=================================================== WILI-S 5.0 Master Release Notes April 19, 2007 =================================================== ABOUT ===== WILI Software is a portable embedded Linux based software platform suited to implement a highly functional, secure and manageable wired and wireless IP networking devices: HotSpot access points, access controllers, enterprise access points, fixed 802.11abg wireless network elements, base stations and customer premise equipment (CPE) and high performance, secure point to point or point to multi point wireless bridges. Document includes information about the latest WILI Software release (WILI-S further in this document) targeted for the Gateworks Avila, PC Engines WRAP2c, LanReady AP-1000 hardware platforms and Compex WP54G/WP54AG, Wistron RDAT-81 devices. SOFTWARE DESCRIPTION ==================== The WILI-S Highlights --------------------- WLAN * Wi-Fi compliant * IEEE 802.11a/b/g * WMM/Half and Quarter Rates/Security Band * Atheros Super AG * WPA/WPA2 PSK and Enterprise * Multiple broadcasted SSIDs (up to 16 MBSSIDs) * Per MBSSID security policy * VLAN to MBSSID mapping * Antenna diversity * Adjustable RF output power * Layer 2 user isolation AAA * Multiple authentication methods: UAM, 802.1x/EAP (using RADIUS backend) * Per LAN/VLAN/WLAN AAA policies * WISPr compliant * RADIUS authentication failover * RADIUS accounting failover/backup * Remote user login, logout, session status control via HTTPs/XML * Per user bandwidth management * Authenticated clients limit per BSSID. IP Router and IP address management * Static IP address fallback * Static IP routing table * Source routing * NAT/NAPT (IP masquerading) * Multiple IP addresses per interface - aliases * Port-forwarding * 802.1q VLAN support * Source routing * Transparent VPN client pass-through (PPTP, IPsec ESP) * Customizable Firewall * DHCP server, relay gateway (suboptions), DHCP client * Multiple DHCP IP address pools on device * SMTP redirection (e-mail) VPN * IPsec tunnels w/ optional dynamic rekeying support * GRE (Generic Routing Encapsulation) tunnels Management * Secure management via HTTPS, SSH, SNMP * SNMP v1/v2c/v3 (incl. authentication and encryption) * Management subnet for remote AP and switch management * Automatic remote firmware update (using RCMS) * Automatic white/black list update * RCMS (automatic provisioning system allows to configure, upgrade firmware & monitor devices centrally) WILI-CORE skin * Statistic pages, including system information, wireless and wired interface statistics, routing and ARP tables * Configuration page * Administrator account's password configuration * License upload/download * Skin management * Firmware update, reset to factory defaults, reboot * Site survey (may temporary disable wireless connection) * Antenna adjustment tools SYSTEM REQUIREMENTS =================== Operating System ---------------- The operation of WILI-S is independent of the operating system on the client stations. For configuration and device management WILIBOX recommends using a PC with web browser that supports SSLv3/TLSv1 and Java Script. Optionally WILI-S can be managed via SSH (CLI) or RCMS (automatic provisioning system). Third party tools compliant with SNMP v1/v2/v3 (*) protocol can be used to monitor current status and performance of the device. AAA Server ---------- RADIUS server (RFC2865-2866) is required in order to authenticate users and to enable accounting. This product has been tested for interoperability with various RADIUS servers available in the market. For 802.1x based authentication the RADIUS server must support EAP (Extensible Authentication Protocol) authentication type. Web Server ---------- For management purposes WILI-S includes a web server with both HTTP and HTTPs protocol support. Provided Web management features are dependent on currently loaded skin. (*) These features are not available on Compex WP54G/WP54AG, Wistron RDAT-81 hardware: * IPSec * SNMP v3 NEW IN THIS RELEASE =================== Version WILI-S 5.0 * Updated wireless driver, supports latest generation Atheros cards. Features: * Half/quarter rates support * 802.11j - 4.9 GHz security/Public safety band support * 802.11e - WMM (QoS) * 802.11h - Spectrum and Transmit Power Management Extensions * Atheros super features * 802.11i/RSN/WPA2 pre-authentication support. * RCMS agent with network usage statistics. * P2P traffic control. * Updated WPA supplicant, dropbear SSH server. * Fixed memory leaks, possible deadlock situations in AAA daemon code. * Fixed potential problems in UAM redirector redird, made some optimizations. * Improved white/black list handling performance. * New WDS implementation does not require to specify MAC address of WDS peer in configuration. * Limitation of new wireless driver: if master and virtual interface working in managed mode - a client are configured on the same radio card, master will not be accessible while client is scanning for an AP to connect to. KNOWN ISSUES ============ * Station supervision on bridge does not work with multiple AAA daemons on bridge ports. * WILI Configurator is not yet available in 5.00 version. It will be released as a stand-alone application. * When configuring wireless interfaces, master AP configuration should go before virtual wireless interfaces in configuration sections. * RDAT-81 device specifics: * ath0 radio card reports as if it was a 802.11 a/b/g radio, in fact it only works in 802.11a mode. INSTALLATION NOTES ================== Default configuration --------------------- Use the following procedure to access WILI-S based device Web management pages via Wireless interface. Connecting the first time through WLAN interface ------------------------------------------------ Please follow step-by-step instructions in order to connect to the WILI-S based device for configuration and management activities. 1a. For hardware powered directly from the mains connect a power adapter to the WILI-S based device. 1b. For hardware powered via PoE adapter connect PoE adapter's P+Data port with the WAN port of the WILI-S based device. 2a. Connect one Ethernet patch cable to the WAN port of WILI-S based device and to an Ethernet port of a broadband Internet modem or router. 2b. Connect one Ethernet patch cable to the PoE adapter's Data port and to an Ethernet port of a broadband Internet modem or router. 3. Setup a wireless network adapter on your computer (Go to Start>Settings>Network Connections>Right click on Wireless Network Connection associated with the wireless adapter) by selecting Properties. 4. Setup wireless network adapter's IP address (choose Internet Protocol (TCP/IP)> click Properties). 5. Make sure that your wireless network adapter is configured to obtain IP address automatically. 6. Enable wireless network connection. 7. Choose a wireless device with SSID WILI-S from a list of available wireless networks. 8. Open the Web browser and type default wireless interface IP address: http://192.168.4.1 RDAT-81 device has 2 integrated radio modules, 802.11a radio has IP address 192.168.4.1, alternatively for access in 802.11b/g mode try: http://192.168.5.1 After the connection is established, you will see WILI-S Web interface. 9. Enter user name 'admin' and password 'admin01' to access the Web management. It is strongly recommended to change default user's password. 10. After successful administrator log in you will see the system information page of the WILI-S device Web management interface. Now the WILI-S device is ready for configuration. For further instructions on Web management refer to the respective documentation. Connecting for the first time through WAN interface ----------------------------------------------- Use the following procedure to access the WILI-S based device Web management pages via WAN interface: 1a. On a network without DHCP server configure your PC with a static IP address on the 192.168.2.0 subnet with mask 255.255.255.0 1b. On a network with running DHCP server, leave your current configuration and go to step 2. 2. Connect the WILI-S based device WAN interface to the same physical network as your PC. Open the Web browser and type either the default IP address of the WILI-S based device: http://192.168.2.66 or IP address provided for device by DHCP server. 2. Enter the WILI-S based device administrator's login details to access the Web management: default administrator's user name is 'admin' and password is 'admin01'. 3. After successful administrator log in you will see system information page of the WILI-S device Web management interface. Now the WILI-S device is ready for configuration. Console Connection ------------------ Use the following procedure to access the WILI-S based device using a serial connection cable (if available on board). 1. Connect the power adapter to the WILI-S based device. 2. Connect the device to your management terminal using the serial connection cable and start a terminal session (using an application such as HyperTerminal) with the following settings: +------------------+-------------------------+ | Setting | Value | +==================+=========================+ | Bits per second | 115200, 38400 on WRAP2c | +------------------+-------------------------+ | Data bits | 8 | +------------------+-------------------------+ | Parity | none | +------------------+-------------------------+ | Stop bits | 1 | +------------------+-------------------------+ | Flow control | none | +------------------+-------------------------+ 3. When connected correctly the login prompt appears allowing you to enter the administrator's login and password: default administrator's login settings are: user name 'admin' and password: 'admin01'. 4. Enter the default login credentials and you will be successfully logged in the WILI-S based device CLI management interface: For further instructions on CLI management refer to the respective section in WILI-S User's Guide. Configuration ------------- Detailed information on the configuration of a device, its available options and documentation is provided in WILI-S and WILI-CORE Skin User's Guides accordingly. Additional information can be found on www.wilibox.com and forum pages as well. Firmware Update --------------- Firmware updates can be done from the System/Maintenance menu when using Web management. Alternatively firmware updates can be done via RCMS server. Please consult appropriate manual for the purchased product. TECHNICAL SUPPORT ================= If you encounter any problems when installing or using your WILI-S product please refer to the WILIBOX web site www.wilibox.com for local support contacts. Also, questions can be asked at http://www.wilibox.com/forum/. Latest firmware updates are available at the download area on www.wilibox.com. =========== End of File ===========