Engenius ENH200 Manual
Engenius ENH200 Manual
Engenius ENH200 Manual
User Manual
Version : 1.0
Table of
Contents
CHAPTER 1 PRODUCT OVERVIEW
.......................................................................................................................... 7
CHAPTER 2 HARDWARE
OVERVIEW..................................................................................................................
... 10
CHAPTER 3 INSTALLATION
..................................................................................................................................
.. 11
CHAPTER 6
STATUS......................................................................................................................
........................... 25
CHAPTER 7 SYSTEM
..................................................................................................................................
.............. 31
9.1 IP SETTINGS
............................................................................................................................... .....................
........ 57
9.2 SPANNING TREE SETTINGS
............................................................................................................................... ......... 58
CHAPTER 11 MANAGEMENT
SETTINGS............................................................................................................... 73
11.1 ADMINISTRATION
............................................................................................................................... ...................
73
11.2 MANAGEMENT VLAN
............................................................................................................................... ............ 75
11.3 SNMP SETTINGS
............................................................................................................................... ...................
76
11.4 BACKUP/RESTORE SETTINGS
............................................................................................................................... .... 77
11.5 FIRMWARE UPGRADE
............................................................................................................................... .............. 78
11.6 TIME SETTINGS
............................................................................................................................... ......................
. 79
11.7 LOG ...............................................................................................................................
....................................... 80
11.8 DIAGNOSTICS
............................................................................................................................... ......................
... 81
12.1 ACCESS
POINT............................................................................................................................... ..............
.......... 82
12.2 CLIENT BRIDGE
MODE............................................................................................................................... .............
83
12.3 WDS BRIDGE MODE
............................................................................................................................... .............. 85
12.4 CLIENT ROUTER
............................................................................................................................... .....................
. 86
APPENDIX A TROUBLESHOOTING
............................................................................................................................. 93
APPENDIX B SPECIFICATIONS
..................................................................................................................................
.. 95
APPENDIX C
GLOSSARY...................................................................................................................
.......................... 96
Audience
This document is written for networking professionals responsible for installing and
managing the EnGenius ENH Series Outdoor Access Point/Bridge. To use this
guide, you should have knowledge about TCP/IP and IEEE 802.11 standards, and
be familiar with the concepts and terminology associated with wireless local-area
networks (WLANs).
This document provides the information you need to install and configure your
Access
Point/bridge.
Convention
This publication uses these conventions/symbols to convey instructions and
information and highlight special message.
Caution: This symbol represents the important message on
incorrect device operation that might damage the device
Note: This symbol represents the important message for the settings.
EHN device
WLAN signal Client computer laptop
Power adapter
Chapter 1 Product Overview
Thank you for choosing ENH200. The ENH200 is a long range, highperformance IEEE
802.11b/g/n network solution that provides Access Point, Client Bridge, WDS, and Client Router
functions in a single device.
In addition to providing the latest wireless technology, the ENH200 supports Power over
Ethernet and Power by Adapter capabilities, which allow the device to be installed easily in
nearly any indoor or outdoor location. Advanced features include power level control, narrow
bandwidth selection, traffic shaping, and Realtime RSSI indication.
A variety of security features help to protect your data and privacy while you are online. Security
features include WiFi
Protected Access (WPAPSK/WPA2PSK), 64/128/152bit WEP Encryption, and IEEE 802.1x with
RADIUS.
1.1 Feature
Keep all packing materials in case you need to return the ENH200. The
ENH200 must be returned with its original packing materials.
Use only the power adapter supplied with your ENH200. Using a
different power adapter can damage the ENH200.
To install the ENH200, you need an Ethernet cable and a computer equipped with:
An Ethernet interface
One of the following operating systems: Microsoft Windows XP, Vista, or 7; or
Linux
An Internet browser that supports HTTP and JavaScript
Chapter 3
2 Hardware
Installation
Overview
The bottom panel of the ENH200 contains two RJ45 ports, a PoE interface, and a
Reset button. A
removable cover covers these components.
The RJ45 port connects to an Ethernet adapter in a computer you use to
configure the ENH200.
For more information, see
Chapter 4.
The PoE interface allows the ENH200 to be powered using the supplied PoE
injector.
The Reset button can be used to reboot the ENH200 and return the device to
its default factory configuration, erasing any overrides you may have made
to the devices default settings. The Reset button is recessed to prevent
accidental resets. To reboot the ENH200, use a fat object such as a pencil to
press the Reset button for approximately 10 seconds and then stop pressing
the Reset button.
The back panel of the ENH200 contains the LED indicators that show the link
quality and status of the
ENH200.
This chapter describes how to install the ENH200. It also describes the ENH200
LEDs.
Select the optimal locations for the equipment using the following guidelines:
- The ENH200 should be mounted on a 1"4" pole. Its location should enable
easy access to the unit and its connectors for installation and testing.
- The higher the placement of the antenna, the better the achievable link
quality.
- The antenna should be installed to provide a direct, or near line of sight
with the Base Station antenna. The antenna should be aligned to face the
general direction of the Base Station.
4. Remove the power cord and PoE injector from the box and plug the
power cord into the
DC port of the PoE injector.
Only use the power adapter supplied with the ENH200. Using a
The rear of the ENH200 has two groups of LEDs. One group, labeled
INDICATORS, shows the status of the device. The second group, LINK QUALITY,
shows the strength of the link between the ENH200
and the network. The following table describes the ENH200 LEDs.
To configure the ENH200, use a computer that is configured for TCP/IP. This
chapter describes how to configure the TCP/IP settings on a computer that will be
used to configure the ENH200.
4.1 Configuring Microsoft Windows 7
2. When the Network Connections List appears, rightclick the Local Area
Connection icon and click Properties.
7. Click the OK button to save your changes and close the dialog box.
8. Click the OK button again to save your changes.
4.3 Configuring Microsoft Windows XP
4. In the Local Area Connection Status dialog box, click the Properties
button. The Local
Area Connection Properties dialog box appears.
5. In the Local Area Connection Properties dialog box, verify that Internet
Protocol (TCP/IP) is checked. Then select Internet Protocol (TCP/IP)
and click the Properties button. The Internet Protocol (TCP/IP) Properties
dialog box appears.
6. In the Internet Protocol (TCP/IP) Properties dialog box, click Obtain
an IP address automatically to configure your computer for DHCP.
Click the OK button to save this change and close the Internet
Protocol (TCP/IP) Properties dialog box.
7. Click the OK button again to save your changes.
Use the following procedure to configure your computer if your computer has
Microsoft W indows
2000 installed.
1. On the Windows taskbar, click Start, point to Settings, and then click
Control Panel.
4. Click Apply Now to apply your settings and close the TCP/IP dialog box.
The ENH200 has a builtin Web Configurator that lets you manage the unit from
any location using a
Web browser that supports HTTP and has JavaScript installed.
After configuring the computer for TCP/IP using the procedure appropriate for your
operating system, use that computers Web browser to log in to the ENH200 Web
Configurator.
2. In the browser address bar, type 192.168.1.1 and press the Enter key.
If you changed the ENH200 LAN IP address, enter the correct IP address.
3. When the Windows Security window appears, type admin as the username in
the top field and
type admin as the password in the bottom field.
4. Click OK
You are now ready to use the instructions in the following chapters to configure
the ENH200.
5.2 Best
Chapter
Practices 6
Status
Perform the following procedures regularly to make the ENH200 more secure and
manage the
ENH200 more effectively.
Change the default password. Use a password that is not easy to guess
and that contains different characters, such as numbers and letters. The
ENH200 username cannot be changed. For more information, see page 73.
Back up the configuration and be sure you know how to restore it.
Restoring an earlier working
configuration can be useful if the ENH200 becomes unstable or crashes. If
you forget your password, you will have to reset the ENH200 to its factory
default settings and lose any customized override settings you configured.
However, if you back up an earlier configuration, you will not have to
completely reconfigure the ENH200. You can simply restore your last
configuration. For more information, see page 77.
The Status section on the navigation dropdown menu contains the following
options:
- Main
- Wireless Client List
- System Log
- Connection Status
6.1 Save/Load
This page lets you save and apply the settings shown under Unsaved changes
list, or cancel the unsaved changes and revert to the previous settings that were
in effect.
6.2
Main
Clicking the Main link under the Status drop-down menu or clicking Home at
the top-right of the Web Configurator shows status information about the current
operating mode.
- The LAN Settings section shows Local Area Network setting such as the LAN
IP address, subnet mask, and MAC address.
Clicking the Wireless Client List link under the Status drop-down menu
displays the list of clients associated to the ENH200, along with the MAC
addresses and signal strength for each client. Clicking the Refresh button
updates (refreshes) the client list.
6.5 Connection
6.4 System
Log
Status
The ENH200 automatically logs (records) events of possible interest in its internal
memory. To view the logged information, click the System Log link under the
Status drop-down menu. If there is not enough internal memory to log all events,
older events are deleted from the log.
Clicking the Connection Status link under the Status drop-down menu displays
the current status of the network. The information shown includes network type,
SSID, BSSID, connection status, wireless mode, current channel, security, data
rate, noise level, and signal strength.
6.6 DHCP Client
Chapter
Table 7
System
Clicking the DHCP Client List link under the Status drop-down menu displays
the clients that are associated to the ENH200 through DHCP. The MAC addresses
and signal strength for
each client are also shown. Clicking the Refresh button updates (refreshes) the
client list.
This chapter describes how to change the ENH200 operating modes.
Device Name: Enter a name for the device. The name you type
appears in SNMP management. This name is not the SSID and is not
broadcast to other devices. Country/Region: Select a Country/Region
to conform to local regulations.
Operation Mode: Use the radio button to select an operating mode. To use
Access Point
mode with WDS, select Access Point here and then enable the WDS function in
the Wireless
Network section (see section
the changes.
Clicking Accept does not apply the changes. To apply them, use
This section describes basic wireless settings. For more information, see Chapter
12.
The ENH200 supports Access Point Mode. In this mode, users with a wireless
client device within range can connect to the ENH200 to access the WLAN. The
following figure shows an example of an ENH200 operating in Access Point Mode.
The sections that follow the figure below describe how to configure your ENH200
for Access
Point Mode.
Wireless Mode Wireless mode supports 802.11b/g/n mixed modes.
Channel HT Mode The default channel bandwidth is 40 MHz. The larger
the channel, the better the transmission quality and
speed.
Extension Channel Select upper or lower channel. Your selection may
affect the Auto channel function.
Channel / Frequency Select the channel and frequency appropriate for
your countrys regulation.
Auto Check this option to enable auto-channel selection.
AP Detection AP Detection can select the best channel to use
by scanning nearby areas for Access Points.
Current Profile Configure up to four different SSIDs. If many client
devices will be accessing the network, you can arrange
the devices into SSID groups. Click Edit to configure the
profile and check whether you want to enable extra SSID.
Profile Isolation Restricted Client to communicate with different VID
by Selecting the radio button.
Accept / Cancel Click Accept to confirm the changes or Cancel to
cancel and
return previous settings.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
SSID Specify the SSID for the current profile.
VLAN ID Specify the VLAN tag for the current profile.
Suppressed SSID Check this option to hide the SSID from clients. If
checked, the
SSID will not appear in the site survey.
Station Separation Click the appropriate radio button to allow
or prevent communication between client
devices.
Wireless Security See the Wireless Security section.
Save / Cancel Click Save to accept the changes or Cancel to
cancel and return previous settings.
8.1.2 Client Bridge Mode
Client Bridge Mode lets you connect two LAN segments via a wireless link as
though they are on the same physical network. Since the computers are on the
same subnet, broadcasts will reach all machines. As a result, DHCP information
generated by the server will reach all client computers as though the clients
resided on one physical network.
The sections that follow the figure below describe how to configure your ENH200
for Client
Bridge Mode.
Wireless Mode Wireless mode supports 802.11b/g/n mixed modes.
SSID Specify the SSID if known. This field is completed
automatically if you select an Access Point in the Site
Survey.
Site Survey Scans nearby locations for Access Points.
You can select a discovered Access Point to
establish a connection.
Prefer BSSID Enter the MAC address if known. If you select an
Access Point in the Site Survey, this field is completed
automatically.
WDS Client Click the appropriate radio button to enable or
disable WDS Client.
Wireless Security See section 8.2 for information.
Accept / Cancel Click Accept to confirm the changes or Cancel
to cancel and return previous settings.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
Profile If you used the Site Survey, the Web Configurator
shows nearby Access Points. To connect to an Access
Point, click the Access Points BSSID.
Wireless Security See the Wireless Security section.
Refresh Click Refresh to scan again.
If the Access Point has been configured to suppress its SSID, the SSID section
will be blank and must be completed manually.
8.1.3 WDS Bridge Mode
Unlike traditional bridging. WDS Bridge Mode allows you to create large wireless
networks by linking several wireless access points with WDS links. WDS is
normally used in large, open areas, where pulling wires is cost prohibitive,
restricted or physically impossible.
The following figure shows an example of three ENH200 configured for WDS
Bridge Mode communicating with each other. In this configuration, the ENH200
device on the left side of the figure behaves as a standard bridge that forwards
traffic between the WDS links (links that connect to other ENH200 WDS bridges).
The sections that follow the figure below describe how to configure your
ENH200 for WDS Bridge Mode.
Wireless Mode Wireless mode supports 802.11b/g/n mixed modes.
Channel HT Mode The default channel bandwidth is 40 MHz. The larger
the channel, the better the transmission quality and
speed.
Extension Channel Select upper or lower channel. Your selection may
affect the Auto channel function.
Channel / Frequency Select the channel and frequency appropriate for
your countrys regulation.
Accept / Cancel Click Accept to confirm the changes or Cancel to
cancel and
return previous
settings.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
MAC Address Enter the MAC address of the Access Point to which
you want to extend wireless connectivity.
Mode Select Disable or Enable to disable or enable WDS.
Accept / Cancel Click Accept to confirm the changes or Cancel
to cancel and return previous settings.
1. Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
2. The Access Point to which you want to extend wireless connectivity
must enter the ENH200s MAC address into its configuration. For more
information, refer to the documentation for the Access Point. Not all
Access Point supports this feature.
8.1.4 Client Router Mode
In Client Router Mode, you can access the Internet wirelessly with the support of a
WISP. In AP Router Mode, the ENH200 can access the Internet via a cable or DSL
modem. In this mode,
the ENH200 can be configured to turn off the wireless network name (SSID)
broadcast, so that only stations that have the SSID can be connected. The ENH200
also provides wireless LAN
64/128/152-bit WEP encryption security, WPA/WPA2, and WPA-PSK/WPA2-PSK
authentication, as well as TKIP/AES encryption security. It also supports VPN pass-
through for sensitive data secure transmission.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
Profile If you used the Site Survey, the Web Configurator
shows nearby Access Points. To connect to an Access
Point, click the Access Points BSSID.
Wireless Security See the Wireless Security section.
Refresh Click Refresh to scan again.
If the Access Point has been configured to suppress its SSID, the SSID
section must be completed manually.
8.2 Wireless Security
Settings
The Wireless Security Settings section lets you configure the EOH200s security
modes: WEP, WPA-PSK, WPA2-PSK, WPA-PSK Mixed, WPA, WPA2, and WPA Mixed.
We strongly recommend you use WPA2-PSK.
8.2.1 WEP
Security Mode Select WEP from the drop-down list to begin the
configuration.
Auth Type Select Open System or Shared.
Input Type Select an input type of Hex or ASCII.
Key Length Level of WEP encryption applied to all WEP keys.
Choices are
Select a 64/128/152-bit password lengths.
Default Key Specify which of the four WEP keys the
ENH200 uses as its default.
Key1 Specify a password for security key index No.1. For
security, each typed character is masked by a dot ( ).
Key2 Specify a password for security key index No.2. For
security, each typed character is masked by a dot ( ).
Key3 Specify a password for security key index No.3. For
security, each typed character is masked by a dot ( ).
Key4 Specify a password for security key index No.4. For
security, each typed character is masked by a dot ( ).
802.11n does not allow WEP/WPA-PSK/WPA-PSK TKIP security mode. The
connection mode will drop from 802.11n to 802.11g.
8.2.2 WPA-PSK
WPA-PSK Mixed can allow multiple security modes at the same time.
802.11n does not allow WEP/WPA-PSK/WPA-PSK TKIP security mode. The
connection mode will change from 802.11n to 802.11g.
8.2.6
8.2.5
WPA
WPA2
Security Mode Select WPA from the drop-down list to begin the
configuration.
Encryption Select Both, TKIP, or AES as the encryption type.
Both = uses TKIP and AES.
TKIP = automatic encryption with WPA-PSK.
AES = automatic encryption with WPA2-PSK.
Radius Server Specify the IP address of the RADIUS server.
Radius Port Specify the port number that your RADIUS
server uses for authentication. Default port is
1812.
Radius Secret Specify RADIUS secret furnished by the RADIUS
server.
Group Key Update
Specify how often, in seconds, the group key changes.
Interv
al
802.11n does not allow WEP/WPA-PSK/WPA-PSK TKIP security mode. The date
rate will drop from 802.11n to 802.11g.
8.4 Wireless
8.2.7 WPA Advanced
Mixed
Settings
0.
ACL Mode Determines whether network access is granted or
denied to
clients whose MAC addresses appear in the MAC
Address table on this page. Choices are Disable, Deny
MAC in the list, or Allow MAC in the list.
MAC Address Filter Enter the MAC address of the device.
Add Click Add to add the MAC address to the MAC
Address table.
Apply Click Apply to apply the changes.
Using WDS Link Settings, you can create a wireless backbone link between
multiple access points that are part of the same wireless network. This allows a
wireless network to be expanded using multiple Access Points without the need for
a wired backbone to link them, as
is traditionally required.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see
section 4.1).
The Access Point to which you want to extend wireless connectivity must enter
the ENH200s MAC address into its configuration. For more information, refer to
the documentation for the Access Point. Not all Access Point supports this feature.
9.2 Spanning
Chapter 9 LANTree
Setup
Settings
This chapter describes the ENH200 Local Area Network (LAN) settings.
9.1 IP Settings
This section is only available for Non-Router Mode. IP settings lets you
configure the
ENH200 LAN port IP address.
IP Network Setting Select whether the ENH200 IP address will use the
static IP address specified in the IP Address field or be
obtained automatically when the ENH200 connects to a
device that has a DHCP server .
IP Address Enter the IP address of
the ENH200. IP Suet Mask Enter the
ENH200 subnet mask. Default Gateway
Enter the ENH200 default gateway. Primary DNS
Enter the ENH200 primary DNS. Secondary DNS
Enter the ENH200 secondary DNS.
Accept / Cancel Click Accept to confirm the changes or Cancel to
cancel and
return previous settings.
If you change the LAN IP address, you will be directed to the new IP address
after you click
Apply.
Spanning Tree Status Enable or disable the ENH200 Spanning Tree
function.
Bridge Hello Time Specify Bridge Hello Time, in seconds. This value
determine how often the ENH200 sends hello packets to
communicate information about the topology throughout
the entire Bridged Local Area Network
Bridge Max Age Specify Bridge Max Age, in seconds. If another
bridge in the spanning tree does not send a hello
packet for a long period of time, it is assumed to be
dead.
Bridge Forward Delay Specify Bridge Forward Delay, in seconds.
Forwarding delay time is the time spent in each of the
Listening and Learning states before the Forwarding
state is entered. This delay is provided so that when a
new bridge comes onto a busy network, it looks at some
traffic before participating.
Priority Specify the Priority number. Smaller number has
greater priority.
Accept / Cancel Click Accept to confirm the changes or Cancel
to cancel and return previous settings.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
Chapter 10 Router Settings
This section is only available for AP Router Mode and Client Router Mode.
This chapter describes the ENH200 WAN settings. There are four types of WAN
connections:
- Static IP
- DHCP
- PPPoE
- PPTP
Please contact your ISP to find out which settings you should choose..
10.1.1 Static IP
Select Static IP for your WAN connection if your ISP provided information about
which IP
address, subnet mask, default gateway, primary DNS, and secondary DNS to use.
Internet Select Static IP to begin configuration of the Static IP
Connection connection.
Type
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
10.1.2 DHCP
(Dynamic IP)
Select DHCP as your WAN connection type to obtain an IP address automatically.
You will
need to enter account name as your hostname and, optionally, DNS information.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
10.1.3 PPPoE (Point-to-Point Protocol over
Ethernet)
Select Point to Point Protocol over Ethernet (PPPoE) if your ISP uses a PPPoE
connection.
Your ISP will provide you with a username and password. This selection is
typically used for DSL services. Remove your PPPoE software from your
computer, as it is not needed and will not work with your ENH200.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
10.1.4 PPTP (Point-to-Point Tunneling
Protocol)
Select PPTP as your WAN connection type if your ISP uses a Point-to-Point-
Tunneling Protocol
(PPTP) connection. You will need to provide the IP address, subnet mask, default
gateway
(optional), DNS (optional), server IP, username, and password provided by your
ISP.
Internet
Connection
Type
10.1.4 PPTP (Point-to-Point Tunneling
Protocol)
Select PPTP to
begin configuration
of the PPTP
connection.
MTU Specify the Maximum Transmit Unit size. It is
recommended you accept the default setting of Auto.
Otherwise, packets will be fragmented downstream if the
MTU is set too high or too low, which impacts network
performance. In extreme cases, an MTU setting that is
too low can prevent the ENH200 from establishing some
connections.
IP Address Enter the WAN port IP
address. IP Subnet Mask Enter the WAN IP
subnet mask. Gateway IP Address Enter the WAN
gateway IP address. PPTP Server Enter
the IP address of the PPTP server.
Username Enter the username provided by your ISP.
Password Enter the password provided by your ISP.
Connect on Demand If you want the ENH200 to end the Internet
connection after it
has been inactive for a period of time, select this option
and enter the number of minutes you want that period of
inactivity to last.
Keep Alive If you want the ENH200 to periodically check your
Internet connection, select this option. Then specify how
often you want the ENH200 to check the Internet
connection. If the connection is
down, the ENH200 automatically re-establishes your
connection
Get Obtains the DNS automatically from DHCP server.
Automatically
From ISP
Use These DNS Servers Click the radio button to set up the Primary DNS and
Secondary
DNS servers manually.
Discard Ping on WAN Check to Enable to recognize pings on the ENH200
WAN interface or Disable to block pings on the ENH200
WAN interface. Note: Pinging IP addresses is a common
method used by hackers to test whether the IP address
is valid. Blocking pings provides some extra security
from hackers.
Accept / Cancel Click Accept to confirm the changes or Cancel to
cancel and
return previous settings.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
10.3 LAN
10.2 VPN Settings
Pass (Router
Mode)
Through
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
VPN Passthrough allows a secure virtual private network (VPN) connection
between two computers. Enabling the options on this page opens a VPN port and
enables connections to
pass through the ENH200 without interruption.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
10.4 Port
Forwarding
Port forwarding can be used to open a port or range of ports to a device on your
network Using port forwarding, you can set up public services on your network.
When users from the Internet make certain requests on your network, the
ENH200 can forward those requests to computers equipped to handle the
requests. If, for example, you set the port number 80 (HTTP) to be forwarded to
IP address 192.168.1.2, all HTTP requests from outside users are
forwarded to 192.168.1.2.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
Service Name Enter a name for the port forwarding rule.
Protocol Select a protocol for the application: Choices are
Both, TCP, and
UDP.
Starting Port Enter a starting port number.
Ending Port Enter an ending port number. All ports numbers
between the starting and ending ports will forward
users to the IP address specified in the IP Address
field.
IP Address Enter the IP address of the server computer on the
LAN network where users will be redirected.
Save / Cancel Click Save to apply the changes or Cancel to
return previous settings.
10.5
Chapter
DMZ 11 Management
Settings
If you have a computer that cannot run Internet applications properly from behind
the ENH200, you can allow the computer to have unrestricted Internet access.
Enter the IP address of that computer as a Demilitarized Zone (DMZ) host with
unrestricted Internet access.
Adding a client to the DMZ may expose that computer to a variety of security risks,
so use this
option as a last resort.
Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
The Management section lets you configure administration, management
VLAN, SNMP settings, backup/restore settings, firmware upgrade, time
settings, and log settings. This chapter describes these settings.
11.1 Administration
Click the Administration link under the Management menu to change the user
name and password used to log on to the ENH200 Web Configurator . The default
user name is admin and the default password is admin. Changing these settings
protects the ENH200 configuration settings from being accessed by unauthorized
users.
Clicking Save/Apply changes the settings immediately. You cannot undo the
action.
11.3 SNMP
11.2 Management
VLAN
Settings
Click the Management VLAN link under the Management menu to assign a
VLAN tag to the packets. A VLAN is a group of computers on a network whose
software has been configured so that they behave as if they were on a separate
Local Area Network (LAN). Computers on
VLAN do not have to be physically located next to one another on the LAN
1. If you reconfigure the Management VLAN ID, you may lose your connection to
the ENH200. Verify that the DHCP server supports the reconfigured VLAN ID and
then reconnect to the ENH200 using the new IP address.
2. Clicking Accept does not apply the changes. To apply them, use Status >
Save/Load (see section 4.1).
Click the SNMP Settings link under the Management menu to monitor
network-attached devices using the Simple Network Management Protocol
(SNMP). SNMP allows messages (called protocol data units) to be sent to various
parts of a network. Upon receiving these messages, SNMP-compatible devices
(called agents) return data stored in their Management
Information Bases.
Clicking Save/Apply change the setting immediately. You cannot undo the
action.
11.5 Firmware
11.4 Backup/Restore
Settings
Upgrade
Click the Backup/Restore Setting link under the Management menu to save
the ENH200s current settings in a file on your local disk or load settings onto the
device from a local disk. This feature is particularly convenient administrators
who have several ENH200 devices that need to be configured with the same
settings.
This page also lets you return the ENH200 to its factory default settings. If you
perform this procedure, any changes made to the ENH200 default settings will
be lost.
The firmware upgrade procedure can take few minutes. Do not power off the
ENH200 during the firmware upgrade, as it can cause the device to crash or
become unusable. The ENH200 restarts automatically after the upgrade
completes.
11.7 Time
11.6
Settings
Log
Click the Time Settings link under the Management menu to configure the
ENH200 system time. You can enter the time manually or, to ensure accuracy,
synchronize the ENH200 with
Network Time Protocol (NTP) server.
Clicking Save/Apply changes the setting immediately. You cannot undo the
action.
Click the Log link under the Management menu to display a list of events that
are triggered on the ENH200 Ethernet and wireless interfaces. You can consult
this log if an unknown error occurs on the system or when a report needs to be
sent to the technical support department
for debugging
purposes.
Clicking Save/Apply changes the settings immediately. You cannot undo the
action.
11.8
Chapter 12 Network Configuration
Diagnostics
Examples
Click the Diagnostics link under the Management menu to ascertain connection
quality and
trace the routing table to the target.
Access Point
Step1 Log in to the Web Configurator with your browser by
entering the default IP address 192.168.1.1
Step2 Select your country or regions regulation.
Step3 Use site survey to scan channels available in
nearby areas. Step4 Select channel with less
interferences.
Specify the SSID for your broadcast SSID and you can also
Step configure multiple SSID at the same time.
5
Step6 Verify the VLAN identifier to separate services among
clients
Step7 Set the authentication
settings. Step8 Click Apply to
save all changes.
For more advanced settings, refer to the previous chapters.
Wireless Client
Step1 Select the wireless mode with which you want to
associate.
Use site survey to scan nearby Access Point and either
select the
Step Access Point to which you want to connect, or enter the
2 SSID
manually.
Step3 Configure the VLAN ID in your wireless device if
available. Step4 Select the appropriate authentication
type and password.
Access Point Mode does not provide DHCP server, so the Wireless Client
IP address must be configured manually using the same Local Area Network
subnet.
The Client Bridge IP settings must match the Access Points subnet.
12.3 WDS Bridge Mode
Use this feature to link multiple Access Points in a network. All clients associated
with any
Access Points can communicate with each other in an ad-hoc manner.
WDS Bridge
Step1 Log in to the Web Configurator with the default IP
address
192.168.1.1
Step2 Select your country or regions regulation.
Step3 For Operation Mode, select WDS Bridge from
System
Properties.
Step4 Select the channel you want
to use. Step5 Set up the
authentication settings Step6 Set
up WDS Link Settings.
Step7 Specify the MAC address of the Access Point with which
you want to connect.
Step8 Click Apply to save all changes.
Each WDS bridge device must use the same Subnet, Wireless Mode,
Wireless
Channel, and Security Setting.
12.4 Client
Router
In Client Router Mode, the ENH200s internal DHCP server allows LANs to
automatically generate an IP address to share the same Internet. Connect an
Access Point/WISP wirelessly
and connect to LANs using a wired connection.
With its ability to operate in various operating modes, your ENH200 is the ideal
device around which you can build your WLAN. This appendix describes how to
build a WLAN around your ENH200 using he devices operating modes.
In Access Point Mode, ENH200 behaves likes a central connection for stations or
clients that support IEEE 802.11b/g/n networks. Stations and client must be
configured to use the same SSID and security password to associate with the
ENH200. The ENH200 supports four SSIDs at the same time for secure guest
access.
13.3 Access
13.2 Client Bridge
Point Mode with WDS
Function
Mode
The ENH200 Access Point Mode also supports WDS functionality. This operating
mode allows wireless connections to the ENH200 using WDS technology. In this
mode, configure the MAC addresses in both Access Points to enlarge the wireless
area by enabling WDS Link settings.
WDS supports eight AP MAC
addresses.
Not every Access Point device supports WDS in Access Point Mode. As a result,
to use WDS, we recommend you use the ENH200.
In Client Bridge Mode, the ENH200 behaves like a wireless client that connects to
an Access Point wirelessly and allows users to surf the Internet whenever they
want. In this mode, use the ENH200 Site Survey to scan for Access Points within
range. Then configure the ENH200
SSID and security password accordingly to associate with the Access
Point. In this configuration, the station has a wired Ethernet connection to
the ENH200 LAN port.
13.5 Client
13.4 WDS Bridge
Router
Mode
In WDS Bridge Mode, the ENH200 can wirelessly connect different LANs by
configuring the MAC address and security settings of each ENH200 device. Use
this mode when two wired LANs located a small distance apart want to
communicate with each other. The best solution is to use the ENH200 to
wirelessly connect two wired LANs, as shown in the following figure.
WDS Bridge Mode can establish 16 WDS links, creating a star-like network.
WDS Bridge Mode is unlike Access Point. Access Points linked by WDS are using
the same frequency channel, more Access Points connected together may lower
throughput. Please be aware to avoid loop in your wireless connection, otherwise
enable Spanning Tree Function.
In Client Router Mode, the ENH200s internal DHCP server allows a number of
LANs to automatically generate IP addresses to share the same Internet. In
this mode, connect an
AP/WISP wirelessly and connect to LANs via a wired connection.
Question Answer
How do I reset the ENH200? There are two ways to reset the
ENH200, a hardware method and a
software method. Both methods return
the ENH200 to its factory default
configuration.
To use the hardware method, open the
cover
on the bottom panel of the ENH200
and find the Reset button (see
section 2.1). Using a fat object such
as a pencil, press the Reset button for
approximately 10 seconds and then
stop pressing.
Why do I not see traffic pass after I The ENH200 uses a proprietary PoE
connect the injector and will not work with
ENH200 to a PoE switch? standard 802.3afcompliant
What is the default IP address of the PoE
The switches.
default IP address is 192.168.1.1
ENH200?
I plugged the PoE to the second You need to plug the Ethernet cable
Ethernet port on the back of ENH200 connect to PoE injector to the main
but the unit is not on, how come? LAN port. The secondary Ethernet port
is just an additional LAN port for
regular Ethernet connection such
as
TheIPENH200
camera uses a proprietary PoE
When I install the PoE connection to
the injector and will not work with
ENH200, what kind of PoE should I standard 802.3afcompliant
use?
I want to use higher gain antennas on PoE
Use switches.
the antenna appropriate for the
the frequency. (2.4 GHz)
ENH200, but I dont know what
antenna
I want to is right.
buy a highgain antenna for Use an antenna with a SMA
the connector to connect to the
ENH200, but I dont know what ENH200.
type of antenna and RF
93
If you encounter issues that cannot be resolved using this manual, please contact your vendor where you
purchase the device. If you cannot contact your vendor, you may also contact EnGenius Customer
Service department in the region where you purchased the device.
Before you contact your local EnGenius office, please prepare the following information:
y Warranty information
y A brief description about the issue and the attempts you tried to resolve it
To contact EnGenius Customer Service office in the United States, please use either of the following methods:
y Email: Support@EnGeniustech.com
y Telephone: 1-888-735-7888
Appendix B Specifications
Standard: IEEE 802.11 b/g/n
Physical Interface: 1 x Port with PoE support
1 x Port
1 x Reset
Max. Data rate: 150 Mbps
LEDs status: Power Status
LAN1/LAN2 (10/100Mbps)
WLAN (W ireless is up)
3 x Link Quality (Client Bridge mode)
Appendix C Glossary
Access Point
A base station in a WLAN that act as a central transmitter and receiver of WLAN radio signals.
Ad Hoc Network
A short-term WLAN framework created between two or more WLAN adapters, without going
through an Access Point. An ad hoc network lets computers send data directly to and from one
another. For an ad hoc network to work, each computer on the network needs a WLAN card
installed configured for Ad Hoc mode.
Antenna
A device that sends and receives radio-frequency (RF) signals. Often camouflaged on existing
buildings, trees, water towers or other tall structures, the size and shape of antennas are generally
determined by the frequency of the signal they manage.
Authentication
A process that verifies the identity of a wireless device or end-user. A common form of
authentication is to verify identities by checking a user name and password to allow network
access.
Backbone
A highspeed line or series of connections that form a major pathway within a
network.
Bandwidth
The part of the frequency spectrum required to transmit desired information.
Each radio channel has a center frequency and additional frequencies above
and below this carrier frequency that carry the transmitted information. The
range of frequencies from the lowest to the highest used is called the
bandwidth.
Bridge
A wireless device that connects multiple networks that are physically separate or use different
media, but which use similar standards.
Bridge Mode
An Access Pointy in bridge mode can operate as a WLAN bridge that connects
two wired network segments. The peer device also must be in bridge mode.
This wireless bridge connection is equivalent to a Wireless Distribution System
(WDS).
CHAP
Challenge Handshake Authentication Protocol. An alternative
protocol that uses a challenge/response technique instead of
sending passwords over the wire. Collision
Interference resulting from two network devices sending data at the same time. The network
detects the collision of the two transmitted packets and discards both of them.
Coverage
The region within which a paging receiver can reliably receive the transmission of paging signals.
Coverage Area
The geographical area that can be served by a mobile communications network or system.
Coverage Hole
An area within the radio coverage footprint of a wireless system where the RF signal level is
below the design threshold. Physical obstructions such as buildings, foliage, hills, tunnels, and
indoor parking garages are usually the cause of coverage holes.
Cyclic Redundancy Check (CRC)
A common technique for detecting data transmission errors.
Dynamic Host Configuration Protocol (DHCP)
A protocol that assigns temporary IP addresses automatically to client stations logging onto an IP
network, so the IP addresses do not have to be assigned manually. The ENH200 contains an
internal DHCP server that automatically allocates IP address using a user-defined range of IP
addresses.
Dead Spot
An area within the coverage area of a WLAN where there is no coverage or transmission falling
off. Electronic interference or physical barriers such as hills, tunnels, and indoor parking garages
are usually the cause of dead spots. See also coverage area.
802.11
A category of WLAN standards defined by the Institute of Electrical and Electronics Engineers
(IEEE).
802.11a
An IEEE standard for WLANs that operate at 5 GHz, with data rates up to 54 Mbps.
802.11b
An IEEE standard for WLANs that operate at 2.4 GHz, with data rates up to 11 Mbps.
802.11g
An IEEE standard for WLANs that operates at 2.4 GHz, with data rate of 300
Mbps. The new standard also raises the encryption bar to WPA2. The 40 HT
option can be added to increase the data rate.
Encryption
Translates data into a secret code to achieve data security. To read an encrypted file, you must
have a secret key or password for decryption. Unencrypted data is referred to as plain text;
encrypted data is referred to as cipher text
ESS ID
The unique identifier for an ESS. All Access Points and their associated
wireless stations in the same group must have the same ESSID.
Footprint
Geographical areas where an entity is licensed to broadcast its signal.
Gateway
A computer system or other device that acts as a translator between two
systems that use different communication protocols, data formatting
structures, languages, and/or architecture.
HT mode
In the 802.11n system, two new formats, called High Throughput (HT), are
defined for the Physical Layer, Mixed Mode, and Green Field. If a system runs
40 HT, two adjacent 20 MHz channels are used. The larger 40 MHz bandwidth
can provide better transmit quality and speed.
Keys
Like passwords, keys open (decrypt) and close (encrypt) messages.
While many encryption algorithms are commonly known and public, the
key must be kept secret.
LocalArea Network (LAN)
A small data network covering a limited area, such as a building or group of
buildings. Most LANs connect workstations or personal computers. LANs let
many users share devices such as printers as well as data. LANs also facilitate
communication through email or chat sessions.
Media Access Control (MAC) Address
Address associated with every hardware device on the network. Every 802.11
wireless device has its own specific MAC address. This unique identifier is
hardcoded into the device and can be
used to provide security for WLANs. When a network uses a MAC table, only
the 802.11 radios
that have their MAC addresses added to that network's MAC table can access
the network.
Network Address Translation (NAT)
An Internet standard that lets a LAN use one set of IP addresses for internal
traffic and a second set of addresses for external traffic.
Network Time Protocol (NTP)
A protocol that lets devices synchronize their time with a time server. NTP uses
TCP or UDP port
123 by default.
Passphrase
A text string that automatically generates WEP keys on wireless client adapters.
Power Over Ethernet (PoE)
A PoE provides power to PoEenabled devices using an 8pin CAT 5 Ethernet
cable, eliminating the need for a power source.
Preamble
Synchronizes transmissions in a WLAN. The preamble type defines the
length of the Cyclic Redundancy Check block for communication between a
device and roaming wireless stations. Protected Extensible
Authentication Protocol (PEAP)
Authentication protocol of IEEE 802.1x used to send authentication data and
passwords over
802.11 WLANs.
Quality of Service (QoS)
A networks ability to deliver data with minimum delay. QoS also refers
to the networking methods used to provide bandwidth for realtime
multimedia applications.
Remote Authentication DialIn User Service (RADIUS)
Networking protocol that provides centralized authentication, authorization,
and accounting management for computers to connect and use a network
service. Because of its broad support and ubiquitous nature, the RADIUS
protocol is often used by ISPs and enterprises to manage access to the
Internet or internal networks, WLANs, and integrated email services.
Service Set Identifier (SSID)
Name of a WLAN. All wireless devices on a WLAN must use the same SSID to
communicate with each other.
Simple Network Management Protocol (SNMP)
An Internetstandard protocol for managing devices on IP networks.
Snooping
Passively watching a network for data, such as passwords, that can be used to
benefit a hacker.
Temporal Key Integrity Protocol (TKIP)
An encryption protocol that uses 128bit keys. Keys are dynamically generated
and distributed by the authentication server. TKIP regularly changes and
rotates encryption keys, with an encryption key never being used twice.
Transmission Control Protocol/Internet Protocol (TCP/IP)
A protocol that allows communications over and between networks. TCP/IP is
the basis for
Internet communications.
Weighted Fair Queuing (WFQ)
WFQ services queues are based on priority and queue weight. Queues with
larger weights get more service than queues with smaller weights. This highly
efficient queuing mechanism divides available bandwidth across different
traffic queues.
Wired Equivalent Privacy (WEP)
Security protocol that provides a WLAN with a level of security and privacy
comparable to that of a wired LAN. WEP encrypts data sent between wired and
WLANs to keep transmissions private. Wireless LocalArea Network
(WLAN)
WLANs use RF technology to send and receive data wirelessly in a certain area.
This lets users in a small zone send data and share resources such as printers
without using cables to physically connect each computer.
WiFi Protected Access (WPA )
A subset of the IEEE 802.11i standard. WPA applies IEEE 802.1x and Extensible
Authentication Protocol (EAP) to authenticate wireless clients using an external
RADIUS database. WPA uses Temporal Key Integrity Protocol (TKIP), Message
Integrity Check (MIC), and IEEE 802.1x to encrypt data. See also WPAPSK
(WPA PreShared Key).
WiFi MultiMedia (WMM)
Part of the IEEE 802.11e QoS enhancement to the WiFi standard that
ensures quality of service for multimedia applications in WLANs.
Wireless Client Supplicants
Software that runs on an operating system, instructing the wireless client how
to use WPA.
WPA PreShared Key (WPAPSK)
WPAPSK requires a single (identical) password entered into each Access
Point, wireless gateway, and wireless client. A client is granted access to a
WLAN if the passwords match.
WPA2
A wireless security standard that defines stronger encryption, authentication,
and key management than WPA. It includes two data encryption algorithms,
Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard
(AES), in the Counter mode with Cipher block chaining Message
authentication Code Protocol (CCMP).
Wireless Distribution System (WDS)
A technology that lets Access Points communicate with one another to extend
the range of a
WLAN.
Appendix D FCC Interference Statement
Federal Communication Commission
Interference Statement
This equipment has been tested and found to comply with the limits for a Class
B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed
to provide reasonable protection against harmful interference in a residential
installation. This equipment generates, uses and can radiate radio frequency
energy and, if not installed and used in accordance with the instructions, may
cause harmful interference to radio communications. However, there is no
guarantee that interference will not occur in a particular installation. If this
equipment does cause harmful interference to radio or television reception,
which can be determined by turning the equipment off and on, the user is
encouraged to try to correct the interference by one of the following
measures:
This device complies with Part 15 of the FCC Rules. Operation is subject to
the following two conditions: (1) This device may not cause harmful
interference, and (2) this device must accept any interference received,
including interference that may cause undesired operation.
IMPORTANT
NOTE:
FCC Radiation Exposure
Statement:
This equipment complies with FCC radiation exposure limits set forth for an
uncontrolled environment. This equipment should be installed and operated
with minimum distance 20cm between the radiator & your body.