Administration Guide
Page 3
...multiple authentication mechanisms 40 Wireless coverage 42 Wireless mode 42 Factors limiting wireless coverage 42 Configuring overlapping wireless cells 44 Conducting a site survey 48 Monitor mode 48 Identifying unauthorized access points 49 RF channel management 50 Operating mode 50 Wireless mode 51 Channel ... limits 56 Authentication 56 Security options 56 Do not broadcast wireless network name 57 Wireless bridging 58 RF extension 58 Building-to-building connections 58 Guidelines 59 Setting up a wireless link 60 VLAN support 62 Creating VLANs 62 Default VLAN 63...
...multiple authentication mechanisms 40 Wireless coverage 42 Wireless mode 42 Factors limiting wireless coverage 42 Configuring overlapping wireless cells 44 Conducting a site survey 48 Monitor mode 48 Identifying unauthorized access points 49 RF channel management 50 Operating mode 50 Wireless mode 51 Channel ... limits 56 Authentication 56 Security options 56 Do not broadcast wireless network name 57 Wireless bridging 58 RF extension 58 Building-to-building connections 58 Guidelines 59 Setting up a wireless link 60 VLAN support 62 Creating VLANs 62 Default VLAN 63...
Administration Guide
Page 5
Introduction Chapter 1 Introduction In this chapter you can find an explanation of the conventions used in this manual, an overview of the hardware, and instructions on how to power-up the WAP-200 wireless client bridge.
Introduction Chapter 1 Introduction In this chapter you can find an explanation of the conventions used in this manual, an overview of the hardware, and instructions on how to power-up the WAP-200 wireless client bridge.
Administration Guide
Page 20
...-200 can be used as a stand-alone access point or as a Colubris Networks MultiService Controller-to manage customer logins to store the customer accounts. When multiple WAP-200s are deployed they can be • Interconnected using a backbone LAN. • Linked through a wireless bridge. Protected Network Resources Access Controller Backbone LAN RADIUS server Reset Reset Reset...
...-200 can be used as a stand-alone access point or as a Colubris Networks MultiService Controller-to manage customer logins to store the customer accounts. When multiple WAP-200s are deployed they can be • Interconnected using a backbone LAN. • Linked through a wireless bridge. Protected Network Resources Access Controller Backbone LAN RADIUS server Reset Reset Reset...
Administration Guide
Page 21
... Backbone RADIUS server Backbone LAN Reset Reset Reset PUBLIC WL AN PUBLIC WL AN PUBLIC WL AN Wireless bridge Reset PUBLIC WL AN In this type of scenario, the WAP-200 provides wireless access to users of a corporate network. Support for multiple SSIDs and VLANs makes the WAP-200 an... effective tool for delivering wireless access in an enterprise network. User authentication is handled through the corporate RADIUS server. Chapter 2 How it works Chapter 2 Enterprise deployment The...
... Backbone RADIUS server Backbone LAN Reset Reset Reset PUBLIC WL AN PUBLIC WL AN PUBLIC WL AN Wireless bridge Reset PUBLIC WL AN In this type of scenario, the WAP-200 provides wireless access to users of a corporate network. Support for multiple SSIDs and VLANs makes the WAP-200 an... effective tool for delivering wireless access in an enterprise network. User authentication is handled through the corporate RADIUS server. Chapter 2 How it works Chapter 2 Enterprise deployment The...
Administration Guide
Page 32
... filters The WAP-200 features an intelligent bridge which means wireless client stations cannot access the Management Tool on the Network > Ports page (via DHCP, PPPoE, or static). Note: If you are using multiple VLANs, each with a different ...to the WAP-200, including 802.1x. Blocked • All other Colubris Networks products. 32 Wireless security filters use the MAC address option on the Security > Access controller page. Accepted • Any IP traffic addressed to the access controller. • PPPoE traffic (The PPPoe server must be the upstream device.) • ...
... filters The WAP-200 features an intelligent bridge which means wireless client stations cannot access the Management Tool on the Network > Ports page (via DHCP, PPPoE, or static). Note: If you are using multiple VLANs, each with a different ...to the WAP-200, including 802.1x. Blocked • All other Colubris Networks products. 32 Wireless security filters use the MAC address option on the Security > Access controller page. Accepted • Any IP traffic addressed to the access controller. • PPPoE traffic (The PPPoe server must be the upstream device.) • ...
Administration Guide
Page 33
...page %w - Custom Use this option to the WAP-200 on the Security > Access controller page. %b - Mac address of the access controller, as a starting point, click Get Default Filters. MAC address of wireless port. Important: 802.1x and WPA sessions are specified using standard pcap syntax (... server or access controller to validate login credentials. Blocked • All other traffic is activated. MAC address of the default gateway assigned to define your own filters. The pcap syntax is documented in the tcpdump man page: Placeholders %a - MAC address of the bridge. %g -...
...page %w - Custom Use this option to the WAP-200 on the Security > Access controller page. %b - Mac address of the access controller, as a starting point, click Get Default Filters. MAC address of wireless port. Important: 802.1x and WPA sessions are specified using standard pcap syntax (... server or access controller to validate login credentials. Blocked • All other traffic is activated. MAC address of the default gateway assigned to define your own filters. The pcap syntax is documented in the tcpdump man page: Placeholders %a - MAC address of the bridge. %g -...
Administration Guide
Page 52
... calculated while receiving the preamble, on either Main or Aux. • When creating a point-to-point wireless bridge, Colubris Networks recommends that is used on a per frame basis.For 802.11a and 802... the WAP-200 does selection diversity, which means that can create a only single wireless cell using a small value for multicast traffic. Packets smaller than oneWAP-200, reducing the receiver sensitivity of ...on the link that if a station is larger than one wireless access point installed in Monitor mode. If a packet is too far away to use the default setting ...
... calculated while receiving the preamble, on either Main or Aux. • When creating a point-to-point wireless bridge, Colubris Networks recommends that is used on a per frame basis.For 802.11a and 802... the WAP-200 does selection diversity, which means that can create a only single wireless cell using a small value for multicast traffic. Packets smaller than oneWAP-200, reducing the receiver sensitivity of ...on the link that if a station is larger than one wireless access point installed in Monitor mode. If a packet is too far away to use the default setting ...
Administration Guide
Page 55
... > DNS page. 55 You can be set statically or via DHCP on both LAN ports. Chapter 2 How it works Chapter 2 Addressing The WAP-200 is a wireless bridge, which means that all its ports share the same IP address. Default settings By default the WAP-200 is configured as a DHCP client on the...
... > DNS page. 55 You can be set statically or via DHCP on both LAN ports. Chapter 2 How it works Chapter 2 Addressing The WAP-200 is a wireless bridge, which means that all its ports share the same IP address. Default settings By default the WAP-200 is configured as a DHCP client on the...
Administration Guide
Page 58
... configuration, both access point functionality and wireless bridging. RF extension Wireless bridging provides an effective solution for extending wireless coverage in two adjacent buildings. MSC-3200 MSC-3300 wireless bridge WAP-200 Reset Building-tobuilding connections The wireless bridging feature can operate at the same time as the network serving wireless customers. Note: When a directional antenna is used to create point-to a wireless access point. Each...
... configuration, both access point functionality and wireless bridging. RF extension Wireless bridging provides an effective solution for extending wireless coverage in two adjacent buildings. MSC-3200 MSC-3300 wireless bridge WAP-200 Reset Building-tobuilding connections The wireless bridging feature can operate at the same time as the network serving wireless customers. Note: When a directional antenna is used to create point-to a wireless access point. Each...
Administration Guide
Page 59
... cannot be used for Channel on the Wireless > Radio page. • If a single radio is used to provide both access point functionality and a wireless link, bandwidth is shared by all bridged access points and all their associated client stations. • All wireless ports must be on the same subnet,...same settings must be used on all access points. • If you establish a wireless link between two WAP-200s, or a WAP-200 and a MultiService Controller, then access to the Management Tool across the bridge is blocked. • As soon as a wireless bridge link is established, the spanning tree ...
... cannot be used for Channel on the Wireless > Radio page. • If a single radio is used to provide both access point functionality and a wireless link, bandwidth is shared by all bridged access points and all their associated client stations. • All wireless ports must be on the same subnet,...same settings must be used on all access points. • If you establish a wireless link between two WAP-200s, or a WAP-200 and a MultiService Controller, then access to the Management Tool across the bridge is blocked. • As soon as a wireless bridge link is established, the spanning tree ...
Administration Guide
Page 60
...3. Enable the Security checkbox and select one to encrypt traffic on one unit and ping the other access point. 7. This is good. Chapter 2 How it works Chapter 2 Setting up a wireless link. 1. Under Addressing, specify the Remote MAC address. Click Save. Once both units have the... in megabits per second, or select Auto in the Wireless bridging status box as a guide, adjust the antennas to the same value as the other access point. 11. The WDS group configuration page opens. 2. Set the Channel to Access point and Wireless links. 10. This is working. 2. For Speed...
...3. Enable the Security checkbox and select one to encrypt traffic on one unit and ping the other access point. 7. This is good. Chapter 2 How it works Chapter 2 Setting up a wireless link. 1. Under Addressing, specify the Remote MAC address. Click Save. Once both units have the... in megabits per second, or select Auto in the Wireless bridging status box as a guide, adjust the antennas to the same value as the other access point. 11. The WDS group configuration page opens. 2. Set the Channel to Access point and Wireless links. 10. This is working. 2. For Speed...
Administration Guide
Page 62
...be defined on the LAN ports, as well as a range. • DHCP client-The VLAN obtains its IP address from a DHCP server on wireless links. For scenarios that the VLAN is associated with VLANs, see the Colubris Networks Configuration Guide. Under VLAN configuration you define a range of the... name for the VLAN (802.1q). VLANs can also define a range of all defined VLANs. Creating VLANs Use the following steps to create a VLAN bridge across the ports. The same VLAN ID can view a list of VLANs in the form X-Y. Open the Network > Ports page. Click Add New VLAN...
...be defined on the LAN ports, as well as a range. • DHCP client-The VLAN obtains its IP address from a DHCP server on wireless links. For scenarios that the VLAN is associated with VLANs, see the Colubris Networks Configuration Guide. Under VLAN configuration you define a range of the... name for the VLAN (802.1q). VLANs can also define a range of all defined VLANs. Creating VLANs Use the following steps to create a VLAN bridge across the ports. The same VLAN ID can view a list of VLANs in the form X-Y. Open the Network > Ports page. Click Add New VLAN...
Administration Guide
Page 63
... stations. Address allocation and security measures are : • A customer cannot be assigned to a VLAN that is now bridged across the interfaces. For example, a wireless station could override this feature. Chapter 2 How it to any interface. 63 Important: Per-SSID VLANs cannot have the...can only be assigned to a VSC with a VSC that is already set as the default VLAN ID. Wireless clients that connect to a VLAN that is exchanged with the access controller • All traffic exchanged with external RADIUS servers • HTTPS sessions established by assigning VLAN 40....
... stations. Address allocation and security measures are : • A customer cannot be assigned to a VLAN that is now bridged across the interfaces. For example, a wireless station could override this feature. Chapter 2 How it to any interface. 63 Important: Per-SSID VLANs cannot have the...can only be assigned to a VSC with a VSC that is already set as the default VLAN ID. Wireless clients that connect to a VLAN that is exchanged with the access controller • All traffic exchanged with external RADIUS servers • HTTPS sessions established by assigning VLAN 40....