it46 cwrc access point conf smartbridges
DESCRIPTION
en este documento se describen todas la estrategias tecnicas para poder manejar culquier enrutador digital que exista en el mercadoTRANSCRIPT
ExercisesSmartBridges AirPoint/AirClient
NEXUS PRO TOTAL
PtMP Wireless Link
with WPA2 and QoS
Berthilson Louise <[email protected]>Escudero Pascual Alberto <[email protected]>
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
Introduction
This document includes a set of exercises on how to set up a PointtoMultiPoint wireless link using Smarbridges AirPoint and AirClient NEXUS PRO TOTAL units. The document should be used together with the handout “Advanced Link Performance Parameters”.
Hardware
The following hardware is needed:1 x SmartBridges AirPoint NEXUS PRO TOTAL1 x SmartBridges AirClient NEXUS PRO TOTAL2 x PoE injectors with power supplies.
2 x PC/laptop with Ethernet interface (at least 1 unit running Linux)4 x Cat5e Ethernet cable (straight)
Nonmandatory: Internet connectivity
Software
1. Java Runtime Environment is needed in at least one PC/laptop.
2. The latest version of Firmware for the AirPoint and AirClient units.
Default configuration
AirPoint NEXUS PRO TOTALIP address: 192.168.0.212User: AdministratorPassword: smartBridges
AirClient NEXUS PRO TOTALIP address: 192.168.0.210User: AdministratorPassword: smartBridges
Note that user/password are case sensitive.
2
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
Part 1: Basic setup
1. Hardware setup
Power on the smartBridges units using the PoE injectors (as the image below) shows and connect the PC/laptop to it. Do not forget to connect each smartBridges unit to a UPS to ensure a stable source of power. During the boot up process, the equipment is very sensitive to power fluctuations and can get permanently damaged in not powered properly.
WARNING! Firmware corruption can take place if the unit loses power during the first 20 seconds of boot up. Ensure that the power supply with 0.67 A output amperage is connected to the access point unit and not to a client. The client unit should have a power supply with a DC output of 0.4 A.
2. First login
1) Reset the Access Point to default factory settings by pressing the the reset button on the PoE injector for 1520 seconds. You will need a long and pointy object like a paper clip or similar. All three LEDs should flash simultaneously during the
3
Image 1: Basic setup for access point configuration.
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
reset process. Thereafter, EthA and EthB will alternate to flash a few times. When the blue light (radio) goes on, the reset process is completed.
2) Set the IP address of your client to be on the same subnet as of the Access Point.
3) Open a browser window and enter the IP address of the Access Point.
4) Login to the Access Point with the default password.
5) Change password of the Access Point. Logout and login again with the new password. Do not forget to write down the password!
6) Check what the current firmware version is. If the version is lower than v. 1.02.06 for AirPoint or v. 1.02.04 for the AirClient, update the firmware version. Monitor the LED's during the firmware upgrade. They should be continuously flashing during the whole process.
7) Repeat step 16 for the Client Unit (AirClient).
Note: Many of this operations can take up to several minutes, so patience!
4
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
Part 2: Basic configuration
1. Network layout
Study the network topology of Image 2 and setup the hardware in the very same way on your table. The blue dotted lines in Image 2 indicate the default gateway of each unit. For example, the Client Unit will have 192.168.46.1 as default gateway (Eth0 of the NAT).
Put postit notes on each unit with its IP addresses, MAC addresses, default gateway and mode of operation.
5
Image 2: Network topology for a wireless pointtopoint link.
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
2. Configure the Access Point (AirPoint)
1. Make sure the the operational mode of the device is Bridge.
2. Update the Bridge IP Configurations according to Image 2.
○ IP address○ IP mask○ Gateway○ DHCP (off)
Do not forget to apply changes!
3. Set the IP address on the NAT according to Table 2.
4. Set the Wireless Configuration settings according to your preferences. Fill up Table 1 with your settings.
Parameter Your setting
SSID
SSID broadcast
Domain
DFS status
Channel
Rates
Auto rate fallback
Transmitted power [dBm]
Radio operational mode
Table 1: Wireless Settings for AirPoint NEXUS PRO TOTAL.
Please note that SSID is case sensitive. Do not forget to apply changes!
6
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
3. Configure the Client Unit (AirClient)
1. Log in to the client unit and change operational mode to be Router (be patient, this process takes a while).
2. Set the Wireless Configuration settings according to Image 2.
Wireless Configuration
Ethernet IP address
Ethernet Subnet mask
Default gateway
SSID
Table 3: IP settings for the Wireless interface of the client unit.
3. Set the Ethernet Configuration settings.
Ethernet Configuration
IP address
Subnet mask
Table 2: IP settings for the Ethernet interface of the client unit.
Do not forget to apply changes!
4. Make the corresponding changes (IP address) in your PC/laptop so that you are still connected to the client unit via Ethernet cable (see Image 2).
5. Enable the DHCP server in the client unit and set its IP range to start with 10.0.100.2 and limit the amount of clients to 10. Request a new IP address via DHCP.
6. Make sure that the client unit is associated with the access point.In Client unit: Tools > Site SurveyIn Access Point: Summary Information >Association Table > Link Status
7. Go to Tools > Antenna Alignment (in Client Unit) and monitor the link status.
a) Move the client unit and the access point in such a way that their antennas are facing each other in different angles. How does the link status change?
7
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
b) What is the noise floor and the RSSI of the link? What do those values tell you?
c) What is the SNR of the link? What does this value tell you?
4. Ping ping!
Try to ping each network unit from every unit in the chain. Fill up the table below with Yes or No depending on the Ping is successful or not.In the Access Point/Client Unit, a Ping test can be found under Tools >Link Test.
Source/Destination
Wireless NATgateway
Access Point Client unit Client PC
Wireless NAT Gateway
Access Point
Client Unit
Client PC
Which (if any) combination is not possible and why?
5. Wireless NAT gateway setup
If you have an Internet connection; make sure that the Wireless NAT Gateway is connected to Internet either via Wireless connection or a second Ethernet interface.Set up a NAT with the following commands.
> route add net 10.0.100.0 netmask 255.255.255.0 gw 192.168.46.100> echo 1 > /proc/sys/net/ipv4/ip_forward> /sbin/iptables t nat A POSTROUTING o eth1 j MASQUERADE
This lines of codes do the following:
8
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
1) Adds the 10.0.100.0 network to the NATs routing table with the wireless interface of the client unit being the default gateway.
2) Activated the IP forwarding in the kernal.3) Masquerade all traffic to interface Eth1. If another interface is used for the
internet uplink, that interface should be stated here.
The client PC/laptop should now be able to reach the public Internet. Try to reach a public host by http or a simple Ping.
Part 3: Encryption
Encryption with WPA2PSK
With the present configuration, all data between the Access Point and the Client Unit is transferred in plain text. It is NOT encrypted in any way and can hence be read by anyone with the right knowledge and tools.We will now introduce encryption by means of WPA2PSK (WiFi Protected Access, Preshared key) of all wireless data traffic.
1. Enable Encryption by means of WPA2PSK in the Access Point. Enter a 864 alphanumeric key in ASCII format. This key is now the secret of the encrypted data. Anyone with access to the key, will be able to decrypt the data.
2. Select TKIP as encryption type and set rekey time to 300 seconds.3. Write down the key in a safe place and apply changes.4. Refresh the web interface of the client unit and see if it is still associated with the
Access Point. If not, why?5. What do you need to do in order to associate with the access point again using
encryption?
9
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
Part 4: Quality of Service
QoS with WMM (Wireless MultiMedia)
Enable QoS in the Access point (Networking > QoS).Make sure that classes 29 are all disabled.
1. Start to download a large file (via http) from the 192.168.46.1 machine and write down the speed you achieve. Cancel the download.
2. For Class 2, create a filter for the following application and hosts:
All host on the 10.0.100.0 network that request data through http from any host.
2. Enable Class 2 and change the maximum bandwidth after your own preferences.
3. Start the http download again and take notes of the speed of the transfer. Cancel the download.
4. Did the filter affect the speed of the download in the way that you anticipated? Describe the effect of the filter.
10
Setup of smartBridges PtMP wireless link February 2007Authors: IT +46 Version 1.0
11