Comtrend WAP-EN1200C AC1200 Ceiling Mount Wireless Access Point User manual
Add to my manuals137 Pages
advertisement
NMS USER MANUAL
WAP-EN Series
Wireless Access Points
Version 1.2, June 2017
Copyright
Copyright© 2017 Comtrend Corporation. All rights reserved. The information contained herein is proprietary to Comtrend Corporation. No part of this document may be translated, transcribed, reproduced, in any form, or by any means without the prior written consent of Comtrend Corporation.
This program is free software: you can redistribute it and/or modify it under the terms of the GNU
General Public License as published by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/
NOTE: This document is subject to change without notice.
2
I. Product Information
The Network Management Suite (NMS) supports the central management of a group of access points, otherwise known as an AP Array. NMS can be installed on one access point and support up to 5 access points or on a Wireless LAN
Controller (WLC) and support up to 50 access points.
Access points can be deployed and configured according to your requirements.
This flexibility creates a powerful network architecture which can be easily managed and expanded in the future. The easy to use interface and a full range of functionality make the NMS system ideal for small and mid-sized office environments.
3
Table of Contents
I. Product Information ............................................................................................................................................ 3
II. Quick Setup .............................................................................................................................................................. 7
III. Software Layout .............................................................................................................................................. 10
IV. Features ........................................................................................................................................................... 15
IV-1.
LOGIN, LOGOUT & RESTART .......................................................................................................................... 15
IV-2.
DASHBOARD .................................................................................................................................................. 17
IV-2-1.
System Information .................................................................................................................................... 18
IV-2-2.
Devices Information ................................................................................................................................... 18
IV-2-3.
Managed AP ............................................................................................................................................... 19
IV-2-4.
Managed AP Group .................................................................................................................................... 20
IV-2-5.
Active Clients .............................................................................................................................................. 21
IV-2-6.
Active Users ............................................................................................................................................... 21
IV-3.
ZONE PLAN .................................................................................................................................................... 22
IV-4.
NMS MONITOR .............................................................................................................................................. 24
IV-4-1.
Access Point ............................................................................................................................................... 24
IV-4-1-1.
Managed AP ............................................................................................................................................ 24
IV-4-1-2.
Managed AP Group ................................................................................................................................. 26
IV-4-2.
WLAN ......................................................................................................................................................... 28
IV-4-2-1.
Active WLAN ........................................................................................................................................... 28
IV-4-2-2.
Active WLAN Group ................................................................................................................................ 29
IV-4-3.
Clients ......................................................................................................................................................... 29
IV-4-3-1.
Active Clients ........................................................................................................................................... 29
IV-4-4.
Users ......................................................................................................................................................... 30
IV-4-4-1.
Active Users ......................................................................................................................................... 30
IV-4-4-2.
Users Log ................................................................................................................................................ 30
IV-4-5.
Rogue Devices .......................................................................................................................................... 31
IV-4-6.
Information .............................................................................................................................................. 32
IV-4-6-1.
All Events/Activities ................................................................................................................................ 32
IV-4-6-2.
AP Monitoring ........................................................................................................................................ 32
IV-4-6-3. SSID Overview ............................................................................................................................................ 33
................................................................................................................................................................................. 34
IV-5.
NMS Settings ................................................................................................................................................. 35
IV-5-1.
Access Point ............................................................................................................................................... 35
IV-5-2.
WLAN ......................................................................................................................................................... 46
IV-5-3.
RADIUS ....................................................................................................................................................... 50
IV-5-4.
Access Control ............................................................................................................................................ 56
IV-5-5.
Guest Network ........................................................................................................................................... 59
4
IV-5-6.
Users .......................................................................................................................................................... 62
IV-5-7-1. Add/Edit Guest Portal .............................................................................................................................. 66
IV-5-7-1-1. Front Desk URL ........................................................................................................................................ 67
IV-5-7-1-2. Front Desk Printout .............................................................................................................................. 69
IV-5-7-1-3. Guest Portal Type .................................................................................................................................... 70
IV-5-7-1-4. Guest Portal Customization ..................................................................................................................... 71
IV-5-9.
Schedule .................................................................................................................................................... 74
IV-5-10.
Smart Roaming ........................................................................................................................................ 76
IV-5-11.
Device Monitoring ................................................................................................................................... 78
IV-5-12.
Firmware Upgrade ................................................................................................................................... 79
IV-5-13.
Advanced .................................................................................................................................................. 80
IV-5-13-1.
System Security .................................................................................................................................... 80
V-5-13-2.
Date & Time .......................................................................................................................................... 80
V-5-13-3.
System Accounts ................................................................................................................................... 81
IV-6.
Local Network ................................................................................................................................................ 83
IV-6-1.
Network Settings ........................................................................................................................................ 83
IV-6-1-1.
LAN-Side IP Address ................................................................................................................................ 83
IV-6-1-2.
LAN Port Settings .................................................................................................................................... 86
IV-6-1-3.
VLAN ........................................................................................................................................................ 87
IV-6-2.
2.4GHz 11bgn (Not available on the WLC-6404) ........................................................................................ 88
IV-6-2-1.
Basic ........................................................................................................................................................ 88
IV-6-2-2.
Advanced ................................................................................................................................................ 89
IV-6-2-3.
Security ................................................................................................................................................... 91
IV-6-2-3-1.
No Authentication .............................................................................................................................. 92
IV-6-2-3-2.
WEP .................................................................................................................................................... 92
IV-6-2-3-3.
IEEE802.1x/EAP .................................................................................................................................. 93
IV-6-2-3-4.
WPA-PSK ............................................................................................................................................ 93
IV-6-2-3-5.
WPA-EAP ............................................................................................................................................ 93
IV-6-2-3-6.
Additional Authentication .................................................................................................................. 94
IV-6-2-4.
WDS ......................................................................................................................................................... 95
IV-6-3.
5GHz 11ac 11an (Not available on the WLC-6404) .................................................................................. 97
IV-6-3-1.
Basic ........................................................................................................................................................ 97
IV-6-3-2.
Advanced ................................................................................................................................................ 99
IV-6-3-3.
Security ................................................................................................................................................. 100
IV-6-3-4.
WDS ....................................................................................................................................................... 102
IV-6-4.
WPS (Not available on the WLC-6404) ..................................................................................................... 103
IV-6-5.
RADIUS (Not available on the WLC-6404) ................................................................................................ 104
IV-6-5-1.
RADIUS Settings .................................................................................................................................... 106
IV-6-5-2.
Internal Server ...................................................................................................................................... 107
IV-6-5-3.
RADIUS Accounts .................................................................................................................................. 109
IV-6-6.
MAC Filter (Not available on the WLC-6404) ........................................................................................... 111
5
IV-6-7.
WMM (Not available on the WLC-6404) .................................................................................................. 113
IV-6-8.
Internal Server .......................................................................................................................................... 114
IV-6-8-1.
Internal RADIUS Server ......................................................................................................................... 114
IV-6-8-2.
RADIUS Accounts .................................................................................................................................. 116
IV-6-9.
Schedule ................................................................................................................................................... 117
IV-7.
Local Settings ............................................................................................................................................... 118
IV-7-1.
Operation Mode (Not available on the WLC-6404) .................................................................................. 118
IV-7-2.
System Settings ........................................................................................................................................ 118
IV-7-2-1.
System Information ............................................................................................................................... 118
IV-7-2-2.
Wireless Clients (Not available on the WLC-6404) ................................................................................ 121
IV-7-2-3.
Wireless Monitor (Not available on the WLC-6404) ............................................................................. 122
IV-7-2-4.
Log ......................................................................................................................................................... 123
IV-7-3.
Management ............................................................................................................................................ 125
IV-7-3-1.
Admin .................................................................................................................................................. 125
IV-7-3-2.
Date and Time ..................................................................................................................................... 127
IV-7-3-3.
Syslog Server ....................................................................................................................................... 128
IV-7-3-4.
I’m Here .............................................................................................................................................. 129
IV-7-4.
Advanced .................................................................................................................................................. 130
IV-7-4-1.
LED Settings ........................................................................................................................................... 130
IV-7-4-2.
Update Firmware ................................................................................................................................ 130
IV-7-4-3.
Save/Restore Settings ......................................................................................................................... 132
IV-7-4-4.
Factory Default .................................................................................................................................... 133
IV-7-4-5.
Reboot ................................................................................................................................................. 133
IV-8.
Toolbox ........................................................................................................................................................ 134
IV-8-1.
Network Connectivity ............................................................................................................................. 134
IV-8-1-1.
Ping ..................................................................................................................................................... 134
IV-8-1-2.
Trace Route ......................................................................................................................................... 134
V. Best Practice ................................................................................................................................................... 135
How to Create and Link WLAN & Access Point Groups ........................................................................................... 135
6
II. Quick Setup
One device is designated as the AP Controller (master) and other connected
APs are designated as Managed APs (slaves). Using the NMS you can monitor, configure and manage all Managed APs. Up to 5 APs can be managed from an
EN-Series Wireless Access Point in AP Controller Mode or 50 APs can be managed from a dedicated WLC-6404 Wireless Access Point Controller.
Follow the steps below:
1.
Connect all APs to an Ethernet or PoE switch which is connected to a gateway/router.
You can use your router as a DHCP server or you can later configure your AP Controller as a DHCP server.
2.
Ensure all APs are powered on and check the LED status.
7
3.
Connect the AP Controller, which will manage all other connected APs, to power and turn the device on.
4.
Connect a computer to the AP Controller using an Ethernet cable.
5.
Open a web browser and enter the AP Controller’s IP address in the address field. The default IP address is listed in the User Manual for your controller. Typically it is either 192.168.2.1 or 192.168.2.2.
DHCP is enabled on the access point by default. Consult the DHCP
Table of your network for the Controller’s IP Address. If no DHCP
Service is found, the access point will default to the default IP address listed in the User Manual. Typical default IP addresses are either 192.168.2.1 or 192.168.2.2.
Your computer’s IP address must be in the same subnet as the AP
Controller. 192.168.2.10 is being used in this example.
6.
Enter the username & password to login. The default username & password are admin & 1234 respectively.
8
7.
If using an EN-Series AP as a controller, you will arrive at the Access Point
Information screen. Go to !“Operation Mode” and select “AP
Controller Mode” from the drop down menu to initiate Controller Mode.
8.
Click “Apply” to save the settings.
9.
Your Controller AP & Managed APs should be fully functional. Use the top menu to navigate around the NMS.
Use Local Network & Local Settings to configure your Controller AP.
Use Dashboard, Zone Plan, NMS Monitor & NMS Settings to configure
Managed APs.
Use Toolbox to diagnose connection issues.
9
III. Software Layout
The top menu features 7 panels: Dashboard, Zone Plan, NMS Monitor, NMS
Settings, Local Network, Local Settings & Toolbox.
Screenshots displayed are examples. The information shown on your screen will vary depending on your configuration and device being used as a controller.
Dashboard
The Dashboard panel displays an overview of your network and key system information, with quick links to access configuration options for Managed APs and Managed AP groups. Each panel can be refreshed, collapsed or moved according to your preference. (Available settings will vary depending on the device being used as an AP Controller.)
10
Zone Plan
Zone Plan displays a customizable live map of Managed APs for a visual representation of your network coverage. Each AP icon can be moved around the map, and a background image can be uploaded for user-defined location profiles using NMS Settings ! Zone Edit. Options can be configured using the menu on the right side and signal strength is displayed for each AP.
(Available settings will vary depending on the device being used as an AP
Controller.)
NMS Monitor
The NMS Monitor panel provides more detailed monitoring information about the AP Array than found on the Dashboard, grouped according to categories in the menu down the left side. (Available settings will vary depending on the device being used as an AP Controller.)
11
NMS Settings
NMS Settings provides extensive configuration options for the AP Array. You can manage each access point, assign access points into groups, manage
WLAN, RADIUS as well as upgrade firmware across multiple access points. The
Zone Plan can also be configured using “Zone Edit”. (Available settings will vary depending on the device being used as an AP Controller.)
Local Network
Local Network settings are for your AP Controller. You can configure the IP address and DHCP server of the AP Controller in addition to 2.4GHz & 5Ghz
Wi-Fi and security, with WPS, RADIUS server, MAC filtering and WMM settings
12
also available. (Available settings will vary depending on the device being used as an AP Controller.)
Local Settings
Local Settings are for your AP Controller. You can set the operation mode and view network settings (clients and logs) specifically for the AP Controller, as well as other management settings such as date/time, admin accounts, firmware and reset. (Available settings will vary depending on the device being used as an AP Controller.)
13
Toolbox
The Toolbox panel provides a network diagnostic tools: ping and trace route.
14
IV. Features
Descriptions of the functions of each main panel Dashboard, Zone Plan, NMS
Monitor, NMS Settings, Local Network, Local Settings & Toolbox can be found below. (Available settings will vary depending on the device being used as an AP Controller.) When using the NMS, click “Apply” to save changes:
Screenshots displayed are examples. The information shown on your screen will vary depending on your configuration.
IV-1. LOGIN, LOGOUT & RESTART
It is recommended that you login to the AP Controller to make configuration changes to Managed APs.
LOGIN
1. Connect a computer to the designated AP Controller using an Ethernet cable:
2. Open a web browser and enter the AP Controller’s IP address in the address field. The default IP address is listed in the User Manual for your controller. Typically it is either 192.168.2.1 or 192.168.2.2.
Your computer’s IP address must be in the same subnet as the AP
Controller. Refer to V-1. Configuring your IP Address for more help.
DHCP is enabled on the access point by default. Consult the
DHCP Table of your network for the Controller’s IP Address. If no DHCP Service is found, the access point will default to the default IP address listed in the User Manual. Typical default IP addresses are either 192.168.2.1 or 192.168.2.2.
15
If using a DHCP server on the network, it is advised to use your
DHCP server’s settings to assign the AP Controller a static IP address.
3. Enter the username & password to login. The default username & password are admin & 1234.
RESTART
You can restart your AP Controller or any Managed AP using the NMS. To restart your AP Controller go to Local Settings ! Advanced ! Reboot and click “Reboot”.
To restart Managed APs click the Restart icon for the specified AP on the
Dashboard:
16
IV-2. DASHBOARD
The dashboard displays an overview of your AP array:
Use the blue icons above to refresh or collapse each panel in the dashboard.
Click and drag to move a panel to suit your preference. You can set the dashboard to auto-refresh every 1 minute, 30 seconds or disable auto-refresh:
17
IV-2-1. System Information
System Information displays information about the AP Controller: Product
Name (model), Host Name, MAC Address, IP Address, Firmware Version,
System Time, Uptime, CPU Usage and Memory Usage.
IV-2-2. Devices Information
Devices Information is a summary of the number of all devices in the local network: Access Points, Clients Connected, and Rogue (unidentified) Devices.
18
IV-2-3. Managed AP
Managed AP displays information about each Managed AP in the local network: Index (reference number), MAC Address, Device Name, Model, IP
Address, 2.4GHz & 5GHz Wireless Channel Number, No. of Clients connected
to each access point, and Status (connected, connecting or disconnected).
The search function can be used to locate a specific Managed AP. Type in the search box and the list will update:
The Status icon displays grey (disconnected), yellow (connecting) or green
(connected) for each Managed AP.
Each Managed AP has “Action” icons with the following functions:
1. Disallow
Remove the Managed AP from the AP array and disable connectivity.
2. Edit
Edit various settings for the Managed AP (refer to IV-5-1. Access Point).
3. Blink LED
The Managed AP’s LED will flash temporarily to help identify & locate access points.
4. Buzzer
The Managed AP’s buzzer will sound temporarily to help identify & locate access points.
5. Network Connectivity
Go to the “Network Connectivity” panel to perform a ping or traceroute.
6. Restart
Restarts the Managed AP.
19
IV-2-4. Managed AP Group
Managed APs can be grouped according to your requirements. Managed AP
Group displays information about each Managed AP group in the local network: Group Name, MAC Address, Device Name, Model, IP Address, No. of
Clients connected to each access point, and Status (connected or disconnected).
To edit Managed AP Groups go to NMS Settings ! Access Point (refer to
IV-5-1. Access Point).
The search function can be used to locate a specific Managed AP Group. Type in the search box and the list will update:
The Status icon displays grey (disconnected), yellow (connecting) or green
(connected) for each individual Managed AP.
Each Managed AP has “Action” icons with the following functions:
1. Disallow
Remove the Managed AP from the AP array and disable connectivity.
2. Edit
Edit various settings for the Managed AP (refer to IV-5-1. Access Point)
3. Blink LED
The Managed AP’s LED will flash temporarily to help identify & locate access points.
4. Buzzer
The Managed AP’s buzzer will sound temporarily to help identify & locate access points.
5. Network Connectivity
Go to the “Network Connectivity” panel to perform a ping or traceroute.
20
6. Restart
Restarts the Managed AP.
IV-2-5. Active Clients
Active Clients displays information about each client in the local network:
Index (reference number), Client MAC Address, Device Name, Model, IP
Address, 2.4GHz & 5GHz Wireless Channel Number, No. of Clients connected to each access point, and Status (on or off).
The search function can be used to locate a specific client. Type in the search box and the list will update:
IV-2-6. Active Users
Active Users displays information about each user in the local network: Index
(reference number), User Name, MAC Address, IP Address, SSID, Creator,
Creation Time, Expire Time, Usage Percentage, Vendor, Platform and Action.
The search function can be used to locate a specific user. Type in the search box and the list will update:
21
IV-3. ZONE PLAN
The Zone Plan can be fully customized to match your network environment.
You can move the AP icons and select different location images (upload location images in NMS Settings ! Zone Edit) to create a visual map of your
AP array.
Use the menu on the side to make adjustments and mouse-over an AP icon in the zone map to see more information. Click an AP icon in the zone map to select it and display action icons.
Click and drag an AP icon to move the icon around the zone map. The signal strength for each AP is displayed according to the “Signal” key in the menu on the right side:
Location Select a pre-defined location from the drop down menu. When you upload a location image in NMS Settings ! Zone Edit, it will be available for selection here.
22
AP Group
Search
Radio
Signal
Zoom
Transparency
Scale
Device/Number
You can select an AP Group to display in the zone map. Edit AP Groups in NMS Settings !
Access Point.
Use the search box to quickly locate an AP.
Use the checkboxes to display APs according to 2.4GHz or 5GHz wireless radio frequency.
Signal strength key for the signal strength display around each AP in the zone map.
Use the slider to adjust the zoom level of the map.
Use the slider to adjust the transparency of location images.
Zone map scale.
Displays number and type of devices in the zone map.
23
IV-4. NMS MONITOR
IV-4-1. Access Point
IV-4-1-1. Managed AP
Displays information about each Managed AP in the local network: Index
(reference number), MAC Address, Device Name, Model, IP Address, 2.4GHz &
5GHz Wireless Channel Number, No. of Clients connected to each access point,
and Status (connected, connecting or disconnected).
The search function can be used to locate a specific Managed AP. Type in the search box and the list will update:
Grey Disconnected
Red
Authentication
Failed
Or
Incompatible
NMS Version
The Status icon displays the status of each Managed AP.
Status Icons
Icon Color Status Definition
Managed AP is disconnected. Check the network connection and ensure the
Managed AP is in the same IP subnet as
the AP Controller.
System security must be the same for all access points in the AP array. Please check security settings (refer to IV-5-12-1.
System Security).
Access points must use the same version of NMS as the Controller. Use the AP
Controller’s firmware upgrade function
(refer to IV-5-11. Firmware Upgrade) to
synchronize the NMS version.
24
Managed AP is making configuration changes or upgrading the firmware.
Yellow Connecting Managed AP is connecting.
Green Connected Managed AP is connected.
Managed AP is waiting for approval.
Each Managed AP has “Action” icons with the following functions:
1. Disallow
Remove the Managed AP from the AP array and disable connectivity.
1. Edit
Edit various settings for the Managed AP (refer to IV-5-1. Access Point).
2. Blink LED
The Managed AP’s LED will flash temporarily to help identify & locate access points.
3. Buzzer
The Managed AP’s buzzer will sound temporarily to help identify & locate access points.
4. Network Connectivity
Go to the “Network Connectivity” panel to perform a ping or traceroute.
5. Restart
Restarts the Managed AP.
25
IV-4-1-2. Managed AP Group
Managed APs can be grouped according to your requirements. Managed AP
Group displays information about each Managed AP group in the local network: Group Name, MAC Address, Device Name, Model, IP Address, 2.4GHz
& 5GHz Wireless Channel Number, No. of Clients connected to each access point, and Status (connected or disconnected).
To edit Managed AP Groups go to NMS Settings ! Access Point (refer to
IV-5-1. Access Point).
The search function can be used to locate a specific Managed AP Group. Type in the search box and the list will update:
The Status icon displays grey (disconnected), red (authentication failed/incompatible NMS version), orange (upgrading firmware), yellow
(connecting), green (connected) or blue (waiting for approval) for each individual Managed AP. Refer to IV-4-1-1. Managed AP: Status Icons for full descriptions.
Each Managed AP has “Action” icons with the following functions:
2. Disallow
Remove the Managed AP from the AP array and disable connectivity.
26
3. Edit
Edit various settings for the Managed AP (refer to IV-5-1. Access Point).
4. Blink LED
The Managed AP’s LED will flash temporarily to help identify & locate access points.
5. Buzzer
The Managed AP’s buzzer will sound temporarily to help identify & locate access points.
6. Network Connectivity
Go to the “Network Connectivity” panel to perform a ping or traceroute.
7. Restart
Restarts the Managed AP.
27
IV-4-2. WLAN
IV-4-2-1. Active WLAN
Displays information about each SSID in the AP Array: Index (reference number), Name/SSID, VLAN ID, Authentication, Encryption, IP Address and
Additional Authentication.
To configure encryption and VLANs for Managed APs go to NMS Settings !
WLAN.
The search function can be used to locate a specific SSID. Type in the search box and the list will update:
28
IV-4-2-2. Active WLAN Group
WLAN groups can be created according to your preference. Active WLAN
Group displays information about WLAN group: Group Name, Name/SSID,
VLAN ID, Authentication, Encryption, IP Address and Additional
Authentication.
The search function can be used to locate a specific Active WLAN Group. Type in the search box and the list will update:
IV-4-3. Clients
IV-4-3-1. Active Clients
Displays information about clients currently connected to the AP Array:
Index(reference number),Client MAC Address, AP MAC Address, WLAN (SSID),
User Name, Radio (2.4GHz or 5GHz), Signal Strength received by Client,
Connected Time, Idle Time, Tx & Rx (Data transmitted and received by Client in
KB), and the Vendor of the client device.
You can set or disable the auto-refresh time for the client list or click
“Refresh” to manually refresh.
The search function can be used to locate a specific client. Type in the search box and the list will update:
29
IV-4-4. Users
IV-4-4-1. Active Users
Displays information about each user in the local network via guest portals:
Index (reference number), User Name, MAC Address, IP Address, SSID, Creator,
Create Time, Expire Time, Usage Percentage, Traffic Progress, Vendor and
Platform of the user device.
The search function can be used to locate a specific client. Type in the search box and the list will update:
IV-4-4-2. Users Log
Displays a detailed information log of users and activity on the network via guest portals: ID, Date and Time of entry, Category of entry, Severity, Users,
Event/Activities details.
The search function can be used to locate a specific client. Type in the search box and the list will update:
30
IV-4-5. Rogue Devices
Rogue access point detection can identify any unauthorized access points which may have been installed in the network.
Click “Start” to scan for rogue devices:
Unknown Rogue Devices displays information about rogue devices discovered during the scan: Index (reference number), Channel, SSID, MAC Address,
Security, Signal Strength, Type, Vendor and Action.
The search function can be used to locate a known rogue device. Type in the search box and the list will update:
31
IV-4-6. Information
IV-4-6-1. All Events/Activities
Displays a log of time-stamped events for each access point in the Array – use the drop down menu to select an access point and view the log.
IV-4-6-2. AP Monitoring
Displays graphical monitoring information about access points in the Array for
2.4GHz & 5GHz: Traffic Tx (data transmitted in MB), Traffic Rx (data received
in MB), No. of Clients, Wireless Channel, Tx Power (wireless radio power), CPU
Usage and Memory Usage.
Use the drop down menus to select an access point and date.
You can set or disable the auto-refresh time for the data:
32
IV-4-6-3. SSID Overview
Displays graphical monitoring information about different SSIDs for 2.4GHz &
5GHz, including Traffic Tx (data transmitted in Kbps), Traffic Rx (data received
in Kbps), and also the Client Number for each SSID.
You can use Refresh to run the manual refresh:
2.4GHz & 5GHz Traffic shows currently how much Tx/Rx traffic (in KBps) utilized in each SSID. The blue diagram represents the 2.4GHz radio band, and the green diagram represents the 5GHz radio band.
33
Client Number shows currently how many current users on each SSID. The blue diagram represents the 2.4GHz radio band, and the green diagram represents the 5GHz radio band.
34
IV-5. NMS Settings
IV-5-1. Access Point
Displays information about each access point and access point group in the local network and allows you to edit access points and edit or add access point groups.
The search function can be used to locate an access point or access point group. Type in the search box and the list will update:
The Status icon displays grey (disconnected), red (authentication failed/incompatible NMS version), orange (upgrading firmware), yellow
(connecting), green (connected) or blue (waiting for approval) for each individual Managed AP. Refer to IV-4-1-1. Managed AP: Status Icons for full descriptions.
The “Action” icons enable you to allow or disallow an access point:
Select an access point or access point group using the check-boxes and click “Edit” to make configurations, or click
“Add” to add a new access point group:
35
The Access Point Settings panel can enable or disable Auto Approve for all
Managed APs. When enabled, Managed APs will automatically join the AP
Array with the Controller AP. When disabled, Managed APs must be manually approved to join the AP Array with the Controller AP.
Access Point Settings
Auto Approve Enable or disable Auto Approve for all
Managed APs.
To manually approve a Managed AP, use “the allow Action” icon for the specified access point:
Edit Access Point
Configure your selected access point on your LAN. You can set the access point as a DHCP client or specify a static IP address for your access point, and assign the access point to an AP group, as well as edit 2.4GHz & 5GHz wireless radio settings. An events log is displayed at the bottom of the page.
You can also use Profile Settings to assign the access point to WLAN, RADIUS and Access Control groups independently from Access Point Group settings.
Check the “Override Group Settings” box to use different individual settings for access points assigned to AP Groups:
36
Basic Settings
Name
Description
MAC Address
AP Group
IP Address
Assignment
IP Address
Subnet Mask
Edit the access point name. The default name is AP + MAC address.
Enter a description of the access point for reference e.g. 2 nd Floor Office.
Displays MAC address.
Use the drop down menu to assign the AP to an AP Group. You can edit AP Groups from the NMS Settings ! Access Point page.
Select “DHCP Client” for your access point to be assigned a dynamic IP address from your router’s DHCP server, or select “Static IP” to manually specify a static/fixed IP address for your access point (below). Check the box
“Override Group Setting” if the AP is a member of an AP Group and you wish to use a different setting than the AP Group setting.
Specify the IP address here. This IP address will be assigned to your access point and will replace the default IP address.
Specify a subnet mask. The default value is
37
255.255.255.0
Default Gateway For DHCP users, select “From DHCP” to get default gateway from your DHCP server or
“User-Defined” to enter a gateway manually.
Primary DNS
For static IP users, the default value is blank.
DHCP users can select “From DHCP” to get primary DNS server’s IP address from DHCP or
“User-Defined” to manually enter a value. For
Secondary DNS static IP users, the default value is blank.
DHCP users can select “From DHCP” to get secondary DNS server’s IP address from DHCP or “User-Defined” to manually enter a value.
For static IP users, the default value is blank.
Radio Settings
Wireless
Band
Enable or disable the access point’s 2.4GHz or
5GHz wireless radio. When disabled, no SSIDs on that frequency will be active.
Select the wireless standard used for the access point. Combinations of 802.11b,
38
Auto Pilot
802.11g, 802.11n & 802.11ac can be selected.
Enable/disable auto channel selection. Auto channel selection will automatically set the wireless channel for the access point’s 2.4GHz or 5GHz frequency based on availability and potential interference. When disabled, select a channel manually.
Select a range from which the auto channel Auto Pilot Range setting (above) will choose a channel.
Auto Pilot Interval Specify a frequency for how often the auto channel setting will check/reassign the wireless channel. Check/uncheck the “Change channel even if clients are connected” box according to your preference.
Channel Bandwidth Set the channel bandwidth or use Auto
(automatically select based on interference
BSS BasicRateSet level).
Set a Basic Service Set (BSS) rate: this is a series of rates to control communication frames for wireless clients.
These settings are for experienced users only. Please do not change any of the values on this page unless you are already familiar with these functions.
Changing these settings can adversely affect the performance of your access point.
Advanced Settings
Contention Slot
Preamble Type
Guard Interval
Select “Short” or “Long” – this value is used for contention windows in WMM (see IV-6-7.
WMM).
Set the wireless radio preamble type. The preamble type in 802.11 based wireless communication defines the length of the CRC
(Cyclic Redundancy Check) block for communication between the access point and roaming wireless adapters. The default value is
“Short Preamble”.
Set the guard interval. A shorter interval can improve performance.
39
802.11g Protection Enable/disable 802.11g protection, which increases reliability but reduces bandwidth
(clients will send Request to Send (RTS) to access point, and access point will broadcast
Clear to Send (CTS), before a packet is sent from client.)
802.11n Protection Enable/disable 802.11n protection, which increases reliability but reduces bandwidth
DTIM Period
RTS Threshold
(clients will send Request to Send (RTS) to access point, and access point will broadcast
Clear to Send (CTS), before a packet is sent from client.)
Set the DTIM (delivery traffic indication message) period value of the wireless radio.
The default value is 1.
Set the RTS threshold of the wireless radio. The
Fragment
Threshold
Multicast Rate
Tx Power
Beacon Interval
Station idle timeout default value is 2347.
Set the fragment threshold of the wireless radio. The default value is 2346.
Set the transfer rate for multicast packets or use the “Auto” setting.
Set the power output of the wireless radio. You may not require 100% output power. Setting a lower power output can enhance security since potentially malicious/unknown users in distant areas will not be able to access your signal.
Set the beacon interval of the wireless radio.
The default value is 100.
Set the interval for keep alive messages from the access point to a wireless client to verify if the station is still alive/active.
40
Profile Settings
WLAN Group
RADIUS Group
Access Control
Group
Assign the access point’s 2.4GHz or 5GHz
SSID(s) to a WLAN Group. You can edit WLAN groups in NMS Settings ! WLAN.
Assign the access point’s 2.4GHz SSID(s) to a
RADIUS group. You can edit RADIUS groups in
NMS Settings ! RADIUS.
Assign the access point’s 2.4GHz SSID(s) to a
RADIUS group. You can edit RADIUS groups in
NMS Settings ! Access Control
Add/Edit Access Point Group
Configure your selected access point group. Access point group settings apply to all access points in the group, unless individually set to override group settings.
You can use Profile Group Settings to assign the access point group to WLAN,
RADIUS and Access Control groups.
The Group Settings panel can be used to quickly move access points between existing groups: select an access point and use the drop down menu or search to select access point groups and use << and >> arrows to move APs between groups.
Basic Group Settings
Name
Description
Edit the access point group name.
Enter a description of the access point group for reference e.g. 2 nd Floor Office Group.
41
Radio Group Settings
Wireless
Band
Auto Pilot
Enable or disable the access point group’s
2.4GHz or 5GHz wireless radio. When disabled, no SSIDs on that frequency will be active.
Select the wireless standard used for the access point group. Combinations of 802.11b,
802.11g, 802.11n & 802.11ac can be selected.
Enable/disable auto channel selection. Auto channel selection will automatically set the wireless channel for the access point group’s
2.4GHz or 5GHz frequency based on availability and potential interference. When
Auto Pilot Range disabled, select a channel manually.
Select a range from which the auto channel setting (above) will choose a channel.
Auto Pilot Interval Specify a frequency for how often the auto channel setting will check/reassign the wireless channel. Check/uncheck the “Change channel even if clients are connected” box according to your preference.
Channel Bandwidth Set the channel bandwidth or use Auto
42
BSS BasicRateSet
(automatically select based on interference level).
Set a Basic Service Set (BSS) rate: this is a series of rates to control communication frames for wireless clients.
These settings are for experienced users only. Please do not change any of the values on this page unless you are already familiar with these functions.
Changing these settings can adversely affect the performance of your access points.
Advanced Settings
Contention Slot
Preamble Type
Select “Short” or “Long” – this value is used for contention windows in WMM (see IV-6-7.
WMM).
Set the wireless radio preamble type. The preamble type in 802.11 based wireless communication defines the length of the CRC
(Cyclic Redundancy Check) block for communication between the access point and
Guard Interval roaming wireless adapters. The default value is
“Short Preamble”.
Set the guard interval. A shorter interval can improve performance.
802.11g Protection Enable/disable 802.11g protection, which increases reliability but reduces bandwidth
(clients will send Request to Send (RTS) to access point, and access point will broadcast
Clear to Send (CTS), before a packet is sent from client.)
802.11n Protection Enable/disable 802.11n protection, which increases reliability but reduces bandwidth
(clients will send Request to Send (RTS) to access point, and access point will broadcast
Clear to Send (CTS), before a packet is sent from client.)
DTIM Period Set the DTIM (delivery traffic indication message) period value of the wireless radio.
The default value is 1.
43
RTS Threshold
Fragment
Threshold
Multicast Rate
Tx Power
Beacon Interval
Station idle timeout
Set the RTS threshold of the wireless radio. The default value is 2347.
Set the fragment threshold of the wireless radio. The default value is 2346.
Set the transfer rate for multicast packets or use the “Auto” setting.
Set the power output of the wireless radio. You may not require 100% output power. Setting a lower power output can enhance security since potentially malicious/unknown users in distant areas will not be able to access your signal.
Set the beacon interval of the wireless radio.
The default value is 100.
Set the interval for keep alive messages from the access point to a wireless client to verify if the station is still alive/active.
Profile Group Settings
WLAN Group Assign the access point group’s 2.4GHz or
44
RADIUS Group
Access Control
Group
5GHz SSIDs to a WLAN Group. You can edit
WLAN groups in NMS Settings ! WLAN.
Assign the access point group’s 2.4GHz SSIDs to a RADIUS group. You can edit RADIUS groups in NMS Settings ! RADIUS.
Assign the access point’s 2.4GHz SSIDs to a
RADIUS group. You can edit RADIUS groups in
NMS Settings ! Access Control.
45
IV-5-2. WLAN
Displays information about each WLAN and WLAN group in the local network and allows you to add or edit WLANs & WLAN Groups. When you add a WLAN
Group, it will be available for selection in NMS Settings ! Access Point access point Profile Settings & access point group Profile Group Settings.
The search function can be used to locate a WLAN or WLAN Group. Type in the search box and the list will update:
Select a WLAN or WLAN Group using the check-boxes and click “Edit” or click “Add” to add a new WLAN or WLAN
Group:
46
Add/Edit WLAN
WLAN Settings
Name/ESSID
Description
SSID
VLAN ID
Broadcast SSID
Wireless Client
Isolation
Edit the WLAN name (SSID).
Enter a description of the SSID for reference e.g. 2 nd Floor Office HR.
Select which SSID to configure security settings for.
Specify the VLAN ID.
Enable or disable SSID broadcast. When enabled, the SSID will be visible to clients as an available Wi-Fi network. When disabled, the SSID will not be visible as an available
Wi-Fi network to clients – clients must manually enter the SSID in order to connect.
A hidden (disabled) SSID is typically more secure than a visible (enabled) SSID.
Enable or disable wireless client isolation.
Wireless client isolation prevents clients connected to the access point from communicating with each other and improves security. Typically, this function is useful for corporate environments or public hot spots
47
Load Balancing
Authentication
Method
Additional
Authentication and can prevent brute force attacks on clients’ usernames and passwords.
Load balancing limits the number of wireless clients connected to an SSID. Set a load balancing value (maximum 50).
Select an authentication method from the drop down menu.
Select an additional authentication method from the drop down menu.
Various security options (wireless data encryption) are available. When data is encrypted, information transmitted wirelessly cannot be read by anyone who does not know the correct encryption key.
It’s essential to configure wireless security in order to prevent unauthorised access to your network.
Select hard-to-guess passwords which include combinations of numbers, letters and symbols, and change your password regularly.
Please refer to IV-6-2-3. Security for more information on authentication and additional authentication types.
WLAN Advanced Settings
RSSI Threshold Set a RSSI Threshold level.
48
Add/Edit WLAN Group
When you add a WLAN Group, it will be available for selection in NMS
Settings ! Access Point access point Profile Settings& access point group
Profile Group Settings.
WLAN Group Settings
Name
Description
Edit the WLAN Group name.
Enter a description of the WLAN Group for reference e.g. 2 nd
Members
Floor Office HR Group.
Select SSIDs to include in the group using the checkboxes and assign VLAN IDs.
49
IV-5-3. RADIUS
Displays information about External & Internal RADIUS Servers, Accounts and
Groups and allows you to add or edit RADIUS Servers, Accounts & Groups.
When you add a RADIUS Group, it will be available for selection in NMS
Settings ! Access Point access point Profile Settings& access point group
Profile Group Settings.
The search function can be used to locate a RADIUS Server, Account or Group.
Type in the search box and the list will update:
Make a selection using the check-boxes and click “Edit” or click “Add” to add a new WLAN or WLAN Group:
50
Add/Edit External RADIUS Server
Name
Description
RADIUS Server
Enter a name for the RADIUS Server.
Enter a description of the RADIUS Server for reference.
Enter the RADIUS server host IP address.
Authentication
Port
Shared Secret
Set the UDP port used in the authentication protocol of the RADIUS server. Value must be between 1 – 65535.
Enter a shared secret/password between 1 –
99 characters in length. This should match the
“MAC-RADIUS” password.
Session Timeout Set a duration of session timeout in seconds between 0 – 86400.
Accounting Enable or disable RADIUS accounting.
Accounting Port When accounting is enabled (above), set the
UDP port used in the accounting protocol of the RADIUS server. Value must be between 1 –
65535.
51
Add/Edit Internal RADIUS Server
Upload EAP Certificate File
EAP Certificate File
Format
Displays the EAP certificate file format:
PCK#12(*.pfx/*.p12)
EAP Certificate File Click “Upload” to open a new window and select the location of an EAP certificate file to use. If no certificate file is uploaded, the internal RADIUS server will use a self-made certificate.
Internal RADIUS Server
Name Enter a name for the Internal RADIUS Server.
Description
EAP Certificate File
Format
Enter a description of the Internal RADIUS
Server for reference.
Displays the EAP certificate file format:
PCK#12(*.pfx/*.p12)
EAP Certificate File Click “Upload” to open a new window and select the location of an EAP certificate file to use. If no certificate file is uploaded, the internal RADIUS server will use a self-made certificate.
52
EAP Internal
Authentication
Shared Secret
Select EAP internal authentication type from the drop down menu.
Enter a shared secret/password for use between the internal RADIUS server and
RADIUS client. The shared secret should be 1 –
99 characters in length.
Session Timeout Set a duration of session timeout in seconds between 0 – 86400.
Termination Action Select a termination-action attribute:
“Reauthentication” sends a RADIUS request to the access point, “Not-Reathentication” sends a default termination-action attribute to the access point, “Not-Send” no termination-action attribute is sent to the access point.
Add/Edit RADIUS Accounts
The internal RADIUS server can authenticate up to 256 user accounts. The
“RADIUS Accounts” page allows you to configure and manage users.
53
RADIUS Accounts
User Name
Add
Reset
Enter the user names here, separated by commas.
Click “Add” to add the user to the user registration list.
Clear text from the user name box.
User Registration List
Select Check the box to select a user.
User Name
Password
Customize
Displays the user name.
Displays if specified user name has a password
(configured) or not (not configured).
Click “Edit” to open a new field to set/edit a password for the specified user name (below).
Delete Selected
Delete All
Delete selected user from the user registration list.
Delete all users from the user registration list.
Edit User Registration List
User Name
Password
Existing user name is displayed here and can be edited according to your preference.
Enter or edit a password for the specified user.
54
Add/Edit RADIUS Group
When you add a RADIUS Group, it will be available for selection in NMS
Settings ! Access Point access point Profile Settings & access point group
Profile Group Settings.
RADIUS Group Settings
Group Name
Description
2.4GHz RADIUS
Edit the RADIUS Group name.
Enter a description of the RADIUS Group for reference.
Enable/Disable primary & secondary RADIUS
5GHz RADIUS
Members servers for 2.4GHz.
Enable/Disable primary & secondary RADIUS servers for 5GHz.
Add RADIUS user accounts to the RADIUS group (Maximum 5).
55
IV-5-4. Access Control
MAC Access Control is a security feature that can help to prevent unauthorized users from connecting to your access point.
This function allows you to define a list of network devices permitted to connect to the access point. Devices are each identified by their unique MAC address. If a device which is not on the list of permitted MAC addresses attempts to connect to the access point, it will be denied.
The Access Control panel displays information about MAC Access Control &
MAC Access Control Groups and Groups and allows you to add or edit MAC
Access Control & MAC Access Control Group settings. When you add an
Access Control Group, it will be available for selection in NMS Settings !
Access Point access point Profile Settings& access point group Profile Group
Settings.
The search function can be used to locate a MAC address or MAC Access
Control Group. Type in the search box and the list will update:
Make a selection using the check-boxes and click “Edit” or click “Add” to add a new MAC Address or MAC Access Control
Group:
56
Add/Edit MAC Access Control
Add MAC Address Enter a MAC address of computer or network device manually e.g. ‘aa-bb-cc-dd-ee-ff’ or enter multiple MAC addresses separated with commas, e.g.
Add
‘aa-bb-cc-dd-ee-ff,aa-bb-cc-dd-ee-gg’
Click “Add” to add the MAC address to the
MAC address filtering table.
Clear all fields. Reset
MAC address entries will be listed in the “MAC Address Filtering Table”. Select an entry using the “Select” checkbox.
Select
MAC Address
Delete Selected
Delete All
Export
Delete selected or all entries from the table.
The MAC address is listed here.
Delete the selected MAC address from the list.
Delete all entries from the MAC address filtering table.
Click “Export” to save a copy of the MAC filtering table. A new window will pop up for you to select a location to save the file.
57
Add/Edit MAC Access Control Group
When you add an Access Control Group, it will be available for selection in
NMS Settings ! Access Point access point Profile Settings& access point group Profile Group Settings.
MAC Filter Group Settings
Group Name
Description
Action
Edit the MAC Access Control Group name.
Enter a description of the MAC Access Control
Group for reference.
Select “Blacklist” to deny access to specified
Members
MAC addresses in the group, and select
“Whitelist” to permit access to specified MAC address in the group.
Add MAC addresses to the group.
58
IV-5-5. Guest Network
You can setup an additional “Guest” Wi-Fi network so guest users can enjoy
Wi-Fi connectivity without accessing your primary networks. The “Guest” screen displays settings for your guest Wi-Fi network.
The Guest Network panel displays information about Guest Networks and
Guest Network Groups and allows you to add or edit Guest Network and
Guest Network Group settings. When you add a Guest Network Group, it will be available for selection in NMS Settings ! Access Point access point Profile
Settings & access point group Profile Group Settings.
The search function can be used to locate a Guest Network or Guest Network
Group. Type in the search box and the list will update:
Make a selection using the check-boxes and click “Edit” or click “Add” to add a new Guest Network or Guest Network
Group.
59
Add/Edit Guest Network
Guest Network Settings
Name/ESSID
Description
Edit the Guest Network name (SSID).
Enter a description of the Guest Network for reference e.g. 2 nd
VLAN ID
Broadcast SSID
Wireless Client
Floor Office HR.
Specify the VLAN ID.
Enable or disable SSID broadcast. When enabled, the SSID will be visible to clients as an available Wi-Fi network. When disabled, the SSID will not be visible as an available
Wi-Fi network to clients – clients must manually enter the SSID in order to connect.
A hidden (disabled) SSID is typically more secure than a visible (enabled) SSID.
Enable or disable wireless client isolation.
60
Isolation
Load Balancing
Wireless client isolation prevents clients connected to the access point from communicating with each other and improves security. Typically, this function is useful for corporate environments or public hot spots and can prevent brute force attacks on clients’ usernames and passwords.
Load balancing limits the number of wireless
Authentication
Method
Additional
Authentication clients connected to an SSID. Set a load balancing value (maximum 50).
Select an authentication method from the drop down menu.
Select an additional authentication method from the drop down menu.
Various security options (wireless data encryption) are available. When data is encrypted, information transmitted wirelessly cannot be read by anyone who does not know the correct encryption key.
It’s essential to configure wireless security in order to prevent unauthorised access to your network.
Select hard-to-guess passwords which include combinations of numbers, letters and symbols, and change your password regularly.
Guest Access Policy
Guest Portal
Traffic Shaping
Downlink
Uplink
IP Filtering
Rules
Select a guest portal to use for this guest
SSID. Guest portals can be configured in NMS
Settings ! Guest Portal.
Enable or disable traffic shaping for the guest network.
Enter a downlink limit in MB.
Enter an uplink limit in MB.
Select “Deny” or “Allow” to deny or allow specified IP addresses to access the guest network. Select “Disable” to disable IP filtering.
Enter IP addresses to be filtered according to
61
the Deny or Allow rule specified above and check the box for each IP address to be filtered.
Guest Network Advanced Settings
Schedule Group Assign guest SSID to a specified schedule
(schedule must be pre-configured in NMS
Settings ! Schedule.)
Add/Edit Guest Network Group
When you add a Guest Network Group, it will be available for selection in
NMS Settings ! Access Point access point Profile Settings & access point group Profile Group Settings.
Guest Network Group Settings
Group Name
Description
Members
Edit the Guest Network Group name.
Enter a description of the Guest Network for reference.
Add SSIDs to the Guest Network group. You can override individual VLAN ID & schedule settings and assign a different VLAN ID or schedule.
IV-5-6. Users
User accounts can be created, monitored and managed for use with the controller’s guest portal function. Guest portal settings can be found at IV-5-7.
Guest Portal (NMS Settings ! Guest Portal).
62
When a guest portal is enabled, users who connect to the Guest SSID will automatically arrive at the customizable guest portal page. From there a user account login is required to access the network. These user accounts are created and grouped here, and then selected as the Authentication User
Group at NMS Settings ! Guest Portal.
The guest portal also generates a Front Desk URL which allows staff/admins to login and quickly create/manage user accounts and expiry times, and generate & print tickets with login credentials to give to guest users. These staff/admin accounts are created and grouped here, and selected as the Front
Desk User Group at NMS Settings ! Guest Portal.
Information on the Users page is displayed about each user account and user account group.
The search function can be used to locate a user or user group. Type in the search box and the list will update:
The Status icon displays grey (logged out), yellow (expired), red (locked) or
green (active) for each user.
The Action icons can lock/unlock or revive (an expired) user account.
Select a user or user group using the check-boxes and click
“Edit” to make configurations, or click “Add” to add new users and groups:
63
Add/Edit User
User Settings
Name
Description
Edit the user account name.
Enter a description of the user account name e.g. Guest Portal 1
Specify a password for the account. Password
Confirm Password Confirm the password for the account.
User Group Assign the user account to a user group so it can be utilized by the guest portal.
Add/Edit User Group
User Group Settings
Name
Description
Role Type
Members
Edit the user group name.
Enter a description of the user group name e.g. Front Desk or Guest Users.
Select whether the group is for Guest Portal users or Front Desk managers.
Select which user accounts to include in the group.
64
IV-5-7. Guest Portal
Displays information about guest portals and allows you to edit guest portal settings. Guest portals require users to be created at NMS Settings ! Users.
When a guest portal is enabled, users who connect to the Guest SSID will automatically arrive at the customizable guest portal page. From there a user account login is required to access the network. These user accounts are created and grouped at NMS Settings ! Users, and then selected as the
Authentication User Group here.
The guest portal also generates a Front Desk URL which allows staff/admins to login and quickly create/manage user accounts and expiry times, and generate & print tickets with login credentials to give to guest users. These staff/admin accounts are created and grouped at NMS Settings ! Users and then selected as the Front Desk User Group here.
Guest Portal Settings
Idle Timeout
Login Password
Retry Lockout
Specify a duration of idle time after which the guest portal will timeout.
Specify number of incorrect login attempts before the user account is locked.
65
IV-5-7-1. Add/Edit Guest Portal
Add a guest portal or edit an existing guest portal for use with the guest network.
Guest Portal Settings
Name
Description
Authentication
Server
Edit the name of the guest portal for reference.
Enter a description of the guest portal for reference.
Guest Portal Type Select a guest portal type. Refer below for more information about available types.
Select an authentication server: Local
Database is the default setting.
Select a user group for front desk access. Front Desk User
Group
Front Desk
Generation URL
Front Desk Printout
Message
Authentication
User Group
Landing Page
Displays the URL of your Front Desk page. See below for more information.
Edit the content of Front Desk printout ticket.
Refer below for more information.
Select a user group for login to the guest network.
Specify a landing page for users after successful login.
66
IV-5-7-1-1. Front Desk URL
Go to this URL in a web browser and members of the Front Desk User Group can login to create guest accounts, set expiry limits and printout tickets.
Guest Portal Type Dynamic must be selected to use Front Desk.
1. Login with an account from the Front Desk User Group (NMS Settings
!
Users).
2. The Guest Account Wizard allows you to setup a new user account and configure the valid period & SSID, or upload a bulk guest list in .csv format. Click Next to continue.
67
3. A summary of the new account(s) is displayed with quick links to print tickets for individual or all new accounts.
4. The Guest Account Monitor displays all guest accounts along with status and quick action icons to print, revive expired accounts or lock/unlock
(disable/enable) accounts.
Yellow: Expired
Red: Locked
Grey: Logged out
Green: Active
Mouseover a status or action icon for a description, and use the arrows to reorder the list according to S/N or Status.
Anytime you choose to print account(s) your browser will open a print dialog box where you can select your print destination and configure print settings as usual:
68
IV-5-7-1-2. Front Desk Printout
Edit and preview the content of the Front Desk printout in the text box using the variables listed in the Definition Table. E.g. (USERNAME) will display on the printout as the specified username.
Guest Portal Type Dynamic must be selected to use Front Desk.
69
IV-5-7-1-3. Guest Portal Type
Four types of guest portal are available from the drop down menu:
Free Redirects users to the specified landing page, with no user login required.
Service Level Agreement Requires users to accept terms and conditions, with no user login required.
Static Users Requires user login and accept terms and conditions. Users must be created in NMS at
NMS Settings ! Users. Front Desk is not used.
Dynamic Users Requires user login and accept terms and conditions. Allows Front Desk to create user accounts in addition to NMS.
70
IV-5-7-1-4. Guest Portal Customization
Guest portal customization varies according to guest portal type. Click Edit to make changes.
Login Portal Settings
Header Image
Logo Image
Title Message
Background Color
Terms of Use
Select an 800 x 200 header image.
Select a 200 x 50 logo image.
Enter a title message for the guest portal page.
Specify a background color as a HEX value.
Enter your terms of use.
71
IV-5-8. Zone Edit
Zone Edit displays information about zones for use with the Zone Plan feature and allows you to add or edit zones.
The search function can be used to find existing zones. Type in the search box and the list will update:
Make a selection using the check-boxes and click “Edit” or click “Add” to add a new zone.
72
Add/Edit Zone
Upload Zone Image
Choose File Click to locate an image file to be displayed as a map in the Zone Plan feature. Typically a floor plan image is useful.
Zone Setting
Name/Location
Description
Members
Enter a name of the zone/location.
Enter a description of the zone/location for reference.
Assign access points to the specified zone/location for use with the Zone Plan feature.
73
IV-5-9. Schedule
You can define schedules according to day, start time and end time - and group multiple schedules together into schedule groups.
Schedule groups can be assigned to WLANs, WLAN Groups & Guest Network at NMS Settings ! WLAN and NMS Settings ! Guest Network.
Add/Edit Schedule
Use the checkboxes and drop-down menus to setup your schedule.
74
Add/Edit Schedule Group
WLAN Group Settings
Name
Description
Members
Edit the schedule group name.
Enter a description of the schedule group for reference.
Select individual schedules to include in the schedule group using the checkboxes.
75
IV-5-10. Smart Roaming
Smart Roaming enables you to setup the Roaming groups and the Used WLAN
SSID, WAN Group and AP Number.
Before setup the roaming group, the WLAN Settings need to be configured first. For example, please click NMS Settings >> WLAN, check 2.4GHz SSID, and then click Edit.
Configure 802.11k as Enable. Please note, don't configure the Authentication as OPEN. Then click Save and Apply. Please wait about 3 minutes.
76
Roaming Group Setting Procedure:
(1) Enter Name of this setting.
(2) Enter 4 characteristics on Mobility Domain.
(3) Enter 32 characteristics on Encryption Key.
(4) Select WLAN Group, and select WLAN.
(5) It will display APs using this WLAN Setting.
(6) Click Edit icon on 1st AP.
(7) Enter 2nd AP MAC Address, click Save and Close.
(8) Click Edit icon on 2nd AP.
(9) Enter 1st AP MAC Address, click Save and Close.
77
Then, click Save and Apply, and wait about 3 minutes. Congratulations, you have configured 802.11r and 802.11k successfully.
IV-5-11. Device Monitoring
Device monitoring enables you to specify and monitor the status any IP devices on the network such as IP cameras. The description and status of each device is displayed in the table.
Add or Edit IP devices by entering the IP address.
78
IV-5-12. Firmware Upgrade
Firmware Upgrade allows you to upgrade firmware to Access Point Groups.
First, upload the firmware file from a local disk or external FTP server: locate the file and click “Upload” or “Check”. The table below will display the
Firmware Name, Firmware Version, NMS Version, Model and Size.
Then click “Upgrade All” to upgrade all access points in the Array or select
Access Point groups from the list using check-boxes and click “Upgrade
Selected” to upgrade only selected access points.
79
IV-5-13. Advanced
IV-5-13-1. System Security
Configure the NMS system name and security key for communication between AP Controller and Managed APs.
V-5-13-2. Date & Time
Configure the date & time settings of the AP Array. The date and time of the access points can be configured manually or can be synchronized with a time server.
Date and Time Settings
Local Time Set the access point’s date and time manually using the drop down menus.
Acquire Current
Time from your PC
Click “Acquire Current Time from Your PC” to enter the required values automatically according to your computer’s current time and date.
80
NTP Time Server
Use NTP
Server Name
The access point also supports NTP (Network
Time Protocol) for automatic time and date setup.
Enter the host name or IP address of the time server if you wish.
Update Interval Specify a frequency (in hours) for the access point to update/synchronize with the NTP server.
Time Zone
Time Zone Select the time zone of your country/ region. If your country/region is not listed, please select another country/region whose time zone is the same as yours.
V-5-13-3. System Accounts
Import the API Key which was received Google Developers. This is for the
Online Map feature in Zone Plan page. Graphical zone plans with Google Maps integration and setup wizards are available for expanding and managing large networks with multiple access points
Note:
Please go to https://console.developers.google.com/flows/enableapi?apiid=maps_backen d&keyType=CLIENT_SIDE&reusekey=true to apply for an API key first to utilize this feature set.
81
82
IV-6. Local Network
IV-6-1. Network Settings
IV-6-1-1. LAN-Side IP Address
The “LAN-side IP address” page allows you to configure your AP Controller on your Local Area Network (LAN). You can enable the access point to dynamically receive an IP address from your router’s DHCP server or you can specify a static IP address for your access point, as well as configure DNS servers. You can also set your AP Controller as a DHCP server to assign IP addresses to other devices on your LAN.
LAN-side IP Address
IP Address
Assignment
Select “Static IP” to manually specify a static/fixed IP address for your access point.
Select “DHCP Client” for your access point to be assigned a dynamic IP address from your router’s DHCP server, or select “DHCP Server” for your access point to act as a DHCP server and assign IP addresses on your LAN.
Static IP Address
IP Address Specify the IP address here. This IP address will be assigned to your access point and will replace the default IP address.
Specify a subnet mask. The default value is Subnet Mask
255.255.255.0
Default Gateway For DHCP users, select “From DHCP” to get default gateway from your DHCP server or
83
Primary DNS
Address
Secondary DNS
Address
“User-Defined” to enter a gateway manually.
For static IP users, the default value is blank.
For static IP users, the default value is blank.
For static IP users, the default value is blank.
DHCP Client
IP Address
Subnet Mask
Default Gateway Select “From DHCP” or select “User-Defined” and enter a default gateway.
Primary DNS
Address
Secondary DNS
Address
When “DHCP Client” is selected this value cannot be modified.
When “DHCP Client” is selected this value cannot be modified.
Select “From DHCP” or select “User-Defined” and enter a primary DNS address.
Select “From DHCP” or select “User-Defined” and enter a secondary DNS address.
84
DHCP Server
IP Address
Subnet Mask
Specify the IP address here. This IP address will be assigned to your access point and will replace the default IP address.
Specify a subnet mask. The default value is
255.255.255.0
IP Address Range Enter the start and end IP address of the IP
Domain Name
Lease Time address range which your access point’s DHCP server will assign to devices on the network.
Enter a domain name.
Select a lease time from the drop down menu. IP addresses will be assigned for this period of time.
Default Gateway Enter a default gateway.
Primary DNS Enter a primary DNS address.
Address
Secondary DNS
Address
Enter a secondary DNS address.
Your access point’s DHCP server can be configured to assign static (fixed) IP addresses to specified network devices, identified by their unique MAC address:
DHCP Server Static IP Address
MAC Address Enter the MAC address of the network device
85
IP Address
Add to be assigned a static IP address.
Specify the IP address to assign the device.
Click to assign the IP address to the device.
IV-6-1-2. LAN Port Settings
The “LAN Port” page allows you to configure the settings for your AP
Controllers wired LAN (Ethernet) ports.
Wired LAN Port
Enable
Speed & Duplex
Flow Control
802.3az
Identifies LAN port 1 or 2.
Enable/disable specified LAN port.
Select a speed & duplex type for specified LAN port, or use the “Auto” value. LAN ports can operate up to 1000Mbps and full-duplex enables simultaneous data packets transfer/receive.
Enable/disable flow control. Flow control can pause new session request until current data processing is complete, in order to avoid device overloads under heavy traffic.
Enable/disable 802.3az. 802.3az is an Energy
Efficient Ethernet feature which disables unused interfaces to reduce power usage.
86
IV-6-1-3. VLAN
The “VLAN” (Virtual Local Area Network) page enables you to configure VLAN settings. A VLAN is a local area network which maps workstations virtually instead of physically and allows you to group together or isolate users from each other. VLAN IDs 1 – 4094 are supported.
VLAN IDs in the range 1 – 4094 are supported.
VLAN Interface
Wired LAN
Port/Wireless
VLAN Mode
VLAN ID
Identifies LAN port 1 or 2 and wireless SSIDs
(2.4GHz or 5GHz).
Select “Tagged Port” or “Untagged Port” for specified LAN interface.
Set a VLAN ID for specified interface, if
“Untagged Port” is selected.
Management VLAN
VLAN ID Specify the VLAN ID of the management VLAN.
Only the hosts belonging to the same VLAN can manage the device.
87
IV-6-2. 2.4GHz 11bgn (Not available on the WLC-6404)
The “2.4GHz 11bgn” menu allows you to view and configure information for your access point’s 2.4GHz wireless network across four categories: Basic,
Advanced, Security and WDS.
IV-6-2-1. Basic
The “Basic” screen displays basic settings for your access point’s 2.4GHz Wi-Fi network(s).
When auto channel is disabled, select a wireless channel manually:
Channel Select a wireless channel from 1 – 11.
Channel Bandwidth Set the channel bandwidth: 20MHz (lower performance but less interference), 40MHz
(higher performance but potentially higher interference) or Auto (automatically select based on interference level).
BSS BasicRate Set Set a Basic Service Set (BSS) rate: this is a series of rates to control communication frames for wireless clients.
88
IV-6-2-2. Advanced
These settings are for experienced users only. Please do not change any of the values on this page unless you are already familiar with these functions.
Changing these settings can adversely affect the performance of your access point.
Contention Slot
Preamble Type
Select “Short” or “Long” – this value is used for contention windows in WMM (see IV-6-7.
WMM).
Set the wireless radio preamble type. The preamble type in 802.11 based wireless communication defines the length of the CRC
(Cyclic Redundancy Check) block for communication between the access point and
Guard Interval roaming wireless adapters. The default value is
“Short Preamble”.
Set the guard interval. A shorter interval can improve performance.
802.11g Protection Enable/disable 802.11g protection, which increases reliability but reduces bandwidth
(clients will send Request to Send (RTS) to access point, and access point will broadcast
Clear to Send (CTS), before a packet is sent from client.)
89
802.11n Protection Enable/disable 802.11n protection, which increases reliability but reduces bandwidth
(clients will send Request to Send (RTS) to access point, and access point will broadcast
DTIM Period
Clear to Send (CTS), before a packet is sent from client.)
Set the DTIM (delivery traffic indication message) period value of the wireless radio.
RTS Threshold
Fragment
Threshold
Multicast Rate
Tx Power
Beacon Interval
Station idle timeout
The default value is 1.
Set the RTS threshold of the wireless radio. The default value is 2347.
Set the fragment threshold of the wireless radio. The default value is 2346.
Set the transfer rate for multicast packets or use the “Auto” setting.
Set the power output of the wireless radio. You may not require 100% output power. Setting a lower power output can enhance security since potentially malicious/unknown users in distant areas will not be able to access your signal.
Set the beacon interval of the wireless radio.
The default value is 100.
Set the interval for keep alive messages from the access point to a wireless client to verify if the station is still alive/active.
90
IV-6-2-3. Security
The access point provides various security options (wireless data encryption).
When data is encrypted, information transmitted wirelessly cannot be read by anyone who does not know the correct encryption key.
It’s essential to configure wireless security in order to prevent unauthorised access to your network.
Select hard-to-guess passwords which include combinations of numbers, letters and symbols, and change your password regularly.
SSID
Broadcast SSID
Wireless Client
Isolation
Select which SSID to configure security settings for.
Enable or disable SSID broadcast. When enabled, the SSID will be visible to clients as an available Wi-Fi network. When disabled, the
SSID will not be visible as an available Wi-Fi network to clients – clients must manually enter the SSID in order to connect. A hidden
(disabled) SSID is typically more secure than a visible (enabled) SSID.
Enable or disable wireless client isolation.
Wireless client isolation prevents clients connected to the access point from communicating with each other and improves security. Typically, this function is useful for corporate environments or public hot spots and can prevent brute force attacks on clients’ usernames and passwords.
91
Load Balancing
Authentication
Method
Additional
Authentication
Load balancing limits the number of wireless clients connected to an SSID. Set a load balancing value (maximum 50).
Select an authentication method from the drop down menu and refer to the information below appropriate for your method.
Select an additional authentication method from the drop down menu and refer to the information below (IV-6-2-3-6.) appropriate for your method.
IV-6-2-3-1. No Authentication
Authentication is disabled and no password/key is required to connect to the access point.
Disabling wireless authentication is not recommended. When disabled, anybody within range can connect to your device’s SSID.
IV-6-2-3-2. WEP
WEP (Wired Equivalent Privacy) is a basic encryption type. For a higher level of security consider using WPA encryption.
Key Length Select 64-bit or 128-bit. 128-bit is more secure than 64-bit and is recommended.
Key Type Choose from “ASCII”
(anyalphanumericalcharacter0-9, a-z and A-Z) or “Hex” (any characters from 0-9,a-f and
A-F).
Default Key
Encryption Key 1 –
4
Select which encryption key (1 – 4 below) is the default key. For security purposes, you can set up to four keys (below) and change which is the default key.
Enter your encryption key/password according to the format you selected above.
92
IV-6-2-3-3. IEEE802.1x/EAP
Key Length Select 64-bit or 128-bit. 128-bit is more secure than 64-bit and is recommended.
IV-6-2-3-4. WPA-PSK
WPA-PSK is a secure wireless encryption type with strong data protection and user authentication, utilizing 128-bit encryption keys.
WPA Type Select from WPA/WPA2 Mixed Mode-PSK,
WPA2 or WPA only. WPA2 is safer than WPA only, but not supported by all wireless clients.
Please make sure your wireless client supports your selection.
Encryption Select “TKIP/AES Mixed Mode” or “AES” encryption type.
Key Renewal
Interval
Specify a frequency for key renewal in minutes.
Pre-Shared Key
Type
Pre-Shared Key
Choose from “Passphrase” (8 – 63 alphanumeric characters) or “Hex” (up to 64 characters from 0-9, a-f and A-F).
Please enter a security key/password according to the format you selected above.
IV-6-2-3-5. WPA-EAP
WPA Type
Encryption
Select from WPA/WPA2 Mixed Mode-EAP,
WPA2-EAP or WPA-EAP.
Select “TKIP/AES Mixed Mode” or “AES” encryption type.
Key Renewal
Interval
Specify a frequency for key renewal in minutes.
WPA-EAP must be disabled to use MAC-RADIUS authentication.
93
IV-6-2-3-6. Additional Authentication
Additional wireless authentication methods can also be used:
MAC Address Filter
Restrict wireless clients access based on MAC address specified in the MAC filter table.
See IV-6-6.MAC Filter to configure MAC filtering.
MAC Filter & MAC-RADIUS Authentication
Restrict wireless clients access using both of the above MAC filtering &
RADIUS authentication methods.
MAC-RADIUS Authentication
Restrict wireless clients access based on MAC address via a RADIUS server, or password authentication via a RADIUS server.
See IV-6-5.RADIUS to configure RADIUS servers.
WPS must be disabled to use MAC-RADIUS authentication. See
IV-6-4. for WPS settings.
MAC RADIUS
Password
Select whether to use MAC address or password authentication via RADIUS server. If you select “Use the following password”, enter the password in the field below. The password should match the “Shared Secret” used in
IV-6-5. RADIUS.
94
IV-6-2-4. WDS
Wireless Distribution System (WDS) can bridge/repeat access points together in an extended network. WDS settings can be configured as shown below.
When using WDS, configure the IP address of each access point to be in the same subnet and ensure there is only one active DHCP server among connected access points, preferably on the WAN side.
WDS must be configured on each access point, using correct MAC addresses.
All access points should use the same wireless channel and encryption method.
95
2.4GHz
WDS Functionality Select “WDS with AP” to use WDS with access point or “WDS Dedicated Mode” to use WDS and also block communication with regular wireless clients. When WDS is used, each access point should be configured with corresponding MAC addresses, wireless channel and wireless encryption method.
Local MAC Address Displays the MAC address of your access point.
WDS Peer Settings
WDS # Enter the MAC address for up to four other
WDS devices you wish to connect.
WDS VLAN
VLAN Mode
VLAN ID
Specify the WDS VLAN mode to “Untagged
Port” or “Tagged Port”.
Specify the WDS VLAN ID when “Untagged
Port” is selected above.
WDS Encryption method
Encryption Select whether to use “None” or “AES” encryption and enter a pre-shared key for AES consisting of 8-63 alphanumeric characters.
96
IV-6-3. 5GHz 11ac 11an (Not available on the WLC-6404)
The “5GHz 11ac 11an” menu allows you to view and configure information for your access point’s 5GHz wireless network across four categories: Basic,
Advanced, Security and WDS.
IV-6-3-1. Basic
The “Basic” screen displays basic settings for your access point’s 5GHz Wi-Fi network (s).
Wireless
Band
Enable or disable the access point’s 5GHz wireless radio. When disabled, no 5GHz SSIDs will be active.
Select the wireless standard used for the
97
access point. Combinations of 802.11a,
802.11n & 802.11ac can be selected.
Enable SSID Number Select how many SSIDs to enable for the 5GHz frequency from the drop down menu. A
SSID# maximum of 16 can be enabled.
Enter the SSID name for the specified SSID (up to 16). The SSID can consist of any combination of up to 32 alphanumeric
VLAN ID
Auto Channel characters.
Specify a VLAN ID for each SSID.
Enable/disable auto channel selection. Auto channel selection will automatically set the wireless channel for the access point’s 5GHz frequency based on availability and potential interference. When disabled, select a channel manually as shown in the next table.
Auto Channel Range Select a range from which the auto channel setting (above) will choose a channel.
Auto Channel
Interval
Specify a frequency for how often the auto channel setting will check/reassign the wireless channel. Check/uncheck the “Change channel even if clients are connected” box according to your preference.
Channel Bandwidth Set the channel bandwidth: 20MHz (lower performance but less interference), Auto
40/20MHz or Auto 80/40/20MHz
(automatically select based on interference level).
BSS BasicRate Set Set a Basic Service Set (BSS) rate: this is a series of rates to control communication frames for wireless clients.
When auto channel is disabled, select a wireless channel manually:
Channel Select a wireless channel.
Channel Bandwidth Set the channel bandwidth: 20MHz (lower performance but less interference), Auto
40/20MHz or Auto 80/40/20MHz
(automatically select based on interference level).
98
BSS BasicRate Set Set a Basic Service Set (BSS) rate: this is a series of rates to control communication frames for wireless clients.
IV-6-3-2. Advanced
These settings are for experienced users only. Please do not change any of the values on this page unless you are already familiar with these functions.
Changing these settings can adversely affect the performance of your access point.
Guard Interval Set the guard interval. A shorter interval can improve performance.
802.11n Protection Enable/disable 802.11n protection, which increases reliability but reduces bandwidth
DTIM Period
RTS Threshold
Fragment
Threshold
Multicast Rate
(clients will send Request to Send (RTS) to access point, and access point will broadcast
Clear to Send (CTS), before a packet is sent from client.)
Set the DTIM (delivery traffic indication message) period value of the wireless radio.
The default value is 1.
Set the RTS threshold of the wireless radio. The default value is 2347.
Set the fragment threshold of the wireless radio. The default value is 2346.
Set the transfer rate for multicast packets or use the “Auto” setting.
99
Tx Power
Beacon Interval
Station idle timeout
Set the power output of the wireless radio. You may not require 100% output power. Setting a lower power output can enhance security since potentially malicious/unknown users in distant areas will not be able to access your signal.
Set the beacon interval of the wireless radio.
The default value is 100.
Set the interval for keep alive messages from the access point to a wireless client to verify if the station is still alive/active.
IV-6-3-3. Security
The access point provides various security options (wireless data encryption).
When data is encrypted, information transmitted wirelessly cannot be read by anyone who does not know the correct encryption key.
It’s essential to configure wireless security in order to prevent unauthorised access to your network.
Select hard-to-guess passwords which include combinations of numbers, letters and symbols, and change your password regularly.
SSID Select which SSID to configure security settings for.
100
Broadcast SSID
Wireless Client
Isolation
Enable or disable SSID broadcast. When enabled, the SSID will be visible to clients as an available Wi-Fi network. When disabled, the
SSID will not be visible as an available Wi-Fi network to clients – clients must manually enter the SSID in order to connect. A hidden
(disabled) SSID is typically more secure than a visible (enabled) SSID.
Enable or disable wireless client isolation.
Wireless client isolation prevents clients connected to the access point from communicating with each other and improves security. Typically, this function is useful for corporate environments or public hot spots and can prevent brute force attacks on clients’ usernames and passwords.
Load Balancing
Authentication
Method
Additional
Authentication
Load balancing limits the number of wireless clients connected to an SSID. Set a load balancing value (maximum 50).
Select an authentication method from the drop down menu and refer to the information below appropriate for your method.
Select an additional authentication method from the drop down menu and refer to the information below appropriate for your method.
Please refer back to IV-6-2-3. Security for more information on authentication and additional authentication types.
101
IV-6-3-4. WDS
Wireless Distribution System (WDS) can bridge/repeat access points together in an extended network. WDS settings can be configured as shown below.
When using WDS, configure the IP address of each access point to be in the same subnet and ensure there is only one active DHCP server among connected access points, preferably on the WAN side.
WDS must be configured on each access point, using correct MAC addresses.
All access points should use the same wireless channel and encryption method.
5GHz WDS Mode
WDS Functionality Select “WDS with AP” to use WDS with access point or “WDS Dedicated Mode” to use WDS and also block communication with regular wireless clients. When WDS is used, each access point should be configured with corresponding MAC addresses, wireless channel and wireless encryption method.
Local MAC Address Displays the MAC address of your access point.
102
WDS Peer Settings
WDS # Enter the MAC address for up to four other
WDA devices you wish to connect.
WDS VLAN
VLAN Mode
VLAN ID
Specify the WDS VLAN mode to “Untagged
Port” or “Tagged Port”.
Specify the WDS VLAN ID when “Untagged
Port” is selected above.
WDS Encryption
Encryption Select whether to use “None” or “AES” encryption and enter a pre-shared key for AES with 8-63 alphanumeric characters.
IV-6-4. WPS (Not available on the WLC-6404)
Wi-Fi Protected Setup is a simple way to establish connections between WPS compatible devices. WPS can be activated on compatible devices by pushing a
WPS button on the device or from within the device’s firmware/configuration interface (known as PBC or “Push Button Configuration”). When WPS is activated in the correct manner and at the correct time for two compatible devices, they will automatically connect. “PIN code WPS” is a variation of PBC which includes the additional use of a PIN code between the two devices for verification.
Please refer to manufacturer’s instructions for your other WPS device.
103
WPS Check/uncheck this box to enable/disable WPS functionality. WPS must be disabled when using MAC-RADIUS authentication (see
IV-6-2-3-6. & IV-6-5).
Product PIN Displays the WPS PIN code of the device, used for PIN code WPS. You will be required to enter this PIN code into another WPS device for PIN code WPS. Click “Generate PIN” to generate a new WPS PIN code.
Push-Button WPS Click “Start” to activate WPS on the access point for approximately 2 minutes. This has the same effect as physically pushing the access
WPS by PIN point’s WPS button.
Enter the PIN code of another WPS device and click “Start” to attempt to establish a WPS connection for approximately 2 minutes.
WPS Status WPS security status is displayed here. Click
“Release” to clear the existing status.
IV-6-5. RADIUS (Not available on the WLC-6404)
The RADIUS sub menu allows you to configure the access point’s RADIUS server settings, categorized into three submenus: RADIUS settings, Internal
Server and RADIUS accounts.
A RADIUS server provides user-based authentication to improve security and offer wireless client control – users can be authenticated before gaining access to a network.
104
The access point can utilize both a primary and secondary (backup) RADIUS server for each of its wireless frequencies (2.4GHz & 5GHz). External RADIUS servers can be used or the access point’s internal RADIUS server can be used.
To use RADIUS servers, go to “Local
Network” !
“Security” !
“Additional Authentication” and select
“MAC RADIUS Authentication” (see IV-6-2-3.&IV-6-3-3).
105
IV-6-5-1. RADIUS Settings
Configure the RADIUS server settings for 2.4GHz & 5GHz. Each frequency can use an internal or external RADIUS server.
106
RADIUS Type Select “Internal” to use the access point’s built-in RADIUS server or “external” to use an external RADIUS server.
RADIUS Server Enter the RADIUS server host IP address.
Authentication
Port
Shared Secret
Accounting
Set the UDP port used in the authentication protocol of the RADIUS server. Value must be between 1 – 65535.
Enter a shared secret/password between 1 –
99 characters in length. This should match the
“MAC-RADIUS” password used in IV-3-1-3-6 or
IV-3-2-3.
Session Timeout Set a duration of session timeout in seconds between 0 – 86400.
Enable or disable RADIUS accounting.
Accounting Port When accounting is enabled (above), set the
UDP port used in the accounting protocol of the RADIUS server. Value must be between 1 –
65535.
IV-6-5-2. Internal Server
The access point features a built-in RADIUS server which can be configured as shown below used when “Internal” is selected for “RADIUS Type” in the “Local
Network” ! “RADIUS Settings” menu.
To use RADIUS servers, go to “Wireless
Settings” !
“Security”“Additional Authentication” and select “MAC
RADIUS Authentication” (see IV-6-2-3.&IV-6-3-3).
107
Internal Server
EAP Internal
Authentication
EAP Certificate File
Format
Check/uncheck to enable/disable the access point’s internal RADIUS server.
Select EAP internal authentication type from the drop down menu.
Displays the EAP certificate file format:
PCK#12(*.pfx/*.p12)
EAP Certificate File Click “Upload” to open a new window and select the location of an EAP certificate file to
Shared Secret use. If no certificate file is uploaded, the internal RADIUS server will use a self-made certificate.
Enter a shared secret/password for use between the internal RADIUS server and
RADIUS client. The shared secret should be 1 –
99 characters in length. This should match the
“MAC-RADIUS” password used in IV-6-2-3-6 or
IV-6-3-3.
Session Timeout Set a duration of session timeout in seconds between 0 – 86400.
Termination Action Select a termination-action attribute:
“Reauthentication” sends a RADIUS request to the access point, “Not-Reathentication” sends a default termination-action attribute to the access point, “Not-Send” no termination-action attribute is sent to the access point.
108
IV-6-5-3. RADIUS Accounts
The internal RADIUS server can authenticate up to 256 user accounts. The
“RADIUS Accounts” page allows you to configure and manage users.
User Name
Add
Reset
Select
User Name
Password
Customize
Enter the user names here, separated by commas.
Click “Add” to add the user to the user registration list.
Clear text from the user name box.
Check the box to select a user.
Displays the user name.
Displays if specified user name has a password
(configured) or not (not configured).
Click “Edit” to open a new field to set/edit a
109
password for the specified user name (below).
Delete Selected
Delete All
Delete selected user from the user registration list.
Delete all users from the user registration list.
Edit User Registration List
User Name
Password
Existing user name is displayed here and can be edited according to your preference.
Enter or edit a password for the specified user.
110
IV-6-6. MAC Filter (Not available on the WLC-6404)
Mac filtering is a security feature that can help to prevent unauthorized users from connecting to your access point.
This function allows you to define a list of network devices permitted to connect to the access point. Devices are each identified by their unique MAC address. If a device which is not on the list of permitted MAC addresses attempts to connect to the access point, it will be denied.
To enable MAC filtering, go to “Local Settings”
“Additional Authentication” and select “MAC Filter” (see
IV-6-2-3.&IV-6-3-3).
!
“Security” !
The MAC address filtering table is displayed below:
111
Add MAC Address Enter a MAC address of computer or network device manually e.g. ‘aa-bb-cc-dd-ee-ff’ or enter multiple MAC addresses separated with commas, e.g.
Add
‘aa-bb-cc-dd-ee-ff,aa-bb-cc-dd-ee-gg’
Click “Add” to add the MAC address to the
MAC address filtering table.
Clear all fields. Reset
MAC address entries will be listed in the “MAC Address Filtering Table”. Select an entry using the “Select” checkbox.
Select
MAC Address
Delete Selected
Delete All
Export
Delete selected or all entries from the table.
The MAC address is listed here.
Delete the selected MAC address from the list.
Delete all entries from the MAC address filtering table.
Click “Export” to save a copy of the MAC filteringtable. A new window will pop up for you to select a location to save the file.
112
IV-6-7. WMM (Not available on the WLC-6404)
Wi-Fi Multimedia (WMM) is a Wi-Fi Alliance interoperability certification based on the IEEE 802.11e standard, which provides Quality of Service (QoS) features to IEE 802.11 networks. WMM prioritizes traffic according to four categories: background, best effort, video and voice.
Configuring WMM consists of adjusting parameters on queues for different categories of wireless traffic. Traffic is sent to the following queues:
Background Low
Priority
Best Effort Medium
Priority
Video
Voice
High
Priority
High
Priority
High throughput, non time sensitive bulk data e.g. FTP
Traditional IP data, medium throughput and delay.
Time sensitive video data with minimum time delay.
Time sensitive data such as VoIP and streaming media with minimum time delay.
Queues automatically provide minimum transmission delays for video, voice, multimedia and critical applications. The values can further be adjusted manually:
113
CWMin
CWMax
AIFSN
TxOP
IV-6-8. Internal Server
Minimum Contention Window (milliseconds):
This value is input to the initial random backoff wait time algorithm for retry of a data frame transmission. The backoff wait time will be generated between 0 and this value. If the frame is not sent, the random backoff value is doubled until the value reaches the number defined by CWMax (below). The CWMin value must be lower than the CWMax value. The contention window scheme helps to avoid frame collisions and determine priority of frame transmission. A shorter window has a higher probability (priority) of transmission.
Maximum Contention Window (milliseconds):
This value is the upper limit to random backoff value doubling (see above).
Arbitration Inter-Frame Space (milliseconds):
Specifies additional time between when a channel goes idle and the AP/client sends data frames. Traffic with a lower AIFSN value has a higher priority.
Transmission Opportunity (milliseconds): The maximum interval of time an AP/client can transmit. This makes channel access more efficiently prioritized. A value of 0 means only one frame per transmission. A greater value effects higher priority.
IV-6-8-1. Internal RADIUS Server
The controller features a built-in RADIUS server which can be configured as shown below used when “Internal” is selected for “RADIUS Type” in the “Local
Network” ! “RADIUS Settings” menu.
To use RADIUS servers, go to “Wireless
Settings” !
“Security”“Additional Authentication” and select “MAC
RADIUS Authentication” (see IV-6-2-3. & IV-6-3-3).
114
Internal Server
EAP Internal
Authentication
EAP Certificate File
Format
Check/uncheck to enable/disable the access point’s internal RADIUS server.
Select EAP internal authentication type from the drop down menu.
Displays the EAP certificate file format:
PCK#12(*.pfx/*.p12)
EAP Certificate File Click “Upload” to open a new window and select the location of an EAP certificate file to
Shared Secret use. If no certificate file is uploaded, the internal RADIUS server will use a self-made certificate.
Enter a shared secret/password for use between the internal RADIUS server and
RADIUS client. The shared secret should be 1 –
99 characters in length. This should match the
“MAC-RADIUS” password used in IV-6-2-3-6 or
IV-6-3-3.
Session Timeout Set a duration of session timeout in seconds between 0 – 86400.
Termination Action Select a termination-action attribute:
“Reauthentication” sends a RADIUS request to the access point, “Not-Reathentication” sends a default termination-action attribute to the access point, “Not-Send” no termination-action attribute is sent to the access point.
115
IV-6-8-2. RADIUS Accounts
The internal RADIUS server can authenticate up to 256 user accounts. The
“RADIUS Accounts” page allows you to configure and manage users.
User Name
Add
Reset
Select
User Name
Password
Customize
Enter the user names here, separated by commas.
Click “Add” to add the user to the user registration list.
Clear text from the user name box.
Check the box to select a user.
Displays the user name.
Displays if specified user name has a password
(configured) or not (not configured).
Click “Edit” to open a new field to set/edit a password for the specified user name (below).
116
Delete Selected
Delete All
Delete selected user from the user registration list.
Delete all users from the user registration list.
Edit User Registration List
User Name
Password
Existing user name is displayed here and can be edited according to your preference.
Enter or edit a password for the specified user.
IV-6-9. Schedule
Schedule allows the user to configure specific times and dates when the radio of the wireless account will be disabled. This is designed to prevent unwanted access during non-application hours.
117
IV-7. Local Settings
IV-7-1. Operation Mode (Not available on the WLC-6404)
Set the operation mode of the access point. AP mode is a standalone access point, AP controller mode acts as the designated master of the AP array, and
Managed AP mode acts as a slave AP within the AP array.
IV-7-2. System Settings
IV-7-2-1. System Information
The “System Information” page displays basic system information about the access point.
118
System
Model
Product Name
Uptime
Boot From
Version
MAC Address
Management VLAN
ID
IP Address
Displays the model number of the access point.
Displays the product name for reference, which consists of “AP” plus the MAC address.
Displays the total time since the device was turned on.
Displays information for the booted hardware, booted from either USB or internal memory.
Displays the firmware version.
Displays the access point’s MAC address.
Displays the management VLAN ID.
Displays the IP address of this device. Click
“Refresh” to update this value.
Default Gateway Displays the IP address of the default gateway.
DNS
DHCP Server
IP address of DNS (Domain Name Server)
IP address of DHCP Server.
Wired LAN Port Settings
Wired LAN Port
Status
Specifies which LAN port (1 or 2).
Displays the status of the specified LAN port
119
VLAN Mode/ID
(connected or disconnected).
Displays the VLAN mode (tagged or untagged) and VLAN ID for the specified LAN port. See
IV-6-1-3. VLAN
Wireless 2.4GHz (5GHz)
Status Displays the status of the 2.4GHz or 5GHz wireless (enabled or disabled).
MAC Address
Channel
Transmit Power
Displays the access point’s MAC address.
Displays the channel number the specified wireless frequency is using for broadcast.
Displays the wireless radio transmit power level as a percentage.
Wireless 2.4GHZ (5GHz) / SSID
SSID Displays the SSID name(s) for the specified frequency.
Authentication
Method
Encryption Type
VLAN ID
Additional
Authentication
Wireless Client
Isolation
Displays the authentication method for the specified SSID. See IV-6. Wireless Settings
Displays the encryption type for the specified
SSID. See IV-6. Wireless Settings
Displays the VLAN ID for the specified SSID.
See IV-6-1-3. VLAN
Displays the additional authentication type for the specified SSID. See IV-6. Wireless Settings
Displays whether wireless client isolation is in use for the specified SSID. See IV-6-1-3. VLAN
Wireless 2.4GHZ (5GHz) / WDS Status
MAC Address
Encryption Type
VLAN Mode/ID
Displays the peer access point’s MAC address.
Displays the encryption type for the specified
WDS. See IV-6-2-4. WDS
Displays the VLAN ID for the specified WDS.
See IV-6-2-4. WDS
Refresh Click to refresh all information.
120
IV-7-2-2. Wireless Clients (Not available on the WLC-6404)
The “Wireless Clients” page displays information about all wireless clients connected to the access point on the 2.4GHz or 5GHz frequency.
Refresh time
Auto Refresh Time Select a time interval for the client table list to
Manual Refresh automatically refresh.
Click refresh to manually refresh the client table.
2.4GHz (5GHz) WLAN Client Table
SSID Displays the SSID which the client is connected to.
MAC Address
Tx
Rx
Signal (%)
Connected Time
Displays the MAC address of the client.
Displays the total data packets transmitted by the specified client.
Displays the total data packets received by the specified client.
Displays the wireless signal strength for the specified client.
Displays the total time the wireless client has
Idle Time
Vendor been connected to the access point.
Client idle time is the time for which the client has not transmitted any data packets i.e. is idle.
The vendor of the client’s wireless adapter is displayed here.
121
IV-7-2-3. Wireless Monitor (Not available on the WLC-6404)
Wireless Monitor is a tool built into the access point to scan and monitor the surrounding wireless environment. Select a frequency and click “Scan” to display a list of all SSIDs within range along with relevant details for each SSID.
Wireless Monitor
Site Survey
Channel Survey
Result
Site Survey Results
Ch
SSID
MAC Address
Security
Signal (%)
Type
Vendor
Select which frequency (or both) to scan, and click “Scan” to begin.
After a scan is complete, click “Export” to save the results to local storage.
Displays the channel number used by the specified SSID.
Displays the SSID identified by the scan.
Displays the MAC address of the wireless router/access point for the specified SSID.
Displays the authentication/encryption type of the specified SSID.
Displays the current signal strength of the
SSID.
Displays the 802.11 wireless networking standard(s) of the specified SSID.
Displays the vendor of the wireless router/access point for the specified SSID.
122
IV-7-2-4. Log
The system log displays system operation information such as up time and connection processes. This information is useful for network administrators.
When the log is full, old entries are overwritten.
Save
Clear
Refresh
Click to save the log as a file on your local computer.
Clear all log entries.
Refresh the current log.
123
The following information/events are recorded by the log:
" USB
Mount & unmount
" Wireless Client
Connected &disconnected
Key exchange success & fail
" Authentication
Authentication fail or successful.
" Association
Success or fail
" WPS
M1 - M8 messages
WPS success
" Change Settings
" System Boot
Displays current model name
" NTP Client
" Wired Link
LAN Port link status and speed status
" Proxy ARP
Proxy ARP module start & stop
" Bridge
Bridge start & stop.
" SNMP
SNMP server start &stop.
" HTTP
HTTP start & stop.
" HTTPS
HTTPS start & stop.
" SSH
SSH-client server start & stop.
" Telnet
Telnet-client server start or stop.
" WLAN (2.4G)
WLAN (2.4G] channel status and country/region status
" WLAN (5G)
WLAN (5G)channel status and country/region status
" ADT
124
IV-7-3. Management
IV-7-3-1. Admin
You can change the password used to login to the browser-based configuration interface here. It is advised to do so for security purposes.
If you change the administrator password, please make a note of the new password. In the event that you forget this password and are unable to login to the browser based
configuration interface, see IV-7-4-4. Factory Default for how to reset the access point.
Account to Manage This Device
Administrator
Name
Set the access point’s administrator name.
This is used to log in to the browser based configuration interface and must be between
4-16 alphanumeric characters (case sensitive).
Administrator
Password
Set the access point’s administrator password.
This is used to log in to the browser based configuration interface and must be between
125
SNMP Get
Community
SNMP Set
Community
4-32 alphanumeric characters (case sensitive).
Advanced Settings
Product Name
Management
Protocol
SNMP Version
Edit the product name according to your preference consisting of 1-32 alphanumeric characters. This name is used for reference purposes.
Check/uncheck the boxes to enable/disable specified management interfaces (see below).
When SNMP is enabled, complete the SNMP fields below.
Select SNMP version appropriate for your
SNMP manager.
Enter an SNMP Get Community name for verification with the SNMP manager for
SNMP-GET requests.
Enter an SNMP Set Community name for verification with the SNMP manager for
SNMP-SET requests.
SNMP Trap
SNMP Trap
Community
SNMP Trap
Manager
Enable or disable SNMP Trap to notify SNMP manager of network errors.
Enter an SNMP Trap Community name for verification with the SNMP manager for
SNMP-TRAP requests.
Specify the IP address or sever name (2-128 alphanumeric characters) of the SNMP manager.
HTTP
Internet browser HTTP protocol management interface
HTTPS
Internet browser HTTPS protocol management interface
TELNET
Client terminal with telnet protocol management interface
SSH
Client terminal with SSH protocol version 1 or 2 management interface
SNMP
Simple Network Management Protocol. SNMPv1, v2 & v3 protocol supported.
SNMPv2 can be used with community based authentication. SNMPv3 uses user-based security model (USM) architecture.
126
IV-7-3-2. Date and Time
You can configure the time zone settings of your access point here. The date and time of the device can be configured manually or can be synchronized with a time server.
Date and Time Settings
Local Time Set the access point’s date and time manually using the drop down menus.
Acquire Current
Time from your PC
Click “Acquire Current Time from Your PC” to enter the required values automatically according to your computer’s current time and date.
NTP Time Server
Use NTP
Server Name
The access point also supports NTP (Network
Time Protocol) for automatic time and date setup.
Enter the host name or IP address of the time server if you wish.
Update Interval Specify a frequency (in hours) for the access point to update/synchronize with the NTP server.
Time Zone
Time Zone Select the time zone of your country/ region. If
127
your country/region is not listed, please select another country/region whose time zone is the same as yours.
IV-7-3-3. Syslog Server
The system log can be sent to a server, attached to USB storage or sent via email.
Syslog Server Settings
Transfer Logs
Copy Logs to
Attached USB Device
Check/uncheck the box to enable/disable the use of a syslog server, and enter a host name, domain or IP address for the server, consisting of up to 128 alphanumeric characters.
Check/uncheck the box to enable/disable copying logs to attached USB storage.
Syslog Email Settings
Email Logs Check/uncheck the box to enable/disable email logs. When enabled, the log will be emailed
Email Subject according to the settings below.
Enter the subject line of the email which will be sent containing the log.
Specify the SMTP server address for the sender SMTP Server
Address email account.
SMTP Server Port Specify the SMTP server port for the sender email account.
128
Sender Email
Receiver Email
Authentication
Account
Password
Enter the sender’s email address.
Specify the email recipient of the log.
Select “Disable”, “SSL” or “TLS” according to your email authentication.
When authentication is used above, enter the account name.
When authentication is used above, enter the password.
IV-7-3-4. I’m Here
The access point features a built-in buzzer which can sound on command using the “I’m Here” page. This is useful for network administrators and engineers working in complex network environments to locate the access point.
The buzzer is loud!
Duration of Sound Set the duration for which the buzzer will sound when the “Sound Buzzer” button is
Sound Buzzer clicked.
Activate the buzzer sound for the above specified duration of time.
129
IV-7-4. Advanced
Wi-Fi Multimedia (WMM) is a Wi-Fi Alliance interoperability certification based on the IEEE 802.11e standard, which provides Quality of Service (QoS) features to IEE 802.11 networks. WMM prioritizes traffic according to four categories: background, best effort, video and voice.
IV-7-4-1. LED Settings
The access point’s LEDs can be manually enabled or disabled according to your preference.
Power LED
Diag LED
Select on or off.
Select on or off.
IV-7-4-2. Update Firmware
The “Firmware” page allows you to update the system firmware to a more recent version. Updated firmware versions often offer increased performance and security, as well as bug fixes.
This firmware update is for an individual access point. To update firmware for multiple access points in the AP array, go to NMS Settings !
Firmware Upgrade.
Do not switch off or disconnect the access point during a firmware upgrade, as this could damage the device.
130
Update Firmware
From
Select “a file on your PC” to upload firmware from your local computer or from an attached USB device.
Firmware Update File Click “Browse” to open a new window to
Update locate and select the firmware file in your computer.
Click “Update” to upload the specified firmware file to your access point.
131
IV-7-4-3. Save/Restore Settings
The access point’s “Save/Restore Settings” page enables you to save/backup the access point’s current settings as a file to your local computer or a USB device attached to the access point, and restore the access point to previously saved settings.
Save / Restore Settings
Using Device Select “Using your PC” to save the access point’s settings to your local computer or to an attached USB device.
Save Settings to PC
Save Settings Click “Save” to save settings and a new window will open to specify a location to save the settings file. You can also check the
“Encrypt the configuration file with a wish.
Restore Settings from PC
Restore Settings password” box and enter a password to protect the file in the field underneath, if you
Click the browse button to find a previously saved settings file on your computer, then click “Restore” to replace your current settings. If your settings file is encrypted with a password, check the “Open file with password” box and enter the password in the field underneath.
132
IV-7-4-4. Factory Default
If the access point malfunctions or is not responding, then it is recommended that you reboot the device (see IV-7-4-5.) or reset the device back to its factory default settings. You can reset the access point back to its default settings using this feature if the location of the access point is not convenient to access the reset button.
Factory Default Click “Factory Default” to restore settings to the factory default. A pop-up window will appear and ask you to confirm.
After resetting to factory defaults, please wait for the access point to reset and restart.
IV-7-4-5. Reboot
If the access point malfunctions or is not responding, then it is recommended that you reboot the device or reset the access point back to its factory default settings (see IV-7-4-4). You can reboot the access point remotely using this feature.
Reboot Click “Reboot” to reboot the device. A countdown will indicate the progress of the reboot.
133
IV-8. Toolbox
IV-8-1. Network Connectivity
IV-8-1-1. Ping
Ping is a computer network administration utility used to test whether a particular host is reachable across an IP network and to measure the round-trip time for sent messages.
Destination Address Enter the address of the host.
Execute Click execute to ping the host.
IV-8-1-2. Trace Route
Traceroute is a diagnostic tool for displaying the route (path) and measuring transit delays of packets across an IP network.
Destination Address Enter the address of the host.
Execute Click execute to execute the traceroute command.
134
V. Best Practice
How to Create and Link WLAN & Access Point Groups
You can use NMS to create individual SSIDs and group multiple SSIDs together into WLAN groups. You can then assign individual access points to use those
WLAN group settings and/or group multiple access points together into access point groups, which you can also assign to use WLAN group settings.
Follow the example below to:
A. Create a WLAN group.
B. Create an access point group.
C. Assign the access point group to use the SSID group settings.
A.
1. Go to NMS Settings ! WLAN and click “Add” in the WLAN panel:
2. Enter an SSID name and set authentication/encryption and click
“Apply”:
3. The new SSID will be displayed in the WLAN panel. Repeat to add additional SSIDs according to your preference, and then click “Add” in the WLAN Group panel:
4. Enter a name for the SSIDgroup and check the boxes to select which
SSIDs to include within the group. Click “Apply” when done.
135
B.
5. The new WLAN group will be displayed in the WLAN Group panel.
Repeat to add additional WLAN groups according to your preference:
1. Go to NMS Settings ! Access Point and click “Add” in the Access Point
Group Panel:
2. Enter a Name and then scroll down to the Group Settings panel and use the << button to add selected access points into your group from the box on the right side. Click “Apply” when done.
136
C.
3. The new access point group will be displayed in the Access Point Group panel. Repeat to add additional access point groups according to your preference:
1. Go to NMS Settings ! Access Point and select an access point group using the checkboxes in the Access Point Group panel. Click “Edit”:
2. Scroll down to the Profile Group Settings panel and check the “Override
Group Settings” box for WLAN Group (2.4GHz and/or 5GHz). Select your WLAN group from the drop-down menu and click “Apply”:
3. Repeat for other access point groups according to your preference.
COPYRIGHT
Copyright ©2017 by this company. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic, mechanical, magnetic, optical, chemical, manual or otherwise, without the prior written permission of this company
This company makes no representations or warranties, either expressed or implied, with respect to the contents hereof and specifically disclaims any warranties, merchantability or fitness for any particular purpose. Any software described in this manual is sold or licensed "as is". Should the programs prove defective following their purchase, the buyer
(and not this company, its distributor, or its dealer) assumes the entire cost of all necessary servicing, repair, and any incidental or consequential damages resulting from any defect in the software. Further, this company reserves the right to revise this publication and to make changes from time to time in the contents thereof without obligation to notify any person of such revision or changes.
137
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 3 I. Product Information
- 7 II. Quick Setup
- 10 III. Software Layout
- 15 IV. Features
- 15 LOGIN, LOGOUT & RESTART
- 17 DASHBOARD
- 18 System Information
- 18 Devices Information
- 19 Managed AP
- 20 Managed AP Group
- 21 Active Clients
- 21 Active Users
- 22 ZONE PLAN
- 24 NMS MONITOR
- 24 Access Point
- 24 Managed AP
- 26 Managed AP Group
- 28 Active WLAN
- 29 Active WLAN Group
- 29 Clients
- 29 Active Clients
- 30 Users
- 30 Active Users
- 30 Users Log
- 31 Rogue Devices
- 32 Information
- 32 All Events/Activities
- 32 AP Monitoring
- 33 IV-4-6-3. SSID Overview
- 35 NMS Settings
- 35 Access Point
- 50 RADIUS
- 56 Access Control
- 59 Guest Network
- 62 Users
- 66 IV-5-7-1. Add/Edit Guest Portal
- 67 IV-5-7-1-1. Front Desk URL
- 69 IV-5-7-1-2. Front Desk Printout
- 70 IV-5-7-1-3. Guest Portal Type
- 71 IV-5-7-1-4. Guest Portal Customization
- 74 Schedule
- 76 Smart Roaming
- 78 Device Monitoring
- 79 Firmware Upgrade
- 80 Advanced
- 80 System Security
- 80 Date & Time
- 81 System Accounts
- 83 Local Network
- 83 Network Settings
- 83 LAN-Side IP Address
- 86 LAN Port Settings
- 88 2.4GHz 11bgn (Not available on the WLC-6404)
- 88 Basic
- 89 Advanced
- 91 Security
- 92 No Authentication
- 92 WEP
- 93 IEEE802.1x/EAP
- 93 WPA-PSK
- 93 WPA-EAP
- 94 Additional Authentication
- 97 5GHz 11ac 11an (Not available on the WLC-6404)
- 97 Basic
- 99 Advanced
- 100 Security
- 103 WPS (Not available on the WLC-6404)
- 104 RADIUS (Not available on the WLC-6404)
- 106 RADIUS Settings
- 107 Internal Server
- 109 RADIUS Accounts
- 111 MAC Filter (Not available on the WLC-6404)
- 113 WMM (Not available on the WLC-6404)
- 114 Internal Server
- 114 Internal RADIUS Server
- 116 RADIUS Accounts
- 117 Schedule
- 118 Local Settings
- 118 Operation Mode (Not available on the WLC-6404)
- 118 System Settings
- 118 System Information
- 121 Wireless Clients (Not available on the WLC-6404)
- 122 Wireless Monitor (Not available on the WLC-6404)
- 125 Management
- 125 Admin
- 127 Date and Time
- 128 Syslog Server
- 129 I’m Here
- 130 Advanced
- 130 LED Settings
- 130 Update Firmware
- 132 Save/Restore Settings
- 133 Factory Default
- 133 Reboot
- 134 Toolbox
- 134 Network Connectivity
- 134 Ping
- 134 Trace Route
- 135 V. Best Practice
- 135 How to Create and Link WLAN & Access Point Groups