte rface CLI Erro r Messages The follow ing table desc ribes the er ror messa ges assoc iated wi th improper inputs or expec ted CLI be havior . Command Line Interface (CLI) V ariations Adminis trators use the C LI to cont rol Access Po int operation an d mon itor network statistics.
187 Using the Command Line Inte rface The follow ing lists display the results of us ing the help and show commands i n the Bootload er CLI: [Devic eNam e]> help <CR> Figur e A -1 Resul ts of.
188 Using the Command Line Inte rface ? (List Commands) This co mmand has var ied uses to display comma nds a nd paramete rs, dep ending o n the op eration in which it i s used. The follow ing table lists each op eration an d provides a b asic exam ple.
189 Using the Command Line Inte rface Figure A-4 R esult of “set ?” C LI comm and Example 3b. Display parameters b ased on letter s equence This ex ample s hows e ntries for paramete rs that start with the lette r “i”. Th e more letters y ou en ter , the fe wer the results ret urne d.
190 Using the Command Line Inte rface After entering one paramete r , you may a dd anothe r " ? " to the new CLI line see the next param eter prompt , and so on unt il you en ter al l par amet ers. The fol lowi ng examp le sho ws how thi s is us ed for the "dow nload" Comma nd.
191 Using the Command Line Inte rface Figu re A-7 Re sults o f “hel p<spa ce>” CLI com man d 2. Compl ete com mand descr iption a nd com mand usage can b e prov ided b y: [Devic e Name ]> he lp <co mman d name > [Devic e Name ]> <comman d name> he lp history Shows co ntent of Com mand History Buffer .
192 Using the Command Line Inte rface search Lists the memb ers of the spe cified table. T his list corres ponds to the table informati on displaye d in the HTTP Interface . In this exa mple, the CLI returns th e same table item s that are di splayed in the HTTP Inter face’s IP Acces s T able.
193 Using the Command Line Inte rface Parameter Control Commands The follow ing sect ions cover e ach CLI Co mman d, and include severa l tables showing parameter pr operties . The two Parame ter Con trol Com mands a re sh ow and set. Thes e allo w you to view (sh ow) all parameter s and stati stics, and to change (s et) parameter s.
194 Using the Command Line Inte rface NOTE Some tables us e a different syntax. S ee Working wi th T ables for detail s. Example 4 - Enable, Disable , or Delete a table entry or row In t his examp le you woul d li ke to mana ge the seco nd t able row/ ent ry .
195 Using the Command Line Inte rface Example 6 - Show Individu al and T able Parameters 1. View a single parameter Syntax: [Devic e Name ]> show <par ameter name> Example: [Devic e Name ]> show ipad dr Result: Displays the Access Point IP Address.
196 Using the Command Line Inte rface •D e l e t i o n – Th e ta ble nam e is requ ired . – Th e ta ble ind ex is re quir ed – for t able dele tion th e inde x should be the i ndex of the entr y to be de leted . – The reser ved wor d delete or de stroy is requ ired.
197 Using the Command Line Inte rface Configuri ng Objects that Requir e Reboot Certain obje cts supported by the AP req uire the dev ice to be reb ooted in ord er for the ch anges to take effect.
198 Using the Command Line Inte rface Configuring the AP-2500 Unit using CLI commands Log Into the AP-2500 Unit using HyperT erminal 1. Launc h Hyper T ermi nal from the Sta rt > Pr ogram s menu. Open an ex isting connec tion or cre ate a new one with the following settings: • Com Port: <CO M1, CO M2, etc.
199 Using the Command Line Inte rface Figure A-1 1 Result of “show syste m” CLI Command Set Static IP Addr ess for the AP-2500 devic e [Devic e Name ]> se t ipaddr type static [Devic e Name ]> se t ipad dr < fixed IP a ddress of unit> [Devic e Name ]> se t ipsubm ask <I P Mask (de fault = 255.
200 Using the Command Line Inte rface Figure A-12 Results of “show wi f” CLI command Set WEP Encryption for each Wir eless Interf ace – 3 = wireless card in Slot A – 4 = wireless card in Slot B CAUTION ! Client station s must have t he sam e encry ption key to be able to c ommun icate w ith the AP-2500 device.
201 Using the Command Line Inte rface For the wireless car d in Slot B Y ou ca n set up to fou r encr yption k eys. Th is exa mple describes setting encry ption Key 2 on t he wir eless card in Slot B.
202 Using the Command Line Inte rface Change your Wireless Interface Settings Enable/Disable Interf erence Robustness – 3 = wireless card in Slot A – 4 = wireless card in Slot B [Devic e Name ]> se t wif <3 or 4> interr obust <e nable/ disabl e> Thi s feat ure is on ly ava ilab le for 80 2.
203 Using the Command Line Inte rface NOTE The distance betw een APs sh ould not be appr oximate d. It is calculated by m eans of a manua l Site Survey , in which an AP- 2500 uni t is set up and clie nts are tested throughout the area to determin e signal stren gth and coverag e, and local limits such as phys ical inter ference are investig ated.
204 Using the Command Line Inte rface Configure Management Ports [Devic e Name ]> se t snmpif bitm ask <0, 1, 4, 8, 15 (see below) > [Devic e Name ]> se t httpif bitm ask <0, 1, 4, 8, 1.
205 Using the Command Line Inte rface Par ame ter T a ble s Objects con tain groups that co ntain both paramet ers and param eter tables. Use the followi ng T ab les to co nfigure the A ccess Po int.
206 Using the Command Line Inte rface • Passthrou gh Pa rameters - S pecify free content or walled garde n sites for unauthen ticated u sers • Passthrough IP T able • Passthrou gh DNS T able •.
207 Using the Command Line Inte rface Inv ent ory M ana gem en t Info rma tion NOTE The i nvent ory man agemen t comm ands dis play advanc ed inf ormat ion ab out th e AP’ s inst alle d comp onent s. Y o u may be as ked to rep ort this infor mation t o a technical re presentati ve if you contact customer support.
208 Using the Command Line Inte rface DHCP Server Parameters DNS Parameters Name T ype V alues Access CLI Parameter DHCP Group N/A R dhcp DHCP Service Integer disab le (0) enable (1) RW/R eboot dhcpDi.
209 Using the Command Line Inte rface VLAN Parameters VLAN ID T able Interface Par ameters Since the AP- 2500 devi ces suppo rt two PC Car d slots, we differenti ate the two wi reless inter faces by u.
210 Using the Command Line Inte rface NOTE There is an in ter-depe ndent relat ionship between th e Distance bet ween APs an d the Mult icast Rate . In gene ral, larg er syst ems oper ate a l ower av erage trans mit ra tes. Wir eless Distributio n System (WDS) Parameters NOTE These param eters onl y apply to 802 .
211 Using the Command Line Inte rface Wireless 802.11a Parameters NOTE For 802.1 1a cards i n Europe, Aut o Channe l Select is a re ad-only param eter; it is alw ays enabled .
212 Using the Command Line Inte rface Ethernet Interface Parameters Management Parameters IP Access T able Parameters When cr eating table en tries, yo u may eith er speci fy the argu ment nam e followed by argum ent valu e or simply e ntering the argu ment valu e.
213 Using the Command Line Inte rface SNMP Parameters SNMP T able Host T able Parameters When c rea ting tabl e en tries , yo u may e ithe r sp ecify ing the ar gume nt nam e fol lowe d by a rgume nt val ue. CLI ap plie s default va lues to the omitt ed argum ents.
214 Using the Command Line Inte rface Serial Port Parameters HTTP (web browser) Parameter s TF TP Server Parameters These param eters relat e to upload a nd downl oad com mands. When a user execute s an upload an d/or down load Comma nd, the sp ecified argum ents are stored in TFTP parameter s for future us e.
215 Using the Command Line Inte rface NTP Parameters Name T ype V a lues Access CL I Parameter SNTP Group N/A R sntp SNTP On Integer enable (1) disable ( 2) RW oriSNTPStatus Primary SNTP Server IP Dis.
216 Using the Command Line Inte rface Security Parameters NOTE The Secu rity group is not currently i mpleme nted in the AP-25 00. RADIUS Server Parameters Day Integer32 (1..31) User Defined RW oriSNTPDay Hour Intege r32 (0..23) User Defined RW oriSNTPHour Minute s Integer32 (0.
217 Using the Command Line Inte rface Primary RADIUS Acct Server Secret Key Displ ayString Size(0. .130) User Defined RW a aaRadiu sAcctSrv1S ec Primary RADIUS Acct Server DNS Name Displ ayString Size(0.
218 Using the Command Line Inte rface Encryption Parameters The follow ing table details the WE P encry ption paramet ers for the A P-2500. T his informat ion applie s to both the 802.
219 Using the Command Line Inte rface AAA Parameters The Authe ntication, Aut horizat ion and Accoun ting (A AA) module enables sol ution prov ider to provisi on, track, and bill new or ret urning subs cribers. These paramet ers are s hown in the following tables .
220 Using the Command Line Inte rface AAA Inter nal Authorization Par ameters Logging Parameters Name T ype V alu es Access CLI Parameter AAA Intern al Authorization Group N/A R aaaIntern alAuth SSL Support Integer di sable (0) enable (1) RW/R eboot aaaSslOn SSL Host Name DisplayS tring Size(0.
221 Using the Command Line Inte rface URL Filtering Paramet ers URL Filt erin g IP T abl e URL Filtering DNS T able Name T ype V alu es Acce ss CL I Parame ter URL Filtering Group N/A R urlFiltering U.
222 Using the Command Line Inte rface ICC (Inf ormation Cont rol C onsole) Paramete rs ICC Button Configuration The follo wing table is for ICC Bu tton 2. The s ame parameters ap ply to but ton 3 thro ugh 9 (sim ply ch ange the 2 in each comma nd to a di ff eren t butto n numb er).
223 Using the Command Line Inte rface ICC Banner Configuration The follow ing table is for ICC Ban ner 1. The same paramet ers apply t o banners 2 through 5 (sim ply cha nge the 1 in each com mand to a different button number ).
224 Using the Command Line Inte rface Passthr ough IP T able Passthr ough DNS T able AAA Passthrough Port See Basic AAA Parame ters . Bandwidth Management Parameters System adm inistrat ors can m anage th e bandwidth for subscribe rs, defin ed in Kbps (Kilobits per sec ond) for both upstream and downst ream data tran smiss ions.
225 Using the Command Line Inte rface Billing Parameters Billing Mirr oring Parameters Name T ype V alu es Access CL I Para meter AAA Billing Option Gro up N/A R aaaBillingOption Intro Mess age Dis playSt ring Size(0..1 40) User Defined RW aaaBilloptIn troMsg Offer Mess age DisplayS tring Size(0.
226 Using the Command Line Inte rface Billing Plans Configurat ion The following ta ble is for Billing Plan 0. The same p arameters apply to Billi ng Plans 1 through 5 (simply change the 0 in each com mand to a different billing pl an numbe r). Carbon Copy Ser ver URL One Displa yString Size(1.
227 Using the Command Line Inte rface Subscriber Messages Paramet ers Rate per M onth DisplayStri ng Size(0..3 2) User Defined RW aaaBillingPlanMonth0 Uplink Bandwidth Int eger 0.
228 Using the Command Line Inte rface ISP Challenge Displ ayStri ng Size(0..2 18) User Defined RW aaaE rrorISP Challe nge Value Ou t of Rang e DisplayStri ng Size(0..2 18) User Defined RW aaaErr orMi nMaxVa lues No Billing Options Di splayS tring Size(0.
229 Using the Command Line Inte rface Authorized Subscribers T able RADIUS Create Message Displa yString Size(0..2 18) User Defined RW aaaM essage RadiusCre ate RADIUS Login Message Displa yString Size(0..2 18) User Defined RW aaaM essage RadiusLo gin Request Failed Message Displa yString Size(0.
230 Using the Command Line Inte rface Curren t Subscribers T able Subscriber Download Bandwidth Integer User D efi ned RW authSubBwDown Credit Card Confirmation Number Displ ayString N/A R authSub Con.
231 Using the Command Line Inte rface Miscellaneous Parameter s CLI Monitoring Parameters Using th e “show” co mmand w ith the followi ng table paramete rs will display operating statistics for the AP-2500 (these are the sa me statistics t hat are desc ribed in Monitor Informatio n for th e H TT P Web in terf ace ).
232 ORiNOCO AP-2500 User Guide B XML Interface Specification This speci fication des cribes the AP- 2500’s XML Inter face. Befo re reviewing this specifica tion, note th e following: • This spe cification refer s to sample HTML files written in Jav aScript that illus trate the XML comma nds (they build an XM L object tha t is sent to the AP) .
233 XML Interface Specificat ion URL GET A networ k devi ce can s end c ommands to the AP via a query string appended to a U RL line (GET m ethod). The query string is the string of char acter s follow ing the ques tion ma rk (?) at th e end o f the URL.
234 XML Interface Specificat ion XML Response Form Format In response t o a command, t he AP returns an XML form in the follo wing format: <USG RESUL T="(RESUL TCOD E)" ID="(UI)".
235 XML Interface Specificat ion AP Command Refer ence Add/Update User Sample file n ame: UserAdd.htm The specified user has b een authorized for access and will be added to the AP’s Aut horized Subscribers T able.
236 XML Interface Specificat ion Bandwidt h Up Set the bandw idth up for an au thorized u ser . Command: " SET_BANDWIDTH_UP " Comma nd attr: " SUBSCRIBER " Comma nd attr_da ta: U ser MA C address (string) tag_1: " BANDWIDTH_UP " data_1: (nu mber mea sured in Kb ps (i.
237 XML Interface Specificat ion Query User Sample file n ame: UserQuery .htm The c urre nt Us er d ata is re turn ed. Command: " USER_QUER Y " tag_1: " USER " tag_1_attr: " I.
238 XML Interface Specificat ion Commands For Ref erenc e Only The follow ing com mands are i ncluded for reference purposes only . They are no t currently s upporte d by the AP- 2500.
239 XML Interface Specificat ion User Payment User's au thorization a nd payment is requ ested. PMS is not suppo rted by the AP a t this time. Command: " USER_P A Y MENT " Comma nd attr.
240 XML Interface Specificat ion Exte r nal Aut hen ticat ion Pr oce dur e (Deta iled) Whenever a subsc riber tries to a ccess the Intern et, it must p ass through th e AP . The AP tracks all packet s flowing throug h it by the sourc e MAC ad dress of the packet, which un iquely identifies th e wireless card that th e subscribe r is using.
241 XML Interface Specificat ion Sample XML C ommunicatio ns with the AP The follow ing is an exam ple of the comman ds to set acce ss for a ne w subscr iber with the followin g attribute s: User Name: jo hndoe MAC ad dress: 0050 da554 787 NOTE The followin g exam ples contain C RLFs and spaci ng for display clarity onl y .
242 ORiNOCO AP-2500 User Guide C Cr edit Card Interface Specification A key paymen t feature of the AP -2500 is d irect Credit Car d billing. The AP s upports sever al credit card se rvice companie s by defau lt (see Credit Card Servi ces ).
243 Credit Card Interfa ce Specificat ion 8. Merch ant ID 9. Amount 10. URL to post silent reply 1 1. This field must be i n the form and set to a value of TRUE to t ell the system that it will be doin g an ADC Relay Respo nse tr ansactio n. 12. Se nding t his fiel d guar antees that t he defa ult P ayment Form w ill sho w up for the use r .
244 ORiNOCO AP-2500 User Guide D ASCII Charac ter Chart Y ou can co nfigure WEP En cryption Keys in eithe r Hexadecim al or ASCII format. Hexa decimal digits are 0-9 and A-F (not case sen sitive). ASC II charact ers are 0-9, A -F , a-f (case se nsitive) , and punctua tion marks.
245 ORiNOCO AP-2500 User Guide E Specifications In This Chapter • Hardware S pecifications • Radio S p ecifications – 802.1 1b Channel Frequenc ies – 802.1 1a Channel Frequenc ies – Wireles s Commu nication Range Har dware Specifications Physical Specific ations AP-2500 Unit Dimens ions (H x W x L) = 6.
246 Specifications Ethernet Interface 10/100 Ba se-T , RJ-45 female so cket PCMCIA Interface PC Card Slot (A & B) = S t andard PC Car d slot for PC Card Serial Port Inter face Connec tor Type = DB.
247 Specifications Radio Specifications 802.1 1a rad io certif ication i s not availab le in a ll co untries. C ontact y our sal es re presentati ve for details. 802.1 1b radio certif ication is av ailable in the US/Cana da (FCC) , Japan (VCCI ), Europe (ET SI), and F rance.
248 Specifications Wire less Communication Range The rang e of the wireless signal is related to the com position o f objec ts in the radi o wave path, and the transmit rate of the wirel ess comm unication . Com municat ions at a lowe r transmit range ma y travel longe r distances.
249 ORiNOCO AP-2500 User Guide F T echni cal Support If you are hav ing a probl em using an AP- 2500 and ca nnot res olve it with the i nformati on in T rou bleshoo ting , gather the followi ng informat ion and co ntact your local authoriz ed reselle r .
250 T echnical Support For the Caribbean and Latin America: Phone: 1-866-ORiNOCO (1-866-674-662 6) 1-661- 367-22 30 E-mail: CALAsuppo rt@orinocow ireless.
Een belangrijk punt na aankoop van elk apparaat Proxim ORiNOCO AP-2500 (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen Proxim ORiNOCO AP-2500 heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens Proxim ORiNOCO AP-2500 vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding Proxim ORiNOCO AP-2500 leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over Proxim ORiNOCO AP-2500 krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van Proxim ORiNOCO AP-2500 bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de Proxim ORiNOCO AP-2500 kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met Proxim ORiNOCO AP-2500 . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.