View
194
Download
1
Category
Preview:
Citation preview
Gestione WiFi centralizzata
Configurare la modalità ENSEMBLE
Andrea RossiSenior System Engineer
andrea.rossi@netgear.com
Formazione Online
2
QUAD MODE WIRELESS MANAGEMENT
3
QUAD MODE WIRELESS MANAGEMENT
Ensemble Management for support of up to 10 Access Points in a single cluster
Introducing
High performance Business Grade Dual Band 802.11ac Wireless Access Point for Small and Medium Enterprise
with aggregated throughput up to 1.7 Gbps
WAC730 - 450 Mbps for 2.4 GHz and 1.3 Gbps 802.11ac for 5 GHz
WAC720 - 300 Mbps for 2.4 GHz and 867 Mbps 802.11ac for 5 GHz
Designed for;
• Small and Medium enterprises
• K-12 schools requiring gigabit throughput for multimedia applications
• Hospitalities requiring high capacity and superior wireless performance
• Manufacturing and retail stores requiring complete wireless coverage
WAC720 is WC7600/WC9500 and Business Central Wireless Cloud Manager ready.
WAC730 3x3 and WAC720 2x2 Dual Band
802.11ac Access Points
WAC730 WAC720
(Q1 2016)
EnsembleAnd IP management
Management IP (MIP)
Centralized management of up to 10 Access Points without the
need of separate wireless controller.
Because the access point is Business Central Cloud ready, the DHCP client is
On by default. This means that the AP will request an IP address from your
DHCP server and may be tricky to find.
However, we have incorporated a solution in the AP’s software. We have enabled
“Bonjour” advertising by default so that you can find the access point in you
network even if the IP address is not known.
Bonjour is a software feature that allows the wireless access point and its
services to be discovered via mDNS (multicast DNS), the component advertises
to the network and responds to queries from supported clients (mainly
Macintosh.)
When a new Bonjour-enabled AP is attached to the network, any bonjour client
can discover and access any of the service available on the AP.
DHCP enabled
Connecting the AP to the network.
The Bonjour service can be deactivated/activated from “Configuration / System / Bonjour
Using bonjour
On an Apple computer start the browser Safari.
Go to “Safari/Preferences”
Using bonjour
On an Apple computer start the browser Safari.
Go to “Safari/Preferences” and, under “Advanced,” check the “ include Bonjour in Bookmarks & Favorites.”
Using bonjour
On an Apple computer start the browser Safari.
Go to “Safari/Preferences” and, under “Advanced,” check the “ include Bonjour in Bookmarks & Favorites.”
Now we can head to the “Bookmarks” and then “Bonjour.”
NOTE:
At the time these materials were being
prepared the “Bonjour” name that was
advertised is “wap668800,” but this field
will display the host name of the access
point “netgearxxxxxx” where “xx=last 3
values of the MAC address
Click on the access point.
Using bonjour
On an Apple computer start the browser Safari.
Now we can login and start managing our access point.
Now we can head to the “Bookmarks” and then “Bonjour.” Click on the access point.
Another way to find the AP is to make note of the AP’s MAC address.
Using bonjour
And issue an “arp –a” from a command prompt, on a PC, or from “Terminal” on a Mac.
NOTE:
The computer in which you are checking the “arp”
cache, as shown here, must have the record of
the AP at the time that it requested an address.
Otherwise it will not show up.
Unplugging and reconnecting the AP to the
network should initiate the discovery broadcast
which will populate the arp cache.
50:6a:03:80:34:af
AP #1 (Dominant AP)
172.31.99.8
Once you identify the IP address of the access points, login into the
AP that you want to use as the dominant device of the Ensemble.
I have 4 APs that I wish to Ensemble on my LAN. Their addresses
range from 172.31.99.8 to 172.31.99.11.
I choose the AP with the IP address 172.31.99.8 to be the
dominant AP..
The default password is “password.”
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
Dashboard
Ensemble Dashboard
Dashboard
172.31.99.8
AP #1 (Dominant AP)
Configuration Monitoring Maintenance Support
System Dashboard Wireless Stations Rogue AP Logs Statistics Packet Capture Ensemble
Click on “Configuration.”
You will land on the “Dashboard” page.
This page displays a summary of the clients that have
connected over time and their traffic patterns.
Moving the mouse over the chart will bring you details for
that particular time.
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
Configuration Monitoring Maintenance Support
System Dashboard Wireless Stations Rogue AP Logs Statistics Packet Capture Ensemble
General
Access Point Name
Country / Region
ApplyCancelBasic
General
Time
Advanced
Configuration Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble Captive Portal
?
ensemble1
ApplyCancel
172.31.99.8
AP #1 (Dominant AP)
Give the AP a name that you will easily remember.
Let’s call this AP “ensemble1.”
And then carefully select the “Country / Region.”
US – United States
After applying these settings Click on “Ensemble.”
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
ensemble1
Ch
am
be
r
StopStart
Basic
General
Time
Advanced
Ensemble General ApplyCancel
Configuration Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble Captive Portal
?
ApplyCancel
Ensemble Name
AP Name
Priority (0 – 255)
Ensemble Mode
default
ensemble1
0
Chamber
255
ensemble1
Chamber
255
Basic
Ensemble General
Management
Secured Ensemble
Advanced
172.31.99.8
AP #1 (Dominant AP)
“Ensemble” works by matching a unique identifier which
must be common to all of the access points that you
want sharing in the configuration.
In this case I will call this Ensemble group “Chamber”
The access points that get configured with the same
Ensemble identifier will commence an election process for
dominance, all things being equal a dominant AP will be
determined by the lowest MAC address.
However we have the option to make this AP the dominant
agent by entering a high priority value.
In a case where the “next-standing” dominant AP fails we
could give other access points “graded” values to assign an
order for assuming dominance over the group.
NOTE:
The dominant AP will distribute its configuration to all standing
members of the Ensemble.
In the event that the “Dominant” AP fails, this duty will go to the
next ranking priority member, as stipulated by its MAC address
in combination with the value entered in the priority field.
This value serves as a tie-breaker and pretty much guarantees
predictable priority ranking among the Ensemble members.
After entering a value click on “Start” and then “Apply.”
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
ensemble1
Ch
am
be
r
Basic
Ensemble General
Management
Secured Ensemble
Advanced
Configuration
Basic
Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble
Ensemble General
ApplyCancel
Management
Secured Ensemble
Captive Portal
Started
Ensemble General
IP Address to manage Ensemble (IPv4)
ApplyCancel
Ensemble Status
172.31.99.60
Advanced
172.31.99.8
AP #1 (Dominant AP)
One of the most convenient aspects of “Ensemble” is the fact that it is
possible to “address” the group (regardless of which AP is currently
dominant) by using a single additional IP address.
Simply assign an available IP address from the LAN on this field.
You only need to do this on the “dominant” AP.
Click on “Secure Ensemble.”
NOTE:
The AP’s own IP address will remain unchanged.
This AP will, in fact, respond to two different IP
addresses.
If you were to “arp –a” you will get two IP addresses
from this AP’s MAC address.
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
In the case where the standing dominant AP fails this “Ensemble-address 172.31.99.60” will be used by the “next-standing-dominant-AP.”
ensemble1
Ch
am
be
r
Secured Ensemble
Secure Mode
Passphrase (8-63 characters)
DisabledEnabled
Re-authentication Timeout (300-8600 secs)
Ensemble Status Started
Basic
Ensemble General
Management
Secured Ensemble
Advanced
Basic
Ensemble General
Management
Secured Ensemble
Advanced
Configuration Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble
ApplyCancel
Captive Portal
ApplyCancel
300
descartes
172.31.99.8
AP #1 (Dominant AP)
If you don’t want the “configuration data” to be
readable by others as it traverses the network, all
you have to do is enter a password and enable
“Secure Mode.”
NOTE:
You MUST enter the same password on all
the access points that you want to have as
members of a particular Ensemble.
The Re-authentication time must also match.
Be mindful of the notice that appears when
you click “Apply.”
The notice basically states that if you have different sets of Ensembles using the same Ensemble name but different passphrases they will
not be aware of each other because the messages that propagate the configurations will have different encryption …but there is the
possibility that the IP address that was set on the previous step could somehow be shared by all the subset ensembles using the same
name, which would not be a good thing. So please make sure that there is no IP conflicts.
Best practice is to give each ensemble a unique name.
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1
Ch
am
be
r
Secured Ensemble
Secure Mode
Passphrase (8-63 characters)
DisabledEnabled
Re-authentication Timeout (300-8600 secs)
Ensemble Status Started
Basic
Ensemble General
Management
Secured Ensemble
Advanced
Basic
Ensemble General
Management
Secured Ensemble
Advanced
Configuration Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble
ApplyCancel
Captive Portal
ApplyCancel
300
descartes
172.31.99.8
AP #1 (Dominant AP)
The configuration for the remaining APs consists only of the name of
the “Ensemble” and the “Secure Ensemble” Passphrase.
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1
AP #2 (non-dominant )
Ch
am
be
r
172.31.99.9
Login to the next access point that you want to use in the Ensemble “Chamber.”
This “non-dominant” AP is found at 172.31.99.9
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1
Ch
am
be
r
Dashboard
Ensemble Dashboard
Dashboard
172.31.99.9
AP #1 (Dominant AP)
As on the previous AP, you will land on the “Dashboard.”
Click on “Configuration.”
Configuration Monitoring Maintenance Support
System Dashboard Wireless Stations Rogue AP Logs Statistics Packet Capture Ensemble
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1
Ch
am
be
r
Configuration Monitoring Maintenance Support
System Dashboard Wireless Stations Rogue AP Logs Statistics Packet Capture Ensemble
General
Access Point Name
Country / Region
ApplyCancelBasic
General
Time
Advanced
Configuration Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble Captive Portal
?
ensemble2
ApplyCancel
172.31.99.9
AP #1 (Dominant AP)
I am going to give this AP the name “ensemble2.”
Followed by the “Country / Region.”US – United States
After applying these settings Click on “Ensemble.”
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1 ensemble2
Ch
am
be
rC
ha
mb
er
StopStart
Basic
General
Time
Advanced
Ensemble General ApplyCancel
Configuration Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble Captive Portal
?
ApplyCancel
Ensemble Name
AP Name
Priority (0 – 255)
Ensemble Mode
default
ensemble2
0
Chamber
200
ensemble2
Chamber
200
Basic
Ensemble General
Management
Secured Ensemble
Advanced
172.31.99.9
AP #1 (Dominant AP)
We are joining this AP to our Ensemble-group
“Chamber.”
We gave our previous AP the highest possible priority value of 255 to make sure it is elected dominant by
the ensemble.
I want this AP to be the “next dominant” access point in this group. Which is to say that if “ensemble1” fails
“ensemble2” will take on the roll. I will give it the value of 200
After entering our value click on “Start” and then “Apply.”
We don’t need to go into management since we already have a dominant AP in the “Ensemble.”
We can go directly to “Secured Ensemble” to set our passphrase.
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1 ensemble2
Ch
am
be
rC
ha
mb
er
Secured Ensemble
Secure Mode
Passphrase (8-63 characters)
DisabledEnabled
Re-authentication Timeout (300-8600 secs)
Ensemble Status Started
Basic
Ensemble General
Management
Secured Ensemble
Advanced
Configuration Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble
ApplyCancel
Captive Portal
ApplyCancel
default
300
descartes
Basic
Ensemble General
Management
Secured Ensemble
Advanced
172.31.99.9
Once the passphrase is set the AP will be able to interpret
the “Ensemble data” that our dominant AP is broadcasting
and will learn the name of the other members of the
ensemble…. Until then, the APs would be on separate
Ensembles.. Even if they had the same name.
AP #2 (non-dominant )
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1 ensemble2
Secured Ensemble
Secure Mode
Passphrase (8-63 characters)
DisabledEnabled
Re-authentication Timeout (300-8600 secs)
Ensemble Status Started
Basic
Ensemble General
Management
Secured Ensemble
Advanced
Configuration Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble
ApplyCancel
Captive Portal
ApplyCancel
default
300
descartes
Basic
Ensemble General
Management
Secured Ensemble
Advanced
172.31.99.9
Once the passphrase is set the AP will be able to interpret
the “Ensemble data” that our dominant AP is broadcasting
and will learn the name of the other members of the
ensemble. Until then, the APs would be on separate
Ensembles.. Even if they had the same name.
Ch
am
be
r
Ch
am
be
rC
ha
mb
er
Different passphrases..
172.31.99.8 172.31.99.9
172.31.99.20 172.31.99.21
172.31.99.60
172.31.99.80
172.31.99.10 172.31.99.11
If we made two Ensembles using
the same name
But we use a different passphrase...
…the rest of the member will not be
aware of any other “Dominant”
devises other-than-those with
identical settings.
Secured Ensemble
Secure Mode
Passphrase (8-63 characters)
DisabledEnabled
Re-authentication Timeout (300-8600 secs)
Ensemble Status Started
Basic
Ensemble General
Management
Secured Ensemble
Advanced
Configuration Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble
ApplyCancel
Captive Portal
ApplyCancel
default
300
descartes
Basic
Ensemble General
Management
Secured Ensemble
Advanced
172.31.99.9
Once the passphrase is set the AP will be able to interpret
the “Ensemble data” that our dominant AP is broadcasting
and will learn the name of the other members of the
ensemble. Until then, the APs would be on separate
Ensembles.. Even if they had the same name.
Ch
am
be
r 172.31.99.20 172.31.99.21
172.31.99.60
172.31.99.80
If we made two Ensembles using
the same name
But we use a different passphrase...
…the rest of the member will not be
aware of any other “Dominant”
devises other-than-those with
identical settings.
Ch
am
be
rC
ha
mb
er
Ch
am
be
r 172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1 ensemble2 ensemble3 ensemble4
You will need to configure each AP with the same “Ensemble” name and passphrase in
order to get them to join the ensemble “Chamber.”
Ensemble
CONDITIONS :
All the access points and the Management IP
address must be on the same L2 network.
All AP’s in the same cluster must be of the
same model.
All AP’s in the same cluster must have same
country code.
All AP’s in the same cluster must have the
same security passphrase.
Once “Ensemble mode” is enabled there will
be an election process.
The priority field will help determine the
Dominant AP.
All things being equal, the lowest MAC AP will
be elected as the dominant AP.
This AP will also respond to the “Management
IP” address.
Any and all configurations made to the
dominant AP (regardless of which IP address
is used to reach the GUI) will be pushed to the
rest of the APs in the Ensemble.
Any configuration made to other APs through
their management interfaces will be lost as
soon as the revision is made and the
dominant’s AP configuration is re-instated to
the Ensemble
Connectivity:
Discovery packets are transmitted every 10 seconds to determine if a configuration
synchronization is required.
An AP will PERMANENTLY be dropped out of an Ensemble if it loses connectivity to the
other APs in the group for 1 minute (AP does not get a discovery packet for 60
seconds.)
If an AP loses connectivity and joins the cluster again before the AP is dropped from the
cluster, any configuration changes that occurred during the loss of connectivity will be
propagated to it once connectivity resumes.
When two disjoint Ensembles (whether because of passphrase or name) are joined for
the first time, the Ensemble with the greater number of members becomes the dominant
Ensemble. The configuration on the dominant Ensemble overwrites the configuration of
the other cluster members.
Ch
am
be
r
26
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1 ensemble2 ensemble3 ensemble4
Ensemble Shared Data Data NOT shared
SSID IP local address
Wireless Security Access Point Names
Guest Access Settings Channel Information
NTP Settings Advanced Wireless Settings
Radio Settings VLAN
Network Security Settings Packet Capture
Quality of Service Settings
Access Lists
Username and Password
Shared DATA:
The APs will synchronize a great deal of data, but not all..
When you think about the fact that all the members of an Ensemble must be on the same layer 2 environment it makes sense why things like
VLANs are not shared.
The advanced wireless settings are such, that you want to configure that on a per AP basis anyway, like the beacons and RTS thresholds..
Ch
am
be
r
27
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
172.31.99.60
ensemble1 ensemble2 ensemble3 ensemble4
Now we can login to the Ensemble using our management IP address.
Ch
am
be
r
172.31.99.60
Use the “Management” IP address and login to the
“Ensemble.”
The password will be the password that was set on the
“dominant” AP at the time the AP was configured as
the dominant AP of the ensemble.
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
Ensemble “Chamber.”
172.31.99.60
ensemble1 ensemble2 ensemble3 ensemble4
Configuration
Dashboard
Monitoring Maintenance Support
Ensemble Dashboard
System Dashboard Wireless Stations Rogue AP Logs Statistics Packet Capture Ensemble
Current Usage –Top Access Point
# Clients TrafficC
ha
mb
er
172.31.99.60
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
Ensemble “Chamber.”
172.31.99.60
ensemble1 ensemble2 ensemble3 ensemble4
33.3%
66.7% 92.5%
7.5%
Total Ensemble Members now : 2
Total clients in Ensemble now: 3
Ensemble info
Version 1.1.10.4
AP Uptime: 1 days, 4 hours, 15 minutes
Ensemble info
System name : ensemble 1IP:172.31.99.8
Usage of Last 24 Hours
Ensemble 1
Ensemble 2
The little Dot tells me that there
are 3 clients currently
connected.
You will land on the Dashboard of the Ensemble.
Here you can see the total number of member APs
and how many clients each AP has.
You can see who the dominant AP is etc.
Ch
am
be
r
Basic
Configuration Monitoring Maintenance Support
Channel Assignment
Advanced
ApplyCancel
Channel Assignment
Channel Assignment
System IP Wireless Bridge Security Ensemble Captive Portal
Auto Assign Channels
Ensemble Status
Settings
172.31.99.60
Started
IP Address
172.31.99.9
172.31.99.9
172.31.99.8
172.31.99.8
Radio
50:6A:03:80:5C:F0
50:6A:03:80:5C:F0
50:6A:03:80:34:B0
50:6A:03:80:34:B0
Band
11a-na-ac
11bgn
11a-na-ac
11bgn
Channel
100
1
36
6
Status
up
up
up
up
Proposed Channel Assignments
IP Address Radio Proposed Channel
StopStart Refresh
172.31.99.8 172.31.99.9 172.31.99.10 172.31.99.11
Ensemble “Chamber.”
172.31.99.60
ensemble1 ensemble2 ensemble3 ensemble4
While in Ensemble mode, every menu
will have an “Ensemble” link.
Let’s start with Configuration / Advanced
/ Ensemble and under “Channel
Assignment” we can see if the system
currently allocated channels and if it has
any proposals to change channels.
Configuration
Basic
Monitoring Maintenance Support
System IP Wireless Bridge Security Ensemble
Channel Assignment
Advanced
ApplyCancel
Channel Assignment
Channel Assignment
Captive Portal
Channel interference
ApplyCancel
Ensemble Status
Settings
172.31.99.60
Started
Channel Selection Interval (minutes)
75% 1 Day
Ensemble “Chamber.”
Related to the channel assignment
under the settings we can determine
how much interference is acceptable
before changing the channels.. we
can also determine how often these
changes can be made.
Simple and effective.
Ensemble assigns different radio channels to be used by the ensemble APs to reduce mutual interference or interference with neighboring AP’s outside of the group It maps APs
to a radio channel and measures any interference levels in the continuously.
If RF interference is detected, Ensemble automatically re-assigns some (or all) of the APs to new channels as per an efficiency algorithm.
The frequency of these channel re-assignments is user configurable with a default value of once a day.
Ensemble uses the signal strength and operating channel of any detected AP as a means to find the optimal channel to use with the goal to reduce the aggregate interference in
the wireless neighborhood.
The previous channel assignment is stored for use in case the interference reduction using the new algorithm is higher than a particular threshold. Channel re-assignment must
be evaluated between dynamic channel change and frequency of channel change.
Configuration
Access Point
Monitoring Maintenance Support
Wireless Stations
Wireless Neighborhood
172.31.99.60
System Dashboard Wireless Stations Rogue AP Logs Statistics Packet Capture Ensemble
Ensemble “Chamber.”
Under monitoring / Ensemble you can see the member APs and some of their operating parameters.
Access PointWireless Stations
AP Name MAC Address IP Address Ensemble Priority Master AP Firmware version Uptime Status
ensamble1 50:6A:03:80:34:AF 172.31.99.8 255 yes 1.1.10.4 1 100
ensamble2 50:6A:03:80:5C:EF 172.31.99.9 200 no 1.1.10.4 11 149
**NOTE: This table takes few minutes to get updated..
2.4 GHZ 5Ghz
1 days 1 hours 1 minute Connected
3 days 6 hours 1 minute Connected
Configuration
Access Point
Monitoring Maintenance Support
Wireless Stations
Wireless Stations
Wireless Neighborhood
172.31.99.60
System Dashboard Wireless Stations Rogue AP Logs Statistics Packet Capture Ensemble
AP Name Station MAC Station Idle Time Rate RSSI Tx Bytes RX Bytes Error Rate
ensamble1 AC:FD:CE:E5:B3:E8 0 196 78 9615652 9412365 0
ensamble2 30:3A:64:CF:CC:F9 0 326 67 654648 6546555 0
**NOTE: Maximum of 20 clients per radio of each AP will be displayed. To view all clients, please access individual AP.
Ensemble “Chamber.”
NOTE:
When accessing the Ensemble “Stations” page on the GUI, a maximum of 20 clients
are reported per radio. To see all the associated clients with a specific AP, access the
Client Associations web page of that AP directly.
Configuration
Access Point
Monitoring Maintenance Support
Wireless Neighborhood
Wireless Stations
Wireless Neighborhood
172.31.99.60
System Dashboard Wireless Stations Rogue AP Logs Statistics Packet Capture Ensemble
Ensemble “Chamber.”
Wireless Neighborhood lets you see nearby
SSIDs and how “Hot” they are with respect to
each Ensemble member.
The darker the color.. the hotter the signal.
Configuration
Firmware Upgrade
Monitoring Maintenance Support
Member selection
Firmware Upgrade TFTP
172.31.99.60
Password Reset Remote Management Upgrade Ensemble Upgrade
ApplyRefresh
Members
1
2
IP Address
172.31.99.8
New Firmware Image:
Master AP
yes
no
Firmware Version
1.1.10.4
1.1.10.4
Firmware-transfer status
none
none
MAC Address
50:6A:03:80:5C:EF
50:6A:03:80:34:AF
Browse No file selected
Upgrade
Caution: Uploading the new firmware may take several minutes. Please do not refresh the page or navigate to another page while
uploading the new firmware, or the firmware upload will be aborted. When the process is complete the access point will restart and
resume normal operation.:
Ensemble “Chamber.”You can update all the APs in the Ensemble from the
“Maintenance / Ensemble Upgrade page.
Click the members you want to upgrade and then
“Apply.”
Then browse to the file and click “Upgrade”
172.31.99.9
Browse
1
2
4
3
This will start the upgrade locally on each AP please don’t interrupt the process.
Configuration
Firmware Upgrade
Monitoring Maintenance Support
Member selection
Firmware Upgrade TFTP
172.31.99.60
Password Reset Remote Management Upgrade Ensemble Upgrade
ApplyRefresh
Members
1
2
IP Address
172.31.99.9
New Firmware Image:
Master AP
no
yes
Firmware Version
1.1.10.4
1.1.10.4
Firmware-transfer status
up
up
MAC Address
50:6A:03:80:5C:EF
50:6A:03:80:34:AF
Upgrade
Caution: Uploading the new firmware may take several minutes. Please do not refresh the page or navigate to another page while
uploading the new firmware, or the firmware upload will be aborted. When the process is complete the access point will restart and
resume normal operation.
Server IP:
(Range: 1 – 128 Characters)
(xxx.xxx.xxx.xxx)
Ensemble “Chamber.”
Same concept if you wish to upgrade the APs using TFTP
1
2
4
Type the file name and the server
address where is located.3
Captive portal
37
38
Captive Portal
Profile Settings
User Configuration
Web Customization
Upload Logo
Web Customization ApplyCancel
Configuration Monitoring Maintenance Support
ApplyCancel
Captive Portal Web Locale
Captive Portal Web Locale Parameters
We have introduced captive portal into the AP.
Until now this feature was reserved for
“Controllers” or the “Cloud Wireless Manager.”
Initially you must select “Create” to design your
captive portal.
Create
System IP Security Wireless Bridge Ensemble Captive Portal
39
Captive Portal
Profile Settings
User Configuration
Web Customization
Upload Logo
Web Customization ApplyCancel
Configuration Monitoring Maintenance Support
ApplyCancel
Captive Portal Web Locale
Captive Portal Web Locale Parameters
Create
Web Locale Name
Captive Portal Instances
NETGEAR
NETGEAR-1
OMHRA
Give the “locale” (portal) a name and choose an
instance.
This instance will later be –selected- when you
set it up on the “wireless security /profile
settings”
There are two instances that can be used when
employing Captive portal
System IP Security Wireless Bridge Ensemble Captive Portal
40
Captive Portal
Profile Settings
User Configuration
Web Customization
Upload Logo
Cancel
Configuration Monitoring Maintenance Support
ApplyCancel
Captive Portal Web Locale
Captive Portal Web Locale Parameters
OMHRA
Instance Name
Logo Image Name
NETGEAR
logo.jpg
Browser Title Captive Portal
Browser Content Welcome to the Wireless
Network.
Content To start using this service, enter
your credentials and click the
connect button.
Acceptance Use Policy Acceptance Use Policy
Welcome Title Congratulations!
Welcome Content You are authorized and
connected!
Delete Locale
This is the instance (of two) that is selected for
this Portal layout.
Not to exceed 5KB in size.
This will appear on the title bar of the browser.
This is the text that will appear on the body of
the page.
Pop box title, notifying you that your credentials
worked.
Instructions that will appear on the portal page.
If you want to enter into an agreement with the
portal users, enter your text here.
Deletes everything about this Locale
Enter the text you want the permitted user to see
once authentication has occurred.
You may edit the look of the portal in all the
usual ways.
When you are done click “Apply”
Web Customization
System IP Security Wireless Bridge Ensemble Captive Portal
41
Captive Portal
Profile Settings
User Configuration
Web Customization
Upload Logo
ApplyCancel
Configuration Monitoring Maintenance Support
Captive Portal User Name
User List
Tiberious
You will need users for the captive portal.
Type their user name and click apply.
Edit ApplyCancelUser Configuration
System IP Security Wireless Bridge Ensemble Captive Portal
42
Captive Portal
Profile Settings
User Configuration
Web Customization
Upload Logo
User Configuration ApplyCancel
Configuration Monitoring Maintenance Support
Captive Portal User Name
User List
Now select the user and click on edit.
Tiberious
Edit ApplyCancel
You will need users for the captive portal.
Type their user name and click apply.
Tiberious
Edit
System IP Security Wireless Bridge Ensemble Captive Portal
In megabits per second.
43
Captive Portal
Profile Settings
User Configuration
Web Customization
Upload Logo
User Configuration ApplyCancel
Configuration Monitoring Maintenance Support
User Name
Away Time (0 – 1440 minutes)
DeleteBack
Tiberious
Max Bandwidth Upstream
Max Bandwidth Downstream
User Password *********
0
0
0The amount of time a user remains in the
Captive Portal authenticated client list, after
the user disassociates from the AP.
Enter the Password for the user (8-64 char.)
ApplyCancelDeleteBack
System IP Security Wireless Bridge Ensemble Captive Portal
44
DisableEnable
Captive Portal
Profile Settings
User Configuration
Web Customization
Upload Logo
Captive Portal ApplyCancel
Configuration Monitoring Maintenance Support
ApplyCancel
Captive Portal
Finally, enable the “Captive Portal” service.
Now we must add the captive portal profile to
one of our SSIDs.
System IP Security Wireless Bridge Ensemble Captive Portal
45
Profile Settings
Advanced
Profile settings – 802.11 bg/ng/bgn ApplyCancel
Configuration Monitoring Maintenance Support
System IP Security Wireless Bridge Ensemble Captive Portal
Under security select the SSID where you
want to use Captive Portal.
Profile settings – 802.11 a.na-ac/a-na-ac
Profile Name SSID Security VLAN Enable WMF-Enable
Profile Name SSID VLAN Enable WMF-Enable
#
#
Netgear NOOOOO WPA-PSK & WPA2-PSK 10
Security
Netgear NOPE WPA-PSK & WPA2-PSK 10
Netgear NETGEAR_11ng-1 Open System 10
Netgear NETGEAR_11ac-1 Open System 10
Netgear NETGEAR_11ng-2 Open System 10
Netgear NETGEAR_11ac-2 Open System 10
Netgear NETGEAR_11ng-3 Open System 10
Netgear NETGEAR_11ac-3 Open System 10
Netgear NETGEAR_11ng-4 Open System 10
Netgear NETGEAR_11ac-4 Open System 10
Netgear NETGEAR_11ng-5 Open System 10
Netgear NETGEAR_11ac-5 Open System 10
Netgear NETGEAR_11ng-6 Open System 10
Netgear NETGEAR_11ac-6 Open System 10
Edit ApplyCancelEdit
46
Profile Settings
Advanced
Edit Security Profile ApplyCancel
Configuration Monitoring Maintenance Support
System IP Security Wireless Bridge Ensemble Captive Portal
At the bottom of the familiar settings we can
find the Captive portal selector.
Choose the profile you want.
Edit ApplyCancelBack
Profile Definition
Wireless Network Name (SSID)
Profile Name NETGEAR
NOPE
NoYesBroadcast Wireless Network Name (SSID)
Authentication Settings
Qos Policies
Captive Portal
Network Authentication
Data Encryption
********WPA Passphrase (Network Key)
NoYesShow Passphrase in Clear Text
WPA-PSK & WPA2-PSK
TKIP + AES
1VLAN ID
NONE NONE
0 0
Incoming OutgoingApply policy
Policy Details
Bandwidth Limit (bits per second)
NETGEAR
NETGEAR-1
Profile Name
NETGEAR
47
Profile Settings
Advanced
Edit Security Profile ApplyCancel
Configuration Monitoring Maintenance Support
System IP Security Wireless Bridge Ensemble Captive Portal
Edit ApplyCancelBack
Profile Definition
Wireless Network Name (SSID)
Profile Name NETGEAR
NOPE
NoYesBroadcast Wireless Network Name (SSID)
Authentication Settings
Qos Policies
Captive Portal
Network Authentication
Data Encryption
********WPA Passphrase (Network Key)
NoYesShow Passphrase in Clear Text
WPA-PSK & WPA2-PSK
TKIP + AES
1VLAN ID
NONE NONE
0 0
Incoming OutgoingApply policy
Policy Details
Bandwidth Limit (bits per second)
NETGEARProfile Name
At the bottom of the familiar settings we can
find the Captive portal selector.
Choose the profile you want.
And click apply.
48
After associating to the SSID, upon attempting navigation,
you will be prompted for your user name.
Tiberious
Check the agreement and click “Connect.”
49
After associating to the SSID, upon attempting navigation,
you will be prompted for your user name.
Check the agreement and click “Connect.”
Now you are free to use the network Taking advantage of all
the great benefits of 802.11ac.
Recommended