4IPNET OWL800, User Manual

Page 1: ...IEEE 802 11 b g Outdoor AP Bridge Support IEEE802 11a Client Backhaul Models OWL800 V1 00 OWL2000 V1 00 HSG800 V1 00...

Page 2: ...thout the prior written permission of 4IPNET INC Disclaimer 4IPNET INC does not assume any liability arising out the application or use of any products or software described herein Neither does it con...

Page 3: ...st Safety Information All models of OWL800 OWL2000 and HSG800 have been evaluated to and conforms to the product safety specifications of EN 60950 2001 A11 2004 Caution This product was qualified unde...

Page 4: ...all persons This device and its antennas must not be co located or operating in conjunction with any other antenna or transmitter Any changes or modifications not expressly approved by the party respo...

Page 5: ...EN 55024 1998 A1 2001 A2 2003 including the followings EN 61000 3 2 EN 61000 3 3 EN 61000 4 2 EN 61000 4 3 EN 61000 4 4 EN 61000 4 5 EN 61000 4 6 EN 61000 4 11 Safety EN 60950 1 2001 A11 2004 Caution...

Page 6: ...port IEEE802 11a Client Backhaul OWL800 OWL2000 HSG800 ENGLISH NCC Regulatory Information for Taiwan NCC NCC NCC NCC Caution OWL800 HSG800 OWL2000 OWL800 HSG800 OWL2000 CM9 19dBm Highest 19 dBm OWL800...

Page 7: ...re Installation 4 3 1 1 Package Contents 4 3 1 2 Panel Function Descriptions 5 3 1 3 Hardware Installation 6 3 2 Software Configuration 7 3 2 1 Instruction of Web Management Interface 7 3 2 2 User Log...

Page 8: ...Firewall 71 4 4 6 Route 73 4 4 7 802 1X 74 4 5 Utilities 75 4 5 1 Change Password 75 4 5 2 Import Export 76 4 5 3 Backup Restore 77 4 5 4 System Upgrade 78 4 5 5 Reboot 79 4 5 6 Scan 80 4 5 7 Upload C...

Page 9: ...the optional feature lists provided separately In this manual all the optional featured are covered In the following manual we will refer the device as OWL800 or the system for the convenience Model...

Page 10: ...ions and not to activate them Clear settings entered by clicking this button The red asterisk indicates information in this field is compulsory Note Screen captures and pictures used in this manual ma...

Page 11: ...e die cast Aluminum housing is IP68 compliant and high wind load resilient All the components are designed to operate in a wide range of temperature The on board surge protection provides the device u...

Page 12: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 3 Multi mode in Operation...

Page 13: ...x 1 y CD ROM x 1 y RJ45 RS232 Console Cable x 1 y PSE x 1 y Power cord x 1 y Mounting Kit x 1 y Waterproof Connector Pack x 2 y Rubber antenna x 4 Note It is recommended to keep the original packing...

Page 14: ...when OWL800 chassis with Mylar is faced up Each of the two radio module CM9 inside has two antenna connectors for antenna diversity The required antenna is antenna ANT1 and antenna ANT2 ANT1 is conne...

Page 15: ...ter 5 Connect the power cord to the PSE 6 Power on the PSE in order to supply power to OWL800 7 Note You must be professional to use a different replacement antenna and you must following the code reg...

Page 16: ...of this system After completing hardware installation the administrator can configure the OWL800 via web browsers The default IP address and Subnet Mask of different modes are as follows Mode AP Rela...

Page 17: ...L800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 8 Main Menu provides detailed configuration pages for administrators to configure the system manually Please refer to Section 4 Main Menu for more informati...

Page 18: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 9 AP Mode...

Page 19: ...ce will get an IP address automatically via DHCP Next open a web browser and access any URL and then the default User Login Page will appear Enter the username and password of the local user account g...

Page 20: ...800 ENGLISH 2008 4IPNET INC 11 Step 3 The Login Success Page will appear after a client is authenticated by the system and logs in successfully In the meantime successful login means OWL800 has been i...

Page 21: ...0 s to the administrator s PC is needed in order to get Administrator Login Page The following IP address is listed as an example IP Address 192 168 2 10 Subnet Mask 255 255 255 0 Default Gateway 192...

Page 22: ...on on the upper right corner of the web management interface to return to the Administrator Login Page Note By default the system is in AP Relay mode Therefore the administrator must login to the syst...

Page 23: ...is needed The following IP address is listed as an example IP Address 192 168 1 10 Subnet Mask 255 255 255 0 Default Gateway 192 168 1 254 Once OWL800 has been connected the Administrator Login Page w...

Page 24: ...Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 15 Gateway Mode To logout simply click the Logout icon on the upper right corner of the web management interface to return to the Administrator Log...

Page 25: ...t in AP Relay mode it is a layer2 IP device like a normal AP No IP sharing NAT and routing feature are support When OWL is set in Gateway mode it is a layer3 IP device Like an AP router OWL800 in the...

Page 26: ...lect VAP Configuration from submenu item 3 Administrator can enable or disable specific VAP from the drop down list of Profile Name 4 Set desired ESSID 5 Disable VLAN ID means untagged when this VAP i...

Page 27: ...ettings 1 Click on the WDS menu item Select General submenu 2 WDS is used as bridge backhaul By default a mode is used for WDS You must select a channel to Select preferred Channel for the wireless co...

Page 28: ...abled First choose the WDS Profile enable WDS supply peer s MAC address and security type Gateway AP Mode Note WDS profiles are able to be configured even when the respective Radio module is disabled...

Page 29: ...P AP Gateway AP WDS Gateway AP User AP Utilities Gateway AP and Status Gateway AP OPTION FUNCTION General AP Gateway Network Interface AP Gateway Management AP Gateway VLAN Overview Gateway VLAN Confi...

Page 30: ...tart Introduction OWL800 has equipped a friendly Web graphical user interface for users and system administrators to configure parameters easily and remotely The recommended web browsers are IE 6 0 TM...

Page 31: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 22 AP Mode...

Page 32: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 23 Gateway Mode...

Page 33: ...008 4IPNET INC 24 4 1 System This section guides you through the following functions System Information Network Interface Management Service VLAN Overview VLAN Configuration Walled Garden List and Gat...

Page 34: ...mnemonic purpose It is recommended to have different values for each AP Time settings allow you to set OWL800 s system time manually or have it synchronized automatically with NTP server When NTP ser...

Page 35: ...lly While this method is selected at least one NTP server s IP address should be provided It is recommended to give both NTP servers IP addresses to prevent occasionally NTP service unavailable Gatewa...

Page 36: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 27 4 1 2 Network Interface There are 3 connection types supported on OWL800 s WAN port Static DHCP or PPPoE AP Mode...

Page 37: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 28 Gateway Mode...

Page 38: ...by DHCP or Static o Static setting Static setting is to set these parameters manually Basic parameters such as IP address subnet mask and gateway are needed AP Mode Gateway Mode o DHCP client This opt...

Page 39: ...PPOE When selecting PPPoE to connect to the network please set the Username Password MTU and CLAMP MSS There is a Dial on demand function under PPPoE If this function is enabled a Maximum Idle Time ca...

Page 40: ...is correct Layer 2 STP It depends on the configuration of the OWL800 including wired and wireless settings When it is configured to bridge several networks STP needs to be enabled Dynamic DNS DDNS OWL...

Page 41: ...NGLISH 2008 4IPNET INC 32 4 1 3 Management For easier maintenance SNMP Simple Network Management Protocol and remote Syslog services are provided in OWL800 The OWL800 will be managed remotely in a cen...

Page 42: ...for the SNMP managers to set the MIB information to the system The example here indicates that the SNMP managers can write the MIB information to the system when the SNMP mangers use the community Pr...

Page 43: ...The VLAN tag for the respective VLAN The hyperlink connects to VLAN s Configuration Zone Interface IP The hyperlink connects to VLAN s Configuration Zone DHCP Enable or Disable DHCP state shown here T...

Page 44: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 35 Gateway Mode VLAN Configuration...

Page 45: ...LAN Configuration Gateway Mode VLAN This section is where to configure each VLAN There are 9 VLANs VLAN0 8 Remark Text remark about this VLAN VLAN Tag each VLAN is identified by different tags carried...

Page 46: ...le DHCP Make OWL800 your DHCP server o Domain Name Domain Name looks like domain com that is a better memorable term to IP address Client looks up a website by entering its domain name or its IP addre...

Page 47: ...s list Reserved IP Address is a static IP address reserved for a special client by his MAC address Allowed Authentication Method and Applied Policy o Local Select a policy and apply to local authentic...

Page 48: ...sites before login and authentication An example may be seen in hotels where guests without network access right are allowed to utilize the network service free of charge such as accessing the Hotel s...

Page 49: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 40...

Page 50: ...e is to create WDS link with other wireless devices o Gateway Mode Selecting Gateway Mode enhances OWL800 a new feature user authentication gateway Please see Users for configuration instruction Radio...

Page 51: ...have its own settings including ESSID VLAN ID security settings and etc Therefore these VAPs can bring different service level to clients depending on the ESSID connected to Please click on the menu i...

Page 52: ...ion Gateway AP Mode Security Type The hyperlink showing security type connects to the screen of Security Settings Gateway AP Mode MAC ACL The hyperlink showing status of MAC ACL connects to the screen...

Page 53: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 44 Gateway AP Mode...

Page 54: ...transmit rate can be set as auto or specific available rate Transmit Power Choose from Lowest Power to Highest Power level or auto Note The factory default setting is Highest 19 dBm Each level steps...

Page 55: ...its profile VAP Enable or disabled virtual AP settings Profile Name Give the profile an identity for management purpose ESSID Extended Service Setting ID indicate the SSID which the clients used to co...

Page 56: ...tors can depend on the need to provide different service levels to clients The security type includes the items on the drop down menu of security type None No authentication required This is the defau...

Page 57: ...er s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 48 802 1x Provides RADIUS authentication and enhanced WEP Gateway Mode AP Mode WPA PSK Provides shared key authentication in WPA data encrypti...

Page 58: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 49 Gateway AP Mode WPA RADIUS Authenticate user by RADIUS in WPA data encryption Gateway Mode...

Page 59: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 50 AP Mode...

Page 60: ...nd is default to 2346 Fragmentation Threshold A unicast frame larger than this threshold will be fragmented before the transmission If significant numbers of collisions are occurring we can try to tak...

Page 61: ...stations to a desired number For example while the number of station is set to 20 only 20 stations are allowed to connect to this VAP For MAC ACL control the supported methods include Disable Access...

Page 62: ...r can still enable or disabled the rule applied to the specified one For example 11 22 33 44 55 66 is in the allow list to temporarily deny its access we can disable the rule on it Gateway AP Mode MAC...

Page 63: ...pply to all Virtual Access Point in this device 4 3 1 Overview WDS links are used as backhaul or bridges The figure provides an overall status of all WDS links Turn the WDS link by giving signal quali...

Page 64: ...he second radio in the system is designed for building WDS links WDS links are used as backhaul or point to point bridges WDS links do not service AP clients 11a 5 725 5 85GHz is used by the 2nd radio...

Page 65: ...able the specified WDS link MAC Address of Remote AP For each link type the MAC address of the remote peer here The MAC address may also get by WDS Discovery Please refer to WDS discovery in the follo...

Page 66: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 57 o TKIP Gateway AP Mode...

Page 67: ...secret Please refer to WDS RF settings for the shared secret The remote peer must also have the same Scan feature equipped To start WDS discovery select WDS interface and then click on the Discover No...

Page 68: ...vice Settings 4 4 1 Local Local user database is built locally in OWL800 To add new user accounts enter specific information User Name Password MAC Address and Remark and click Add All created account...

Page 69: ...abled Local user database functions as an external RADIUS server for another gateway Therefore a user can roam out to the network under anther gateway by using the same Local account For more informat...

Page 70: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 61 Gateway Mode Search User List Gateway Mode Edit User List...

Page 71: ...external RADIUS servers It functions as a RADIUS authenticator for external RADIUS servers To enable the RADIUS authentication enter the related information for the primary RADIUS server and or the se...

Page 72: ...02 1X Client Device Settings page to further set up the 802 1X capable devices that are allowed to authenticate against the Local user database Username Format to RADIUS Server When ID Only is selecte...

Page 73: ...d is designed as the authentication option for this type of deployment scenarios Gateway Mode Postfix It is a string used by the system to distinguish which database server will be used for authentica...

Page 74: ...guest users o Wireless Key The administrator can enter the defined wireless key such as WEP or WPA in the field The Wireless Key will be printed on the receipt for the guest users reference when acce...

Page 75: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 66 Billing Plans Administrators can configure several billing plans Gateway Mode...

Page 76: ...67 On demand Account Creation When at least one plan is enabled the administrator can generate On demand user accounts here Gateway Mode On demand Account List All created On demand accounts are list...

Page 77: ...erform the search All usernames matching the keyword will be listed Username The login name of the instant account Password The login password of the instant account Remaining Quota The total time tha...

Page 78: ...ng Firewall Rules Specific Routes Profile which will be applied to all users unless the user has been regulated and applied to another policy Gateway Mode Global Policy Firewall Profile Global policy...

Page 79: ...s applied this policy will access the Internet through this default gateway Schedule Profile The Schedule table in a 7x24 format is used to control the clients login time When Schedule is enabled clie...

Page 80: ...the list can be deleted Delete button from the list or edited Edit button Source IP Subnet Mask The combination of these two fields specifies either the IP address of a source host or the source netwo...

Page 81: ...G800 ENGLISH 2008 4IPNET INC 72 subnet 192 168 2 xxx Protocol The specific service protocol for the filtering rule ALL TCP UDP TCP UDP ICMP and IP Action Pass is to allow the packet to pass Block is t...

Page 82: ...ugh the system s default gateway WAN interface Gateway Mode To add a rule to the Specific Route list specify the values of following fields and click the Add button A rule in the list can be deleted D...

Page 83: ...from the IP address or network segment of 802 1 X enabled client devices or the remote gateway is not allowed 802 1X The client device is 802 1X enabled such as AP and switch Roaming Out The device is...

Page 84: ...access it is strongly recommended to change the default administrator s password to your own one Only alpha numeric characters pattern is allowed and it is strongly recommended to take a combination...

Page 85: ...Gateway Mode Import Local User Click Browser button to select the file for uploaded user account and then click Import to execute the process Export Local User Click Export button to create all build...

Page 86: ...system configurations to a backup file on a local disk of the management console A backup file for OWL800 keeps the current system settings as well as the local user accounts Before any configuration...

Page 87: ...age appearing to notify the administrator to restart the system after successful firmware upgrade Gateway AP Mode Although the system will check the firmware s contents to ensure its integrity it is s...

Page 88: ...0 safely The process should take about three minutes Click Reboot button to restart the system Please wait for the blinking timer to finish before accessing the system web management interface again O...

Page 89: ...ttings it can avoid unexpected conflict in settings and tune the corresponding parameters Gateway AP Mode Scan Enable or Disable scan settings Scan Interval The time interval used to trigger the scann...

Page 90: ...mer certification external certificate issued by public or private authority Click the first Browse button to select the Private Key or Certificate Click the second Browse button to select the file fo...

Page 91: ...following functions System Overview WDS List Antennas Associated Clients Event Log Online Users and User Log 4 6 1 Overview The section provides an overview of the system status for the administrator...

Page 92: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 83 AP Mode...

Page 93: ...me is shown as the local time MAC Address The MAC address of Network Interface Network Interface IP Address The IP address of the Network Interface MAC Address The MAC address of LAN Interface IP Addr...

Page 94: ...s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 85 4 6 2 WDS List WDS lists indicate the link status of each RF interface including status of Mac Address SNR dB rate count and errors Gateway AP...

Page 95: ...nna connectors one Main connector and the other as Auxiliary connector The Main connector must be connected with an antenna The Auxiliary is optionally connected to an antenna The above picture repres...

Page 96: ...OWL2000 HSG800 ENGLISH 2008 4IPNET INC 87 4 6 4 Associated Clients List all associated clients from all the VAPs Please take this table to manage the clients and take the signal strength for debug pur...

Page 97: ...ate Time Name or Status Date Time The time date when the event happened Hostname Indicate which host records this event Note that all events in this page are local event so events of this field are al...

Page 98: ...e users information can be obtained by using this function These include User name IP Address MAC Address Idle Time and Action The administrator can use this function to force a specific online user t...

Page 99: ...on the volatile memory and will be lost if the system is powered off Gateway AP Mode Users Log The Users Log provides information of all users login and logout activities except guest users RADIUS ro...

Page 100: ...es When the number of a user s sessions reaches the session limit a choice of Unlimited 10 25 50 100 200 350 and 500 the user will be implicitly suspended upon receipt of any new connection request In...

Page 101: ...s of the client SPort The source port number of the client DIP The destination IP address of the client DPort The destination port number of the client The following table shows an example of the sess...

Page 102: ...eristics of IEEE 802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point to point connection characteristics and of preventi...

Page 103: ...802 1X Client Device Authenticator The system will only allow this 802 1X enabled client device AP to send 802 1X authentication request to internal or external RADIUS server Click the Roaming Out 80...

Page 104: ...xample 2 OWL800 is configured to use external RADIUS server for 802 1X authentication Internal RADIUS Local Database Supplicant 192 168 1 64 Authenticator hq user1 hq radius 192 168 1 254 Gateway Mode...

Page 105: ...ADIUS server in the RADIUS page Step 2 Specify the 802 1X Client Device Authenticator The system will only allow this 802 1X enabled client device AP to send 802 1X authentication request to internal...

Page 106: ...external RADIUS server for remote gateway to service Roaming Out users Note In this example the AP is not enabled as 802 1X Authenticator therefore the Roaming Out User will be authenticated via web...

Page 107: ...Specify the remote gateway Authenticator The system will only allow this 802 1X enabled client device remote gateway to send 802 1X authentication request to internal or external RADIUS server Click t...

Page 108: ...User s Manual OWL800 OWL2000 HSG800 ENGLISH 2008 4IPNET INC 99 P N 100200904071...