AP-3 Help Contents

[ Home ] [Avaya Web Site]

Introduction


Document Conventions

  • The term, AP, refers to an Access Point.
  • The term, 802.11, is used to describe features that apply to the 802.11a, 802.11b, and 802.11g wireless standards.
  • A Dual-radio AP is an Access Point that includes two radios; it can support one or two IEEE radio standards (depending on the type of radios installed). The AP-3 is a Dual-radio AP.
  • An 802.11a AP is an Access Point that supports the IEEE 802.11a standard.
  • An 802.11b AP is an Access Point that supports the IEEE 802.11b standard.
  • An 802.11b/g AP is an Access Point that supports the IEEE 802.11g standard.
  • An 802.11a/g AP is an Access Point that supports the IEEE 802.11a/g standards.
  • Blue underlined text indicates a link to a topic or Web address. If you are viewing this documentation on your computer, click the blue text to jump to the linked item.
  • A Note indicates important information that helps you make better use of your computer.
A Caution indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.

Introduction to Wireless Networking

An AP extends the capability of an existing Ethernet network to devices on a wireless network. Wireless devices can connect to a single Access Point, or they can move between multiple Access Points located within the same vicinity. As wireless clients move from one coverage cell to another, they maintain network connectivity.

To determine the best location for an Access Point, Avaya recommends conducting a Site Survey before placing the device in its final location. For information about how to conduct a Site Survey, contact your local reseller.

Before an Access Point can be configured for your specific networking requirements, it must first be initialized. See Getting Started for details.

Typical wireless network access infrastructure

Once initialized, the network administrator can configure each unit according to the network’s requirements. The AP functions as a wireless network access point to data networks. An AP network provides:

  • Seamless client roaming
  • Easy installation and operation
  • Over-the-air encryption of data
  • High speed network links

To be fully operational, the AP-3 needs at least one wireless card installed.

Guidelines for Roaming

  • An AP can only communicate with client devices that support its wireless standard. For example, an 802.11a client cannot communicate with an 802.11b AP and an 802.11b client cannot communicate with an 802.11a AP. However, both 802.11b and 802.11g clients can communicate with an 802.11b/g AP.
  • All Access Points must have the same Network Name to support client roaming.
  • All workstations with an 802.11 client adapter installed must use either a Network Name of “any” or the same Network Name as the Access Points that they will roam between. If an AP has Closed System enabled, a client must have the same Network Name as the Access Point to communicate (see Interfaces).
  • All Access Points and clients must have the same security settings to communicate.
  • The Access Points’ cells must overlap to ensure that there are no gaps in coverage and to ensure that the roaming client will always have a connection available.
  • The coverage area of an 802.11b or 802.11b/g AP is larger than the coverage area of an 802.11a AP. The 802.11b and 802.11b/g APs operate in the 2.4 GHz frequency band; the 802.11a AP operates in the 5 GHz band. Products that operate in the 2.4 GHz band offer greater range than products that operate in the 5 GHz band.
  • An 802.11a or 802.11b/g AP operates at faster data rates than the 802.11b AP. 802.11a and 802.11g products operate at speeds of up to 54 Mbits/sec; 802.11b products operate at speeds of up to 11 Mbits/sec.
  • All Access Points in the same vicinity should use a unique, independent Channel. By default, the AP automatically scans for available Channels during boot-up but you can also set the Channel manually (see Interfaces for details).
  • Access Points that use the same Channel should be installed as far away from each other as possible to reduce potential interference.

IEEE 802.11 Specifications

In 1997, the Institute of Electrical and Electronics Engineers (IEEE) adopted the 802.11 standard for wireless devices operating in the 2.4 GHz frequency band. This standard includes provisions for three radio technologies: direct sequence spread spectrum, frequency hopping spread spectrum, and infrared. Devices that comply with the 802.11 standard operate at a data rate of either 1 or 2 Megabits per second (Mbits/sec).

In 1999, the IEEE modified the 802.11 standard to support direct sequence devices that can operate at speeds of up to 11 Mbits/sec. The IEEE ratified this standard as 802.11b. 802.11b devices are backwards compatible with 2.4 GHz 802.11 direct sequence devices (that operate at 1 or 2 Mbits/sec). Available Frequency Channels vary by regulatory domain and/or country. See 802.11b Channel Frequencies for details.

Also in 1999, the IEEE modified the 802.11 standard to support devices operating in the 5 GHz frequency band. This standard is referred to as 802.11a. 802.11a devices are not compatible with 2.4 GHz 802.11 or 802.11b devices. 802.11a radios use a radio technology called Orthogonal Frequency Division Multiplexing (OFDM) to achieve data rates of up to 54 Mbits/sec. Available Frequency Channels vary by regulatory domain and/or country. See 802.11a Channel Frequencies for details.

In 2003, the IEEE introduced the 802.11g standard. 802.11g devices operate in the 2.4 GHz frequency band using OFDM to achieve data rates of up to 54 Mbits/sec. In addition, 802.11g devices are backwards compatible with 802.11b devices. Available Frequency Channels vary by regulatory domain and/or country. See 802.11g Channel Frequencies for details.


Management and Monitoring Capabilities

There are several management and monitoring interfaces available to the network administrator to configure and manage an AP on the network:

HTTP/HTTPS Interface

The HTTP Interface (Web browser Interface) provides easy access to configuration settings and network statistics from any computer on the network. You can access the HTTP Interface over your LAN (switch, hub, etc.), over the Internet, or with a “crossover” Ethernet cable connected directly to your computer’s Ethernet Port.

HTTPS provides an HTTP connection over a Secure Socket Layer. HTTPS is one of two available secure management options on the AP; the other secure management option is SNMPv3. Enabling HTTPS allows the user to access the AP in a secure fashion using Secure Socket Layer (SSL) over port 443. The AP supports SSLv3 with a 128-bit encryption certificate maintained by the AP for secure communications between the AP and the HTTP client. All communications are encrypted using the server and the client-side certificate.

The AP comes pre-installed with all required SSL files: default certificate, private key and SSL Certificate Passphrase installed.

Command Line Interface

The Command Line Interface (CLI) is a text-based configuration utility that supports a set of keyboard commands and parameters to configure and manage an AP.

Users enter Command Statements, composed of CLI Commands and their associated parameters. Statements may be issued from the keyboard for real time control, or from scripts that automate configuration.

For example, when downloading a file, administrators enter the download CLI Command along with IP Address, file name, and file type parameters.

You access the CLI over a HyperTerminal serial connection or via Telnet. During initial configuration, you can use the CLI over a serial port connection to configure an Access Point’s IP address. When accessing the CLI via Telnet, you can communicate with the Access Point from over your LAN (switch, hub, etc.), from over the Internet, or with a “crossover” Ethernet cable connected directly to your computer’s Ethernet Port.

See Command Line Interface (CLI) for more information on the CLI and for a list of CLI commands and parameters.

SNMP Management

In addition to the HTTP and the CLI interfaces, you can also manage and configure an AP using the Simple Network Management Protocol (SNMP). Note that this requires an SNMP manager program, like HP Openview or Castlerock’s SNMPc.

The AP supports several Management Information Base (MIB) files that describe the parameters that can be viewed and/or configured over SNMP:

    • MIB-II (RFC 1213)
    • Bridge MIB (RFC 1493)
    • Ethernet-like MIB (RFC 1643)
    • 802.11 MIB
    • Avaya Enterprise MIB

Avaya provides these MIB files on the CD included with each Access Point. You need to compile one or more of the above MIBs into your SNMP program’s database before you can manage an Access Point using SNMP. Refer to the documentation that came with your SNMP manager for instructions on how to compile MIBs.

The Enterprise MIB defines the read and read-write objects that can be viewed or configured using SNMP. These objects correspond to most of the settings and statistics that are available with the other management interfaces. Refer to the Enterprise MIB for more information; the MIB can be opened with any text editor, such as Microsoft Word, Notepad, or WordPad.

SNMPv3 Secure Management

SNMPv3 is one of two available secure management options on the AP; the other secure management option is HTTPS (HTTP connection over Secure Socket Layer). SNMPv3 is based on the existing SNMP framework, but addresses security requirements for device and network management.

The security threats addressed by Secure Management are:

  • Modification of information: An entity could alter an in-transit message generated by an authorized entity in such a way as to effect unauthorized management operations, including the setting of object values. The essence of this threat is that an unauthorized entity could change any management parameter, including those related to configuration, operations, and accounting
  • Masquerade: Management operations that are not authorized for some entity may be attempted by that entity by assuming the identity of an authorized entity.
  • Message stream modification: SNMP is designed to operate over a connectionless transport protocol. There is a threat that SNMP messages could be reordered, delayed, or replayed (duplicated) to effect unauthorized management operations. For example, a message to reboot a device could be copied and replayed later.
  • Disclosure: An entity could observe exchanges between a manager and an agent and thereby learns the values of managed objects and learn of notifiable events. For example, the observation of a set command that changes passwords would enable an attacker to learn the new passwords.

To address the security threats listed above, SNMPv3 provides the following when secure management is enabled:

  • Authentication: Provides data integrity and data origin authentication.
  • Privacy (a.k.a Encryption): Protects against disclosure of message payload.
  • Access Control: Controls and authorizes access to managed objects
  • The remainder of this guide describes how to configure an AP using the HTTP Web interface or the CLI interface. For information on how to manage devices using SNMP, refer to the documentation that came with your SNMP program. Also, refer to the MIB files for information on the parameters available via SNMP.