Wireless Access Point (WAP) Commissioning

Each Wireless Access Point ships from the factory with an installed SSL Certificate and DHCP enabled.  The WAP must be commissioned with a unique I.P. address for the host system. This I.P. address will allow the host end system to “see” the WAP on the network.

 

Commissioning of the WAP requires the following items:

  • Computer / Laptop with HyperTerminal

  • USB cable

  • Proper driver install to recognize the WAP

  • Power to the WAP

  • Network connection to the WAP

Connect the WAP’s USB port to hyper-terminal. I think you’ll need to install FTDI virtual COM port driver on your PC for it to recognize the WAP USB port. Link is given below http://www.ftdichip.com/Drivers/VCP.htm

Assigning WAP IP Address

All Access points are shipped from the factory with DHCP enabled. Each unit will automatically be assigned an IP address when they are connected to the network.

 

Note:  The WAP may be installed in place prior to commissioning - provided power and network connections are also installed and the laptop USB connection can reach the WAP at its installed location.

 

Assigning IP address requires a computer with HyperTerminal.

  1. Connect each WAP to the network via Ethernet cable

  2. Connect the WAP to the configuring computer via USB connection

  3. Power on the WAP

  4. Launch HyperTerminal

  5. Assign a name to the connection and click “OK”

  1. Connect WAP to the computer or laptop with USB cable

  2. Select the appropriate COM port.

    1. The COM port location may be determined from the computer’s Device Manager

    2. Once determined click “OK”

  1. Configure the COM port setting as listed the figure below

  1. Type “ifconfig” and press enter.

  2. The MAC address, IP Address and Gateway for the access point will be displayed

  3. Note the IP address and location of the access point this will be entered in the head in software

 

Establish a Static IP Address

Use the following command to set a static IP address via HyperTerminal.

Begin by following steps 1 – 10 in section 3.4.1.1 Assign WAP IP Address

  1. Once the DHCP IP has been determine the network submask and gateway for the Static IP address must be supplied by the customer site IT team.

  2. Type “setnetwork ?” and press enter

  1. Enter the string as it appears in the figure below:

pwd=Netsilicon ip=[Static IP of the WAP] submask=[submask of the network] gateway=[gateway of the network] dhcp=off

  1. Press enter

  2. After the settings have been saved, disconnect from the WAP.

  3. HyperTerminal setting do not need to be saved

  1. Each WAP can then be verified as active by pinging each unit with the assigned IP address from a network connected computer.

 

Wi-Fi WAP Configuration

Prior to the configuration of the Wi-Fi WAP the following information must be identified by the site I.T. Department

  • Wireless IP address

  • Wireless subnet mask

  • Wireless IP address of default gateway

  • Wireless country name configured is United States

  • Wireless protocol mode is for access point (infrastructure) networks only

  • Wireless SSID

  • Frequency band is band b only

  • Wireless channel is (search) [Default]

  • Wireless transmit rate is 11 [Default]

  • Wireless transmit power is 16dbm [Default]

  • Wireless multi domain capability (802.11d) disabled [Default]

  • Authentication type

 

HARDWARE PARAMETERS:

  • Serial channels will use a baud rate of 9600 [Default]

  • This board's serial number is (specific to Access point)

  • This board's Wireless MAC Address is (specific to Access point)

  • After board is reset, start-up code will wait 5 seconds [Default]

 

Connect the Wi-Fi WAP to the commissioning computer via HyperTerminal

  1. Once connections are made the reboot the WAP by typing “reboot pwd=password” and press enter.

‘Password’ is the initial password and can be resetting during the following configuration process.  Once system has rebooted, press any key to change the default settings. The current setting can either be accepted or modified. Choose modify and press enter.

  1. Reenter the password and chose to reconfigure the settings.

  1. The following message will be displayed in Hyperterminal. This will allow the previously saved setting to remain in the WAP configuration.

  1. If a static IP address is being assigned choose to disable DHCP.

  1. Input the desired IP address (if DHCP is disabled)

  2. Enter the network Subnet mask

  3. Enter the network Gateway address

  4. MAC Address [assigned at the factory] – does not need an input

  5. Country name [United States]

  6. Network type

  1. Enter the Network name (SSID)

  2. Set maximum transmit power [16dbm]

  1. Chose the Wireless Authentication Settings

  1. User Name and Password are required for WEP, WPA, Cisco LEAP and Cisco EAP FAST

  1. Select wireless network encryption type

  1. Serial port connection should remain at 9600

  1. The WAP password can now be reset. This password is WAP specific, but can be assigned to multiple WAP’s.

  1. Once complete the WAP can be disconnected from the commissioning computer.

 

Lock Table

Once Wireless Access Points have been commissioned via the software operating system, the associated locks can then be assigned to the WAP. These associated locks are known as the WAP Lock Table.

Refer to the user’s manual or online help for the software package you are using for the appropriate menu options to download the lock table to each WAP.

 

Turning on SSL

To enable SSL on the WAP follow these steps:

  1. Check that the following files reside at the root (FLASH0) level on the WAP (this is the directory that contains WapConfig.cfg):

Provided by Shared Engineering

  • svrcert.pem

Provided in IS2000 Certificates Installation Directory

  • IS2000.pem
  • WAPClient.pem

If none of these files currently reside on the WAP then the application will default to not using SSL at all. See Help with FTP section for how to check if these files are present.

  1. FTP the above files to the root if they are not present. See Help with FTP for more details.

  2. Make sure WAP firmware is version 1.1.15620 or later.

  3. Cycle power on the WAP to force a reboot or upgrade firmware (Reminder: Upgrading firmware will perform the necessary reboot on the WAP). If you have not yet ftp'd the certificates on the WAP, a message via the UDPDB log will remind you to. You cannot connect to IS2000 with SSL until these files are placed there.

  4. On the IS2000 PC that is running the Communication Server, set the EnableSSL flag to 1 (EnableSSL=1) in ACS.INI (a file typically found in C:\Windows).

  5. Restart IS2000 Communication Server

 

Turning Off SSL

If it becomes necessary to turn SSL off for debugging or other reasons,

  1. Set the EnableSSL flag to 0 (EnableSSL=0) in the ACS.INI (typically found in C:\Windows).

  2. FTP an empty file named “NO_SSL.txt* onto the WAP, and

  3. Reboot the WAP. See Help with FTP for more details.

  4. Restart commServer

 NOTE: Remember, to turn SSL back on remove or rename NO_SSL.txt.

*The content of NO_SSL.txt is unimportant - it is vital only the file named NO_SSL.txt be present to disable SSL. Simply create an empty text file and name it as NO_SSL.txt, then FTP it onto the WAP. The WAP defaults to SSL enabled and this file not present.

 

Help from UDPDB

The following statements from the UDPDB log relate directly to SSL/No SSL communication and can be useful in troubleshooting connection issues with IS2000.

 

Expecting ‘X’ certificates and found ‘Y’” – ‘X’ equals the number of certificates that should reside on the WAP. ‘Y’ equals the actual number that does exist on the WAP. Based on the value of Y three things can occur:

 

Value of Y

Action

Y=X

Continuing enabling SSL

Y=0

Quits enabling SSL and continues without it

Y=All other values

Waits for user to add/remove certificates

 Figure : Values of Y

 

 

Please load FLASH0/x.pemthrough FTP” – (x represents any of the files listed at the top of this document) is the indication that, that specific certificate, is still not properly located on the WAP. See Help on FTP.

 

SSL_SETUP_FAILED - Waiting a few moments before trying again” – When Y=All other values (see Figure )

 

SSL_SETUP_CANCELED” – When Y=0 (see Figure )

 

"SSL Server is ready." - an indication that all of the certificates are successfully located on the WAP and that it is expecting to communicate with SSL.

 

"TMP Server is ready." - an indication that SSL is disabled (either there are no certificates on the WAP or the file NO_SSL.txt exists) and SSL will not be used on the WAP side.

 

"Accepting..." - an indication that IS2000 is attempting to connect

 

"Client connected securely!" - an indication that the WAP and IS2000 are communicating via SSL.

 

"Socket closed - client connection terminated" – is an indication that there is a mismatch between the expected type of communication between IS2000 and the WAP. Double check that they are both configured for the expected type of communication.

 

NOTE: There is no specific message indicating a proper connection without SSL – however if “Socket closed – client connection terminated” is absent after “Accepting…” that is a good indication that the connection has been properly made when the TMP Server is ready.

 

Help with FTP

There are multiple ways to FTP. This section merely shows how to FTP using the Windows Command prompt.

 

Logging Onto the WAP

To log onto the WAP the follow these steps:

  1. Open up a command prompt window in that directory

  2. Find your WAP’s IP address (see section Determining the WAP’s IP)

  3. From the command line, type “ftp” followed by the IP address

e.g. D:\ftpFolder> ftp 192.168.165.100

  1. Log onto the WAP with username and password. Username is “root”, the default password is “Netsilicon”

 

Checking What Files are Present

 Once at the ftp command prompt type dir

 e.g. D:\ftpFolder> dir

 

Putting Files on the WAP

  1. Collect the files you wish to FTP onto the WAP into a common directory.

  2. Log onto the WAP (see Logging Onto the WAP)

  3. Put the file on the WAP using the “put” command (if your command prompt is in the same common directory you placed this file no other commands are required)

e.g. ftp> put svrcert.pem

 

  1. Wait for success of file.

  2. Repeat steps 3 & 4 until all the desired files have been put on the WAP

 

Quitting FTP

To exit the FTP prompt, type quit.

 

Upgrading Firmware via FTP

There are multiple ways to upgrade firmware onto the WAP, including IS2000, JTAG, and FTP. The following is how to load code onto the WAP via FTP. Upgrading the application on the Digi module over FTP is done by sending the image.bin file to the Digi module.

  1. Log onto WAP (See section Logging Onto the WAP.)

  2. WARNING: It is critical that the image.bin file is transferred in binary mode, otherwise the flash will be corrupted. From the command prompt type “bin

  3. To witness the progress of the download type “hash

  4. Load the file image.bin (When loading via FTP, filename MUST be image.bin – rename if necessary) onto the WAP. (See section Putting Files on the WAP)

  5. Quit the FTP session (type “quit”). DO NOT power cycle the WAP at this point - the WAP will reboot on its own after the firmware upgrade is complete.

 

If you power cycle in between the flash will be partially written and hence corrupted and the WAP will not have a valid application image on the flash to boot from. The WAP will need to be recovered through a special mechanism. So, after FTP the image.bin to WAP, let the WAP reboot on its own. Below is a sample ftp session:

 

D:\Work\WavePro\WAP_src\WAP_ESP_Project\Release>ftp 192.168.165.107

Connected to 192.168.165.107.

220 NET+OS 6.3 FTP server ready.

User (192.168.165.107:(none)): root

331 User root OK, send password.

Password:

230 Password OK.

ftp> bin

200 Type set to I.

ftp> hash

Hash mark printing On ftp: (2048 bytes/hash mark) .

ftp> put image.bin

200 PORT command Ok.

150 About to open data connection.

 

#################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################

226 Transfer complete

ftp: 1218512 bytes sent in 44.09Seconds 27.64Kbytes/sec.

ftp> bye

221 Goodbye.

 

Determining the WAP’s IP

 

There are multiple ways of determining the WAP’s IP address via IS2000 or a USB connection. Below is how to get the IP address via the USB cable.

  1. Connect the WAP’s USB port to hyper-terminal.

  2. Start Hyperterminal on the PC with the following settings : 9600 baud, 8 bits, 1 stop bit, no parity and no flow control. You’ll need to install FTDI virtual COM port driver on your PC for it to recognize the WAP USB port. Link is given below http://www.ftdichip.com/Drivers/VCP.htm

  3. The WAP application has DHCP enabled by default. To find out the IP address acquired by the WAP, use the WAP Command Line Interface on the Hyperterminal. Use the ‘ifconfig’ command to see the IP address of the WAP.

 

 Sample Hyperterminal output is shown below.

 

NET+OS Version 7.4

Copyright (c) 1997-2008, Digi International, Inc.

PLATFORM: connectem_esp 4M/8M [Apr 07 2009 11:43:40]

APPLICATION: WaveProAccessPoint 1.0.9398 [Apr 7 2009 11:44:30]

----------------------------------------------------------------------

NETWORK INTERFACE PARAMETERS:

The board will obtain IP configuration parameters from the network.


HARDWARE PARAMETERS:

Serial channels will use a baud rate of 9600

This board's serial number is N99999999

This board's Ethernet MAC Address is 00:40:9D:3B:84:22

After board is reset, start-up code will wait 5 seconds

Default duplex setting for Ethernet connection: default

----------------------------------------------------------------------

Press any key in 5 seconds to change these settings.

Welcome to Digi's Command Line Interface v1.0

#> version

NET+OS Version 7.4

Copyright (c) 1997-2007, Digi International, Inc.

PLATFORM: connectem_esp (Built: Apr 07 2009 11:43:40)

APPLICATION: WaveProAccessPoint 1.0.9398 (Built Apr 7 2009 11:44:30)

on AE407252

with GCC 4.2 (4.2.0 Microcross GNU X-Tools(tm))

 

#> ifconfig

Interface list (2):

1: LOOPBACK: flags=1 Phy 42:e8:00:34:42:d8 IpAddr:127.0.0.1 GW: 0.0.0.0 mtu 1500

2: eth0: flags=21 Phy 00:40:9d:2e:8d:c6 IpAddr:10.112.14.99 GW: 10.112.14.66 mtu 1500

#>