Sundray

Wireless Data Forwording

Content

Contents
1 Basic Introduction

2 Wireless Data Forwording

3 Case
Content

Contents
1 Basic Introduction

2 Wireless Data Forwording

3 Case
Technical Term

NAC： Sundray network Access point controller. Manage AP

AP： Sundray access point. provide wireless access service, covering the
service area
SSID： Wi-fi service set identification--Wi-fi signal name.
POE：Power over Ethernet--remote power supply by Ethernet.
STA： Wi-fi wireless terminals, such as laptop, mobile phone and tablet,etc.
WLAN network topology

NAC：Controller control the AP, and configure the control policy.

Advantage：
Internet
1、Central management： Configure on the NAC, no configuration
on the AP
2、Smart RF(radio frequency), set secure policy based on the user , high secure
level , Roaming, suitable for large network
Ethernet

Tunnel

Fit AP
Fit AP Fit AP

Wireless network
802.11 Frame
AP

RESET Eth0 Console Local power supply

Reset to default：Long press RESET for 10 second, except the power led light, the AP will restart.
Controller

Console, or USB, Manage

SMS modem password port with
recovery default Business port
IP
Login

10.252.252.252/24
 Interface：web IP address
10.252.252.1/24 10.252.252.0/24
 Portocol：https
 MANAGE port：10.252.252.252
 Account：admin/admin
Open browser enter https://10.252.252.252
Password and configuration recovery

Password recovery: Find a USB disk, in which built a file called reset-password.txt, and then
the U disk inserted into NAC, restart the NAC and take the u disk off, finished pulling down, U
disk will automatically add a log file, which wrote the new password is admin. (do not need any
other operations, the device will not automatically restart) U disk requirements are FAT32
format, if there are multiple partitions, the put file into the root partition.

To restore the factory: Use the loop line, directly connected to eth0, power on the NAC,
NAC will restore the default configuration, at this time, NAC will not automatically restart,
also do not need to manually restart.

The loop line production methods: Get a ordinary a crossover cable, get rid of the crystal
head , the 1-3 docking, 2-6 docking, then use another head.
Content

Contents
1 Basic Introduction

2 Wireless Data Forwording

3 Case
Data forwarding mode

 Bridge mode：Management data and business data are separated. All business data is forwarded
directly from AP, without tunnel encapsulation. NAC is only responsible for managing AP.

 Tunnel mode： When STA's data arrive at AP, it is encapsulated by AP, transmitted by AP to
NAC, and then transmitted by NAC to Internet.
Bridge mode
Internet

Advantages
Exit router
Reducing wireless controller's load and
throughput
business keeps constant after faults
occurring
Bridge mode must be used in some special
POE
situations.
switch Wireless
controller Disadvantages
control (DHCP Poor roaming performance and
Data direction
Tunnel SERVER)
hard to find out the problems
Less features: no access control
Business based on applications
AP
data Weak in management and data
analysis
The Bridge mode as shown above is that the management data
separates with the business data, all the business data will be
forwarded directly by AP without the tunnel sealing and NAC is only
responsible for AP management.
Tunnel mode
Internet

Exit router Advantages

Easy for management and comprehensive
realization of functions
Good roaming capability
Business data  More flexible network planning
POE switch Easy for new-function extension
Wireless controller Not single
(DHCP SERVER) High arm, ports
Control Tunnel
Data tunnel availability aggregation,
Disadvantages
etc.
Single-point fault
High throughput and load of the wireless
Business data Busines Tunnel
s data
AP
head
controller

The tunnel mode: STA's data is sealed by AP after reaching at AP, then is forwarded to AC from AP, and
finally is forwarded to Internet from AC.
The tunnel protocol is set between AP and NAC, and the data is transmitted in the data tunnel after being
packaged. The data tunnel head adopts udp protocol: the source and destination ports both use upd:7077
Mixed mode

SSID:OFFICE SSID:GUEST
Bridge mode Tunnel mode

In the situation, the wireless network can have both centralized data and local data forwarding, which can
be used for the transmission type designation when configuring WLAN's SSID . One SSID can only be
set with one type mode for data forwarding, and AP supports double-frequency, each of which has
multiple practicable SSIDs, and therefore the double-frequency mixed forwarding modes can be set.
Vlan setting
Physical port support layer2 and layer3.
1、access mode
Vlan setting
2、trunk mode
DHCP
NAC support DHCP service. We can enable DHCP service in physical port and vlanif.

1、If we enable DHCP service in physical port so NAC can provide DHCP service for outside.

In the bridge mode, if users want to obtain same subnet IP with AP, we need to set VLAN assignment as 1
DHCP
2、Vlanif also support DHCP service.

In tunnel mode, we need to set vlan assignment as same as vlanif if we want users obtain IP address
from NAC.
Routing table
1、Direct routing： If a layer3 interface is enabled or a new VLAN is added to the VLAN interface, the
WAC routing table will add a direct route.

C 192.200.16.0 is directly connected, eth1

Routing table
2、Static routing: is a form of routing that occurs when a router uses a manually-configured routing
entry

S 172.16.1.0/24 [1/10] via 172.16.1.254，vlanif10

Policy-Based Routing
Policy-Based routing is generally applicable to the following two network environments, such as the
following two network environments, which can be shunted based on the source IP group, the
destination IP group, and the protocol implementation, but can not implement the load or redundant
backup.

Priority: Policy-Based routing > static routing

Matching rules: from top to bottom

Policy-Based Routing
Wired | Network | IP Group | add a new ip group, staff and guest belong to different group.
Content

Contents
1 Basic Introduction

2 Wireless Data Forwording

3 Case
Case

XX company, now have wired network, the route

goes to the internet through dial up, the access
layer is a L2 switch, router serve as a DHCP
Wan0:pppoe
server, with the subnet segment: 192.200.4.0/24
Route
Lan1:192.200.4.254 Now deploy WLAN, with PSK authentication, no
other requirements.

L2 Switch
New topology

Wan0:pppoe

Lan1:192.200.4.254

eth1 NA
eth2 C

lan Terminal vlan1

AP 172.16.1.0/24
Login NAC
PC: 10.252.252.0/24, connect to manage port of NAC
Interface
Wired | Interface | Physical Interface we can choose this port as layer 3 and set IP address base on
situation.
VLAN
Wired | Interface | Physical we can choose this port as access or trunk.
VLAN、DHCP
Wired | Interface | VLAN Interface we can add a new one and set as VLAN 1，set IP address munually and
enable DHCP service. Allow Inter-VLAN routing in Advanced Settings
Routing table
Wired | Network | Static Routing we can add a default routing, Next-Hop is gateway.
NAT
Wired | Network | Nat we can add a NAT in here if we don’t want to set some routing in the gateway.
DNS & TEST
Wired | Network | DNS we can input 8.8.8.8 as our DNS server
Maintenance | web console we can ping www.google.com to test network. If you can get the answer like
below picture, it mean already connect.
AP discovery

Sundray support 4 ways for the AP to discover controller:

• Broadcast: AP and controller in the same L2 subnet

• DHCP option 43: set the option 43 as the controller’s IP

• DNS: set www.wlanadmin.com resolve to controller’s IP

• Manual: use the troubleshoot tool to set the controller IP for the AP
AP activate
In case of illegal AP access controller, we have to manually approve the discovered AP.
There will be on the right top of the webpage, click it will be redirected to the approve page.
AP status
Status | WLAN we can check the status of AP.
WLAN
AP Configuration | WLAN we can add a new SSID
Online client
Status | Online client we can check STA information.
Question

1. What are the advantages between fit AP and fat AP?

2. If AP and NAC are in different sections of the customer environment, and the DHCP servers of
the customers are other brands (do not support Option43), how do we activate AP?

3. If the customer scenario is a public area, an open network is set up. How can we ensure that the
DHCP address pool is enough?

4. If the customer wire network is dedicated line, wireless network other dedicated line, how to
achieve wired wireless can access each other?
SUNDRAY
信锐技术