Motorola | User manual | AP-51XX v2.3.4.0-008R – Release Notes
Add to my manuals10 Pages
Motorola AP-51XX is a wireless access point designed for small offices and retail outlets, providing secure broadband access to mobile users. It integrates a router, DHCP server, firewall, VPN endpoint, QoS engine, and AAA server with Hotspot Gateway for security and public access management. With self-assembling, self-healing Mesh Networking architecture, it extends wireless network reach via wireless communication between access points.
advertisement
▼
Scroll to page 2
of 10
AP-51XX v2.3.4.0-008R – Release Notes AP-51XX v2.3.4.0-008R – Release Notes Introduction New Features AP-51XX Hardware/ Software Compatibility Matrix AP-51XX Default Configurations Firmware Update Resetting the AP-51XX Password AP-51XX MAC Addresses Known Issues & Recommendations Fixes Introduction – AP-5131 Indoor AP & AP-5181 Outdoor AP Designed to address the wireless and wired connectivity needs of the small office or retail outlet, the AP-5131 provides a single-box solution which integrates all services required to extend secure broadband access to mobile users. With the ability to connect local users to a remote private network via a secured IPSec link, the AP5131 is ideal for deployment in branch offices or at telecommuter sites for enterprise-class WLAN performance and secure connectivity of wired clients. The AP5131 integrates a Router and DHCP Server for local LAN connectivity; a configurable stateful inspection firewall for LAN isolation; a VPN endpoint for secure backhaul connectivity; a QoS Engine for superior performance of real time video and voice applications; and a AAA server with Hotspot Gateway for security and public access management. With v1.1 or newer, the AP-5131 offers a self-assembling, self-healing Mesh Networking architecture designed to extend the reach of the wireless network via wireless communication between Access Points. This Maintenance Release is based on 2.3.0.0. V2.3.4.0 includes fixes for certain defects that have been reported by customers and/or found internally. Customers are only entitled to convert to this release of the software if they have a valid Motorola service agreement or are covered under warranty. Customers who currently have a support contract in place will be able to download the software from a protected Web site (this requires registering and requesting the software, as well as verifying the service contract). Customers who do not have a support agreement will be provided options to purchase a Motorola service contract. New Features in version 2.3.4.0-008R Apache web server in AP is upgraded in this release. Following new features are included in this Release. These features are available only from CLI. 1. EAP throttling Ability to limit the number of wireless clients doing simultaneous 802.1x EAP authentications. admin(network.wireless)>set max-eap-connections <5-100> Page 1 5/6/2013 AP-51XX v2.3.4.0-008R – Release Notes admin(network.wireless)>set radio-eap-throttle mode <enable/disable> admin(network.wireless)>set radio-eap-throttle clear-threshold <1-100> admin(network.wireless)>set radio-eap-throttle timeout <1-3600> Default values are max-eap-connections – 10, radio-eap-throttle mode disabled, radio-eap-throttle clear-threshold 5, and radio-eap-throttle timeout 5 seconds. 2. Configurable broadcast multicast transmit speed Ability to send broadcast traffic on highest or lowest basic rate. admin(network.wireless.radio.802-11bg)>set bcmc-tx-speed ? <op-mode> : op-mode - (range, throughput) When range is selected the lowest of basic rate would be used for all broadcast/multicast transmissions. When throughput is selected, the highest of basic rate would be used for all broadcast/multicast transmissions. Default setting is ‘range’. 3. Proxy ARP for wireless clients Ability of an AP to proxy ARP for wireless clients to reduce number of broadcast traffic on air. Default is dynamic. admin(network.wireless)>set proxy-arp ? <op-mode><cr> : op-mode - (strict, dynamic, disable) 4. Opportunistic PMK caching Ability of AP to cache last 3 PMKids for wireless client. OPMK uses WNMP multicast messages to sync MU’s PMK among AP’s on the same subnet. The supplicant should be capable of doing OPMK. The AP will keep up to 3 PMK’s for each associated MU. The AP will reuse the oldest slot for the MU when it runs out of slots. The lifetime for each key will be 1 hour. Total number of key cache will be 1250. The AP will flush the entire key cache if it gets full. The AP will force the MU to do 802.1x authentication if it does not find the MU in the key cache. The AP will delete the MU’s PMK if it fails WPA handshake.The AP independently expires entries in its key cache. It does not tell other APs to remove them. admin(network.wireless.security.edit)>set ccmp opp-pmk-caching ? <mode><cr> : mode - (enable,disable) 5. Configurable Differentiated Service Code Point (DSCP) qos mapping Support for DSCP QoS mapping in the radio configuration. admin(network.wireless.radio)>set qos-mapping(wired-to-wireless) dscp ? Page 2 5/6/2013 AP-51XX v2.3.4.0-008R – Release Notes <dscp-num><tid-num><cr> con. : 0-63 Specify the DSCP value(0-63) to be : tid-num: : tid0: best effort category traffic : tid1: background category traffic : tid2: background category traffic : tid3: best effort category traffic : tid4: video traffic category traffic : tid5: video traffic category traffic : tid6: voice traffic category traffic : tid7: voice traffic category traffic 6. Configurable roam notification timing Ability to configure when to send roam notification after mobile client association. Options will be after MU has associated and after MU state becomes data ready. Default setting - after MU association. admin(network.wireless.wlan)>set roam-notification <after-assoc, afterdata-ready> 7. AP reset on ethernet inactivity Option to reset AP if there is inactivity on LAN interface. To enable AP reset, configure LAN ethernet timeout and reset-interval. Default setting is - no reset. admin(network.lan)>set ? reset-interval connection timeout : set reset interval on ethernet admin(network.lan)>set reset-interval ? <period><cr> : period - 0 (no reset) : period 1-1000 min. 8. 802.11 authentication request throttling Ability to limit the number of wireless clients doing simultaneous 802.11 authentications. admin(network.wireless)>set admin(network.wireless)>set admin(network.wireless)>set admin(network.wireless)>set max-auth-mus <1 – 127> radio-auth-throttle mode <enable/disable> radio-auth-throttle clear-threshold <1 – 127> radio-auth-throttle timeout <1 – 3600> in 100ms Defaults will be mode disabled, max-auth-mus – 50, clear-threshold 30, timeout – 10 (in 100 ms) equals 1 second. AP-51XX Hardware/ Software Compatibility Matrix v1.0.0.0 v1.0.1.0 v1.1.0.0 v1.1.1.0 v1.1.2.0 Page 3 v2.0.0.0045R v2.1.0.0030R v2.3.4.0008R 5/6/2013 AP-51XX v2.3.4.0-008R – Release Notes AP-5131 AP-5181 AP-5131 & AP-5181 with new processor revision (July 2007) AP-5131 Dependent Mode AP-513140020-DWR AP-513113040-DWR Supported NotSupported NotSupported Supported Supported Supported Supported Supported Supported Supported Supported Supported Supported NotSupported Supported Supported Supported Supported NotSupported NotSupported NotSupported Supported Not Supported Not Supported Page 4 5/6/2013 AP-51XX v2.3.4.0-008R – Release Notes AP-51XX Default Configurations v1.0.0.0 v1.0.1.0 v1.1.0.0 WAN DHCP client Auto-update enabled Static IP: 10.1.1.1 Static Mask: 255.0.0.0 v1.1.1.0 v1.1.2.0 v2.0.0.0-045R v2.1.0.0-030R V2.1.1.0-001R V2.2.0.0-023R V2.2.1.0-007R V2.2.2.0-001R V2.3.0.0 V2.3.1.0 V2.3.2.0 V2.3.3.0 V2.3.4.0 Static IP: 10.1.1.1 Static Mask: 255.0.0.0 LAN1 (a.k.a LAN) Static IP: 192.168.0.1 Static Mask: 255.255.255.0 DHCP Server enabled DHCP Client Auto-update enabled Default Gateway* Ethernet Port Enabled DHCP Client Auto-update enabled Default Gateway* Ethernet Port Enabled LAN2 n/a Static IP: 192.168.1.1 Static Mask: 255.255.255.0 DHCP Server Enabled Disabled Access via WAN Port HTTPS, SSH, SNMP: enabled HTTP, HTTPS, Telnet, SSH, SNMP: enabled HTTP, HTTPS, Telnet, SSH, SNMP: enabled *DNS and Domain Name parameters take effect on the Default Gateway Interface. Firmware Update Note: Upgrading from 1.0 to 2.X is a two step process which requires the same upgrade procedure to be repeated twice. The first upgrade will result in a bootloader change and the second upgrade will result in a firmware change. For subsequent upgrades a single download will suffice. Using Auto Update, the AP will automatically update itself twice when upgrading to v2.X Note: Upgrading from 1.0/1.1/1.1.1/1.1.2 to 2.X retains the existing settings. It is recommended, however, that users export their 1.0/1.1/1.1.1/1.1.2 configuration for backup purposes prior to upgrading. Note: When downgrading from v1.1.2 to v1.0, all configuration settings are lost and the AP will return to factory defaults. Page 5 5/6/2013 AP-51XX v2.3.4.0-008R – Release Notes Note: Dependent Mode AP-5131’s (with a D in the Part Number) cannot be downgraded to any software version below 2.0.0.0-045R. To conduct a firmware update on the AP-51XX from 1.X to 2.X: 1. Select ‘System Configuration’ ‘Firmware Update’ from the AP-51XX menu tree of the GUI. 2. Specify the name of the target firmware file within the ‘Filename’ field. 3. If the target firmware file resides within a directory, specify a complete path for the file within the ‘Filepath (optional)’ field. 4. Enter an IP address for the FTP or TFTP server used for the update. 5. Use the drop-down menu to specify the FTP or TFTP server's location. Select the appropriate button, FTP or TFTP, for the server’s location. The server can reside on the WAN or on the LAN. 6. Select either the FTP or TFTP button to define whether the firmware file resides on a FTP or TFTP server. 7. Set the following FTP parameters if applicable: • Username - Specify a username for the FTP server login. • Password - Specify a password for FTP server login. 8. Click ‘Apply’. 9. Click the ‘Perform Update’ button to initiate the update. Upon confirming the firmware update, the AP reboots and completes the update. This step may take several minutes. Page 6 5/6/2013 AP-51XX v2.3.4.0-008R – Release Notes 10. After the AP reboots, return to the ‘Firmware Update’ screen. 11. Repeat Step #9. 12. After the AP reboots, clear the browser cache and return to the ‘Firmware Update’ screen. Check the Status field to verify whether the firmware update was successful. Page 7 5/6/2013 AP-51XX v2.3.4.0-008R – Release Notes Resetting the AP-51XX Password The AP-51XX Command Line Interface (CLI) enables users who forget their password to reset it to the factory default. Only an installation professional should reset the access point’s password and promptly define a new restrictive password. To contact Motorola Support in the event of a password reset requirement, go to www.symbol.com/contactsupport. AP-51XX MAC Addresses The AP-51XX has one MAC address for each LAN, which are displayed in ‘LAN Stats’ and ‘WAN Stats’, under the ‘Status and Statistics’ page in the Web User Interface. Each radio on an AP-51XX supports four Basic Service Sets (BSS). Each BSS, has a corresponding MAC address. The MAC address, which is displayed in the Web Interface, under the Radio Settings screen, corresponds to that of BSS #1. The MAC addresses for the other three BSS’s (BSS #2, #3, #4) are derived by adding 1, 2, 3, respectively, to the radio MAC address (same as BSS #1). For example: If the radio MAC address displayed under the Radio Settings screen (Network Configuration Wireless Radio Configuration Radio<n>) is 00:23:68:72:20:DC, then the BSSs for that radio will have the following MAC addresses: BSSID BSSID#1 MAC Address 00:23:68:72:20:DC BSSID#2 BSSID#3 BSSID#4 00:23:68:72:20:DD 00:23:68:72:20:DE 00:23:68:72:20:DF Hexadecimal Addition Same as Radio MAC Address Radio MAC Address + 1 Radio MAC Address + 2 Radio MAC Address + 3 Known Issues & Recommendations Recommendation: AP-51x1 access points participating in a mesh topology should use the same firmware version. Known Issues: 1. Wireless client disassociation after configuration change. (CQ: 10751): After applying certain changes to the configuration, wireless clients may temporarily become disconnected as each radio resets. 2. Mesh Network Connectivity while making changes to a Base or Client Bridge node: Mesh connectivity may temporarily be unavailable when making configuration changes to Base or Client Bridge APs. 3. If using the Radius time-based authentication feature to authenticate access point user permissions, ensure UTC has been selected from the Date and Time Settings screen’s Time Zone field. If UTC is not selected, time based authentication will not work properly. 4. Rogue AP Detection Command (CQ: 29889): The “Add all to allowed list” command in the Rogue AP Detection screen may result in the Active Allowed AP List not being updated correctly. Page 8 5/6/2013 AP-51XX v2.3.4.0-008R – Release Notes 5. VPN Configuration Import (CQ: 29576): The AP-51XX will not import a VPN configuration if the tunnel name parameter contains a space in the text. 6. AP-4131 vs. AP-51XX Default Basic Rates Setting: The default Basic Rates setting for the AP-51XX is 1, 2, 5.5 and 11 Mbps. The AP- 4131’s default Basic Rates setting was 1 & 2 Mbps only. Note that this difference may cause interoperability problems with certain older wireless devices. The default setting can be changed in the AP-51XX 7. Java GUI does not load in web browser: If the Java Web User Interface does not load in the browser it may be that a previous version of the html page is being stored in the browser’s cache. To solve this problem, clear the browser cache and set the browser to always download web pages. 8. When downgrading a unit from 2.2 to 2.1.1 it is important to rename WLANs and remove special characters from WLANs as these were not supported in 2.1.1. 9. CLI (CQ52436): CLI 'show routes' will not immediately display routes correctly after a route is added/deleted. Workaround is to wait 1 minute between. adding/deleting routes before using ‘show routes’ command. 10. DHCP Lease Information (CQ53499): Legacy Symbol Netvision phone devices will not be listed in the DHCP Lease information. 11. Static routes will only be shown if destination is reachable (CQ52083). 12. Current set of invalid characters across GUI and CLI -> space < > | " & , \ ? 13. CPU utilization might spike incorrectly when AP is handling a lot of traffic. 14. If WAN port is not connected – static routes will not be shown. 15. Upgrading to 2.3.2.0 and above from previous releases will add source port as “ALL” by default in IPfilter rules. 16. CLI displays sftp option for cfg import/export and fw update but is not supported in AP5131(CQ68189). No impact on any functionality 17. AP5131 getting crashed if booting process interrupted using "ctrl+c" (CQ67626) 18. SIP packets are dropped by AP5131 with SIP server across VPN (CQ67321) 19. After every reboot/upgrade, getting unnecessary messages in console (CQ66993). No end user impact for this 20. WSP need to be able to get "Avg MU noise" from AP even if there are no MUs associated (CQ62309) 21. "PTK Bad replay ctr" with message #1 seen in syslog with MUs on WPA/TKIP security (CQ60346). No end user impact 22. GUI shows error while mapping WLAN to user group (CQ 91144). CLI can be used to configure the same. Fixes Version v2.3.4-008R includes several enhancements/fixes: SPR/CQ Ref ID Description 21705 Sporadic AP Crashes 21715 The access ports AP5131 v 2.3.3.1 are not reporting to the ADSP appliance as sensors. 21911 Intermittently cannot downgrade the AP5131 from 2.3.3.1-003R back to 2.3.2.0-0008R. 21916 AP5131 with 2.3.3 and cc Oman doesn't allow to use 5GHz radio. It should be permitted accoring to regulatory. Page 9 5/6/2013 AP-51XX v2.3.4.0-008R – Release Notes 22698 AP5131 Apache version 1.3.41 under firmware v2.3.3.0-06R Version not PCI compliant 22830 LAN 1 port configured for 100mb/FD connected to Nortel Bayswitch (100mb/FD), goes to 100mb/HD, after reboot. TRION00058768 The default value for Native VLAN tag for LAN Ports is set to 'tagged'. By Industry standard it should be Untagged. TRION00083199 When SFTP is used for configuration export, the status shows “Done” even though it fails. TRION00085179 Firmware upgrade fails when one radio is configured as sensor and discovered in ADSP TRION00085182 SFTP support for configuration import/export and firmware upgrade. TRION00086463 Base Bridge crashes in wireless mesh setup TRION00086506 Sensor does not come online in ADSP when AP is connected over WAN interface unless LAN IP is configured and enabled. TRION00100593 MU Inactivity Timer issue Page 10 5/6/2013
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project