3e Technologies International QVT-531AP User manual

Wireless Access Point

User's Guide

Model 3e-531AP

3e Technologies International

700 King Farm Blvd., Rockville, MD 20850

(301) 670-6779 www.3eti.com

29000125-001 C

publ. 09/29/04

This page intentionally left blank.

3e Technologies International's

Wireless Access Point

User's Guide

Model 3e-531AP

3e Technologies International

700 King Farm Blvd.

Rockville, MD 20850

(301) 670-6779 www.3eti.com

Safety Requirements

•

If AC power will be used, the socket outlet

shall be installed near the equipment and

shall be easily accessible.

•

CAUTION: Risk of explosion if battery is

replaced by an incorrect type. DIspose of

used batteries according to the instructions.

•

External Power to Earth (PE) or ground

connector must be connecetd  rst and shall

always be connected if power is applied to

the unit.

may be reproduced in any form or by any means or to make any derivative work (such as translation,

transformation, or adaptation) without written permission from 3e Technologies International.

3e Technologies International reserves the right to revise this documentation and to make changes in

content from time to time without obligation on the part of 3e Technologies International to provide

noti cation of such revision or change.

3e Technologies International provides this documentation without warranty, term or condition

of any kind, either implied or expressed, including, but not limited to, the implied warranties,

terms, or conditions of merchantability, satisfactory quality, and  tness for a particular purpose.

3e Technologies International may make improvements or changes in the product(s) and/or the

program(s) described in this documentation at any time.

If there is any software or removable media described in this documentation, it is furnished under a

license agreement included with the product as a separate document, in the printed documentation,

or on the removable media in a readable  le such as license.txt or the like. If you are unable to locate a

copy of the license, contact 3e Technologies International and a copy will be provided to you.

___________________________________

UNITED STATES GOVERNMENT LEGEND

If you are a United States Government agency, then this documentation and the product described

herein are provided to you subject to the following:

All technical data and computer software are commercial in nature and developed solely at private

expense. Software is delivered as “Commercial Computer Software” as de ned in DFARS 252.227-

7014 (June 1995) or as a “commercial item” as de ned in FAR 2.101(a) and as such is provided with

only such rights as are provided in 3e Technologies International’s standard commercial license for

the software. Technical data is provided with limited rights only as provided in DFAR 252.227-7015

(Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable. You agree not to remove or deface

any portion of any legend provided on any licensed program or documentation contained in, or

delivered to you in conjunction with, this User Guide.

___________________________________

3e Technologies International and the 3e Technologies International logo are registered trademarks.

Windows is a registered trademark of Microsoft Corporation. Palm and Palm OS are registered

trademarks of Palm, Inc. PRISM is a registered trademark of Intersil Corporation. Samsung, CC&C

and Senao are registered trademarkes of their companies respectively.

Any other company and product name mentioned herein is a trademark of the respective company

with which they are associated.

EXPORT RESTRICTIONS

This 3e Technologies International product contains encryption and may require U.S. and/or local

government authorization prior to export to another country.

29000125-001 C

iii

3e-531AP Wireless Access Point

Table of Contents

Chapter 1: Introduction

...............................................................

....................................

1

Basic Features

...............................................................

..............................................

2

Wireless Basics

...............................................................

.............................................

3

802.11b

...............................................................

........................................................

3

Network Con guration

...............................................................

...........................

4

Access Point Con gurations

...............................................................

...................

4

Possible AP Topologies

...............................................................

..........................

4

Gateway Con gurations

...............................................................

.........................

5

Bridging Mode

...............................................................

..........................................

6

Default Con guration

...............................................................

..............................

6

Data Encryption and Security

...............................................................

...................

6

SSID

...............................................................

............................................................

7

AES and 3DES

...............................................................

...........................................

7

Dynamic Key Management

...............................................................

....................

7

Authentication

...............................................................

..........................................

7

DHCP Server and NAT

...............................................................

............................

8

Operator Authentication and Management

........................................................

8

Management

...............................................................

................................................

8

Chapter 2: Hardware Installation

...............................................................

...................

9

Preparation for Use

...............................................................

.....................................

9

Installation Instructions

...............................................................

...........................

10

Minimum System and Component Requirements

............................................

10

Cabling

...............................................................

.......................................................

11

Indicator Lights

...............................................................

.......................................

12

Chapter 3: Access Point Con guration

...............................................................

......

13

Introduction

...............................................................

...............................................

13

Preliminary Con guration Steps

...............................................................

............

14

Initial Setup using the “Local” Port

...............................................................

.......

14

System Con guration

...............................................................

...............................

16

General

...............................................................

.....................................................

16

WAN

...............................................................

.........................................................

17

LAN

...............................................................

..........................................................

18

Operating Mode

...............................................................

......................................

18

Wireless Setup

...............................................................

...........................................

19

General

...............................................................

.....................................................

19

Encryption

...............................................................

...............................................

21

Dynamic Key Management

...............................................................

................

21

Static 3DES Key/Open System Authentication

..............................................

21

Static AES Key/Open System Authentication

................................................

22

MAC Address Filtering

...............................................................

.........................

23

Bridging and Bridging Encryption

...............................................................

......

23

Rogue AP Detection

...............................................................

...............................

24

802.1x

...............................................................

........................................................

24

Advanced

...............................................................

.................................................

25

Services Settings

...............................................................

........................................

26

DHCP Server

...............................................................

...........................................

26

Print Server

...............................................................

..............................................

26

SNMP

...............................................................

.......................................................

27

User Management

...............................................................

.....................................

28

List All Users

...............................................................

...........................................

28

Add New User

...............................................................

........................................

28

iv

29000125-001 C

3e-531AP Wireless Access Point

Table of Contents

Monitoring/Reports

...............................................................

.................................

29

System Status

...............................................................

..........................................

29

Bridging Status

...............................................................

........................................

30

Wireless Clients

...............................................................

.......................................

30

Rogue AP List

...............................................................

..........................................

32

DHCP Client List

...............................................................

....................................

32

System Log

...............................................................

..............................................

33

Web Access Log

...............................................................

......................................

33

Network Activites

...............................................................

..................................

34

System Administration

...............................................................

............................

34

Firmware Upgrade

...............................................................

.................................

34

Self-Test

...............................................................

....................................................

35

Factory Default

...............................................................

.......................................

36

Remote Logging

...............................................................

......................................

36

Reboot

...............................................................

......................................................

37

Utilities

...............................................................

.....................................................

37

Chapter 4: Gateway Con guration

...............................................................

..............

39

Introduction

...............................................................

...............................................

39

Con guring in Gateway Mode

...............................................................

...............

41

System Con guration

...............................................................

...............................

43

General

...............................................................

.....................................................

43

WAN

...............................................................

.........................................................

43

LAN

...............................................................

..........................................................

44

Operating Mode

...............................................................

......................................

45

Wireless Con guration

...............................................................

............................

45

General

...............................................................

.....................................................

45

Encryption

...............................................................

...............................................

47

WEP (RC4) Data Encryption

...............................................................

..............

47

Static 3DES Key/Open System Authentication

..............................................

47

Static AES Key/Open System Authentication

................................................

48

Mac Address Filtering

...............................................................

............................

49

Rogue AP Detection

...............................................................

...............................

50

802.1x

...............................................................

........................................................

50

Advanced

...............................................................

.................................................

51

Services Settings

...............................................................

........................................

52

DHCP Server

...............................................................

...........................................

52

Print Server

...............................................................

..............................................

53

SNMP Agent

...............................................................

............................................

53

Firewall

...............................................................

.......................................................

54

Content Filtering

...............................................................

.....................................

54

IP Filtering

...............................................................

...............................................

55

Port Filtering

...............................................................

...........................................

55

Virtual Server

...............................................................

..........................................

56

Demilitarized Zone (DMZ)

...............................................................

...................

57

Block WAN ICMP

...............................................................

...................................

58

User Management

...............................................................

.....................................

58

List All Users

...............................................................

...........................................

58

Add New User

...............................................................

........................................

59

Monitoring/Reports

...............................................................

.................................

60

System Status

...............................................................

..........................................

60

Wireless Clients

...............................................................

.......................................

60

Rogue AP List

...............................................................

..........................................

61

DHCP Client List

...............................................................

....................................

61

System Log

...............................................................

..............................................

62

29000125-001 C

v

3e-531AP Wireless Access Point

Table of Contents

Web Access Log

...............................................................

......................................

62

Network Activites

...............................................................

..................................

63

System Administration

...............................................................

............................

63

Firmware Upgrade

...............................................................

.................................

63

Factory Default

...............................................................

.......................................

64

Remote Logging

...............................................................

......................................

64

Reboot

...............................................................

......................................................

65

Utilities

...............................................................

.....................................................

65

Chapter 5: Bridge Con guration

...............................................................

..................

67

Introduction

...............................................................

...............................................

67

Preliminary Setup

...............................................................

.....................................

67

General Bridge Setup

...............................................................

...............................

68

Bridging Type Con guration

...............................................................

..................

71

Point-to-Point Bridge Con guration

...............................................................

...

71

Point-to-Point Bridging Setup Guide

...............................................................

72

Point-to-Multipoint Bridge Con guration

........................................................

75

Point-to-Multipoint Bridging Setup Guide

.....................................................

76

Back-to-Back Bridge Con guration

...............................................................

.....

76

Back-to-Back Bridging Setup Guide

...............................................................

..

77

Repeater Bridge Con guration

...............................................................

............

78

Repeater Bridging Setup Guide

...............................................................

.........

78

Chapter 6: PC Card Installation on a Laptop

............................................................

79

Chapter 7: The RF Manager Function

...............................................................

.........

81

Introduction

...............................................................

...............................................

81

How to Access the RF Manager Function

............................................................

82

How to Program the RF Manager

...............................................................

..........

83

Chapter 8: Network Printer Setup

...............................................................

...............

87

Install Print Service for Unix (Windows 2000):

...................................................

87

Printer Setup

...............................................................

..............................................

88

Chapter 9: Technical Support

...............................................................

........................

93

Manufacturer’s Statement

...............................................................

.......................

93

Radio Frequency Interference Requirements

.......................................................

93

vi

29000125-001 B

3e-531AP Wireless Access Point

Navigation Options

3e-531AP Navigation Options

Access Point

Gateway

Not FIPS 140-2

FIPS 140-2

Not FIPS 140-2

System Con guration

General

WAN

LAN

Operating Mode

Wireless con guration

General

Encryption

Bridging

MAC Address Filtering

Rogue AP detection

802.1x

Advanced

Services Settings

DHCP Server

Print Server

SNMP agent

Firewall

Content Filtering

IP Filtering

Port Filtering

Virtual Server

DMZ

Block WAN IP ICMP

User Management

List All Users

Add New User

Monitoring Reports

System Status

Bridging Status

Wireless clients

Rogue AP List

DHCP Client List

System Log

Web Access Log

Network Activities

System Administration

Firmware Upgrade

Self-Test

Factory Default

Remote Logging

Reboot

Utilities

3e-531AP Wireless Access Point

Chapter 1: Introduction

29000125-001 C

1

Chapter 1: Introduction

This manual covers the installation and operation of the 3e Technolo-

gies International’s 3e-531AP Wireless Access Point, which conforms to

the requirements of FIPS PUB 140-2, Security Requirements for Crypto-

graphic Modules. The 3e-531AP Wireless Access Point provides a connec-

tion between an Ethernet LAN and a wireless LAN (WLAN). The wireless

LAN can include mobile devices such as handheld Personal Data Assis-

tants (PDAs), mobile web pads, and wireless laptops as long as they have

the 3e-010F Crypto Client software installed. (The 3e-010F Crypto Client

software is sold with the 3e-110 long range PC Card or sold separately for

use with other compatible PC Cards.)

The 3e-531AP incorporates Power over Ethernet (PoE), IEEE 802.3af,

and the highest security functionality including the ability to manage RF

centrally and to even shut off RF to wireless devices entirely, should that

be necessary. The PoE solution eliminates the need for internal gateway

power supply units (AC-DC converters) and 110-220V cabling installa-

tions for the gateway operation. In the 3e-531AP, however, the capability

to switch to AC power has been provided as a backup in the event the

Power over Ethernet hub is lost or unavailable. The device detects power

failure and automatically switches to AC current with minimal wireless

connection interruption using the power cord provided. (Note: a power

cord does not have to be plugged in to the 3e-531AP during setup, but it

is recommended that it be kept available for use in case of failure of the

PoE Power Supply.)

The PoE interface on the 3e-531AP is compatible with commercial

vendor “injected power” hub units (also known as Ethernet Power Sup-

ply or Power over Ethernet Hub) interfaces.

The 3e-531AP conforms to the FIPS 140-2 speci cation. It includes

the following cryptographic modules: AES/3DES for wireless encryption;

dynamic key exchange (Dif e-Hellman module 1024) for wireless com-

munication; and HTTPS/TLS, for secure web communication. The 3e-

531AP contains three cryptographic modules and ports: Ethernet WAN

uplink interface for communication to the wired LAN backbone; Ethernet

LAN local port for communication to a local wired LAN; and wireless

LAN port for wireless communication to local clients. The authorized

roles supported are Crypto Of cer Role and Administrator Role. Crypto-

graphic services provided include; AES and 3DES for wireless; SHA-1 for

authentication; HMAC SHA-1 for keyed authenticated  rmware upgrade;

3e-531AP Wireless Access Point

Chapter 1: Introduction

2

29000125-001 C

Dif e-Hellman Key Exchange; and HTTPS/TLS for web services via a

secure link. Operator Authentication is performed by assigning operator

type: Administrator can view con gurations and logs, can do non-cryp-

tographic functions such as assigning hostname, domain name, system

date/time, TX Pwr Mode/Level and the like; the Crypto Of cer role has

total access and control and can perform cryptographic initialization or

management functions such as module initialization, input or output of

cryptographic keys and CSPs, and audit functions.

The 3e-531AP is wall-mountable and physically sealed with special

tape for physical security. Violation of the unit's integrity will cause the

unit to fail and display an Error State alarm, requiring reboot.

Basic Features

The 3e-531AP is housed in a sturdy case which is not meant to be

opened except by an authorized technician for maintenance or repair. The

unit should work without fail. If you wish to reset to factory settings, use

the reset function available through the web-screen management module.

It has the following features:

•

Local Ethernet LAN

•

Ethernet uplink WAN

•

Wireless (802.11b) interface with operating range of 2000+ feet

•

AES/3DES encryption

•

HTTPS/TLS secure Web

•

802.1x/EAP-TLS

•

Sealed cover with tamper-proof tape

•

DHCP client/sever

•

Firewall

•

NAT

•

Bridging Mode

•

Repeater Mode

•

Adjustable Radio Power

•

MAC address  ltering

The following cryptographic modules have been implemented in the

3e-531AP.

•

AES for wireless (802.11b)

•

3DES for wireless (802.11b)

•

802.1x/EAP-TLS for authentication

•

SHA-1

•

HMAC SHA-1 for  rmware upgrade

3e-531AP Wireless Access Point

Chapter 1: Introduction

29000125-001 C

3

Wireless Basics

Wireless networking uses electromagnetic radio frequency waves to

transmit and receive data. Communication occurs by establishing radio

links between the wireless gateway and devices con gured to be part of

the

WLAN.

The 3e-531AP incorporates the 802.11b (Wi-Fi) standard and

the most

state of the art encryption for a very powerful and secure wireless envi-

ronment.

802.11b

The IEEE 802.11b standard, developed by the Wireless Ethernet

Compatibility Alliance (

WECA), establishes a stable standard. A user with

an 802.11b product can use any brand of gateway/access point with any

other brand of client hardware that is built to the 802.11b standard for ba-

sic interconnection.

802.11b devices provide 11 Mbps transmission (with a

fallback to 5.5, 2 and 1 Mbps depending on signal strength) in the 2.4 GHz

band.

802.11b uses

DSSS (direct-sequence spread spectrum) for radio com-

munication.

Direct-sequence systems communicate by continuously

transmitting a redundant pattern of bits called a chipping sequence. The

chipping sequence is combined with a transmitted data stream to produce

the wireless output signal.

For wireless devices to communicate with the 3e-531AP, they must

meet the following conditions:

•

The signal strength must be suf cient;

•

The wireless device and wireless gateway must have been con g-

ured to recognize each other using the

SSID (a unique ID assigned

in setup so that the wireless device is seen to be part of the net-

work by the 3e-531AP);

•

Encryption and authentication capabilities and types enabled

must conform;

•

The wireless device and wireless gateway must have compatible

data rate con gurations; and

•

If MAC  ltering is used, the 3e-531AP must be con gured to

allow the wireless device’s MAC address to associate (communi-

cate) with the 3e-531AP wireless interface.

3e-531AP Wireless Access Point

Chapter 1: Introduction

4

29000125-001 C

Network Con guration

The 3e-531AP is capable of various con gurations. The three basic

con gurations are:

•

Access point mode with wired infrastructure

•

Gateway mode with wired infrastructure

•

Wireless bridging with choice of:

— Point-to-point setup

— Point-to-multipoint setup

— Repeater setup

Bridging actually has more choices, but the above choices are popular

and are discussed later in this user guide.

Access Point Con gurations

When a 3e-531AP is con gured as an access point, IP addresses for

wireless devices are typically assigned by the wired network’s

DHCP

server. The wired LAN’s DHCP server assigns addresses dynamically,

and the AP virtually connects wireless users to the host wired network.

All wireless devices connected to the AP are con gured on the same sub-

network as the attached wired network interface and can be accessed by

devices on the wired network.

Possible AP Topologies

1.

An access point can be used as a single AP without any connec-

tion to a wired network. In this con guration, it simply provides a

stand-alone wireless network for a group of wireless devices.



2.

The 3e-531AP can be used as one of a number of APs connected

to an existing Ethernet network to bridge between the wired and

wireless environments. Each AP can operate independently of the

other APs on the LAN. Multiple APs can coexist as separate indi-

vidual networks at the same site without interference if each AP is

set with a different

network ID (SSID).

3e-531AP Wireless Access Point

Chapter 1: Introduction

29000125-001 C

5



 

   

3.

And lastly, multiple APs connected to a wired network and operat-

ing off that network’s DHCP server can provide a wider coverage

area for wireless devices, enabling the devices to “

roam” freely

about the entire site.

 



Gateway Con gurations

In gateway mode, wireless users are provided additional

 rewall

protection from the rest of the industrial or shipboard network or Internet

using

Network Address Translation (

NAT) protocol features and  rewall

options.

Wireless users can still communicate with the wired network resourc-

es but communication must be initiated by the wireless devices. Using the

NAT protocol, the only IP address visible to the wired network is that of

the gateway itself, as assigned by the wired Ethernet DHCP server. The

gateway provides  rewall protection to its wireless users. It can dynami-

cally assign private addresses to member devices using its own internal

DHCP server. It acts as a

router, not a

bridge, and controls traf c  ow and

access control between the wired and wireless networks.

3e-531AP Wireless Access Point

Chapter 1: Introduction

6

29000125-001 C

 



 



 

 







Alternately, if you wish, the network administrator can assign

static

addresses to the member wireless devices. In order to set static addresses,

the system administrator will need to manually con gure the TCP/IP

con guration on each wireless device.

Bridging Mode

The wireless bridging function in the 3e-531AP allows setup as a

bridge, in a number of alternate con gurations, including the following

popular con gurations:

1.

Point-to-point bridging of 2 Ethernet Links;

2.

Point-to-multipoint bridging of several Ethernet links;

3.

Repeater mode (wireless client to wireless bridge.)

Default Con guration

By default, the 3e-531AP boots up in access point mode. See your

network administrator or more advanced technical sections of this User’s

Guide for information if the device is to be con gured in gateway mode

or bridging mode.

Data Encryption and Security

The 3e-531AP Wireless Access Point includes advanced wireless

security features, including Dynamic Key Management or Static key AES

or 3DES encryption. AES or 3DES and MAC Address authentication are

available in the 3e-531AP in all modes, and some level of encryption is

recommended. In gateway mode, WEP encryption is an option.

The incorporation of AES and 3DES brings system security up to the

most stringent standards. The functionality of these two enhancements,

along with a more detailed discussion of the 3e-531AP security features,

is further covered in the following paragraphs.

3e-531AP Wireless Access Point

Chapter 1: Introduction

29000125-001 C

7

SSID

The Service Set ID (SSID) is a string used to de ne a common roam-

ing domain among multiple wireless access points. Different SSIDs on

gateways can enable overlapping wireless networks. The SSID can act as

a basic password without which the client cannot connect to the network.

However, this is easily overridden by allowing the wireless AP to broad-

cast the SSID, which means any client can associate with the AP. SSID

broadcasting can be disabled in the 3e-531AP setup menus.

AES and 3DES

The Advanced Encryption Standard (AES) was selected by National

Institute of Standards and Technology (NIST) in October 2000 as an up-

grade from the previous DES standard. AES uses a 128-bit block cipher

algorithm and encryption technique for protecting computerized infor-

mation. It has the ability to use even larger 192-bit and 256-bit keys, if

necessary. AES is incorporated into all current and future models of 3e

Technologies International’s series of wireless APs/gateways.

3DES is also incorporated on the 3e-531AP. 3DES is modeled on the

older DES standard but encrypts data three times over. Triple-DES uses

more CPU resources than AES because of the triple encryption.

Dynamic Key Management

Addition of Security Server software (3e-030, sold separately), which

is con gured to dynamically assign secure key access, raises the secu-

rity capability to its highest level. The Security Server software operates

from a remote point on the WLAN and is accessed by pointing to its IP

Address in each of the 3e-531APs on the WLAN as part of the wireless

encryption con guration process.

Authentication

The

MAC address, short for

Media Access Control address,

is a hard-

ware address that uniquely identi es each node of a network. In IEEE 802

networks, the

Data Link Control (

DLC) layer of the

OSI Reference Model

is divided into two sub-layers: the

Logical Link Control (LLC) layer

and the

Media Access Control (MAC) layer.

The MAC layer interfaces directly with

the network media. Consequently, each type of network media requires a

unique MAC address.

Authentication is the process of proving a client identity. The 3e-

531AP gateways, if set up to use MC address  ltering, detect an attempt

to connect by a client and compare the client’s MAC address to those on

a prede ned MAC address  lter list. Only client addresses found on the

list are allowed to associate. MAC addresses are assigned and registered

to each of the wireless cards used by the portable computing devices dur-

ing initial setup and after physical installation of the gateways.

3e-531AP Wireless Access Point

Chapter 1: Introduction

8

29000125-001 C

DHCP Server and NAT

In AP mode, the 3e-531AP has a DHCP (

Dynamic Host Con guration

Protocol

) server function that is accessible to the LAN port. If the 3e-

531AP is set up in gateway mode, this DHCP function is available, with

many  rewall functions in addition, to both the LAN and WLAN ports.

DHCP is a protocol for assigning

dynamic IP addresses.

When the 3e-531AP is in access point mode, the DHCP function is

accessible only from the local LAN port. A local LAN can be established

from the LAN port and can utilize the DHCP function.

If the 3e-531AP is recon gured for gateway mode, and the DHCP

function is enabled, the gateway

Ethernet uplink interface becomes the

only visible

IP address to the Ethernet network. It uses Network Address

Translation (NAT) to forward packets from wireless devices as if they

were coming from the one visible IP address, managing a database of in-

formation in order to sort out and forward the replies to the correct client.

NAT provides an additional layer of security by protecting information

on the wireless LAN from direct access by the Ethernet LAN.

Operator Authentication and Management

Authentication mechanisms may be required within a cryptographic

module to authenticate an operator accessing the module and to verify

that the operator is authorized to assume the requested role and perform

services within that role.

There are two types of operators de ned:

•

Crypto Of cer: The Crypto Of cer user has total control of the

gateway. The Crypto Of cer can con gure the encryption keys

and upload  rmware.

•

Administrator: The Administrator can view con gurations and

logs, can do non-cryptographic functions such as assigning host-

name, domain name, system date/time, TX Pwr Mode/Level and

the like. This user can reboot the gateway if it is deemed neces-

sary.

The Crypto Of cer initially installs and con gures the 3e-531AP after

which the

password should be changed from the

default password. The

enclosure itself must be physically secured.

Management

After initial setup, maintenance of the system and programming of

security functions are performed by personnel trained in the procedure

using the embedded web-based management screens. For general mainte-

nance, the Administrator logon should be suf cient.

The next chapter covers the basic procedure for setting up the hard-

ware.

3e-531AP Wireless Access Point

Chapter 2: Hardware Installation

29000125-001 C

9

Chapter 2: Hardware Installation

Preparation for Use

The 3e Technologies International's 3e-531AP Wireless Access Point

requires physical mount ing and in stal la tion on the site, following a

prescribed placement design to ensure optimum operation and roaming.

Professional installation is required.

If the 3e-531AP's Power over Ethernet (PoE) solution is being activat-

ed, it will, in addition, re quire the installation of a separate PoE-capable

hub switch which “in jects” DC cur rent into the Cat5 cable. This injector

device should have been spec’ed and installed by a wireless LAN installa-

tion team.

To ensure that there is no possibility of danger from contact with the

in ject ed current should anyone open the 3e-531AP enclosure, each 3e-

531AP device has been  tted with a safety interlock that functions as an

in ter nal circuit breaker to interrupt the  ow of current when the device is

opened.

The 3e-531AP package includes the following items:

•

The FIPS-compliant 3e-531AP

•

2 removable antennas

•

Documentation as PDF  les (on CD-ROM)

•

Installable RF Manager utility (on CD-ROM)

•

Registration card

•

Warranty card

The following items are separately purchased in accordance with the

exact dimensions of the network to be con gured:

•

Power cable with water-resistant circular connector

•

Ethernet cable with special water-resistant circular con-

nec tor

3e-531AP Wireless Access Point

Chapter 2: Hardware Installation

10

29000125-001 C

The antennas used with the 525A must be installed with a mini-

mum separation distance of 20 cm from all persons, and must

not be co-located or operated in conjunction with any other

antenna or transmitter. Installation should be accomplished

using the authorized cables and/or connectors provided with the device

or available from the manufacturer/distributor for use with this device.

Changes or modi cations not expressly approved by the manufacturer or

party responsible for this FCC compliance could void the user’s authority

to operate the equipment.

Installation Instructions

The 3e-531AP is intended to be installed as part of a complete wireless

design solution, and, as such, the design and ar chi tec ture of that solution

is unique to each lo ca tion and is addressed in a separate doc u ment. Prop-

er installation of the wire less sys tem will ensure that users can “roam”

freely throughout the serviced location, passing transparently from node

to node with no loss of service but at the same time maintaining top secu-

rity on the wireless LAN.

This manual deals only and speci cally with the single 3e-531AP de-

vice as a unit. The purpose of this chapter is the description of the device

and its identi able parts so that the user is suf ciently familiar to interact

with the physical unit. Preliminary setup information provided below

is intended for information and instruction of the wireless LAN system

administration personnel.

It is intended, and is the philosophy of 3e Technologies International,

that the user not be required to open the individual unit. Any main te -

nance required is limited to the external enclosure surface, cable con nec -

tions, and to the man age ment software (as described in Chapter three,

four and  ve) only. A failed unit should be returned to the man u fac tur er

for maintenance. Sites requiring emergency backup will maintain extra

units of the device to interchange in case of failure.

Minimum System and Component Requirements

The 3e-531AP is designed to be attached to the wall or bulkhead at

appropriate locations. To complete the con guration, you should have at

least the following components:

•

PCs with one of the following operating systems installed:

Win dows Windows NT 4.0, Windows 2000 or Windows XP;

•

A compatible 802.11b PC Card or 802.11b device for each

computer that you wish to wirelessly connect to your wire-

less network. (For wireless cards, select the 3e-110 PC Card

with 3e-010F Crypto Client software (sold separately) or

install the 3e-010F software with any compatible PC Card.

(For maximum security and compatibility, we recommend

the 3e Technologies International 3e-110 PC Card);

3e-531AP Wireless Access Point

Chapter 2: Hardware Installation

29000125-001 C

11

•

Access to at least one laptop or PC with an Ethernet card

and cable that can be used to complete the initial con  g u-

ra tion of the unit. (The cable required will have a standard

RJ-45 connector on one end and a circular connector on the

other.)

•

A Web browser program (such as Microsoft Internet Explor-

er 5.5 or later, or Netscape 6.2 or later) in stalled on the PC or

laptop you will be using to con gure the Gateway.

•

TCP/IP Protocol (usually comes installed on any Windows

PC.)

Cabling

The 3e-531AP is well-protected in a met al enclosure which is gen-

er al ly bolted to the bulk head. The front of the box is hinged but should

not be opened, particularly if being employed as FIPS 140-2 compatible

device.

The fol low ing il lus tra tion shows the external cabling on the 3e-531AP.

However, even if the On-off switch is “on”, if the lid of the de vice is

opened, power will cease to  ow be cause of the safe ty in ter lock.

Printer

connector

(Not active in

3e-531APs.)

AC Power

Connector

Power

Switch

(On/Off)

Lo cal

Ethernet

Connector

Ethernet

uplink

An AC Power Con nec tor (not provided) can be plugged into an AC

outlet. In some situations, the in stal la tion design may include elimination

of the ability to plug the unit into an AC outlet. In such circumstances, the

AC power is supplied (that is, hardwired) using the same AC Power Con-

nector port. Usually, in the default con guration of the 3e-531AP, the AC

Pow er Con nec tor is not ac tive ly used. The socket outlet must be installed

near the equipment and be easily accessible.

The Ethernet Up link con nec tor is used to connect the 3e-531AP to the

ship board LAN. When used as a PoE device, the Ethernet Uplink con-

nec tor will have been routed from the unit to a PoE-capable hub switch

which runs the power through the Ethernet cable to the unit. The Ethernet

3e-531AP Wireless Access Point

Chapter 2: Hardware Installation

12

29000125-001 C

cable is thus run from the 3e-531AP to the PoE-capable hub switch which

is then connected to the wired LAN and to a power source.

The 3e-531AP design includes an external Power Switch for the pur-

pose of disabling power to the unit for servicing or removal.

Although a safety interlock is provided on the unit to disable power

when the enclosure door is opened, AC and PoE power cables must be

disconnected prior to servicing or removing the device. This is a pre cau -

tion ary measure.

An additional Ethernet connector labeled "Local" is designated for use

during initial con guration. The installation team uses an RJ45 cable with

Circular con nec tor to connect the 3e-531AP to a laptop.

Indicator Lights

The top panel of the 3e-531AP con tains a set of in di ca tor lights (

Light

Emitting Diodes or

LEDs) that help describe the state of various network-

ing and connection operations.

This closeup shows the ground and one of the seals that

are standard on the FIPS 140-2 compliant 3e-531AP.

Note that the ground will be installed permanently on

installation of the unit and should not be disturbed after

that.

Ethernet Uplink

Power

Wireless LAN

Activity

Error State

LED indicator

LED

Description

Power

The Power indicator LED informs you when the

gateway is on or off. If this light is on, the gateway is

on; if it is not on, the gate way is off. During

 rmware

upgrades and resets, this light will blink

Ethernet Uplink

This light indicates the state of your connection to the

shipboard network. When on, the WAN light indicates

that the gateway is con nect ed to the net work. When

the WAN light is off, the gateway does not have an ac-

tive connection to the shipboard net work.

Wireless LAN Activity

This light may be steady or blinking and indicates that

in for ma tion is passing through the connection.

Error State

LED indicator

The Error State LED indicator will light to alert you if

the device enters Error State. If the 3e-531AP enters an

Error State, you must power down and up (using the

On/Off switch), to allow it to invoke the power-up self

tests.

Page is loading ...

3e Technologies International QVT-531AP User manual

This manual is also suitable for

3e Technologies International QVT-531AP User manual

Related papers

Other documents