Cerio SEFA OW-500 A1, User Manual

Page 1: ...V2 0 CERIO Corporation CenOS 5 0 User Manual for OW 500 A1 eXtreme Power Wave2 4X 2x2 18dBi Tri Band Outdoor Bridge AP ...

Page 2: ...izes Access Point 12 2 3 Client Bridge Repeater Mode 13 2 4 WISP Repeater AP Mode 14 3 System Configuration 15 3 1 Management 15 3 2 Configure Time Server 18 3 3 SNMP 19 3 4 Configure Time Policy 20 4 CAP Mode 22 4 1 VLAN Setup 22 4 2 AP Control 25 4 2 1 Scan Device 25 4 2 2 Batch Setup 26 4 2 3 AP Setup 29 4 2 4 Group Setup 30 4 2 5 Map Setup 30 4 2 6 Authentication Profile 32 4 2 7 Status 33 4 3...

Page 3: ...11r Fast Roaming Setup 46 5 2 Authentication 48 5 2 1 Enable Authentication function 49 5 2 2 Set Authentication function 50 Google OAuth2 0 setup sample 52 Facebook OAuth2 0 setup sample 55 5 2 3 POP3 IMAP Server 59 5 2 4 Customize Page 60 i Language 62 ii Walled Garden 63 iii Privilege Address 63 iv Profile 64 5 3 RADIUS Server 64 5 4 RADIUS Account Setup 65 5 5 Wireless Configuration 66 5 5 1 R...

Page 4: ... 2 5G Basic Setup 85 6 3 3 Advanced Setup 87 6 3 4 WMM Setup 89 6 3 5 Station Setup 91 6 3 6 Repeater AP Setup 93 6 3 7 MAC Filter Setup 95 6 3 8 802 11r Fast Roaming Setup 96 7 WISP Mode 99 7 1 Configure WAN Setup 99 7 2 Configure LAN Setup 103 7 3 Configure DHCP Setup 105 7 4 Wireless General Setup 107 7 4 1 Radio 0 2 4G Basic Setup 107 7 4 2 Radio 1 5G Radio 2 5G Basic Setup 109 7 4 3 Advanced ...

Page 5: ...ilities 130 8 1 Profile Setting 130 8 2 System Upgrade 131 8 3 MAN Mesh Activation 133 8 4 Network Utility 133 8 5 Reboot 134 9 Status 135 9 1 Overview 135 9 2 Wireless Client 137 9 3 Online Users 138 9 4 Authentication Log 139 9 5 System Log 139 10 Other technical documents 141 10 1 Point to Point Multi Point for WDS settings 141 10 2 Apply CERIO web authentication login page sample 142 Appendix ...

Page 6: ...e manual 5 5 2 Radio 1 5G Setup instructions 2 The device don t add the hardware return factory value button if software want to reset to default then must use RJ 45 reset function kit Accessories under working of the device power on state use RJ 45 cable connection to ETH2 port and function kit after link about 5 sec remove RJ 45 reset function kit the software will reset to default As shown RJ 4...

Page 7: ...agram Step 1 Please click on the computer icon in the bottom right window and click Open Network and Internet settings Step 2 After click left side Ethernet function click on the right side Change adapter options again 1 2 1 2 ...

Page 8: ...N and Click the right button on the mouse and Click Properties Step 4 In Properties page to setting IP address please find Internet Protocol Version 4 TCP IPv4 and double click or click OK button Step 5 Select Use the following IP address and fix in IP Address 192 168 2 1 2 ...

Page 9: ...mputer IP setting 1 3 Login Web Page Launch Web Browser Launch as web browser to access the web management interface of system by entering the default IP Address http 192 168 2 254 in the URL field and then press Enter System Login Default login Usermane is root and Password is default 1 2 root default ...

Page 10: ...nt mode It can be deployed as a traditional fixed wireless Access Point It allow wireless clients or Stations STA to access Supports DHCP Service allowing for automated assigning of IP addresses to clients connecting to the network WDS Setup includes AES Advanced Encryption Standard Authentication This enables the wireless interconnection of Access Point in a IEEE802 11 network and accepts wireles...

Page 11: ...as well as applications for long distance point to multipoint wireless connections You can enable the WDS function under the Access Point AP Mode which is an application of AP WDS which means that the device can also use the services of the Access Ponit AP station it can be used for long distance with another AP through WDS ...

Page 12: ... centralized management of multiple wireless APs in AP mode It can mainly perform centralized settings VLAN management and AP monitoring All the wireless APs in the CenOS5 0 series are under centralized control and management Control Management of CenOS5 0 APs AP Management support 802 1Q VLAN infrastructure Centralized setting Access Point function and firmware upgrade APs Group management for co...

Page 13: ...tion AP can be used normally after bridging with the upper AP It can be used as a Client Bridge Repeater AP to receive wireless signals over last mile applications helping WISPs deliver wireless broadband Internet service to new residential and business customers In this mode the AP is enabled with DHCP Server functions The wired clients of the AP are in the same subnet from Main AP and it accepts...

Page 14: ...as an WISP Wireless Internet Service Provide to receive wireless signals over last mile application helping WISPs deliver wireless broadband Internet service to residents and business customers In the WISP CPE mode the CenOS 5 0 AP is a gateway enabled with NAT and DHCP Server functions The wired clients connected to APs are in different subnet from those connected to Main AP and in WISP CPE mode ...

Page 15: ...ns in this page and modify system login password and select use system login protocol by 80 443 23 22 Port The management page adds LED control on off and system auto reboot function There are common functions in any mode have management Time Server SNMP and Time Policy Please refer to the following detailed instructions ...

Page 16: ...e system when ever there is a network or AP issue Ping Watchdog Enter IP address of remote device Interval Ping interval of time Delay After system start the set time value starts execution Ping watchdog Times of faults After the error exceeds the set value system will auto reboot Login Methods Administrator can set system login protocol of the http https telnet and ssh Access WAN Administrator ca...

Page 17: ... time management Daily Setting time to system reboot Weekly Setting frequency ex Weekly and time of system reboot Monthly Setting Every month fixed date and time to system reboot Click Save button to save your changes And click Reboot button to activate your changes ...

Page 18: ...ired time zone from the drop down list Daylight saving Time Enable or disable Daylight saving Manual Administrator must to set the system time Click Set Time to activate your changes Administrator can select manual or via a NTP server to modify system time for the right local time If select update the system time for manual when administrator reboot system the system time will reply default If sel...

Page 19: ... only access Ro password Set a password to authorize read only access RW username Set a community string to authorize read write access RW password Set a password to authorize read write access SNMP Trap Events such as cold start interface up down and association disassociation will report to an SNMP is an application layer protocol that provides a message format for communication between SNMP man...

Page 20: ...mote hosts to receive trap messages Click Save button to save your changes And click Reboot button to activate your changes 3 4 Configure Time Policy Please click Edit button to setting Time Policy rules The administrator can set the time schedule After setting the time schedule rules specific functions can be applied Please click System Settings Time Policy to enter the rule setting list click th...

Page 21: ... execution the rules Create New Policy button Administrator can set time for week start time and end time Click Save button to add schedule to policy There are 10 schedule maximum allowed in the each time policy All schedules can be edited or removed in the each time policy Click Reboot button to activate your changes ...

Page 22: ...s primarily to control all the managed AP The following describes setup function in system menu 4 1 VLAN Setup Setup Control AP of LAN or VLAN IP Address Gateway DNS and Ethernet Tag etc Please click on System VLAN Setup This VLANs support max 16 IEEE 802 1q tag VLANs ...

Page 23: ...or disable the VLAN function IP setup Administrator can set the VLAN IP address and NetMask or disable IP 802 1d Spanning Tree The spanning tree network protocol provides a loop free topology for a bridged LAN between LAN interface and 8 WDS interfaces from wds0 to wds7 The Spanning Tree Protocol which is also referred to as STP is defined in the IEEE Standard 802 1d There must always be at least ...

Page 24: ...t Gateway IP Address is 192 168 2 1 Please check your Gateway IP and change DNS Check either No Default DNS Server or Specify DNS Server IP button as desired to set up the system DNS Primary The IP address of the primary DNS server Secondary The IP address of the secondary DNS server Click Save button to save your set function Then click Reboot button to activate your changes ...

Page 25: ... Scan Device to discover Access Points in the network architecture 2 Set IP address for all managed Access Points and reboot managed Access Points 3 Re Scan managed APs and Import to databases 4 Centralize managed AP settings by clicking AP control Batch setup 5 After the setup is complete for managed APs function administrator must reboot all managed APs 4 2 1 Scan Device This management page can...

Page 26: ... AP F W Date Display firmware Release date for managed AP IP Address Administrator can set single IP address for Managed AP Netmask Administrator can set single Netmask for Managed AP Default Administrator click the button will can reset to default for select managed APs Control Port Administrator can change VLAN network for managed APs VLAN TAG Administrator can set VLAN TAG ID for managed APs IP...

Page 27: ... 2 4 Group setup Administrators can select and change group settings of managed APs Batch Setup Administrator can centralize setting changes for managed APs VLAN Setup Administrator can set VLAN Tag IP address and Wi Fi on off for the managed APs The AP control function supports centralized configuration of managed APs Administrator can change VLAN network Group and batch setup for managed APs ...

Page 28: ...Network 802 1d Spanning Tree Control Port The function administrator can enable or disable of the managed APs please refer to Configure Network Control Port IAPP The function administrator can enable or disable of the managed APs Please refer to Configure Network IAPP IP Setup Administrator can set IP address and Netmask of the managed APs ETH0 1 VLAN Tag Setup Administrator can set VLAN Tag or di...

Page 29: ... APs Please refer to Configure Radio 0 1 Upgrade via TFTP Server Administrator can centrally upgrade firmware via TFTP Server for the managed APs Upgrade via HTTP Server Administrator can centrally upgrade firmware via HTTP Server for the managed APs Reboot Administrator can reboot managed APs 4 2 3 AP Setup Administrator can monitor statuses and modify managed APs information VLAN Select desired ...

Page 30: ...dministrator can create Groups within the same VLAN VLAN Select VLAN Create New Group Click the button to create a new AP Group Device button Administrator can select managed APs and import them into the Group 4 2 5 Map Setup ...

Page 31: ...ap Click the button to create map Map Name Enter map name Image URL Paste Map image url Description Enter the description for the map After the Map URL setup confirmation please reboot the system Once the Map is created and properly in the Map List administrators can click the Layout button in the action tab to map out the AP network Managed APs will appear in the Device List section of the layout...

Page 32: ...V2 0 View Once complete administrators can click the View button to monitor AP statuses and locations 4 2 6 Authentication Profile ...

Page 33: ... authentication function For more details refer to Manaul 5 2 Authentication Click Dropdown to set authentication functions Refer to Manual 5 2 Authentication dropdown functions Action The button can modify or delete for the authentication profile 4 2 7 Status Administrator can monitor Tx Rx flow information show online users and check system CPU Memory information and on off line for the managed ...

Page 34: ... address Displays the IP address information of the managed AP Connection time display the operating time of the managed AP Radio information displays the frequency and channel information enabled by the managed AP Receive Shows how much packet traffic is received by the managed AP Transmission Shows how much packet traffic is transmitted by the managed AP User s Display the current number of Wi F...

Page 35: ...tations root password HTTP port number and delete MAN Mesh Divice 4 3 2 MAN Mesh Status Display the system status IP address comment I time firmware version and firmware release date of the newly added MAN Mesh Device This function is only for authorized MAN Mesh hosts in the display environment For more MAN Mesh support functions please refer to the related MAN Mesh function detailed operation ma...

Page 36: ... Flag Display master VLAN and VLAN Tag No information IP Address Display IP Address for VLAN Network NetMask Display IP netmask Radio 0 Display Radio 0 2 4G SSID name Radio 1 Display Radio 1 5G SSID name Radio 2 Display Radio 2 5G SSID name When AP mode is chosen the system can be configured as an Access Point This section provides detailed explanation for users to configure in the AP mode with he...

Page 37: ...ication too When enable this function system will only 1 VLAN and 1 ESSID Disable If chooses disable this function then client connection Ethernet port will not be intercepted using web authentication Wired client network basis on VLAN0 When disable this function system can use 16 VLAN and 16 ESSID DNS Set DNS IP address You can set the gateway IP address or external DNS IP address in the architec...

Page 38: ...istrator can Enable or Disable Radio 0 2 4G Access Point 1 Administrator can Enable or Disable Radio 1 5G Access Point 2 Administrator can Enable or Disable Radio 2 5G 802 1d Spanning Tree The spanning tree network protocol provides a loop free topology for a bridged LAN between LAN interface and 8 WDS interfaces from wds0 to wds7 The Spanning Tree Protocol which is also referred to as STP is defi...

Page 39: ...dio 1 5G Radio 2 5G security for the access point and set 802 11r fast roaming Please click pull down button 5 1 1 DHCP Server The IAPP condition must use WPA2 PSK Wi Fi security and AES algorithm That if ETH0 is set to use a VLAN tag you must enter the management interface with the same VLAN as the tag to enter the management settings Otherwise the VLAN domain is completely blocked ...

Page 40: ... domain name for this network Lease Time The IP addresses given out by the DHCP server will only be valid for the duration specified by the lease time Increasing the time ensure client operation without interruptions but could introduce potential conflicts Lowering the lease time will avoid potential address conflicts but might cause more interruptions to the client while it will acquire new IP ad...

Page 41: ...ave your changes Then click Reboot button to activate your changes 5 1 2 Bandwidth Control Administrators can set bandwidth limit the max min bandwidth of the Wi Fi users Bandwidth control can set IP MASK IP Range Port Service SIP RTP RTSP and WEB Mode Administratior can Enable or Disable the function Airtime Fairness TX RX traffic balancing if device use point to point WDS or AP mode Client Bridg...

Page 42: ...set 10 bandwidth management rule Click Save button to save your changes Then click Reboot button to activate your changes 5 1 3 Radio 0 2 4G Radio 1 5G Radio 2 5G Access Point Setup Administrator can Enable or Disable Radio 0 2 4G Radio 1 5G Radio 2 5G Wi Fi If Radio are enabled administrators can set the SSID and security for the Radio 0 2 4G and Radio 1 5G and Radio 2 5G access point ...

Page 43: ...om the drop down list the options are Open System WPA PSK WPA2 PSK and WPA WPA2 Enterprise Open System Data is not unencrypted during transmission when this option is selected WPA PSK WPA2 PSK Personal WPA WPA2 is short for W Fi Protected Access Pre Shared Key WPA WPA2 uses the same encryption way with WPA and the only difference between them is that WPA WPA2 recreates a simple shared key instead ...

Page 44: ...TK broadcast multicast encryption keys in seconds Enter the time length required the default time is 600 seconds Pass Phrase Enter the ESSID pass phrase WPS Administrator can used WPS function to link WiFi client If enabled administrator can click the WPS Push Button WPA WAP2 Enterprise Radius Server Enter the IP address of the Authentication RADIUS server Radius Port The port number used by Authe...

Page 45: ... 2 Only Allow List MAC Administrator can add wireless users MAC address in MAC list The access point will allow connection in MAC address list MAC Address Set managed MAC address of the client MAC Address List Display managed MAC address list After the above function is setup please click Save button and reboot system will apply new profile and working normally ...

Page 46: ...st roaming the wireless user equipment must support 802 11k functionality to work properly This setting must be 2 octet of hex string codes For example enter 8c4d The dual band Access Point supports 802 11r 802 11k function for 2 4G and 5G radio 802 11r which is the IEEE standard for fast roaming introduces a new concept of roaming where the initial handshake with the new AP is done even before th...

Page 47: ...ring R1 Push Administrator can select Enable or disable If enable the function will automatically sent the R1 Key R0 Key Holder To enable roaming between multiple AP devices AP1 must key in the MAC Address of AP2 and AP2 must key in the MAC Address of AP1 The NAS Identifier and 128 bit Key should be identical in both AP settings This will enable device roaming between the two Access Points MAC Add...

Page 48: ...s function used to operate in Access Point mode the function is for Web Authentication It supports authentication for local users RADIUS Server OAuth2 0 and Guest The system supports in N VLANs with web authentication Please click on System Authentication When enable web authentication function please does make the Access Point can be connected to gateway Please refer to Manaul 5 1 VLAN Setup If t...

Page 49: ... Login Administrator can set one account to multiple users simultaneously login and the users can set limit 0 not limited Login Timeout After account login for some time no traffic system will automatic timeout for account Administrator can enter a time Minutes Redirect URL After the success of the login system will redirect to URL Administrator can enter web site URL Login URL Administrator can s...

Page 50: ...port remote RADIUS Server Administrator can enter security information for remote RADIUS Server Click Save button to save your changes Then click Reboot button to activate your changes 5 2 2 Set Authentication function By Clicking the Dropdown button Administrators can set authentication functions ...

Page 51: ...this function Login Type One Time Login to start counting until the end of time Multiple Times logout time will stop counting until the next re login to time start counting Count Limit Administrator can set guest limit Login Time Within a certain timeframe with no traffic the system will auto logout QoS Administrator can restrict the traffic of guest Traffic management can set users upload and dow...

Page 52: ... password OAuth2 0 The OAuth2 0 function supports Facebook and Google by default Users can add additional OAuth2 0 servers through UI settings Display items Active Display on off status for the authentication Provider Display authentication server The system default use authentication server for Google and Facebook Google OAuth2 0 setup sample ...

Page 53: ...eps below Step 1 Please go to the Google Developers Console page and create a project Reference https developers google com identity protocols OAuth2 Step 2 Click Credentials to create OAuth client ID in the API manager page Step 3 Select web application in the Application Type section and set Restrictions URL ...

Page 54: ...n the device Please Click system Authentication and enable the function The Authentication Setup page to set Login URL After complete set of login URL go to the Restrictions function in web page Copy and paste the login URL from the system display into the Restriction page on the Google Developer website Google Authorized JavaScript origins URL is http domain0 login com same as Login URL Google Au...

Page 55: ...tors must copy and paste their client ID and secret into the OAuth 2 0 Setup page in our software UI Save and reboot the AP system complete the setup Facebook OAuth2 0 setup sample Please complete the application on the Facebook website to receive an account ID and password follow the steps below Step 1 Please to Facebook developer s page and add a New App ...

Page 56: ...V2 0 Step 2 Select WWW function Step 3 Administrator must set www for your information Step 4 Please click Setting and add Platform ...

Page 57: ...Administrator must set login URL in the device function After complete set of login URL go to the Facebook Site URL function in web page Follow the steps below to set login URLs Setup login URL in the device Please Click system Authentication and enable the function The Authentication Setup page to set Login URL ...

Page 58: ...em display into the Site URL page on the Facebook website Step 7 Click Advanced function to enable the Native or desktop app and Is App Secret embedded in the client Step 8 After completing the Facebook Site URL setup Administrators must copy and paste their App ID and App secret into the OAuth 2 0 Setup page in our software UI ...

Page 59: ...choose Enable or Disable the PoP3 authentication Display Name Set the Display Name based on the appropriate POP3 user or client Client ID and Client Secret setup by third parties such as Facebook and Google are subject to change The instructions above follow the 2016 setup procedure Any future changes to the Facebook Google process may lead to our instructions becoming invalid ...

Page 60: ...r None POP3 Server Test Use this tool to test if the POP3 server is operating correctly with your selected email 5 2 4 Customize Page This function is to customize the user Login Page This supports Multiple Language and allows comprehensive customization through HTML editing Page Setup Template Administrator can select Enable or disable Select enable to active default Login Page ...

Page 61: ...lates are available on Cerio website When using html and css and other syntax editing it is recommended that editors have html and css and other editing capabilities Cerio does not support the use of assisted teaching of grammar The field must be within 190 lines If you write the source code such as HTML CSS After a certain amount of time it is recommended to save the CSS source code to the remote...

Page 62: ...in page color i Language Administrator can create other language for login page 1 This editing html system has a certain length limit and at the same time it is not possible to upload the image file to the system so if there is CSS syntax or image file it must be uploaded to the web server first and the image file is linked by hyperlink 2 In the system s Walled Garden function you must add the IP ...

Page 63: ...ut the network access right can still have a chance to experience the actual network service free of charge in Walled Garden URL list Display Name Set name of Website IP Address Domain Set IP or Domain of the Open the website Full URL Set full website name iii Privilege Address This function provides local device can access Internet without authentication If there are some workstations belonging N...

Page 64: ...er the above function is setup please click Save button and reboot system will apply new profile and working normally iv Profile Administrator can backup current authentication configuration and login page for HTML Source code But also can recover Click Save button to save your changes Then click Reboot button to activate your changes 5 3 RADIUS Server This function only used to operate in Access ...

Page 65: ... set remote RADIUS Server use Key Click Save button to save your changes Then click Reboot button to activate your changes 5 4 RADIUS Account Setup When enabled RADIUS Server administrator can add RADIUS account and password in the function But also can recover or backup the RADIUS account Account can create 50 users limit This function only used in Access Point mode ...

Page 66: ...Radio 1 5G or Radio 2 5G application of the Access Point 5 5 1 Radio 0 2 4G Setup MAC Address Display 2 4G WiFi MAC address Country Administrator can select country US or EU or Taiwan Band Mode Administrator can select 802 11b g n for the 2 4G Band Auto Channel Administrator can Enable or Disable the function If disabled the WiFi channel will be fixed to the manually selected channel Channel Admin...

Page 67: ...X 2RX streams Administrator can select 1 or 2 TX RX The default is 2TX 2RX Channel Bandwidth The 20 40 MHz option is usually best The other option is available for special circumstances Extension Channel Sets channel select to Upper or Lower The Upper supports 1 to 7 range CH and Lower supports 5 to 11 range CH MCS This parameter represents transmission rate By default Auto the fastest possible tr...

Page 68: ...an select country US or EU or Taiwan Band Mode Administrator can select 5G Band for 802 11a n or 802 11ac The default is 802 11ac Auto Channel Administrator can Enable or Disable the function If select disabled function the WiFi channel can be manually fixed Channel Supports US and EU country 5G Channel standards Tx Power Administrator can control the WiFi Tx output power The power Max Level 9 Slo...

Page 69: ...terval is Enabled by default to increase throughput However it can also increase error rate in some installations due to increased sensitivity to radio frequency reflections Select the option that works best for your installation Aggregation By default it s Enable Select Disable to deactivate Aggregation Setting Slot Time and ACK Timeout can strengthen the long distance connection Changing the val...

Page 70: ...information of AP such as SSID channel encryption keys signal strength time stamp support data rate All the radio stations received beacon recognizes the existence of such AP and may proceed next actions if the information from AP matches the requirement Beacon is sent on a periodic basis the time interval can be adjusted By increasing the beacon interval you can reduce the number of beacons and a...

Page 71: ... body and CRC so 400 byte will be in total including headers This helps in increasing the throughput The default is 2346 RTS Threshold TRTS Threshold is in the range of 1 2347 byte The default is 2347 byte The main purpose of enabling RTS by changing RTS threshold is to reduce possible collisions due to hidden wireless clients RTS in AP will be enabled automatically if the packet size is larger th...

Page 72: ... your changes 5 5 4 WMM Setup This affects traffic flowing from the access point to the client station Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of the media being sent Queues automatically provide...

Page 73: ...VoIP and streaming media are automatically sent to this queue CWmin Minimum Contention Window This parameter is input to the algorithm that determines the initial random backoff wait time window for retry of a transmission The value specified here in the Minimum Contention Window is the upper limit in milliseconds of a range from which the initial random backoff wait time is determined CWmax Maxim...

Page 74: ...licy WMM defines two ACK policies Normal ACK and No ACK Click Checkbox indicates No ACK When the no acknowledgement No ACK policy is used the recipient does not acknowledge received packets during wireless packet exchange This policy is suitable in the environment where communication quality is fine and interference is weak While the No ACK policy helps improve transmission efficiency it can cause...

Page 75: ...V2 0 ...

Page 76: ...WDS links VLAN Setup The WDS aisle support Multi tag VALN Click Save button to save your set function Then click Reboot button to activate your changes 5 5 6 WDS Status Displays 2 4G and 5G radio WDS link status through MAC and Date TX RX Please click on Wireless WDS status WDS considerations 1 When two wireless APs want to use WDS connection the channels of the two must be the same 2 If the two b...

Page 77: ...isplay connected MAC Address Rate TX RX Display Tx Rx rate of the point to point RSSI Display signal connection value of RSSI Click Save button to save your set function Then click Reboot button to activate your changes ...

Page 78: ... setup VLAN and DHCP server in the system menu This section provides detailed explanation for users to configure in the Client Bridge Mode and Repeater AP function with help of illustrations 6 1 Configure LAN Setup Here are the instructions for how to setup the local IP Address and Netmask Please click on System LAN and follow the below setting ...

Page 79: ...Enter IP address of domain name service Primary DNS The IP address of the primary DNS server Secondary The IP address of the secondary DNS server 802 1d Spanning Tree The spanning tree network protocol provides a loop free topology for a bridged LAN between LAN interface and 8 WDS interfaces from wds0 to wds7 The Spanning Tree Protocol which is also That when using a dynamic IP the system will aut...

Page 80: ... default DHCP Forward is disabled in Client Bridge devices This function must be enabled to allow clients connecting to the Client Bridge device to receive IP Addresses from the source AP Click Save button to save your set function Then click Reboot button to activate your changes 6 2 Configure DHCP Setup The DHCP Service function in the Client Bridge device can select a separate IP Address range ...

Page 81: ...given out by the DHCP server will only be valid for the duration specified by the lease time Increasing the time ensure client operation without interruptions but could introduce potential conflicts Lowering the lease time will avoid potential address conflicts but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server Default is 86400 seconds DHCP...

Page 82: ... set function Then click Reboot button to activate your changes 6 3 Wireless General Setup The main setup Client Bridge connection to AP Station and Repeater AP functions setting MAC filter WMM and 802 11r 802 11k Fast Roaming etc in wireless menu When the upper limit of the 2 4G frequency is used the repeater AP will only be able to use the other two 5G extension Repeater AP APs If the upper end ...

Page 83: ...etween level 1 to level 9 the unit is for your environment If you are not sure which setting to choose then keep the default setting level 9 100 Slot Timout You can enter the slot time value here When the distance is long or short the waiting time for packet transmission will be adjusted fast and slow Distance When the Distance button is clicked the point to point bridge distance can be entered Th...

Page 84: ...egation By default it s Enable To Disable to deactivated Aggregation A part of the 802 11n standard or draft standard It allows sending multiple frames per single access to the medium by combining frames together into one larger frame It creates the larger frame by combining smaller frames with the same physical source and destination end points and traffic class i e QoS into one large frame with ...

Page 85: ...on the WiFi channel can be fixed a channel Channel Support US EU Taiwan country by 5G Channel Tx Power Administrator can control the WiFi Tx output power The power Max Level 9 Slot Timout You can enter the slot time value here When the distance is long or short the waiting time for packet transmission will be adjusted fast and slow Distance When the Distance button is clicked the point to point br...

Page 86: ...of selecting the speed if necessary Shout GI Short Guard Interval by default it s Enable it s can increase throughput However it can also increase error rate in some installations due to increased sensitivity to radio frequency reflections Select the option that works best for your installation Setting Slot Time and ACK Timeout can strengthen the long distance connection Changing the value can opt...

Page 87: ...our changes 6 3 3 Advanced Setup Beacon Interval Beacon Interval is in the range of 40 3500 and set in unit of millisecond The default value is 100 msec Access Point AP in IEEE 802 11 will send out a special approximated 50 byte frame called Beacon Beacon is broadcast to all the stations provides the basic information of AP such as SSID channel encryption keys signal strength time stamp support da...

Page 88: ...old will be used when we have more data packet size to be transmitted and we have less fragment threshold value Let s say from Ethernet we have to send 1400 byte packet but the fragmentation threshold is set as 400 In this case when the packet is to be transmitted on air it will fragment the packet in to 4 small packet 400 400 400 200 and send on air This includes MAC header frame body and CRC so ...

Page 89: ...et function Then click Reboot button to activate your changes 6 3 4 WMM Setup His affects traffic flowing from the access point to the client station Configuring QoS options consists of setting parameters on existing queues for different types of wireless traffic You can configure different minimum and maximum wait times for the transmission of packets in each queue based on the requirements of th...

Page 90: ...is not time sensitive is sent to this queue FTP data for example AC_BE Best Effort Medium Medium throughput and delay Most traditional IP data is sent to this queue AC_VI Video High Minimum delay Time sensitive video data is automatically sent to this queue AC_VO Voice High Time sensitive data like VoIP and streaming media are automatically sent to this queue CWmin ...

Page 91: ...ions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for AP that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM bit Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it means that the ACM is controlled by the connecting AP If you click Ch...

Page 92: ...on and select want to link the AP station please click site survey button If want to discovery 2 4G station then administrator need to enable station mode in Radio 0 2 4G function page reference manual 6 3 1 Radio 0 Basic Setup Same practice if want to discovery 5G station will need to enable station mode in Radio 1 5G Radio 2 5G function page reference manual 6 3 2 Radio 1 5G Radio 2 5G Basic Set...

Page 93: ...Maximum number of client associations Access Point Administrator can Enable or Disable the Repeater AP function If Security Cipher selected or set PassPhrase is wrong it will not be able to bridge normally 1 If want to use Repeater AP function then Clinet Bridge must determine connection to Access Point then Repeater AP can operate normally 2 The default is enabling of Repeater AP If want to used ...

Page 94: ...Fi Protected Access Pre Shared Key WPA WPA2 uses the same encryption way with WPA and the only difference between them is that WPA WPA2 recreates a simple shared key instead of using the user s certification WPA Mode Administrator can select security for Auto or only WPA or only WPA2 Cipher Type Administrator can select use AES or TKIP with WPA WPA2 encryption method AES is short for Advanced Encr...

Page 95: ...eys in seconds Enter the time length required the default time is 600 seconds Pass Phrase Enter the ESSID pass phrase Click Save button to save your set function Then click Reboot button to activate your changes 6 3 7 MAC Filter Setup Administrator can setup allow or reject WiFi clients MAC address to access Repeater AP Rule Select the desired access control type from the drop down list the option...

Page 96: ... will be granted for all the remaining clients Action Type is set to Only Deny List MAC MAC Address Enter MAC Address for WiFi Clients MAC Address List Display the MAC address of WiFi Clients Click Save button to save your set function Then click Reboot button to activate your changes 6 3 8 802 11r Fast Roaming Setup The system support 802 11r 802 11k function for 2 4G and 5G radio 802 11r which i...

Page 97: ...as_identifier must be set and must be between 1 and 48 octets long R1 Identifier PMK R1 Key Holder identifier 6 octet identifier as a hex string R1 Push Administrator can select Enable or disable If enable the function will automatically sent the R1 Key R0 Key Address To enable roaming between multiple AP devices AP1 must key in the MAC Address of AP2 and AP2 must key in the MAC Address of AP1 The...

Page 98: ...ey Holder List Enter a unified set of R1 Key Holder identification certification MAC Address Enter the main roaming device MAC address R1 Identifier Enter Shared identifier 128 bit Key Enter Shared Key of 128 bit R1 Key Holder List After setting R1 Key holders function the information will appear in list Click Save button to save your set function Then click Reboot button to activate your changes ...

Page 99: ...Repeater AP function 7 1 Configure WAN Setup There are four connection types for the WAN port Static IP Dynamic IP PPPoE and PPTP Please click on System WAN and follow the below setting WAN Setting WISP Mode is a router function if the Telecom company permits wireless connection to their WAN administrators can change the CenOS 5 0 AP to WISP Mode to connect to the wifi network The WISP Mode suppor...

Page 100: ...associate with WISP AP before a dynamic IP along with related IP settings If IP Address is not assigned please double check with your wireless settings and ensure successful association Also you may go to WAN Information in the Overview page to click Release button to release IP address and click Renew button to renew IP address again Hostname The Hostname of the WAN port PPPoE To create wireless ...

Page 101: ...rnet PPTP The Point to Point Tunneling Protocol PPTP mode enables the implementation of secure multi protocol Virtual Private Networks VPNs through public networks User Name Enter account for PPTP Password Enter user name account used password for PPTP PPTP Server IP Enter remote IP address of PPTP Server WAN IP The IP address of the WAN port Netmask The Subnet mask of the WAN port MTU By default ...

Page 102: ...AC Clone The MAC address is a 12 digit HEX code uniquely assigned to hardware as identification Some ISPs require you to register a MAC address in order to access to Internet If not you could use default MAC or clone MAC from a PC Default MAC Address Keep the default MAC address of WAN port on the system Manual MAN Address Enter the MAC address registered with your ISP DNS Check No Default DNS Ser...

Page 103: ...he system to use Dynamic IP If there is a DHCP server on the top you can use the dynamic IP address to let the system obtain a set of IP automatically Static IP That when using a dynamic IP the system will automatically obtain the IP address sent by DHCP and the obtained IP address will be obtained after the operation is confirmed by the upper DHCP server Obtaining the IP address is not fixed For ...

Page 104: ...dary The IP address of the secondary DNS server 802 1d Spanning Tree The spanning tree network protocol provides a loop free topology for a bridged LAN between LAN interface and 8 WDS interfaces from wds0 to wds7 The Spanning Tree Protocol which is also referred to as STP is defined in the IEEE Standard 802 1d DHCP Forward When the AP Mode device and Client Bridge AP are linked and DHCP Service is...

Page 105: ...o the Client Bridge device to receive IP Addresses from the source AP Click Save button to save your set function Then click Reboot button to activate your changes 7 3 Configure DHCP Setup The DHCP Service function in the Client Bridge device can select a separate IP Address range within the same network segment of the source AP and allocate those IP Addresses to connecting clients ...

Page 106: ...terruptions but could introduce potential conflicts Lowering the lease time will avoid potential address conflicts but might cause more interruptions to the client while it will acquire new IP addresses from the DHCP server Default is 86400 seconds DHCP Clients List When users link to CenOS 5 0 AP and use IP address of the DHCP service the DHCP Client List will display users the information and us...

Page 107: ...11k Fast Roaming etc in wireless menu 7 4 1 Radio 0 2 4G Basic Setup Administrator can change the data transmission channel and output power settings for the system When the upper limit of the 2 4G frequency is used the repeater AP will only be able to use the other two 5G extension Repeater AP APs If the upper end AP with a Radio 1 5G frequency is used the repeater AP will only Use 2 4G and anoth...

Page 108: ...ket transmission will be adjusted fast and slow Distance When the Distance button is clicked the point to point bridge distance can be entered The system will automatically calculate the ideal reference value for the Slot Time and ACK Timeout The input distance is calculated in units meters ACK Timout When waiting for the ACKnowledgment frame interval is too long to be received the ACK will be ret...

Page 109: ...n A part of the 802 11n standard or draft standard It allows sending multiple frames per single access to the medium by combining frames together into one larger frame It creates the larger frame by combining smaller frames with the same physical source and destination end points and traffic class i e QoS into one large frame with a common MAC header Aggregation Frames Set frames size of Aggregati...

Page 110: ...ransmission will be adjusted fast and slow Distance When the Distance button is clicked the point to point bridge distance can be entered The system will automatically calculate the ideal reference value for the Slot Time and ACK Timeout The input distance is calculated in units meters ACK Timout When waiting for the ACKnowledgment frame interval is too long to be received the ACK will be retransm...

Page 111: ...regation By default it s Enable To Disable to deactivated Aggregation A part of the 802 11n standard or draft standard It allows sending multiple frames per single access to the medium by combining frames together into one larger frame It creates the larger frame by combining smaller frames with the same physical source and destination end points and traffic class i e QoS into one large frame with...

Page 112: ...nment as a mechanism to fulfill power saving synchronization A DTIM interval is a count of the number of beacon frames that must occur before the access point sends the buffered multicast frames For instance if DTIM Interval is set to 3 then the Wi Fi clients will expect to receive a multicast frame after receiving three Beacon frame The higher DTIM interval will help power saving and possibly dec...

Page 113: ...d In wireless WLAN technology greenfield mode is a feature of major components of the 802 11n specification The greenfield mode feature is designed to improve efficiency by eliminating support for 802 11b g devices in an all draft n network In greenfield mode the network can be set to ignore all earlier standards RF on off by schedule Administrator can apply Time Policy to on or off wireless signa...

Page 114: ...ultimedia are given effectively higher priority for transmission lower wait times for channel access while other applications and traditional IP data which are less time sensitive but often more data intensive are expected to tolerate longer wait times ...

Page 115: ...n interval of time when a WME AP has the right to initiate transmissions onto the wireless medium WM This value specifies in milliseconds the Transmission Opportunity TXOP for AP that is the interval of time when the WMM AP has the right to initiate transmissions on the wireless network ACM bit Admission Control Mandatory ACM only takes effect on AC_VI and AC_VO When you do not click Checkbox it m...

Page 116: ... deteriorates This is because when this policy is used a sender does not retransmit packets that have not been received by the recipient When the Normal ACK policy is used the recipient acknowledges each received uncast packet Click Save button to save your set function Then click Reboot button to activate your changes 7 4 5 Station Setup The functions setting functions include Client Bridge link ...

Page 117: ...ect ESSID security Cipher type and pass phrase Click Save button to save your set function Then click Reboot button to activate your changes If want to discovery 2 4G station then administrator need to enable station mode in Radio 0 2 4G function page reference manual 7 3 1 Radio 0 Basic Setup Same practice if want to discovery 5G station will need to enable station mode in Radio 1 5G Radio 2 5G f...

Page 118: ...s function is Disabled by default If select Enable Administrator can limit Wi Fi users the Quantity Authentication Select the desired security type from the drop down list the options are WPA PSK WPA2 PSK WPA WPA2 Enterprise and WEP 802 1X 4 If want to use Repeater AP function then Clinet Bridge must determine connection to Access Point then Repeater AP can operate normally 5 The default is enabli...

Page 119: ...ransformation rounds that convert the input plaintext into the final output of ciphertext Each round consists of several processing steps including one that depends on the encryption key A set of reverse rounds are applied to transform ciphertext back into the original plaintext using the same encryption key TKIP is short for Temporal Key Integrity Protocol TKIP scrambles the keys using a hashing ...

Page 120: ...ess Repeater AP Rule Select the desired access control type from the drop down list the options are Disable Allow or Reject Only Allow List MAC Define certain wireless clients in the list which will have granted access to the Access Point while the access will be denied for all the remaining clients ...

Page 121: ...ess Enter MAC Address for WiFi Clients MAC Address List Display the MAC address of WiFi Clients Click Save button to save your set function Then click Reboot button to activate your changes 7 4 8 802 11r Fast Roaming Setup The system support 802 11r 802 11k function for 2 4G and 5G radio 802 11r which is the IEEE standard for fast roaming introduces a new concept of roaming where the initial hands...

Page 122: ...ifier 6 octet identifier as a hex string R1 Push Administrator can select Enable or disable If enable the function will automatically sent the R1 Key R0 Key Address To enable roaming between multiple AP devices AP1 must key in the MAC Address of AP2 and AP2 must key in the MAC Address of AP1 The NAS Identifier and 128 bit Key should be identical in both AP settings This will enable device roaming ...

Page 123: ...ain roaming device MAC address R1 Identifier Enter Shared identifier 128 bit Key Enter Shared Key of 128 bit R1 Key Holder List After setting R1 Key holders function the information will appear in list Click Save button to save your set function Then click Reboot button to activate your changes ...

Page 124: ...ence over the DMZ rule In order to use a range of ports available to access to different internal hosts Virtual Server rules are needed Automatic Assignment Enter Internal IP address of DMZ host and only one DMZ host is supported Internal IP Address Enter Virtual IP for service device Static Assignment Enter external and internal IP address of DMZ host The function only external IP to Internal IP ...

Page 125: ...can select Enable or Disable the service Comment Enter the description of IP filter rule Policy Administrator can select the IP flow rule of Deny or Pass In Out Administrator can select the IP flow rule of In out bound Protocol Set used service Port of TCP UDP or ICMP Source Address Mask Enter desired source IP address and netmask i e 192 168 2 10 32 or 192 168 2 10 255 255 255 0 Source Port Enter...

Page 126: ...or Allow Deny The MAC Filter List will be denied to access LAN to WAN Others will be allowed Allow The MAC Filter List will be allowed to access LAN to WAN Others will be denied Comment Enter the description of MAC filter rule MAC Address Enter MAC address e g aa bb cc 00 00 0a and click Add button then the MAC address should display in the MAC Filter List Policy Administrator can select to use ru...

Page 127: ...ant to assign ports 21 25 to one FTP Telnet and SMTP server A in the example and port 80 to another B in the example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet Please click Edit button to setting Virtual Server rules Active Administrator can select Virtual server rule to Enable or disable Comment Enter the descrip...

Page 128: ...s Control function administrator can to block or allow specific kinds of TCP UDP ICMP protocol such as Internet access designated services and websites The Access Control function can set 20 profiles Please click on Advance Access Control and follow the below setting Display access control list Active Display Active or InActive for the access control rule Comment Display information for the rule P...

Page 129: ...cal IP IP range go to destination IP IP range and use protocol TCP Deny TCP Protocol Administrator can set TCP protocol and assign IP IP range UDP Deny UDP Protocol Administrator can set UDP protocol and assign IP IP range ICMP Deny ICMP Protocol Administrator can assign IP IP range Content Filter Administrator can set web Keyword to filter Application System built in multiple applications data Ad...

Page 130: ...grade ping tools and system reset to default or reboot system 8 1 Profile Setting This Functions purpose is to backup current configuration restore prior configuration or reset back to factory default configurations Please click on Utilities Profile Setting and follow the below setting ...

Page 131: ...ct Successful loading message Then click Reboot button to activate 8 2 System Upgrade Firmware is the main software image that system needs to respond to requests and to manage real time operations Firmware upgrades are sometimes required to include new features or bugs fix It takes around 2 minutes to upgrade due to complexity of firmware To upgrade system firmware click Browse button to locate t...

Page 132: ...nnection for firmware update operations 2 During the update process please do not turn off or power off the system 3 Make sure to update using a compatible web browser to avoid update failures 4 After the update is complete make sure to perform a factory default reset operation and restart the wireless AP mode 5 5 If the update operation is not performed according to the above steps if the update ...

Page 133: ...ompany first and then enter the authorization code to start MAN Mesh 8 4 Network Utility The administrator can diagnose network connectivity via the PING or TRACEROUTE utility Please click on Utilities Network Utility and follow the below setting Ping This utility will help ping other devices on the network to verify connectivity Ping utility using ICMP packets detects connectivity and latency bet...

Page 134: ...ould be used for the finding the route taken by ICMP packets across the network to the destination host The test is started using the Start button click Stop button to stopped test Destination Host Specifies the Destination Host for the finding the route taken by ICMP packets across the network MAX Hop Specifies the maximum number of hops max time to live value trace route will probe 8 5 Reboot Th...

Page 135: ...w Detailed information on System Network can be reviewed via this page The status mainly displays system related information including system network information wireless AP information and wireless user connection information ...

Page 136: ...k settings Information Shows the performance memory usage of the total CPU space used by the current system and the current number of connected wireless users Radio 0 Radio 1 Radio 2 wireless Information Displays the basic operating mode information of the current Radio 0 2 4GHz Radio 1 5GHz Radio 2 5GHz wireless AP ...

Page 137: ...V2 0 9 2 Wireless Client The page can be display Wireless user information link to access point Administrator can monitor MAC address rate and RSSI for the wireless users In addition to CAP mode ...

Page 138: ... Users Count Display the VLAN network connected user s amount Download Packets Display total download packets amount information of the VLAN Upload Packets Display total upload packets amount information of the VLAN Download Bytes Display total download flow information of the VLAN Upload Bytes Display total upload flow information of the VLAN Action Administrator can click Detail button to monito...

Page 139: ... 9 4 Authentication Log The authentication log can monitor account login logout type and account use time This page only used AP mode Date Administrator can select dates VLAN Administrator can select VLANs Detall Administrator can clicl button to open detall information 9 5 System Log This function works in the wireless AP mode When the web authentication function is activated the current connecti...

Page 140: ...xperienced in system Time The date and time when the event occurred Facility It helps users to identify source of events such System or User Severity Severity level that a specific event is associated such as info error warning etc Message Description of the event Click Refresh button to renew the log Click Clear button to clear all the record ...

Page 141: ...ase refer to the manual 5 5 6 WDS Status to confirm the RSSI value The value If show to 1 indicates that the connection is not successful please re confirm whether the configuration file follows the above instructions or between APs Signals are blocked by interference 5 Please refer to WDS setting page please set the MAC address information of other wireless for the wireless AP correctly If two br...

Page 142: ... the steps below to easily complete the sample login page Step 1 Start the web page authentication function first and in the System settings Authentication function refer to Manual 5 2 Authentication function Step 2 After confirming the activation you can choose what type of login account to use This step uses Local User as an example and will enable to create a Local User After confirming the act...

Page 143: ...lf please refer to step 7 If you want to edit the webpage by yourself it is recommended that the administrator must have the basic ability to make webpages in HTML CSS This department has no responsibility for webpage syntax guidance Step 4 If you want to use the preset authentication page you can refer to the instruction manual 5 2 4 Customized Page you will be able to set the preset Format for c...

Page 144: ...n below second server URL www serio com tw so please make sure Enter into Walled Garden Step 6 Go to the company s Cerio website to download the sample file first And open your download sample select all the HTML syntax and copy it then paste it on the custom edit page of the system and save it Download example address www cerio com tw eng extreme indoor customized page ...

Page 145: ...ownloaded source code into the field save and restart the device and you can finish editing the login page Login page for template below Close Template first then copy the sample html_code syntax and replace it in the HTML source code edit Customize HTML Source code bar ...

Page 146: ...V2 0 ...

Page 147: ...he syntax and then add display none style as the following example find the ID code of the field to be hidden by the browser for example to hide the Please Sign in description then find out its Class ID as shown below 1 This part must be within 190 lines If the written HTML CSS and other source code exceeds a certain line it is recommended to save the CSS source code to the remote Web server and t...

Page 148: ...V2 0 Add style form signin heading display none style in the head to hide the description Please Sign in as shown in the figure below and find the Please Sign in word disappeared and so on ...

Page 149: ...Hostname Length 32 0 9 A Z a z _ DHCP Server Start IP IP Format 1 254 End IP IP Format 1 254 DNS1 IP IP Format 1 254 DNS2 IP IP Format 1 254 WINS IP IP Format 1 254 Domain Length 32 0 9 A Z a z _ Lease Time 600 99999999 Table B WEB GUI Valid Characters continued Block Field Valid Characters Management System Name Location Length 32 0 9 A Z a z Space _ Description 32 chars Password Length 4 30 0 9 ...

Page 150: ..._ WEP Key 10 26 HEX chars or 5 13 ASCII chars Pre shared Key 8 63 ASCII chars 64 HEX chars Advanced Setup Beacon Interval 20 1024 Date Beacon Rate 1 255 Fragment Threshold 256 2346 RTS Threshold 1 2347 Table B WEB GUI Valid Characters continued Block Field Valid Characters Virtual AP Setup ESSID Length 31 Space 0 9 A Z a z _ Maximum Clients 1 32 VLAN ID 1 4094 WEP Key 10 26 HEX chars or 5 13 ASCII...

Page 151: ...3 ASCII chars 64 HEX chars Peer s MAC Address 12 HEX chars Description 32 chars IP Filter Source Address IP Format 1 254 Source Mask 0 32 Source Port 1 65535 Destination Address IP Format 1 254 Destination Mask 0 32 Destination Port 1 65535 MAC Filter MAC address MAC Format 12 HEX chars Virtual Server Description 32 chars Private IP IP Formate 1 254 Private Public Port 1 65535 ...