Browan BW1254, User Manual

Page 1: ...Dual Radio 802 11a n b g n Indoor Access Point BW1254 User s Guide v1 0 ...

Page 2: ...ble only to the degree specified in the terms of sale and delivery The reproduction and distribution of the documentation and software supplied with this product and the use of its contents is subject to written authorization from BROWAN Trademarks The product described in this book is a licensed product of BROWAN Microsoft Windows 95 Windows 98 Windows Millennium Windows NT Windows 2000 Windows X...

Page 3: ...er is connected Consult the dealer or an experienced radio TV technician for help FCC Caution Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and...

Page 4: ...r Source and Local Network 12 Access to your access point 13 Configuration 13 CHAPTER 3 REFERENCE MANUAL AP MODE 15 Web Interface 15 Status 16 Status Device Status 16 Status Wireless Status 18 Status Dynamic Bridge Status 18 Status Interface Statistics 19 Network 20 Network Interface 20 Network Bridge 21 Network Attack Countermeasure 22 Network RADIUS Server 23 Network RADIUS Properties 27 Network...

Page 5: ...Web Interface 79 Status 81 Status Device Status 81 Status Wireless Status 82 Status Interface Statistics 82 Network 84 Network Interface 84 Network PPPoE 86 Network L2TP 87 Network RADIUS Server 89 Network RADIUS Properties 93 Network DNS 95 Network DHCP 96 Network DHCP Lease 99 Network Static Route 99 Network Attack Countermeasure 100 Network Link Integrity 100 Network Tr069 Settings 102 Wireless...

Page 6: ... System Location Settings 154 CHAPTER 5 USER PAGES BASED ON XSL 155 User Pages Overview 155 Welcome Page 155 Login Page 155 Logout Page 156 Help Page 157 Unauthorized Page 158 Example for External Pages 158 Example for Internal Pages 161 Extended UAM 164 Parameters Sent to WAS 166 CHAPTER 6 CUSTOMIZED USER PAGE HTML 170 Set up your customized user page 170 FAQ 175 APPENDIX 176 A Specification 176 ...

Page 7: ...solid understanding of software installation procedures for network operating systems under Microsoft Windows 95 98 Millennium 2000 NT and Windows XP and general networking operations and troubleshooting knowledge Conventions Used in this Document The following typographic conventions and symbols are used throughout this document Very important information Failure to observe this may result in dam...

Page 8: ...ure and reliable wireless networking BW1254 supports and meets industry security requirement of wide area networking professionals for secured wireless network z Supports VLAN up to 16 VLAN ID z IEEE 802 1x EAP with password certificates and SIM card z 64bits 128bits static and dynamic WEP encryption z Supports Wi Fi Protected Access WPA WPA2 with AES and TKIP support z Layer 2 Isolation for preve...

Page 9: ... Fi standard Superior Wireless Bridging Capability PtP PtMP Support up to 16 BSSID Virtual AP Wi Fi Protected Access WPA and WPA2 with TKIP or AES Wired Equivalent Privacy WEP using static or dynamic key of 64 or 128 bits Anti Interference with Dynamic Channel Allocation DCA Hidden SSID for blocking illegal users accessing Supports 802 1x authentication using EAP TLS EAP TTLS PEAP and SIM MAC Acce...

Page 10: ...mes with the following Dual Radio 802 11a n b g n Indoor Access Point model BW1254 Screw Bag wall mounting Antenna Dual band Dipole Antennas with RP SMA connector 4 units Ethernet patch cable Cat5 UTP 1 5m length 1 unit External power supply Input 100 240VAC 50 60Hz Output 48VDC 0 5A 1 unit Hardware Introduction General Overview Figure 1 BW1254 General View Front panel There are five indicator lig...

Page 11: ...isable WLAN 2 Green Blinking the radio is operating Off radio disable table 1 BW1254 led definition Rear panel Figure 3 rear panel I O port Descriptions of the connectors are given in the following table table 2 BW1254 connectors Bottom Cover The Bottom Cover of the BW1254 contains Item Connector Description 1 DC48V For power supply 48V DC jack 2 Reset button Reboot or Reset device Press reset but...

Page 12: ...dio MAC for 2 4G WLAN 2 the radio MAC for 5G The LAN MAC WLAN 1 MAC 1 Hex AP mode The WAN MAC WLAN 1 MAC 1 Hex AP router mode 3 Serial Number of the device 4 Rubber foot 5 Wall mount hole Figure 4 Bottom Cover of the BW1254 Back label The back label format and location as below Figure 5 back label Right side Two RP SMA type of antenna connectors for WLAN 1 2 4G Wall mount hole Rubber foot Rubber f...

Page 13: ...power adapter BE3013 PoE injector is optional which is non compliant to 802 3at BW1254 is compliant to 802 3at PoE standard Step 1 Place the Access Point on a flat work surface or hang on the wall Use the enclosed 2 screws mounting the Access Point to the wall if necessary Step 2 Connect DC 48V power supply to PoE injector DC jack Step 3 Connect the Ethernet cable from the BW1254 to PoE injector P...

Page 14: ...eady to access and configure your access point Open web browser and enter ip address The default ip address for your new access point is IP 192 168 2 2 subnet 255 255 255 0 Step 1 Configure your PC with a static IP address on the 192 168 2 x subnet with mask 255 255 255 0 Connect the BW1254 into the same physical network as your PC Open the Web browser and type the default IP address of the BW1254...

Page 15: ...of 184 Figure 9 Security alert Figure 10 login page Step 3 After successful administrator log on you will see the main page of the BW1254 Web interface Figure 11 Web interface Management Menu Now you are enabled to perform your configuration ...

Page 16: ...web management menu is displayed at the top of the page after successfully logging into the system see the figure below From this menu all essential configuration pages are accessed Figure 12 Main Configuration Management Menu The web management menu has the following structure Status Device Status show the status related with the whole device Wireless Status show the status of the two radios Dyna...

Page 17: ... Telnet SSH service SNMP SNMP service Time manually set time NTP NTP settings of BW1254 Watchdog Enable the S W or H W watchdog of BW1254 System Administrator set access permission to your BW1254 System Log check the system log locally or specify address where to send system log file System Mode specify whether the BW1254 works in AP mode or in AP router mode System Info specify some device relate...

Page 18: ...ent time of the BW1254 Wlan1 MAC show the MAC addresses of the wireless interfaces 2 4G of the BW1254 Wlan2 MAC show the MAC addresses of the wireless interfaces 5G of the BW1254 Free System Memory indicate the memory currently available in the BW1254 Total System Memory indicate the total memory in the BW1254 LAN Mode indicate static IP or DHCP client is used for BW1254 LAN IP address LAN MAC dis...

Page 19: ... on the BW1254 Mode AP or Bridge mode is be used for this wireless interface Band specify which band is in use for wireless interface Total Connected Clients indicate number of the currently connected clients to your BW1254 Tx Power indicate radio transmit power of the BW1254 MAC ACL indicate the status of MAC ACL feature on BW1254 SSID Number indicate current number of enabled SSID on BW1254 Stat...

Page 20: ... on the network interface The bytes number is displayed in KB Input Packets show the packets number received on the network interface Input Errors show the packets number which contain errors preventing them from being received correctly Output Bytes KB show the total number of bytes transmitted out of the network interface The bytes number is displayed in KB Output Packets show the packets number...

Page 21: ...e gateway For Bridge type interfaces the gateway is always the gateway router Protocol specify static for setting IP address manually and dhcp for getting IP address dynamically acting as DHCP client VLAN Enable or disable VLAN on LAN bridge interface VLAN ID When enabled VLAN specify the VLAN ID of it Save save the entered values Cancel restore all previous values Change status or leave in the de...

Page 22: ...nce click Reboot button and then it is necessary to wait a moment And the message of reboot appears just like bellows Figure 20 Reboot Information Network Bridge The Spanning Tree Protocol is a network protocol that ensures a loop free topology for any bridged Ethernet local area network The basic function of STP is to prevent bridge loops and the broadcast radiation the results from them Specify ...

Page 23: ...ide attack anti attack polices can be set here based on network needs Figure 24 Attack Countermeasure settings Anti DOS Status Enable or disable anti dos policy for BW1254 This policy is for TCP DOS attack Max Load The attack threshold BW1254 think there is TCP DOS attack and do the countermeasure if one client s TCP links exceed this threshold Expire seconds If one client is considered as DOS att...

Page 24: ...ure Delete delete the selected RADIUS Server entry The last entry can not be deleted Add add new RADIUS server Click Details a similar page will be appeared as below Figure 26 Detail for Radius Server profile Name the new RADIUS server name which is used for selecting RADIUS server If a default appears on the right side of the Name entry it means this RADIUS server profile is the default profile A...

Page 25: ... Port show the network port used to communicate with the Accounting RADIUS server Accounting Secret show the shared secret string that is used to make sure the integrity of data frames used for the Accounting RADIUS server User Password Md5sum Secret show whether user input password is calculated md5 sum before pass to RADIUS server or not Back back to the RADIUS Server main page Edit edit the sel...

Page 26: ...e IP address of Accounting RADIUS server dots and digits Accounting Port specify the network port used to communicate with the Accounting RADIUS server 1 65535 Accounting Secret shared secret string that is used to make sure the integrity of data frames used for the Accounting RADIUS server The default port value for authentication is 1812 The default port value for accounting is 1813 The port spe...

Page 27: ...server Apply Changes to save all changes at once Discard Changes restore all previous values Click Apply Changes to apply all the changes Then the follow similar page will appear Figure 30 Reboot Server Reboot restart the access point to make applied changes work If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to...

Page 28: ...from the user side no network carrier before closing the connect 1 999999999 User Accounting Update Interval Seconds period after which server should update accounting information 60 999999999 User Accounting Update Retry seconds retry time period in which server should try to update accounting information before giving up 60 999999999 User Idle Timeout seconds amount of user inactivity time befor...

Page 29: ...anges click if RADIUS Properties configuration is finished Discard Changes restore all previous values Network DHCP In AP mode BW1254 can act as DHCP server The DHCP Dynamic Host Configuration Protocol service is supported on layer 2 interfaces DHCP server and DHCP relay are disabled by default Figure 33 DHCP Settings Edit edit the DHCP settings To enable DHCP server click the Edit button Figure 3...

Page 30: ... from IP Address to specify the IP address range to be dynamically allocated by the DHCP server Netmask enter the netmask for IP pool range Gateway enter the gateway IP for wireless clients WINS Address Windows Internet Naming Service specify server IP address if it is available on the network dots and digits Lease Time specify the IP address lease interval in seconds 1 1000000 Domain specify the ...

Page 31: ...r settings will be automatically adjusted to match the network interface settings The Gateway of DHCP server settings must be same with the Gateway of BW1254 For each change of settings the BW1254 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears ...

Page 32: ... button for applying all modifications And if there are still other setting modifications needed go ahead to finish all changes and then click Reboot button to restart and apply all settings together When BW1254 network Interface uses DHCP to get IP address dynamically DHCP server service cannot be enabled When BW1254 uses DHCP to get IP address the similar WEB UI will be appeared Figure 38 Warnin...

Page 33: ...s connections and kick out all the wireless clients when it detects that its Ethernet network cannot be accessed to the internet Figure 40 Link Integrity settings Click Edit button to set the Link Integrity settings the similar UI will be appeared as below Figure 41 Edit Link Integrity settings Status Enable or disable the feature of Link Integrity Target IP1 to Target IP5 IP addresses for BW1254 ...

Page 34: ...arget IP can be specified The BW1254 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears Figure 43 Reboot Server Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuou...

Page 35: ...ication AP Cert uploading the AP certification Network Tr069 Settings TR 069 is the Broadband Forum technical specification entitled CPE WAN Management Protocol CWMP It defines an application layer protocol for remote management of end user devices As a bidirectional SOAP HTTP based protocol it provides the communication between customer premises equipment CPE and Auto Configuration Servers ACS se...

Page 36: ...orm Interval the inform interval in seconds the value is 720 4294967295 Connection Request UserName when the ACS pulling a task to AP CPE such as firmware upgrade downgrade AP need the user name to verify the task sending from ACS server Connection Request Password when the ACS pulling a task to AP CPE such as firmware upgrade downgrade AP need the password to verify the task sending from ACS serv...

Page 37: ...ver and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings ...

Page 38: ...sic menu to configure wireless settings such as regulatory domain channel band and power layer 2 isolation Click the edit button on the setting you need to change Figure 48 Basic Wireless Settings with static channel selection Figure 49 Basic Wireless Settings with auto channel selection DCA ...

Page 39: ...end Fragment Threshold It specifies the maximum size for a packet before data is fragmented into multiple packets If you experience a high packet error rate you may slightly increase the fragmentation threshold Setting the fragmentation threshold too low may result in poor network performance Only minor modifications of this value are recommended The default value is 2347 recommend Beacon Interval...

Page 40: ...are clients not supporting short preamble connected otherwise using short preamble The default is Auto recommend Short always using short preamble Long always using long preamble Slot Time show the slot time policy when working in 2 4GHz band Auto using long slot time when there are clients not supporting short slot time connection otherwise using short slot time The default is Auto recommend Shor...

Page 41: ...erlapping coverage areas we recommend at least four channels interval between the chosen channels For example for three Access Points in close proximity choose channels 1 6 and 11 for 11b g or channels 36 40 and 64 for 11a Band show the working bands on which the radio is working wlan1 four bands listed 2 4GHz 11g only 2 4GHz 11n HT20 2 4GHz 11n HT20 40plus 2 4GHz 11n HT20 40minus wlan2 four bands...

Page 42: ...onment is stable which means auto channel selection needn t do frequently set a big value for DCA threshold to gain a stable wireless users connection If wireless network environment changes continually frequent auto channel selection is needed So set a relative small value for DCA threshold to let channel change based on wireless environment Wireless users will be kicked off when DCA is processin...

Page 43: ...etail with DynamicBridge setting please refer to Wireless Advanced page in DynamicBridge mode Change status or leave in the default state if no editing is necessary and click the Save button Figure 53 Apply or Discard dynamicbridge setting For such change of settings the BW1254 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears ...

Page 44: ...with multi service supporting including different security policy different VLAN ID different authentication etc All the BSSIDs are active at the same time that means client devices can associate to the access point for specific service Use the Wireless Advanced menu to configure properties related to Multiple BSSID including configure SSID Hidden SSID VLAN and Security for each SSID You can defin...

Page 45: ...name for wireless client searching and associating Hidden show the status of Hidden SSID feature disable enable Security show which security policy is used for this MBSSID entry Current Connect show the number of current wireless clients associate to this MBSSID New create a new MBSSID entry Detail show the detail information of this MBSSID entry Edit edit the selected MBSSID entry you want to con...

Page 46: ...o enable the function Only 11n only 802 11n client can connected to the SSID Disassociation low MCS low MCS client won t associate to the AP check box to enable it Max Station Number define maximum number of associated wireless client to this SSID By default the number is maximum 127 client can be associated to the AP without check box Or check box to enable limited client 1 127 Layer 2 Isolation ...

Page 47: ...must cooperate with remote Router or APC Interface priority specify the traffic priority for this SSID interface which is implemented according to 802 11e EDCA and makes sure the wireless downlink QoS This priority is based on SSID which means different BSSID can have different traffic priority and the traffic of the same SSID has the same priority This traffic priority only makes sure the priorit...

Page 48: ...on will fail The key value is set in Wireless WEP web page 802 1x when selected the MSSID entry will be configured as an 802 1x authenticator It supports multiple authentication types based on EAP Extensible Authentication Protocol like EAP TLS EAP TTLS EAP PEAP EAP SIM The privacy will be configured as dynamic WEP RADIUS Server Profile select your RADIUS server profile Please go to Network RADIUS...

Page 49: ...re 59 Multiple BSSID Setting 4 WPA PSK when selected the encrypt method will be WPA without RADIUS server WPA2 PSK when selected the security policy will be WPA2 PSK without RADIUS server In this mode only WPA2 PSK client can connect with AP and WPA PSK client is not permitted to connect WPA2 PSK MIXED when selected WPA2 PSK and WPA PSK clients are all permitted to connect with AP Use Pre Shared K...

Page 50: ... without RADIUS server Encode Pre shared key encode HEX ASCII Use Pre Shared key specify more than 8 characters and less than 64 characters for WPA with pre shared key encryption Disabled when selected you don t select any security policy Change status or leave in the default state if no editing is necessary and click the Save button Figure 61 Apply or Discard the advanced Settings in AP mode For ...

Page 51: ... BW1254 to automatically seek and associate nearby root AP and dynamically self configure for wireless bridge connection Whenever a bridge link is broken the network will auto re configure route to minimize the lost of WLAN operation It also minimized the technician intervention and reduce cost of going on site to re establish transmission paths Figure 63 Advanced Wireless Setting Bridge Mode Radi...

Page 52: ... by the root AP despite the client AP configured NetID NetID is a very important element for the dynamicbridge link The link between root and client AP will based on the same NetID to make the bridge link Security specify the security policy of the bridge link WPA PSK AES disable WPAPSK AES specify more than 8 characters and less than 64 characters for WPA with pre shared key encryption Disable no...

Page 53: ...then click Reboot button to restart and apply all settings together Wireless WEP Use the Wireless WEP menu to configure static WEP settings This menu only set static WEP key value related with 4 key indexes Enable or Disable static WEP is in the Wireless Advance menu Figure 67 WEP Settings Radio show the wireless interface Click Edit to edit the existing wepkey1 to wepkey4 By default four WEP keys...

Page 54: ...o apply all settings changes when clicking Apply Changes Request for reboot server appears Figure 70 Reboot information Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Rebo...

Page 55: ...clients connecting to the BW1254 are allowed no ACL rules are applied to the wireless clients Select Allow means only the wireless clients whose MAC are listed in the MAC List would be permitted to access this AP Other wireless client cannot access this AP Select Deny means only the wireless clients whose MAC are listed in the MAC List would be prevented from accessing Other wireless clients can a...

Page 56: ...example 00 90 4B 00 11 22 Save click the button to save the new MAC entry Figure 74 Apply or Discard MAC ACL Configuration Changes Apply Changes to save all changes made in the interface table at once Discard Changes restore all previous values For such change of settings the BW1254 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears Fi...

Page 57: ...eless Advanced page to configure intra BSS communication of users in the same BSS Full layer 2 isolation need to set both intra BSS and inter BSS layer 2 isolation The Wireless layer 2 isolation setting page is only exist in AP mode as it is only for inter BSS layer 2 isolation There is no Wireless layer 2 isolation setting page in AP Router mode Figure 76 layer 2 Isolation Service Edit edit the l...

Page 58: ... Address enter the physical address of the network device MAC address The format is a list of colon separated hexadecimal numbers for example 00 90 4B 00 11 22 Save click the button to save the new Allowed MAC List entry Cancel discard change and restore all previous values For such change of settings the BW1254 needs to be restarted to apply all settings changes when clicking Apply Changes Reques...

Page 59: ...ess point to show the RSSI channel etc information in the environment Figure 82 neighbor list Click Scan 2 4G or Scan 5G button SSID the SSID of scanned access point MAC address the MAC address of scanned access point RSSI dBm the RSSI of scanned access point in dBm Channel the channel of scanned access point Co Channel display if the neighbor access point channel same with BW1254 Y yes N no Adjac...

Page 60: ...ay in this page Figure 83 priority 5G Click Edit button to configure it Figure 84 enable 5G priority Interface the interface of BW1254 SSID the SSID of BW1254 both 2 4G and 5G Reject counter the counter that AP will reject 2 4G client connection Interval second the interval second during every reject counter Delay delay time of reject counter Enable enable or disable the function check box or not ...

Page 61: ... is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings ...

Page 62: ... BSS the client connected to User IP IP address from which the user s connection is established digits and dots Authed indicate this client is authenticated or not Wireless Auth show the authentication method which user used to connect Time Length session duration since the user login hh mm ss Idle Time amount of user inactivity time hh mm ss Action view the statistics or kickoff the user Detail c...

Page 63: ... Time Length remaining user s session time hh mm ss Session time for user is defined in the RADIUS Server Idle time specify current idle time Idle Timeout specify the time of user idle timout hh mm ss When reach the time the user will be logged out automatically Input Bytes amount of data in bytes which the user network device has received Bytes Output Bytes amount of data in bytes transmitted by ...

Page 64: ... availability This monitoring is performed with ping If the specified number of ping failures is reached failure count the user is logged out from the BW1254 Figure 89 Station Supervision To adjust the ping interval failure count click the Edit button Figure 90 Edit Station Supervision Interval define interval of sending ping to host in seconds Failure Count failure count value after which the use...

Page 65: ...pply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Services Services Telnet Use Services Telnet menu to manage the telnet SSH service of your BW1254 Figure 93 System Configuration settings Telnet Service Enable or disable telnet service of BW1254 SSH Service Enable...

Page 66: ...e values 1 32 all ASCII printable characters no spaces Default Trap community the default SNMP community name used for traps without specified communities The default community by most systems is public The community string must match the community string used by the SNMP network management system NMS 1 32 all ASCII printable characters no spaces HeartBeat Trap Interval defined the AP sending the ...

Page 67: ...e Settings menu Figure 96 Time Settings Click Edit to change current system time Figure 97 Edit Date and Time Settings Date yy mm dd Time hour minute Change the Date and Time or leave in the default value if no editing is necessary and click the Apply button Thus the modified time will be taken effect at once No reboot is needed If NTP is enabled the local time cannot be modified Since BW1254 hasn...

Page 68: ... a new NTP server setting for synchronizing time Clicking Add button to add a new NTP server Figure 99 Add new NTP server setting Two NTP servers can be configured under Services NTP menu And only IP address is accepted for NTP server Adding at least one NTP server before enable NTP service The Name of NTP server should be unique Change status or leave in the default state if no editing is necessa...

Page 69: ...ge of settings the BW1254 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears Figure 103 Reboot information Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously t...

Page 70: ...r Disable software watchdog Check Interval the periodical time that software watchdog checks the whole file system of BW1254 The hardware watchdog function will protect device even the operation system crash Figure 106 edit hardware watchdog settings Status Enable or Disable hardware watchdog The default value is enabled for both Software Watchdog and Hardware Watchdog It is strongly recommended t...

Page 71: ...r authentication in the system 4 8 characters spaces not allowed Confirm Password re enter the new password to verify its accuracy Save click to save new administrator settings Default administrator logon settings are User Name admin Password admin01 Password length is from 4 to 8 characters After filling in the right Old password and the New Password clicking the Save button for taking effect imm...

Page 72: ...log function enabled disabled Host IP specify the host IP address where to send the System Log messages dots and digits Log Level specify the remote log message level you want to trace critical error warning info and debug Do not output debug log unless there are important issue needs to be clarified Debug log will output all of the information so that it will severely drop down the network perfor...

Page 73: ...s values View view the log messages locally Click View button a similar screen will appear as below Figure 112 View Local Log Messages Clear clear current log message Refresh get the updated log messages Return back to System Log page System System Mode In this page you can select the system mode of your BW1254 Figure 113 System Mode Settings Mode select whether the system mode of BW1254 is AP mod...

Page 74: ...Apply and Reboot click the button to restart the device and apply all setting changes The BW1254 Web Interface in AP mode is different from that in AP Router mode For the detailed configuration of BW1254 working in AP Router mode please refer to the next chapter Chapter 4 Reference Manual AP Router Mode System System Info Administrator can self define the device information including the system na...

Page 75: ... upload system configuration for restore Figure 118 System Configuration settings Click the Preparation button to start saving the configuration file Click the Download button to download current working configuration locally Figure 119 Backup settings By default the device configuration name is cfgbackup cfg A configuration file name will be required when you download save the configuration file ...

Page 76: ...he specified configuration and then the similar UI appears Figure 121 Configuration Upload Restore 2 Click OK button to restore and AP will reboot immediately to take effect Figure 122 Configuration Upload Restore 3 System Reset and Reboot Use this function to reboot device or restore to factory default Figure 123 System Reset setting Reboot reboot the device Reset reset System to Factory Defaults...

Page 77: ...strator settings will be set back to the factory default when Reset is implement System Local Upgrade Upload Update your device firmware locally Figure 126 Firmware Upgrade Click the Upload and then click the browse button to specify the full path of the new firmware image and click the Upload button Figure 127 Firmware Upgrade Click the Upgrade button to flash and upgrade the firmware Please make...

Page 78: ...FTP Firmware Upgrade Current firmware version Show the current firmware version TFTP server IP address Specify the IP address of TFTP server which firmware located TFTP Time Out Secs Specify the TFTP server communication time out in second Firmware Filename Specify the upgrade firmware name to be download Figure 130 TFTP Firmware Upgrade setting Click Edit button to specify the TFTP server IP addr...

Page 79: ...pdate process It will backward to previous version in case upgrade failure System Location Settings You can define the longitude and latitude for the device information or for the NMS to locate the device location Figure 131 location setting Click edit to enter the Longitude and Latitude in digit and dot format Figure 132 edit location longitude latitude Click save button to save it ...

Page 80: ...r web browser window Web Interface The main web management menu is displayed at the top of the page after successfully logging into the system see the figure below From this menu all essential configuration pages are accessed Figure 133 Main Configuration Management Menu The web management menu has the following structure Status Device Status show the status related with the whole device Wireless ...

Page 81: ... page based by HTML page Pages configure and upload user pages Upload upload new internal user pages HTTP Headers define http headers encoding and language Remote Authentication define external Web Application Server WAS to intercept take part in the user authentication process Services Telnet Telnet SSH service SNMP SNMP service NTP NTP settings of BW1254 Time manually set time Watchdog Enable th...

Page 82: ...current configure version Up Time indicate the time expressed in days hours and minutes since the system was last rebooted System Time show the current time of the BW1254 WLAN1 MAC show the MAC addresses of the wireless interfaces of the BW1254 2G WLAN2 MAC show the MAC addresses of the wireless interfaces of the BW1254 5G Free System Memory indicate the memory currently available in the BW1254 To...

Page 83: ...ACL feature on BW1254 SSID Number indicate current number of enabled SSID on BW1254 Status Interface Statistics The Interface Statistics shows each network interface status including Input Output bytes packets or error Figure 136 Interface Statistics Interface Name show the name of each network interface where ixp0 is related to LAN interface wlan1_x is related to wireless sub interface Input Byte...

Page 84: ...4 Output Packets show the packets number transmitted out of the network interface Output Errors show the packets number which contain errors preventing them from being transmitted out correctly Refresh get the updated network interface information ...

Page 85: ...re 138 Edit Network Interfaces Settings 1 Interface standard interface name This name cannot be edited Status select the status of interface enabled disabled Do not disable the interface through which you are connected to the AP Router Disabling such interface will lose your connection to the device The interface eth1 can not be disabled Type network type cannot be changed There are two possible n...

Page 86: ...ers are a binary mask of the IP address which defines IP address order and the number of IP addresses in the subnet Gateway interface gateway For LAN type interfaces the gateway is WAN interface The gateway of the WAN interface is usually the gateway router of the ISP or other WAN network Default gateway is marked with Save save the entered values Cancel restore all previous values Figure 140 Appl...

Page 87: ...ll settings Network PPPoE The Point to Point Protocol over Ethernet PPPoE is a network protocol for encapsulating PPP frames inside Ethernet frames It is use mainly for DSL service Click Edit button to enable or disable the service Figure 142 PPPoE service Name service name Status change status for this service disable enable Figure 143 change PPPoE service Enable the PPPoE service Username enter ...

Page 88: ...and take effect all changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Network L2TP Layer 2 Tunneling Protocol L2TP is a tunneling protocol used to support virtual private netwo...

Page 89: ...ess in digits and dots notation e g 192 168 2 2 Username enter the user name Password password for the authorized user Timeout in case of connection fail the interval to re connect to the server Figure 148 edit L2TP services Click Save button and Apply Changes button to save the change or discard changes button to discard the change Figure 149 save the changes Reboot click the button to restart th...

Page 90: ...tart and take effect for all settings Network RADIUS Server Up to 32 different RADIUS servers can be configured in the RADIUS servers menu By default one RADIUS server is specified for the system Figure 151 RADIUS Servers Settings Details show the detail information of this RADIUS Server profile Edit edit the selected RADIUS Server entry you want to configure Delete delete the selected RADIUS Serv...

Page 91: ...rity of data frames used for the Authentication RADIUS server Accounting IP show the IP address of Accounting RADIUS server If the Accounting IP address is 0 0 0 0 it means that the Accounting service is disabled Accounting Port show the network port used to communicate with the Accounting RADIUS server Accounting Secret show the shared secret string that is used to make sure the integrity of data...

Page 92: ...t When selected the profile will be used as default Authentication IP specify the IP address of Authentication RADIUS server dots and digits Authentication Port specify the network port used to communicate with the Authentication RADIUS server 1 65535 Authentication Secret shared secret string that is used to make sure the integrity of data frames used for the Authentication RADIUS server Accounti...

Page 93: ...ore pass to RADIUS server for more security enabled disabled This setting needs RADIUS server do relevant configurations Save save the entered values Cancel restore all previous values After adding a new RADIUS server or editing an existing one a page appears similar to the following Figure 155 Apply or Discard RADIUS Server Changes Details show the detail information of this RADIUS Server profile...

Page 94: ...hanged continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Network RADIUS Properties General RADIUS settings are configured using the RADIUS Properties menu under the network Figure 157 RADIUS Properties settings RADIUS Retries retry count of sending RADIUS packets before giving up 0 99 RADIUS Timeout seconds maximum amount of time ...

Page 95: ...le Timeout seconds amount of user inactivity time before automatically disconnecting user from the network 1 999999999 Bandwidth Up maximum bandwidth up at which corresponding user is allowed to transmit bps Bandwidth Down maximum bandwidth down at which corresponding user is allowed to receive bps Each setting in this table can be edited Select RADIUS setting you need to update click the edit nex...

Page 96: ...ice service allows BW1254 subscribers to enter URLs instead of IP addresses into their browser to reach the desired web site You can enter the DNS server settings under the Network DNS menu The DNS server setting s table is displayed Figure 160 DNS Settings You can enter the primary and secondary DNS servers settings by click the edit button in the action column and type in the DNS server s IP add...

Page 97: ...k the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Network DHCP In AP Router mode the BW1254 can act as a DHCP Server The DHCP D...

Page 98: ...the DHCP service mandatory fields Netmask show the subnet mask of current interface Gateway show the interface gateway WINS Windows Internet Naming Service Address specify service IP address if it is available on the network dots and digits Lease Time specify the IP address renewal in seconds 1 1000000 Domain specify DHCP domain name optional 1 128 sting DNS Address specify the DNS server s IP add...

Page 99: ...correct click Apply Changes request for reboot server appears Figure 168 Reboot information Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and tak...

Page 100: ...ved on an interface with specific destination addresses By default no static routes are defined on the system Figure 170 Static Route Page A routing rule is defined by the target subnet target IP address and subnet mask interface and or gateway where to route the target traffic A data packet that is directed to the target network is routed to the specified AC interface or to another gateway router...

Page 101: ...ent is considered as DOS attacker BW1254 kicks it out and doesn t let it connect again during the time that Expire set Flow Control Status Enable or disable traffic flow control policy for BW1254 Max Load The attack throughput threshold Duration seconds if traffic exceeds the value of Max Load during the whole time that Duration set BW1254 think there is traffic flow attack and do the countermeasu...

Page 102: ... all IP address specified it will consider Ethernet link fail and all associated wireless client will be logged out The AP will continue to ping from first IP address If ping success the wireless will be enable again and client can access the AP Save save the entered values Cancel restore all previous values Click Save the similar apply changes UI will be appeared Figure 176 Apply or Discard Link ...

Page 103: ...tocol for remote management of end user devices As a bidirectional SOAP HTTP based protocol it provides the communication between customer premises equipment CPE and Auto Configuration Servers ACS server It includes both a safe auto configuration and the control of other CPE management functions within an integrated framework The protocol addressed the growing number of different internet access d...

Page 104: ...form Interval the inform interval in seconds the value is 720 4294967295 Connection Request UserName when the ACS pulling a task to AP CPE such as firmware upgrade downgrade AP need the user name to verify the task sending from ACS server Connection Request Password when the ACS pulling a task to AP CPE such as firmware upgrade downgrade AP need the password to verify the task sending from ACS ser...

Page 105: ...y the changes Figure 181 reboot device If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings ...

Page 106: ...ic menu to configure wireless settings such as regulatory domain channel band and power layer 2 isolation Click the edit button on the setting you need to change Figure 182 Basic Wireless Settings with static channel selection Figure 183 Basic Wireless Settings with auto channel selection DCA ...

Page 107: ...ecommend Fragment Threshold It specifies the maximum size for a packet before data is fragmented into multiple packets If you experience a high packet error rate you may slightly increase the fragmentation threshold Setting the fragmentation threshold too low may result in poor network performance Only minor modifications of this value are recommended The default value is 2347 recommend Beacon Int...

Page 108: ...supporting short preamble connected otherwise using short preamble The default is Auto recommend Short always using short preamble Long always using long preamble Slot Time show the slot time policy when working in 2 4GHz band Auto using long slot time when there are clients not supporting short slot time connected in otherwise using short slot time The Switching between long and short slot time i...

Page 109: ...four channels interval between the chosen channels For example for three Access Points in close proximity choose channels 1 6 and 11 for 11b g or channels 36 40 and 64 for 11a Band show the working bands on which the radio is working wlan1 four bands listed 2 4GHz 11g only 2 4GHz 11n HT20 2 4GHz 11n HT20 40plus 2 4GHz 11n HT20 40minus wlan2 four bands listed 5GHz 11a 5GHz 11n HT20 5GHz 11n HT20 40...

Page 110: ...tion needn t do frequently set a big value for DCA threshold to gain a stable wireless users connection If wireless network environment changes continually frequent auto channel selection is needed So set a relative small value for DCA threshold to let channel change based on wireless environment Wireless users will be kicked off when DCA is processing new operational frequency channel takes effec...

Page 111: ... Basic Wireless Settings with Static Channel selection Figure 187 Apply or Discard Basic Wireless Settings with DCA enabled For such change of settings the BW1254 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears ...

Page 112: ...ssign different configuration settings to each BSSID For wireless users they can think BW1254 as single AP with multi service supporting including different security policy different VLAN ID different authentication etc All the BSSIDs are active at the same time that means client devices can associate to the access point for specific service Use the Wireless Advanced menu to configure properties r...

Page 113: ...me for wireless client searching and associating Hidden show the status of Hidden SSID feature disable enable Security show which security policy is used for this MBSSID entry Current Connect show the number of current wireless clients associate to this MBSSID New create a new MBSSID entry Detail show the detail information of this MBSSID entry Edit edit the selected MBSSID entry you want to confi...

Page 114: ...to enable the function Only 11n only 802 11n client can connected to the SSID Disassociation low MCS low MCS client won t associate to the AP check box to enable it Max Station Number define maximum number of associated wireless client to this SSID By default the number is maximum 127 client can be associated to the AP without check box Or check box to enable limited client 1 127 Layer 2 Isolation...

Page 115: ... must cooperate with remote Router or APC Interface priority specify the traffic priority for this SSID interface which is implemented according to 802 11e EDCA and makes sure the wireless downlink QoS This priority is based on SSID which means different BSSID can have different traffic priority and the traffic of the same SSID has the same priority This traffic priority only makes sure the priori...

Page 116: ...ion will fail The key value is set in Wireless WEP web page 802 1x when selected the MSSID entry will be configured as an 802 1x authenticator It supports multiple authentication types based on EAP Extensible Authentication Protocol like EAP TLS EAP TTLS EAP PEAP EAP SIM The privacy will be configured as dynamic WEP RADIUS Server Profile select your RADIUS server profile Please go to Network RADIU...

Page 117: ...re 193 Multiple BSSID Setting 4 WPA PSK when selected the encrypt method will be WPA without RADIUS server WPA2 PSK when selected the security policy will be WPA2 PSK without RADIUS server In this mode only WPA2 PSK client can connect with AP and WPA PSK client is not permitted to connect WPA2 PSK MIXED when selected WPA2 PSK and WPA PSK clients are all permitted to connect with AP Use Pre Shared ...

Page 118: ...I without RADIUS server Encode Pre shared key encode HEX ASCII Use Pre Shared key specify more than 8 characters and less than 64 characters for WPA with pre shared key encryption Disabled when selected you don t select any security policy Change status or leave in the default state if no editing is necessary and click the Save button Figure 195 Apply or Discard the advanced Settings in AP mode Fo...

Page 119: ...tton to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings Wireless WEP Use the Wireless WEP menu to configure static WEP settings This menu only set static WEP key value related with 4 key indexes Enable or Disable static WEP is in the Wireless Advance menu Figur...

Page 120: ... 6161616161 hexadecimal characters They can be modified according to requirement Figure 198 Edit WEP Key Change status or leave in the default state if no editing is necessary and click the Save button Figure 199 Apply or Discard WEP Configuration For each change of settings the BW1254 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears...

Page 121: ...all settings Wireless MAC ACL Use the MAC ACL service to control the default access to the wireless interface of the BW1254 or define special access rules for mobile clients Configure the ACL using the Wireless MAC ACL menu Figure 201 MAC ACL Service Radio show the wireless interface The wireless interface which is Bridge mode hasn t MAC ACL settings Policy click the edit button to choose Allow De...

Page 122: ...u must create MAC List to work with Policy setting The access control list is based on the network device s MAC address In the MAC ACL Configuration table you only need to specify the MAC address of wireless client Click the Add button to create a new MAC entry Figure 203 Add MAC entry MAC Address enter the physical address of the network device you need to MAC address The format is a list of colo...

Page 123: ...y Changes Request for reboot server appears Figure 205 Reboot Server Reboot click the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settin...

Page 124: ... BSS the client connected to User IP IP address from which the user s connection is established digits and dots Authed indicate this client is authenticated or not WEB Auth L2 Auth show the authentication method which user uses to connect Time Length session duration since the user login hh mm ss Idle Time amount of user inactivity time hh mm ss Action view the statistics or kickoff the user Detai...

Page 125: ...d layer2 authentication status layer2 authentication include all supported EAP type of 802 1x auth and MAC auth WISP WISP domain name where the user belongs Session ID the unique user s session ID number This can be used for troubleshooting purposes Remaining Time Length remaining user s session time hh mm ss Session time for user is defined in the RADIUS Server Idle time specify current idle time...

Page 126: ...s to connect client s statistics list Kickoff click this button to logout the user from access point Refresh click the button to refresh users statistics User Station Supervision The Station Supervision function is used to monitor the connected host station availability This monitoring is performed with ping If the specified number of ping failures is reached failure count the user is logged out f...

Page 127: ...the button to restart the server and apply the changes If there is no other settings needed to be modified click the Reboot button to apply all changes If there are any other settings need to be changed continuously to finish and apply all changes and then click Reboot button to restart and take effect for all settings User User ACL User ACL provide high flexibility for administrator to define the...

Page 128: ...igure 215 Create a new rule third step Third step choose the type of source port and destination port any port special port Figure 216 Create a new rule fourth step Fourth step fill out the source IP address and destination IP address including IP address and net mask if you choose any IP in second step you need not fill out the IP address fill out the source port and destination port if you selec...

Page 129: ...ronment that controls the user s access to Web content and services It is to define a free restricted service set for a user do not logged into the system Use the User walled garden menu to view or change the free URLs or hosts Figure 220 Walled Garden New URL click the new URL button and enter the new URL and its description Save entered information by clicking the update button Figure 221 Add Ne...

Page 130: ...erver address IP address or host name Netmask enter the network mask to specify the host servers network Port network port which is used to reach the host 1 65535 For standard protocols use the default ports Protocol Port HTTP 80 HTTPS 443 FTP 21 User WISP Different WISPs Wireless Internet Service Providers can be associated with appropriate RADIUS servers and device interfaces using the User WISP...

Page 131: ...of prefix length is from 2 to 6 Figure 225 Domain Policy Add WISP click to define WISP for RADIUS server Figure 226 Define New WISP Name new WISP domain name string up to 256 symbols no space dot or dash allowed RADIUS Name select RADIUS for new WISP from list box non editable Save click the button to save the new WISP Cancel restore all previous values Figure 227 Apply or Discard Changes of WISP ...

Page 132: ...e The start page is the default web page where users will be redirected after log on This value will be overwritten by the WISP RADIUS attribute no 4 Redirection URL if provided in the authentication response message Use the User Start Page menu to view or change the start page URL Figure 229 Start Page The administrator can change the start page by clicking the Edit button The value entry field w...

Page 133: ...hen click Reboot button to restart and take effect for all settings User Customized UAM Customized UAM let owner upload their own login and logout page to BW1254 to apply with enterprise style or do advertisements User customized page is based on HTML BW1254 support internal and external customized UAM Internal means user can upload their html login and logout page to BW1254 External means BW1254 ...

Page 134: ...ll pop out a logout page for user In default this setting is enabled if customized page is enabled Logout Page s Dimension for the difference of logout page s dimension which make by customer BW1254 will use this data to pop out user s customized logout page Use External Page if this item is enabled BW1254 will fetch login and logout page from an external web server Second is update html files for...

Page 135: ...icture file format is JPG GIF PNG and CSS After select the file you want press upload button and the files will upload to BW1254 after successful upload files you can see the page below Picture and CSS files name need be consistent with your login or logout html pages The login and logout html file can be what ever you want Don t forget fill out the Logout page s dimension or logon user maybe can ...

Page 136: ...6 Flash upload files OK After successful flash the files uploaded files will appear in uploaded file list Next is an example for customized login and logout page Figure 237 Example login and logout page For external page enabled the Use External Page as below ...

Page 137: ...he welcome login logout help pages can be easily changed to user defined pages by choosing the edit menu The pages configuration menu is displayed by default In External page mode BW1254 will only fetch the login and logout html page to local the picture or the CSS file which link on the customized login logout page will not be fetch So the link to the picture and CSS file on user customized html ...

Page 138: ...direct choose this option when using the Extended UAM function see Chapter 5 User Pages Status choose enable disable welcome page status Note that redirect option with status disabled would work Location enter location for external templates or redirect e g WAS IP address Figure 240 Redirect User Pages Welcome page with redirect option selected redirects the user authentication process to the spec...

Page 139: ...BW1254 web management interface and new uploaded user pages Select User HTTP Headers menu Figure 243 HTTP Headers Settings BW1254 device supports some http META tags Syntax of such META tags META HTTP EQUIV name CONTENT content Currently BW1254 supports Content Type and Content Language tags Content Type is used to define document char set used when text has non Latin letters like language letters...

Page 140: ...n the user authentication process and to log on and log off users externally It provides a means to query user session information as well By default such remote authentication is disabled Figure 245 Remote Authentication Click the edit button next to appropriate settings to specify remote authentication parameters Figure 246 Enable Remote Authentication Remote Authentication select status enabled...

Page 141: ...s on both ends manager and agent Use the Services SNMP menu to change current SNMP configuration Figure 248 SNMP settings Readonly community community name is used in SNMP version 1 and version 2c Read only public community allows reading values but denies any attempt to change values 1 32 all ASCII printable characters no spaces Readwrite community community name is used in SNMP version 1 and ver...

Page 142: ...manager IP address dots and digits Host Port enter the port number the trap messages should be send through number Trap Type select trap message type v1 v2 inform Community specify the community name at a SNMP trap message This community will be used in trap messages to authenticate the SNMP manager If not defined the default trap community name will be used specified in the SNMP table 1 32 all AS...

Page 143: ...d button to add a new NTP server Figure 252 Add new NTP server setting Two NTP servers can be configured under Services NTP menu And only IP address is accepted for NTP server Please enter at least one NTP server when enable NTP service The Name of NTP server should be unique Change status or leave in the default state if no editing is necessary and click the Save button Figure 253 Save the NTP se...

Page 144: ...tus Click Save button to save new Time Zone setting Figure 255 Apply or Discard Time Zone NTP status Changes For each change of settings the BW1254 needs to be restarted to apply all settings changes when clicking Apply Changes Request for reboot server appears Figure 256 Reboot information ...

Page 145: ...anually under Services Time menu Figure 257 Time Settings Click Edit to change current system time Figure 258 Edit Date and Time Settings Change the Date and Time or leave in the default value if no editing is necessary and click the Apply button Thus the modified time will be taken effect at once No reboot is needed If NTP is enabled the local time cannot be modified Since BW1254 hasn t RTC real ...

Page 146: ... watchdog checks the whole file system of BW1254 The hardware watchdog function will protect device even the operation system crash Figure 261 edit hardware watchdog settings Status Enable or Disable hardware watchdog The default value is enabled for both Software Watchdog and Hardware Watchdog It is strongly recommended to enable the watchdog function Click Save and follow the UI instruction to a...

Page 147: ...user authentication in the system 4 8 characters spaces not allowed Confirm Password re enter the new password to verify its accuracy Save click to save new administrator settings Default administrator logon settings are User Name admin Password admin01 Password length is from 4 to 8 characters After filling in the right Old password and the New Password clicking the Save button for taking effect ...

Page 148: ...mote log enabled disabled Host IP specify the host IP address where to send the System Log messages dots and digits Log Level specify the remote log message level you want to trace critical error warning info and debug Do not output debug log unless there are important issue needs to be clarified Debug log will output all of the information so that it will severely drop down the network performanc...

Page 149: ...u want to trace critical error warning info and debug Save save changes Cancel restore the previous values View view the log messages locally Click View button a similar screen will appear as below Figure 267 View Local Log Messages Clear clear current log message Refresh get the updated log messages Return back to System Log page System System Mode In this page you can select the system mode of y...

Page 150: ...pply all setting changes The Web Interface in AP Router mode is different from that in AP mode For the detailed configuration of BW1254 working in AP mode please refer to Chapter 3 Reference Manual AP Mode System System Info Administrator can self define the device information including the system name system location and system contact information of his BW1254 Figure 269 System info Settings Sys...

Page 151: ...Upload upload system configuration for restore Figure 273 System Configuration settings Click the Preparation button to start saving the configuration file Click the Download button to download current working configuration locally Figure 274 Backup settings By default the device configuration name is cfgbackup cfg A configuration file name will be required when you download save the configuration...

Page 152: ...he specified configuration and then the similar UI appears Figure 276 Configuration Upload Restore 2 Click OK button to restore and AP will reboot immediately to take effect Figure 277 Configuration Upload Restore 3 System Reset and Reboot Use this function to reboot device or restore to factory default Figure 278 System Reset setting Reboot reboot the device Reset reset System to Factory Defaults...

Page 153: ...istrator settings will be set back to the factory default when Reset is implement System Local Upgrade Upload Update your device firmware locally Figure 281 Firmware Upgrade Click the Upload and then click the browse button to specify the full path of the new firmware image and click the Upload button Figure 282 Firmware Upgrade Click the Upgrade button to flash and upgrade the firmware Please mak...

Page 154: ...FTP Firmware Upgrade Current firmware version Show the current firmware version TFTP server IP address Specify the IP address of TFTP server which firmware located TFTP Time Out Secs Specify the TFTP server communication time out in second Firmware Filename Specify the upgrade firmware name to be download Figure 285 TFTP Firmware Upgrade setting Click Edit button to specify the TFTP server IP addr...

Page 155: ...update process It will backward to previous version in case upgrade failure System Location Settings You can define the longitude and latitude for the device information or for the NMS to locate the device location Figure 286 location setting Click edit to enter the Longitude and Latitude in digit and dot format Figure 287 edit location longitude latitude Click save button to save it ...

Page 156: ...abled on the BW1254 for subscribers The following mentioned user pages are factory default The operator owner can upload new templates for all user pages based on their designed Contact with BROWAN if you need the User Pages templates samples User Pages Overview Welcome Page Welcome page is the first page a subscriber receives when he starts his web browser and enters any URL By default it s a ver...

Page 157: ...s In addition a smaller logout window page pops up The operator owner can change the login page according to its needs See more details in section Changing User Pages Logout Page Make sure the JavaScript is enabled on your Web browser otherwise you will not receive the logout page The Logout page contains the detailed subscriber s session information and provides function for logging out of the ne...

Page 158: ...nd unlimited Total bytes left session total download and upload bytes left for subscriber limited form RADIUS in B KB MB GB and unlimited time length left time length left in format hours minutes seconds Bandwidth downstream upstream available upstream and downstream bandwidth for subscriber limited from RADIUS in bps Refresh button click the button to refresh the subscriber session information Th...

Page 159: ...wo ways to change and store new user page templates External linking new user page templates from an external server Internal upload new templates to local memory Supported user pages template formats XSL Extensible Style sheet Language for welcome login logout one click pages HTML Hypertext Markup Language for help unauthorized pages The welcome Login and logout pages must be in XSL format The fo...

Page 160: ...under the use column Figure 295 configure external pages Step 4 Specify the new user page location in the location field http servername filelocation Figure 296 configure external pages Do not to upload different type of formats It will not be displayed properly Step 5 Save entered changes with the apply changes button ...

Page 161: ... 160 of 184 Figure 297 configure external pages Step 6 Check for new uploaded user page e g login Figure 298 login page If at anytime you wish to restore factory default user pages click the reset button under the system reset reboot menu ...

Page 162: ... option is defined for all pages Figure 299 internal pages Step 2 Under the user upload menu click the upload button to upload new prepared user pages Figure 300 upload page The memory space in the AP for internal user pages is limited to 1 MB Step 3 Specify the location of new user page templates by clicking the browse button or enter the location manually Specify the location for the additional ...

Page 163: ... the upload process a number of times until all necessary images are uploaded Step 5 Check for the newly uploaded user pages and images to ensure that everything is uploaded and displayed correctly Go to the link https device IP address to get to the new user welcome page Figure 302 customize welcome page Click the here link or enter the link directly https device IP address login user to get to t...

Page 164: ...BW1254 User Guide v1 0 Nov 2013 Page 163 of 184 Figure 303 customize login page If at anytime you wish to restore the factory default user pages click the reset button under the system reset reboot menu ...

Page 165: ...thentication process AC intercepts any access to the Internet via HTTP and redirects the client to the welcome or login URL on AC In order to render the custom login screen HTML page the AC must be configured to 2 fetch XSL script from a remote server which in this case is a Web Application Server WAS or have custom XSL uploaded on the AC There is the ability to enable caching of XSL scripts see U...

Page 166: ... is re directed to the external server WAS Client AC WAS RADIUS Server 1 Initial Request 2 Replay with HTTP redirect 3 Direct client communication with WAS 4 Client sends his her login and password 8 WAS reports client status authenticated or not 5 WAS tries to authenticate client 6 AC sends request to RADIUS 7 RADIUS replay authenticated or not Figure 305 Client Remote Authentication Scheme 2 The...

Page 167: ...onal Lanip The IP address of the LAN interface the user is connected to Can be changed or specified under the Network Interface menu In order to logon log off or get user status WAS submits POST request to the following URLs 1 Remote user logon Script name pplogon user Parameters secret shared secret to protect page from accidental use ip IP address of user to be logged on Username Username of the...

Page 168: ...from accidental use ip IP address of user to be logged off username Username of the user to be logged off mac AC address of the user to be logged off All parameters are required except the IP and MAC At least one of IP and MAC addresses should be supplied If supplied only IP user is checked and logged off by username and IP If IP and MAC addresses are supplied then user is checked and logged off b...

Page 169: ...sharedSecret username UserName ip user_I P_address Script produces XML output XML output when some error occurs ppstatus status No user by IP status error 122 error description User with supplied IP address not found description ppstatus Response statuses and error codes status error description OK 0 User status is ok Not checked 100 Status information not checked No IP 101 No user IP address supp...

Page 170: ...try id 11 unlimited entry entry id 12 unlimited entry entry id 13 32 Mbps entry entry id 14 32 Mbps entry entry id 15 04 59 55 entry entry id 16 EAP entry ppstatus Status detailed information by ID id description 1 User name 2 User IP address 3 User MAC address 4 Session time 5 Session ID 6 User idle time 7 Output bytes 8 Input bytes 9 User WISP name 10 Remaining bytes 11 Remaining output bytes 12...

Page 171: ...uper administrator and go to User Customized UAM In order to configure BW1254 using the customized login logout page Customize Page status must be set to enable To enable Customized Page edit the Customize page status User Customized UAM and set to Enabled See the diagram below Figure 306 enable customize page status Figure 307 customize page status is enabled To start to upload the customized tem...

Page 172: ...er the physical path and filename of the coffee template files or click the browse button to search the coffee template files are located The first two items are for login html and logout html files only Additional files are for CSS and image files such as jpg gif png and etc ...

Page 173: ...ten Additional files can be uploaded at one time To upload more additional file repeat the same upload process in step 2 4 but please be aware of the first two items are only for login html and logout html files Image files can only be uploaded to Additional file fields Figure 310 upload other files Once all files are uploaded successfully a list of Uploaded File List will show ...

Page 174: ... size setting of logout page and press the Save button E g the coffee bar template the suggested size of logout page is 760 x 601 Figure 312 set the pixels of logout window Step3 Everything is ready Now any users that access the internet via the BW1254 will see the new personalized login and logout pages Let s look at the new appearance of login and logout page based on the coffee bar template Mak...

Page 175: ...BW1254 User Guide v1 0 Nov 2013 Page 174 of 184 Figure 313 example of coffee bar login page Figure 314 example of coffee bar logout page ...

Page 176: ...tus width 250 height 240 marginwidth 0 marginheight 0 scrolling yes frameborder 0 iframe td These set of code uses an embedded window to show the session data in logout window Comment them with HTML comments language and will hide the session data in logout window 3 Question If I don t want the logout window to pop up to users how could I do Answer Please login BW1254 and go to User Customized UAM...

Page 177: ...its WEP DynamicBridge Up to 31 bridge links Interface LAN 10 100 100Mb Ethernet auto sensing RJ 45 Console 1 for RJ 45 interface Management Interfaces HTTPs Secure Telnet SSHv2 SNMP Software Update Remote software update via HTTPs Reset H W and S W restore factory default Physical Specification Dimension 195 mm x 165 mm x 35 mm Weight 790 10g Environment Specification Temperature Humidity Operatin...

Page 178: ...t Interface br0 Type LAN IP Address 192 168 2 2 Netmask 255 255 255 0 Gateway 0 0 0 0 AP Router Mode Interface eth0 Type WAN IP Address 192 168 2 2 Netmask 255 255 255 0 Gateway 192 168 2 1 Network RADIUS Properties RADIUS Retries 5 RADIUS Timeout 2 NAS Server ID User Session Timeout 72000 User Accounting Update Interval 600 User Accounting Update Retry 60 User Idle Timeout 900 Bandwidth Up 512 Kb...

Page 179: ... router mode Type Primary IP Address 0 0 0 0 Type Secondary IP Address 0 0 0 0 Network Static Route only for AP router mode No routes are defined on system WISP No WISP defined on system Wireless Basic WLAN1 Regulatory Domain FCC Channels 11 static Wireless Band 2 4GHz 11n HT20 Total Output Power EIRP 14dBm RTS Threshold 2347bytes Layer2 Isolation disabled Operation Mode AP WLAN2 Regulatory Domain...

Page 180: ...outer mode Use SSL Disabled Customize Page Disabled User Station Supervision Interval 20 Failure count 3 User WISP Only for AP router mode Domain Policy Username domain No WISP defined on system System Settings System Administrator Super administrator Username admin case sensitive Password admin01 case sensitive System SNMP SNMP Service Enabled Readonly Community public Readwrite Community private...

Page 181: ...der as given in ISO 3166 1 and the corresponding ISO 3166 1 alpha 2 code elements It lists 239 official short names and code elements Location ID Country Location ID Country AF Afghanistan LI Liechtenstein AL Albania LT Lithuania DZ Algeria LU Luxembourg AS American Samoa MO Macao AD Andorra MK Macedonia the former Yugoslav republic of AO Angola MG Madagascar AI Anguilla MW Malawi AQ Antarctica MY...

Page 182: ...aragua BF Burkina Faso NE Niger BI Burundi NG Nigeria KH Cambodia NU Niue CM Cameroon NF Norfolk island CA Canada MP Northern Mariana islands CV Cape Verde NO Norway KY Cayman islands OM Oman CF Central African republic PK Pakistan TD Chad PW Palau CL Chile PS Palestinian territory occupied CN China PA Panama CX Christmas island PG Papua new guinea CC Cocos keeling islands PY Paraguay CO Colombia ...

Page 183: ... Polynesia ZA South Africa TF French southern territories GS South Georgia and the south sandwich islands GA Gabon ES Spain GM Gambia LK Sri Lanka GE Georgia SD Sudan DE Germany SR Suriname GH Ghana SJ Svalbard and Jan Mayan GI Gibraltar SZ Swaziland GR Greece SE Sweden GL Greenland CH Switzerland GD Grenada SY Syrian Arab republic GP Guadeloupe TW Taiwan province of china GU Guam TJ Tajikistan GT...

Page 184: ...istan JO Jordan VU Vanuatu KZ Kazakhstan Vatican city state see holy see KE Kenya VE Venezuela KI Kiribati VN Viet nam KP Korea democratic people s republic of VG Virgin islands British KR Korea republic of VI Virgin islands u s KW Kuwait WF Wallis and Futuna KG Kyrgyzstan EH Western Sahara LA Lao people s democratic republic YE Yemen LV Latvia YU Yugoslavia LB Lebanon Zaire see Congo the democrat...