User ManualTable of ContentsAP-5131 Product Reference Guide1Contents7AP-5131 Introduction171.1 New AP-5131 Features181.1.1 Mesh Networking181.1.2 Additional LAN Subnet191.1.3 On-board Radius Server Authentication201.1.4 Hotspot Support201.1.5 Routing Information Protocol (RIP)211.1.6 Manual Date and Time Settings211.2 Feature Overview221.2.1 Single or Dual Mode Radio Options221.2.2 Separate LAN and WAN Ports231.2.3 Multiple Mounting Options231.2.4 Antenna Support for 2.4 GHz and 5.2 GHz Radios231.2.5 Sixteen Configurable WLANs241.2.6 Support for 4 BSSIDs per Radio241.2.7 Quality of Service (QoS) Support251.2.8 Industry Leading Data Security251.2.8.1 Kerberos Authentication261.2.8.2 EAP Authentication261.2.8.3 WEP Encryption271.2.8.4 KeyGuard Encryption281.2.8.5 Wi-Fi Protected Access (WPA) Using TKIP Encryption281.2.8.6 WPA2-CCMP (802.11i) Encryption281.2.8.7 Firewall Security291.2.8.8 VPN Tunnels291.2.8.9 Content Filtering291.2.9 VLAN Support291.2.10 Multiple Management Accessibility Options301.2.11 Updatable Firmware301.2.12 Programmable SNMP v1/v2/v3 Trap Support301.2.13 Power-over-Ethernet Support311.2.14 MU-MU Transmission Disallow311.2.15 Voice Prioritization321.2.16 Support for CAM and PSP MUs321.2.17 Statistical Displays321.2.18 Transmit Power Control331.2.19 Advanced Event Logging Capability331.2.20 Configuration File Import/Export Functionality331.2.21 Default Configuration Restoration331.2.22 DHCP Support341.2.23 Multi-Function LEDs341.3 Theory of Operations341.3.1 Cellular Coverage351.3.2 MAC Layer Bridging361.3.3 Media Types371.3.4 Direct-Sequence Spread Spectrum371.3.5 MU Association Process381.3.6 Operating Modes391.3.7 Management Access Options39Hardware Installation412.1 Precautions422.2 Package Contents422.2.1 Available Product Configurations422.3 Requirements442.4 Placement of the AP-5131442.4.1 Site Surveys452.4.2 Antenna Options452.5 Power Options482.6 Symbol Power Injector System482.6.1 Installing the Power Injector492.6.1.1 Preparing for Site Installation492.6.1.2 Cabling the Power Injector492.6.1.3 Power Injector LED Indicators502.7 Mounting the AP-5131512.7.1 Desk Mounted Installations512.7.2 Wall Mounted Installations532.7.3 Suspended Ceiling T-Bar Installations552.7.4 Above the Ceiling (Plenum) Installations572.8 LED Indicators602.9 Setting Up MUs62Getting Started633.1 Installing the AP-5131633.2 Configuration Options643.3 Default Configuration Changes653.4 Initially Connecting to the Access Point653.4.1 Connecting to the Access Point using the WAN Port653.4.2 Connecting to the Access Point using the LAN Port663.5 Basic Device Configuration673.5.1 Configuring Device Settings683.5.1.1 Configuring WLAN Security Settings733.5.2 Testing Connectivity753.5.3 Where to Go from Here?76System Configuration774.1 Configuring System Settings784.2 Configuring Data Access824.3 Managing Certificate Authority (CA) Certificates854.3.1 Importing a CA Certificate854.3.2 Creating Self Certificates for Accessing the VPN864.3.3 Creating a Certificate for Onboard Radius Authentication894.4 Configuring SNMP Settings934.4.1 Configuring SNMP Access Control994.4.2 Enabling SNMP Traps1014.4.3 Configuring Specific SNMP Traps1044.4.4 Configuring SNMP RF Trap Thresholds1064.5 Configuring Network Time Protocol (NTP)1084.6 Logging Configuration1114.7 Importing/Exporting Configurations1134.8 Updating Device Firmware1174.8.1 Upgrade/Downgrade Considerations122Network Management1255.1 Configuring the LAN Interface1255.1.1 Configuring VLAN Support1285.1.2 Configuring LAN1 and LAN2 Settings1325.1.2.1 Configuring Advanced DHCP Server Settings1355.1.2.2 Setting the Type Filter Configuration1375.2 Configuring WAN Settings1385.2.1 Configuring Network Address Translation (NAT) Settings1435.2.1.1 Configuring Port Forwarding1455.3 Enabling Wireless LANs (WLANs)1465.3.1 Creating/Editing Individual WLANs1485.3.1.1 Configuring WLAN Security Policies1535.3.1.2 Configuring a WLAN Access Control List (ACL)1555.3.1.3 Setting the WLAN Quality of Service (QoS) Policy1585.3.1.4 Configuring WLAN Hotspot Support1645.3.2 Setting the WLAN’s Radio Configuration1695.3.2.1 Configuring the 802.11a or 802.11b/g Radio1725.3.3 Configuring Bandwidth Management Settings1795.4 Configuring Router Settings1815.4.1 Setting the RIP Configuration183Configuring Access Point Security1876.1 Configuring Security Options1886.2 Setting Passwords1896.2.1 Resetting the AP-5131 Password1906.3 Enabling Authentication and Encryption Schemes1916.4 Configuring Kerberos Authentication1956.5 Configuring 802.1x EAP Authentication1976.6 Configuring WEP Encryption2026.7 Configuring KeyGuard Encryption2046.8 Configuring WPA Using TKIP2066.9 Configuring WPA2-CCMP (802.11i)2086.10 Configuring Firewall Settings2116.10.1 Configuring LAN to WAN Access2146.10.1.1 Available Protocols2176.10.2 Configuring Advanced Subnet Access2186.11 Configuring VPN Tunnels2206.11.1 Configuring Manual Key Settings2246.11.2 Configuring Auto Key Settings2286.11.3 Configuring IKE Key Settings2306.11.4 Viewing VPN Status2346.12 Configuring Content Filtering Settings2366.13 Configuring Rogue AP Detection2396.13.1 Moving Rogue APs to the Allowed AP List2426.13.1.1 Displaying Rogue AP Details2446.13.2 Using MUs to Detect Rogue Devices2466.14 Configuring User Authentication2486.14.1 Configuring the Radius Server2486.14.2 Configuring LDAP Authentication2516.14.3 Configuring a Proxy Radius Server2536.14.4 Managing the Local User Database2556.14.4.1 Mapping Users to Groups2576.14.5 Defining the User Access Policy258Monitoring Statistics2617.1 Viewing WAN Statistics2627.2 Viewing LAN Statistics2667.2.1 Viewing a LAN’s STP Statistics2697.3 Viewing Wireless Statistics2717.3.1 Viewing WLAN Statistics2737.4 Viewing Radio Statistics Summary2777.4.1 Viewing Radio Statistics2787.4.1.1 Retry Histogram2827.5 Viewing MU Statistics Summary2837.5.1 Viewing MU Details2857.5.2 Pinging Individual MUs2877.5.3 MU Authentication Statistics2887.6 Viewing the Mesh Statistics Summary2897.7 Viewing Known Access Point Statistics290Command Line Interface Reference2958.1 Connecting to the CLI2958.1.1 Accessing the CLI through the Serial Port2958.1.2 Accessing the CLI via Telnet2968.4.8 Firmware Update Commands476Configuring Mesh Networking4979.1 Mesh Networking Overview4979.1.1 The AP-5131 Client Bridge Association Process4999.1.2 Spanning Tree Protocol (STP)5009.1.3 Defining the Mesh Topology5009.1.4 Mesh Networking and the AP-5131’s Two Subnets5019.1.5 Normal Operation5019.1.6 Impact of Importing/Exporting Configurations to a Mesh Network5019.2 Configuring Mesh Networking Support5029.2.1 Setting the LAN Configuration for Mesh Networking Support5029.2.2 Configuring a WLAN for Mesh Networking Support5049.2.3 Configuring the AP-5131 Radio for Mesh Networking Support5089.3 Usage Scenario - Trion Enterprises5149.3.1 Trion’s Initial Deployment5149.3.2 Adding 2 Client Bridges to Expand the Coverage Area5259.3.3 Adding 2 More Client Bridges to the Trion Network532Technical Specifications539A.1 Physical Characteristics540A.2 Electrical Characteristics540A.3 Radio Characteristics541A.4 Antenna Specifications542A.4.1 2.4 GHz Antenna Matrix542A.4.2 5.2 GHz Antenna Matrix542A.4.3 Additional Antenna Components543A.4.4 Antenna Accessory Connectors, Cable Type and Length543A.5 Country Codes544AP-5131 Usage Scenarios547B.1 Configuring Automatic Updates using a DHCP or Linux BootP Server Configuration547B.1.1 Windows - DHCP Server Configuration548B.1.1.1 Embedded Options - Using Option 43548B.1.1.2 Global Options - Using Extended/Standard Options550B.1.1.3 DHCP Priorities551B.1.2 Linux - BootP Server Configuration552B.1.2.1 BootP Options553B.1.2.2 BootP Priorities555B.2 Configuring an IPSEC Tunnel and VPN FAQs555B.2.1 Configuring a VPN Tunnel Between Two AP-5131s556B.2.2 Configuring a Cisco VPN Device559B.2.3 Frequently Asked VPN Questions560B.3 Replacing an AP-4131 with an AP-5131565Customer Support567Index571Size: 5.93 MBPages: 578Language: EnglishOpen manual