1. Home
    2. /
  2. Manuals
    3. /
  3. AirRouter
    4. /
  4. AirOS
    5. /
  5. 3
Page 11 / 38 Scroll up to view Page 6 - 10
9
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
Station
This is a client mode, which connects
the AirRouter to an Access Point. In
Station
mode,
the AirRouter acts as the subscriber Station while
connecting to the Access Point. The SSID of the
Access Point is used and all the traffic to/from the
network devices connected to the Ethernet interface is
forwarded.
Subscriber Station is using the arpnat technique which
may result in a lack of transparency while passing-
through broadcast packets in bridge mode.
Station WDS
WDS stands for Wireless Distribution
System. Station WDS should be used while connecting
to an Access Point that is operating in WDS mode. This
mode is compatible with WPA/WPA2 encryption.
Station WDS mode enables packet forwarding at the
layer 2 level.
The benefit of Station WDS is improved performance
and faster throughput. Station WDS - Bridge mode is
fully transparent for all Layer 2 protocols.
Access Point
This is an 802.11 Access Point.
Access Point WDS
This is an 802.11 Access Point which
allows for layer 2 bridging with Station WDS devices
using the WDS protocol. Access Point WDS is not fully
compatible with WPA/WPA2 encryption.
WDS allows you to bridge wireless traffic between
devices which are operating in Access Point mode.
Access Point is usually connected to a wired network
(Ethernet LAN) allowing wireless connection to the
wired network. By connecting Access Points to one
another in an extended service set using the WDS,
distant Ethernet connections can be bridged into a
single LAN.
It is very important that network loops should not be
created with either WDS bridges or combinations of
wired (Ethernet) connections and WDS bridges. Tree
or Star shape network topology should be used in all
WDS use-cases (i.e. if AP2 and AP3 are specified as the
WDS peers of AP1, AP2 should not be specified as the
WDS peer of AP3 and AP3 should not be specified as the
WDS peer of AP2 in any case). Mesh and Ring network
topologies are not supported by WDS and should be
avoided in all the use cases.
Note:
Station
WDS and
Access Point
WDS mode
use the WDS protocol which is not defined as
the standard thus compatibility issues between
equipment from different vendors may arise.
Note:
When connecting devices in AP-WDS-
to-AP-WDS mode, the WPA/WPA2 security
methods will not function. When connecting
AP-WDS devices to another AP-WDS device use
none or the WEP security method. However,
this may compromise the security of your
network. When connecting STA-WDS clients
to an AP-WDS device, all security methods are
available and work properly.
WDS Peers
(Only applicable in
Access Point WDS
mode.)
WDS Stations and/or WDS Access Points connected to
the AirRouter should be specified in this list to create a
wireless network infrastructure - Wireless Distribution
System.
Enter the MAC address of the paired WDS device in
the WDS Peer entry field. One MAC address should be
specified for Point-to-Point connection use case, up to
six WDS Peers can be specified for Point-to-Multi-Point
connection use case.
Auto
(Only applicable in
Access Point WDS
mode.) Option
should be enabled in order to establish WDS connections
between Access Points if WDS Peers are not specified. If
the
Auto
option is enabled, the AirRouter will choose WDS
Peers (Access Points) according to the SSID setting. Access
Point operating in WDS mode should have the same SSID
as the WDS Peer in order to establish the connection
automatically while the
Auto
option is enabled. This
configuration is also known as repeater mode. AP WDS
Auto option can not be selected if any type of WPA or
WPA2 security is used as WPA requires different roles on
AP configuration (authenticator or supplicant).
Note:
Access Point operating in WDS mode
and all the WDS Peers must operate on the
same frequency channel, use the same channel
spectrum width and the same security settings.
SSID
The wireless network name or SSID (Service Set
Identifier) used to identify your 802.11 wireless LAN
should be specified while operating in Access Point or
Access Point WDS mode. All the client devices within
range will receive broadcast messages from the access
point advertising this SSID.
While operating in Station or Station WDS mode, you
should specify the SSID of the Access Point the AirRouter
is associated with. There can be several Access Points with
an identical SSID. If the SSID is set to “Any” the station will
connect to any available AP.
Select
(Only applicable in
Station
and
Station WDS
mode.)
The list of the available Access Points can be retrieved
using the
Select
button. This control activates
Site Survey
tool which is used for the AP selection. Site Survey will
search for the available wireless networks in range on
all supported channels and allows you to select one for
association. In case the selected network uses encryption,
you’ll need to set security parameters in the
Wireless
Security
section. Select the Access Point from the list and
click
Select
button for association.
Page 12 / 38
10
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
Click
Scan
to refresh the list of available wireless networks.
The Site Survey channel scan list can be modified using
the Channel Scan List control.
Hide SSID
(Only applicable in
Access Point
and
Access
Point WDS
mode.) When this option is enabled, the SSID
(wireless network name) will not be broadcast to wireless
stations.
Lock to AP MAC
(Only applicable in
Station
and
Station
WDS
mode.) This allows the station to always maintain a
connection to a particular AP with a specific MAC address.
This is useful as sometimes there can be multiple access
points using the same SSID. With AP lock on, the station
will lock to a specific MAC address and not roam between
several Access Points with the same SSID.
Country Code
Each country has their own power level
and frequency regulations. To ensure the AirRouter
operates under the necessary regulatory compliance
rules, be sure to select the country where your device
will be used. The channel list, output power limits, IEEE
802.11 and Channel Spectrum Width modes will be tuned
according to the regulations of the selected country.
IEEE 802.11 Mode
Displays the radio standards used for
the AirRouter.
Channel Width
Displays the spectral width of the radio
channel. Supported wireless channel spectrum widths:
5 MHz
is the channel spectrum with the width of 5 MHz
(known as Quarter-Rate mode).
10 MHz
is the channel spectrum with the width of 10
MHz (known as Half-Rate mode).
20 MHz
is the standard channel spectrum width
(selected by default).
40 MHz
is the channel spectrum with the width of 40
MHz.
Auto 20/40MHz
(Only applicable in
Station
or
Station
WDS
mode.) It offers better compatibility.
Note:
Laptops cannot connect to the AirRouter
when the channel width is set to 5/10 MHz.
Some devices may not be able to connect using
the 40 MHz setting.
Channel Shifting
Enables special channels which have
the frequency offset from the standard 802.11b/g/n
channels. This is a proprietary Ubiquiti Networks
developed feature. While 802.11 networks have standard
channels spaced every 5 MHz apart, channel shifting uses
non-standard channels offset from the standard channels.
All the channels can be shifted by 5 MHz (in 802.11n) or
2 MHz (in 802.11bgn) from the default central channel
frequency.
Note:
Channel shifting is not compatible with
legacy products.
The benefits of this are private networking and inherent
security. Using channel-shifting, networks instantly
become invisible to the millions of Wi-Fi devices in the
world.
Frequency, MHz
(Only applicable in
Access Point
or
Access Point WDS
mode.) Select the wireless channel
while operating in Access Point mode. Multiple frequency
channels are available to avoid interference between
nearby access points. The channel list varies depending on
the selected country code, IEEE 802.11 mode and Channel
Spectrum Width and Channel Shifting option.
Obey regulatory Rules
Option must remain enabled
while it will force the transmit output power to be
compliant with the regulations of the selected country. In
this case, it will not be possible to set equivalent isotropic
radiated power (EIRP) above the amount allowed per
regulatory domain (different maximum output power
levels and antenna gains are allowed for each IEEE
802.11b/g/n regulatory domain thus country).
Extension Channel
(Only applicable in
Access Point
or
Access Point WDS
mode with 40 MHz channel width.)
Indicates the use of channel bonding that allows the
AirMax network to use two channels at once. Using
two channels improves the performance of the Wi-Fi
connection. It is automatically selected by the system.
Channel Scan List, MHz
(Only applicable in
Station
or
Station WDS
mode.) This will confine scanning only to the
selected channels. The benefits of this are faster scanning
as well as filtering out unwanted AP’s in the results. Site
Survey tool will look for the Access Points in selected
channels only. Once enabled, click
Edit
to open the
Channel Scan List
window.
Select the channels that you want to scan and click
OK
or
click
Close
to close the window without any selections.
Output Power
This defines the maximum average
transmit output power (in dBm) of the AirRouter. The
output power can be specified using the slider. When
entering the output power value manually, the slider
position will change according to the entered value. The
transmit power level maximum is limited according to the
country regulations. Output power is the output power
delivered to the internal antenna.
Max Data Rate, Mbps
This defines the data rate (in Mbps)
at which the device should transmit wireless packets.
You can fix a specific data rate between MCS 0 and MCS
7. It is recommended that you use the automatic option,
especially if you are having trouble getting connected or
losing data at a higher rate. In this case, the lower data
rates will be used automatically. If you select 20 MHz
Page 13 / 38
11
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
Channel Spectrum width, the maximum data rate is MCS7
(65Mbps). If you select 40 MHz Channel Spectrum width
the maximum data rate is MCS7 (150 Mbps).
Automatic
When selected, the rate algorithm will select
the best data rate, depending on link quality conditions.
It is recommended that you use this option, especially if
you are having trouble getting connected or losing data
at a higher rate. Refer to the
Advanced
section for detailed
information about rate algorithms.
Wireless Security
In
Access Point
and
Access Point WDS
mode, this is where
you configure the wireless security settings that will be
used by the devices on your wireless network.
In
Station
or
Station WDS
mode, you will need to match
the security settings of the Access Point that the AirRouter
is associated with.
Security
The AirRouter supports the following wireless
security methods:
WEP
WEP (Wired Equivalent Privacy) is the oldest and
least secure security algorithm. WPA™/WPA2™ security
methods should be used when possible.
WPA
WPA™ or Wi-Fi Protected Access was developed as
a stronger encryption method over WEP.
WPA-TKIP
WPA™ (Wi-Fi Protected Access) security
mode with TKIP support only. TKIP (Temporal Key
Integrity Protocol) uses the RC4 encryption algorithm.
WPA-AES
WPA™ (Wi-Fi Protected Access) security
mode with AES support only. AES (also known as CCMP)
- Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol which uses the Advanced
Encryption Standard (AES) algorithm.
WPA2
WPA2™ was developed to strengthen wireless
encryption security and is stronger than WEP and
WPA™.
WPA2-TKIP
WPA2™ (Wi-Fi Protected Access) security
mode with TKIP support only. Temporal Key Integrity
Protocol which uses RC4 encryption algorithm.
WPA2-AES
WPA2™ (Wi-Fi Protected Access) security
mode with AES support only. AES (also known as
CCMP) - Counter Mode with Cipher Block Chaining
Message Authentication Code Protocol which uses the
Advanced Encryption Standard (AES) algorithm. This
is the strongest security option available. If all of the
wireless devices on your network support this option, it
is recommended that you select it.
If you want an open network without wireless security,
select None.
WEP
Authentication Type
One of the following authentication
methods should be selected if WEP security is used:
Open
The station is authenticated automatically by the
AP (selected by default).
Shared Key
Station is authenticated after the
challenge, generated by the AP.
WEP Key Length
This determines the length of the WEP
security key. Select one of the two key length options:
64-bit
This option is selected by default. A 64-bit key is
10 HEX or 5 ASCII characters in length.
128-bit
The 128-bit option provides a little more
security and is 26 HEX or 13 ASCII characters in length.
Key Type
Specifies the character format for the WEP key:
HEX
Selected by default, this option uses hexadecimal
characters. 0-9, A-F or a-f are valid characters.
ASCII
ASCII uses the standard English alphabet and
numeric characters.
WEP Key
Enter the WEP encryption key adhering to the
selections you made for key length and key type:
Type
HEX
ASCII
64-bit
10 Hexadecimal Characters
(0-9, A-F or a-f) Example:
00112233AA
5 ASCII Characters
Example:
ubnt1
128-bit
26 Hexadecimal Characters
(0-9, A-F or a-f) Example:
00112233445566778899AABBCC
13 ASCI characters
Example:
ubntproducts1
Key Index
Specifies the Index of the WEP Key used. 4
different WEP keys can be configured at the same time,
but only one is used. The effective key is set by choosing 1,
2, 3 or 4.
WPA™/WPA2™
The configuration options are the same for all of the
WPA™ and WPA2™ options. WPA2-AES is the strongest
security method. If all of the wireless devices on your
network support this option, it is recommended that you
select it.
WPA Authentication
One of the following WPA™ key
selection methods should be specified if WPA™ or WPA2™
security method is used:
PSK
Pre-shared Key method (selected by default).
Page 14 / 38
12
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
EAP
EAP (Extensible Authentication Protocol)
IEEE 802.1x authentication method. This method is
commonly used in Enterprise networks.
PSK
WPA Pre-shared Key
A passphrase needs to be specified
when the
Pre‑shared Key
method is selected. The
pre-shared key is an alpha-numeric password between 8
and 63 characters long.
EAP
EAP - Station Mode
WPA Anonymous Identity
(Only applicable in
Station
or
Station WDS
mode with EAP-TTLS.) Identification
credential (also known as identity) used by the supplicant
for EAP authentication.
WPA User Name
(Only applicable in
Station
and
Station
WDS
mode.) Identification credential (also known as
anonymous identity) used by the supplicant for EAP
tunneled authentication (EAP-TTLS) in unencrypted form.
WPA User Password
(Only applicable in
Station
and
Station WDS
mode.) Password credential used by the
supplicant for EAP authentication.
EAP- Access Point Mode
Radius Server IP
Specifies the RADIUS Server’s IP address.
RADIUS is a networking protocol providing centralized
Authentication, Authorization, and Accounting (AAA)
management for computers in order to connect to, and
use a network service.
Radius Server Port
Specifies the RADIUS Server’s UDP
port. The most commonly used port is 1812, but that
depends on the RADIUS Server you are using.
Radius Server Secret
Specifies the password. A shared
secret is a case-sensitive text string used to validate
communication between two RADIUS devices.
Note:
When connecting devices in AP-WDS-to-
AP-WDS mode, the WPA/WPA2 security methods
will not function. When connecting AP-WDS
devices to another AP-WDS device use none or
the WEP security method. However, this may
compromise the security of your network. In case
of connecting STA-WDS clients to an AP-WDS
device, all security methods are available and
work properly.
MAC ACL
MAC ACL
(Only applicable in
Access Point
and
Access
Point WDS
mode) MAC Access Control List (ACL) lets you
allow or deny clients connectivity to the AirRouter. When
enabled, select one of the policies:
Allow
Wireless clients in the list have access to the
AirRouter. Any wireless clients that have not been added
to the list will not have access to the AirRouter.
Deny
Wireless clients in the list will be denied access
to the AirRouter. Any wireless client that is not in the list
can access the AirRouter.
The MAC addresses of the wireless clients can be added
and removed using the
Add
and
Remove
buttons.
Note:
MAC Access Control should be used in
combination with a security method such as
WPA™ or WPA2™. It should not be used as the
only method of security on your network.
Click
Change
to save the changes.
Page 15 / 38
13
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
Network
The
Network
tab allows the administrator to setup bridge
or routing functionality. The IP configuration is required
for device management purposes. IP addresses can either
be retrieved from a DHCP server or configured manually.
Use the
Network
tab to configure the IP settings.
Network Role
The AirRouter can operate in
Bridge
,
Router
or
SOHO Router
mode.
Network Mode
Specify the operating network mode
for the device. There are three modes:
Bridge
,
Router
and
SOHO Router
. The default setting for the AirRouter is
SOHO
Router
. The mode depends on the network topology
requirements:
Bridge
In this mode the device will act as a transparent
bridge and will operate in Layer 2. There will be no
network segmentation and the broadcast domain will
be the same. Bridge mode will not block any broadcast
or multicast traffic. Additional firewall settings can
be configured for Layer 2 packet filtering and access
control in
Bridge
mode.
Router
This operating mode can be configured in order
to operate in Layer 3 to perform routing and enable
network segmentation – wireless clients will be on a
different IP subnet. Router mode will block broadcasts
while it is not transparent.
The AirRouter supports Multicast packet pass-through
in
Router
mode.
The AirRouter can act as DHCP server and use Network
Address Translation (Masquerading) feature which is
widely used by Access Points. NAT will act as the firewall
between LAN and WLAN networks. Additional firewall
settings can be configured for Layer 3 packet filtering
and access control in
Router
mode.
SOHO Router
SOHO (Small Office/Home Office) Router
is basically a derivation from
Router
mode. In
SOHO
Router
mode, the Main Ethernet port labeled
<···>
functions as the WAN port. The WLAN and LAN ports
function as the local network (LAN). This is the default
operating mode of the AirRouter.
Disable Network
This option can be used to disable the
WLAN, LAN or WAN interface. This setting should be used
with caution as no L2 or L3 connection can be established
through the disabled interface. It will be impossible to
access the AirRouter from the wireless/wired network
which is connected to the disabled interface. Disable WAN
is only applicable while operating in
SOHO Router
mode.
Bridge
In
Bridge
mode, the AirRouter forwards all network
management and data packets from one network
interface to the other without any intelligent routing. For
simple applications this provides an efficient and fully
transparent network solution. WLAN (wireless) and LAN
(Ethernet) interfaces belong to the same network segment
and share the same IP address space. WLAN and LAN
interfaces form the virtual bridge interface while acting as
the bridge ports. The bridge has assigned IP settings for
management purposes.
Network Settings
Bridge IP Address
The device can be set for static IP or
can be set to obtain an IP address from the DHCP server it
is connected to. One of the IP assignment modes must be
selected:
DHCP
Choose this option to assign the dynamic IP
address, Gateway and DNS address by the local DHCP
server.
-
DHCP Fallback IP
Enter the IP address for the
AirRouter to use if a DHCP server is not found.
-
DHCP Fallback Netmask
Enter the netmask for the
AirRouter to use if a DHCP server is not found.

Rate

124.8 / 5 based on 304 votes.

Popular AirRouter Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top