Browan 2251XW, User Manual

Page 1: ...Dual Radio 802 11a n b g n Outdoor Access Point BW2251 User s Guide v1 0 ...

Page 2: ...ble only to the degree specified in the terms of sale and delivery The reproduction and distribution of the documentation and software supplied with this product and the use of its contents is subject to written authorization from BROWAN Trademarks The product described in this book is a licensed product of BROWAN Microsoft Windows 95 Windows 98 Windows Millennium Windows NT Windows 2000 Windows X...

Page 3: ...r body This transmitter must not be co located or operating in conjunction with any other antenna or transmitter Country Code selection feature to be disabled for products marketed to the US CANADA Operations in the 5 15 5 25GHz 5 470 5 725GHz band are restricted to indoor usage only The band from 5600 5650MHz will be disabled by the software during the manufacturing and cannot be changed by the e...

Page 4: ...with waterproof connector 12 Antenna connection and grounding 13 Waterproof tape 14 Mounting kit 15 Connect to the Power Source and Local Network 16 Access to your access point 16 Configuration 16 CHAPTER 3 REFERENCE MANUAL AP MODE 18 Web Interface 18 Status 19 Status Device Status 19 Status Wireless Status 21 Status Dynamic Bridge Status 21 Status Interface Statistics 22 Network 23 Network Interf...

Page 5: ...ystem Location Settings 81 CHAPTER 4 REFERENCE MANUAL AP ROUTER MODE 82 Web Interface 82 Status 84 Status Device Status 84 Status Wireless Status 85 Status Interface Statistics 85 Network 87 Network Interface 87 Network PPPoE 89 Network L2TP 90 Network RADIUS Server 92 Network RADIUS Properties 96 Network DNS 98 Network DHCP 99 Network DHCP Lease 102 Network Static Route 102 Network Attack Counter...

Page 6: ...Upgrade 155 System TFTP Upgrade 156 System Location Settings 157 CHAPTER 5 USER PAGES BASED ON XSL 158 User Pages Overview 158 Welcome Page 158 Login Page 158 Logout Page 159 Help Page 160 Unauthorized Page 161 Example for External Pages 161 Example for Internal Pages 164 Extended UAM 167 Parameters Sent to WAS 169 CHAPTER 6 CUSTOMIZED USER PAGE HTML 173 Set up your customized user page 173 FAQ 17...

Page 7: ...solid understanding of software installation procedures for network operating systems under Microsoft Windows 95 98 Millennium 2000 NT and Windows XP and general networking operations and troubleshooting knowledge Conventions Used in this Document The following typographic conventions and symbols are used throughout this document Very important information Failure to observe this may result in dam...

Page 8: ...age for deploying outdoor Wi Fi networks z Support IEEE802 11a b g n Wi Fi standard z Wireless AP router mode NAT Different IP subnet per BSSID Support DHCP server or client z FAT AP with AP or AP Router mode configuration z Point to point or smart point to multi point bridge Secure and reliable wireless networking BW2251 supports and meets industry security requirement of wide area networking pro...

Page 9: ... Backup Restore configuration file z Command Line Interface CLI with optional SSH z Simple Network Management Protocol V1 V2 Features Highlight Support IEEE802 11a b g n Wi Fi standard Superior Wireless Bridging Capability PtP PtMP Support up to 16 BSSID Virtual AP Wi Fi Protected Access WPA and WPA2 with TKIP or AES Wired Equivalent Privacy WEP using static or dynamic key of 64 or 128 bits Anti I...

Page 10: ...ps with an aluminum alloy frame resistant with waterproof design housing is able to operate even under extreme weather conditions Figure 1 BW2251 General View I O Interface Antenna 2 4G ETH PoE Console Antenna 2 4G Antenna 5G Antenna 5G Figure 2 BW2251 I O interface Chapter 2 Hardware Installation ...

Page 11: ...onnector WLAN 1 2 4G N type antenna connector mark with ANT2 5 Grounding Grounding contact It is highly recommend to connect the grounding system in order protecting surge and lightning damage 6 Reset button Reboot or Reset device Press reset button to reboot device or keep press for more than 5 seconds to reset factory default configuration 7 Air convection Air convection hole for air convection ...

Page 12: ...1 Back Label with MAC address and S N model name certification etc 2 MAC address The label shows the WLAN interface MAC address of the device WLAN 1 the radio MAC for 2 4G WLAN 2 the radio MAC for 5G The LAN MAC WLAN 1 MAC 1 Hex AP mode The WAN MAC WLAN 1 MAC 1 Hex AP router mode 3 Serial Number of the device ...

Page 13: ...e waterproof Following the assemble instruction shown as below It is recommend to use shielding STP RJ 45 cable to be grounding and shielding strip cable sheath insert the screw nut into the housing insert the sealing into clip and housing insert the cable all the way through crimp the RJ45 plug insert the RJ45 plug into the housing then secure the sealing nut tightly Figure 5 Waterproof connector...

Page 14: ...unding The BW2251 is equipped with N type connector for outdoor antenna connection Connecting the N type antenna to the connector as shown on the right Attach the grounding wire to be grounding to protect from the lightning damage It is recommend that the length of grounding wire less than 3 meter and the cross section area should be no smaller than 6mm2 Figure 7 secure antenna and grounding cable...

Page 15: ... The waterproof tape protect device from water leakage Use the enclosed waterproof tape to wrap around the base of N type and RJ 45 connector which shown as following Figure 8 waterproof tape The BW2251 equipped with aluminum housing already IP 68 rated waterproof ...

Page 16: ...der and base Assemble the mast holder first and combine these two parts All the screws and nuts must be locked tightly and securely Figure 9 mount kit assembly Step 2 Assemble the base of bracket on the back of the device and mount on the mast All screws and nuts must be locked tightly and securely at this time also Figure 10 mounting to the device and mast ...

Page 17: ... or mount it on the mast Use the enclosed mount kit to mount BW2251 on the mast Step 2 Connect DC 48V power supply to PoE injector DC jack Step 3 Connect the Ethernet cable from the BW2251 to PoE injector P data out port Step 4 Connect Ethernet cable from PoE injector data in port to the computer or through LAN switch connect to your local network Please refer to the figure shown as below Figure 1...

Page 18: ... 192 168 2 2 a rg Step 2 Enter the BW2251 administrator login details to access the Web management The default administrator log on settings for all access point interfaces are User Name admin Password admin01 Continuously clicking Yes to proceed Figure 12 Security alert Figure 13 login page Step 3 After successful administrator log on you will see the main page of the BW2251 Web interface Figure ...

Page 19: ...web management menu is displayed at the top of the page after successfully logging into the system see the figure below From this menu all essential configuration pages are accessed Figure 15 Main Configuration Management Menu The web management menu has the following structure Status Device Status show the status related with the whole device Wireless Status show the status of the two radios Dyna...

Page 20: ... Telnet SSH service SNMP SNMP service Time manually set time NTP NTP settings of BW2251 Watchdog Enable the S W or H W watchdog of BW2251 System Administrator set access permission to your BW2251 System Log check the system log locally or specify address where to send system log file System Mode specify whether the BW2251 works in AP mode or in AP router mode System Info specify some device relate...

Page 21: ...ent time of the BW2251 Wlan1 MAC show the MAC addresses of the wireless interfaces 2 4G of the BW2251 Wlan2 MAC show the MAC addresses of the wireless interfaces 5G of the BW2251 Free System Memory indicate the memory currently available in the BW2251 Total System Memory indicate the total memory in the BW2251 LAN Mode indicate static IP or DHCP client is used for BW2251 LAN IP address LAN MAC dis...

Page 22: ... on the BW2251 Mode AP or Bridge mode is be used for this wireless interface Band specify which band is in use for wireless interface Total Connected Clients indicate number of the currently connected clients to your BW2251 Tx Power indicate radio transmit power of the BW2251 MAC ACL indicate the status of MAC ACL feature on BW2251 SSID Number indicate current number of enabled SSID on BW2251 Stat...

Page 23: ... on the network interface The bytes number is displayed in KB Input Packets show the packets number received on the network interface Input Errors show the packets number which contain errors preventing them from being received correctly Output Bytes KB show the total number of bytes transmitted out of the network interface The bytes number is displayed in KB Output Packets show the packets number...

Page 24: ...e gateway For Bridge type interfaces the gateway is always the gateway router Protocol specify static for setting IP address manually and dhcp for getting IP address dynamically acting as DHCP client VLAN Enable or disable VLAN on LAN bridge interface VLAN ID When enabled VLAN specify the VLAN ID of it Save save the entered values Cancel restore all previous values Change status or leave in the de...

Page 25: ...nce click Reboot button and then it is necessary to wait a moment And the message of reboot appears just like bellows Figure 23 Reboot Information Network Bridge The Spanning Tree Protocol is a network protocol that ensures a loop free topology for any bridged Ethernet local area network The basic function of STP is to prevent bridge loops and the broadcast radiation the results from them Specify ...

Page 26: ...ide attack anti attack polices can be set here based on network needs Figure 27 Attack Countermeasure settings Anti DOS Status Enable or disable anti dos policy for BW2251 This policy is for TCP DOS attack Max Load The attack threshold BW2251 think there is TCP DOS attack and do the countermeasure if one client s TCP links exceed this threshold Expire seconds If one client is considered as DOS att...

Page 27: ...ure Delete delete the selected RADIUS Server entry The last entry can not be deleted Add add new RADIUS server Click Details a similar page will be appeared as below Figure 29 Detail for Radius Server profile Name the new RADIUS server name which is used for selecting RADIUS server If a default appears on the right side of the Name entry it means this RADIUS server profile is the default profile A...

Page 28: ... Port show the network port used to communicate with the Accounting RADIUS server Accounting Secret show the shared secret string that is used to make sure the integrity of data frames used for the Accounting RADIUS server User Password Md5sum Secret show whether user input password is calculated md5 sum before pass to RADIUS server or not Back back to the RADIUS Server main page Edit edit the sel...

Page 29: ...e IP address of Accounting RADIUS server dots and digits Accounting Port specify the network port used to communicate with the Accounting RADIUS server 1 65535 Accounting Secret shared secret string that is used to make sure the integrity of data frames used for the Accounting RADIUS server The default port value for authentication is 1812 The default port value for accounting is 1813 The port spe...

Page 30: ...server Apply Changes to save all changes at once Discard Changes restore all previous values Click Apply Changes to apply all the changes Then the follow similar page will appear Figure 33 Reboot Server Reboot restart the access point to make applied changes work If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to...

Page 31: ...from the user side no network carrier before closing the connect 1 999999999 User Accounting Update Interval Seconds period after which server should update accounting information 60 999999999 User Accounting Update Retry seconds retry time period in which server should try to update accounting information before giving up 60 999999999 User Idle Timeout seconds amount of user inactivity time befor...

Page 32: ...anges click if RADIUS Properties configuration is finished Discard Changes restore all previous values Network DHCP In AP mode BW2251 can act as DHCP server The DHCP Dynamic Host Configuration Protocol service is supported on layer 2 interfaces DHCP server and DHCP relay are disabled by default Figure 36 DHCP Settings Edit edit the DHCP settings To enable DHCP server click the Edit button Figure 3...

Page 33: ... from IP Address to specify the IP address range to be dynamically allocated by the DHCP server Netmask enter the netmask for IP pool range Gateway enter the gateway IP for wireless clients WINS Address Windows Internet Naming Service specify server IP address if it is available on the network dots and digits Lease Time specify the IP address lease interval in seconds 1 1000000 Domain specify the ...

Page 34: ...r settings will be automatically adjusted to match the network interface settings The Gateway of DHCP server settings must be same with the Gateway of BW2251 For each change of settings the BW2251 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears ...

Page 35: ... button for applying all modifications And if there are still other setting modifications needed go ahead to finish all changes and then click Reboot button to restart and apply all settings together When BW2251 network Interface uses DHCP to get IP address dynamically DHCP server service cannot be enabled When BW2251 uses DHCP to get IP address the similar WEB UI will be appeared Figure 41 Warnin...

Page 36: ...s connections and kick out all the wireless clients when it detects that its Ethernet network cannot be accessed to the internet Figure 43 Link Integrity settings Click Edit button to set the Link Integrity settings the similar UI will be appeared as below Figure 44 Edit Link Integrity settings Status Enable or disable the feature of Link Integrity Target IP1 to Target IP5 IP addresses for BW2251 ...

Page 37: ...arget IP can be specified The BW2251 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears Figure 46 Reboot Server Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuou...

Page 38: ...ication AP Cert uploading the AP certification Network Tr069 Settings TR 069 is the Broadband Forum technical specification entitled CPE WAN Management Protocol CWMP It defines an application layer protocol for remote management of end user devices As a bidirectional SOAP HTTP based protocol it provides the communication between customer premises equipment CPE and Auto Configuration Servers ACS se...

Page 39: ...orm Interval the inform interval in seconds the value is 720 4294967295 Connection Request UserName when the ACS pulling a task to AP CPE such as firmware upgrade downgrade AP need the user name to verify the task sending from ACS server Connection Request Password when the ACS pulling a task to AP CPE such as firmware upgrade downgrade AP need the password to verify the task sending from ACS serv...

Page 40: ...ver and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings ...

Page 41: ...sic menu to configure wireless settings such as regulatory domain channel band and power layer 2 isolation Click the edit button on the setting you need to change Figure 51 Basic Wireless Settings with static channel selection Figure 52 Basic Wireless Settings with auto channel selection DCA ...

Page 42: ...end Fragment Threshold It specifies the maximum size for a packet before data is fragmented into multiple packets If you experience a high packet error rate you may slightly increase the fragmentation threshold Setting the fragmentation threshold too low may result in poor network performance Only minor modifications of this value are recommended The default value is 2347 recommend Beacon Interval...

Page 43: ...are clients not supporting short preamble connected otherwise using short preamble The default is Auto recommend Short always using short preamble Long always using long preamble Slot Time show the slot time policy when working in 2 4GHz band Auto using long slot time when there are clients not supporting short slot time connection otherwise using short slot time The default is Auto recommend Shor...

Page 44: ...erlapping coverage areas we recommend at least four channels interval between the chosen channels For example for three Access Points in close proximity choose channels 1 6 and 11 for 11b g or channels 36 40 and 64 for 11a Band show the working bands on which the radio is working wlan1 four bands listed 2 4GHz 11g only 2 4GHz 11n HT20 2 4GHz 11n HT20 40plus 2 4GHz 11n HT20 40minus wlan2 four bands...

Page 45: ...onment is stable which means auto channel selection needn t do frequently set a big value for DCA threshold to gain a stable wireless users connection If wireless network environment changes continually frequent auto channel selection is needed So set a relative small value for DCA threshold to let channel change based on wireless environment Wireless users will be kicked off when DCA is processin...

Page 46: ...etail with DynamicBridge setting please refer to Wireless Advanced page in DynamicBridge mode Change status or leave in the default state if no editing is necessary and click the Save button Figure 56 Apply or Discard dynamicbridge setting For such change of settings the BW2251 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears ...

Page 47: ...with multi service supporting including different security policy different VLAN ID different authentication etc All the BSSIDs are active at the same time that means client devices can associate to the access point for specific service Use the Wireless Advanced menu to configure properties related to Multiple BSSID including configure SSID Hidden SSID VLAN and Security for each SSID You can defin...

Page 48: ...name for wireless client searching and associating Hidden show the status of Hidden SSID feature disable enable Security show which security policy is used for this MBSSID entry Current Connect show the number of current wireless clients associate to this MBSSID New create a new MBSSID entry Detail show the detail information of this MBSSID entry Edit edit the selected MBSSID entry you want to con...

Page 49: ...o enable the function Only 11n only 802 11n client can connected to the SSID Disassociation low MCS low MCS client won t associate to the AP check box to enable it Max Station Number define maximum number of associated wireless client to this SSID By default the number is maximum 127 client can be associated to the AP without check box Or check box to enable limited client 1 127 Layer 2 Isolation ...

Page 50: ...must cooperate with remote Router or APC Interface priority specify the traffic priority for this SSID interface which is implemented according to 802 11e EDCA and makes sure the wireless downlink QoS This priority is based on SSID which means different BSSID can have different traffic priority and the traffic of the same SSID has the same priority This traffic priority only makes sure the priorit...

Page 51: ...on will fail The key value is set in Wireless WEP web page 802 1x when selected the MSSID entry will be configured as an 802 1x authenticator It supports multiple authentication types based on EAP Extensible Authentication Protocol like EAP TLS EAP TTLS EAP PEAP EAP SIM The privacy will be configured as dynamic WEP RADIUS Server Profile select your RADIUS server profile Please go to Network RADIUS...

Page 52: ...re 62 Multiple BSSID Setting 4 WPA PSK when selected the encrypt method will be WPA without RADIUS server WPA2 PSK when selected the security policy will be WPA2 PSK without RADIUS server In this mode only WPA2 PSK client can connect with AP and WPA PSK client is not permitted to connect WPA2 PSK MIXED when selected WPA2 PSK and WPA PSK clients are all permitted to connect with AP Use Pre Shared K...

Page 53: ... without RADIUS server Encode Pre shared key encode HEX ASCII Use Pre Shared key specify more than 8 characters and less than 64 characters for WPA with pre shared key encryption Disabled when selected you don t select any security policy Change status or leave in the default state if no editing is necessary and click the Save button Figure 64 Apply or Discard the advanced Settings in AP mode For ...

Page 54: ... BW2251 to automatically seek and associate nearby root AP and dynamically self configure for wireless bridge connection Whenever a bridge link is broken the network will auto re configure route to minimize the lost of WLAN operation It also minimized the technician intervention and reduce cost of going on site to re establish transmission paths Figure 66 Advanced Wireless Setting Bridge Mode Radi...

Page 55: ... despite the client AP configured NetID NetID is a very important element for the dynamicbridge link The link between root and client AP will based on the same NetID to make the bridge link Security specify the security policy of the bridge link WPA PSK AES disable WPAPSK AES specify more than 8 characters and less than 64 characters for WPA with pre shared key encryption Disable no data encryptio...

Page 56: ...ther Wireless WEP Use the Wireless WEP menu to configure static WEP settings This menu only set static WEP key value related with 4 key indexes Enable or Disable static WEP is in the Wireless Advance menu Figure 70 WEP Settings Radio show the wireless interface Click Edit to edit the existing wepkey1 to wepkey4 By default four WEP keys are all set to aaaaa ascii characters or 6161616161 hexadecima...

Page 57: ...Changes Request for reboot server appears Figure 73 Reboot information Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all sett...

Page 58: ...clients connecting to the BW2251 are allowed no ACL rules are applied to the wireless clients Select Allow means only the wireless clients whose MAC are listed in the MAC List would be permitted to access this AP Other wireless client cannot access this AP Select Deny means only the wireless clients whose MAC are listed in the MAC List would be prevented from accessing Other wireless clients can a...

Page 59: ...example 00 90 4B 00 11 22 Save click the button to save the new MAC entry Figure 77 Apply or Discard MAC ACL Configuration Changes Apply Changes to save all changes made in the interface table at once Discard Changes restore all previous values For such change of settings the BW2251 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears Fi...

Page 60: ...eless Advanced page to configure intra BSS communication of users in the same BSS Full layer 2 isolation need to set both intra BSS and inter BSS layer 2 isolation The Wireless layer 2 isolation setting page is only exist in AP mode as it is only for inter BSS layer 2 isolation There is no Wireless layer 2 isolation setting page in AP Router mode Figure 79 layer 2 Isolation Service Edit edit the l...

Page 61: ... Address enter the physical address of the network device MAC address The format is a list of colon separated hexadecimal numbers for example 00 90 4B 00 11 22 Save click the button to save the new Allowed MAC List entry Cancel discard change and restore all previous values For such change of settings the BW2251 needs to be restarted to apply all settings changes when clicking Apply Changes Reques...

Page 62: ...ess point to show the RSSI channel etc information in the environment Figure 85 neighbor list Click Scan 2 4G or Scan 5G button SSID the SSID of scanned access point MAC address the MAC address of scanned access point RSSI dBm the RSSI of scanned access point in dBm Channel the channel of scanned access point Co Channel display if the neighbor access point channel same with BW2251 Y yes N no Adjac...

Page 63: ...ay in this page Figure 86 priority 5G Click Edit button to configure it Figure 87 enable 5G priority Interface the interface of BW2251 SSID the SSID of BW2251 both 2 4G and 5G Reject counter the counter that AP will reject 2 4G client connection Interval second the interval second during every reject counter Delay delay time of reject counter Enable enable or disable the function check box or not ...

Page 64: ... is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings ...

Page 65: ... BSS the client connected to User IP IP address from which the user s connection is established digits and dots Authed indicate this client is authenticated or not Wireless Auth show the authentication method which user used to connect Time Length session duration since the user login hh mm ss Idle Time amount of user inactivity time hh mm ss Action view the statistics or kickoff the user Detail c...

Page 66: ... Time Length remaining user s session time hh mm ss Session time for user is defined in the RADIUS Server Idle time specify current idle time Idle Timeout specify the time of user idle timout hh mm ss When reach the time the user will be logged out automatically Input Bytes amount of data in bytes which the user network device has received Bytes Output Bytes amount of data in bytes transmitted by ...

Page 67: ... availability This monitoring is performed with ping If the specified number of ping failures is reached failure count the user is logged out from the BW2251 Figure 92 Station Supervision To adjust the ping interval failure count click the Edit button Figure 93 Edit Station Supervision Interval define interval of sending ping to host in seconds Failure Count failure count value after which the use...

Page 68: ...pply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Services Services Telnet Use Services Telnet menu to manage the telnet SSH service of your BW2251 Figure 96 System Configuration settings Telnet Service Enable or disable telnet service of BW2251 SSH Service Enable...

Page 69: ...e values 1 32 all ASCII printable characters no spaces Default Trap community the default SNMP community name used for traps without specified communities The default community by most systems is public The community string must match the community string used by the SNMP network management system NMS 1 32 all ASCII printable characters no spaces HeartBeat Trap Interval defined the AP sending the ...

Page 70: ...e Settings menu Figure 99 Time Settings Click Edit to change current system time Figure 100 Edit Date and Time Settings Date yy mm dd Time hour minute Change the Date and Time or leave in the default value if no editing is necessary and click the Apply button Thus the modified time will be taken effect at once No reboot is needed If NTP is enabled the local time cannot be modified Since BW2251 has...

Page 71: ... a new NTP server setting for synchronizing time Clicking Add button to add a new NTP server Figure 102 Add new NTP server setting Two NTP servers can be configured under Services NTP menu And only IP address is accepted for NTP server Adding at least one NTP server before enable NTP service The Name of NTP server should be unique Change status or leave in the default state if no editing is necess...

Page 72: ...ge of settings the BW2251 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears Figure 106 Reboot information Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously t...

Page 73: ...r Disable software watchdog Check Interval the periodical time that software watchdog checks the whole file system of BW2251 The hardware watchdog function will protect device even the operation system crash Figure 109 edit hardware watchdog settings Status Enable or Disable hardware watchdog The default value is enabled for both Software Watchdog and Hardware Watchdog It is strongly recommended t...

Page 74: ...r authentication in the system 4 8 characters spaces not allowed Confirm Password re enter the new password to verify its accuracy Save click to save new administrator settings Default administrator logon settings are User Name admin Password admin01 Password length is from 4 to 8 characters After filling in the right Old password and the New Password clicking the Save button for taking effect imm...

Page 75: ...log function enabled disabled Host IP specify the host IP address where to send the System Log messages dots and digits Log Level specify the remote log message level you want to trace critical error warning info and debug Do not output debug log unless there are important issue needs to be clarified Debug log will output all of the information so that it will severely drop down the network perfor...

Page 76: ...s values View view the log messages locally Click View button a similar screen will appear as below Figure 115 View Local Log Messages Clear clear current log message Refresh get the updated log messages Return back to System Log page System System Mode In this page you can select the system mode of your BW2251 Figure 116 System Mode Settings Mode select whether the system mode of BW2251 is AP mod...

Page 77: ...Apply and Reboot click the button to restart the device and apply all setting changes The BW2251 Web Interface in AP mode is different from that in AP Router mode For the detailed configuration of BW2251 working in AP Router mode please refer to the next chapter Chapter 4 Reference Manual AP Router Mode System System Info Administrator can self define the device information including the system na...

Page 78: ... upload system configuration for restore Figure 121 System Configuration settings Click the Preparation button to start saving the configuration file Click the Download button to download current working configuration locally Figure 122 Backup settings By default the device configuration name is cfgbackup cfg A configuration file name will be required when you download save the configuration file ...

Page 79: ...he specified configuration and then the similar UI appears Figure 124 Configuration Upload Restore 2 Click OK button to restore and AP will reboot immediately to take effect Figure 125 Configuration Upload Restore 3 System Reset and Reboot Use this function to reboot device or restore to factory default Figure 126 System Reset setting Reboot reboot the device Reset reset System to Factory Defaults...

Page 80: ...strator settings will be set back to the factory default when Reset is implement System Local Upgrade Upload Update your device firmware locally Figure 129 Firmware Upgrade Click the Upload and then click the browse button to specify the full path of the new firmware image and click the Upload button Figure 130 Firmware Upgrade Click the Upgrade button to flash and upgrade the firmware Please make...

Page 81: ...FTP Firmware Upgrade Current firmware version Show the current firmware version TFTP server IP address Specify the IP address of TFTP server which firmware located TFTP Time Out Secs Specify the TFTP server communication time out in second Firmware Filename Specify the upgrade firmware name to be download Figure 133 TFTP Firmware Upgrade setting Click Edit button to specify the TFTP server IP addr...

Page 82: ...pdate process It will backward to previous version in case upgrade failure System Location Settings You can define the longitude and latitude for the device information or for the NMS to locate the device location Figure 134 location setting Click edit to enter the Longitude and Latitude in digit and dot format Figure 135 edit location longitude latitude Click save button to save it ...

Page 83: ...r web browser window Web Interface The main web management menu is displayed at the top of the page after successfully logging into the system see the figure below From this menu all essential configuration pages are accessed Figure 136 Main Configuration Management Menu The web management menu has the following structure Status Device Status show the status related with the whole device Wireless ...

Page 84: ... page based by HTML page Pages configure and upload user pages Upload upload new internal user pages HTTP Headers define http headers encoding and language Remote Authentication define external Web Application Server WAS to intercept take part in the user authentication process Services Telnet Telnet SSH service SNMP SNMP service NTP NTP settings of BW2251 Time manually set time Watchdog Enable th...

Page 85: ...current configure version Up Time indicate the time expressed in days hours and minutes since the system was last rebooted System Time show the current time of the BW2251 WLAN1 MAC show the MAC addresses of the wireless interfaces of the BW2251 2G WLAN2 MAC show the MAC addresses of the wireless interfaces of the BW2251 5G Free System Memory indicate the memory currently available in the BW2251 To...

Page 86: ...ACL feature on BW2251 SSID Number indicate current number of enabled SSID on BW2251 Status Interface Statistics The Interface Statistics shows each network interface status including Input Output bytes packets or error Figure 139 Interface Statistics Interface Name show the name of each network interface where ixp0 is related to LAN interface wlan1_x is related to wireless sub interface Input Byte...

Page 87: ...7 Output Packets show the packets number transmitted out of the network interface Output Errors show the packets number which contain errors preventing them from being transmitted out correctly Refresh get the updated network interface information ...

Page 88: ...re 141 Edit Network Interfaces Settings 1 Interface standard interface name This name cannot be edited Status select the status of interface enabled disabled Do not disable the interface through which you are connected to the AP Router Disabling such interface will lose your connection to the device The interface eth1 can not be disabled Type network type cannot be changed There are two possible n...

Page 89: ...ers are a binary mask of the IP address which defines IP address order and the number of IP addresses in the subnet Gateway interface gateway For LAN type interfaces the gateway is WAN interface The gateway of the WAN interface is usually the gateway router of the ISP or other WAN network Default gateway is marked with Save save the entered values Cancel restore all previous values Figure 143 Appl...

Page 90: ...ll settings Network PPPoE The Point to Point Protocol over Ethernet PPPoE is a network protocol for encapsulating PPP frames inside Ethernet frames It is use mainly for DSL service Click Edit button to enable or disable the service Figure 145 PPPoE service Name service name Status change status for this service disable enable Figure 146 change PPPoE service Enable the PPPoE service Username enter ...

Page 91: ...and take effect all changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Network L2TP Layer 2 Tunneling Protocol L2TP is a tunneling protocol used to support virtual private netwo...

Page 92: ...ess in digits and dots notation e g 192 168 2 2 Username enter the user name Password password for the authorized user Timeout in case of connection fail the interval to re connect to the server Figure 151 edit L2TP services Click Save button and Apply Changes button to save the change or discard changes button to discard the change Figure 152 save the changes Reboot click the button to restart th...

Page 93: ...tart and take effect for all settings Network RADIUS Server Up to 32 different RADIUS servers can be configured in the RADIUS servers menu By default one RADIUS server is specified for the system Figure 154 RADIUS Servers Settings Details show the detail information of this RADIUS Server profile Edit edit the selected RADIUS Server entry you want to configure Delete delete the selected RADIUS Serv...

Page 94: ...rity of data frames used for the Authentication RADIUS server Accounting IP show the IP address of Accounting RADIUS server If the Accounting IP address is 0 0 0 0 it means that the Accounting service is disabled Accounting Port show the network port used to communicate with the Accounting RADIUS server Accounting Secret show the shared secret string that is used to make sure the integrity of data...

Page 95: ...t When selected the profile will be used as default Authentication IP specify the IP address of Authentication RADIUS server dots and digits Authentication Port specify the network port used to communicate with the Authentication RADIUS server 1 65535 Authentication Secret shared secret string that is used to make sure the integrity of data frames used for the Authentication RADIUS server Accounti...

Page 96: ...ore pass to RADIUS server for more security enabled disabled This setting needs RADIUS server do relevant configurations Save save the entered values Cancel restore all previous values After adding a new RADIUS server or editing an existing one a page appears similar to the following Figure 158 Apply or Discard RADIUS Server Changes Details show the detail information of this RADIUS Server profile...

Page 97: ...hanged continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Network RADIUS Properties General RADIUS settings are configured using the RADIUS Properties menu under the network Figure 160 RADIUS Properties settings RADIUS Retries retry count of sending RADIUS packets before giving up 0 99 RADIUS Timeout seconds maximum amount of time ...

Page 98: ...le Timeout seconds amount of user inactivity time before automatically disconnecting user from the network 1 999999999 Bandwidth Up maximum bandwidth up at which corresponding user is allowed to transmit bps Bandwidth Down maximum bandwidth down at which corresponding user is allowed to receive bps Each setting in this table can be edited Select RADIUS setting you need to update click the edit nex...

Page 99: ...ice service allows BW2251 subscribers to enter URLs instead of IP addresses into their browser to reach the desired web site You can enter the DNS server settings under the Network DNS menu The DNS server setting s table is displayed Figure 163 DNS Settings You can enter the primary and secondary DNS servers settings by click the edit button in the action column and type in the DNS server s IP add...

Page 100: ...k the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Network DHCP In AP Router mode the BW2251 can act as a DHCP Server The DHCP D...

Page 101: ...the DHCP service mandatory fields Netmask show the subnet mask of current interface Gateway show the interface gateway WINS Windows Internet Naming Service Address specify service IP address if it is available on the network dots and digits Lease Time specify the IP address renewal in seconds 1 1000000 Domain specify DHCP domain name optional 1 128 sting DNS Address specify the DNS server s IP add...

Page 102: ... correct click Apply Changes request for reboot server appears Figure 171 Reboot information Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and ta...

Page 103: ...ived on an interface with specific destination addresses By default no static routes are defined on the system Figure 173 Static Route Page A routing rule is defined by the target subnet target IP address and subnet mask interface and or gateway where to route the target traffic A data packet that is directed to the target network is routed to the specified AC interface or to another gateway route...

Page 104: ...ent is considered as DOS attacker BW2251 kicks it out and doesn t let it connect again during the time that Expire set Flow Control Status Enable or disable traffic flow control policy for BW2251 Max Load The attack throughput threshold Duration seconds if traffic exceeds the value of Max Load during the whole time that Duration set BW2251 think there is traffic flow attack and do the countermeasu...

Page 105: ... all IP address specified it will consider Ethernet link fail and all associated wireless client will be logged out The AP will continue to ping from first IP address If ping success the wireless will be enable again and client can access the AP Save save the entered values Cancel restore all previous values Click Save the similar apply changes UI will be appeared Figure 179 Apply or Discard Link ...

Page 106: ...tocol for remote management of end user devices As a bidirectional SOAP HTTP based protocol it provides the communication between customer premises equipment CPE and Auto Configuration Servers ACS server It includes both a safe auto configuration and the control of other CPE management functions within an integrated framework The protocol addressed the growing number of different internet access d...

Page 107: ...form Interval the inform interval in seconds the value is 720 4294967295 Connection Request UserName when the ACS pulling a task to AP CPE such as firmware upgrade downgrade AP need the user name to verify the task sending from ACS server Connection Request Password when the ACS pulling a task to AP CPE such as firmware upgrade downgrade AP need the password to verify the task sending from ACS ser...

Page 108: ...y the changes Figure 184 reboot device If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings ...

Page 109: ...ic menu to configure wireless settings such as regulatory domain channel band and power layer 2 isolation Click the edit button on the setting you need to change Figure 185 Basic Wireless Settings with static channel selection Figure 186 Basic Wireless Settings with auto channel selection DCA ...

Page 110: ...ecommend Fragment Threshold It specifies the maximum size for a packet before data is fragmented into multiple packets If you experience a high packet error rate you may slightly increase the fragmentation threshold Setting the fragmentation threshold too low may result in poor network performance Only minor modifications of this value are recommended The default value is 2347 recommend Beacon Int...

Page 111: ...supporting short preamble connected otherwise using short preamble The default is Auto recommend Short always using short preamble Long always using long preamble Slot Time show the slot time policy when working in 2 4GHz band Auto using long slot time when there are clients not supporting short slot time connected in otherwise using short slot time The Switching between long and short slot time i...

Page 112: ...four channels interval between the chosen channels For example for three Access Points in close proximity choose channels 1 6 and 11 for 11b g or channels 36 40 and 64 for 11a Band show the working bands on which the radio is working wlan1 four bands listed 2 4GHz 11g only 2 4GHz 11n HT20 2 4GHz 11n HT20 40plus 2 4GHz 11n HT20 40minus wlan2 four bands listed 5GHz 11a 5GHz 11n HT20 5GHz 11n HT20 40...

Page 113: ...tion needn t do frequently set a big value for DCA threshold to gain a stable wireless users connection If wireless network environment changes continually frequent auto channel selection is needed So set a relative small value for DCA threshold to let channel change based on wireless environment Wireless users will be kicked off when DCA is processing new operational frequency channel takes effec...

Page 114: ... Basic Wireless Settings with Static Channel selection Figure 190 Apply or Discard Basic Wireless Settings with DCA enabled For such change of settings the BW2251 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears ...

Page 115: ...ssign different configuration settings to each BSSID For wireless users they can think BW2251 as single AP with multi service supporting including different security policy different VLAN ID different authentication etc All the BSSIDs are active at the same time that means client devices can associate to the access point for specific service Use the Wireless Advanced menu to configure properties r...

Page 116: ...ciating Hidden show the status of Hidden SSID feature disable enable Security show which security policy is used for this MBSSID entry Current Connect show the number of current wireless clients associate to this MBSSID New create a new MBSSID entry Detail show the detail information of this MBSSID entry Edit edit the selected MBSSID entry you want to configure Delete delete the selected MBSSID en...

Page 117: ...to enable the function Only 11n only 802 11n client can connected to the SSID Disassociation low MCS low MCS client won t associate to the AP check box to enable it Max Station Number define maximum number of associated wireless client to this SSID By default the number is maximum 127 client can be associated to the AP without check box Or check box to enable limited client 1 127 Layer 2 Isolation...

Page 118: ... must cooperate with remote Router or APC Interface priority specify the traffic priority for this SSID interface which is implemented according to 802 11e EDCA and makes sure the wireless downlink QoS This priority is based on SSID which means different BSSID can have different traffic priority and the traffic of the same SSID has the same priority This traffic priority only makes sure the priori...

Page 119: ...ion will fail The key value is set in Wireless WEP web page 802 1x when selected the MSSID entry will be configured as an 802 1x authenticator It supports multiple authentication types based on EAP Extensible Authentication Protocol like EAP TLS EAP TTLS EAP PEAP EAP SIM The privacy will be configured as dynamic WEP RADIUS Server Profile select your RADIUS server profile Please go to Network RADIU...

Page 120: ...re 196 Multiple BSSID Setting 4 WPA PSK when selected the encrypt method will be WPA without RADIUS server WPA2 PSK when selected the security policy will be WPA2 PSK without RADIUS server In this mode only WPA2 PSK client can connect with AP and WPA PSK client is not permitted to connect WPA2 PSK MIXED when selected WPA2 PSK and WPA PSK clients are all permitted to connect with AP Use Pre Shared ...

Page 121: ...I without RADIUS server Encode Pre shared key encode HEX ASCII Use Pre Shared key specify more than 8 characters and less than 64 characters for WPA with pre shared key encryption Disabled when selected you don t select any security policy Change status or leave in the default state if no editing is necessary and click the Save button Figure 198 Apply or Discard the advanced Settings in AP mode Fo...

Page 122: ...tton to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Wireless WEP Use the Wireless WEP menu to configure static WEP settings This menu only set static WEP key value related with 4 key indexes Enable or Disable static WEP is in the Wireless Advance menu Figur...

Page 123: ... 6161616161 hexadecimal characters They can be modified according to requirement Figure 201 Edit WEP Key Change status or leave in the default state if no editing is necessary and click the Save button Figure 202 Apply or Discard WEP Configuration For each change of settings the BW2251 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears...

Page 124: ...all settings Wireless MAC ACL Use the MAC ACL service to control the default access to the wireless interface of the BW2251 or define special access rules for mobile clients Configure the ACL using the Wireless MAC ACL menu Figure 204 MAC ACL Service Radio show the wireless interface The wireless interface which is Bridge mode hasn t MAC ACL settings Policy click the edit button to choose Allow De...

Page 125: ...u must create MAC List to work with Policy setting The access control list is based on the network device s MAC address In the MAC ACL Configuration table you only need to specify the MAC address of wireless client Click the Add button to create a new MAC entry Figure 206 Add MAC entry MAC Address enter the physical address of the network device you need to MAC address The format is a list of colo...

Page 126: ...y Changes Request for reboot server appears Figure 208 Reboot Server Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settin...

Page 127: ... BSS the client connected to User IP IP address from which the user s connection is established digits and dots Authed indicate this client is authenticated or not WEB Auth L2 Auth show the authentication method which user uses to connect Time Length session duration since the user login hh mm ss Idle Time amount of user inactivity time hh mm ss Action view the statistics or kickoff the user Detai...

Page 128: ...d layer2 authentication status layer2 authentication include all supported EAP type of 802 1x auth and MAC auth WISP WISP domain name where the user belongs Session ID the unique user s session ID number This can be used for troubleshooting purposes Remaining Time Length remaining user s session time hh mm ss Session time for user is defined in the RADIUS Server Idle time specify current idle time...

Page 129: ...s to connect client s statistics list Kickoff click this button to logout the user from access point Refresh click the button to refresh users statistics User Station Supervision The Station Supervision function is used to monitor the connected host station availability This monitoring is performed with ping If the specified number of ping failures is reached failure count the user is logged out f...

Page 130: ...the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings User User ACL User ACL provide high flexibility for administrator to define the...

Page 131: ...igure 218 Create a new rule third step Third step choose the type of source port and destination port any port special port Figure 219 Create a new rule fourth step Fourth step fill out the source IP address and destination IP address including IP address and net mask if you choose any IP in second step you need not fill out the IP address fill out the source port and destination port if you selec...

Page 132: ...ronment that controls the user s access to Web content and services It is to define a free restricted service set for a user do not logged into the system Use the User walled garden menu to view or change the free URLs or hosts Figure 223 Walled Garden New URL click the new URL button and enter the new URL and its description Save entered information by clicking the update button Figure 224 Add Ne...

Page 133: ...erver address IP address or host name Netmask enter the network mask to specify the host servers network Port network port which is used to reach the host 1 65535 For standard protocols use the default ports Protocol Port HTTP 80 HTTPS 443 FTP 21 User WISP Different WISPs Wireless Internet Service Providers can be associated with appropriate RADIUS servers and device interfaces using the User WISP...

Page 134: ...of prefix length is from 2 to 6 Figure 228 Domain Policy Add WISP click to define WISP for RADIUS server Figure 229 Define New WISP Name new WISP domain name string up to 256 symbols no space dot or dash allowed RADIUS Name select RADIUS for new WISP from list box non editable Save click the button to save the new WISP Cancel restore all previous values Figure 230 Apply or Discard Changes of WISP ...

Page 135: ...e The start page is the default web page where users will be redirected after log on This value will be overwritten by the WISP RADIUS attribute no 4 Redirection URL if provided in the authentication response message Use the User Start Page menu to view or change the start page URL Figure 232 Start Page The administrator can change the start page by clicking the Edit button The value entry field w...

Page 136: ...hen click Reboot button to restart and take effect for all settings User Customized UAM Customized UAM let owner upload their own login and logout page to BW2251 to apply with enterprise style or do advertisements User customized page is based on HTML BW2251 support internal and external customized UAM Internal means user can upload their html login and logout page to BW2251 External means BW2251 ...

Page 137: ...ll pop out a logout page for user In default this setting is enabled if customized page is enabled Logout Page s Dimension for the difference of logout page s dimension which make by customer BW2251 will use this data to pop out user s customized logout page Use External Page if this item is enabled BW2251 will fetch login and logout page from an external web server Second is update html files for...

Page 138: ...icture file format is JPG GIF PNG and CSS After select the file you want press upload button and the files will upload to BW2251 after successful upload files you can see the page below Picture and CSS files name need be consistent with your login or logout html pages The login and logout html file can be what ever you want Don t forget fill out the Logout page s dimension or logon user maybe can ...

Page 139: ...9 Flash upload files OK After successful flash the files uploaded files will appear in uploaded file list Next is an example for customized login and logout page Figure 240 Example login and logout page For external page enabled the Use External Page as below ...

Page 140: ...he welcome login logout help pages can be easily changed to user defined pages by choosing the edit menu The pages configuration menu is displayed by default In External page mode BW2251 will only fetch the login and logout html page to local the picture or the CSS file which link on the customized login logout page will not be fetch So the link to the picture and CSS file on user customized html ...

Page 141: ...direct choose this option when using the Extended UAM function see Chapter 5 User Pages Status choose enable disable welcome page status Note that redirect option with status disabled would work Location enter location for external templates or redirect e g WAS IP address Figure 243 Redirect User Pages Welcome page with redirect option selected redirects the user authentication process to the spec...

Page 142: ...BW2251 web management interface and new uploaded user pages Select User HTTP Headers menu Figure 246 HTTP Headers Settings BW2251 device supports some http META tags Syntax of such META tags META HTTP EQUIV name CONTENT content Currently BW2251 supports Content Type and Content Language tags Content Type is used to define document char set used when text has non Latin letters like language letters...

Page 143: ...n the user authentication process and to log on and log off users externally It provides a means to query user session information as well By default such remote authentication is disabled Figure 248 Remote Authentication Click the edit button next to appropriate settings to specify remote authentication parameters Figure 249 Enable Remote Authentication Remote Authentication select status enabled...

Page 144: ...s on both ends manager and agent Use the Services SNMP menu to change current SNMP configuration Figure 251 SNMP settings Readonly community community name is used in SNMP version 1 and version 2c Read only public community allows reading values but denies any attempt to change values 1 32 all ASCII printable characters no spaces Readwrite community community name is used in SNMP version 1 and ver...

Page 145: ...manager IP address dots and digits Host Port enter the port number the trap messages should be send through number Trap Type select trap message type v1 v2 inform Community specify the community name at a SNMP trap message This community will be used in trap messages to authenticate the SNMP manager If not defined the default trap community name will be used specified in the SNMP table 1 32 all AS...

Page 146: ...d button to add a new NTP server Figure 255 Add new NTP server setting Two NTP servers can be configured under Services NTP menu And only IP address is accepted for NTP server Please enter at least one NTP server when enable NTP service The Name of NTP server should be unique Change status or leave in the default state if no editing is necessary and click the Save button Figure 256 Save the NTP se...

Page 147: ...tus Click Save button to save new Time Zone setting Figure 258 Apply or Discard Time Zone NTP status Changes For each change of settings the BW2251 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears Figure 259 Reboot information ...

Page 148: ...anually under Services Time menu Figure 260 Time Settings Click Edit to change current system time Figure 261 Edit Date and Time Settings Change the Date and Time or leave in the default value if no editing is necessary and click the Apply button Thus the modified time will be taken effect at once No reboot is needed If NTP is enabled the local time cannot be modified Since BW2251 hasn t RTC real ...

Page 149: ... watchdog checks the whole file system of BW2251 The hardware watchdog function will protect device even the operation system crash Figure 264 edit hardware watchdog settings Status Enable or Disable hardware watchdog The default value is enabled for both Software Watchdog and Hardware Watchdog It is strongly recommended to enable the watchdog function Click Save and follow the UI instruction to a...

Page 150: ...user authentication in the system 4 8 characters spaces not allowed Confirm Password re enter the new password to verify its accuracy Save click to save new administrator settings Default administrator logon settings are User Name admin Password admin01 Password length is from 4 to 8 characters After filling in the right Old password and the New Password clicking the Save button for taking effect ...

Page 151: ...mote log enabled disabled Host IP specify the host IP address where to send the System Log messages dots and digits Log Level specify the remote log message level you want to trace critical error warning info and debug Do not output debug log unless there are important issue needs to be clarified Debug log will output all of the information so that it will severely drop down the network performanc...

Page 152: ...u want to trace critical error warning info and debug Save save changes Cancel restore the previous values View view the log messages locally Click View button a similar screen will appear as below Figure 270 View Local Log Messages Clear clear current log message Refresh get the updated log messages Return back to System Log page System System Mode In this page you can select the system mode of y...

Page 153: ...pply all setting changes The Web Interface in AP Router mode is different from that in AP mode For the detailed configuration of BW2251 working in AP mode please refer to Chapter 3 Reference Manual AP Mode System System Info Administrator can self define the device information including the system name system location and system contact information of his BW2251 Figure 272 System info Settings Sys...

Page 154: ...Upload upload system configuration for restore Figure 276 System Configuration settings Click the Preparation button to start saving the configuration file Click the Download button to download current working configuration locally Figure 277 Backup settings By default the device configuration name is cfgbackup cfg A configuration file name will be required when you download save the configuration...

Page 155: ...he specified configuration and then the similar UI appears Figure 279 Configuration Upload Restore 2 Click OK button to restore and AP will reboot immediately to take effect Figure 280 Configuration Upload Restore 3 System Reset and Reboot Use this function to reboot device or restore to factory default Figure 281 System Reset setting Reboot reboot the device Reset reset System to Factory Defaults...

Page 156: ...istrator settings will be set back to the factory default when Reset is implement System Local Upgrade Upload Update your device firmware locally Figure 284 Firmware Upgrade Click the Upload and then click the browse button to specify the full path of the new firmware image and click the Upload button Figure 285 Firmware Upgrade Click the Upgrade button to flash and upgrade the firmware Please mak...

Page 157: ...FTP Firmware Upgrade Current firmware version Show the current firmware version TFTP server IP address Specify the IP address of TFTP server which firmware located TFTP Time Out Secs Specify the TFTP server communication time out in second Firmware Filename Specify the upgrade firmware name to be download Figure 288 TFTP Firmware Upgrade setting Click Edit button to specify the TFTP server IP addr...

Page 158: ...update process It will backward to previous version in case upgrade failure System Location Settings You can define the longitude and latitude for the device information or for the NMS to locate the device location Figure 289 location setting Click edit to enter the Longitude and Latitude in digit and dot format Figure 290 edit location longitude latitude Click save button to save it ...

Page 159: ...abled on the BW2251 for subscribers The following mentioned user pages are factory default The operator owner can upload new templates for all user pages based on their designed Contact with BROWAN if you need the User Pages templates samples User Pages Overview Welcome Page Welcome page is the first page a subscriber receives when he starts his web browser and enters any URL By default it s a ver...

Page 160: ...s In addition a smaller logout window page pops up The operator owner can change the login page according to its needs See more details in section Changing User Pages Logout Page Make sure the JavaScript is enabled on your Web browser otherwise you will not receive the logout page The Logout page contains the detailed subscriber s session information and provides function for logging out of the ne...

Page 161: ...nd unlimited Total bytes left session total download and upload bytes left for subscriber limited form RADIUS in B KB MB GB and unlimited time length left time length left in format hours minutes seconds Bandwidth downstream upstream available upstream and downstream bandwidth for subscriber limited from RADIUS in bps Refresh button click the button to refresh the subscriber session information Th...

Page 162: ...wo ways to change and store new user page templates External linking new user page templates from an external server Internal upload new templates to local memory Supported user pages template formats XSL Extensible Style sheet Language for welcome login logout one click pages HTML Hypertext Markup Language for help unauthorized pages The welcome Login and logout pages must be in XSL format The fo...

Page 163: ...under the use column Figure 298 configure external pages Step 4 Specify the new user page location in the location field http servername filelocation Figure 299 configure external pages Do not to upload different type of formats It will not be displayed properly Step 5 Save entered changes with the apply changes button ...

Page 164: ... 163 of 187 Figure 300 configure external pages Step 6 Check for new uploaded user page e g login Figure 301 login page If at anytime you wish to restore factory default user pages click the reset button under the system reset reboot menu ...

Page 165: ... option is defined for all pages Figure 302 internal pages Step 2 Under the user upload menu click the upload button to upload new prepared user pages Figure 303 upload page The memory space in the AP for internal user pages is limited to 1 MB Step 3 Specify the location of new user page templates by clicking the browse button or enter the location manually Specify the location for the additional ...

Page 166: ... the upload process a number of times until all necessary images are uploaded Step 5 Check for the newly uploaded user pages and images to ensure that everything is uploaded and displayed correctly Go to the link https device IP address to get to the new user welcome page Figure 305 customize welcome page Click the here link or enter the link directly https device IP address login user to get to t...

Page 167: ...BW2251 User Guide v1 0 Nov 2013 Page 166 of 187 Figure 306 customize login page If at anytime you wish to restore the factory default user pages click the reset button under the system reset reboot menu ...

Page 168: ...thentication process AC intercepts any access to the Internet via HTTP and redirects the client to the welcome or login URL on AC In order to render the custom login screen HTML page the AC must be configured to 2 fetch XSL script from a remote server which in this case is a Web Application Server WAS or have custom XSL uploaded on the AC There is the ability to enable caching of XSL scripts see U...

Page 169: ... is re directed to the external server WAS Client AC WAS RADIUS Server 1 Initial Request 2 Replay with HTTP redirect 3 Direct client communication with WAS 4 Client sends his her login and password 8 WAS reports client status authenticated or not 5 WAS tries to authenticate client 6 AC sends request to RADIUS 7 RADIUS replay authenticated or not Figure 308 Client Remote Authentication Scheme 2 The...

Page 170: ...onal Lanip The IP address of the LAN interface the user is connected to Can be changed or specified under the Network Interface menu In order to logon log off or get user status WAS submits POST request to the following URLs 1 Remote user logon Script name pplogon user Parameters secret shared secret to protect page from accidental use ip IP address of user to be logged on Username Username of the...

Page 171: ...from accidental use ip IP address of user to be logged off username Username of the user to be logged off mac AC address of the user to be logged off All parameters are required except the IP and MAC At least one of IP and MAC addresses should be supplied If supplied only IP user is checked and logged off by username and IP If IP and MAC addresses are supplied then user is checked and logged off b...

Page 172: ...sharedSecret username UserName ip user_I P_address Script produces XML output XML output when some error occurs ppstatus status No user by IP status error 122 error description User with supplied IP address not found description ppstatus Response statuses and error codes status error description OK 0 User status is ok Not checked 100 Status information not checked No IP 101 No user IP address supp...

Page 173: ...try id 11 unlimited entry entry id 12 unlimited entry entry id 13 32 Mbps entry entry id 14 32 Mbps entry entry id 15 04 59 55 entry entry id 16 EAP entry ppstatus Status detailed information by ID id description 1 User name 2 User IP address 3 User MAC address 4 Session time 5 Session ID 6 User idle time 7 Output bytes 8 Input bytes 9 User WISP name 10 Remaining bytes 11 Remaining output bytes 12...

Page 174: ...uper administrator and go to User Customized UAM In order to configure BW2251 using the customized login logout page Customize Page status must be set to enable To enable Customized Page edit the Customize page status User Customized UAM and set to Enabled See the diagram below Figure 309 enable customize page status Figure 310 customize page status is enabled To start to upload the customized tem...

Page 175: ...er the physical path and filename of the coffee template files or click the browse button to search the coffee template files are located The first two items are for login html and logout html files only Additional files are for CSS and image files such as jpg gif png and etc ...

Page 176: ...ten Additional files can be uploaded at one time To upload more additional file repeat the same upload process in step 2 4 but please be aware of the first two items are only for login html and logout html files Image files can only be uploaded to Additional file fields Figure 313 upload other files Once all files are uploaded successfully a list of Uploaded File List will show ...

Page 177: ... size setting of logout page and press the Save button E g the coffee bar template the suggested size of logout page is 760 x 601 Figure 315 set the pixels of logout window Step3 Everything is ready Now any users that access the internet via the BW2251 will see the new personalized login and logout pages Let s look at the new appearance of login and logout page based on the coffee bar template Mak...

Page 178: ...BW2251 User Guide v1 0 Nov 2013 Page 177 of 187 Figure 316 example of coffee bar login page Figure 317 example of coffee bar logout page ...

Page 179: ...tus width 250 height 240 marginwidth 0 marginheight 0 scrolling yes frameborder 0 iframe td These set of code uses an embedded window to show the session data in logout window Comment them with HTML comments language and will hide the session data in logout window 3 Question If I don t want the logout window to pop up to users how could I do Answer Please login BW2251 and go to User Customized UAM...

Page 180: ...face LAN 10 100 100Mb Ethernet auto sensing RJ 45 Console 1 for RJ 45 interface Management Interfaces HTTPs Secure Telnet SSHv2 SNMP Software Update Remote software update via HTTPs Reset H W and S W restore factory default Physical Specification Dimension 230 mm x 200 mm x 65 mm Weight 1800 100g Environment Specification Temperature Humidity Operating 30 C to 60 C 10 90 non condensing Power Suppl...

Page 181: ...5 0 Gateway 192 168 2 1 Network RADIUS Properties RADIUS Retries 5 RADIUS Timeout 2 NAS Server ID User Session Timeout 72000 User Accounting Update Interval 600 User Accounting Update Retry 60 User Idle Timeout 900 Bandwidth Up 512 Kbits Bandwidth Down 512 Kbits Network RADIUS Servers Name DEFAULT default Type Authentication IP Address 0 0 0 0 Port 1812 Secret password case sensitive Type Accounti...

Page 182: ...router mode No routes are defined on system WISP No WISP defined on system Wireless Basic WLAN1 Regulatory Domain FCC Channels 11 static Wireless Band 2 4GHz 11n HT20 Total Output Power EIRP 14dBm RTS Threshold 2347bytes Layer2 Isolation disabled Operation Mode AP WLAN2 Regulatory Domain FCC Channels 36 static Wireless Band 5GHz 11n HT20 Total Output Power EIRP 13dBm RTS Threshold 2347bytes Layer2...

Page 183: ... User WISP Only for AP router mode Domain Policy Username domain No WISP defined on system System Settings System Administrator Super administrator Username admin case sensitive Password admin01 case sensitive System SNMP SNMP Service Enabled Readonly Community public Readwrite Community private Default Trap Community public There are no SNMP traps on system System Telnet Telnet Service Enabled SS...

Page 184: ...ents Location ID Country Location ID Country AF Afghanistan LI Liechtenstein AL Albania LT Lithuania DZ Algeria LU Luxembourg AS American Samoa MO Macao AD Andorra MK Macedonia the former Yugoslav republic of AO Angola MG Madagascar AI Anguilla MW Malawi AQ Antarctica MY Malaysia AG Antigua and Barbuda MV Maldives AR Argentina ML Mali AM Armenia MT Malta AW Aruba MH Marshall islands AU Australia M...

Page 185: ... KY Cayman islands OM Oman CF Central African republic PK Pakistan TD Chad PW Palau CL Chile PS Palestinian territory occupied CN China PA Panama CX Christmas island PG Papua new guinea CC Cocos keeling islands PY Paraguay CO Colombia PE Peru KM Comoros PH Philippines CG Congo PN Pitcairn CD Congo the democratic republic of the PL Poland CK Cook islands PT Portugal CR Costa Rica PR Puerto Rico CI ...

Page 186: ...n DE Germany SR Suriname GH Ghana SJ Svalbard and Jan Mayan GI Gibraltar SZ Swaziland GR Greece SE Sweden GL Greenland CH Switzerland GD Grenada SY Syrian Arab republic GP Guadeloupe TW Taiwan province of china GU Guam TJ Tajikistan GT Guatemala TZ Tanzania united republic of GN Guinea TH Thailand GW Guinea Bissau TL Timor leste GY Guyana TG Togo HT Haiti TK Tokelau HM Heard island and McDonald is...

Page 187: ... Kenya VE Venezuela KI Kiribati VN Viet nam KP Korea democratic people s republic of VG Virgin islands British KR Korea republic of VI Virgin islands u s KW Kuwait WF Wallis and Futuna KG Kyrgyzstan EH Western Sahara LA Lao people s democratic republic YE Yemen LV Latvia YU Yugoslavia LB Lebanon Zaire see Congo the democratic republic of the LS Lesotho ZM Zambia LR Liberia ZW Zimbabwe LY Libyan Ar...