==================================================================
Readme for ORiNOCO Wireless AP-600 Access Point
Release 2.4.11 May 2004
==================================================================
Welcome to Release 2.4.11 of the ORiNOCO Wireless AP-600 Access
Point system. This readme describes the following for the ORiNOCO
Wireless AP-600 Access Point.
--------------------------------------------------------------------
1. Introduction
2. Software Description
3. Release History
4. Installation Notes
5. Known Issues
6. Obtaining Technical Assistance
--------------------------------------------------------------------
1. Introduction
The ORiNOCO Wireless AP-600 is part of a wireless Internet
access infrastructure. It functions as a wireless network
access point to the Internet or other data networks. As
clients move from one coverage cell to another, AP-600 units
automatically perform client handovers within the same subnet.
The AP-600 system provides:
- Easy installation and operation
- Automatic client handover
- Over-the-air encryption of data
- High-speed links to the Internet
Access Point management is provided through CLI (Command Line
Interface), Standard Web based Interface, and SNMP (Simple
Network Management Protocol). Any of these management
interfaces can be used to view and configure the Access
Point's parameter settings.
Release 2.4.11 of ORiNOCO Wireless AP-600 Access point supports
the following versions of AP600.
1. AP-600a
2. AP-600b
3. AP-600b/g
4. AP-600 with 11a/g Upgrade kit
--------------------------------------------------------------------
2. Software Description
2.1 About this software
Access Point Software comprises
* Access Point image
* Access Point scantool
* Access Point MIBs
With this software you should have received One User's guide:
* AP Getting Started Guide, which describes the
hardware installation of the Access Point.
Additionally, the "ORiNOCO AP-600 User Guide" can be
found on the CD accompanying this release.
This document describes how to use the software to
configure, monitor and manage your Access Point.
Alternatively you can access detailed information in the online
help file provided through the WEB interface of the software
through the "Help" button available in WEB interface
2.2 Files Installed
The following software will be installed in the directory
specified during setup:
AP-600 image Software: OR_AP600.BIN v2.4.11
Scanning Tool: SCANTOOL.EXE v2.3
Access Point related MIBs:
802.11 MIB: mib-802.mib
IANAifType-MIB.mib
MIB-II: rfc1213.mib
Bridge MIB: rfc1493.mib
EtherLIke MIB: rfc1643.mib
SNMPv2-MIB.mib
orinoco.mib
Problem Report form: REPORT.TXT
License Description: LICENSE.TXT
Readme file (this file): README.TXT
CD Wizard/Browser
The latest release of the AP-600 software comes packaged with a
CD wizard.The CD wizard provides a graphical user interface for
easy software installation, CD browsing, and document/help
viewing etc.
2.3 XTRAs Folder - CD Only
XTRAs\Solarwinds folder includes a TFTP server
(OEM-TFTP-Server.EXE) that may be installed on the user's PC
for downloading and uploading files to and from the AP-600. It
comes with help documentation included in the application when
it is executed.
Acrobat Reader is available in XTRAS folder
--------------------------------------------------------------------
3. Release History
3.1 Release 2.4.11 - May 2004
- Following are the new features added in this release
Security Per SSID
The AP-600 allows you to segment wireless networks into multiple
sub-networks based on Network Name (SSID) and VLAN membership, and
to apply security modes per SSID. A Network Name (SSID) identifies
a wireless network. Clients associate with Access Points that share
an SSID. During installation, the Setup Wizard prompts you to
configure a Primary Network Name for each wireless interface.
After initial setup and once VLAN is enabled, the AP can be
configured to support up to 16 SSIDs per wireless interface to
segment wireless networks based on VLAN membership. Refer to
"Configure Multiple SSID/VLAN/Security Mode Entries" in the HTML
help or Userguide for configuration details.
Spectralink Support for Atheros Radio
Deny Non-Encrypted Data Support for Atheros Radio
- The following issues and/or RFCs have been fixed in this release
# AP-600 b/g no longer locks up during ethernet port initialization
at boot time (#739)
# When the AP is input over than 255 characters(ASCII) in IP Address
of "RADIUS" - "RADIUS Acct", the error message will not occur and
locked AP. (#735)
# Fixed 11b client timeout after toggling AP-600b/g power (#605)
# VLAN with WPA-PSK now works. (#712)
# AP600G WPA-PSK re-key interval Min is now fixed. (#728)
# AP-600: shorter WPA-PSK pass phrase can now be set. (#750)
# Userguide wording was updated with the following text: "Encryption
Keys must be configured for WEP clients if mixed mode is selected."
(#792)
# The SYSLOG HTTP window now includes all syslog host table entries
The heart beat status is a drop down menu, the heart beat interval
text box is enabled or disabled depending on the heart beat status.
(#11663)
# VLAN with WPA-PSK is fixed. (#786/712)
# If VLAN Management is enabled, it is no longer possible to link the
AP with different SSIDs. (#732)
# WEP mode on wireless VLAN is fixed. (#768)
# Web: Change Orinoco MIB name to Enterprise MIB (#12004)
# When selecting a cell size, the Multicast ratel\no longer jumps
automatically to 1 Mbps it remains on the current setting when possible.
When the cell size is set to medium and the rate was 11 Mbps the rate is
set to 5.5 Mbps. When the cell size is set to Large and the rate
was 5.5 or 11 Mbps, the rate is set to 2 Mbs. (#14875)
# Added ":"'s to mac address verbage to the sentence in "Static MAC"
tab of the web interface. (#15269)
# Last Known Good Config File Functionality is now working (#15547)
# FP2 - CLI should not permit telsessiontout to be configured less
than 60 (#15735)
# Add SVP - spectra link VoIP into the Atheros 11bg upgrade kit
and 11a upgrade kit. (#666)
# Setup Wizard now sets AP in 11a-WPA mode. (#511)
3.2 Release 2.4.5 - Jan 2004
- No new feature additions in this release
- The following issues have been fixed in this release
# Fixed the issue of Link integrity page not displaying
properly (Link Integrity Table Corruption) (#568)
# Fixed the issue of device crashing when Link Integrity
tab is selected after configuring a backup accounting
address, the device begins to overload the Ethernet
sensor with traffic (# 467)
# Fixed the issue of Client not getting disassociated after
Ethernet Connection goes down and Link Integrity is enabled.
(#572)
# Fixed the issue of Device accessibility and configurability
across the subnet(#502)
# Fixed the issue of WDS feature not working with classic
802.11b only cards(#558)
- Additional trackers verified and closed in this release
# The issue of AP600 not passing packet larger than 1496
bytes with VLAN. (#459)
# The issue of Wrong MIB Information for the Variable
oriEthernetIfConfigSettings (#400)
# The issue of AP Reboot when repeatedly removing and
replacing Ethernet Cable of the AP with heavy traffic
(#565)
# The AP freeze after about 20 Client connections (#560)
# The Flash memory corruption issue (#463)
# The issue of AP Rebooting when a long packet is sent
through EtherPort (#396)
# The issue of AP reboot when RTS/CTS is enabled (#340)
# The RADIUS Accounting issue (Start/Stop) (#305)
# The issue of WEP enabled .11b client communication failing,
after the AP comes up (#478)
# The issue of improper display of the page
Configure>Filtering>TCP/UDP port (#425)
# The issue that Channel 12 and above does not come up in
MKK(Japan) domain. (#360)
# The issue about Unicast Key Distribution under heavy traffic
(#566)
# The issue of EAP – MD5 Authentication for 600 (#397)
# The issue of SNMP get on the table oriSecurityConfigTableSecurityMode
(#563)
# The IP Address conflict issue after reset and reloading the
firmware (#420)
# The WEP functionality on Fujitsu Image (#514)
3.3 Release 2.4.4 - Dec 2003
- No new feature additions in this release
- The following issues have been fixed in this release
# Migration issue with Deny Non encrypted data feature
3.4 Release 2.4.3 - Dec 2003
- No new feature additions in this release
- The following issues have been fixed in this release
# Modified Deny non encrypted data feature to be in enabled
state by default
3.5 Release 2.4.1 - Dec 2003
- Following are the new features added in this release
Monitoring Station Statistics
This feature provides the capability to monitor a set of
statistics for all active stations connected to an Access
Point.User can enable this feature and view the statistics
like IP Address,MAC Address, Interface, Station Type,
Protocol, SNR etc. without rebooting the device. Wireless
Stations inactive for more than 10 minutes, are removed from
the statistics table.
Secure Socket Layer
The functionality of the Secure Socket Layer (SSL)
communication is an enhancement to the already existing HTTP
Management interface of the ORiNOCO Access Points. This
functionality will allow secure communication between the
AP and the HTTP Client. SSL feature will utilize a 128-bit
encryption certificate (maintained by AP) as cipher for secure
communication. User can install a certificate obtained from a
Certification Authority.
SNMP v3 Support
This feature is for supporting the Simple Network Management
Protocol version 3 (SNMPv3). The implementation in the 2.4.5
release will concentrate on fundamental requirements in order
to provide secure SNMP management. The SNMPv3 feature is
based on existing SNMP framework, but addresses security
requirements for device and network management
Rogue AP detection Support
This functionality will provide the ability to detect
unauthorized APs within a given coverage area. When enabled,
the AP will scan in the vicinity with in the range of
coverage and identify the access points active in the area.
The support is available for all versions and operation
modes of Access Points. E.g: 802.11a access point will identify
all similar Access Points. However, it will not be able to detect
Access points that are not of this type, say 802.11b or 802.11g
access points. This feature is not supported in AP600b
hardware
HTTP/ HTTPS File Transfer
The functionality of the HTTP(S) File Transfer is an
enhancement to the already existing HTTP Management interface
of Access Points.This functionality will allow transfer of
configuration and kernel image files to and from the Access
Points from any compliant HTTP/HTTPS browser. For HTTPS file
transfer, SSL should be enabled.This feature also allows
transfer of SSL Certificate & private keys and upgrade BSP/BL.
Tx Power Control
This is a proprietary implementation of transmit power
control by using standard 802.11d frames to control
transmit power within an IBSS.This method of power control is
considered to be a interim way of controlling the transmit
power of 802.11d enabled clients in lieu of implementation of
802.11h. The Access Point will allow four (4) intervals of
transmit power control:
100% (Regulatory Maximum)
50%
25%
12.5%
This feature is not supported in AP600b hardware.
WDS enhancements to support 802.11a and 802.11g cards
This is an enhancement to the existing WDS feature already
available in Access Points for 802.11b into both 802.11a and
802.11g access points. The functionality remains the same as
the current 802.11b.
Auto Configuration
This feature provides the capability to allow auto
configuration of the Access Point Devices in a given subnet.
Default state of the feature is Enable. This feature
can work for both DHCP enabled or Static IP configured devices.
Multiple Authentication Server Support
This feature extends the existing authentication server
configuration option available in access points. With this,
the user can configure separate primary & secondary servers
for RADIUS and 802.1x servers that can be used for MAC based
or 802.1x based authentication, respectively.This also
extends the server fallback capability to the new
servers supported.
Image Error Check
This feature allows the Access Point to accept a valid image
during download through HTTP or TFTP. The following checks
are performed on the downloaded image:
Zero Image size
Large image size
Non VxWorks Image
AP2000/AP600 Image
Signature Verification
Support for 802.11a/g access point cards
This is an extension to the capability of access points to
support 802.11a/g combo cards that allows user to configure
the device to either 802.11a or 802.11g mode. This will be
available only for AP-600 devices,
The functionality of the device will be same as that of any
other AP-600 802.11a or 802.11g as appropriate.
- The following issues have been fixed with in this release
# Added back CLI command to deny non encrypted data for
Agere 11b cards(#577) and the command is
Set Wifsec <interface number> encryptdeny <enable/disable>
Where
Interface number for slot A = 3 and for Slot B = 4
Default state of encryptdeny is disable and will allow
to connect both encrypted and non-encrypted clients
# Fixed the issue with Deny IP Broadcast/Multicast feature
in Advanced Filter tab to filter out IP Broadcast/Multicast
packets both from Ethernet to Wireless and from Wireless to
Ethernet
# Fixed IP/ARP filtering issue to filter the Ethernet to
wireless traffic(#506)
# Fixed the issue of Clients not getting connected to the
device with wep encryption and WDS enable for 11b card
(#15127)
# Fixed the issue of not getting the handover request and
response in IAPP with WDS ink up(#15134)
# Fixed CLI Commands output format for "show http" and
"show snmp"(#15154).
# Fixed the issue of "Encryption Key Length" being empty and
disabled in Configure Management/Security Page/802.1x
(#15156 and #15169).
# Fixed the issue of sniffer capturing the frames of RTS/CTS
from device to client when "Enable Medium Density
Distribution" is disabled (#15161).
# Fixed the issue with initial configuration of the device
via "Setup Wizard"(#15163)
1) Without reconfiguring the password the wizard was not
allowing the user to proceed further. Password need to
be configured at least once before moving to next
step in setup configuration wizard
2) After Configuring Wireless Interface Configuration,
if Save button and Next button was clicked, IE was not
displaying any page and was showing up the page only
after refresh button was clicked
# Note inserted in the HTTP page indicating Max age can be
set in increments of 100ms (#15167)
# Fixed the issue with MAC address validation which was not
validated for its length in the HTTP interface while adding
an entry under MAC Access table and the back link was not
taking to the MAC Access table page(#15168)
# Fixed the issue with Serial number being displayed blank on
the HTTP interface for Wireless Card A(#15170)
# Fixed the issue in Port filtering table not able to change
the interface type from all interfaces to other
value through HTTP interface while editing an entry (#15189).
# Fixed issue of not able to enable RADIUS Accounting through
HTTP, CLI and SNMP (#15221)
# Added Error page to display when an incorrect value is
entered While editing an VLAN ID(#15300)
# Fixed the issue of VLAN table accepting wrong entries
(#15301)
# Fixed the issue of incorrect links under VLAN page (#15302)
# Fixed the issue with Monitor->Interface->type field always
showing as ethernet-csmacd for both wireless and ethernet
interfaces(#15306)
# Fixed the issue of SNMP interface not being able to enable
thorugh HTTP interface and Telnet(#15331)
# Note is added to indicate that the Polling interval should
always be in steps of 500ms(#15343).
# Fixed the issue of accepting 1 character in SSID fied, need
to be minimum 2 characters(#15347).
# Fixed the issue of downloading an image whenever Reload
button is pressed(#15349)
# Fixed the issue in password accepting 1-32 characters
instead of 6 to 32 characters in HTTP Web based
Interface(#15350).
# Added missing parameter "Ehthernet Chipset" under
Monitoring Interface statistics (#15352)
# Fixed the issue of reauthentication not happening after
specified authorization life time(#15362).
3.5 Release 2.3.0 - July 2003
- Following are the new features added in this release
WiFi Protected Access (WPA)
WPA pulls together several of the key technologies from the
Wi-Fi Alliance defined functionality. These include:
· TKIP (Temporal Key Integrity Protocol) - Provides better
data privacy with per frame keying and a larger IV than
WEP. Also provides message integrity checking (MIC)
using Michael MIC algorithm to prevent re-play attacks.
· Standard 802.1X server based authentication
· Dynamic key management through 802.1X
· Option for server-less authentication via pre-shared
keys
· AP and station negotiation of WPA authentication mode
and cipher suite capabilities
WPA supports 27 clients.
VLAN-16 and Multiple SSIDs
This feature extends support for compatibility with VLAN
enabled wired networks by providing the user with the
capability to configure up to 16 Network Names or SSIDs
(Service Set Identifiers) and 16 corresponding VLAN (Virtual
Local Area Network) Identifiers per radio card.VLAN assignment
is made by providing the wireless end user with the SSID
corresponding to the VLAN ID configured on the AP. The end
user associates with the AP and his or her traffic is tagged
with the proper VLAN ID and transmitted on the wired LAN.
3.6 Release 2.2.0 - April 2003
- Following are the new features added in this release
Closed system (.11g)
The AP-600 Access Point supports a closed system feature that
will prevent wireless client access without the configured
wireless network name. Refer to the User's Guide for more
information on using the closed system feature.
Per User Per Session (.11g)
This feature supports the dynamic generation of encryption
keys for each 802.11 wireless client using 802.1x security.
The 802.11a/g radios have the ability to store 128 WEP keys
as opposed to the maximum number of 4 on the 802.11b NIC’s.
This ability enables a higher level of security for those
connecting through this interface by giving each client,
up to 108, it’s own unique key.
802.11g
Support for 802.11g wireless connectivity through use of
802.11g compliant 2.4 GHz radio technology.The IEEE 802.11g
addendum to the 802.11 standard adds support for a high speed
wireless physical layer in the 2.4 GHz band using Orthogonal
Frequency Division Multiplexing.The standard provides for
data rates of up to 54 Mbps.
Note: Until further notice, the 802.11b/g hardware kit for
South Korea supports channels 1-11 within the FCC
regulatory domain, instead of channels 1-13 in the
ETSI regulatory domain.
--------------------------------------------------------------------
4. Installation Notes
4.1 If you download the installation from the web:
Double Click on the zip file name "ORAP600R2.4.11B758-WEB.zip".
The WinZip Self-Extractor will request a temporary location
to unzip files. You may use the default location or choose
a customized location. Browse the temporary location and
double click on "Setup.exe". This automatically downloads
the AP image and help files for the AP-600 onto your hard
drive.
4.2 If you are using the installation CD:
Insert the ORiNOCO Installation CD in your CD-ROM drive and
the autorun facility will start the CD wizard which will
guide you through the installation process.
4.3 System Requirements
- Windows 98, NT, 2000, or XP
- At least 5 Mb of free disk space
- A web browser, preferably MS IE 6 with Service Pack 1 or
Netscape 6.1
Note :
-----
For SSL, IE 5.00 (128 bit) with Service Pack 2 (or)
IE 5.0 (56 bit) with patch Q240308 (or) IE 6.0
(128 bit) with Service Pack 1 and Patch Q323308
is required.
For 802.1x Authentication using TLS, XP Clients should
have Service Pack 1 installed on it.
--------------------------------------------------------------------
5. Known Issues
# There is a problem retrieving the config file via TFTP. The
workaround is to select retrieving the config file via HTTP.
(#16531)
# APs with Atheros radios drop connections when more than 5
spectralink calls connect simultaneously; however, the AP
will support up to 5 calls connected simultaneously.
(#16427)
# SSID/Security/VLAN table shows empty when the AP is upgraded from
a pre 2.4.11 release to 2.4.11. In the flash, the Ssid in the
Vlan Table, was not getting upgraded properly due to a wrong logic
in translation. The workaround is to reboot twice. After the first
reboot the device will come up with the wrong SSIDs. Reboot the
device a second time and it should come up with the correct SSIDs.
(#16525/16526)
# When Deny Non Encrypt Data is disabled, there may be some
issues for clients other than 11b Gold and Silver Cards
connecting to the AP ( both encrypted and non-encrypted
clients ).
# 802.1x Clients (Using TLS or TTLS) connected to AP working
in Mixed mode cannot connect to the same AP if connected as
WEP clients. Device needs to be rebooted (#606)
# Release 2.3.3 and earlier images cannot be loaded into
AP600 which is already having 2.4.x in it. If loaded, it
will give an error saying "TFTP Operation Unsuccessful".
However Release 2.3.3 and earlier images can be loaded
after removing Release 2.4.x.
--------------------------------------------------------------------
6. Obtaining Technical Assistance
If you encounter problems when using this product or would like information
about our other ORiNOCO Wireless products, please contact the reseller from
whom you purchased the equipment for support. If you would like reseller
contact information, please contact Proxim inside sales using the contact
information on our website.
6.1 Troubleshooting
For the most up-to-date, detailed troubleshooting informa-
tion, refer to the ORiNOCO AP-600 User Guide.
6.2 Obtaining Documentation
The user guide is available in English language and you
can access the most recent software and user documentation
on the World Wide Web at the following site:
http://www.proxim.com
--------------------------------------------------------------------
END OF FILE
Download Driver Pack
After your driver has been downloaded, follow these simple steps to install it.
Expand the archive file (if the download file is in zip or rar format).
If the expanded file has an .exe extension, double click it and follow the installation instructions.
Otherwise, open Device Manager by right-clicking the Start menu and selecting Device Manager.
Find the device and model you want to update in the device list.
Double-click on it to open the Properties dialog box.
From the Properties dialog box, select the Driver tab.
Click the Update Driver button, then follow the instructions.
Very important: You must reboot your system to ensure that any driver updates have taken effect.
For more help, visit our Driver Support section for step-by-step videos on how to install drivers for every file type.