Comtrend Corporation WLC-6404, User Manual

Page 1: ...NMS USER MANUAL WAP EN Series Wireless Access Points Version 1 2 June 2017 ...

Page 2: ...r the terms of the GNU General Public License as published by the Free Software Foundation either version 3 of the License or at your option any later version This program is distributed in the hope that it will be useful but WITHOUT ANY WARRANTY without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE See the GNU General Public License for more details You should h...

Page 3: ...o 5 access points or on a Wireless LAN Controller WLC and support up to 50 access points Access points can be deployed and configured according to your requirements This flexibility creates a powerful network architecture which can be easily managed and expanded in the future The easy to use interface and a full range of functionality make the NMS system ideal for small and mid sized office enviro...

Page 4: ...NMS MONITOR 24 IV 4 1 Access Point 24 IV 4 1 1 Managed AP 24 IV 4 1 2 Managed AP Group 26 IV 4 2 WLAN 28 IV 4 2 1 Active WLAN 28 IV 4 2 2 Active WLAN Group 29 IV 4 3 Clients 29 IV 4 3 1 Active Clients 29 IV 4 4 Users 30 IV 4 4 1 Active Users 30 IV 4 4 2 Users Log 30 IV 4 5 Rogue Devices 31 IV 4 6 Information 32 IV 4 6 1 All Events Activities 32 IV 4 6 2 AP Monitoring 32 IV 4 6 3 SSID Overview 33 3...

Page 5: ...t Settings 86 IV 6 1 3 VLAN 87 IV 6 2 2 4GHz 11bgn Not available on the WLC 6404 88 IV 6 2 1 Basic 88 IV 6 2 2 Advanced 89 IV 6 2 3 Security 91 IV 6 2 3 1 No Authentication 92 IV 6 2 3 2 WEP 92 IV 6 2 3 3 IEEE802 1x EAP 93 IV 6 2 3 4 WPA PSK 93 IV 6 2 3 5 WPA EAP 93 IV 6 2 3 6 Additional Authentication 94 IV 6 2 4 WDS 95 IV 6 3 5GHz 11ac 11an Not available on the WLC 6404 97 IV 6 3 1 Basic 97 IV 6...

Page 6: ...e on the WLC 6404 121 IV 7 2 3 Wireless Monitor Not available on the WLC 6404 122 IV 7 2 4 Log 123 IV 7 3 Management 125 IV 7 3 1 Admin 125 IV 7 3 2 Date and Time 127 IV 7 3 3 Syslog Server 128 IV 7 3 4 I m Here 129 IV 7 4 Advanced 130 IV 7 4 1 LED Settings 130 IV 7 4 2 Update Firmware 130 IV 7 4 3 Save Restore Settings 132 IV 7 4 4 Factory Default 133 IV 7 4 5 Reboot 133 IV 8 Toolbox 134 IV 8 1 N...

Page 7: ...naged from an EN Series Wireless Access Point in AP Controller Mode or 50 APs can be managed from a dedicated WLC 6404 Wireless Access Point Controller Follow the steps below 1 Connect all APs to an Ethernet or PoE switch which is connected to a gateway router You can use your router as a DHCP server or you can later configure your AP Controller as a DHCP server 2 Ensure all APs are powered on and...

Page 8: ...either 192 168 2 1 or 192 168 2 2 DHCP is enabled on the access point by default Consult the DHCP Table of your network for the Controller s IP Address If no DHCP Service is found the access point will default to the default IP address listed in the User Manual Typical default IP addresses are either 192 168 2 1 or 192 168 2 2 Your computer s IP address must be in the same subnet as the AP Control...

Page 9: ...drop down menu to initiate Controller Mode 8 Click Apply to save the settings 9 Your Controller AP Managed APs should be fully functional Use the top menu to navigate around the NMS Use Local Network Local Settings to configure your Controller AP Use Dashboard Zone Plan NMS Monitor NMS Settings to configure Managed APs Use Toolbox to diagnose connection issues ...

Page 10: ...vary depending on your configuration and device being used as a controller Dashboard The Dashboard panel displays an overview of your network and key system information with quick links to access configuration options for Managed APs and Managed AP groups Each panel can be refreshed collapsed or moved according to your preference Available settings will vary depending on the device being used as a...

Page 11: ...dit Options can be configured using the menu on the right side and signal strength is displayed for each AP Available settings will vary depending on the device being used as an AP Controller NMS Monitor The NMS Monitor panel provides more detailed monitoring information about the AP Array than found on the Dashboard grouped according to categories in the menu down the left side Available settings...

Page 12: ... across multiple access points The Zone Plan can also be configured using Zone Edit Available settings will vary depending on the device being used as an AP Controller Local Network Local Network settings are for your AP Controller You can configure the IP address and DHCP server of the AP Controller in addition to 2 4GHz 5Ghz Wi Fi and security with WPS RADIUS server MAC filtering and WMM setting...

Page 13: ...cal Settings are for your AP Controller You can set the operation mode and view network settings clients and logs specifically for the AP Controller as well as other management settings such as date time admin accounts firmware and reset Available settings will vary depending on the device being used as an AP Controller ...

Page 14: ...14 Toolbox The Toolbox panel provides a network diagnostic tools ping and trace route ...

Page 15: ...Managed APs LOGIN 1 Connect a computer to the designated AP Controller using an Ethernet cable 2 Open a web browser and enter the AP Controller s IP address in the address field The default IP address is listed in the User Manual for your controller Typically it is either 192 168 2 1 or 192 168 2 2 Your computer s IP address must be in the same subnet as the AP Controller Refer to V 1 Configuring ...

Page 16: ...ddress 3 Enter the username password to login The default username password are admin 1234 RESTART You can restart your AP Controller or any Managed AP using the NMS To restart your AP Controller go to Local Settings Advanced Reboot and click Reboot To restart Managed APs click the Restart icon for the specified AP on the Dashboard ...

Page 17: ...verview of your AP array Use the blue icons above to refresh or collapse each panel in the dashboard Click and drag to move a panel to suit your preference You can set the dashboard to auto refresh every 1 minute 30 seconds or disable auto refresh ...

Page 18: ...ler Product Name model Host Name MAC Address IP Address Firmware Version System Time Uptime CPU Usage and Memory Usage IV 2 2 Devices Information Devices Information is a summary of the number of all devices in the local network Access Points Clients Connected and Rogue unidentified Devices ...

Page 19: ...on displays grey disconnected yellow connecting or green connected for each Managed AP Each Managed AP has Action icons with the following functions 1 Disallow Remove the Managed AP from the AP array and disable connectivity 2 Edit Edit various settings for the Managed AP refer to IV 5 1 Access Point 3 Blink LED The Managed AP s LED will flash temporarily to help identify locate access points 4 Bu...

Page 20: ...Group Type in the search box and the list will update The Status icon displays grey disconnected yellow connecting or green connected for each individual Managed AP Each Managed AP has Action icons with the following functions 1 Disallow Remove the Managed AP from the AP array and disable connectivity 2 Edit Edit various settings for the Managed AP refer to IV 5 1 Access Point 3 Blink LED The Mana...

Page 21: ...ccess point and Status on or off The search function can be used to locate a specific client Type in the search box and the list will update IV 2 6 Active Users Active Users displays information about each user in the local network Index reference number User Name MAC Address IP Address SSID Creator Creation Time Expire Time Usage Percentage Vendor Platform and Action The search function can be us...

Page 22: ...adjustments and mouse over an AP icon in the zone map to see more information Click an AP icon in the zone map to select it and display action icons Click and drag an AP icon to move the icon around the zone map The signal strength for each AP is displayed according to the Signal key in the menu on the right side Location Select a pre defined location from the drop down menu When you upload a loca...

Page 23: ...boxes to display APs according to 2 4GHz or 5GHz wireless radio frequency Signal Signal strength key for the signal strength display around each AP in the zone map Zoom Use the slider to adjust the zoom level of the map Transparency Use the slider to adjust the transparency of location images Scale Zone map scale Device Number Displays number and type of devices in the zone map ...

Page 24: ...l update The Status icon displays the status of each Managed AP Status Icons Icon Color Status Definition Grey Disconnected Managed AP is disconnected Check the network connection and ensure the Managed AP is in the same IP subnet as the AP Controller Red Authentication Failed Or Incompatible NMS Version System security must be the same for all access points in the AP array Please check security s...

Page 25: ...he following functions 1 Disallow Remove the Managed AP from the AP array and disable connectivity 1 Edit Edit various settings for the Managed AP refer to IV 5 1 Access Point 2 Blink LED The Managed AP s LED will flash temporarily to help identify locate access points 3 Buzzer The Managed AP s buzzer will sound temporarily to help identify locate access points 4 Network Connectivity Go to the Net...

Page 26: ...ettings Access Point refer to IV 5 1 Access Point The search function can be used to locate a specific Managed AP Group Type in the search box and the list will update The Status icon displays grey disconnected red authentication failed incompatible NMS version orange upgrading firmware yellow connecting green connected or blue waiting for approval for each individual Managed AP Refer to IV 4 1 1 ...

Page 27: ...Managed AP s LED will flash temporarily to help identify locate access points 5 Buzzer The Managed AP s buzzer will sound temporarily to help identify locate access points 6 Network Connectivity Go to the Network Connectivity panel to perform a ping or traceroute 7 Restart Restarts the Managed AP ...

Page 28: ...y Index reference number Name SSID VLAN ID Authentication Encryption IP Address and Additional Authentication To configure encryption and VLANs for Managed APs go to NMS Settings WLAN The search function can be used to locate a specific SSID Type in the search box and the list will update ...

Page 29: ...4 3 Clients IV 4 3 1 Active Clients Displays information about clients currently connected to the AP Array Index reference number Client MAC Address AP MAC Address WLAN SSID User Name Radio 2 4GHz or 5GHz Signal Strength received by Client Connected Time Idle Time Tx Rx Data transmitted and received by Client in KB and the Vendor of the client device You can set or disable the auto refresh time fo...

Page 30: ...dor and Platform of the user device The search function can be used to locate a specific client Type in the search box and the list will update IV 4 4 2 Users Log Displays a detailed information log of users and activity on the network via guest portals ID Date and Time of entry Category of entry Severity Users Event Activities details The search function can be used to locate a specific client Ty...

Page 31: ...work Click Start to scan for rogue devices Unknown Rogue Devices displays information about rogue devices discovered during the scan Index reference number Channel SSID MAC Address Security Signal Strength Type Vendor and Action The search function can be used to locate a known rogue device Type in the search box and the list will update ...

Page 32: ... log IV 4 6 2 AP Monitoring Displays graphical monitoring information about access points in the Array for 2 4GHz 5GHz Traffic Tx data transmitted in MB Traffic Rx data received in MB No of Clients Wireless Channel Tx Power wireless radio power CPU Usage and Memory Usage Use the drop down menus to select an access point and date You can set or disable the auto refresh time for the data ...

Page 33: ... transmitted in Kbps Traffic Rx data received in Kbps and also the Client Number for each SSID You can use Refresh to run the manual refresh 2 4GHz 5GHz Traffic shows currently how much Tx Rx traffic in KBps utilized in each SSID The blue diagram represents the 2 4GHz radio band and the green diagram represents the 5GHz radio band ...

Page 34: ...34 Client Number shows currently how many current users on each SSID The blue diagram represents the 2 4GHz radio band and the green diagram represents the 5GHz radio band ...

Page 35: ...he list will update The Status icon displays grey disconnected red authentication failed incompatible NMS version orange upgrading firmware yellow connecting green connected or blue waiting for approval for each individual Managed AP Refer to IV 4 1 1 Managed AP Status Icons for full descriptions The Action icons enable you to allow or disallow an access point Select an access point or access poin...

Page 36: ...icon for the specified access point Edit Access Point Configure your selected access point on your LAN You can set the access point as a DHCP client or specify a static IP address for your access point and assign the access point to an AP group as well as edit 2 4GHz 5GHz wireless radio settings An events log is displayed at the bottom of the page You can also use Profile Settings to assign the ac...

Page 37: ...s Assignment Select DHCP Client for your access point to be assigned a dynamic IP address from your router s DHCP server or select Static IP to manually specify a static fixed IP address for your access point below Check the box Override Group Setting if the AP is a member of an AP Group and you wish to use a different setting than the AP Group setting IP Address Specify the IP address here This I...

Page 38: ...er Defined to manually enter a value For static IP users the default value is blank Secondary DNS DHCP users can select From DHCP to get secondary DNS server s IP address from DHCP or User Defined to manually enter a value For static IP users the default value is blank Radio Settings Wireless Enable or disable the access point s 2 4GHz or 5GHz wireless radio When disabled no SSIDs on that frequenc...

Page 39: ...lly select based on interference level BSS BasicRateSet Set a Basic Service Set BSS rate this is a series of rates to control communication frames for wireless clients These settings are for experienced users only Please do not change any of the values on this page unless you are already familiar with these functions Changing these settings can adversely affect the performance of your access point...

Page 40: ...ireless radio The default value is 1 RTS Threshold Set the RTS threshold of the wireless radio The default value is 2347 Fragment Threshold Set the fragment threshold of the wireless radio The default value is 2346 Multicast Rate Set the transfer rate for multicast packets or use the Auto setting Tx Power Set the power output of the wireless radio You may not require 100 output power Setting a low...

Page 41: ...r selected access point group Access point group settings apply to all access points in the group unless individually set to override group settings You can use Profile Group Settings to assign the access point group to WLAN RADIUS and Access Control groups The Group Settings panel can be used to quickly move access points between existing groups select an access point and use the drop down menu o...

Page 42: ...ction will automatically set the wireless channel for the access point group s 2 4GHz or 5GHz frequency based on availability and potential interference When disabled select a channel manually Auto Pilot Range Select a range from which the auto channel setting above will choose a channel Auto Pilot Interval Specify a frequency for how often the auto channel setting will check reassign the wireless...

Page 43: ...es the length of the CRC Cyclic Redundancy Check block for communication between the access point and roaming wireless adapters The default value is Short Preamble Guard Interval Set the guard interval A shorter interval can improve performance 802 11g Protection Enable disable 802 11g protection which increases reliability but reduces bandwidth clients will send Request to Send RTS to access poin...

Page 44: ...ss radio You may not require 100 output power Setting a lower power output can enhance security since potentially malicious unknown users in distant areas will not be able to access your signal Beacon Interval Set the beacon interval of the wireless radio The default value is 100 Station idle timeout Set the interval for keep alive messages from the access point to a wireless client to verify if t...

Page 45: ...gs WLAN RADIUS Group Assign the access point group s 2 4GHz SSIDs to a RADIUS group You can edit RADIUS groups in NMS Settings RADIUS Access Control Group Assign the access point s 2 4GHz SSIDs to a RADIUS group You can edit RADIUS groups in NMS Settings Access Control ...

Page 46: ...oup it will be available for selection in NMS Settings Access Point access point Profile Settings access point group Profile Group Settings The search function can be used to locate a WLAN or WLAN Group Type in the search box and the list will update Select a WLAN or WLAN Group using the check boxes and click Edit or click Add to add a new WLAN or WLAN Group ...

Page 47: ...ts as an available Wi Fi network When disabled the SSID will not be visible as an available Wi Fi network to clients clients must manually enter the SSID in order to connect A hidden disabled SSID is typically more secure than a visible enabled SSID Wireless Client Isolation Enable or disable wireless client isolation Wireless client isolation prevents clients connected to the access point from co...

Page 48: ...ecurity options wireless data encryption are available When data is encrypted information transmitted wirelessly cannot be read by anyone who does not know the correct encryption key It s essential to configure wireless security in order to prevent unauthorised access to your network Select hard to guess passwords which include combinations of numbers letters and symbols and change your password r...

Page 49: ... Point access point Profile Settings access point group Profile Group Settings WLAN Group Settings Name Edit the WLAN Group name Description Enter a description of the WLAN Group for reference e g 2nd Floor Office HR Group Members Select SSIDs to include in the group using the checkboxes and assign VLAN IDs ...

Page 50: ...a RADIUS Group it will be available for selection in NMS Settings Access Point access point Profile Settings access point group Profile Group Settings The search function can be used to locate a RADIUS Server Account or Group Type in the search box and the list will update Make a selection using the check boxes and click Edit or click Add to add a new WLAN or WLAN Group ...

Page 51: ...ion protocol of the RADIUS server Value must be between 1 65535 Shared Secret Enter a shared secret password between 1 99 characters in length This should match the MAC RADIUS password Session Timeout Set a duration of session timeout in seconds between 0 86400 Accounting Enable or disable RADIUS accounting Accounting Port When accounting is enabled above set the UDP port used in the accounting pr...

Page 52: ...he internal RADIUS server will use a self made certificate Internal RADIUS Server Name Enter a name for the Internal RADIUS Server Description Enter a description of the Internal RADIUS Server for reference EAP Certificate File Format Displays the EAP certificate file format PCK 12 pfx p12 EAP Certificate File Click Upload to open a new window and select the location of an EAP certificate file to ...

Page 53: ...ation of session timeout in seconds between 0 86400 Termination Action Select a termination action attribute Reauthentication sends a RADIUS request to the access point Not Reathentication sends a default termination action attribute to the access point Not Send no termination action attribute is sent to the access point Add Edit RADIUS Accounts The internal RADIUS server can authenticate up to 25...

Page 54: ...plays if specified user name has a password configured or not not configured Customize Click Edit to open a new field to set edit a password for the specified user name below Delete Selected Delete selected user from the user registration list Delete All Delete all users from the user registration list Edit User Registration List User Name Existing user name is displayed here and can be edited acc...

Page 55: ... group Profile Group Settings RADIUS Group Settings Group Name Edit the RADIUS Group name Description Enter a description of the RADIUS Group for reference 2 4GHz RADIUS Enable Disable primary secondary RADIUS servers for 2 4GHz 5GHz RADIUS Enable Disable primary secondary RADIUS servers for 5GHz Members Add RADIUS user accounts to the RADIUS group Maximum 5 ...

Page 56: ...denied The Access Control panel displays information about MAC Access Control MAC Access Control Groups and Groups and allows you to add or edit MAC Access Control MAC Access Control Group settings When you add an Access Control Group it will be available for selection in NMS Settings Access Point access point Profile Settings access point group Profile Group Settings The search function can be us...

Page 57: ...e Reset Clear all fields MAC address entries will be listed in the MAC Address Filtering Table Select an entry using the Select checkbox Select Delete selected or all entries from the table MAC Address The MAC address is listed here Delete Selected Delete the selected MAC address from the list Delete All Delete all entries from the MAC address filtering table Export Click Export to save a copy of ...

Page 58: ...nt group Profile Group Settings MAC Filter Group Settings Group Name Edit the MAC Access Control Group name Description Enter a description of the MAC Access Control Group for reference Action Select Blacklist to deny access to specified MAC addresses in the group and select Whitelist to permit access to specified MAC address in the group Members Add MAC addresses to the group ...

Page 59: ...rk Groups and allows you to add or edit Guest Network and Guest Network Group settings When you add a Guest Network Group it will be available for selection in NMS Settings Access Point access point Profile Settings access point group Profile Group Settings The search function can be used to locate a Guest Network or Guest Network Group Type in the search box and the list will update Make a select...

Page 60: ...N ID Broadcast SSID Enable or disable SSID broadcast When enabled the SSID will be visible to clients as an available Wi Fi network When disabled the SSID will not be visible as an available Wi Fi network to clients clients must manually enter the SSID in order to connect A hidden disabled SSID is typically more secure than a visible enabled SSID Wireless Client Enable or disable wireless client i...

Page 61: ...e available When data is encrypted information transmitted wirelessly cannot be read by anyone who does not know the correct encryption key It s essential to configure wireless security in order to prevent unauthorised access to your network Select hard to guess passwords which include combinations of numbers letters and symbols and change your password regularly Guest Access Policy Guest Portal S...

Page 62: ...s Point access point Profile Settings access point group Profile Group Settings Guest Network Group Settings Group Name Edit the Guest Network Group name Description Enter a description of the Guest Network for reference Members Add SSIDs to the Guest Network group You can override individual VLAN ID schedule settings and assign a different VLAN ID or schedule IV 5 6 Users User accounts can be cre...

Page 63: ...e print tickets with login credentials to give to guest users These staff admin accounts are created and grouped here and selected as the Front Desk User Group at NMS Settings Guest Portal Information on the Users page is displayed about each user account and user account group The search function can be used to locate a user or user group Type in the search box and the list will update The Status...

Page 64: ...assword for the account User Group Assign the user account to a user group so it can be utilized by the guest portal Add Edit User Group User Group Settings Name Edit the user group name Description Enter a description of the user group name e g Front Desk or Guest Users Role Type Select whether the group is for Guest Portal users or Front Desk managers Members Select which user accounts to includ...

Page 65: ...ettings Users and then selected as the Authentication User Group here The guest portal also generates a Front Desk URL which allows staff admins to login and quickly create manage user accounts and expiry times and generate print tickets with login credentials to give to guest users These staff admin accounts are created and grouped at NMS Settings Users and then selected as the Front Desk User Gr...

Page 66: ...ion about available types Authentication Server Select an authentication server Local Database is the default setting Front Desk User Group Select a user group for front desk access Front Desk Generation URL Displays the URL of your Front Desk page See below for more information Front Desk Printout Message Edit the content of Front Desk printout ticket Refer below for more information Authenticati...

Page 67: ...et expiry limits and printout tickets Guest Portal Type Dynamic must be selected to use Front Desk 1 Login with an account from the Front Desk User Group NMS Settings Users 2 The Guest Account Wizard allows you to setup a new user account and configure the valid period SSID or upload a bulk guest list in csv format Click Next to continue ...

Page 68: ...cons to print revive expired accounts or lock unlock disable enable accounts Yellow Expired Red Locked Grey Logged out Green Active Mouseover a status or action icon for a description and use the arrows to reorder the list according to S N or Status Anytime you choose to print account s your browser will open a print dialog box where you can select your print destination and configure print settin...

Page 69: ... preview the content of the Front Desk printout in the text box using the variables listed in the Definition Table E g USERNAME will display on the printout as the specified username Guest Portal Type Dynamic must be selected to use Front Desk ...

Page 70: ...quired Service Level Agreement Requires users to accept terms and conditions with no user login required Static Users Requires user login and accept terms and conditions Users must be created in NMS at NMS Settings Users Front Desk is not used Dynamic Users Requires user login and accept terms and conditions Allows Front Desk to create user accounts in addition to NMS ...

Page 71: ...al type Click Edit to make changes Login Portal Settings Header Image Select an 800 x 200 header image Logo Image Select a 200 x 50 logo image Title Message Enter a title message for the guest portal page Background Color Specify a background color as a HEX value Terms of Use Enter your terms of use ...

Page 72: ...es for use with the Zone Plan feature and allows you to add or edit zones The search function can be used to find existing zones Type in the search box and the list will update Make a selection using the check boxes and click Edit or click Add to add a new zone ...

Page 73: ...as a map in the Zone Plan feature Typically a floor plan image is useful Zone Setting Name Location Enter a name of the zone location Description Enter a description of the zone location for reference Members Assign access points to the specified zone location for use with the Zone Plan feature ...

Page 74: ...e and end time and group multiple schedules together into schedule groups Schedule groups can be assigned to WLANs WLAN Groups Guest Network at NMS Settings WLAN and NMS Settings Guest Network Add Edit Schedule Use the checkboxes and drop down menus to setup your schedule ...

Page 75: ...le Group WLAN Group Settings Name Edit the schedule group name Description Enter a description of the schedule group for reference Members Select individual schedules to include in the schedule group using the checkboxes ...

Page 76: ...up and AP Number Before setup the roaming group the WLAN Settings need to be configured first For example please click NMS Settings WLAN check 2 4GHz SSID and then click Edit Configure 802 11k as Enable Please note don t configure the Authentication as OPEN Then click Save and Apply Please wait about 3 minutes ...

Page 77: ...Mobility Domain 3 Enter 32 characteristics on Encryption Key 4 Select WLAN Group and select WLAN 5 It will display APs using this WLAN Setting 6 Click Edit icon on 1st AP 7 Enter 2nd AP MAC Address click Save and Close 8 Click Edit icon on 2nd AP 9 Enter 1st AP MAC Address click Save and Close ...

Page 78: ... 802 11r and 802 11k successfully IV 5 11 Device Monitoring Device monitoring enables you to specify and monitor the status any IP devices on the network such as IP cameras The description and status of each device is displayed in the table Add or Edit IP devices by entering the IP address ...

Page 79: ... or external FTP server locate the file and click Upload or Check The table below will display the Firmware Name Firmware Version NMS Version Model and Size Then click Upgrade All to upgrade all access points in the Array or select Access Point groups from the list using check boxes and click Upgrade Selected to upgrade only selected access points ...

Page 80: ...gs of the AP Array The date and time of the access points can be configured manually or can be synchronized with a time server Date and Time Settings Local Time Set the access point s date and time manually using the drop down menus Acquire Current Time from your PC Click Acquire Current Time from Your PC to enter the required values automatically according to your computer s current time and date...

Page 81: ...ur country region is not listed please select another country region whose time zone is the same as yours V 5 13 3 System Accounts Import the API Key which was received Google Developers This is for the Online Map feature in Zone Plan page Graphical zone plans with Google Maps integration and setup wizards are available for expanding and managing large networks with multiple access points Note Ple...

Page 82: ...82 ...

Page 83: ...on your LAN LAN side IP Address IP Address Assignment Select Static IP to manually specify a static fixed IP address for your access point Select DHCP Client for your access point to be assigned a dynamic IP address from your router s DHCP server or select DHCP Server for your access point to act as a DHCP server and assign IP addresses on your LAN Static IP Address IP Address Specify the IP addre...

Page 84: ...k DHCP Client IP Address When DHCP Client is selected this value cannot be modified Subnet Mask When DHCP Client is selected this value cannot be modified Default Gateway Select From DHCP or select User Defined and enter a default gateway Primary DNS Address Select From DHCP or select User Defined and enter a primary DNS address Secondary DNS Address Select From DHCP or select User Defined and ent...

Page 85: ...o devices on the network Domain Name Enter a domain name Lease Time Select a lease time from the drop down menu IP addresses will be assigned for this period of time Default Gateway Enter a default gateway Primary DNS Address Enter a primary DNS address Secondary DNS Address Enter a secondary DNS address Your access point s DHCP server can be configured to assign static fixed IP addresses to speci...

Page 86: ...disable specified LAN port Speed Duplex Select a speed duplex type for specified LAN port or use the Auto value LAN ports can operate up to 1000Mbps and full duplex enables simultaneous data packets transfer receive Flow Control Enable disable flow control Flow control can pause new session request until current data processing is complete in order to avoid device overloads under heavy traffic 802...

Page 87: ...VLAN IDs 1 4094 are supported VLAN IDs in the range 1 4094 are supported VLAN Interface Wired LAN Port Wireless Identifies LAN port 1 or 2 and wireless SSIDs 2 4GHz or 5GHz VLAN Mode Select Tagged Port or Untagged Port for specified LAN interface VLAN ID Set a VLAN ID for specified interface if Untagged Port is selected Management VLAN VLAN ID Specify the VLAN ID of the management VLAN Only the ho...

Page 88: ...ur access point s 2 4GHz Wi Fi network s When auto channel is disabled select a wireless channel manually Channel Select a wireless channel from 1 11 Channel Bandwidth Set the channel bandwidth 20MHz lower performance but less interference 40MHz higher performance but potentially higher interference or Auto automatically select based on interference level BSS BasicRate Set Set a Basic Service Set ...

Page 89: ...wireless radio preamble type The preamble type in 802 11 based wireless communication defines the length of the CRC Cyclic Redundancy Check block for communication between the access point and roaming wireless adapters The default value is Short Preamble Guard Interval Set the guard interval A shorter interval can improve performance 802 11g Protection Enable disable 802 11g protection which incre...

Page 90: ...ragment Threshold Set the fragment threshold of the wireless radio The default value is 2346 Multicast Rate Set the transfer rate for multicast packets or use the Auto setting Tx Power Set the power output of the wireless radio You may not require 100 output power Setting a lower power output can enhance security since potentially malicious unknown users in distant areas will not be able to access...

Page 91: ...ngs for Broadcast SSID Enable or disable SSID broadcast When enabled the SSID will be visible to clients as an available Wi Fi network When disabled the SSID will not be visible as an available Wi Fi network to clients clients must manually enter the SSID in order to connect A hidden disabled SSID is typically more secure than a visible enabled SSID Wireless Client Isolation Enable or disable wire...

Page 92: ...ct to the access point Disabling wireless authentication is not recommended When disabled anybody within range can connect to your device s SSID IV 6 2 3 2 WEP WEP Wired Equivalent Privacy is a basic encryption type For a higher level of security consider using WPA encryption Key Length Select 64 bit or 128 bit 128 bit is more secure than 64 bit and is recommended Key Type Choose from ASCII anyalp...

Page 93: ... supports your selection Encryption Select TKIP AES Mixed Mode or AES encryption type Key Renewal Interval Specify a frequency for key renewal in minutes Pre Shared Key Type Choose from Passphrase 8 63 alphanumeric characters or Hex up to 64 characters from 0 9 a f and A F Pre Shared Key Please enter a security key password according to the format you selected above IV 6 2 3 5 WPA EAP WPA Type Sel...

Page 94: ...iltering RADIUS authentication methods MAC RADIUS Authentication Restrict wireless clients access based on MAC address via a RADIUS server or password authentication via a RADIUS server See IV 6 5 RADIUS to configure RADIUS servers WPS must be disabled to use MAC RADIUS authentication See IV 6 4 for WPS settings MAC RADIUS Password Select whether to use MAC address or password authentication via R...

Page 95: ...hown below When using WDS configure the IP address of each access point to be in the same subnet and ensure there is only one active DHCP server among connected access points preferably on the WAN side WDS must be configured on each access point using correct MAC addresses All access points should use the same wireless channel and encryption method ...

Page 96: ...ess encryption method Local MAC Address Displays the MAC address of your access point WDS Peer Settings WDS Enter the MAC address for up to four other WDS devices you wish to connect WDS VLAN VLAN Mode Specify the WDS VLAN mode to Untagged Port or Tagged Port VLAN ID Specify the WDS VLAN ID when Untagged Port is selected above WDS Encryption method Encryption Select whether to use None or AES encr...

Page 97: ...point s 5GHz wireless network across four categories Basic Advanced Security and WDS IV 6 3 1 Basic The Basic screen displays basic settings for your access point s 5GHz Wi Fi network s Wireless Enable or disable the access point s 5GHz wireless radio When disabled no 5GHz SSIDs will be active Band Select the wireless standard used for the ...

Page 98: ...lect a range from which the auto channel setting above will choose a channel Auto Channel Interval Specify a frequency for how often the auto channel setting will check reassign the wireless channel Check uncheck the Change channel even if clients are connected box according to your preference Channel Bandwidth Set the channel bandwidth 20MHz lower performance but less interference Auto 40 20MHz o...

Page 99: ...n improve performance 802 11n Protection Enable disable 802 11n protection which increases reliability but reduces bandwidth clients will send Request to Send RTS to access point and access point will broadcast Clear to Send CTS before a packet is sent from client DTIM Period Set the DTIM delivery traffic indication message period value of the wireless radio The default value is 1 RTS Threshold Se...

Page 100: ...om the access point to a wireless client to verify if the station is still alive active IV 6 3 3 Security The access point provides various security options wireless data encryption When data is encrypted information transmitted wirelessly cannot be read by anyone who does not know the correct encryption key It s essential to configure wireless security in order to prevent unauthorised access to y...

Page 101: ...h other and improves security Typically this function is useful for corporate environments or public hot spots and can prevent brute force attacks on clients usernames and passwords Load Balancing Load balancing limits the number of wireless clients connected to an SSID Set a load balancing value maximum 50 Authentication Method Select an authentication method from the drop down menu and refer to ...

Page 102: ...on the WAN side WDS must be configured on each access point using correct MAC addresses All access points should use the same wireless channel and encryption method 5GHz WDS Mode WDS Functionality Select WDS with AP to use WDS with access point or WDS Dedicated Mode to use WDS and also block communication with regular wireless clients When WDS is used each access point should be configured with co...

Page 103: ...on the WLC 6404 Wi Fi Protected Setup is a simple way to establish connections between WPS compatible devices WPS can be activated on compatible devices by pushing a WPS button on the device or from within the device s firmware configuration interface known as PBC or Push Button Configuration When WPS is activated in the correct manner and at the correct time for two compatible devices they will a...

Page 104: ...effect as physically pushing the access point s WPS button WPS by PIN Enter the PIN code of another WPS device and click Start to attempt to establish a WPS connection for approximately 2 minutes WPS Status WPS security status is displayed here Click Release to clear the existing status IV 6 5 RADIUS Not available on the WLC 6404 The RADIUS sub menu allows you to configure the access point s RADIU...

Page 105: ...ver for each of its wireless frequencies 2 4GHz 5GHz External RADIUS servers can be used or the access point s internal RADIUS server can be used To use RADIUS servers go to Local Network Security Additional Authentication and select MAC RADIUS Authentication see IV 6 2 3 IV 6 3 3 ...

Page 106: ...106 IV 6 5 1 RADIUS Settings Configure the RADIUS server settings for 2 4GHz 5GHz Each frequency can use an internal or external RADIUS server ...

Page 107: ... 3 1 3 6 or IV 3 2 3 Session Timeout Set a duration of session timeout in seconds between 0 86400 Accounting Enable or disable RADIUS accounting Accounting Port When accounting is enabled above set the UDP port used in the accounting protocol of the RADIUS server Value must be between 1 65535 IV 6 5 2 Internal Server The access point features a built in RADIUS server which can be configured as sho...

Page 108: ...al RADIUS server will use a self made certificate Shared Secret Enter a shared secret password for use between the internal RADIUS server and RADIUS client The shared secret should be 1 99 characters in length This should match the MAC RADIUS password used in IV 6 2 3 6 or IV 6 3 3 Session Timeout Set a duration of session timeout in seconds between 0 86400 Termination Action Select a termination ...

Page 109: ...r Name Enter the user names here separated by commas Add Click Add to add the user to the user registration list Reset Clear text from the user name box Select Check the box to select a user User Name Displays the user name Password Displays if specified user name has a password configured or not not configured Customize Click Edit to open a new field to set edit a ...

Page 110: ...ed user from the user registration list Delete All Delete all users from the user registration list Edit User Registration List User Name Existing user name is displayed here and can be edited according to your preference Password Enter or edit a password for the specified user ...

Page 111: ...of network devices permitted to connect to the access point Devices are each identified by their unique MAC address If a device which is not on the list of permitted MAC addresses attempts to connect to the access point it will be denied To enable MAC filtering go to Local Settings Security Additional Authentication and select MAC Filter see IV 6 2 3 IV 6 3 3 The MAC address filtering table is dis...

Page 112: ... all fields MAC address entries will be listed in the MAC Address Filtering Table Select an entry using the Select checkbox Select Delete selected or all entries from the table MAC Address The MAC address is listed here Delete Selected Delete the selected MAC address from the list Delete All Delete all entries from the MAC address filtering table Export Click Export to save a copy of the MAC filte...

Page 113: ... queues for different categories of wireless traffic Traffic is sent to the following queues Background Low Priority High throughput non time sensitive bulk data e g FTP Best Effort Medium Priority Traditional IP data medium throughput and delay Video High Priority Time sensitive video data with minimum time delay Voice High Priority Time sensitive data such as VoIP and streaming media with minimu...

Page 114: ...om backoff value doubling see above AIFSN Arbitration Inter Frame Space milliseconds Specifies additional time between when a channel goes idle and the AP client sends data frames Traffic with a lower AIFSN value has a higher priority TxOP Transmission Opportunity milliseconds The maximum interval of time an AP client can transmit This makes channel access more efficiently prioritized A value of 0...

Page 115: ...al RADIUS server will use a self made certificate Shared Secret Enter a shared secret password for use between the internal RADIUS server and RADIUS client The shared secret should be 1 99 characters in length This should match the MAC RADIUS password used in IV 6 2 3 6 or IV 6 3 3 Session Timeout Set a duration of session timeout in seconds between 0 86400 Termination Action Select a termination ...

Page 116: ... names here separated by commas Add Click Add to add the user to the user registration list Reset Clear text from the user name box Select Check the box to select a user User Name Displays the user name Password Displays if specified user name has a password configured or not not configured Customize Click Edit to open a new field to set edit a password for the specified user name below ...

Page 117: ...t User Name Existing user name is displayed here and can be edited according to your preference Password Enter or edit a password for the specified user IV 6 9 Schedule Schedule allows the user to configure specific times and dates when the radio of the wireless account will be disabled This is designed to prevent unwanted access during non application hours ...

Page 118: ...ccess point AP mode is a standalone access point AP controller mode acts as the designated master of the AP array and Managed AP mode acts as a slave AP within the AP array IV 7 2 System Settings IV 7 2 1 System Information The System Information page displays basic system information about the access point ...

Page 119: ...ternal memory Version Displays the firmware version MAC Address Displays the access point s MAC address Management VLAN ID Displays the management VLAN ID IP Address Displays the IP address of this device Click Refresh to update this value Default Gateway Displays the IP address of the default gateway DNS IP address of DNS Domain Name Server DHCP Server IP address of DHCP Server Wired LAN Port Set...

Page 120: ...splays the authentication method for the specified SSID See IV 6 Wireless Settings Encryption Type Displays the encryption type for the specified SSID See IV 6 Wireless Settings VLAN ID Displays the VLAN ID for the specified SSID See IV 6 1 3 VLAN Additional Authentication Displays the additional authentication type for the specified SSID See IV 6 Wireless Settings Wireless Client Isolation Displa...

Page 121: ...ble SSID Displays the SSID which the client is connected to MAC Address Displays the MAC address of the client Tx Displays the total data packets transmitted by the specified client Rx Displays the total data packets received by the specified client Signal Displays the wireless signal strength for the specified client Connected Time Displays the total time the wireless client has been connected to...

Page 122: ...y Result After a scan is complete click Export to save the results to local storage Site Survey Results Ch Displays the channel number used by the specified SSID SSID Displays the SSID identified by the scan MAC Address Displays the MAC address of the wireless router access point for the specified SSID Security Displays the authentication encryption type of the specified SSID Signal Displays the c...

Page 123: ...ion such as up time and connection processes This information is useful for network administrators When the log is full old entries are overwritten Save Click to save the log as a file on your local computer Clear Clear all log entries Refresh Refresh the current log ...

Page 124: ...ss Change Settings System Boot Displays current model name NTP Client Wired Link LAN Port link status and speed status Proxy ARP Proxy ARP module start stop Bridge Bridge start stop SNMP SNMP server start stop HTTP HTTP start stop HTTPS HTTPS start stop SSH SSH client server start stop Telnet Telnet client server start or stop WLAN 2 4G WLAN 2 4G channel status and country region status WLAN 5G WL...

Page 125: ...e unable to login to the browser based configuration interface see IV 7 4 4 Factory Default for how to reset the access point Account to Manage This Device Administrator Name Set the access point s administrator name This is used to log in to the browser based configuration interface and must be between 4 16 alphanumeric characters case sensitive Administrator Password Set the access point s admin...

Page 126: ...me for verification with the SNMP manager for SNMP SET requests SNMP Trap Enable or disable SNMP Trap to notify SNMP manager of network errors SNMP Trap Community Enter an SNMP Trap Community name for verification with the SNMP manager for SNMP TRAP requests SNMP Trap Manager Specify the IP address or sever name 2 128 alphanumeric characters of the SNMP manager HTTP Internet browser HTTP protocol ...

Page 127: ...Time from your PC Click Acquire Current Time from Your PC to enter the required values automatically according to your computer s current time and date NTP Time Server Use NTP The access point also supports NTP Network Time Protocol for automatic time and date setup Server Name Enter the host name or IP address of the time server if you wish Update Interval Specify a frequency in hours for the acc...

Page 128: ...r the server consisting of up to 128 alphanumeric characters Copy Logs to Attached USB Device Check uncheck the box to enable disable copying logs to attached USB storage Syslog Email Settings Email Logs Check uncheck the box to enable disable email logs When enabled the log will be emailed according to the settings below Email Subject Enter the subject line of the email which will be sent contain...

Page 129: ...on is used above enter the password IV 7 3 4 I m Here The access point features a built in buzzer which can sound on command using the I m Here page This is useful for network administrators and engineers working in complex network environments to locate the access point The buzzer is loud Duration of Sound Set the duration for which the buzzer will sound when the Sound Buzzer button is clicked So...

Page 130: ...d or disabled according to your preference Power LED Select on or off Diag LED Select on or off IV 7 4 2 Update Firmware The Firmware page allows you to update the system firmware to a more recent version Updated firmware versions often offer increased performance and security as well as bug fixes This firmware update is for an individual access point To update firmware for multiple access points ...

Page 131: ...oad firmware from your local computer or from an attached USB device Firmware Update File Click Browse to open a new window to locate and select the firmware file in your computer Update Click Update to upload the specified firmware file to your access point ...

Page 132: ...d USB device Save Settings to PC Save Settings Click Save to save settings and a new window will open to specify a location to save the settings file You can also check the Encrypt the configuration file with a password box and enter a password to protect the file in the field underneath if you wish Restore Settings from PC Restore Settings Click the browse button to find a previously saved settin...

Page 133: ...tory Default Click Factory Default to restore settings to the factory default A pop up window will appear and ask you to confirm After resetting to factory defaults please wait for the access point to reset and restart IV 7 4 5 Reboot If the access point malfunctions or is not responding then it is recommended that you reboot the device or reset the access point back to its factory default setting...

Page 134: ...to measure the round trip time for sent messages Destination Address Enter the address of the host Execute Click execute to ping the host IV 8 1 2 Trace Route Traceroute is a diagnostic tool for displaying the route path and measuring transit delays of packets across an IP network Destination Address Enter the address of the host Execute Click execute to execute the traceroute command ...

Page 135: ...tings Follow the example below to A Create a WLAN group B Create an access point group C Assign the access point group to use the SSID group settings A 1 Go to NMS Settings WLAN and click Add in the WLAN panel 2 Enter an SSID name and set authentication encryption and click Apply 3 The new SSID will be displayed in the WLAN panel Repeat to add additional SSIDs according to your preference and then...

Page 136: ...groups according to your preference B 1 Go to NMS Settings Access Point and click Add in the Access Point Group Panel 2 Enter a Name and then scroll down to the Group Settings panel and use the button to add selected access points into your group from the box on the right side Click Apply when done ...

Page 137: ...to any language or computer language in any form or by any means electronic mechanical magnetic optical chemical manual or otherwise without the prior written permission of this company This company makes no representations or warranties either expressed or implied with respect to the contents hereof and specifically disclaims any warranties merchantability or fitness for any particular purpose An...