Reviews & Opinions
Independent and trusted. Read before buy Alcatel-lucent 570!

Alcatel-lucent 570 Manual

Preview of first few manual pages (at low quality). Check before download. Click to enlarge.
Manual - 1 page  Manual - 2 page  Manual - 3 page 

Download (English)
Alcatel-lucent 570, size: 4.0 MB
Related manuals
Alcatel-lucent 570I 1
Alcatel-lucent 570I
Alcatel-lucent 570 1

Instruction: After click Download and complete offer, you will get access to list of direct links to websites where you can download this manual.


Alcatel-lucent 570About Alcatel-lucent 570
Here you can find all about Alcatel-lucent 570 like manual and other informations. For example: review.

Alcatel-lucent 570 manual (user guide) is ready to download for free.

On the bottom of page users can write a review. If you own a Alcatel-lucent 570 please write about it to help other people.
[ Report abuse or wrong photo | Share your Alcatel-lucent 570 photo ]

User reviews and opinions

No opinions have been provided. Be the first and add a new opinion/review.




Volume 8 Configuring Advanced Services Chapter 21 IPv6 Client Support About IPv6. AOS-W Support for IPv6. Supported Network Configuration. Network Connection for Windows IPv6 Clients. AOS-W Features that Support IPv6. Authentication. Firewall. Firewall Policies. DHCPv6 Passthrough/Relay. Multicast Snooping. User Address Display. Limitations for this Release. Chapter 22 Configuring QoS for Voice Roles and Policies for Voice Traffic. Configuring a User Role for NOE Clients. Configuring a User Role for SIP Phones. Configuring a User Role for SVP Phones. Configuring a User Role for Vocera Badges. Configuring a User Role for SCCP Phones. Configuring a User Role for H.323 Phones. Configuring User-Derivation Rules.
12 AOS-W 3.3.2 User Guide

592 595

609 612
Optional Configurations. Wi-Fi Multimedia. Configurable WMM AC Mapping. WPA Fast Handover. Voice Services Module Features. Configuring the VoIP CAC Profile. Battery Boost. Dynamic WMM Queue Management. TSPEC Signaling Enforcement. WMM Queue Content Enforcement. Voice-Aware 802.1x. SIP Authentication Tracking. SIP Call Setup Keepalive. Mobile IP Home Agent Assignment.

627 627

Chapter 23 External Services Interface Understanding ESI. Understanding the ESI Syslog Parser. ESI Parser Domains. Peer WLAN Switches. Syslog Parser Rules. ESI Configuration Overview. Health-Check Method, Groups, and Servers. Redirection Policies and User Role. ESI Syslog Parser Domains and Rules. Monitoring Syslog Parser Statistics. Example Route-mode ESI Topology. Configuring the Example Routed ESI Topology. Example NAT-mode ESI Topology. Configuring the Example NAT-mode ESI Topology. Basic Regular Expression Syntax. Character-Matching Operators. Regular Expression Repetition Operators. Regular Expression Anchors. References. Volume 9 Appendices
Appendix A Configuring DHCP with Vendor-Specific Options. 679 Overview. 680
AOS-W 3.3.2 User Guide 13
Windows-Based DHCP Server. Configuring Option 60. Configuring Option 43. Linux DHCP Servers.

681 683

Appendix B External Firewall Configuration. 685 Communication Between Alcatel-Lucent Devices. 686 Network Management Access. 687 Other Communications. 688 Appendix C Alcatel-Lucent System Defaults. 689 Basic System Defaults. 690 Firewall Defaults. 690 Network Services. 690 Policies. 692 Roles. 696 Default Management User Roles. 699 Default Open Ports. 704 Appendix D 802.1x Configuration for IAS and Windows Client. 707 Configuring Microsoft IAS. 707 RADIUS Client Configuration. 707 Remote Access Policies. 709 Configuring RADIUS Attributes. 714 Window XP Wireless Client Example Configuration. 717 Appendix E Internal Captive Portal. 723 Creating a New Internal Web Page. 724 Basic HTML Example. 725 Installing a New Captive Portal Page. 726 Displaying Authentication Error Message. 727 Reverting to the Default Captive Portal. 728 Language Customization. 728 Customizing the Welcome Page. 733 Customizing the Pop-Up box. 735 Customizing the Logged Out Box. 736 Index. 739

Provision the AP

You need to configure the VPN client settings on the AP to instruct the AP to use IPSec to connect to the WLAN switch. You must provision the AP before you install it at its remote location. To provision the AP the AP must be physically connected to the local network or directly , connected to the WLAN switch. When connected and powered on, the AP must also be able to obtain an IP address from a DHCP server on the local network or from the WLAN switch. NOTE: You must install a Remote AP license on any WLAN switch that you use to provision a remote AP For example, if you are provisioning a remote. AP on a master WLAN switch but the remote AP tunnel will terminate on a local WLAN switch, you need to install Remote AP licenses on both the master and local WLAN switches.
In AOS-W 3.2 and later, remote APs support LMS. If your configuration has an internal LMS IP address, remote APs may attempt to switch over to the LMS IP address, which is not reachable from the Internet. For remote APs, ensure that the LMS IP address in the AP system profile for the AP group has an externally routable IP address. For more information, see the AOS-W Software Upgrade Guide.
Reprovisioning the AP causes it to automatically reboot. The easiest way to provision an AP is to use the Provisioning page in the WebUI, as described in the following steps: 1. 2. Navigate to the Configuration > Wireless > AP Installation > Provisioning page. Select the remote AP and click Provision. Under Authentication Method, select IPSec Parameters. Enter the Internet Key Exchange (IKE) Pre-Shared Key (PSK), username, and password. NOTE: The username and password you enter must match the username and password configured on the authentication server for the remote AP.
Under Master Discovery, set the Master IP Address as shown below:
Deployment Scenario Deployment 1 Deployment 2 Deployment 3
Master IP Address Value WLAN Switch IP address WLAN Switch public IP address Public address of the NAT device to which the WLAN switch is connected
You can enter the master DNS name of the WLAN switch instead of the IP address when provisioning the remote AP Specifying the. name lets you move or change remote AP concentrators without reprovisioning your APs. For more information, see DNS WLAN Switch Setting on page 252.
Under IP Settings, make sure that Obtain IP Address Using DHCP is selected. Click Apply and Reboot.
232 AOS-W 3.3.2 User Guide
Deploying a Branch Office/Home Office Solution
In a branch office, the AP is deployed in a separate IP network from the corporate network. Typically, there are one or two NAT devices between the two networks. Branch office users need access to corporate resources like printers and servers but traffic to and from these resources must not impact the corporate head office. The following illustration shows a remote AP in a branch or home office with a single WLAN switch providing access to both a corporate WLAN and a branch office WLAN.

Configuring 802.1x Authentication on page 315 describes 802.1x configuration on the WLAN switch.
Authentication Terminated on WLAN Switch
Figure 10-32 is an overview of the parameters that you need to configure on 802.1x authentication components when 802.1x authentication is terminated on the WLAN switch (AAA FastConnect). User authentication is performed either via the WLAN switchs internal database or a non-802.1x server.
FIGURE 10-32 802.1x Authentication with Termination on WLAN Switch
In this scenario, the supplicant is configured for EAP-Transport Layer Security (TLS) or EAP-Protected EAP (PEAP). EAP-TLS is used with smart card user authentication. A smart card holds a digital certificate which, with the user-entered personal identification number (PIN), allows the user to be authenticated on the network. EAP-TLS relies on digital certificates to verify the identities of both the client and server. NOTE: EAP-TLS requires that you import server and certification authority (CA) certificates onto the WLAN switch (see Using Certificates with AAA FastConnect on page 318). The client certificate is verified on the WLAN switch (the client certificate must be signed by a known CA) before the user name is checked on the authentication server.
EAP-PEAP uses TLS to create an encrypted tunnel. Within the tunnel, one of the following inner EAP methods is used: EAP-Generic Token Card (GTC): Described in RFC 2284, this EAP method permits the transfer of unencrypted usernames and passwords from client to server. The main uses for EAP-GTC are one-time token cards such as SecureID and the use of an LDAP or RADIUS server as the user authentication server. You can also enable caching of user credentials on the WLAN switch as a backup to an external authentication server.
314 AOS-W 3.3.2 User Guide
EAP-Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAPv2): Described in RFC 2759, this EAP method is widely supported by Microsoft clients. A RADIUS server must be used as the backend authentication server. If you are using the WLAN switchs internal database for user authentication, you need to add the names and passwords of the users to be authenticated. If you are using an LDAP server for user authentication, you need to configure the LDAP server on the WLAN switch, and configure user IDs and passwords. If you are using a RADIUS server for user authentication, you need to configure the RADIUS server on the WLAN switch.

Using the WebUI to select a certificate for captive portal:
1. 2. 3. Navigate to the Configuration > Management > General page. Under Captive Portal Certificate, select the name of the imported certificate from the drop-down list. Click Apply.
Using the CLI to select a certificate for captive portal:
web-server captive-portal-cert <certificate>
To specify a different server certificate for captive portal with the CLI, use the no command to revert back to the default certificate before you specify the new certificate:
web-server captive-portal-cert ServerCert1 no captive-portal-cert captive-portal-cert ServerCert2
Configuring Captive Portal in the Base AOS-W
The base operating system allows full network access to all users who connect to an ESSID, whether guest or registered user. In the base operating system, you cannot configure or customize user roles; this function is only available by installing the Policy Enforcement Firewall license. Captive portal allows you to control or identify who has access to network resources. When you create a captive portal profile in the base operating system, an implicit user role is automatically created with same name as the captive portal profile. This implicit user role allows only DNS and DHCP traffic between the client and network and directs all HTTP or HTTPS requests to the captive portal. You cannot directly modify the implicit user role or its rules. Upon authentication, captive portal clients are allowed full access to their assigned VLAN.
The WLAN Wizard within the AOS-W WebUI allows for basic captive portal configuration for WLANs associated with the default ap-group: Configuration > Wizards > WLAN Wizard. Follow the steps in the workflow pane within the wizard and refer to the help tab for assistance.
Figure 11-33 illustrates the basic tasks for configuring captive portal in the base operating system; example server group and profile names are in quotation marks.
Create Server Group cp-srv
Create Captive Portal Authentication Profile c-portal Create AAA Profile aaa_c-portal Set the initial role to c-portal Create SSID Profile ssid_c-portal Create Virtual AP Profile vp_c-portal



auth-guest User Role

The auth-guest user role consists of the following ordered policies: 1. 2. cplogout is a predefined policy that allows captive portal logout. guest-logon-access is a policy that you create with the following rules: Allows DHCP exchanges between the user and the DHCP server during business hours while blocking other users from responding to DHCP requests. Allows DNS exchanges between the user and the public DNS server during business hours. Traffic is source-NATed using the IP interface of the WLAN switch for the VLAN. 3. 4. block-internal-access is a policy that you create that denies user access to the internal networks. auth-guest-access is a policy that you create with the following rules: Allows DHCP exchanges between the user and the DHCP server during business hours while blocking other users from responding to DHCP requests. Allows DNS exchanges between the user and the public DNS server during business hours. Traffic is source-NATed using the IP interface of the WLAN switch for the VLAN. Allows HTTP/S traffic from the user during business hours. Traffic is source-NATed using the I interface of the WLAN switch for the VLAN. 5. drop-and-log is a policy that you create that denies all traffic and logs the attempted network access.
Using the WebUI to create a time range:
1. Navigate to the Configuration > Security > Access Control > Time Ranges page to define the time range working-hours. Click Add.

A. B. C. D. E. F. G. 2.

For Name, enter working-hours. For Type, select Periodic. Click Add. For Start Day, click Weekday. For Start Time, enter 07:30. For End Time, enter 17:00. Click Done.
Using the WebUI to create the guest-logon-access policy:
1. 2. 3. 4. Navigate to the Configuration > Security > Access Control > Policies page. Select Add to add the guest-logon-access policy. For Policy Name, enter guest-logon-access. For Policy Type, select IPv4 Session. Under Rules, select Add to add rules for the policy. A. B. C. D. E. 5. Under Source, select user. Under Destination, select any. Under Service, select udp. Enter 68. Under Action, select drop. Click Add.
Under Rules, click Add. A. B. C. D. E. F. Under Source, select user. Under Destination, select any. Under Service, select service. Select svc-dhcp. Under Action, select permit. Under Time Range, select working-hours. Click Add.
Under Rules, click Add. A. B. Under Source, select user. Under Destination, select alias. NOTE: The following step defines an alias representing the public DNS server addresses. Once defined, you can use the alias for other rules and policies.

wlan ssid-profile guestnet essid guestnet opmode opensystem aaa profile guestnet initial-role guest-logon wlan virtual-ap guestnet vlan 900 aaa-profile guestnet ssid-profile guestnet
User Account Administration
Temporary user accounts are created in the internal database on the WLAN switch. You can create a user role which will allow a receptionist to create temporary user accounts. Guests can use the accounts to log into a captive portal login page to gain Internet access. See Creating Guest Accounts on page 558 for more information about configuring guest provisioning users and administering guest accounts.
374 AOS-W 3.3.2 User Guide
Captive Portal Configuration Parameters
Table 11-25 describes configuration parameters on the WebUI Captive Portal Authentication profile page. NOTE: In the CLI, you configure these options with the aaa authentication captive-portal commands.
TABLE 11-25 Captive Portal Authentication Profile Parameters
Parameter Default role Description Role assigned to the Captive Portal user upon login. When both user and guest logon are enabled, the default role applies to the user logon; users logging in using the guest interface are assigned the guest role. NOTE: The Policy Enforcement Firewall license must be installed.
Default: guest Redirect Pause Time, in seconds, that the system remains in the initial welcome page before redirecting the user to the final web URL. If set to 0, the welcome page displays until the user clicks on the indicated link. Default: 10 seconds. User Login Enables Captive Portal with authentication of user credentials. Default: enabled Guest Login Enables Captive Portal logon without authentication. Default: disabled Logout popup window Enables a pop-up window with the Logout link for the user to logout after logon. If this is disabled, the user remains logged in until the user timeout period has elapsed or the station reloads. Default: enabled Use HTTP for authentication Use HTTP protocol on redirection to the Captive Portal page. If you use this option, modify the captiveportal policy to allow HTTP traffic. Default: Disabled (HTTPS is used)
TABLE 11-25 Captive Portal Authentication Profile Parameters (Continued)
Parameter Logon wait minimum wait Description Minimum time, in seconds, the user will have to wait for the logon page to pop up if the CPU load is high. This works in conjunction with the Logon wait CPU utilization threshold parameter. Default: 5 seconds. Logon wait maximum wait Maximum time, in seconds, the user will have to wait for the logon page to pop up if the CPU load is high. This works in conjunction with the Logon wait CPU utilization threshold parameter. Default: 10 seconds. Logon wait CPU utilization threshold CPU utilization percentage above which the Logon wait interval is applied when presenting the user with the logon page. Default: 60% Max authentication failures Maximum number of authentication failures before the user is blacklisted. Default: 0 Show FQDN Allows the user to see and select the fully-qualified domain name (FQDN) on the login page. Default: disabled Use CHAP Use CHAP protocol. You should not use this option unless instructed to do so by an Alcatel-Lucent representative. Default: PAP Sygate-on-demandagent Enables client remediation with Sygate-on-demand-agent (SODA). Default: disabled Login page URL of the page that appears for the user logon. This can be set to any URL. Default: /auth/index.html Welcome page URL of the page that appears after logon and before redirection to the web URL. This can be set to any URL. Default: /auth/welcome.html

You can view the background setting by first clicking Submit on the bottom on the page, then clicking the View CaptivePortal link. This displays the Captive Portal page as it will be seen by users.
The background image and text should be visible to users with a browser window on a 1024 by 768 pixel screen. The background should not clash if viewed on a much larger monitor. A good option is to have the background image at 800 by 600 pixels, and set the background color to be compatible. The maximum image size for the background can be around 960 by 720 pixels, as long as the image can be cropped at the bottom and right edges. Leave space on the left side for the login box.
To customize the captive portal background text: A. B. Enter the text that needs to be displayed in the Page Text (in HTML format) message box. To view the changes, click Submit at the bottom on the page and then click the View CaptivePortal link. This displays the Captive Portal page as it will be seen by users.
To customize the text under the Acceptable Use Policy: A. B. Enter the policy information in the Policy Text text box. This appears only in case of guest logon. To view the changes, click Submit at the bottom on the page and then click the View CaptivePortal link. This displays the Captive Portal page as it will be seen by users.
The text you entered appears in a text box when the user clicks the Acceptable Use Policy on the Captive Portal web page. To upload a customized login page, use the Maintenance > Captive Portal > Upload Custom Login Pages page in the WebUI.
386 AOS-W 3.3.2 User Guide
Configuring Virtual Private Networks
For wireless networks, virtual private network (VPN) connections can be used to further secure the wireless data from attackers. The OmniAccess WLAN switch can be used as a VPN concentrator that terminates all VPN connections from both wired and wireless clients. NOTE: VPN is an optional AOS-W software module. You must purchase and install the license for the VPN software module on the WLAN switch.
This chapter describes the following topics: VPN Configuration on page 388 Configuring Remote Access VPN for L2TP IPSec on page 389 Configuring Remote Access VPN for PPTP on page 407 Configuring Site-to-Site VPNs on page 408 Configuring Alcatel-Lucent Dialer on page 411
Configuring Virtual Private Networks Chapter 12

VPN Configuration


The following buttons are available on the Configuration pages: Apply Save Configuration Accepts all configuration changes made on the current page and places them in the running configuration. (Appears in top right corner of the WebUI when the Configuration tool is selected) Saves all applied configuration changes made during the current configuration session. Saved settings are retained when the WLAN switch is rebooted or powered off while unsaved configuration changes are lost. Clicking this button performs the same function as issuing the CLI write memory command. Resets options on current page to the last-applied or saved settings.
Adds a new item to the current page. Typically a set of relevant configuration fields for the item to be added is displayed. Allows you to edit the configuration of the selected item. Removes the selected item from the page configuration. Displays the equivalent CLI command(s) for the WebUI configuration.
Edit Delete View Commands

CLI Access

The CLI is available through the serial console connection or from a Telnet or SSH session. NOTE: Telnet access is disabled by default on OmniAccess WLAN switches. To enable Telnet access, enter the telnet cli command from a serial connection or from an SSH session.
The WLAN switch allows public key authentication of management users accessing the WLAN switch using SSH. (The default is for management users to login with username and password only.) For more information, see Public Key Authentication for SSH Access on page 529.
When you connect to the WLAN switch using the CLI, the system displays its host name followed by the login prompt. Log in using the administrator user account (the password displays as asterisks). For example:
(host) user: admin password: *****
When you are logged in, the user mode CLI prompt displays. For example:

(host) >

User mode provides only limited access for basic operational testing such as running ping and traceroute. All configuration and management functions are available in privileged mode. To move from user mode to privileged mode requires you to enter an additional password. For example:

Using the WebUI to enable OV-MM configuration on the WLAN switch:
1. 2. 3. Navigate to the Configuration > Management > General page. Select the Update of Global Configuration from OV-MM checkbox. Click Apply.
Using the CLI to enable OV-MM configuration on the WLAN switch:

cfgm mms config enable

On the OV-MM server, you must configure the IP address of the master WLAN switch and specify the SNMP username and password you configured on the WLAN switch. For more information about the Alcatel-Lucent OmniVista Mobility Manager, see the OmniVista Mobility Manager User Guide.
Configuring Management Users
You control administrative access to a WLAN switch by creating management users and configuring the user role and authentication method for these users.

Management User Roles

Administrative access to the WLAN switch is associated with one of several predefined user roles. You can assign one of the following predefined roles when configuring management users on the WLAN switch: root: This role permits access to all management functions on the WLAN switch. read-only: This role permits access to CLI show commands or WebUI monitoring pages only. It does not allow user to perform any action such as copying files or rebooting the WLAN switch. guest-provisioning: This role permits access to configuring guest users in the WLAN switchs internal database only. For more information about configuring guest users, see Creating Guest Accounts on page 558. location-api-mgmt: This role permits access to location API information and the CLI; however, you cannot use any CLI commands. This role does not permit access to the WebUI.
526 AOS-W 3.3.2 User Guide
For backward compatibility with previous AOS-W releases, existing user roles that have access to location API information will continue to do so.
network-operations: This role permits access to Monitoring, Reports, and Events pages in the WebUI that are useful for monitoring the WLAN switch. You can log into the CLI; however, you can only use a subset of CLI commands to monitor the WLAN switch.

Configuring SNMP

OmniAccess WLAN switches and APs support versions 1, 2c, and 3 of Simple Network Management Protocol (SNMP) for reporting purposes only. In other words, SNMP cannot be used for setting values in an Alcatel-Lucent system in the current AOS-W version. NOTE: Alcatel-Lucent-specific management information bases (MIBs) describe the objects that can be managed using SNMP See the AOS-W MIB. Reference Guide for information about the Alcatel-Lucent MIBs.
There are separate SNMP configurations for the WLAN switch and for APs, described in the following sections.

SNMP for the WLAN Switch

You can configure the following SNMP parameters for the WLAN switch.
TABLE 19-44 SNMP Parameters for the WLAN Switch
Field Host Name System Contact System Location Description Host name of the WLAN switch. Name of the person who acts as the System Contact or administrator for the WLAN switch. String to describe the location of the WLAN switch.
TABLE 19-44 SNMP Parameters for the WLAN Switch (Continued)
Field Read Community Strings Description Community strings used to authenticate requests for SNMP versions before version 3. NOTE: Enable Trap Generation This is needed only if using SNMP v2c and is not needed if using version 3.
Enables generation of SNMP traps to configured SNMP trap receivers. Refer to the list of traps in the SNMP traps section below for a list of traps that are generated by the OmniAccess WLAN switch. Host information about a trap receiver. This host needs to be running a trap receiver to receive and interpret the traps sent by the OmniAccess WLAN switch. Configure the following for each host/trap receiver: IP address SNMP version: can be 1 or 2c. Community string UDP port on which the trap receiver is listening for traps. The default is the UDP port number 162. This is optional, and will use the default port number if not modified by the user.

Trap receivers

If you are using SNMPv3 to obtain values from the OmniAccess WLAN switch, you can configure the following parameters: User name Authentication protocol A string representing the name of the user. An indication of whether messages sent on behalf of this user can be authenticated, and if so, the type of authentication protocol used. This can take one of the two values: MD5: HMAC-MD5-96 Digest Authentication Protocol SHA: HMAC-SHA-96 Digest Authentication Protocol If messages sent on behalf of this user can be Authentication protocol password authenticated, the (private) authentication key for use with the authentication protocol. This is a string password for MD5 or SHA depending on the choice above.

ip access-list session policy any any any redirect esi-group group direction both blacklist //For any incoming traffic, going to any destination, //redirect the traffic to servers in the specified ESI group. any any any permit //For everything else, allow the traffic to flow normally. user-role role access-list {eth | mac | session} bandwidth-contract name captive-portal name dialer name pool {l2tp | pptp} reauthentication-interval minutes session-acl name vlan vlan_id
ip access-list session fortinet any any svc-http redirect esi-group fortinet direction both blacklist any any any permit user-role guest access-list session fortinet
ESI Syslog Parser Domains and Rules
To configure the ESI syslog parser, navigate to the Configuration > Advanced Services > External Services view on the WebUI (see Figure 23-62).
FIGURE 23-62 External Services View
The following sections describe how to manage syslog parser domains using the WebUI and CLI.
644 AOS-W 3.3.2 User Guide
Using the WebUI to Manage Syslog Parser Domains
Click on the Syslog Parser Domains tab to display the Syslog Parser Domains view (see Figure 23-63).
FIGURE 23-63 Syslog Parser Domains View
This view lists all the domains by domain name and server IP address, and includes a list of peer WLAN switches (when peer WLAN switches have been configuredas described in Peer WLAN Switches on page 633).
Adding a new syslog parser domain:
To add a new syslog parser domain: 1. Click Add in the Syslog Parser Domains section.
The system displays the add domain view (see Figure 23-64).
FIGURE 23-64 Add Domain View
2. 3. In the Domain Name text box, type the name of the domain to be added. In the Server (IP Address) text box, type a valid IP address. NOTE: You must ensure that you type a valid IP address, because the IP address you type is not automatically validated against the list of external servers that has been configured.
Click << Add. Click Apply.
Deleting an existing syslog parser domain:
To delete an existing parser domain: 1. 2. Identify the target parser domain in the list shown in the Domain section of the Syslog Parser Domains view. Click Delete on the same row in the Actions column.
Editing an existing syslog parser domain:
To change an existing syslog parser domain: 1. Identify the target parser domain in the list shown in the Syslog Parser Domains view (see Figure 23-63 on page 645).
646 AOS-W 3.3.2 User Guide
Click Edit on the same row in the Actions column. The system displays the edit domain view (see Figure 23-65).
FIGURE 23-65 The Edit Domain View
NOTE: 3. 4. You cannot modify the domain name when editing a parser domain.
To delete a server from the selected domain, highlight the server IP address and click >> Delete, then click Apply to commit the change. To add a server or a peer WLAN switch to the selected domain, type the server IP address into the text box next to the << Add button, click << Add, then click Apply to commit the change, or click Cancel to discard the changes you made and exit the parser domain editing process.

728 AOS-W 3.3.2 User Guide
Once you have a page you find acceptable, click on View Captive Portal one more time to display your login page. From your browser, choose "View->Source" or its equivalent. Your system will display the HTML source for the captive portal page. Save this source as a file on your local system. Open the file that you saved in step 3 above using a standard text make the following changes: A. Fix the character set. The default <HEAD>.</HEAD> section of the file will look similar to the following:
<head> <title>Portal Login</title> <link href="default1/styles.css" rel="stylesheet" media="screen" type="text/css" /> <script language="javascript" type="text/javascript"> function showPolicy() { win ="/auth/acceptableusepolicy.html", "policy", "height=550,width=550,scrollbars=1"); } </script> </head>
In order to control the character set that the browser will use to show the text with, you will need to insert the following line inside the <HEAD>.</HEAD> element:
<meta http-equiv="Content-Type" content="text/html; charset=Shift_JIS"/>
Replace the "Shift_JIS" part of the above line with the character set that is used by your system. In theory, any character encoding that has been registered with IANA can be used, but you must ensure that any text you enter uses this character set and that your target browsers support the required character set encoding.
The final <HEAD>.</HEAD> portion of the document should look similar to this:
<head> <meta http-equiv="Content-Type" content="text/html; charset=Shift_JIS"/> <title>Portal Login</title>
<link href="default1/styles.css" rel="stylesheet" media="screen" type="text/css" /> <script language="javascript" type="text/javascript"> function showPolicy() { win ="/auth/acceptableusepolicy.html", "policy", "height=550,width=550,scrollbars=1"); } </script> </head>
B. Fix references: If you have used the built-in preferences, you will need to update the reference for the logo image and the CSS style sheet. To update the CSS reference, search the text for "<link href" and update the reference to include "/auth/" in front of the reference. The original link should look similar to the following:
<link href="default1/styles.css" rel="stylesheet" media="screen" type="text/css" />
This should be replaced with a link like the following:
<link href="/auth/default1/styles.css" rel="stylesheet" media="screen" type="text/css" />

MAC-based authentication configuring 431 maintenance mode, AP 163 management authentication configuring 304 management roles 526 management users authenticating 527 configuring 527 master switch 33 mesh AP-70 requirements 181 architecture 168 bridging 196 components 168 deployment considerations 179 example configurations 206 licenses 167 nodes 168 profile settings 195 secure jaclk 197 statistics 205 troubleshooting 199 tunneling 197 wired AP profile 196 mesh cluster 170 mesh link creating 173 metrics 174 overview 173
mesh nodes, provisioning 200 mesh path 169 mesh point behavior 169 boot sequence 204 overview 169 mesh portal behavior 169 boot sequence 204 overview 169 mesh service set identifier. See MSSID mobile client 446 mobility domain 445 configuring 447 example configuration 450 Mobility Manager 46, 514, 524 MP. See mesh point MPP. See mesh portal MSSID 169
network ports on external firewall 685 nodes, mesh 168 NTP configuring 568
option 43 on DHCP server 679
password recovery 536 policies 268 configuring 269 port configuring 71 Power over Ethernet 32 PPPoE client 74 PPTP configuring 407 preshared key 438 profiles configuring 139 profiles, mesh cluster 171 radio 171
AOS-W 3.3.2 IX-741 User Guide
recovery 172 viewing 195 provisioning mesh caveats 201 mesh nodes 200 outdoor APs 200, 201 remote APs 231 PSK 438 PSK-refresh, remote AP 262
importing 117 model access points 126 model air monitors 126 run RF Plan 129 run the AM plan 130 up AP icon 105 role assigning 277 configuring 273
QoS for voice configuring 597
secure jack and mesh 197 self-healing 31 server derivation rules configuring 281 server group assigning 304 configuring 288, 295 server rules configuring 301 server-derived role 277 site-to-site VPN configuring 408 SNMP configuring 545 traps 550 software licenses 569 software modules 35 solutions, mesh overview 175 point-to-multi-point 177 point-to-point 176 wireless backhaul 175 with thin APs 175 source NAT 76 source NAT and dynamic VLAN 75 split tunneling, remote APs 255 static route configuring 79 switches adding 437 connecting to network 62 initial setup 56 master and local 33 mesh 169 Power over Ethernet 32
radio profile, mesh configuring 187 overview 171 parameters 183 RADIUS server configuring 289 recovering password 536 recovery profile, mesh 172 remote AP ACLs 255 backup configuration 241 backup switches 253 configuring 219 DNS setting 252 failback 254 provisioning 231 PSK-refresh 262 split tunneling 255 WMM 262 RF Plan 63, 85 add background image, name first floor 127 add background image, name second floor 127 add/edit floors 127 coverage maps, heat maps 104 create a building 125 create area dont care 128 dont deploy 128 down AP icon 105 exporting 117 HT mode selection 105 image guidelines 107
IX-742AOS-W 3.3.2 User Guide



PT-AE700 S18AHN Graph 25 Regal 1996 KV1326R KX-FP320E FT-301 DV-490V-S K220I Autopilot XR-3304 PV-GS50D AV220C2 Digitech RP-1 4 8 2243LNX Panificadora Fusion-2007 EL-W546 Tivoli Ipal KX-T2886E Profile Rumble PAD C250P MCD503 101720 RA-870BX VGN-SZ110 GR-DVL160 Motion 2 Review Express RZ-15LA32 AVR 2000 Vostro 200 SB4220 CUV4XM Pro 533 LMV2081SS Motorola T605 Install TCR Id-1 Audiogram3 SCX-6520FNG AG-HPG20 SGH-T400 LE40A656a1F Lbp3310 MG124CX Start GH750 System Bluetrek G3 KX-TG2382B KDL-46Z5500 Studio Alcatel-lucent 4020 Control 1X Warrior-2006 GR-572TF XT 25 650MP FAX-L290 KX-TG5110M PD-04 Dolmar 115 Wlar-L11-L Android D Fcd3N CP1210 I845GE PMP1280S FZ6-S-2006 Deluxe KX-TG8022E Crashday GC1710 Flowcam GT MRS-1266 42LC55 32WLT66 VRX610 DTH8550E VS2421 Navara 300 GPS Troya Toyota IQ Cc-ED300 C2000 Lrbc22544ST NAD C300 LAV72640 Charlotte HV3 ER8207C Powerbank 4 VR140 58 L32H01EA


manuel d'instructions, Guide de l'utilisateur | Manual de instrucciones, Instrucciones de uso | Bedienungsanleitung, Bedienungsanleitung | Manual de Instruções, guia do usuário | инструкция | návod na použitie, Užívateľská príručka, návod k použití | bruksanvisningen | instrukcja, podręcznik użytkownika | kullanım kılavuzu, Kullanım | kézikönyv, használati útmutató | manuale di istruzioni, istruzioni d'uso | handleiding, gebruikershandleiding



1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101