LevelOneメーカーEAP-200の使用説明書/サービス説明書
ページ先へ移動 of 81
1 LevelOne EAP-200 Enterprise Access Point User Manual V1.00.
2 Table of Content s 1. Before You Start ............................................................................................................................. 3 1.1 Preface ......................................................................
3 Article I. Before You Start Section 1.01 1.1 Pref ace This manual is intended for system integrators, field engine ers, and networ k administrators to set up LevelOne’ s EAP-200 802.1 1n/b/ g 2.4GHz MIMO Access Point in their network environment s.
4 Section 1.03 1.3 Pack age C ontent The sta ndard p ackage of EAP-200 in cludes: • Lev elOne EAP-2 00 x1 • Quic k Installation Guide (QI G) x1 • CD-ROM (with User’s Manua l and QIG) x1 • Co.
5 Article II. System Overvie w and Getting Started Section 2.01 2.1 Introduction of LevelOne EAP-20 0 The LevelOne EAP-200 Enterprise A ccess Point em bedded with 802.1 1 n/b/g 2.4GHz MIMO radio in dust-proof meta l ho using i s designe d for wireless connectiv ity in enterpr ise or industri al env ironment s o f a ll dimensions.
6 Section 2.02 2.2 Deployment Topology Common Netw ork Layout with EAP-200s This above de ployment scenario illustr ates a deploy ment exa mple using t hree access p oint s, A P-1 , A P-2 , and AP-3 . • Three EAP-200 sy stems c onstruct a network co mprising of wire d and wir eless seg ments • AP-2 plays t he role of a w ireless bridge.
7 Section 2.03 2.3 Hardwa re Description This section de picts the hardw are informat ion including all pa nel descripti on. Connector Panel EAP-200 Con nector Pane l 1 USB Disabled for f uture usage only . 2 WES Press to st art runn ing W ES proce ss.
8 LED Panel EAP-200 LED Panel 1 Power LED LED ON ind icates power on; OFF indicates pow er off. 2 LAN LED LED ON ind icates LAN ca bl e connected; OFF indic ates no connection; BLINKING indicates tr ansmitting dat a. 3 WLA N LED LED ON indicate s wireless ready .
9 2.4 Hard ware Install ation Please follow the step s mentio ned below to insta l l the hardwar e of EAP-200: 1. Place the EA P-200 at the best l ocation. The best locat i on for EA P-200 is usua lly at the center of y our intended wireless network. 2.
10 Section 2.04 2.5 Console Interface Via thi s port to enter the conso l e interface f or the adm inistrator to check the IP address of EA P -200 and reset the device to default if t he admin pa ssword is forgotten.
11 When resett ing the dev ice to default fro m the cons o le interface, k ey in “reset 2def” for login and password. Confirm “y es” and EAP-200 will beg i n the reset process. When the log in prompt r eappears, the device has c ompleted the reset to default proce ss and the LAN IP is reset to 192.
12 Section 2.05 2.6 Access Web Man agement Interface LevelOne EA P-200 suppo rts web-based con f igurati on. Upon the completion of hardwar e installation, EAP-200 can b e configured through a P C by using it s web browser suc h as Mozilla Firefox 2. 0 (and hig her) or Internet Exp lorer version 6.
13 The Web Management Int erface - S ystem Over view Page.
14 • To logout, simply cli ck on the Logout butt on at the upper ri ght hand corner of the interface to return to the Administrator L ogin Page. Click OK to logout.
15 Please follow the followin g steps t o change the a dministrator ’s p assword: Change Passwo rd Page Clic k on the Util ities main m enu button, an d then select the Cha nge Pass word tab. Enter the old pas sword and then a new pas sword with a length o f up to 32 c haracters, an d retype it in the Re-enter N ew Pass word field.
16 Article III. Connect your AP to your Network The following i nstructions d epict how t o estab l ish the wireless coverag e of your network. The AP w ill connect to the networ k through it s LAN por t and prov ide wireless ac cess to your network.
17 From here, click on the System icon to arrive at the following page. On this P age you can make ent ries to the Name , De scription , and Locati on fields as w ell as set the device’s t ime. System Informat ion Page There are t wo methods o f setting u p the ti me: Manual (indicat ed by the option Set Date & Ti me ) and NTP .
18 While still on t h is Page, click on the Net wo rk Interf ace t ab to begin configurati o n of the net work settings. Network Settin gs Page If the deploy ment decides the AP will be g etting dynam.
19 Step 3: Confi gure the AP’s W ireless General Sett ings Click on the W ireless icon follow ed by the General t ab. On this pag e we only need to choose the Band and Cha n nel that we wish to u se. Wireless Gene ral Setting s Page On this pa ge, select the Band wit h which the AP is to broadcast it s signal.
20 Step 4: Confi guring Wi reless Coverage ( V AP-1) T o setup the AP’s wir eless access, refer to the follow i ng V AP-1 con f iguration (o ther V AP configur ation can refer to the same setu p steps as done for V AP-1). Click on the Ov erview tab to procee d.
21 The desired V AP profile can be selected from the dr op-down menu of Profile Name and V AP-1 configuration w ill serve as an example for all other V A Ps. Be fore proceeding further , please make sur e that the V A P fi eld is Enab le ; afterwards, ent er an E S SID to represe nt the WLAN associate d with AP’s V AP-1.
22 Article IV. Adding Virtual Ac ces s Points EAP-200 pos sesses the f eature of mult i -ESSID; na m ely , it can be ha ve as m ultiple virtual a ccess points, providing dif ferent levels o f services fro m the same physical AP d evice. Please clic k on the Wir eless icon to review the V AP Overview page.
23 Please select the desired V AP profile fro m the drop-down menu of Profile Na me. Choose E nable for the V AP field. Pick a descriptive Profile N ame and an appropriate ESSID for client s to associate to. A VLAN I D can be provided to indicate the traf fics through thi s partic ular V AP .
24 Article V. Secure Your AP Differ ent V AP may require dif ferent level of secur ity . Thes e instructions will gui de the user thr ough setti ng up dif ferent ty pes of secur ity for a p articular V AP . Simp ly repeat the following steps for other V AP with security requi rement.
25 to begin the next step. Step 2: Confi gure Securi ty Settings for your V AP The following i nstructions wil l guide the us er to set up wireless sec uri ty w ith a specific V AP . If only restricted access of certain M AC addresse s is desired, skip to the St e p3.
26 • None : Authenticat i on is not requi red and d ata is not encrypted during trans mission when this option is selected. This i s the default setting as s ho wn in t he following f igure.
27 • 802.1 X: W hen 802.1 X Aut hentication is selected, R ADIUS aut hentication a nd enhanced dyna m ic WEP are prov i ded. Security Settin gs: 802.1 X Authent ication Dynami c WEP S ettings: o Dynamic WE P : For 802. 1X security type, Dynamic WEP is always enab l ed to aut omatically generate W EP key s for encryption.
28 • WPA -PSK: Provide share d ke y authent icaiton in W P A da ta encr yption. Security Settin gs: WPA-P SK Cipher Sui te: S elect an encryption meth od f ro m TKIP (WP A) , AES (WP A ) , TKIP (W AP2) , AES (W A P2) , or Mixed . Pre-share d Key T ype: Select a pre-s hared key type: PSK (He x) or Passphrase .
29 • WPA -RADIUS: Authenticate users b y RADIU S and provide W PA data encr yption. Security Settin gs: WPA-R ADIUS WP A Settings: o Cipher Suit e: Select an e ncryption method from T KIP (WP A ) , AES (WP A ) , TKIP ( W AP2) , AES (W A P2) , or Mixed .
30 Step 3: Confi guring M AC ACL ( A ccess Control List) Clicking on the hyperlink c orresponding w ith intende d V AP in the M AC ACL col umn, the us e r will be brought t o the A c cess Control Settin g s page.
31 MAC ACL Deny Li st.
32 4) RADIUS A CL : Authentica te incoming MAC address es by an external RA D IUS serv er. W hen RADIUS ACL is selected, all incoming M AC addres ses will be authenticat ed by a n external RADIUS serv er. Pl ease note t hat each VAP MAC ACL and its secur i ty ty pe (shown on the Security S ettings page) share the same RA DIUS con figuration.
33 Article VI. Create a WDS Bridge between two APs WDS link cre ation will ass ist to extend networ k coverage w here running wires i s not an option, ef f ectively transferring the t raf fics to the other end of WLAN/L AN through the EAP-200. Since this is a peer to peer connection, both EAP-200 s will be con figured by the same way .
34 Step 2: Prev ent Loops if Connecting M any APs When many AP s are linke d in this manner , undesired loop s may form to low er overall WLAN performance. T o prevent such occ urrence, ple ase ma k e sure Layer 2 STP is enabled. T o turn on this featur e, please click on the Sy stem and then Net work Interfac e tab.
35 Article VII. Web Managemen t Interface Configuration This chapter will guide the user through the EAP-2 00’s deta iled settings. Th e follow ing tab le shows al l the User Inter face (UI) funct ions of Lev elOne’s EAP-200 Enterprise Access Po i nt.
36 Event Log Note: On each conf iguration p age, the user may Click SAVE t o save the changes, b ut the user m ust reboot the syste m upon the co mpletion of all configurati ons for the c hanges to take effect. Upo n clicking S AVE , the following message will appear: “Some modif ication has been s aved and w ill take ef fect after R eboot.
37 Section 7.01 7.1 System Upon clicking o n the Sy stem button, users can w o rk on t his section for general con fi gurations of the devices (e. g. Time Setup, Network Configurations, a nd System Logs) . This section includ es the follo wing functions: G eneral , Net work Interface , M anagement , GRE T unnel and CA PW A P .
38 1) Enable NTP : By selecting E nabled N TP , EAP-20 0 can synchr onize its system time with the NTP server automatica lly . While this m ethod is chos en, at least one NTP server's IP address or domain name must b e provided. NTP Time Con figuration Fields Generally netw orks would have a common NTP server (internal or external).
39 (b)7.1.2 Network Interf ace On this pa ge, the network settings of the d evice can be configure d; fields w ith a red ast erisk (i.e. IP Address , Netm ask , Defa u lt Gate w ay , and Primar y DNS Server ) are mandatory . Network Settin gs Page • Mod e: Determine t he way to obtain the IP address, by DHCP or Stat ic .
40 (c) 7.1.3 Management The manage m ent service s (e.g. VLA N for Management , S NMP , and Sy stem log ) can be con f igured here. Management Se rvices P age • VLA N for Management : W hen it is enabled, mana gement traffics from the s ystem will be t agged with a VLAN ID.
41 • SN M P C onfiguratio n: By enab ling SNMP funct ion, the ad m inistrator can obta in the system i nformation remotely . SNMP Configuratio n Fiel ds Enable/ Dis able: Enabl e or Disa b le this funct i on. Community String: T he com munity str ing is required w hen accessin g the M anagement In f ormation Base (MIB) of the syste m .
42 (d) 7.1.4 GRE Tunnel When GRE tu nn el is creat ed between EAP-200 an d the controller , EAP-200 ca n be logically deploy e d into the Controller’s managed network reg ardless of it s physical locati on. If the t unnel is created from WHG seri es controllers, a l l of the conf iguration sho uld be performed on the Controller side.
43 (e) 7.1.5 CAPWAP CAPWAP is a st andard interoperabl e protocol t hat enab les a controller to manage a collection of wireles s access points. There are 5 ways of discovery , DNS SRV, DHCP opt ion, Broad cast, Multicast, and Stat ic.
44 Manage Certi ficates.
45 Section 7.02 7.2 Wireless This section i ncludes the following funct ions: V A P Overview , Gener al , V A P Configuration , Securi ty , Repeater , A dvanced , Access Control , and Sit e Survey . EAP-200 supports up to eight V i rtual Access Points ( V APs).
46 • State: The hyperlin k showing E nable or Dis able co n nects to the VA P Configuration page. VAP – State Page • Security Ty p e: The hyper l ink showing the secur ity type connects to the S ecuri ty Setti ngs Page.
47 • M AC A C L: The hyper link showi ng Al low or Disable connects to the A ccess C ontrol S ettings Pag e. VAP – MAC ACL Page • Advanced Settin g s: The ad vanced set tings hy perlink con nects to the A dvanced Wireless S ettings Page.
48 (b)7.2.2 General AP’s general wirel e ss settings ca n be configured her e: AP General Settin gs Pag e • Band : Select an ap propriate wireless ba nd : 802.1 1b , 802.1 1g , 802. 1 1b+802. 1 1g , 802.1 1g+802. 1 1n or select Disabl e if the wire less function is not r equired.
49 from the access point. **Due to RF reg ulation in dif f erent natio ns, availab le values in the above t able will differ . Table 2 RF Configuratio ns (under n ormal ci rcumstances i n certain countries ) Band Channel Rate Power Disable N/A N/A N/A 802.
50 (c) 7.2.3 VAP Configuration This section prov i des conf iguration of ea ch Virt ual Access Point w ith settings s uch as Profile Name , ESSID , and V L AN ID . VAP Configu ration Page T o enable specific V AP , se l ect the V AP fro m the drop -down list of Pr ofile Name.
51 (d) 7.2.4 Security EAP-200 sup ports v arious wireless authe n tication and data e n cryption methods in e ach V AP profile. With this, t he adm inistrator can prov i de dif ferent serv i ce le vels to cl ients. The sec urity type includes None , WEP , 802.
52 802.1 1 A uthentication: S el ect from O pen System , Shared Key , or A uto . WEP Key Length: Select from 64-bit , 128-bit , 152-bit key length. WEP Key Format: Select from ASCII or Hex for m at for t he W EP key . WEP Key Index: Select a k ey index fr om 1 ~ 4 .
53 o Accounting Port: The p ort number used by the RADIU S server for ac counting purposes. S pecify a port number or use the default, 1813. o Accounting Interim U p date Interval: The sy stem will update acco unting inform ation to t he RADIUS serv er every interval period.
54 WP A-RA DIUS: If th is opti on is se lected, the RADIU S auth entication and dat a encrypt ion w ill be both enabled. Security Settin gs: WPA-RADIUS WP A Settings: o Cipher Suit e: Select an e ncryption method from T KIP (WP A) , AES ( WP A) , TKI P (W AP2) , AES (WAP2) , or Mixed .
55 (e) 7.2.5 Repeate r T o extend wireless n etwork coverage, EAP-2 00 sup ports 3 options of R epeater t ype, None , W D S or Universal Rep ea ter ; se lecting None w ill turn of f this function.
56 WDS If WDS i s selected, EAP-200 can su pport up to 4 W DS l inks to its peer APs. Security T ype ( None , WE P , or WP A/ P SK ) can be conf igured to dec i de which en cryption to be used for WDS connect ions respectively .
57 (f) 7.2.6 Advanced The advanced w ireless se ttings for the EAP-200’ s V AP (V irtual A ccess Point) profiles al l ow custo m ization of data transmission settin gs. Th e administrat o r can t une the followi ng p arameters to improve net work communicatio n perfor mance if a poor co n nection oc curs.
58 • WMM: T he default is D isable. W i-Fi Multimed i a ( WMM) is a Quality of Service ( QoS) feature t h at prioritizes w ireless dat a packets based on four acce ss categories: voice, video, best ef fort, and background.
59 (g) 7.2.7 Access Control On this pa ge, the network administrator ca n restrict the tot al number o f client s connected t o the EA P-200, as well as spe cify p articular MAC addresses t ha t can or cannot acces s the device.
60 • A ccess Control Type The administrator can rest rict the wireless ac cess of client devices bas ed on their MAC addr esses. Disable A ccess Control : W hen Disabl e is selected, there is no restriction f or client devices to access the sy stem.
61 MAC ACL De ny Li st: When selecti ng MAC A C L Deny List , all client devices are granted w ith access to t h e system exc ept those listed in the Den y List ( “denied MAC addr esses”). The administrator ca n allow any denied M AC address t o connect t o the syst em temporari ly by checking Disable .
62 RADIUS ACL: Authe nticate i ncoming MAC addres ses by an external RADIUS. W hen RA DIUS ACL is selected, a ll incoming M AC addre sses will be aut henticated by an externa l RADIUS. Pl ease note that each VAP’s MAC ACL and its security type (shown on the Securi ty Settings page) share the same RADIUS config uration.
63 (h) 7.2.8 Site Survey Sit Survey is a useful tool to prov ide information about the surrounding w ireless env ironment; av ai lable APs are shown w ith their respect ive SSID, M AC Address, Chann el, Rate sett ing, Signal re ading, and Security type.
64 W P A-PSK: C lick Setup to con f igure the W P A-PSK s etting for associat i ng with the target AP . The following c onfiguration box wi ll then appear a t the bott om of the scr een. I nformation provided here mu st be co nsi stent with the secur i ty sett ings of the t arget AP .
65 Section 7.03 7.3 Firewall The syste m provides an a dded secur i ty feature, Layer2 Firew all, in addit ion to ty pica l A P s ecurity . Layer2 Firewall of fers a firewall funct i on that is t ailo.
66 >>T o delete a specif ic rul e, Del in Settin g column o f firewall list will lead t o the followin g page for re moval confir mation. After SA VE button is clicked and syst em reboot, the rule wi l l be remov ed.
67 VLAN ID (when Ether T ype i s 802.1 Q ) : The VLAN I D is provided to a ssociate with certain VLAN-t a gging traf fics. Priority (when Et herT ype i s 802.1 Q ) : It denotes the priority level with assoc i ated VL AN traf fics. Encaps u lated T ype (when EtherT ype is 802.
68 Please ma k e sure all des ired rules ( state of rule) ar e checked and sa ved in o verview page; the rule will be enforced upon sy stem reboot..
69 (b)7.3.2 Service The ad m inistrator can add or delete firewall serv ice here; the services i n this list will be come options to choose in firewall ru le (when Ethe rT ype is IPv4). EAP-200 prov i des a list of rules to bloc k or p a ss traf fics of layer-3 or ab ove protocols.
70 (c) 7.3.3 Advanced Advanced firew all settings are used to supplement t he firewall rules, prov i ding extr a security enha n cement against DHCP and ARP traf fics traversing the av ailable interfaces of sy stem.
71 Section 7.04 7.4 Utilities The administrator can m aintain th e system on t his p age : Change Pa sswor d , Backup & R estore , Sy stem Upgrade , R eboot and U pload Certificate .
72 (b)7.4.2 Backup & Restore This function is u sed to backup and rest ore the EAP-200 sett ings. The EAP-200 can a lso be restored t o factory defau l ts us ing this function. I t can be used to duplicate settings t o other access p oints (backup settings of thi s system a nd then r estore on anot her AP).
73 (c) 7.4.3 System Upg rade The EAP-200 p rovides a web firmware upload / upgrade feature. The admini strator can download t he latest firmware from the w eb site and sav e it on the a dmi nistrator’s PC.
74 (d) 7.4.4 Reboot This function al l ows the adm inistrator to restart the EAP-20 0 safely . The process shall t ake about three minutes. Clic k Reboot t o restar t the sy stem . Please w a it for the blinki ng timer t o complete its c ount down before access i ng the syst em’s W eb Manag ement In terface aga in.
75 (e) 7.4.4 Upload Certificate This function is u sed to setup the adv an ced configur ation for the CAP WAP to manage Cert ificates. Certificate: It provides Certificate security for CAP WAP to ensures the safe ty between A ccess Controller and WAP .
76 Section 7.05 7.5 Status This p age is used t o v iew the cur rent condition and state of th e system and includes t he following functions: Overv iew , Associated C lient s , Repeater an d Event Log. (a) 7.5.1 Overview The Sy stem Overview pa ge provides an overview o f the system st atus for the admin i strator .
77 Table 3 Statu s Page's O rganization al Layout Item Description System System Name The syste m name of the EAP-200. Firmware V ersion The present f irmware ver sion of the EAP-200 Build Number The present f irmware bui ld number of the EAP-200 Location The location o f the EAP-2 00.
78 (b)7.5.2 Associated Clients The administrator can re motely oversee the st atus of all assoc i ated client s on this page. When a low SNR is found here, the admin istrator can tune the corres ponding paramet ers or inv estigate the settings of associated cl ients to improv e network communicati on perfor mance.
79 (c) 7.5.3 Repeater The administrator can rev i ew detai l ed informat i on of t he repeater funct io n on this p age. Information of repeater ’s st atus, mode and encryption is pr ovided.
80 (d) 7.5.4 Event Log The Event Log provides t he records of sy stem activ ities. The administrator ca n monitor the system st atus by checking t his log.
81 Section 7.06 7.6 Online He lp The Help but ton is at the upper right corner o f the display screen. Click Help for t he Onlin e Help window , and then click the hyperlink o f the rele vant informat ion needed.
デバイスLevelOne EAP-200の購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
LevelOne EAP-200をまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはLevelOne EAP-200の技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。LevelOne EAP-200の取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。LevelOne EAP-200で得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
LevelOne EAP-200を既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はLevelOne EAP-200の不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、LevelOne EAP-200に関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちLevelOne EAP-200デバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。