Introduction 

Annotation 

Modern tendencies of telecommunication development necessitate operators to search for the most optimal technologies, allowing to meet rapidly growing needs of subscribers, while maintaining at the same time consistency of business processes, development flexibility and reducing the costs of various services. Wireless technologies are spinning up more and more, and have paced a huge way for short time from unstable low-speed communication networks of low radius to broadband access networks equitable to speed of wired networks with high criteria to the quality of provided services.

WOP-20L device is a Wi-Fi access point. The device enclosed into hermetic case which allows using the access point outdoor in different climatic conditions – at temperatures from -45 to +65 °C

This manual specifies intended purpose, main technical parameters, design, safe operation rules and installation and configuration recommendations for WOP-20L.

Symbols

Notes and warnings

Device description

Purpose

WOP-20L wireless access point is designed to provide the user access to high-speed and secure network.

The main purpose of the device is to create a Layer 2 wireless network at the junction with a wired network. WOP-20L connects to a wired network over 10/100/1000M Ethernet interface and using radio interfaces creates wireless high-speed access for devices that support Wi-Fi technology in the 2.4 GHz and 5 GHz bands.

The device contains 2 radio interfaces for organizing two physical wireless networks.

WOP-20L supports modern requirements for the the quality of services and allows transmitting the most important traffic in higher priority queues than normal. Prioritization is provided by the following QoS technologies: CoS (special tags in the VLAN packet field) and ToS (tags in the IP packet field). Support for creating ACL rules and traffic shaping on each VAP allows one to fully manage access, quality of service and restrictions both for all subscribers and for everyone in particular.

The device is an indispensable solution for organizing a wireless network in various climatic conditions, in a wide range of operating temperatures and high humidity (parks, factories, stadiums, etc.), and is also an ideal platform for organizing communication in suburban settlements and remote locations.

Device specification

Interfaces:

• 1 port of Ethernet 10/100/1000BASE-T (RJ-45) with PoE support;

• Wi-Fi 2.4 GHz IEEE 802.11b/g/n;

• Wi-Fi 5 GHz IEEE 802.11a/n/ac.

Functions:

WLAN capabilities:

• support for IEEE 802.11a/b/g/n/ac;
• support for IEEE 802.11r/k/v roaming standards;
• data aggregation, including A-MPDU (Tx/Rx) and A-MSDU (Rx);
• WMM-based priorities and packet planning;
• wireless bridging (WDS);
• dynamic frequency selection (DFS);
• support for hidden SSID;
• 14 virtual access points;
• external access points detection;
• spectrum analyzer;
• auto channel selection.

Network functions:

• auto-negotiation of speed, duplex mode and switching between MDI and MDI-X modes;
• IPv6;
• support for VLAN;
• DHCP client;
• ACL;
• NTP;
• Syslog;
• GRE;
• transmission of subscriber traffic out of tunnels.

QoS functions:

• priority and profile-based packet scheduling;
• bandwidth limitation for each VAP;
• bandwidth limitation for each client;
• WMM parameters changing.

Security:

• centralized authorization via RADIUS server (802.1X WPA/WPA2 Enterprise);
• WPA/WPA2 data encryption;
• support for Captive Portal.

Figure 1 shows WOP-20L application diagram. 

Figure 1 — WOP-20L application diagram 

Technical parameters

Table 1 — Main specifications

Design

WOP-20L enclosed in a plastic case. The layout of WOP-20L panels is shown in Figures 2 and 3.

Figure 2 — WOP-20L front panel layout

The bottom panel of WOP-20L has a 10/100/1000BASE-T LAN port (RJ-45 connector) for connecting to the internal network and PoE power, and a factory reset button (“F”). 

Figure 3 — WOP-20L bottom panel layout

The current status of the device is displayed using the LEDs located on the device front panel. The possible indicator states are described in Table 2.

Table 2 — Light indication of device status

Restore the factory configuration 

To restore the factory configuration, press and hold the "F" button for 10–15 seconds until the Wi-Fi 2.4 GHz and the Wi-Fi 5 GHz indicators start flashing. The device will automatically reboot.

By default, the DHCP client will be launched. If the address is not obtained via DHCP, then the device will have the factory IP address — 192.168.1.10, subnet mask — 255.255.255.0.

Delivery package

The delivery package includes:

• WOP-20L wireless access point;
• Mounting kit;
• User manual on a CD (optional);
• Technical passport. 

Rules and recommendations for device installation

This section defines safety rules, installation recommendations, setup procedure and the device starting procedure.

Safety rules 

1. Do not open the device case. There are no user serviceable parts inside.
2. The unused antenna connectors should be closed with a protective cover, which is included in the device delivery set.
3. Do not install the device during a lightning storm. There may be a risk of being struck by lightning.
4. The voltage, current and frequency requirements specified in this manual should be observed.
5. Measurement eqipment and a computer should be grounded before connecting to the device. Potential difference between cases of equipment and measurement devices should be no more than 1 V.
6. Before turning on the device, make sure that the cables are intact and securely fastened to the connectors.
7. Do not install the device near heat sources or at places where temperature may be below -45 °C or higher 65 °C.
8. When installing the device on high-rise structures, the established standards and requirements for working at height should be observed.
9. The operation of the device should be carried out by engineering and technical personnel who have undergone special training.
10. Only suitable auxiliary equipment should be connected to the device.

Installation recommendations

1. The recommended installation position: attaching to a mast/pole. 
2. Before installing the device and turning it on, check the device for visible mechanical defects. If defects are observed, stop the device installation, fill in the corresponding act and contact the supplier.
3. When placing the device, in order to provide the best Wi-Fi coverage consider the following rules: 
   • Install the device at the center of a wireless network;
   • Minimize the number of barriers (walls, ceilings, furniture, and etc.) between WOP-20L and other wireless network devices;
   • Do not install the device near (about 2 m) electrical and radio devices;
   • It is not recommended to use radiophones and other equipment operating at frequency of 2.4 GHz or 5 GHz, within the range of a Wi-Fi network;
   • Obstacles like glass/metal constructions, brick/concrete walls, water cans and mirrors can significantly reduce Wi-Fi action radius. It is not recommended to place the device inside a false ceiling as metal frame causes multipath signal propagation and signal attenuation.
4. When installing several access points, cell action radius must overlap with action radius of a neighboring cell at the level from -65 to -70 dBm. It is allowed to reduce the signal level to -75 dBm at cell boundaries, if it is not intended to use VoIP, video streaming and other sensitive to losses traffic in wireless network.

Frequency bandwidths and channels in the 5 GHz band for Wi-Fi 

The data transmission in the 5 GHz band is used for IEEE 802.11a/n/ac standards. The WOP-20L device supports frequency channels in the 5 GHz band with a width of 20, 40 and 80 MHz.

The following formula is used to calculate the center frequency of the Wi-Fi channel (f, in MHz):

f=5000+(5*N), where N — the Wi-Fi channel number.

Calculating the number of required access points

Table 3 — Attenuation values

Channel selection for neighbouring access points

It is recommended to set non-overlapping channels to avoid interchannel interference among neighbouring access points.

Figure 4 — General diagram of frequency channel overlap in the range of 2.4 GHz

Example of channel allocation scheme among neighboring access points in frequency range of 2.4 GHz when channel width is 20 MHz, see Figure 5.

Figure 5 — Scheme of channel allocation among neighboring access points in the frequency range of 2.4 GHz when channel width is 20 MHz

Similarly, the procedure of channel allocation is recommended to save for access point allocation between floors, see Figure 6. 

Figure 6 — Scheme of channel allocation between neighboring access points that are located between floors

With a channel width of 40 MHz there are no non-overlapping channels in the 2.4 GHz band. In such cases, it is required to select channels maximally separated from each other.

Figure 7 — Channels used in the 5 GHz band when channel width is 20, 40 or 80 MHz 

Installation 

There are two mounting options for the WOP-20L access point: mounting the device on a pole and on a wall. 

Device installation on a mast/pole

1. Attach the bracket to the device case using the supplied screws as shown in the figure below. 

Figure 8 — Attaching the bracket to the device 

2. Install the device with the Ethernet port down on the pole as shown in the figure below, and secure it with the clamps supplied with the device. Follow the safety instructions and recommendations in the Safety rules and Installation recommendations sections.

Figure 9 — Attaching the device to the pole  

Device installation on a wall 

1. Align the four screw holes on the bracket with the same screw holes on the device. Use a screwdriver to attach the bracket to the device as shown in Figure 10.

Figure 10 — Attaching the bracket to the device 

2. Choose a location for the access point according to the Safety rules and Installation recommendations sections of this manual. Place the base of the bracket against the wall and mark the location of the screw holes (Figure 11). Drill holes and fasten the screws in them. Do not tighten the screws firmly. 

Figure 11 — Placing the device on the wall

3. Align the bracket holes with the screws on the wall. Move the bracket up or down until it stops and fasten the screws (Figure 12). 

Figure 12 — Fixing the device to the wall 

Connection 

Figure 13 — Connecting Ethernet cable to the PoE port

1. Remove the cover protecting the Ethernet port on the bottom of the device, then connect the Ethernet cable to the PoE port (Figure 13). 

2. Close the bottom cover.
3. Connect the Ethernet cable from WOP-20L to the injector PoE port or the switch port (IEEE 802.3af-2003).
4. If the PoE injector is used, connect it to a 220V outlet using a power cord.
5. Connect the antenna to the device following the instructions in the Instructions for sealing antenna connectors section:
   1. When using Omni antennas: connect the antennas to the device's SMA connectors;
   2. When using panel/sector antennas: connect the antennas to the device's SMA connectors using cable assemblies. Adjust the position of the antenna so that subscriber units are within the coverage area of the installed antenna.

Instructions for sealing antenna connectors 

1. Before connecting the cable to the connector, inspect the cable sheath for damage, and also check if a sealing ring is in the connector nut, the location is shown in Figure 14 (a, b).

3. Cut the rubber sealing tape to the appropriate length: one SMA connector (Figure 15a) requires 0.15 m of waterproofing tape, one N-type connector (Figure 15b) requires 0.3 m of waterproofing tape, as shown in Figure 16 (a, b).

4. Remove the protective layer from the rubber tape as shown in Figure 17.

Figure 17

5. Start winding from the side of the cable, having previously stepped back from the crimping part by 10–15 mm. Fix the tip of the tape on the cable sheath at the angle of 15–25 degrees to the cable axis, and, slightly stretching the tape, start wrapping the cable and the connector, moving towards the device case. The tape turns should be laid on top of each other with an overlap, wrinkles on the turns are not allowed. The cable winding is shown in Figure 18 (a, b).

6. Having reached the device case (antenna) with the edge of the tape, make a turn around the connector, pressing the edge of the tape to the case as much as possible, then continue winding the tape at a different angle, moving away from the body. When winding, do not forget to stretch the tape and press it tightly against the previously wound turns. At the tip of the tape, the stretch should be reduced and pressed tightly against the turns located on the cable sheath, as shown in Figure 19 (a, b).

7. Cut the PVC tape (duct tape) to the appropriate length: one SMA connector requires 0.28 m of the PVC tape, one N-type connector requires 0.6 m of the PVC tape. The PVC tape is required to protect the rubber tape from UV rays. The PVC tape is shown in Figure 20.

Figure 20

8. Start the winding from the cable sheath, having previously stepped back from the first turn of the rubber tape by 5–10 mm. Fix the tip of the PVC tape on the cable sheath at an angle of 15–25 degrees to the cable axis, and, slightly stretching the tape, start wrapping the cable and connector, moving towards the device case. The turns should be laid on top of each other with an overlap, wrinkles on the turns are not allowed. The cable winding is shown in Figure 21.

Figure 21

9. Having reached the case with the edge of the tape, make a turn around the connector, pressing the edge of the PVC tape to the device case as much as possible, then continue winding the tape at a different angle, moving away from the case. When winding, tightly apply the turns of the tape, avoiding wrinkles. On the last turns of the PVC tape, the stretch should be reduced to zero and the last turn should be laid without stretching, as shown in Figure 22 (a, b). 

10. Check the sealed connector for visible rubber tape. 

Device management via the web interface 

Getting started

In order to start the operation, connect to the device via WAN interface using a web browser:

1. Open a web browser, for example, Firefox, Opera, Chrome.
2. Enter the device IP address in the browser address bar.

When the device is successfully detected, username and password request page will be shown in the browser window: 

3. Enter username into “Login” and password into “Password” field.  

4. Click “Log in”. A menu for monitoring the device status will open in a browser window.  

5. If necessary, select the information display language. Russian and English languages are available for web interface.   

Applying configuration and discarding changes

1. Applying configuration

The WOP-20L web interface has a visual indication of the current status of the setting applying process (Table 4).  

Table 4 — Visual indication of the current status of the setting application process

2. Discarding changes

The button for discarding changes appears as follows: .

Web interface basic elements

Navigation elements of the web interface are shown in the figure below. 

User interface window is divided into five general areas:

1. Menu tabs categorize the submenu tabs: Monitoring, Radio, VAP, WDS, Network Settings, External Services, System.
2. Interface language selection and Logout button designed to end a session in the web interface under a given user.
3. Submenu tabs allow one to control settings field. 
4. Device configuration field displays data and configuration.
5. Information field displays current firmware version.

The “Monitoring” menu

In the “Monitoring” menu, the current system state can be viewed.

The “Wi-Fi Clients” submenu

The “Wi-Fi Clients” submenu displays information about the status of connected Wi-Fi clients.
Information on connected clients is not displayed in real time. In order to update the information on the page, click “Refresh”.

• # — number of the connected device in the list;
• Hostname — network name of the device;
• IP address — IP address of the connected device;
• MAC address — MAC address of the connected device;
• Interface — WOP-20L interaction interface with the connected device;
• Link Capacity — parameter that displays how effectively the access point uses modulation to transmit. It is calculated based on the number of packets transmitted on each modulation to the client, and reduction factors. The maximum value is 100% (it means that all packets are transmitted to the client at maximum modulation for the maximum nss type supported by the client). The minimum value is 2% (in case when packets are transmitted on nss1mcs0 modulation for a client with MIMO 3x3 support). The parameter value is calculated for the last 10 seconds;
• Link Quality — parameter that displays the state of the link to the client, calculated based on the number of retransmit packets sent to the client. The maximum value is 100% (all transmitted packets were sent on the first attempt), the minimum value is 0% (no packets were successfully sent to the client). The parameter value is calculated for the last 10 seconds;
• Link Quality Common — parameter that displays the status of the link to the client, calculated based on the number of retransmit packets sent to the client. The maximum value is 100% (all transmitted packets were sent on the first attempt), the minimum value is 0% (no packets were successfully sent to the client). The parameter value is calculated for the entire time of the client connection;
• RSSI — received signal level, dBm;
• SNR — signal/noise ratio, dB;
• TxRate — channel data rate of transmission, Mbps;
• RxRate — channel data rate of reception, Mbps;
• Tx BW — transmission bandwidth, MHz;
• Rx BW — reception bandwidth, MHz;
• Uptime — Wi-Fi client connection time.

To display more detailed information on a particular client, select it from the list. A detailed description includes the following options: 

• Total TX/RX, bytes — number of bytes sent/received on the connected device;
• Total TX/RX, packets — number of packets sent/received on the connected device;
• Data TX/RX, bytes — number of data bytes sent/received on the connected device;
• Data TX/RX, packets — number of data packets sent/received on the connected device;
• Fails, packets — number of packets sent with errors on the connected device;
• TX Period Retry, packets — number of retries of transmission to the connected device for the last 10
  seconds;
• TX Retry Count, packets — number of retries of transmission to the connected device during the entire
  connection;
• Actual TX/RX Rate, Kbps — current traffic transmission rate at the moment.

The “WDS” submenu

The "WDS" submenu displays information about the status of WOP-20L access points connected via WDS.

• # — number of the connected device in the list;
• Hostname — device network name;
• IP Address — IP address of the connected device;
• MAC — MAC address of the connected device;
• Interface — WOP-20L interaction interface with the connected device;
• Link Capacity — parameter that displays how effectively the access point uses modulation to transmit. It is calculated based on the number of packets transmitted on each modulation to the client, and reduction factors. The maximum value is 100% (it means that all packets are transmitted to the client at maximum modulation for the maximum nss type supported by the client). The minimum value is 2% (in case when packets are transmitted on nss1mcs0 modulation for a client with MIMO 3x3 support). The parameter value is calculated for the last 10 seconds;
• Link Quality — parameter that displays the state of the link to the client, calculated based on the number of retransmit packets sent to the client. Maximum value — 100% (all transmitted packets were sent on the first attempt), minimum value — 0% (no packet to the client was successfully sent). The parameter value is calculated for the last 10 seconds;
• Link Quality Common — parameter that displays the status of the link to the client, calculated based on the number of retransmit packets sent to the client. The maximum value is 100% (all transmitted packets were sent on the first attempt), the minimum value is 0% (no packets were successfully sent to the client). The parameter value is calculated for the entire time of the client connection;
• RSSI — received signal level, dBm;
• SNR — ratio signal/noise, dB;
• TxRate — channel data rate of transmission, Mbps;
• RxRate — channel data rate of reception, Mbps;
• TX BW — transmission bandwidth, MHz;
• RX BW — reception bandwidth, MHz;
• Uptime — Wi-Fi client connection time.

To display more detailed information on a particular client, select it from the list. A detailed description includes the following options:

• Total TX/RX, bytes — number of bytes sent/received on the connected device;
• Total TX/RX, packets — number of packets sent/received on the connected device;
• Data TX/RX, bytes — number of data bytes sent/received on the connected device;
• Data TX/RX, packets — number of data packets sent/received on the connected device;
• Fails, packets —  number of packets sent with errors on the connected device;
• TX Period Retry, packets — number of retries of transmission to the connected device for the last 10 seconds;
• TX Retry Count, packets — the number of retries of transmission to the connected device during the entire connection;
• Actual TX/RX Rate, Kbps —  current traffic transmission rate at the moment.

The “Traffic Statistics” submenu

The “Traffic Statistics” section displays the graphs of the transmitted/received traffic speed for the last 3 minutes, as well as statistics on the amount of transmitted/received traffic since the access point was turned on.

The LAN Tx/Rx graph shows the speed of the transmitted/received traffic via Ethernet interface of the access point for the last 3 minutes. The graph is automatically updated every 6 seconds.

The WLAN0 and WLAN1 Tx/Rx graphs show the rate of transmitted/received traffic via Radio 2.4 GHz and Radio 5 GHz interfaces for the last 3 minutes. The graph is automatically updated every 6 seconds.

“Transmit” table description:

• Interface — name of the interface;
• Total packets — number of successfully sent packets;
• Total bytes — number of successfully sent bytes;
• Total drop — number of rejected packets;
• Errors — number of errors.

“Receive” table description:

• Interface — name of the interface;
• Total packets — number of successfully received packets;
• Total bytes — number of successfully received bytes;
• Total drop — number of rejected packets;
• Errors — number of errors.

The “Scan Environment” submenu

In the “Scan Environment” submenu, scanning of the surrounding radio is carried out and detection of neighboring access points.

After clicking “Scan”, the process will be launched. After the scan is completed, a list of detected access points and information about them will appear:

• Range — specifies the range of 2.4 GHz or 5 GHz in which the access point was detected;
• SSID — SSID of the detected access point;
• Security mode — security mode of the detected access point;
• MAC — MAC address of the detected access point;
• Channel/Bandwidth — radio channel on which the detected access point operates;
• RSSI — the level with which the device receives the signal of the detected access point, dBm.

The “Events” submenu

In the “Events” submenu, it is possible to view a list of real-time informational messages which contains the following information:

• Date and Time — date and time when the event was generated;
• Type — category and severity level of the event;
• Service — name of the process that generated the message;
• Message — event description. 

Table 5 — Description of event severity levels 

To receive new messages in the event log, click "Refresh".

If necessary, all old messages can be deleted from the log by clicking “Clear”.

The “Network information” submenu

In the “Network Information” submenu, general network settings of the device can be viewed. 

WAN Status:

• Interface — name of the bridge interface;
• Protocol — protocol used for access to WAN;
• IP address — device IP address in external network;
• RX Bytes — number of bytes received on WAN;
• TX Bytes — number of bytes sent from WAN.

Ethernet:

• Link Status — Ethernet port status;
• Speed — Ethernet port connection speed;
• Duplex — data transfer mode:
  • Full — full duplex;
  • Half — half-duplex.

ARP:
The ARP table contains mapping information between the IP and MAC addresses of neighboring network devices:

• IP address — device IP address;
• MAC — device MAC address.

Routes:

• Interface — name of the bridge interface;
• Destination — IP address of destination host or subnet that the route is established to;
• Gateway — IP address of the gateway through which access to the destination is carried out; 
• Netmask — subnet mask;
• Flags — certain route characteristics.

The following flag values exist:

• U — means that the route is created and passable;
• H — identifies the route to the specific host;
• G — means that the route lies through the external gateway. System network interface provides routes in the network with direct connection. All other routes lie through the external gateways. G flag is used for all routes except for the routes in the direct connection networks;
• R — indicates that the route was most likely created by a dynamic routing protocol running on the local system using the reinstate parameter;
• D — indicates that the route was added as a result of receiving an ICMP Redirect Message. When the system learns the route from the ICMP Redirect message, the route will be added into the routing table in order to exclude redirection for the following packets intended for the same destination;
• M — means that the route was modified — likely by a dynamic routing protocol running on a local system with the “mod” parameter applied;
• A — points to a buffered route to which an entry in the ARP table corresponds;
• C — means that the route source is the core routing buffer;
• L — indicates that the destination of the route is one of the addresses of this computer. Such “local routes” exist in the routing buffer only;
• B — means that the route destination is a broadcasting address. Such “broadcast routes” exist in the routing buffer only;
• I — indicates that the route is connected to a ring (loopback) interface for a purpose other than to access the ring network. Such “internal routes” exist in the routing buffer only;
• ! — means that datagrams sent to this address will be rejected by the system.

The “Radio Information” submenu

In the “Radio Information” submenu, the current status of WOP-20L radio interfaces is displayed. 

The access point radio interfaces can be in two states: “On” and “Off”. The status of each radio interface is shown in the “Status” field.

The Radio status depends on whether the radio interface has enabled virtual access points (VAPs) or WDS. In case there is at least one active VAP on the radio interface, Radio will be in “On” status, otherwise — “Off”.

Depending on the Radio status, the following information is available for monitoring:

“Off”:

• Status — radio interface state;
• MAC — radio interface MAC address;
• Mode — radio interface operation mode according to IEEE 802.11 standards.

“On”:

• Status — radio interface state;
• MAC — radio interface MAC address;
• Mode — radio interface operation mode according to IEEE 802.11 standards;
• Channel — number of the wireless channel on which the radio interface is running;
• Channel bandwidth — bandwidth of the channel on which the radio interface is running.

The “Device Information” submenu

The “Device Information” submenu displays WOP-20L main characteristics. 

• Product — device model name;
• Hardware Version — device hardware version;
• Factory MAC Address — device WAN interface MAC address, factory set;
• Serial Number — device serial number, factory set;
• Software Version — device firmware version;
• Backup Version — previously installed firmware version;
• Boot Version — device firmware boot version;
• System Time — current time and date, set in the system;
• Uptime — operating time since the last time the device was turned on or rebooted.

The “Radio” menu

In the “Radio” menu, the wireless interface can be configured.

The “Radio 2.4 GHz” submenu

In the “Radio 2.4 GHz” submenu, the main parameters of radio interface of the device operating in the 2.4 GHz band can be configured. 

• Mode — interface operation mode according to the following standards:
  • IEEE 802.11b/g;
  • IEEE 802.11b/g/n;
  • IEEE 802.11n.
• Auto Channel — when checked, the device will automatically select the least congested radio channel for the Wi-Fi interface. Unchecking the flag opens the access to install the static operation channel;
• Channel — select channel for data transmission;
• Use Limit Channels — when checked, the access point will use a user-defined list of channels to work in automatic channel selection mode. If the “Use Limit channels” flag is not checked or there are no channels in the list, the access point will select the operation channel from all available channels in the given band. The 2.4 GHz band channels: 1–13;
• Channel Bandwidth, MHz — channel bandwidth, on which the access point operates. The parameter may take values 20 and 40 MHz;
• Primary Channel — the parameter can only be changed if the bandwidth of a statically specified channel is equal to 40 MHz. The 40 MHz channel can be considered as consisting of two 20 MHz channels, which border in the frequency range. These two 20 MHz channels are called primary and secondary channels. The primary channel is used by clients supporting 20 MHz channel bandwidth only:
  • Upper — the primary channel will be the upper 20 MHz channel in the 40 MHz band;
  • Lower — the primary channel will be the lower 20 MHz channel in the 40 MHz band.
• Transmit Power Limit, dBm — adjustment of the signal strength of the Wi-Fi transmitter in dBm. Accepts value from 8 to 16 dBm.

In the “Advanced” section, it is possible to configure advanced radio interface parameters of the device.

• OBSS Coexistence — automatic channel bandwidth reduction when the channel is loaded. When the flag is set, the mode is enabled;
• Fixed Transmit Rate — fixed wireless data rate, defined by IEEE 802.11b/g/n specifications;
• Short Guard Interval — support for Short Guard Interval. Access point transmits data using 400 ns guard interval (instead of 800 ns) to clients which also support Short Guard Interval;
• STBC — Space-Time Block Coding method dedicated to improve data transmission reliability. The field is available only if the selected operating mode for the radio interface includes 802.11n. When checked, the device transmits one data flow through several antennas. When unchecked, the device does not transmit the same data flow through several antennas;
• Beacon Interval, ms — beacon frames transmission period. The frames are sent to detect access points on the air. The parameter takes values from 20 to 2000 ms, by default: 100 ms; 
• Fragmentation Threshold — frame fragmentation threshold, bytes. The parameter takes values 256–2346, by default: 2346;
• RTS Threshold — specifies the number of bytes over which the Request to Send will be sent. Decreasing this value may improve the performance of the access point when there are a lot of connected clients. However this reduces general throughput of wireless network. The parameter takes values from 0 to 2347, by default: 2347; 
• Frame aggregation — enable support for AMPDU/AMSDU;
• Short Preamble — use of the packet short preamble;
• Broadcast/Multicast Rate Limiting, p/s — when the flag is set, transmission of broadcast / multicast traffic over the wireless network is restricted. Specify the limit for broadcast traffic in the popup window (p/s);
• Wi-Fi Multimedia (WMM) — WMM support activation (Wi-Fi Multimedia);
• DHCP Snooping Mode — selection of  DHCP option 82 processing policy. Available values for selection:
  • ignore  — option 82 processing is disabled. Default value;
  • remove — access point deletes the value of option 82;
  • replace — access point substitutes or replaces the value of option 82. When selecting this value to edit, the following parameters are opened:
    • DHCP Option 82 CID Format — replacement of the CID parameter value, can take values:
      • APMAC-SSID — replacement of the CID parameter value to <MAC address of the access point>-<SSID name>. Default value; 
      • SSID — replacement of the CID parameter value to SSID name, to which the client is connected;
      • custom — replacement of the CID parameter value to the value specified in the "Option 82 Unique CID";
        • Option 82 Unique CID — an arbitrary string of up to 52 characters that will be passed to the CID. If the parameter value is not set, the point will change the CID to the default value — APMAC-SSID.
    • DHCP Option 82 RID Format — replacement of the RID parameter value, can take the following values:
      • ClientMAC — change the RID content to the MAC address of the client device. Default value; 
      • APMAC — change the RID content to the MAC address of the access point;
      • APdomain — change the RID content to the domain in which the access point is located;
      • custom — change the RID content to the value specified in the "Option 82 Unique RID";
        • Option 82 Unique RID — an arbitrary string of up to 63 characters that will be passed to the RID. If the parameter value is not set, the point will change the RID to the default value — ClientMAC.
    • DHCP Option 82 MAC Format — selection of octet delimiters of the MAC address, which is transmitted in CID and RID:
      • AA:BB:CC:DD:EE:FF — the delimiter is a colon (:). Default value; 
      • AA-BB-CC-DD-EE-FF — the delimiter is a dash (-). 
• Enable QoS — when the flag is set, the setting of Quality of Service functions is available.

The following functions are available for quality assurance configuration:

• AP EDCA parameters — access point settings table (traffic is transmitted from the access point to the client):
  • Queue — predefined queues for various kinds of traffic:
    • Data 3 (Background) — low priority queue, high bandwidth (802.1p: cs1, cs2 priorities);
    • Data 2 (Best Effort) — middle priority queue, middle bandwidth and delay. Most of the traditional IP data is sent to this queue (802.1p: cs0, cs3 priorities);
    • Data 1 (Video) — high priority queue, minimal delay. In this queue, time-sensitive video data is automatically processed (802.1p: cs4, cs5 priorities);
    • Data 0 (Voice) — high priority queue, minimal delay. In this queue, time sensitive data is automatically processed, such as: VoIP, streaming video (802.1p: cs6, cs7 priorities).
  • AIFS — Arbitration Inter-Frame Spacing, defines the waiting time of data frames, measured in slots, takes values 1–255;
  • cwMin — the initial timeout value before resending a frame, specified in milliseconds, takes the values 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023. The value of cwMin cannot exceed the value of cwMax;
  • cwMax — the maximum timeout value before resending a frame, specified in milliseconds, takes the values 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023. The value of cwMax must exceed the value of cwMin;
  • TXOP Limit — this parameter is used only for data transmitted from the client station to the access point. The transmission capability is the time interval, in milliseconds, when the client WME station has the rights to initiate data transmission over the wireless medium to the access point, the maximum value is 65535 milliseconds;
• Station EDCA parameters — table of client station parameter settings (traffic is transmitted from the client station to the access point). For description of table fields, see above.

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes. 

The “Radio 5 GHz” submenu

In the “Radio 5 GHz” submenu, the main parameters of the radio interface of the device operating in the 5 GHz band can be configured. 

• Mode — select interface operation mode according to the following standards:
  • IEEE 802.11a;
  • IEEE 802.11a/n;
  • IEEE 802.11a/n/ac.
• Auto Channel — when checked, the device will automatically select the least congested radio channel for the Wi-Fi interface. Removing the flag opens the access to install the static operation channel;
• Channel — select channel for data transmission;
• Use Limit Channels — when checked, the access point will use a user-defined list of channels to work in automatic channel selection mode. If the “Use Limit channels” flag is not checked or there are no channels in the list, the access point will select the operation channel from all available channels in the given band. The 5 GHz band channels: 36–64, 132–144, 149–165;
• Channel Bandwidth, MHz — channel bandwidth, on which the access point operates. The parameter may take values of 20, 40 and 80 MHz;
• Primary Channel — the parameter can only be changed if the bandwidth of a statically specified channel is equal to 40 MHz. The 40 MHz channel can be considered as consisting of two 20 MHz channels, which border in the frequency range. These two 20 MHz channels are called primary and secondary channels. The primary channel is used by clients who only support 20 MHz channel bandwidth:
  • Upper — the primary channel will be the upper 20 MHz channel in the 40 MHz band;
  • Lower — the primary channel will be the lower 20 MHz channel in the 40 MHz band.
• Transmit Power Limit, dBm — transmitting Wi-Fi signal power adjustment, dBm. May take values between 11 and 19 dBm.

In the “Advanced” section, it is possible to configure advanced radio interface parameters of the device.

• OBSS Coexistence — automatic channel bandwidth reduction when the channel is loaded. When the flag is set, the mode is enabled;
• Fixed Transmit Rate — fixed wireless data rate, defined by IEEE 802.11a/n/ac specifications;
• DFS Support — dynamic frequency selection mechanism. The mechanism demands wireless devices to scan environment and avoid using channels which coincide with radiolocation system's channels at 5 GHz:
  • Disabled — the mechanism is disabled. DFS channels are not available for selection;
  • Enabled — the mechanism is enabled;
  • Forced — the mechanism is disabled. DFS channels are available for selection.
• Short Guard Interval — support for Short Guard Interval. Access point transmits data using 400 ns guard interval (instead of 800 ns) to clients which also support Short Guard Interval; 
• STBC — Space-Time Block Coding method dedicated to improve data transmission reliability. The field is available only if the selected operating mode for the radio interface includes 802.11n. When checked, the device transmits one data flow through several antennas. When unchecked, the device does not transmit the same data flow through several antennas; 
• Beacon Interval, ms — beacon frames transmission period. The frames are sent to detect access points. The parameter takes values from 20 to 2000 ms, by default: 100 ms; 
• Fragmentation Threshold — frame fragmentation threshold, bytes. The parameter takes values 256–2346, by default: 2346; 
• RTS Threshold — specifies the number of bytes over which the Request to Send will be sent. Decreasing this value may improve the performance of the access point when there are a lot of connected clients. However this reduces general throughput of wireless network. The parameter takes values from 0 to 2347, by default: 2347; 
• Frame aggregation — enables support for AMPDU/AMSDU;
• Short Preamble — use of the packet short preamble;
• Broadcast/Multicast Rate Limiting, p/s — when the flag is set, transmission of broadcast / multicast traffic over the wireless network is restricted. Specify the limit for broadcast traffic in the popup window (p/s);
• Wi-Fi Multimedia (WMM) — WMM support activation (Wi-Fi Multimedia);
• DHCP Snooping Mode — selection of DHCP option 82 processing policy. Available values for selection:
  • ignore  — option 82 processing is disabled. Default value;
  • remove — access point deletes the value of option 82;
  • replace — access point substitutes or replaces the value of option 82. When selecting this value to edit, the following parameters are opened:
    • DHCP Option 82 CID Format — replacement of the CID parameter value, can take values:
      • APMAC-SSID — replacement of the CID parameter value to <MAC address of the access point>-<SSID name>. Default value; 
      • SSID — replacement of the CID parameter value to SSID name, to which the client is connected;
      • custom — replacement of the CID parameter value to the value specified in the "Option 82 Unique CID";
        • Option 82 Unique CID — an arbitrary string of up to 52 characters that will be passed to the CID. If the parameter value is not set, the point will change the CID to the default value — APMAC-SSID.
    • DHCP Option 82 RID Format — replacement of the RID parameter value, can take the following values:
      • ClientMAC — change the RID content to the MAC address of the client device. Default value; 
      • APMAC — change the RID content to the MAC address of the access point;
      • APdomain — change the RID content to the domain in which the access point is located;
      • custom — change the RID content to the value specified in the "Option 82 Unique RID";
        • Option 82 Unique RID — an arbitrary string of up to 63 characters that will be passed to the RID. If the parameter value is not set, the point will change the RID to the default value — ClientMAC.
    • DHCP Option 82 MAC format — selection of octet delimiters of the MAC address, which is transmitted in CID and RID:
      • AA:BB:CC:DD:EE:FF — the delimiter is a colon (:). Default value; 
      • AA-BB-CC-DD-EE-FF — the delimiter is a dash (-). 
• Enable QoS — when the flag is set, the setting of Quality of Service functions is available. 

The following functions are available for quality assurance configuration:

• AP EDCA parameters — access point settings table (traffic is transmitted from the access point to the client):
  • Queue — predefined queues for various kinds of traffic:
    • Data 3 (Background) — low priority queue, high bandwidth (802.1p: cs1, cs2 priorities);
    • Data 2 (Best Effort) — middle priority queue, middle bandwidth and delay. Most of the traditional IP data is sent to this queue (802.1p: cs0, cs3 priorities);
    • Data 1 (Video) — high priority queue, minimal delay. In this queue, time-sensitive video data is automatically processed (802.1p: cs4, cs5 priorities);
    • Data 0 (Voice) — high priority queue, minimal delay. In this queue, time sensitive data is automatically processed, such as: VoIP, streaming video (802.1p: cs6, cs7 priorities).
  • AIFS — Arbitration Inter-Frame Spacing, defines the waiting time of data frames, measured in slots, takes values 1–255;
  • cwMin — the initial timeout value before resending a frame, specified in milliseconds, takes the values 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023. The value of cwMin cannot exceed the value of cwMax;
  • cwMax — the maximum timeout value before resending a frame, specified in milliseconds, takes the values 1, 3, 7, 15, 31, 63, 127, 255, 511, 1023. The value of cwMax must exceed the value of cwMin;
  • TXOP Limit — this parameter is used only for data transmitted from the client station to the access point. The transmission capability is the time interval, in milliseconds, when the client WME station has the rights to initiate data transmission over the wireless medium to the access point, the maximum value is 65535 milliseconds.

• Station EDCA parameters — table of client station parameter settings (traffic is transmitted from the client station to the access point). For description of table fields, see above.

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes. 

The “Advanced” submenu

In the “Advanced” submenu, it is possible to configure advanced radio interface parameters of the device.

• Global Isolation — when checked, traffic isolation between clients of different VAPs and different radio interfaces is enabled.

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes. 

The “VAP” menu

In the “VAP” menu, virtual Wi-Fi access points (VAP) can be configured. 

The “Summary” submenu

The “Summary” submenu displays the settings of all VAPs on Radio 2.4 GHz and Radio 5 GHz radio interfaces. The settings of each virtual access point can be viewed in sections of VAP0–VAP6.

• VAP0–VAP6 — the sequence number of the virtual access point;
• Enabled — when checked, the virtual access point is enabled, otherwise it is disabled;
• Security Mode — the type of data encryption used on the virtual access point;
• VLAN ID — VLAN number from which the tag will be removed when transmitting Wi-Fi traffic to clients connected to this VAP. When traffic flows in the opposite direction, untagged traffic from clients will be tagged with VLAN ID (when VLAN Trunk mode is disabled);
• SSID — virtual wireless network name;
• Broadcast SSID — when checked, SSID broadcasting is on, otherwise it is disabled;
• Band Steer — when the flag is set, the priority connection of the client to 5 GHz network is active. In order for this feature to work, it is required to create a VAP with the same SSID on each radio interface and activate the “Band Steer mode” on them;
• VLAN Trunk — when the flag is set, tagged traffic is transmitted to the subscriber;
• General Mode — when the flag is set, transmission of untagged traffic jointly with tagged traffic is allowed (available when Trunk VLAN mode is enabled);
• General VLAN ID — a tag will be removed from the specified VLAN ID and the traffic of this VLAN will pass to the client without a tag. When traffic passes in the opposite direction, untagged traffic will be tagged with General VLAN ID;
• Station Isolation — when checked, traffic isolation between clients in the same VAP is enabled.

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes. 

The “VAP” submenu

Common settings

• Enabled — when checked, the virtual access point is enabled, otherwise it is disabled;
• VLAN ID — VLAN number from which the tag will be removed when transmitting Wi-Fi traffic to clients connected to this VAP. When traffic flows in the opposite direction, untagged traffic from clients will be tagged with VLAN ID (when VLAN Trunk mode is disabled);
• SSID — virtual wireless network name;
• Broadcast SSID — when checked, SSID broadcasting is on, otherwise it is disabled;
• Band Steer — when the flag is set, the priority connection of the client to 5 GHz network is active. In order for this feature to work, it is required to create a VAP with the same SSID on each radio interface and activate the “Band Steer mode” on them;
• VLAN Trunk — when the flag is set, tagged traffic is transmitted to the subscriber;
• General Mode — when the flag is set, transmission of untagged traffic jointly with tagged traffic is allowed (available when Trunk VLAN mode is enabled);
• General VLAN ID — a tag will be removed from the specified VLAN ID and the traffic of this VLAN will pass to the client without a tag. When traffic passes in the opposite direction, untagged traffic will be tagged with General VLAN ID;
• Station Isolation — when checked, traffic isolation between clients in the same VAP is enabled;
• 802.11k/v — enable support for 802.11k/v standards on virtual access point;
• Wireless Multicast Forwarding — when the flag is set, traffic towards clients will be converted to Unicast before each client, if it is disabled, it will pass without modifications;
• Priority — select prioritization mode. Defines the field on the basis of which the traffic transmitted to the radio interface will be distributed in WMM queues:
  • DSCP — will analyze the priority from the DSCP field of the IP packet header;
  • 802.1p — will analyze the priority from the CoS (Class of Service) field of the tagged packets.
• Maximum Stations — the maximum alllowable number of clients connected to the virtual network;
• Minimal Signal — signal level in dBm below which the client equipment is disconnected from the virtual network;
• MFP — management frame protection (available for WPA2 and WPA2-Enterprise selected security mode, selecting other security modes puts the MFP in the disabled state):
  • Not required — management frame protection is disabled;
  • Capable — protection works if the client supports MFP. Customers without MFP support can connect to this VAP;
  • Required — management frame protection is enabled, clients that do not support MFP cannot connect. 

• Security Mode — wireless access security mode:
  • Off — do not use encryption for data transfer. The access point is available for any subscriber to connect;
  • WPA, WPA2, WPA/WPA2 — encryption methods, if you select one of the methods, the following setting will be available:
    • WPA Key — key/password required to connect to the virtual access point. The length of the key is from 8 to 63 characters.
• WPA-Enterprise, WPA2-Enterprise, WPA/WPA2-Enterprise — wireless channel encryption mode, in which the client is authorized on the centralized RADIUS server. To configure this security mode, specify the parameters of the RADIUS server. Also specify a key for the RADIUS server. When selecting one of the these methods, the following setting will be available: 

• Domain — user domain;
• IP Address of RADIUS Server — RADIUS server address;
• Port of RADIUS Server — port of the RADIUS server that used for aithentication and authorization;
• Password of RADIUS Server — password for the RADIUS server used for authentication and authorization;
• Use Accounting through RADIUS — when checked, “Accounting” messages will be sent to the RADIUS server;
• Use Other Settings For Accounting:
  • IP Address of RADIUS Server for Accounting — address of the RADIUS server, used for accounting;
  • Password of RADIUS Server for Accounting — password for the RADIUS server used for accounting.
• Port of RADIUS Server for Accounting — port that will be used to collect accounts on the RADIUS server;
• Use Periodic Accounting — enable periodic sending of “Accounting” messages to the RADIUS server. The interval for sending messages can be set in the “Accounting Interval” field.

Captive Portal

When selecting one of the following security modes: Off, WPA, WPA2, WPA/WPA2, a portal authorization setting is available on the VAP.

• Enable — when checked, authorization of users in the network will be performed via the virtual portal;
• Virtual Portal Name — name of the virtual portal to which the user will be redirected when connecting to the network;
• Redirect URL — the address of the external virtual portal to which the user will be redirected when connecting to the network.

RADIUS

• Use Accounting through RADIUS — when checked, “Accounting” messages will be sent to the RADIUS server;
• Domain — user domain;
• IP Address of RADIUS Server for Accounting — address of the RADIUS server, used for accounting;
• Port of RADIUS Server for Accounting — port that will be used to collect accounts on the RADIUS server;
• Password of RADIUS Server for Accounting — password for the RADIUS server used for accounting;
• Use Periodic Accounting — enable periodic sending of “Accounting” messages to the RADIUS server. The interval for sending messages can be set in the “Accounting Interval” field.

Shapers

• Enable — activate the setting field;
• VAP Limit Down — restriction of bandwidth in the direction from the access point to the clients (in total) connected to this VAP, Kbps;
• VAP Limit Up — restriction of bandwidth in the direction from the clients (in total) connected to this VAP, to the access point, Kbps;
• STA Limit Down — restriction of bandwidth in the direction from the access point to the clients (each separately) connected to this VAP, Kbps;
• STA Limit Up — restriction of bandwidth in the direction from the clients (each separately) connected to this VAP, to the access point, Kbps.

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes. 

The “WDS” menu

In the "WDS" menu, the wireless bridges between WOP-20L are configured. 

The "WDS" submenu

In the "2.4 GHz" and "5 GHz" tabs, select the radio interface of the device on which a wireless bridge should be built.

• Enabled — if the flag is selected, the wireless bridge mode is enabled, otherwise it is disabled;
• Security mode — wireless access security mode:
  • Off — do not use encryption for data transfer;
  • WPA2 — encryption method, when selected, the following setting will be available:
    • WPA key — key/password required to connect to the remote access point. The key length is from 8 to 63 characters.
• Local MAC — MAC address of this device radio interface;
• Interface — selecting and enabling the WDS interface on which the wireless bridge will be built;
• Remote MAC — MAC address of the remote device radio interface, to which  a wireless bridge is cofigured; 
• Fixed Transmit Rate — fixed wireless data rate, defined by the specifications of the IEEE 802.11 standards. For each interface, select individually.

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes.

The “Network Settings” menu

The “System Configuration” submenu

• Hostname — network name of the device, specified by string from 1 to 63 characters; latin uppercase and lowercase letters, digits, hyphen “-” (hyphen can not be the last character in the name);
• AP Location — domain of the EMS management system tree host where the access point is located;
• Management VLAN:
  • Disabled — Management VLAN is not used;
  • Terminating — the mode in which the management VLAN is terminated at the access point (in this case, clients connected via the radio interface do not have access to this VLAN. With WDS configured on the access point, this management VLAN mode is not available for choice.);
  • Forwarding — the mode in which the management VLAN is also transmitted to the radio interface (with the appropriate VAP configuration).
• VLAN ID — the VLAN ID used to access the device, takes values 1–4094;
• Protocol — select protocol for connection of the device via Ethernet interface to service provider network:
  • DHCP — operation mode, when IP address, subnet mask, DNS server address, default gateway and other parameters required for operation are obtained from DHCP server automatically;
  • Static — operation mode, when IP address and all the necessary parameters for WAN interface are assigned statically. If “Static” is selected, the following parameters will be available to set:
    • Static IP — IP address of the device WAN interface in the provider network;
    • Netmask — external subnet mask;
    • Gateway — address, to which the packet is sent, if the route in routing table is not found for it.
• Primary DNS server, Secondary DNS server — IP addresses of DNS servers. If addresses of DNS servers are not automatically assigned via DHCP, set them manually.

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes. 

The “Access” submenu

In the “Access” submenu, the access to the device via Web interface, Telnet, SSH, NETCONF and SNMP can be configured. 

• To enable access to the device via the web interface via HTTP protocol, set the flag next to “WEB”. In the window that appears, it is possible to change the HTTP port (by default: 80). The range of acceptable values of ports, in addition to the default, from 1025 to 65535 inclusive;

• To enable access to the device via the web interface via HTTPS protocol, set the flag next to “WEB-HTTPS”. In the window that appears, it is possible to change the HTTPS port (by default: 443). The range of acceptable values of ports, in addition to the default, from 1025 to 65535 inclusive; 

• To enable access to the device via Telnet, check the box next to “Telnet”;
• To enable access to the device via SSH, check the box next to “SSH”;
• To enable access to the device via NETCONF, check the box next to “NETCONF”.

The WOP-20L software allows changing the device configuration, monitoring the status of the access point and its sensors, as well as managing the device using the SNMP protocol. 

To change the SNMP settings, check the box next to “SNMP”, the following SNMP agent options become available:

• roCommunity — a password to read the parameters (by default: public);
• rwCommunity — a password to write parameters (by default: private);
• TrapSink — IP address or domain name of SNMPv1-trap message recipient in HOST [COMMUNITY [PORT]] format;
• Trap2Sink — IP address or domain name of SNMPv2-trap message recipient in HOST [COMMUNITY [PORT]] format;
• InformSink — IP address or domain name of Inform message recipient in HOST [COMMUNITY [PORT]] format;
• Sys Name — device name;
• Sys Contact — device vendor contact information;
• Sys Location — device location information;
• Trap community — password enclosed in traps (default value: trap).

The list of objects which are supported for reading and configuring via SNMP is given below:

• eltexLtd.1.127.1 — monitoring of access point parameters and connected client devices;
• eltexLtd.1.127.3 — access point management;
• eltexLtd.1.127.5 — access point configuring.

where eltexLtd — 1.3.6.1.4.1.35265 is Eltex Enterprise ID.

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes. 

The “External Services” menu

The “Captive Portal” submenu

The “Captive Portal” submenu is designed to enable and configure the APB service at the access point.

The APB service is used to provide portal roaming of clients between access points connected to the service.

• Enable — when checked, the point will connect to the APB service, the address of which is specified in the “Roaming Service URL” field, to provide portal roaming of clients;
• Roaming Service URL — APB service address to support roaming in the portal authorization mode. Set in format: "ws://<host>:<port>/apb/broadcast".

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes. 

The “System” menu

In the “System” menu, the user can configure the system, time, device access via different protocols, change password, and update device firmware.

The “Device Firmware Upgrade” submenu

The “Device Firmware Upgrade” submenu is intended for upgrading the device firmware.

• Active Version — installed firmware version, which is operating at the moment;
• Backup Version — installed firmware version which can be used in case of problems with the current active firmware version;
  • Set Active — a button that allows one to make a backup version of the firmware active, this will require a device reboot. The active firmware version will not be set as a backup.

Firmware upgrade

Download the firmware file from http://eltex-co.com/support/downloads/ and save it on your computer. To do this, click “Browse” in the Firmware Image field and specify the path to the firmware file in .tar.gz format.
To start the upgrade process, click the “Start Upgrading”. The process may take several minutes (its current status will be shown on the page). The device will be automatically rebooted when the upgrade is completed.

The “Configuration” submenu

In the “Configuration” submenu, the current configuration can be saved and updated.

Backup Configuration

To save current device configuration to local computer click “Download”.

Restore Configuration

To upload the configuration file saved on the local computer, use the Restore Configuration item. To update the device configuration click “Browse”, specify a file (in .tar.gz format) and click “Upload File”. Uploaded configuration will be applied automatically and does not require device reboot. 

Reset to Default Configuration

To reset the device configuration to default values, click “Reset”. If the flag “Save access setting” is activated, then those settings, configurations that are responsible for access to the device (IP address settings, Telnet/SSH/SNMP/Netconf/Web access settings) will be saved. 

The “Reboot” submenu

To reboot the device, click “Reboot”. The device reboot process takes about 1 minute. 

The “Password” submenu

When logging in via web interface, administrator (default password: password) has the full access to the device: read/write any settings, full device status monitoring.
To change the password, enter the new password first in the “Password” field, then in the “Confirm Password” field, and click “Apply” to save the new password.

The “Log” submenu

The “Log” submenu is designed to configure the output of various kinds of debugging messages of the system in order to detect the causes of problems in the operation of the device. 

• Mode — Syslog agent operation mode:
  • Local File — log information is stored in a local file and is available in the device web interface on the Monitoring/Events tab; 
  • Server and File — log information is sent to a remote Syslog server and stored in a local file.
• Syslog Server Address — IP address or domain name of the Syslog server;
• Syslog Server Port — port for incoming Syslog server messages (default: 514, valid values: from 1 to 65535);
• File Size — maximum size of the log file (valid values: 1–1000 kB).

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes.

The “Date and Time” submenu

In the “Date and Time” submenu, it is possible to set the time manually or using the time synchronization protocol (NTP).

Manual

• Date and Time device — date and time on the device at the current moment. Click “Edit” to make corrections:
  • Date, Time — set the current date and time or click “Set current date and time” to synchronize with the device;
• Time Zone — allows to set the timezone according to the nearest city for your region from the list;
• Enable daylight saving time — when selected, automatic daylight saving change will be performed automatically within the defined time period:
  • DST Start — day and time, when daylight saving time is starting;
  • DST End — day and time, when daylight saving time is ending;
  • DST Offset (minutes) — time period in minutes, on which time offset is performing. The parameter can take a value from 0 to 720 minutes.   

NTP server

• Date and Time device — date and time set on the device;
• NTP Server — IP address/domain name of the time synchronization server. It is possible to specify an address or select from an existing list;
• Time Zone — allows to set the time zone according to the nearest city for your region from the list;
• Enable daylight saving time — when selected, automatic daylight saving change will be performed automatically within the defined time period:
• • DST Start — day and time, when daylight saving time is starting;
  • DST End — day and time, when daylight saving time is ending;
  • DST Offset (minutes) — time period in minutes, on which time offset is performing. The parameter can take a value from 0 to 720 minutes.

To apply a new configuration and save settings to non-volatile memory, click “Apply”. Click “Cancel” to discard the changes.

Managing the device using the command line

Connection to the device

By default, WOP-20L is configured to receive the address via DHCP. If this does not happen, it is possible to connect to the device using the factory IP address. 

Connection to the device is performed via SSH/Telnet:

Network parameters configuration

Network parameters configuration via set-management-vlan-mode utility

IPv6 network parameters configuration

Similar to restricting access to the device via the TELNET protocol, you can restrict the ability to connection to the device by its IPv6 address using the following protocols: SSH, SNMP, NETCONF, web, web-HTTPS. 

Virtual Wi-Fi access points (VAP) configuration

When configuring a VAP, remember that the interface names in the 2.4 GHz band start with wlan0, in the 5 GHz band with wlan1.

Table 6 — Commands for configuring security mode on VAP

Below are examples of VAP configuration with different security modes for Radio 5 GHz (wlan1).

Configuration of VAP without encryption

Configuration of VAP with WPA-Personal security mode

Configuration of VAP with Enterprise authorization

Configuration of VAP with Captive Portal

Advanced VAP settings

802.11r configuration

This type of roaming is available only for client devices supporting 802.11r.

802.11r roaming is possible only between VAPs with WPA2-Personal and WPA2-Enterprise security modes.

See instructions for configuring VAP with WPA2-Personal security mode and others in Configuration of VAP with WPA-Personal security mode section.

Each VAP on the access points should be configured individually, eg. AP1(wlan1)↔AP2(wlan1), AP1(wlan0)↔AP2(wlan0), AP1(wlan1)↔AP3(wlan1), etc.

Below is the example of 802.11r configuring on two access points: AP1 and AP2.

802.11k configuration

802.11k protocol roaming can be organized between any networks (open/secure). If the access point is configured to work using the 802.11k protocol, then when a client connects, the access point sends the list of “friendly” access points to which a client can switch in a roaming process. The list contains information about access points' MAC addresses and channels they work with.

The use of 802.11k allows to reduce the time for finding another network when roaming, since the client does not need to scan channels on which there are no target access points available for switching.

This type of roaming is available only for client devices supporting 802.11k.

Below is the example of 802.11k configuring access point — making a list of “friendly” access points.

Radio configuration 

In the Radio section, automatic selection of the working channel is used by default. To set the channel manually or change the power, use the following commands:

Advanced Radio settings

The configuration method of edca-sta is the same as that of edca-ap.
Parameters configuration for queues be, vi, vo is similar to parameters configuration for queue bk. 

DHCP option 82 Configuration 

DHCP snooping operating modes:

• ignore – option 82 processing is disabled. Default value;
• replace – the access point substitutes or replaces the value of option 82;
• remove – the access point removes the value of option 82.

If on the radio interface the option 82 processing policy is configured to replace, the following parameters become available for configuration:

WDS Configuration 

Below is the configuration of a WDS connection on the Radio 5 GHz interface (wlan1).

The remote access point is configured in the same way. 

System settings

Device firmware update

Device configuration management

Device reboot

Authentication mode configuration

The device has a factory account admin with password password. To delete this account recording is not possible. The password can be changed using the following commands.

It is possible to create additional users for local authentication as well as authentication via RADIUS.

Setting the date and time

Advanced system settings

APB service configuration

The APB service is used to provide portal roaming of clients between access points connected to the service. 

Monitoring

Wi-Fi clients

 index                    | 0
 interface                | wlan0-va0
 state                    | ASSOC AUTH_SUCCESS 
 hw-addr                  | 26:af:0a:30:ef:29
 ssid                     | !!!DOC_test
 ip-addr                  | 169.254.68.250
 authorized               | true
 captive-portal-vap       | false
 enterprise-vap           | false
 rx-retry-count           | 76
 tx-fails                 | 0
 tx-period-retry          | 0
 tx-retry-count           | 0
 rssi-1                   | -75
 rssi-2                   | -75
 rssi                     | -75
 snr-1                    | 17
 snr                      | 17
 snr-2                    | 16
 tx-rate                  | MCS7 SGI 72.2
 rx-rate                  | MCS7 NO SGI 65
 rx-bw                    | 20M
 rx-bw-all                | 20M
 tx-bw                    | 20M
 mfp                      | false
 uptime                   | 00:00:27
 multicast-groups-count   | 0
 wireless-mode            | n
 perftest-capable         | false
 snr-rssi-capable         | false
 link-capacity            | 0
 link-quality             | 0
 link-quality-common      | 0
 actual-tx-rate           | 0
 actual-rx-rate           | 0
 shaped-rx-rate           | 0
 actual-tx-pps            | 0
 actual-rx-pps            | 1
 shaped-rx-pps            | 0
 name                     | 0

Rate                     Transmitted               Received                    
----------------------   -----------------------   -------------------------   
Total Packets:           2                         176                         
TX success:              100                                                   
Total Bytes:             173                       8877                        
Data Packets:            0                         31                          
Data Bytes:              0                         4488                        
Mgmt Packets:            2                         145                         
Mgmt Bytes:              173                       127                         
Dropped Packets:         0                         0                           
Dropped Bytes:           0                         0                           
Lost Packets:            0                                                     

Rate                     Transmitted               Received                    
----------------------   -----------------------   -------------------------   
dsss1                    2              | 100%     37             |  21%       
ofdm6                    0              |   0%     19             |  10%       
ofdm24                   0              |   0%     88             |  50%       
mcs3                     0              |   0%     2              |   1%       
mcs4                     0              |   0%     15             |   8%       
mcs7                     0              |   0%     14             |   8%       

Multicast groups: none

WDS

 index                    | 0                                                                                                  
 interface                | wlan1                                                                                              
 state                    | WIFI_WDS                                                                                           
 hw-addr                  | e8:28:c1:d1:43:15                                                                                  
 ip-addr                  | 10.24.80.35                                                                                        
 hostname                 | WOP-20L                                                                                             
 authorized               | false                                                                                              
 captive-portal-vap       | false                                                                                              
 enterprise-vap           | false                                                                                              
 rx-retry-count           | 10                                                                                                 
 tx-fails                 | 0                                                                                                  
 tx-period-retry          | 0                                                                                                  
 tx-retry-count           | 0                                                                                                  
 rssi-1                   | -25                                                                                                
 rssi-2                   | -20                                                                                                
 snr-1                    | 40                                                                                                 
 snr-2                    | 39                                                                                                 
 wds-interface            | wlan1-wds1                                                                                         
 tx-rate                  | VHT NSS2-MCS8 SGI 173.3                                                                            
 rx-rate                  | VHT NSS2-MCS8 NO SGI 156                                                                           
 rx-bw                    | 20M                                                                                                
 rx-bw-all                | 20M                                                                                                
 tx-bw                    | 20M                                                                                                
 uptime                   | 00:02:44                                                                                           
 multicast-groups-count   | 0                                                                                                  
 wireless-mode            | ac                                                                                                 
 eltex-firmware-version   | 1.6.0 build X                                                                                   
 eltex-board-type         | WOP-20L                                                                                             
 perftest-capable         | false                                                                                              
 snr-rssi-capable         | false                                                                                              
 link-capacity            | 90 (not changed)                                                                                   
 link-quality             | 100 (not changed)                                                                                  
 link-quality-common      | 100                                                                                                
 actual-tx-rate           | 0                                                                                                  
 actual-rx-rate           | 5                                                                                                  
 shaped-rx-rate           | 0                                                                                                  
 actual-tx-pps            | 0                                                                                                  
 actual-rx-pps            | 8                                                                                                  
 shaped-rx-pps            | 0                                                                                                  
 name                     | 0                                                                                                  
                                                                                                                               
 Rate                  Transmitted            Received                                                                         
---------------------------------------------------------------------                                                          
 Total Packets:       | 53                   | 2125                 |                                                          
 TX success:          | 100                  |                      |                                                          
 Total Bytes:         | 4300                 | 261666               |                                                          
 Data Packets:        | 48                   | 2120                 |                                                          
 Data Bytes:          | 2496                 | 193382               |                                                          
 Mgmt Packets:        | 5                    | 5                    |                                                          
 Mgmt Bytes:          | 268                  | 444                  |                                                          
---------------------------------------------------------------------                                                          
                                                                                                                               
 Rate                  Transmitted            Received                                                                         
---------------------------------------------------------------------                                                          
 ofdm6                | 7              |  13%|             12 |   0%|                                                          
 ofdm54               | 1              |   1%|              0 |   0%|                                                          
 nss2-mcs0            | 4              |   7%|              6 |   0%|                                                          
 nss2-mcs1            | 4              |   7%|              8 |   0%|                                                          
 nss2-mcs2            | 4              |   7%|              6 |   0%|                                                          
 nss2-mcs3            | 4              |   7%|              6 |   0%|                                                          
 nss2-mcs4            | 4              |   7%|              7 |   0%|                                                          
 nss2-mcs5            | 4              |   7%|              4 |   0%|                                                          
 nss2-mcs6            | 4              |   7%|              7 |   0%|                                                          
 nss2-mcs7            | 9              |  16%|             24 |   1%|                                                          
 nss2-mcs8            | 8              |  15%|           2044 |  96%|                                                          
---------------------------------------------------------------------                                                          
                                                                                                                                                                                                                                             
Multicast groups: none  

Device information 

 system-time                  | 09:14:22 14.02.2023
 uptime                       | 6 d 01:59:11
 software-version             | 1.7.1 build X
 secondary-software-version   | 1.7.1 build X
 boot-version                 | 1.7.1 build X
 memory-usage                 | 39
 memory-free                  | 143
 memory-used                  | 95
 memory-total                 | 238
 cpu-load                     | 1.9
 cpu-average                  | 5.23
 is-default-config            | false
 board-type                   | WOP-20L
 hw-platform                  | WOP-20L
 factory-wan-mac              | 68:13:E2:1B:6B:40
 factory-lan-mac              | 68:13:E2:1B:6B:40
 factory-serial-number        | WP4A000050
 hw-revision                  | 2v1
 session-password-initialized | false
 ott-mode                     | false
 last-reboot-reason           | unknown
 test-changes-mode            | false

Network information

Common information:

interface | br0
mac | 68:13:e2:1b:6b:40
rx-bytes | 543842355
rx-packets | 1745546
tx-bytes | 11589636
tx-packets | 25586

IPv4 information:

protocol | dhcp
ip-address | 192.168.1.10
netmask | 255.255.255.0
gateway | 192.168.1.1
DNS-1 | 172.16.0.100
DNS-2 | 172.16.0.250

IPv6 information:

addresses |
dns-servers |

   link: up
   speed: 1000
   duplex: enabled
   rx-bytes: 4872597
   rx-packets: 13844
   tx-bytes: 2477091
   tx-packets: 20923

#                   IP                  MAC                 
-----------------   -----------------   -----------------   
0                   10.24.80.65         14:dd:a9:e1:xx:xx   
1                   10.24.80.98         18:c0:4d:dd:xx:xx   
2                   10.24.80.1          e0:d9:e3:e8:xx:xx  

Destination         Gateway             Mask                Flags               Interface           
-----------------   -----------------   -----------------   -----------------   --------- 
0.0.0.0             10.24.80.1          0.0.0.0             UG                  br0                 
10.24.80.0          0.0.0.0             255.255.255.0       U                   br0 

Wireless interfaces 

   wlan0:
      name: wlan0
      band: 2.4
      hwaddr: CC:9D:A2:E9:14:70
      status: on
      noise-1: -100
      noise-2: -100
      utilization: 3
      channel: 2
      tx-power: 16
      thermal: 39
      bandwidth: 20
      frequency: 2417
   wlan1:
      name: wlan1
      band: 5
      hwaddr: CC:9D:A2:E9:14:75
      status: on
      noise-1: -100
      noise-2: -100
      utilization: 2
      channel: 48
      tx-power: 19
      thermal: 30
      bandwidth: 20
      frequency: 5240

Event logging 

Jan  23 00:00:07 WOP-20L daemon.info syslogd[925]: started: BusyBox v1.21.1

Jan  23 00:00:09 WOP-20L daemon.info configd[955]: The AP startup configuration was loaded successfully.

Jan  1 03:00:14 WOP-20L daemon.info networkd[987]: Networkd started

Jan  1 03:01:17 WOP-20L daemon.info networkd[987]: DHCP-client: Interface br0 obtained lease on 192.168.1.15.

Jan 23 07:17:14 WOP-20L daemon.info monitord[1055]: event: 'associated' mac: E4:0E:EE:BD:AE:6B ssid: 'WOP-20L_2.4GHz' int0

Environment scan

SSID                    Mode  Security  BSSID             Channel  RSSI, dBm  Bandwidth, MHz   
----------------------  ----  --------  ----------------- -------  --------   -------
!!!!Esh_test1111         AP    wpa      CC:9D:A2:C7:A2:E0    1       -39        20               
EltexWiFi                AP    off      E0:D9:E3:49:D5:00    1       -50        20               
Eltex-WLC-Local          AP    wpa      CC:9D:A2:FF:B2:03    6       -68        20               
TEst_Ent                 AP    wpa      CC:9D:A2:C7:DF:D0    11      -75        20               
sdd_wlc_enterprise       AP    wpa      E8:28:C1:FC:D6:41    1       -77        20               
WLC30_sdd1               AP    wpa      E8:28:C1:FC:D6:40    1       -77        20               
WLC                      AP    off      E0:D9:E3:49:79:01    1       -77        20               
Rostelecom               AP    off      E8:28:C1:EC:DE:21    11      -78        20               
VIP_test                 AP    off      E0:D9:E3:73:06:F2    6       -79        20               
i-cisco-ent              AP    wpa      7C:21:0E:E2:76:C0    1       -80        20               
Test_Astra_Ted           AP    off      E4:5A:D4:E4:D3:F3    1       -80        20               
Karandashev_Enterprise   AP    wpa      E0:D9:E3:73:06:F3    6       -80        20               
i-cis-MAB                AP    off      7C:21:0E:E2:76:C2    1       -80        20   

Spectrum analyzer

The spectrum analyzer provides information on channel congestion in the 2.4 and 5 GHz bands. The result is displayed as a percentage.

 Channel| CCA
       1|  81%
       2|  40%
       3|  14%
       4|  10%
       5|  36%
       6|  60%
       7|  40%
       8|   8%
       9|  14%
      10|  38%
      11|  75%
      12|  37%
      13|  18%
      36|  14%
      40|  12%
      44|  10%
      48|  18%
      52|   3%
      56|   5%
      60|   8%
      64|   6%
     132|   0%
     136|   0%
     140|   0%
     144|   1%
     149|  30%
     153|   1%
     157|   3%
     161|   2%
     165|   1%

The list of changes