Page 1 ORiNOCO AP-4000 Series Access Points User Guide...
Page 2 Copyright © 2005 Proxim Corporation. All rights reserved. Covered by one or more of the following U.S. patents: 5,231,634; 5,875,179; 6,006,090; 5,809,060; 6,075,812; 5,077,753. This user’s guide and the software described in it are copyrighted with all rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form by any means without the written permission of Proxim Corporation.
Page 3: Table Of Contents
AP-4000 Series Hardware Description ........
Page 4 RADIUS Servers per Authentication Mode and per VLAN ......... . 106 AP-4000 Series User Guide...
Page 5 Symptoms and Solutions............. . 148 AP-4000 Series User Guide...
Page 6 Alarms Parameters............... . 204 AP-4000 Series User Guide...
Page 7 AP-4000/4000M Channels ........
Page 8 Safety Information (USA, Canada, & European Union) ........230 Federal Communications Commission (FCC) (AP-4000/4000M) ....... 231 Warnings .
Page 9: Introduction
• IEEE 802.11 Specifications • Management and Monitoring Capabilities Products Covered in this User Guide This User Guide details functionality of the AP-4000 Series Access Points, consisting of the following: Product AP-4000 Tri-mode AP that supports: • 802.11b, 802.11g, or 802.11a clients simultaneously The AP-4000 can be converted to an AP-4000M using Proxim’s...
Page 10: Introduction To Wireless Networking
Easy installation and operation • Over-the-air encryption of data • High speed network links Figure 1-1 Typical Wireless Network Access Infrastructure Figure 1-1), the AP functions as a wireless network access point to data and voice AP-4000 Series User Guide...
Page 11: Mesh Networking (Ap-4000M/4900M Only)
Mesh Networking (AP-4000M/4900M Only) Mesh Networking (AP-4000M/4900M Only) Using the ORiNOCO Mesh Creation Protocol (OMCP), The AP-4000M and AP-4900M support structured Mesh networking. For information on converting an AP-4000 into an AP-4000M to enable Mesh functionality, see Software Kit. In a mesh network, access points use their wireless interface as a backhaul to the rest of the network. Access points connected directly to the wired infrastructure are called “portals;”...
Page 12 It will only be used as a possible alternative link. Similarly, the link between MAP3 and MAP4 is an alternative uplink for MAP3, and at the same time an alternative uplink for MAP4. If for some reason the link Figure 1-3. Solid lines indicate established links. AP-4000 Series User Guide...
Page 13: Mesh Network Configuration
Mesh Portals. • The maximum number of links in the mesh network is 6. Proxim recommends that administrators configure their Mesh network to allow between 20-30 access points per portal for an average per-client throughput of 300-500 Kbps. This...
Page 14: Guidelines For Roaming
Guidelines for Roaming • Typical voice network cell coverages vary based on environment. Proxim recommends having a site survey done professionally to ensure optimal performance. For professional site surveyors, Ekahau™ Site Survey software is included in the Xtras folder of the Installation CD.
Page 15: Ieee 802.11 Specifications
Command Line Interface The Command Line Interface (CLI) is a text-based configuration utility that supports a set of keyboard commands and parameters to configure and manage an AP. for details. AP-4000 Series User Guide Available Channels Available Channels for details.
Page 16: Snmp Management
ORiNOCO Enterprise MIB Proxim provides these MIB files on the CD-ROM included with each Access Point. You need to compile one or more of the above MIBs into your SNMP program’s database before you can manage an Access Point using SNMP. See the documentation that came with your SNMP manager for instructions on how to compile MIBs.
Page 17: Ssh (Secure Shell) Management
For information on how to manage devices using SNMP or SSH, see the documentation that came with your SNMP or SSH program. Also, see the MIB files for information on the parameters available via SNMP and SSH. AP-4000 Series User Guide...
Page 18: Installation And Initialization
The AP-4000/4000M/4900M contains two embedded radios: one 802.11b/g radio and one 802.11a only radio. The 802.11a radio supports operation in 802.11a only mode in the AP-4000, and operation in either 802.11a only or 4.9 GHz Public Safety mode in the AP-4900M. 4.9 GHz Public Safety mode is for use in the licensed 4.9 GHz band; only users with licenses to operate in this band should access it.
Page 19: Antennas
Figure 2-1 Rear Panel The AP-4000/4000M/4900M has been designed to rest horizontally on a flat surface, but can be wall- or ceiling- mounted with the long axis vertical. The unit includes screw slots in the bottom plastic for mounting to a flat wall or ceiling.
Page 20: Active Ethernet
Operation. Active Ethernet The AP-4000/4000M/4900M is equipped with an 802.3af-compliant Active Ethernet module. Active Ethernet (AE) delivers both data and power to the access point over a single Ethernet cable. If you choose to use Active Ethernet, there is no difference in operation; the only difference is in the power source.
Page 21: Led Indicators
NOTE: The AP’s 802.3af-compliant Active Ethernet module is backwards compatible with all ORiNOCO Active Ethernet hubs that do not support the IEEE 802.3af standard. LED Indicators The top panel of the AP-4000/4000M/4900M has the following LED indicators. Power Wireless Interfaces...
Page 22: Prerequisites
Installation and Initialization Prerequisites Prerequisites General Prerequisites Before installing an AP-4000/4000M/4900M, you need to gather certain network information. The following table identifies the information you need. Network Name (SSID of the wireless cards) AP’s IP Address HTTP Password CLI Password...
Page 23: Mesh Prerequisites
Mesh links may be secured through AES encryption. You may also choose to use Mesh functionality without security enabled. The password shared between Mesh Access Points when AES is enabled (AES is enabled by default). This password should be between 6 and 32 characters. The default password is “public.” AP-4000 Series User Guide...
Page 24: Product Package
Installation and Initialization Product Package Product Package Each AP-4000/4000M/4900M comes with the following: • AP-4000/4000M/4900M unit (with integrated 802.11a radio and 802.11b/g radio, and Active Ethernet) • Power adapter • One ceiling or wall mounting plate • Security cover •...
Page 25: Hardware Installation
If using Active Ethernet, connect power to the unit from a DC injector device, such as the ORiNOCO 1-Port Active Ethernet DC Injector hub. Regulatory Compliance section. "Regulatory Compliance” (Cumplimiento Compliance」セクションを参照し、使用許諾の「Regulatory AP-4000 Series User Guide Regulatory “Regulatory „Regulatory...
Page 26: Installing The Security Cover
NOTE: You cannot connect an RS-232 cable to the AP-4000/4000M/4900M when a security cover is installed. 1. Slide the hinging end of the security cover into the hole on the rear panel of the AP-4000/4000M/4900M to the left of the connectors.
Page 27 Installation and Initialization Hardware Installation Once you have chosen a final location for your unit, mount the AP-4000/4000M/4900M to a wall, to a T-bar ceiling, or in a vehicle as described below. Mounting the AP-4000/4000M/4900M to a Ceiling 1. Attach the mounting plate to the bottom of the AP-4000/4000M/4900M by lining up the keyholes and attaching it with two screws.
Page 28: Installing External Antennas
Figure 2-6 Opening the Antenna Compartment 2. There are four antenna connectors in the AP-4000/4000M/4900M, labeled 1 through 4. Connectors 1 and 2 are for the 802.11b/g radio, and connectors 3 and 4 and for the 802.11a radio.Connect the antenna cable to connector 1 or 4 (the connector closer to the LED panel in the compartment), depending on the radio.
Page 29: Installing The Ap In A Plenum
To attach an external antenna to the AP-4900M, attach the selected antenna to the pigtail attachment connected to the AP’s antenna connector 3 (see For a list of recommended antennas, see http://www.proxim.com/products/wifi/accessories. Figure 2-8 AP-4900M External Antenna Connection Installing the AP in a Plenum In an office building, plenum is the space between the structural ceiling and the tile ceiling that is provided to help air circulate.
Page 30 Test for Heat and Visible Smoke Release for Discrete Products and Their Accessories Installed in Air-Handling Spaces”. The AP-4000/4000M/4900M has been certified under UL Standard 2043 and can be installed in the plenum. When installed in a plenum, the AP must use Active Ethernet.
Page 31: Initialization
6. After the software has been installed, double-click the ScanTool icon on the Windows desktop to launch the program (if the program is not already running). ScanTool scans the subnet and displays all detected Access Points. The ScanTool’s Scan List screen appears, as shown in the following example. AP-4000 Series User Guide Client Connection Problems).
Page 32 Highlight the entry for the AP you want to configure. b. Click the Change button. The Change screen appears. Troubleshooting for suggestions. Note that after rebooting an Access Logging In section for information on how to access the HTTP interface AP-4000 Series User Guide...
Page 33: Logging In
Select Tools > Internet Options. – Click the Connections tab. – Click LAN Settings. – If necessary, remove the check mark from the Use a proxy server box. Static AP-4000 Series User Guide Client Connection Problems. Command Line Interface (CLI).)
Page 34 5. Follow the steps below to configure the AP using the Setup Wizard (see configure the system manually. Upon clicking Exit, the System Status screen will appear. for information on how to determine the unit’s IP address and manually configure a AP-4000 Series User Guide Using the Setup Wizard), or click Exit to...
Page 35: Using The Setup Wizard
The first time you connect to an AP’s HTTP interface, the Setup Wizard launches automatically. The Setup Wizard provides step-by-step instructions for how to configure the Access Point’s basic operating parameters, such as Network Name, IP parameters, system parameters, and management passwords. Figure 2-13 Setup Wizard AP-4000 Series User Guide Command Line...
Page 36 Select the Operational Mode as follows and click Save & Next: The Wireless-A interface operates only in 802.11a mode on the AP-4000/4000M and in either 802.11a mode or 4.9 GHz Public Safety mode on the AP-4900M. The Wireless-B interface can be configured to operate in the following modes: —...
Page 37: Installing The Software
Installing the Software Proxim periodically releases updated software for the AP on its Web site, Answer ID 1250). Proxim recommends that you check the Web site for the latest updates after you have installed and initialized the unit. Download the Software 1.
Page 38 3. Use the Browse button to locate or manually type in the name of the file (including the file extension) the file you downloaded from the Proxim Knowledgebase. If typing the file name, you must include the full path and the file extension in the file name text box.
Page 39 7. Select Download & Reboot from the File Operation drop-down menu. 8. Click OK. The Access Point will reboot automatically when the download is complete. HTTP. http://support.proxim.com (Knowledgebase Answer ID 1250). See AP-4000 Series User Guide Troubleshooting chapter or Download the...
Page 40: Related Topics
(Knowledgebase Answer ID 1250). See for more information. for information on configuration options that are available within the Access Point’s for information on the CLI interface and for a list of CLI commands. AP-4000 Series User Guide Download the...
Page 41: System Status
From this screen, you can also access the AP’s monitoring and configuration options by clicking on the buttons on the left of the screen. Logging In is the System Status screen. You can always return to this screen by clicking Alarms for a list of possible alarms. AP-4000 Series User Guide...
Page 42: Advanced Configuration
To configure the AP via HTTP/HTTPS: 1. Click the Configure button located on the left-hand side of the screen. and a Wireless Distribution System AP-4000 Series User Guide (WDS). Set up Automatic Configuration for Static Logging In Command Line Interface (CLI)
Page 43 Advanced Configuration AP-4000 Series User Guide Figure 4-1 Configure Main Screen 2. Click the tab that corresponds to the parameter you want to configure. For example, click Network to configure the Access Point’s TCP/IP settings. Each Configure tab is described in the remainder of this chapter.
Page 44: System
Access Points provide DDNS support by adding the host name (option 12) in DHCP Client messages, which is used by the DHCP server to dynamically update the DNS server. Dynamic DNS Support Access Point System Naming Convention AP-4000 Series User Guide...
Page 45 The name cannot start or end with a hyphen. • The name cannot start with a digit. • The number of characters has to be 63 or less. (Currently the system name length is limited to 32 bytes). AP-4000 Series User Guide...
Page 46: Network
You can configure and view the following parameters within the IP Configuration sub-tab: NOTE: You must reboot the Access Point in order for any changes to the Basic IP or DNS Client parameters to take effect. AP-4000 Series User Guide...
Page 47: Dhcp Server
• DNS Client Default Domain Name: The default domain name for the Access Point’s network (for example, “proxim.com”). Contact your network administrator if you need assistance setting this parameter. Advanced •...
Page 48 Maximum Lease Time (optional): The maximum time value for clients to retain the assigned IP address. DHCP automatically renews IP Addresses without client notification. This parameter supports a range between 0 and 86400 seconds. The default is 86400 seconds. – Comment (optional) AP-4000 Series User Guide...
Page 49: Dhcp Relay Agent
DHCP Relay. To add entries to the table of DHCP Relay Agents, click Add in the DHCP Server IP Address Table; to edit existing entries, click Edit. The following window is displayed. AP-4000 Series User Guide...
Page 50: Link Integrity
Target IP Address – Comment (optional) – Status: Set this field to Enable to specify that the Access Point should poll this device. You can also disable an entry by changing this field’s value to Disable. AP-4000 Series User Guide...
Page 51: Sntp (Simple Network Time Protocol)
Requests are sent every 10 seconds. If the AP fails to retrieve the information after three attempts, the AP will use the system uptime and update the relevant time objects. If this feature is disabled, the user can manually configure the date and time parameters. AP-4000 Series User Guide...
Page 52 Daylight Savings Time: Select the number of hours to adjust for daylight savings time. • Time and Date Information: When SNTP is disabled, the following time-relevant objects are manually configurable. When SNTP is enabled, these objects are grayed out: AP-4000 Series User Guide...
Page 53 Month: Enter the month in digits (1-12). – Day: Enter the day in digits (1-31). – Hour: Enter the hour in digits (0-23). – Minutes: Enter the minutes in digits (0-59). – Seconds: Enter the seconds in digits (0-59). AP-4000 Series User Guide...
Page 54: Interfaces
Figure 4-9 Operational Mode Screen (AP-4900M) The Wireless-A interface operates only in 802.11a mode on the AP-4000/4000M and in either 802.11a mode or 4.9 GHz Public Safety mode on the AP-4900M. The Wireless-B interface can be configured to operate in the following modes: •...
Page 55 802.11b and 802.11g devices. If you are using the AP-900 and 4.9 Public Safety mode, you must also select a channel bandwidth. This option is shown Figure 4-9; it is not available in the AP-4000/4000M. See bandwidth. Super Mode and Turbo Mode Super mode improves throughput between the access point and wireless clients that support this capability.
Page 56 1. Click Configure > Interfaces > Operational Mode. 2. Select Enable Transmit Power Control. 3. Select the transmit power level for wireless interface A or B from the Wireless-A or Wireless-B: Transmit Power Level drop-down menu. 4. Click OK. AP-4000 Series User Guide...
Page 57: Wireless-A (802.11A Radio) And Wireless-B (802.11B/G Radio)
Advanced Configuration AP-4000 Series User Guide Interfaces Wireless-A (802.11a Radio) and Wireless-B (802.11b/g Radio) Figure 4-10 Wireless Interface A...
Page 58 NOTE: You must reboot the Access Point before any changes to these parameters take effect. • Physical Interface Type: For Wireless Interface A on the AP-4000/4000M, this field reports “802.11a (OFDM 5 GHz)”. On the AP-4900M, this field reports “802.11a (OFDM 5 GHz)” when operating in 802.11a only mode or “Public Safety (OFDM 4.9 GHz)”...
Page 59 • 48: 5.240 GHz for more information. Wireless Service Status for more information. function. See Channel Blacklist Table Wireless Distribution System (WDS) AP-4000 Series User Guide Dynamic Frequency for configuration information. for configuration Affected Countries) and operating in the middle...
Page 60 When wireless service on a wireless interface is resumed, the AP will: – Greece – Iceland – Ireland – Italy – Latvia – Lithuania – Luxembourg – Malta – Netherlands AP-4000 Series User Guide – Norway – Poland – Portugal – Saudi Arabia – Spain – Sweden – Switzerland – UK...
Page 61 1. Click on Configure > Interfaces > Wireless A or Wireless B. 2. Scroll down to the Channel Blacklist heading. Figure 4-11 Channel Blacklist Table 3. Click Edit in the Channel Blacklist Table function. In the ETSI (Europe) and TELEC (Japan) regulatory domains, AP-4000 Series User Guide Dynamic...
Page 62 This link relays traffic from one AP that does not have Ethernet connectivity to a second AP that has Ethernet connectivity. WDS allows you to configure up to six (6) ports per radio, or up to 12 ports on the AP-4000/4000M/4900M.
Page 63 2. Write down the MAC Address of the radio that you wish to include in the Wireless Distribution System. 3. Click on Configure > Interfaces > Wireless A or Wireless B. 4. Scroll down to the Wireless Distribution System heading. Figure 4-14 WDS Configuration AP-4000 Series User Guide Spanning Tree section.
Page 64: Ethernet
Select the desired speed and transmission mode from the drop-down menu. Half-duplex means that only one side can transmit at a time and full-duplex allows both sides to transmit. When set to auto-duplex, the AP negotiates with its switch or hub to automatically select the highest throughput option supported by both sides. AP-4000 Series User Guide...
Page 65 Figure 4-16 Ethernet Sub-tab For best results, Proxim recommends that you configure the Ethernet setting to match the speed and transmission mode of the device the Access Point is connected to (such as a hub or switch). If in doubt, leave this setting at its default, auto-speed-auto-duplex.
Page 66: Mesh (Ap-4000M/Ap-4900M Only)
Mesh functionality can be enabled on only one of the AP’s wireless interfaces. When configured for Mesh, the AP’s wireless interface simultaneously functions as a mesh link and as a radio to service clients. Mesh is available only the AP-4000M and AP-4900M models. To convert an AP-4000 to an AP-4000M and enable Mesh capabilities, see Mesh Software Kit.
Page 67 For more information on Mesh, see Mesh Software Kit The Mesh Software Kit (purchased seperately) converts an AP-4000 unit into an AP-4000M unit that supports Mesh capabilities. To covert your AP using the Mesh Software Kit, follow the steps below: 1.
Page 68: Management
Confirm field. This password must be between 6 and 32 characters. The default password is “public”. NOTE: For security purposes Proxim recommends changing ALL PASSWORDS from the default “public” immediately, to restrict access to your network devices to authorized personnel. If you lose or forget your password settings, you...
Page 69: Ip Access Table
You can configure the following management services: Secure Management Secure Management allows the use of encrypted and authenticated communication protocols such as SNMPv3, Secure Socket Link (SSL), and Secure Shell (SSH) to manage the Access Point. AP-4000 Series User Guide...
Page 70 • SSL Certificate Passphrase: After enabling SSL, the only configurable parameter is the SSL passphrase. The default SSL passphrase is proxim. The AP supports SSLv3 with a 128-bit encryption certificate maintained by the AP for secure communications between the AP and the HTTP client. All communications are encrypted using the server and the client-side certificate.
Page 71 Advanced Configuration AP-4000 Series User Guide Management Figure 4-19 Management Services Configuration Screen...
Page 72 NOTE: SSH Host Key Status can not be changed if SSH status or Secure Management is enabled. 3. To enable/disable SSH, select Enable/Disable from the SSH (Secure Shell) Status drop-down menu. Version Website http://www.openssh.com http://www.chiark.greenend.org.uk http://www.emtec.com http://www.labf.com AP-4000 Series User Guide...
Page 73 8. Click Browse, select the SSH Private Key on your local machine. 9. Click Open. 10.To initiate the file transfer, click the Update AP button. The fingerprint of the new SSH public key will be displayed in the Management > Services page. AP-4000 Series User Guide Uploading Externally Generated Host Keys),...
Page 74 Serial Flow Control: Select either None (default) or Xon/Xoff (software controlled) data flow control. NOTE: To avoid potential problems when communicating with the AP through the serial port, Proxim recommends that you leave the Flow Control setting at None (the default value).
Page 75: Automatic Configuration (Autoconfig)
If a Syslog server was configured, the following messages can be observed on the Syslog server: • AutoConfig for Static IP • TFTP server address and configuration filename • AutoConfig Successful CLI Batch File section. AP-4000 Series User Guide...
Page 76 ("Boot Server Host Name", option 66) and Configuration file ("Bootfile name", option 67) as follows (note that this example uses a Windows 2000 server): 3. Select DHCP Server > DHCP Option > Scope. The DHCP Options: Scope Screen appears. AP-4000 Series User Guide...
Page 77: Hardware Configuration Reset (Chrd)
If a user loses or forgets the AP’s HTTP/Telnet/SNMP password, the reset button on the AP provides a way to reset the AP to default configuration values to gain access to the AP. However, in AP deployments where physical access to the AP-4000 Series User Guide...
Page 78 Configuring Hardware Configuration Reset Perform the following procedure to configure Hardware Configuration Reset and to set the Configuration Reset Password. See Figure 4-24. 1. Click Configure > Management > CHRD. Figure 4-24 Hardware Configuration Reset AP-4000 Series User Guide...
Page 79 “AP has been reset to Factory Default Settings.” The AP continues to boot up. If an incorrect configuration reset password is entered, the AP shows an error message and reprompts the user. If the incorrect password is entered three times in a row, the AP proceeds to boot up. AP-4000 Series User Guide...
Page 80: Filtering
Ethernet Protocol Filtering. Each static MAC entry contains the following fields: • Wired MAC Address • Wired Mask • Wireless MAC Address • Wireless Mask • Comment: This field is optional. AP-4000 Series User Guide http://www.iana.org/assignments/ethernet-numbers for a...
Page 81 Figure 4-25 Static MAC Configuration Screen Static MAC Filter Examples Consider a network that contains a wired server and three wireless clients. The MAC address for each unit is as follows: • Wired Server: 00:40:F4:1C:DB:6A • Wireless Client 1: 00:02:2D:51:94:E4 AP-4000 Series User Guide...
Page 82 Static MAC filter to preserve wireless bandwidth. For example, if routers on your network use a specific multicast address (such as 01:00:5E:00:32:4B) to exchange information, you can set up a filter to prevent these multicast packets from being forwarded to the wireless network: AP-4000 Series User Guide...
Page 83: Advanced
1. Place a check mark in the box labeled Enable TCP/UDP Port Filtering. 2. Click Add under the TCP/UDP Port Filter Table heading. 3. In the TCP/UDP Port Filter Table Protocol Name NETBIOS Name Ethernet Service enter the Protocol Names to filter. AP-4000 Series User Guide Interface Status (Enable/Disable) Enable...
Page 84 2. Make any changes to the Protocol Name or Port Number for a specific entry, if necessary. 3. In the row that defines the port, set the Status to Enable, Disable, or Delete, as appropriate. 4. Select OK for a list of assigned port numbers and their descriptions. AP-4000 Series User Guide...
Page 85: Alarms
Execution error is encountered while executing CLI Batch file • Bigger file size than 100 Kbytes The CLI Batch execution begins after file is uploaded The execution of CLI Batch file ends. AP-4000 Series User Guide Severity Level Major Major Major Major Major...
Page 86 RADIUS client in the device Module (hardware or software) not initialized Device rebooting Task suspended Response to the BootP request not received; device not dynamically assigned an IP address AP-4000 Series User Guide Severity Level Critical Major Major Informational Informational...
Page 87 Description No data present in flash memory Flash memory corrupted Current/original configuration data file is found to be corrupted, and the device loads the last known good configuration file AP-4000 Series User Guide Severity Level Major Major Major Informational Informational...
Page 88 Additional Trap Information Connection failure reason Target IP address of down link Ethernet MAC address of Mesh AP causing change; Mesh SSID Description Incompatible license file Invalid license file AP-4000 Series User Guide Severity Level Major Informational Informational Severity Level Major Major...
Page 89 AP has become the new root in the Spanning Tree network Trap is not sent if a newRoot trap is sent for the same transition System Status Alarm Host Table. AP-4000 Series User Guide Severity Level Informational Informational Severity Level Informational Informational...
Page 90: Syslog
Syslog Port Number: This field is read-only and displays the port number (514) assigned for system logging. for more information on the Syslog standard. Description System is unusable Action must be taken immediately Critical conditions Error conditions Warning conditions Normal but significant condition Informational Debug-level messages AP-4000 Series User Guide...
Page 91 Incorrect or non-reachable TFTP server address Incorrect or unavailable configuration filename TFTP transfer timeout. Major One of the following failures occurs: Invalid Signature Zero File Size Large File Non VxWork Image Incompatible Image Informational AP syslog keep alive message. AP-4000 Series User Guide Description...
Page 92 Start and Stop accounting messages for wireless clients. Informational CLI configuration file execution starts. Informational CLI configuration file execution ends. AP-4000 Series User Guide Description Client MAC Address Authentication Type = None, ACL, RADIUS MAC, 802.1X Cipher Type = None, WEP, TKIP, AES...
Page 93: Rogue Scan
Link integrity feature determines that link integrity target is down. Also included in message: Link Integrity target IP address. Informational Mesh AP changes its uplink mesh connection. Also included in message: uplink Mesh AP/portal MAC address and Mesh SSID. AP-4000 Series User Guide Description...
Page 94 (possible detections) in one scan. This is increased to improve scanning efficiency; the tradeoff is that it decreases AP-4000 Series User Guide...
Page 95 6. Configure the Scan Result Table Ageing Time. The AP ages out older entries in the Rogue Scan result table if a detected station is inactive for more than this time. The valid range is from 60-7200 minutes, the default is 60 minutes. AP-4000 Series User Guide...
Page 96 Report all detected stations since start of scan 9. Configure the second wireless interface, if required. 10.Click OK. The results of the Rogue Scan can be viewed in the Status page in the HTTP interface. Figure 4-28 Rogue Scan Screen AP-4000 Series User Guide...
Page 97: Bridge
For more information on Spanning Tree protocol, please see Section 8.0 of the IEEE 802.1d standard. The Spanning Tree configuration options are advanced settings. Proxim recommends that you leave these parameters at their default values unless you are familiar with the Spanning Tree protocol.
Page 98: Storm Threshold
AP will ignore all subsequent messages in that second received on that interface or from that network device. • Address Threshold: Enter the maximum allowed number of packets per second. • Ethernet Threshold: Enter the maximum allowed number of packets per second. AP-4000 Series User Guide...
Page 99: Intra Bss
3. Select a Packet Forwarding Interface Port from the drop-down menu. You can redirect traffic to: – Ethernet – A WDS connection (see – Any (traffic is redirected to a port based on the bridge learning process) 4. Click OK to save your changes. Wireless Distribution System (WDS) AP-4000 Series User Guide for details)
Page 100: Qos
For more information on QoS, see “Technical Bulletin 69504 Revision 2” at <http://keygen.proxim.com/support/orinoco/tb/tb69504_3wmm.pdf>. Enabling QoS and Adding QoS policies Perform the following procedure to enable QoS and add QoS policies: 1. Click Configure > QoS > Policy. Figure 4-30 QoS Policies AP-4000 Series User Guide...
Page 101 For layer 2 policies, an index from the 802.1p to 802.1d mapping table should be specified. For layer 3 policies, an index from the 802.1p to IP DSCP mapping table should be specified. No mapping index is required for SpectraLink. AP-4000 Series User Guide...
Page 102: Priority Mapping
(for layer 3 policies). The first entry in each table contains the recommended priority mappings. Custom entries can be added to each table with different priority mappings. 1. Click Configure > QoS > Priority Mapping. Figure 4-32 Priority Mapping 2. Click Add in the 802.1p and 802.1d priority mapping table. AP-4000 Series User Guide...
Page 103: Enhanced Distributed Channel Access (Edca)
NOTE: Default recommended values for EDCA parameters have been defined; Proxim recommends not modifying EDCA parameters unless strictly necessary. AP-4000 Series User Guide...
Page 104 Index: read-only. Indicates the index of the Access Category (1-4) being defined. • CWMin: minimum Contention Window. Configurable range is 0 to 255. • CWMax: maximum Contention Window. Configurable range is 0 to 65535. • AIFSN: Arbitration IFS per access category. Configurable range is 2 to 15. AP-4000 Series User Guide...
Page 105 On the Policy sub-tab, the user can also configure a medium maximum threshold for all Admission Controls. Admission will be granted if the new requested traffic stream and already admitted time is less than the medium maximum threshold. AP-4000 Series User Guide...
Page 106: Radius Profiles
The user can configure separate RADIUS servers for each VLAN: VLAN1 could support only WEP clients, whereas VLAN2 could support 802.1x and WEP clients. RADIUS Servers per Authentication Mode and per allows centralized user management. AP-4000 Series User Guide VLAN.
Page 107: Configuring Radius Profiles
A RADIUS server Profile consists of a Primary and a Secondary RADIUS server that get assigned to act as either MAC Authentication servers, 802.1x/EAP Authentication servers, or Accounting Servers in the VLAN Configuration. See Configuring Security Profiles. The RADIUS Profiles Sub-tab allows you to add new RADIUS profiles or modify or delete existing profiles. AP-4000 Series User Guide...
Page 108 NOTE: This page configures only the Primary RADIUS Server associated with the profile. After configuring these parameters, save them by clicking OK. Then, to configure the Secondary RADIUS Server, edit the profile from the main page. AP-4000 Series User Guide Figure 4-37):...
Page 109 Server Addressing Format: select IP Address or Name. If you want to identify RADIUS servers by name, you must configure the AP as a DNS Client. See • Server Name/IP Address: Enter the server’s name or IP address. DNS Client for details. AP-4000 Series User Guide...
Page 110: Mac Access Control Via Radius Authentication
A client is detected on a different interface. • Idle-Timeout or Session-Timeout attributes are configured in the Radius server. If the client roams from one AP to another, one session is terminated and a new session is begun. AP-4000 Series User Guide...
Page 111: Authentication And Accounting Attributes
RADIUS accounting messages, and contains the client MAC address appended with the unique session ID. • Acct-Session-Time – Acct-Session-Time is calculated the following way (for each transmitted/retransmitted Acct-Stop): Acct-Session-Time = time of last sent packet - subscriber login time. • Acct-Input-Octets AP-4000 Series User Guide...
Page 112 Number of octets (bytes) sent by subscriber. • Acct-Input-Packets – Number of packets received by subscriber. • Acct-Output-Packets – Number of packets sent by subscriber. • Acct-Terminate Cause – Indicates how the session was terminated. • Vendor Specific Attributes AP-4000 Series User Guide...
Page 113: Ssid/Vlan/Security
On the wired network, a RADIUS server authenticates traffic and a DHCP server manages IP addresses for the VLAN(s). Resources like servers and printers may be present, and a hub may include multiple APs, extending the network over a larger area. Rogue Scan sections from more information. AP-4000 Series User Guide...
Page 114 Packets from the GUEST workgroup could be restricted to a gateway that allowed access to only the Internet. A member of the GUEST workgroup could send and receive e-mail and access the Internet, but would be prevented from accessing servers or hosts on the local corporate network. AP-4000 Series User Guide...
Page 115: Management Vlan
VLAN before attempting to manage the AP. 1. Click Configure > SSID/VLAN/Security > Mgmt VLAN. 2. Set the VLAN Management ID to a value of between 1 and 4094. (A value of -1 disables VLAN Tagging). AP-4000 Series User Guide...
Page 116: Security Profile
EAP-Message Digest 5 (MD5): Username/Password-based authentication; does not support automatic key distribution • EAP-Transport Layer Security (TLS): Certificate-based authentication (a certificate is required on the server and each client); supports automatic key distribution [WPA2]): A new standard that provides improved encryption security over WEP. AP-4000 Series User Guide...
Page 117 Wi-Fi Protected Access (WPA) is a security standard designed by the Wi-Fi Alliance in conjunction with the Institute of Electrical and Electronics Engineers (IEEE). The AP supports 802.11i (WPA2), based on the IEEE 802.11i security standard. AP-4000 Series User Guide...
Page 118: Authentication Protocol Hierarchy
If you have both 802.1x and MAC authentication enabled, the 802.1x results will take effect. This is required in order to propagate the WEP keys to the clients in such cases. Once you disable 802.1x on the AP, you will see the effects of MAC authentication. AP-4000 Series User Guide 802.1x...
Page 119: Configuring Security Profiles
SSID/VLAN/Security VLANs and Security Profiles The AP-4000/4000M/4900M allows you to segment wireless networks into multiple sub-networks based on Network Name (SSID) and VLAN membership. A Network Name (SSID) identifies a wireless network. Clients associate with Access Points that share an SSID. During installation, the Setup Wizard prompts you to configure a Primary Network Name for each wireless interface.
Page 120 • 802.11i Station: • Authentication Mode: 802.1x Chart). AP-4000 Series User Guide Figure 4-42 on page 122. Figure 4-42 on page 122.
Page 121 6. If you selected a Security Mode of 802.1x Station, WPA Station, or 802.11i Station, you must configure a RADIUS 802.1x/EAP server. See the Security Profile 1 will be used by default for all wireless interfaces. 7. Reboot the AP. Configuring Radius Profiles section. AP-4000 Series User Guide...
Page 122 Advanced Configuration AP-4000 Series User Guide SSID/VLAN/Security Figure 4-42 Security Profile Table - Add Entries...
Page 123: Mac Access
Wireless-A or Wireless-B Each SSID can have its own Security Profile that defines its security mode, authentication mechanism, and encryption, so that customers can have multiple types of clients (non-WEP, WEP, 802.1x, WPA, WPA-PSK, 802.11i, 802.11i-PSK) on AP-4000 Series User Guide Authentication.
Page 124 4. Enable or disable MAC Access Control List status on the VLAN/SSID by selecting Enable or Disable from the MAC ACL Status drop-down menu. 5. Enter Rekeying Interval in seconds (between 60 and 65525). The default interval is 900 seconds. Security Profile section for more information. Each SSID can support a AP-4000 Series User Guide...
Page 125 VLAN workgroup. • The VLAN ID must match an ID used by your network; contact your network administrator if you need assistance defining the VLAN IDs. Figure 4-45. AP-4000 Series User Guide Security Profile section for more...
Page 126 3. Click Add to configure additional SSIDs, VLANs, and their associated security profiles and RADIUS server profiles, or click Edit to modify existing SSIDs. The Add Entries or Edit Entries screen appears. See Enabling QoS and Adding QoS policies Figure 4-47. AP-4000 Series User Guide section for more information.
Page 127 VLAN IDs. 6. Enable or disable the SSID Authorization status from the drop-down menu. SSID Authorization is the RADIUS-based authorization of the SSID for a particular client. The authorized SSIDs are sent as the tunnel attributes. AP-4000 Series User Guide...
Page 128: Broadcast Ssid And Closed System
SSID has been specified in the probe request. This option is disabled by default. For more information, on Broadcast SSID and Closed System, see Knoweldgebase Answer ID 1698 at http://support.proxim.com. Enabling QoS and Adding QoS policies AP-4000 Series User Guide section for more information.
Page 129: Monitoring
AP has discovered on the network. 3. If necessary, click the Refresh Each Monitor tab is described in the remainder of this chapter. Command Line Interface (CLI) button to update the statistics. AP-4000 Series User Guide Logging In for more information...
Page 130: Version
• Version: Specifies the component’s version or build number. The Software Image version is the most useful information on this screen for the typical end user. Figure 5-2 Version Monitoring Tab AP-4000 Series User Guide...
Page 131: Icmp
ICMP (Internet Control Message Protocol) statistics. Figure 5-3 ICMP Monitoring Tab IP/ARP Table This tab provides information based on the Address Resolution Protocol (ARP), which relates MAC Address and IP Addresses. Figure 5-4 IP/ARP Table Monitoring Tab AP-4000 Series User Guide...
Page 132: Learn Table
There can be up 10,000 entries in the Learn Table. Figure 5-5 Learn Table Monitoring Tab IAPP This tab displays statistics relating to client handovers and communications between ORiNOCO Access Points. Figure 5-6 IAPP Monitoring Tab AP-4000 Series User Guide...
Page 133: Radius
Backup RADIUS servers for each RADIUS Server Profile. NOTE: Separate RADIUS servers can be configured for each RADIUS Server Profile. Select the RADIUS Server Profile to view statistics on from the Select Server Profile drop-down menu. Figure 5-7 RADIUS Monitoring Tab AP-4000 Series User Guide...
Page 134: Monitoring Interfaces
• Description (Ethernet/Wireless-Slot A/B): Information about the interface (e.g., the name of the manufacturer, the product name and the version of the hardware interface). • Duplicate Frame Count (Wireless-Slot A/B): The number of duplicate frames received. AP-4000 Series User Guide...
Page 135 Multiple Retry Count (Wireless-Slot A/B): The number of packets successfully transmitted after more than one retransmission. • Operational Status (Ethernet/Wireless-Slot A/B): The current state of the interface: Up (ready to pass packets), Down (not ready to pass packets, or Testing (testing and unable to pass packets). AP-4000 Series User Guide...
Page 136 • Unknown Protocols (Ethernet/Wireless-Slot A/B): The number of packets received that were discarded because of an unknown or unsupported protocol. • WEP Undecryptable Count (Wireless-Slot A/B): The number of undecryptable WEP frames received. AP-4000 Series User Guide...
Page 137: Station Statistics
• Time since Last Packet Received: The time elapsed since the last frame from the associated wireless station (or WDS link partner) was received. • Number of Clients: The number of stations and WDS links monitored. AP-4000 Series User Guide...
Page 138: Mesh Statistics
Topology displays a tree structure representing the Mesh network. Selecting Neighbor Table (shown below) displays the MAC address, channel, path cost, number of hops, RSSI, type, and status of all Mesh APs within range of the AP. Figure 5-10 Mesh Statistics Monitoring Tab (Neighbor Table) AP-4000 Series User Guide...
Page 139: Commands
Downloading files (Configuration, AP Image, Bootloader, License, Private Key, Certificate, CLI Batch File) to the AP using one of these two methods is called “Updating the AP.” HTTP: Describes the available file transfer methods. Command Line Interface (CLI) AP-4000 Series User Guide Related Topics for more...
Page 140: Tftp File Transfer Guidelines
These checks are to ensure that the AP does not enter an invalid image state. The storage of the two images is only temporary to ensure the proper verification; the two images will not be stored in the AP permanently. Image error checking functions automatically in the background. No user configuration is required. AP-4000 Series User Guide...
Page 141: Update Ap
Image: AP Image (executable program). – Upgrade BspBl: Bootloader software. – License File: the license key to allow conversion of an AP-4000 unit to an AP-4000M unit. – SSL Certificate: the digital certificate for authentication in SSL communications. – SSL Private Key: the private key for encryption in SSL communications.
Page 142: Update Ap Via Http
– License File: the license key to allow conversion of an AP-4000 unit to an AP-4000M unit. 2. Use the Browse button or manually type in the name of the file to be downloaded (including the file extension) in the File Name field.
Page 143: Retrieve File
TFTP server from the CD Wizard or run OEM-TFTP-Server.exe found in the CD’s Xtras/SolarWinds sub-directory. The Retrieve AP via TFTP tab shows version information and allows you to enter TFTP information as described below. • Server IP Address: Enter the TFTP server IP Address. AP-4000 Series User Guide...
Page 144: Retrieve File Via Http
(Config, CLI Batch File, or CLI Batch Log) from the File Type drop-down menu. For more information on CLI Batch Files and CLI Batch Logs see CLI Batch File. CLI Batch AP-4000 Series User Guide File.
Page 145 A confirmation message is displayed, asking if the user wants to proceed with retrieving the file. Figure 6-9 Retrieve File Confirmation Dialog Click OK to continue with the operation or Cancel to abort the operation. On clicking OK, the File Download window appears. Figure 6-10 File Download Dialog Box AP-4000 Series User Guide...
Page 146: Reboot
Figure 6-12 Reset to Factory Defaults Command Screen NOTE: The AP may also be reset from the RESET button located on the side of the unit. However, this action will not reset the unit to factory default settings. Recovery Procedures for more information. AP-4000 Series User Guide...
Page 147: Help Link
NOTE: Use the forward slash character ("/") rather than the backslash character ("\") when configuring the Help Link location. NOTE: Add the AP’s management IP address into the Internet Explorer list of Trusted Sites. Figure 6-13 Help Link Configuration Screen AP-4000 Series User Guide...
Page 148: Troubleshooting
2. Make sure all cables are connected to the AP correctly. 3. If you are using Active Ethernet, make sure you are using a Category 5, foiled, twisted pair cable to power the AP. AP-4000 Series User Guide Command Line Interface (CLI)
Page 149: Troubleshooting Symptoms And Solutions
Once the IP Address is set, you can use the Ethernet Interface to complete configuration. Set Ethernet Speed and Transmission in this guide. This procedure resets system and network parameters, AP-4000 Series User Guide Mode). Initializing the IP Address...
Page 150: Client Connection Problems
Make sure you have configured your client software with the proper Network Name and Security settings. Network Names and WEP Keys are typically allocated and maintained by your network administrator. in this guide. This will reset the unit to “DHCP” mode. If there is a AP-4000 Series User Guide...
Page 151: Vlan Operation Issues
802.1Q compliant VLAN headers or tags. The VLAN ID in the headers should correspond to one of the VLAN User IDs configured for the AP. NOTE: The AP-4000/4000M/4900M supports 16 VLAN/SSID pairs per wireless interface, each with a configured security profile.
Page 152: Recovery Procedures
AP Image prevents successful booting, you may need to use ScanTool or the Bootloader CLI to download a new executable AP Image. Forced Reload Procedure to erase the current AP Image and for CLI information. AP-4000 Series User Guide Reset to Factory Default...
Page 153 9. Enter the Image File Name (including the file extension). Enter the full directory path and file name. If the file is located in the default TFTP directory, you need enter only the file name. 10.Click OK. http://support.proxim.com (Knowledgebase Answer ID 1250). AP-4000 Series User Guide...
Page 154 [Device name]> set tftpipaddr <TFTP Server IP Address> [Device name]> set tftpfilename <AP Image File Name, including file extension> [Device name]> set ipgw <Gateway IP Address> [Device name]> show (to confirm your new settings) http://support.proxim.com (Knowledgebase Answer ID 1250). AP-4000 Series User Guide Installation and Initialization Advanced...
Page 155: Setting Ip Address Using Serial Port
2. Under File > Properties > Settings > ASCII Setup, enable the Send line ends with line feeds option. HyperTerminal sends a line return at the end of each line of code. 3. Press the RESET button on the AP. AP-4000 Series User Guide Installation and Initialization Advanced...
Page 156: Related Applications
Make sure you have the proper RADIUS authentication server information setup configured in the AP. Check the RADIUS Authentication Server’s Shared Secret and Destination Port number (default is 1812; for RADIUS Accounting, the default is 1813). • Make sure the RADIUS authentication server RAS setup matches the AP. AP-4000 Series User Guide...
Page 157: Tftp Server
Make sure you have the proper TFTP server IP Address, the proper AP Image file name, and that the TFTP server is connected. • Make sure the TFTP server is configured to both send and receive, with no time-out. AP-4000 Series User Guide...
Page 158: A Command Line Interface (Cli)
Configuration Files - Database files containing the current Access Point configuration. Configuration items include the IP Address and other network-specific values. Config files may be downloaded to the Access Point or uploaded for backup or troubleshooting. AP-4000 Series User Guide...
Page 159: Navigation And Special Keys
An incorrect password has been entered in the CLI login prompt. The download operation has failed due to incorrect TFTP server IP Address or file name. The upload operation has failed due to incorrect TFTP server IP Address or file name. AP-4000 Series User Guide Description...
Page 160: Command Line Interface (Cli) Variations
The following lists display the results of using the help command in the Bootloader CLI: Figure A-1 Results of “help” bootloader CLI command The following lists display the results of using the show command in the Bootloader CLI: AP-4000 Series User Guide...
Page 161: Cli Command Types
Display parameters for set and show Commands (Examples 3a and 3b) Prompt to enter successive parameters for Commands (Example 4) Example 1. Display Command list To display the Command List, enter ?. AP-4000 Series User Guide Basic Example [Device-Name]>? [Device-Name]>s? [Device-Name]>set ? [Device-Name]>show ipa?
Page 162 Example 3b shows how to display a subset of the parameters based on initial parameter letters. Example 3a. Display every parameter that can be changed [Device-Name]>set ? Figure A-5 Result of “set ?” CLI command AP-4000 Series User Guide...
Page 163 (“*”) will make use of the previously set TFTP parameters. Executing download without parameters will display command help and usage information. 1. Syntax to download a file: [Device-Name]>download <tftp server address> <path and filename> <file type> AP-4000 Series User Guide...
Page 164 (Ctrl-N) keys to recall previous statements from the Command History Buffer. When the desired statement reappears, press the Enter key to execute, or you may edit the statement before executing it. [Device-Name]> history passwd Changes the CLI Password. [Device-Name]> passwd oldpassword newpassword newpassword AP-4000 Series User Guide...
Page 165: Parameter Control Commands
Groups contain Parameters and Tables. Tables contain parameters for a series of similar entities. To see a definition and syntax example, type only show and then press the Enter key. To see a list of available parameters, enter a question mark (?) after show (example: show ?). AP-4000 Series User Guide...
Page 166 In general, you will use the CLI show Command to view current parameter values and use the CLI set Command to change parameter values. As shown in the following examples, parameters may be set individually or all parameters for a given table can be set with a single statement. AP-4000 Series User Guide...
Page 167 [Device-Name]>set mgmtipaccesstbl 2 status enable [Device-Name]>set mgmtipaccesstbl 2 status disable [Device-Name]>set mgmtipaccesstbl 2 status delete [Device-Name]>set mgmtipaccesstbl 2 status 2 NOTE: You may need to enable a disabled table entry before you can change the entry’s elements. AP-4000 Series User Guide...
Page 168 Displays the Access Point IP address. Figure A-11 Result of “show ipaddr” CLI Command 2. View all parameters in a table. Syntax: [Device-Name]> show <table name> Example:[Device-Name]> show mgmtipaccesstbl The CLI displays the IP Access Table and its entries. AP-4000 Series User Guide...
Page 169: Using Tables And Strings
“Daniel’s Desk in the office” ‘Daniel”s Desk in the office’ Double Quotes Single Quotes Single Quotes within Double Quotes Double Quotes within Single Quotes One Single Quote within Double Quotes One Double Quote within Single Quotes AP-4000 Series User Guide...
Page 170: Configuring The Ap Using Cli Commands
2. Under File > Properties > Settings > ASCII Setup, enable the Send line ends with line feeds option. HyperTerminal sends a line return at the end of each line of code. 3. Enter the CLI password (default is public). NOTE: Proxim recommends changing your default passwords immediately. To perform this operation using CLI commands, see Change Log into the AP using Telnet The CLI commands can be used to access, configure, and manage the AP using Telnet.
Page 171 [Device-Name]>set snmpv3privpasswd <New Password> (SNMPv3 privacy password) [Device-Name]>reboot 0 CAUTION: Proxim strongly urges you to change the default passwords to restrict access to your network devices to authorized personnel. If you lose or forget your password settings, you can always perform the Factory Default Procedure.
Page 172 Hungary Iceland India Indonesia Ireland 5.8 GHz Israel Italy Jamaica Japan Japan2 Jordan Kazakhstan North Korea Korea Republic AP-4000 Series User Guide Country Panama Papua New Guinea Peru Philippines Poland Portugal Puerto Rico Qatar Romania Russia Samoa Saudi Arabia Singapore...
Page 173 Luxembourg Macau Macedonia Malaysia Malta Mexico Monaco Morocco Netherlands New Zealand Nicaragua Norway Oman Pakistan AP-4000 Series User Guide Country South Korea Spain Sweden Switzerland Syria Taiwan Thailand Turkey Ukraine United Arab Emirates United Kingdom United Kingdom 5.8ghz United States...
Page 174 Enter the filename of the configuration file that is used if the AP is configured for Static IP. [Device-Name]>set autoconfigTFTPaddr <IP address> Enter the TFTP server address that is used if the AP is configured for Static IP. AP-4000 Series User Guide...
Page 175: Other Network Settings
[Device-Name]>set dnsprisvripaddr <IP address of primary DNS server> [Device-Name]>set dnssecsvripaddr <IP address of secondary DNS server> [Device-Name]>set dnsdomainname <default domain name> [Device-Name]>show dns Figure A-14 Results of “show dns” CLI command Configure DHCP Relay Servers for more information on these settings. AP-4000 Series User Guide...
Page 176 [Device-Name]>reboot 0 Change your Wireless Interface Settings Interfaces for information on the parameters listed below. The AP-4000/4000M/4900M uses index 3 for Wireless Interface A (802.11a radio) and index 4 for Wireless Interface B (802.11b/g radio). Operational Mode [Device-Name]>set wif <index> mode <see table>...
Page 177 4.9 Public Safety is configured, the administrator may manually select which antenna to use. [Device-Name]>set wif 3 atdiversity <3, 4, 5(auto)> (see below) [Device-Name]>set wif 4 atdiversity <1, 2, 5(auto)> (see below) [Device-Name]>reboot AP-4000 Series User Guide > (Mbits/sec) > (Mbits/sec)
Page 178 Set Interface Management Services Edit Management IP Access Table [Device-Name]>set mgmtipaccesstbl <index> ipaddr <IP address> ipmask <subnet mask> Configure Management Ports [Device-Name]>set snmpifbitmask <(see below)> [Device-Name]>set httpifbitmask <(see below)> Value 10halfduplex 10fullduplex 10autoduplex 100halfduplex 100fullduplex autohalfduplex autoautoduplex (default) AP-4000 Series User Guide...
Page 179 NOTE: To avoid unexpected performance issues, leave Flow Control at the default setting (none) unless you are sure what this setting should be. Description Ethernet only enabled Wireless A only enabled Wireless B only enabled All management channels enabled ******** file:///C:/Program Files/ORiNOCO/AP4xxx/HTML/index.htm disable enable ******** AP-4000 Series User Guide...
Page 180 Disable or Delete an Entry in the MAC Access Control Table [Device-Name]>set macacltbl <index> status <disable/delete> [Device-Name]>show macacltbl NOTE: For larger networks that include multiple Access Points, you may prefer to maintain this list on a centralized location using the RADIUS parameters (see Set RADIUS Parameters). AP-4000 Series User Guide...
Page 181 Response Time : Primary : MAC Authentication : notReady : ipaddr : 0.0.0.0 : 1812 : -1 : dashdelimited : Backup : MAC Authentication : notReady : ipaddr : 0.0.0.0 : 1812 : -1 : dashdelimited AP-4000 Series User Guide...
Page 182 AP to factory default configuration if the AP becomes inaccessible and the hardware configuration reset functionality is disable. : Backup : Management Access : notReady : ipaddr : 0.0.0.0 : 1812 : -1 : dashdelimited AP-4000 Series User Guide...
Page 183 [Device-Name]>set secprofiletbl 5 secmode wpa rekeyint 900 status enable Configure a Security Profile with WPA-PSK Security Mode [Device-Name]>set secprofiletbl <index> secmode wpa-psk passphrase <value> status enable Example: [Device-Name]>set secprofiletbl 6 secmode wpa-psk passphrase 12345678 status enable AP-4000 Series User Guide...
Page 184: Cli Monitoring Parameters
SNTP Parameters - Configure Monitoring section). - Hardware, firmware, and software version information - Configure the Access Point’s IP settings - Configure the Access Point as a DNS client - Enable or disable dynamic host configuration AP-4000 Series User Guide...
Page 185 - Redirect traffic from wireless clients to a specified MAC address - Configure RADIUS Servers and assign them to VLANs. - Control wireless access based on MAC address - Enable and configure Rogue Scan to detect Rogue APs and clients. AP-4000 Series User Guide...
Page 186 Multimedia Enhancement/Quality of Service parameters, QoS policies, mapping priorities, and EDCA parameters. Apply a configured QoS policy to a particular SSID. - Disable or enable hardware configuration reset and configure a configuration AP-4000 Series User Guide - Enable and configure Wireless...
Page 187: System Parameters
- hours mm - minutes ss - seconds DisplayString Retrieved from flash ID Resets all parameters to default factory values Type Value Subgroup Subgroup Subgroup AP-4000 Series User Guide Access CLI Parameter system sysname sysloc sysctname sysctemail sysctphone sysflashbckint sysflashupdate sysoid...
Page 188: Network Parameters
Integer enable (1) (default) disable (2) delete (3) IpAddress User Defined User Defined IpAddress User Defined Integer32 AP-4000 Series User Guide Access CLI Parameter network ip (Note: The network and ip parameters display the same information) ipaddr ipmask ipgw ipttl...
Page 189 Value Table Integer32 1 - 10 IpAddress User Defined DisplayString User Defined Integer enable (1) disable (2) delete (3) create (4) AP-4000 Series User Guide Access CLI Parameter dhcpippooltbl index startipaddr endipaddr width defleasetm maxleasetm status Access CLI Parameter dhcprelay...
Page 190 5 (default) Type Integer 1 - 5 IpAddress User Defined DisplayString User Defined (up to 254 characters) Integer enable disable (default) delete AP-4000 Series User Guide Access CLI Parameter sntp sntpstatus sntpprisvr sntpsecsvr sntptimezone sntpdaylightsaving sntpyear sntpmonth sntpday sntphour sntpmins...
Page 191: Interface Parameters
3 (Antenna 3), 4 (Antenna 4), 5 (Auto; both antennas on radio) (See Configure Antenna Diversity) Integer 200 (default) - 15000 Transmit Defer Threshold Value AP-4000 Series User Guide Access CLI Parameter index netname autochannel dtimperiod medres macaddr closedsys wssstatus...
Page 192 12 Mbits/sec 18 Mbits/sec 24 Mbits/sec 36 Mbits/sec 48 Mbits/sec 54 Mbits/sec Integer ofdm (orthogonal frequency division multiplexing) for 802.11a Integer enable disable (default) Integer enable disable (default) AP-4000 Series User Guide Access CLI Parameter channel suppdatarates txrate phytype supermode turbo...
Page 193 Integer dot11b-only dot11g-only dot11bg (default) Integer 1 - 14; available channels vary by regulatory domain/country; see Available Channels Octet String Transmit below AP-4000 Series User Guide Access CLI Parameter channel multrate closedsys macaddr suppdatarates txrate phytype regdomain Access CLI Parameter...
Page 194 6 Mbits/sec 9 Mbits/sec 12 Mbits/sec 18 Mbits/sec 24 Mbits/sec 36 Mbits/sec 48 Mbits/sec 54 Mbits/sec Integer ERP (Extended Rate Protocol) Integer enable disable (default) Integer enable disable (default) AP-4000 Series User Guide Access CLI Parameter txrate phytype supermode turbo...
Page 195 VlanId -1 - 4094 or untagged Integer32 0 (disabled) 300 - 65535 RowStatus enable disable delete Integer enable disable AP-4000 Series User Guide Access CLI Parameter wdstbl ifindex channel radardetected elapsetime status Access CLI Parameter wdstbl portindex status partnermacaddr Profiles.
Page 196 WEPKeyType Type Value Group Integer 1 (10halfduplex) 2 (10fullduplex) 3 (10autoduplex) 4 (100halfduplex) 5 (100fullduplex) 6 (autohalfduplex) 7 (autoautoduplex) (default) PhyAddress AP-4000 Series User Guide acctstatus aclstatus secprofile radmacprofile radeapprofile radacctprofile qospolicy Access CLI Parameter wdssectbl index secmode encryptkey0 Access...
Page 197: Management Parameters
User Defined public (default) 6 - 32 characters DisplayString User Defined public (default) 6 - 32 characters DisplayString User Defined public (default) 6 - 32 characters AP-4000 Series User Guide Access CLI Parameter mesh meshmode meshwif meshssid meshsecurity meshssecret meshmaxlinks meshrssismoothing...
Page 198 Command Line Interface (CLI) Parameter Tables SNMPv3 Privacy Password DisplayString User Defined public (default) 6 - 32 characters AP-4000 Series User Guide snmpv3privpasswd...
Page 199 13 or 15 = All interfaces (default is 15) Integer User Defined 23 (default) Integer 30 - 300 seconds 60 sec (default) Integer 60 - 36000 seconds 900 sec (default) AP-4000 Series User Guide Access CLI Parameter http httpifbitmask httppasswd httpport httphelplink sslstatus sslpassphrase Access...
Page 200 Type Value Integer enable disable DisplayString AP Generated Integer create delete Version http://www.openssh.com http://www.chiark.greenend.org.uk http://www.emtec.com http://www.labf.com AP-4000 Series User Guide Access CLI Parameter serial serbaudrate serdatabits serparity serstopbits serflowctrl Access CLI Parameter radlocaluserstatus radlocaluserpasswd httpradiusmgmtaccess telradiusmgmtaccess Access CLI Parameter...
Page 201 Value Table Integer User Defined IpAddress User Defined IpAddress User Defined DisplayString User Defined Integer enable (default) disable delete AP-4000 Series User Guide Access CLI Parameter autoconfig autoconfigstatus autoconfigfilename autoconfigTFTPaddr Access CLI Parameter tftp tftpipaddr tftpfilename tftpfiletype Access CLI Parameter...
Page 202: Filtering Parameters
PhysAddress User Defined PhysAddress User Defined PhysAddress User Defined PhysAddress User Defined DisplayString max 255 characters Integer enable (default) disable delete AP-4000 Series User Guide Access CLI Parameter etherflt etherfltifbitmask etherfltoptype Access CLI Parameter etherflttbl index protonumber protoname status Access...
Page 203 (default) disable Type Value Table User Defined (there are also 4 pre-defined indices, see Port Number more information) Octet String tcp/udp AP-4000 Series User Guide Access CLI Parameter parp parpstatus Access CLI Parameter iparp iparpfltstatus iparpfltipaddr iparpfltsubmask Access CLI Parameter...
Page 204: Alarms Parameters
IpAddress User Defined DisplayString User Defined (up to 64 characters) DisplayString User Defined (up to 254 characters) Integer enable (default) disable delete AP-4000 Series User Guide Access CLI Parameter portnum protoname above) ifbitmask status Access CLI Parameter snmptraphosttbl index ipaddr...
Page 205 900 sec. (default) Type Value Table Integer 1 - 10 IpAddress User Defined DisplayString User Defined Integer enable disable delete AP-4000 Series User Guide Access CLI Parameter syslog syslogstatus syslogport syslogpritolog sysloghbstatus sysloghbinterval Access CLI Parameter sysloghosttbl index ipaddr status...
Page 206: Bridge Parameters
Integer enable disable Type Value Group Integer 0 - 255 packets/sec (default is 0) Integer 0 - 255 packets/sec (default is 0) AP-4000 Series User Guide Access CLI Parameter stpstatus stppriority stpmaxage stphellotime stpfwddelay Access CLI Parameter stpbl index priority...
Page 207 (default) Integer 0 (any) (default) 1 (Ethernet) 2 (WDS 1) 3 (WDS 2) 4 (WDS 3) 5 (WDS 4) 6 (WDS 5) 7 (WDS 6) AP-4000 Series User Guide Access CLI Parameter stmthrestbl index bcast mcast Access CLI Parameter intrabss...
Page 208: Radius Parameters
Integer32 1 - 60 minutes Integer32 900 - 43200 seconds Integer32 10 - 3600 minutes vlanID -1 (untagged) 1 - 4094 AP-4000 Series User Guide Access CLI Parameter radius radcliinvsvradd DNS Client for RADIUS Name Access CLI Parameter radiustbl index...
Page 209: Security Parameters
Bkscan (1) Contscan (2) 1 - 1440 Integer 3 or 4 Integer enable disable Type Value Group Integer32 3 - 60 seconds AP-4000 Series User Guide Access CLI Parameter macacl aclstatus macacloptype Access CLI Parameter macacltbl index macaddr status Access...
Page 210 User defined Integer User defined Integer User defined 0 - 3 Integer 64, 128, or 152 Integer Integer Integer 8 - 64 characters AP-4000 Series User Guide Access CLI Parameter hwconfigresetstatus configresetpasswd Access CLI Parameter secprofiletbl index secmode authmode ciphersuite...
Page 211: Vlan/Ssid Parameters
2 seconds Integer 410 ms 512 ms (default) 614 ms 717 ms 819 ms Integer 1 - 4 (default 4) Integer enable (default) disable AP-4000 Series User Guide Access CLI Parameter vlan vlanstatus vlanmgmtid Access CLI Parameter iapp iappstatus iappannint iappannresp...
Page 212 Type Value Table Integer 0 - 7 Integer 0 - 7 Integer 0 - 7 Row Status enable disable delete AP-4000 Series User Guide Access CLI Parameter qosstatus qosmaximummediumthresh Access CLI Parameter qospolicytbl index secindex policyname type mapindex markstatus...
Page 213 0 - 255 Integer 0 - 65535 Integer 2 - 15 Integer 0 - 65535 Integer 0 - 500 Truth Value true false AP-4000 Series User Guide Access CLI Parameter qosdscpto1dtbl index 1dpriority dscplower dscpupper status Access CLI Parameter qosedcatbl...
Page 214: Cli Batch File
Sample CLI Batch File The following is a sample CLI Batch File: set sysname system1 set sysloc sunnyvale set sysctname contact1 set sysctphone 1234567890 set sysctemail email@domain.com Type Value Integer See Note* AP-4000 Series User Guide Access CLI Parameter qospolicy...
Page 215: Reboot Behavior
The AP logs all the errors during execution and stores them in the Flash memory in a CLI Batch File Error Log named “CBFERR.LOG”. The CLI Batch File Error Log can be downloaded though TFTP, HTTP, or CLI file transfer to a specified host. AP-4000 Series User Guide...
Page 216: Ascii Character Chart
The table below lists the ASCII characters that you can use to configure WEP Encryption Keys. It also lists the Hexadecimal equivalent for each ASCII character. ASCII ASCII Charact Equival Charact " < & > ASCII Equival Charact Equival Charact AP-4000 Series User Guide ASCII Equival...
Page 217: C Specifications
Specifications • Software Features • Hardware Specifications • Available Channels Software Features The tables below list the software features available on the AP-4000 Series. • Number of Stations per BSS • Management Functions • Advanced Bridging Functions • Medium Access Control (MAC) Functions •...
Page 218: Advanced Bridging Functions
Key lengths supported by 802.11b/g: 64-bit, 128-bit, and 152-bit. † EAP-MD5, EAP-TLS, EAP-TTLS, and PEAP client supplicant supported. Feature Feature Feature † ‡ § AP-4000 Series User Guide Supported by AP-4000 Series Supported by AP-4000 Series Dynamic Frequency Selection/Radar Detection Supported by AP-4000 Series...
Page 219: Network Functions
Support, RADIUS Start/Stop Accounting. † DHCP client requests and IP lease renewals are sent on the Ethernet interface only, not on Mesh links. ‡ Available on AP-4000M and AP-4900M only. Feature AP-4000 Series User Guide Supported by AP-4000 Series †...
Page 220: Hardware Specifications
Serial Port Interface Standard RS-232C interface with DB-9, female connector Active Ethernet Interface Category 5, foiled, twisted pair cables must be used to ensure compliance with FCC Part 15, subpart B, Class B requirements Standard 802.3af pin assignments AP-4000 Series User Guide...
Page 221: Available Channels
NOTE: Country restrictions may apply. Please see AP-4000/4000M Channels Radio Frequency Channel Band 802.11b/g — 802.11a Lower Middle Upper ISM Band * Default channel for radio. † Available for use only in 802.11b mode. Regulatory Compliance. AP-4000 Series User Guide Product SKU † †...
Page 222: Ap-4900M Channels
AP-4900M Channels (4.9 GHz Public Safety Mode) When operating in 4.9 GHz mode, channel availability depends on the selected frequency band. Channel Frequency Band 10 MHz Mode). Available for use in 802.11a, 802.11b, or 802.11b/g modes 20 MHz AP-4000 Series User Guide AP-4900M...
Page 223 Specifications Available Channels Channel Frequency Band 10 MHz 20 MHz AP-4000 Series User Guide...
Page 224: D Technical Support
• List of ORiNOCO software versions installed – Check the HTTP interface’s – Include the source of the software version (e.g., pre-loaded on unit, installed from CD, downloaded from Proxim Web site, etc.) • Information about your network – Network operating system (e.g., Microsoft Networking); include version information –...
Page 225: Telephone Support
NOTE: The Knowledgebase is available to all website visitors. First-time users will be asked to create an account to gain access. Telephone Support Contact technical support by phone 24 hours a day, seven days a week. • Domestic: +1-866-674-6626 • International: 408-542-5390 AP-4000 Series User Guide Our technical support staff will reply to you by...
Page 226: E Statement Of Warranty
The express warranties set forth in this Agreement will not apply to defects in a Product caused; (i) through no fault of Proxim during shipment to or from Buyer, (ii) by the use of software other than that provided with or installed in the...
Page 227: Other Information
Calls to the Customer Service Center for reasons other than Product failure will not be accepted unless Buyer has purchased a Proxim Service Contract or the call is made within the first thirty (30) days of the Product’s invoice date.
Page 228: Regulatory Compliance
NOTE: Please read this section before installing and using your product, and save these instructions. Visit http://support.proxim.com This section contains important regulatory compliance information and details for the following products: Product ORiNOCO Tri-Mode Access Point AP-4000 ORiNOCO Tri-Mode Access Point AP-4000M ORiNOCO Tri-Mode Access Point AP-4900M for the latest regulatory compliance information. Model Numbers...
Page 229 Regulatory Compliance Please see the following sections for more information: • Safety Information (USA, Canada, & European Union) • Federal Communications Commission (FCC) (AP-4000/4000M) • Industry Canada (IC) (AP-4000/4000M only) • European Union (AP-4000/4000M only) • Regulatory Compliance Certifications Summary (AP-4000/4000M) •...
Page 230: Safety Information (Usa, Canada, & European Union)
Installation of this product must conform to local regulations and codes. • When using this product with an external antenna, see the installation documentation provided with the antenna system. • No user serviceable parts; all repairs and service must be handled by a qualified service center. AP-4000 Series User Guide...
Page 231: Federal Communications Commission (Fcc) (Ap-4000/4000M)
Regulatory Compliance AP-4000 Series User Guide Federal Communications Commission (FCC) (AP-4000/4000M) Federal Communications Commission (FCC) (AP-4000/4000M)
Page 232: Warnings
Regulatory Compliance Federal Communications Commission (FCC) (AP-4000/4000M) Warnings This equipment generates, uses, and can radiate radio frequency energy; and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation.
Page 233: Industry Canada (Ic) (Ap-4000/4000M Only)
Regulatory Compliance AP-4000 Series User Guide Industry Canada (IC) (AP-4000/4000M only) Industry Canada (IC) (AP-4000/4000M only)
Page 234: European Union (Ap-4000/4000M Only)
Regulatory Compliance European Union (AP-4000/4000M only) European Union (AP-4000/4000M only) NOTE: European Union includes the following countries: Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom; DoC also applies to Iceland, Liechtenstein, Norway, and Switzerland.
Page 235: Regulatory Compliance Certifications Summary (Ap-4000/4000M)
Regulatory Compliance Regulatory Compliance Certifications Summary (AP-4000/4000M) Regulatory Compliance Certifications Summary (AP-4000/4000M) Country Australia & New Zealand Brazil Canada China European Union* India Japan Mexico Saudi Arabia Singapore South Korea Taiwan United Arab Emirates European Union includes the following countries: Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom;...

This manual is also suitable for:

Orinoco ap-4000m

Proxim AP-4000 User Manual

1 Introduction

2 Installation and Initialization

3 System Status

4 Advanced Configuration

5 Monitoring

6 Commands

7 Troubleshooting

A Command Line Interface (CLI)

B ASCII Character Chart

C Specifications

D Technical Support

E Statement of Warranty

F Regulatory Compliance

Quick Links

Troubleshooting

Need help?

Questions and answers

Related Manuals for Proxim AP-4000

Summary of Contents for Proxim AP-4000

This manual is also suitable for:

Table of Contents