You are on page 1of 110

Technical Support

New Product Training Course


EAP Series Introduction

20/7/2015

*Internal Material
Disclaimer
This training course is prepared by TP-LINK technical support team,
aiming to introduce the new product to technical support or sales
team.

This course may contain some sensitive product parameters such as


the hardware configuration or bug notice, please DO NOT send the
whole file to external staff directly or just extracted part content for
external training.

Reminder
We may not provide the detailed technical introduction for derivatives
once the corresponding part has been released within new product
form before. In case you are interested to acknowledge this part or do
not find it on FTP server, please contact us through vipsupport@tp-
link.com.
OUTLINE

Demand for large WLAN deployment

Why do we need large WLAN deployment? How can we


manage it?

EAP Series Product

What does EAPs look like? What are the features of them?

EAP Controller Intro

What are the features of EAP Controller? What should be


noted to use it?
CONTENT

Demand for large WLAN deployment

• Large WLAN Deployment Demand and Challenges


• Different Management Architectures Intro
Large WLAN Deployment Demand and Challenges
Large WLAN Deployment Demand and Challenges

What’s an access point?

An access point, or AP, is a device used to provide a wireless portal into a wired infrastructure
network. In another word, an access point is used to provide Wi-Fi.
Large WLAN Deployment Demand and Challenges

Demands for large scale WLAN deployment

As public demand for wireless network access increases, service providers are looking for
solutions to deploy reliable and cost-effective business-level wireless networks for hotels,
offices, markets, campuses, libraries, conference halls and etc.
However, deploying WLAN of large scale is not as simple as installing a single AP at home.
Large WLAN Deployment Demand and Challenges

The challenges of large scale WLAN deployment

1. Installation challenge: Ordinary access points are usually desktop designed. But in
most public places it is infeasible to deploy Ethernet cables for desktop access points
on the floor. Also, there are usually various furniture on the floor, which can easily
block the signal from a desktop wireless router/access point.

In these cases, wall/ceiling mount becomes a preferred installation method.

Desktop design Wall/ceiling mount design


Large WLAN Deployment Demand and Challenges

The challenges of large scale WLAN deployment

2. Radio challenge: Coverage area can be large, with often hundreds of devices in
particular areas. However, there is only a finite amount of radio spectrum (channels)
available to serve these clients.
To solve the radio challenge, administrators must determine how many access
points are needed, where should they installed, what channel and output power
should be used to cover a particular area.

Products with adjustable output power and AP load


balance function can facilitate the job.
Large WLAN Deployment Demand and Challenges

The challenges of large scale WLAN deployment

3. Management challenge: As an administrator, nobody want to configure dozens of


APs individually. There should be a unified management method to configure,
monitor and manage all the APs synchronously.

……

Centralized management feature is necessary.


Large WLAN Deployment Demand and Challenges

Choosing proper products for large scale WLAN deployment

Installation challenge Wall/ceiling mount design

Administrator’s radio plan

Radio challenge AP load balance function

Adjustable Transmission
power
Management Centralized management
challenge

While the installation challenge and the radio challenge require proper
physical design and radio planning, the management method is depend on
the management architecture. The next part will introduce APs of different
management architectures.
Different Management Architectures Intro
Different Management Architectures Intro

Access Points of Different Management Architectures

To meet the demand of large scale WLAN deployment, wall/ceiling mount access point
products have emerged. Vendors generally offer AP products of one of three primary WLAN
architectures:
 􀂄 Autonomous WLAN architecture
 􀂄 Centralized WLAN architecture
 􀂄 Distributed WLAN architecture

The following section will describe these three architectures in greater detail.
Different Management Architectures Intro

 Autonomous WLAN Architecture


For many years, the conventional access point is a standalone WLAN portal device, which is
functioning independently from other network devices. All configuration settings exist in the
access point itself, and therefore, users must manage each autonomous AP individually.
The traditional access point is often referred to as fat APs, or standalone APs. However, the
most common industry term is autonomous AP.

As an administrator, nobody wants to configure and manage 100 APs individually.


Obviously it is a painful way to use a number of autonomous APs to form a large
scale WLAN since there is no centralized management method for all the APs.

Access Point

Wall/ceiling mount autonomous AP


(TOTOLINK N5)
Different Management Architectures Intro

 Centralized WLAN Architecture


The next progression in the development of WLAN integration is the centralized WLAN
architecture. In this architecture, autonomous APs have been replaced with thin APs, also
known as lightweight AP. A central WLAN controller, or called Access Controller (AC),
resides in the core of the WLAN. This architecture usually has following features:

1. A thin AP itself has no management functions.


2. The WLAN controller is used to configure, control and manage all thin APs.
3. Thin APs only tunnel all user traffic to the WLAN controller. It is the WLAN controller
that handles and determines how to distribute the data traffic.

One disadvantage of this architecture is the cost. A WLAN controller can cost more than
a few thin APs, which may not be cost-effective for some smaller network projects.

Thin APs

All the management information and data traffic are


handled by the WLAN controller. The WLAN controller
WLAN controller
becomes the core of the WLAN.
Different Management Architectures Intro

 Distributed WLAN Architecture (with a Cluster)


A recent trend is to move from the centralized architecture to a distributed architecture. In a
distributed WLAN architecture, cooperative standalone APs communicate with each other
via a suite of cooperative protocols, without requiring a WLAN controller.

1. Each individual AP is full functional. Each AP handles and forwards the local traffic by
itself, just as a normal standalone AP does.
2. Multiple APs are organized into clusters. Control and management information are
shared between APs within the same group.

Master

Wired LAN
Management information are pushed from the Master to the APs within a group
Different Management Architectures Intro

 Distributed WLAN Architecture (with a Cluster)

3. In most distributed systems, although every AP is fully functional, one of them is


elected automatically as the master of the cluster via a dedicated cooperative
protocol. The Master provides a unified management interface where users can
configure and manage all the APs synchronously. The master pushes configuration
and management information to all the other APs of the same group.

The number of APs can be contained and managed in one group is limited by the master
AP’s hardware and software resources.

Master

Wired LAN
Management information are pushed from the Master to the APs within a group
Different Management Architectures Intro

 Distributed WLAN Architecture (with a WNMS)


In another form of distributed architecture, the Master AP is taken place by a WLAN
network management system (WNMS), which is usually a dedicated software running on
a computer. Some WNMS can also be deployed in the cloud.
1. Each individual AP is full functional. Each AP handles and forwards the local traffic by
itself, just as a normal standalone AP does.
2. The WNMS provides centralized management interface for users to configure, monitor
and manage all the APs.

Comparing to a Master AP, the hardware resource of a PC can be much better, which
allows for more powerful management functions and handling more APs synchronously.

EAP Controller

The WNMS collects the status information from the APs and push the Wired LAN
WNMS management institutions to the APs.
Different Management Architectures Intro

Conclusion

Standalone AP is usually used to provide Wi-Fi coverage for home and small office.
Standalone APs are not suitable for large scale WLAN deployment as users need to
configure and monitor each AP individually.

Thin APs with a WLAN controller are feasible for deploying large scale WLAN. But a well-
designed WLAN controller could cost too much, which may not be cost-efficient for some
smaller network projects.

Distributed APs with a Cluster are also feasible for deploying large scale WLAN. Yet the
cluster scale is limited by the Master AP’s hardware and software resources.
More cost-efficient

Distributed APs with a WNMS is an variant form of distributed architecture. Benefited


from the server’s hardware resource, this architecture allows for more powerful
management functions and handling more APs synchronously.
More cost-efficient and flexible
CONTENT

EAP Series Intro

1. Overview and applicable scenario


2. Appearance
3. Mount design
4. Power supply
5. Cluster mode Introduction
Overview and applicable scenario
Indoor Business Wi-Fi Solution

EAP Series
Ceiling/Wall Mount Access Point with PoE
DC input

PoE input

 Flexible power supply mode


The EAP can be powered either via PoE or via a power adapter.
Supports redundant power supply.

EAP110 only supports passive PoE


 Centralized Management

EAPs can be managed via EAP Controller.


 Applicable to large scale Wi-Fi deployment

With easy mount design, PoE power supply, centralized management, captive
portal, auto RF management and adjustable output power, EAP series are suitable
for deploying business-level wireless networks for hotels, offices, markets,
campuses, libraries, conference halls and etc.
 Typical Scenario – Offices
 Requirements:
• High user density
• Large area divided into sections needs Wi-Fi coverage
• No suitable places for desktop access point, thus prefer ceiling mounting
• Centralized management method for all access points
 Typical Scenario – Offices
Multiple EAPs can be mounted on ceilings at different partitions with PoE power
supply. Each EAP provides Wi-Fi coverage for a particular area with suitable output
power and channel. Administrator manages all the EAPs from a single web interface.

Internet

PoE Switch Gateway Router


 Typical Scenario – Hotels and etc.

Similarly, EAP Series are also applicable for large scale Wi-Fi deployment for hotels,
offices, markets, campuses, libraries, conference halls and etc.

Internet
Gateway Router PoE Switch
 Special Scenario – Portal Authentication

Public Wi-Fi hotspots in campus, hotels are usually aimed at providing convenient internet
access for guests. These hotspots usually have the following requirements.

 Requirement:
• Convenient authentication method for Wi-Fi guests with different devices.
• Every client uses a separate username and password for authentication
• Time restriction of internet access for clients
 Special Scenario – Portal Authentication

To meet these requirements, EAP Series provide an efficient authentication method


called Captive Portal. Captive Portal provide convenient authentication via web browser
for devices of any platforms. Users can conveniently setup a basic captive portal with
EAP’s built-in portal function.
 Special Scenario – Portal Authentication
Q: Can I set up my own portal login page and use a radius server for user authentication instead of
the built-in portal?

A: Yes, pro users can also set up external radius server and external web portal server to cooperate
with EAP to achieve complex authentication management and advertisement purpose. Refer to online
FAQs for setup instruction.
TP-LINK Business Indoor Products Roadmap
TP-LINK Business Indoor Products Roadmap
AC1200/1900

EAP320
- AC1200 Dual Band
- 1 Gigabit LAN port
- 802.3at PoE

EAP Controller Software EAP220 EAP330


- Manage hundreds of EAP - N600 Dual Band - AC1900 Dual Band
N600

- Centralized Management - 1 Gigabit LAN port - 2 Gigabit LAN port


- Completely Free - 802.3at PoE - 802.3at PoE

Q1’2015 Q2’2015 Q3’2015

EAP120
N300

- N300
- 1 Gigabit LAN port EAP110
- 802.3af PoE - N300
- 1 10/100Mpbs LAN port
- Passive PoE for 100m
Appearance
Appearance

 LED indicator

System LED indicator

LED Status Indication


Quickly flashing green System initialization is complete.
Solid green The device is working properly.
The system is abnormal. RAM, Flash, Ethernet,
Slowly flashing red
WLAN or firmware may be malfunctioning.
Quickly flashing yellow Firmware is being updated.
Alternating red/green/yellow twice The device is being reset.
Appearance

 Panel layout —— EAP110


10/100Mbps Ethernet port
Kensington Security Slot and
Secure the lock into the slot to prevent Passive PoE Input
the device from being stolen.

*Refer to Powering Mode section to learn how to power the device via PoE and power adapter.
Appearance
 Panel layout——EAP120/220

Gigabit Ethernet port


and
Kensington Security Slot 802.3af PoE Input for EAP120
Secure the lock into the slot to prevent (802.3at PoE Input for EAP220)
the device from being stolen.
POWER Jack
DC 12V/1A adapter for EAP120
DC 12V/1.5A adapter for EAP220

CONSOLE
This port is used to connect with the
serial port of a computer or a terminal ON/OFF (Power Button)
to check and monitor simple system This button controls both DC supply and the PoE supply.
information of the device. Don’t forget to press this button to turn on the power

*Refer to Powering Mode section to learn how to power the device via PoE and power adapter.
Mount Design
Mount Design

 Easy wall/ceiling mount design

Bottom view of EAP Mounting Bracket

EAP series are designed for wall/ceiling mount. Equipped with the mounting
kits, EAP can be easily installed on wall and ceiling.
Mount Design

 Easy wall/ceiling mount design

In most office areas there are various furniture on the floor, which can easily
block the signal from a desktop wireless router/access point.
Ceiling mount allows the EAP broadcasting signal from a higher altitude so
that the signal can overcome obstruction.
Mount Design

 Easy wall/ceiling mount design

Another case is that in places such as classrooms and restaurants it is not


easy to deploy Ethernet cables for desktop access points on the floor,
thereby wall/ceiling mount becomes the preferred installation method.
Power supply
Power supply
 Power Supply—— EAP110

For EAP110, it can only be powered via Passive PoE. Passive PoE adapter is
contained in the box.

Switch

Note:EAP110 can only be powered via Passive PoE.


Power supply

DC input

802.3af/at PoE input

 Flexible power supply mode —— except EAP110


The EAP120 can be powered via 802.3af PoE or a 12V/1A power adapter.
The EAP220 can be powered via 802.3at PoE or a 12V/1.5A power adapter.
Support redundant power supply.
Power supply
 Flexible power supply mode

Via PoE
1. Connect the EAP to a PSE device (such as a PoE switch) through an
Ethernet cable.
2. Press the ON/OFF button on the EAP to turn on the power.

PoE power source equipment (PSE)

PoE input
Power supply

 Flexible power supply mode

Via a power adapter


1. Connect the EAP to a electric outlet/socket with a DC power adapter.
2. Press the ON/OFF button on the EAP to turn on the power.

Power adapter

LAN

DC input
Power supply
 Flexible power supply mode

Power Fallback
The EAP can be powered by both DC input and PoE input at the same time. In
this case, when one power source fails, the EAP will seamlessly switch to the
other source and keep working.

Power adapter

LAN
PoE input DC input
Cluster Mode Introduction
Cluster Mode Review
 Cluster mode
EAP series products including EAP120/220 implements two particular management
modes called cluster mode and standalone mode. EAP110 will also release firmware
which supports cluster mode.

For EAP120 with firmware EAP120_V1_141107 and EAP220 with firmware


EAP220_V1_150105 , cluster mode is the default mode. Under the default mode, once
powered on, all EAPs within the same LAN automatically form a cluster. One EAP among
them will be elected Master EAP, while the others become member EAPs.

Master

Wired LAN

The EAPs negotiate with each other in the same LAN under a suite of cooperative protocols.
One of the EAP will be elected as the Master.

A cluster can consist of up to 24 EAPs (including the master EAP).


Only the same model can form a cluster.
Cluster Mode Review
 Cluster Mode

Cluster is identified by the cluster name. If there are more than 24 EAP devices in the
same LAN, the 25th EAP would not be able to join the first cluster. In this case, we need to
change the name for the first cluster and then the other EAP can form a new cluster
named TP-LINK by default.

The principle of electing a Master of a cluster is based on the device’s uptime.


For example, 10 EAP120 are powered on almost the same time, but there must be one
device connected in the network prior to the rest. This one with the longest uptime will
be elected as the Master of this cluster. If the Master leaves the LAN, the others will keep
the current configuration and restart an election based on the same principle.
Master
EAP EAP
120 220
TP-LINK-1 24 TP-LINK
Master

EAP EAP EAP EAP


120 120 220 220

Wired LAN
CONTENT

EAP Controller Intro


1. EAP Controller Overview
2. Status of EAP
3. Monitor Section
4. Settings Section
5. Functions Intro
6. Tips for Large WLAN Deployment
7. Comparison with Competitive Products
8. Q&A and Troubleshooting
 IMPORTANT NOTES

EAP120/220 supports cluster mode, EAP110 will push out the firmware supporting
cluster mode according to our plan (Distributed APs with a master AP).
All EAPs support EAP Controller.(Distributed APs with a WNMS).

For EAP series products, the devices can upgrade firmware supporting cluster mode to
firmware supporting EAP Controller or vice versa.

For example, if you got an EAP220 with firmware EAP220_V1_150409 but want to use
cluster mode, you can upgrade it to EAP220_V1_150105 or vice versa.

For more information of cluster mode, please refer to


ftp://ftp.tp-link.com/Internal/Learning_Center/New Product Introduction/2014 New
Product Introduction/New Product Intro-EAP120 only.pdf

Controller 2.x add more features such as L3 management, voucher authentication, rate
limit and access control compared to controller 1.x. Controller 2.x works with
corresponding firmware. Check TP-LINK website for more details.
EAP Controller Introduction
EAP Controller Overview

 EAP Controller Intro

EAP Controller is a B/S software for windows. The controller software includes such administrative
features as centralized configuration, real-time monitoring, and graphical analysis of network traffic.
When it is running, you can remotely operate it via browser.

Highlights of EAP Controller:


1. Free controller software means no expensive hardware controller required
2. Monitor traffic usage in real-time with clear and easy-to-read graphs.
3. Customizable Maps for intuitive Wi-Fi management experience.
4. Manage hundreds of EAPs at different locations, supporting different models.
5. Batch firmware update support for effective administration.
6. Portal and voucher authentication supported.
EAP 110 EAP 120 EAP 220

EAP Controller

Wired LAN
WNMS All EAP devices in the same LAN can be managed by the EAP Controller.
EAP Controller Overview

 Typical Topology

Typically a PoE switch is used to provide power for each EAP (except EAP110). Otherwise each EAP must be powered
with a power adapter individually.

A DHCP server is required in the local network to assign IP addresses to the EAPs. Once the LAN port is connected, the
EAP will try obtaining an IP address via DHCP. If there is no DHCP server available in LAN, the EAP will assigned itself
with the address 192.168.0.254 and there will be IP conflict in below scenario.

EAP 110 EAP 120 EAP 220

EAP Controller

Wired LAN
WNMS All EAP devices in the same LAN can be managed by the EAP Controller.
 Typical Topology cont.

If the controller server is located in Internet please refer to FAQ913 for the configuration.
EAP Controller Overview
 How to manage a network with EAP Controller

First of all, the EAP should be adopted by EAP Controller.


Once a EAP is adopted, its settings will be synchronized to the EAP controller settings.

Users can manage all adopted EAPs synchronously via the EAP Controller. Every setting
you configured will then be distributed to all adopted EAPs.

Install and run Networking as


EAP Controller Adopt EAPs Settings Monitor
the topology

EAP Controller

Wired LAN

configuration

Users can manage all adopted EAPs synchronously via the EAP Controller.
EAP Controller Overview

 EAP Controller Interface


EAP Controller’s UI contains 3 sections.
Section A: Common options
Section B: Monitor area
Section C: Settings
Status of EAP
Status of EAP
 Status of EAPs

Standalone mode
Pending Could be managed individually

The settings will be Adopt


changed when the
Forget Status of EAP
EAP is adopted. Reconnected
(re-adopt failed)

Device is
unreachable

Connected Disconnected
Reconnected
Managed mode (Auto re-adopt) Standalone mode
Managed via EAP Controller Could be managed individually
Status of EAP
 Adopt EAPs
Go to Pending

If these EAPs got the


same username and
password, we can use
Batch Adopt.

1. Only the pending one could be adopted.


Click here to
2. If these EAPs got the same username and password, we
adopt EAP
can use Batch Adopt.

3. All settings including username and password, SSID and


Wireless Security, will be changed to the same of EAP Fill the User
controller settings when adopted Account of EAP
Device to adopt it
4. The Web Interface is forbidden once being adopted. We
can only configure it via EAP Controller
Status of EAP
 Forget this AP
Go to Connected, click on Name/Mac Address  Configuration  Forget this AP

Turned to a
pending one

Click on the Name/Mac


Address in the connected
list, this page will come out.
1. The EAP will turn to a Pending one. It
can be managed individually via Web
Interface.

2. The EAP device will be restored to


factory default.

3. It can be adopted again.


Status of EAP

 Standalone mode

Once forget this AP, the EAP will turn to Standalone mode.

A EAP of standalone mode works independently and won’t be synchronized with the
EAP Controller configuration any more. Thus users must login the standalone EAP’s
web interface via its own IP address to configure it individually.

Standalone mode is the default mode. Under the default mode, once adopted by EAP
Controller, the EAP’s settings will be synchronized to what you set with the controller.

Standalone EAP

EAP Controller

Wired LAN

configuration
Wired LAN

Log in the standalone EAP via web interface


Monitor Section
Monitor Section

 Monitor Section Overview

In this section, you can easily catch all information of your EAP network.

Map: Customize Maps, place APs, locate APs, configure APs


Statistics: a visual representation of the network traffic of managed EAPs
Access Points: List all EAPs sorted by status
Client: List all clients, including users and guests
Insight: List the flow and access time of clients. Find out rogue APs
Log: List all EAPs’ log
Monitor Section

 Customized map
Customized map feature on EAPs Controller is designed to manage these EAPs more
conveniently. You can add your customized map and then place the EAPs to the
corresponding position on the map. When one of them goes wrong, or you want to
configure the specified EAPs, you can easily locate it via your customized map.
The coverage may not be so accurate as the actual situation

You can add or


delate maps

Drag it into the


map from the list
Set the map
scale here
Monitor Section

 AP details

On the map, you can click on certain AP. The gear icon is for details and private settings of this
AP.

The dash icon is for removing this AP from this map.

The lock icon is for fixing the position of this AP. When it is locked on, you can’t drag or remove
this AP from the map, and you can’t configure the private settings.
*You can also get into AP details by click the Name/MAC address in the connected AP list
Monitor Section

 Real-time Monitor & Statistics


Network Status: Graphically display client distribution and network traffic
1. A visual chart of client distribution based on SSID
2. Intuitive view of client traffic and distribution on the most active EAPs
3. A graphic representation of recent client and traffic statistics
4. A ‘Quick Look ‘ of the most active EAPs and clients
Monitor Section

 Intuitive EAP Monitoring and Management


Monitor all EAPs information and management on the same network

 Traffic Statistics, Signal Quality, Client Management


Keep track of all users’ information
Settings Section
Settings Section

 Settings Section Overview

In this section you can configure all global settings of your EAP network and EAP
controller.

Wireless Settings: Add wireless networks and configure wireless parameters

Wireless Control: Wireless control scenario including Portal, MAC filter and so on

System: System settings of EAP Controller

Admin: User account management


Settings Section

 User Account Management

EAP Controller user account management: Convenient for privilege control, making your
network more secure

Admin: All settings and Account Management


Operator: All settings except Account Management
Observer: Only check status but no privilege for settings
Settings Section
 Retrieve password of User Account of EAP Controller
Q: What if I forget the password of User Account of administrator?

A:It is recommended to set Admin  Controller Settings  Mail server. Once you forget the admin
password, you can click on forgot password, and this mail server will send you an email to reset your
password. Other role accounts can be modified by admin account.
EAP Controller Settings

 User Account VS Device Account


People may be confused about the differences between User Account and Device Account. Here is
a comparison.
User Account of EAP Device Account User Account of EAP
Controller Device
(EAP Controller) (EAP Controller) (Standalone mode)
Unified Management of
Use for What Login EAP Controller the User Account of EAP Adopt/Login EAP Device
device
Set up by administrator All the same as the admin/admin by factory
Initialize when first time running initialized User Account of
EAP Controller EAP Controller default

How to change Admin  User Setting System  Device System  User Account
Account (Standalone)
Multi accounts Yes, including admin, No No
supported? operator and observer

Forget password? Retrieve password by Go to Device Account to Reset the AP


email or re-install software check it out

Device Account is a Unified Management of User Account of EAP Device. EAP Controller use User
Account of EAP Device to adopt EAPs. The Device Account will be pushed to the adopted EAPs,
adopted EAPs will save it as the User Account of EAP Device.
EAP Controller Settings
 A action flow example for the three Accounts
Action Flow User Account of User Account of
Device Account
EAP Controller EAP Device

Just bought it N/A N/A admin/admin


(factory default)

*1
EAP Controller Create by user admin/admin
tplink/tplink
installed e.g. tplink/tplink

*2
Adopted tplink/tplink tplink/tplink tplink/tplink

*3
Changed Changed to e.g. Changed to e.g.
user/admin uncorrelated
admin/tplink admin/tplink

Forgot this AP user/admin admin/tplink admin/admin

* 1: This only happens when installing EAP Controller. When User Account of EAP Controller changed, it won’t be pushed to Device Account.

* 2: EAP Controller use admin/admin to adopt EAPs. tplink/tplink will be pushed to the adopted EAPs, adopted EAPs will save it as the User
Account of EAP Device..

* 3: When Device Account is changed, the User Account of EAP Device of adopted EAPs will be changed synchronously.
Functions Intro
Functions Intro
 Captive Portal Authentication

In a traditional networking environment, a user can access network resource as long as


connected to an access point/router. However, a WLAN service provider may need to
control user access in places such as campuses, hotels and companies, allowing only
legitimate users to access the network using their accounts and passwords. Compared with
802.1x and PPPoE technologies which have to work with client software, Captive Portal
authentication offers a more flexible access control method.
Functions Intro
 Captive Portal Authentication
Q: What’s the advantages of captive portal compared with other access control methods?

A: Captive Portal authentication has the following advantages:


1. It authenticates users directly through a web page, no need to install client software.
2. In cooperation with an external radius server, it can provide individual credentials for each user
account.
3. In cooperation with an external portal server, a portal website can present advertisements,
deliver services, and release information.
Functions Intro
 Captive Portal Authentication

EAPs provide built-in local portal and local user authentication and have the ability
to cooperate with external web server and radius server. Pro users can set up an
external web server and radius server for advanced applications.

The following is a typical scenario of Captive Portal authentication.

External portal web server

External radius server

*Refer to the online FAQs to learn how to setup captive portal authentication.
Functions Intro
 Voucher Authentication (Hotspot)

With voucher authentication the administrator can create a bunch of random voucher codes and
print them out beforehand. The access duration of the voucher codes can be customized. When
users want to access internet the administrator can hand the voucher out. It is especially
convenient for business such as café, hotel and alike.

EAP controller server as hotspot

*Keep the controller running if voucher authentication is enabled.


Functions Intro
 Voucher Authentication (Hotspot) configuration

For detailed configuration refer to FAQ 915


 Voucher Authentication (Hotspot) configuration cont.
 Voucher Authentication (Hotspot) configuration cont.
Functions Intro
 Portal authentication type comparison

Password uniqueness Extra external server required?


Simple password N N
Hotspot(voucher) Y N
External Radius server Y Y, require Radius server
External portal server Depends on portal Y, require portal server and
server authentication server
implementation
Functions Intro
 Reboot Schedule

Reboot the EAP device at off-peak hours regularly for better robustness.

This reboot schedule applies for all the EAPs under control.
Functions Intro
 Rate limit per SSID
Use rate limit to prevent a wireless client from occupying too much bandwidth.
 Rate limit per SSID cont.
Functions Intro
 Access control
Use access control to specify the access rights of the wireless client. We can use this
feature to implement some kind of guest network (only internet access, no access to
wired LAN).
Before: Wireless client can ping one of the wired computer
Functions Intro
 Access control cont.
After: Wireless client cannot ping the wired computer but can access Internet
Functions Intro
 Block
Block a wireless client which abuses bandwidth

Go to Insight to unblock the client.


Functions Intro

 Scheduler
With the Scheduler function, you can set up a schedule plan to turn on/off the AP radio
so that you can manage the available periods of your wireless network.

Refer to the User Guide to learn more about the settings


Functions Intro

 Scheduler cont.

Refer to the User Guide to learn more about the settings


Functions Intro
 AP load balance

As a single AP’s load capacity is finite, a high user-density environment will need multiple
APs to provide Wi-Fi service and share the load. But those APs are usually set with the same
SSID. In this case clients will detect all available APs and pick up one among them to
connect. This could be a problem because too many clients may accidentally attempt to
connect to the same AP, which makes that AP overloaded while the other APs’ resources
wasted.
Functions Intro
 AP load balance

AP load balance is a function aims at


balancing the load between the APs. AP
load balance could be very complicated
and powerful on high-end products.

Set Max Associated Clients to keep the


load of the EAP to a fair level. Use RSSI
Threshold to kick-off the client with low
signal strength and force them to
reconnect to a nearby EAP for better
performance.

On EAP Controller, we can limit the


maximum number of associated clients for
every EAP by enabling Load Balance in AP
details  Configuration  Load Balance.
Tips for Large WLAN Deployment
Tips for Large WLAN Deployment
 Channel Distribution

No matter how powerful a single AP can be, the limited radio frequency resource is always the
bottleneck of a WLAN. As introduced before, to provide reliable Wi-Fi service for a high user-
density environment, multiple EAPs with load balance are necessary. Besides, WLAN
administrators are also recommended to use isolated channels on adjacent EAPs to make the
best use of the limited channel resource.

In 802.11n 2.4 GHz band there are only 3 isolated


channels at most, which are channel 1, 6, 11.
Using isolated channels on adjacent EAPs can
reduce interference as well as to increase WLAN
capacity.

2.4 GHz
1 6 11

*There are much more channels in 5 GHz band. EAP220


can provide extra network capacity for 5GHz devices.

5 GHz 36 44 52 161

Click here to learn more details about WLAN channel


Tips for Large WLAN Deployment
 Proper Transmit Power

In order to serve more clients in a particular area, we need to add more EAPs. As the
density of EAP increase, EAPs of the same channel are more likely to interfere each other.
Using lower output power can also reduce interference among the EAPs.

High output power

One EAP is covered by the signal from the


other EAP of the same channel. In this case
they must compete for using the channel.

Lower output power


Every EAP serves its own area with smaller
signal coverage. They won’t interfere each
other. And clients can still roam across the
adjacent EAPs’ coverage.
Comparison with Competitive Products
Comparison with Competitive Products

 Comparable Products

Company NETGEA
TP-LINK UBNT D-LINK Cisco SB EnGenius
R
Standard
N300 DWL-
EAP110 Unifi UAP – WAP121 EAP9550
FE 2600AP

N300 DWL-
EAP120 – WNAP320 – EAP350
FE 3600AP

N600 WNDAP36 DWL-


EAP220 Unifi AP-Pro – EAP600
GE 0 6600AP

N300/600: 300Mbps/600Mbps wireless speed


FE: Fast Ethernet port
GE: Gigabit Ethernet
Comparison with Competitive Products
 Performance Comparison

EAP110 VS UniFi UAP

Downstream Throughput (Mbps)


100.0 94.794.7 93.289.7
79.3
80.0

60.0 49.2
41.3
36.0
40.0
25.6
16.7
20.0 9.2 5.5
0.0
1.0 10.0 20.0 30.0 40.0 50.0

TPLINK EAP110 UBNT Unifi UAP

*All wireless performance tests were conducted through obstacles (such as walls).
Comparison with Competitive Products
 Performance Comparison

EAP120 VS WNAP320

Upstream Throughput/Mbps Downstream Throughput/Mbps


201.4
200.0 175.1
200.0 178.6
169.6

150.0 150.0
116.6
95.8
100.0 100.0 79.285.7
63.1
50.0 31.2 37.9 34.8 50.0 36.230.2
18.8 18.1 22.0
3.8 11.8 14.25.0 6.9 1.8
0.0
0.0 0.0
1m 10m 20m 30m 40m 50m 1m 10m 20m 30m 40m 50m

TP-LINK EAP120 Netgear WNAP320 TP-LINK EAP120 Netgear WNAP320

*All wireless performance tests were conducted through obstacles (such as walls).
Comparison with Competitive Products
 Performance Comparison
EAP220 VS UniFi UAP-Pro

2.4GHz Upstream Throughput (Mbps) 2.4GHz Downstream Throughput(Mbps)


200.0 175.5 200.0 178.6
169.6 167.1
172.4
150.0 150.0
92.086.1
100.0 100.0 85.7
57.653.5 62.5
51.8
50.0 31.636.9
19.021.7 18.1 50.0 30.2
5.3 11.8 14.2 5.0 14.6 1.1
0.0 0.0
1m 10m 20m 30m 40m 50m 1m 10m 20m 30m 40m 50m

TP-LINK EAP220 UBNT Unifi AP-PRO TP-LINK EAP220 Netgear WNDAP360

5GHz Upstream Throughput (Mbps) 5GHz Downstream Throughput (Mbps)


120 104.046 120 106.383
100 100
80 61.29560.089 80 64.373 59.31
60 60
33.96430.033 30.139
40 40 24.301 19.781
18.663 18.43
20 4.214 4.505 9.345
20 4.138 3.907 4.4176.652
0 0
5m 10m 20m 30m 35m 5m 10m 20m 30m 35m

TP-LINK EAP220 UBNT UAP-Pro TP-LINK EAP220 UBNT UAP-Pro

*All wireless performance tests were conducted through obstacles (such as walls).
Comparison with Competitive Products

SUMMARY:

 The performance of EAP device(EAP110/120/220) are better than the same level
products of UBNT.

 EAP Controller doesn’t support Multi-Site Management (set group for different EAPs and
each group use different configuration). We will implement this feature in future release.
Q&A and Troubleshooting
Q&A

Q1: When do I choose Cluster mode, and When to choose EAP Controller?

A: We can switch the management mode by flash the corresponding firmware. But there are
some limitations of the cluster mode. For example, other EAP devices can’t join the cluster, one
cluster can’t handle more than 24 devices.
That is to say, if you got more than 24 pcs of EAPs or you have different EAP model in your
network, the EAP Controller would be the better choice. Otherwise the cluster mode would be fit
for you too.

Q2:Should I keep the controller running after I have finished the settings?

EAP can run by themselves without the controller. You don't have to keep the controller
running after the configuration unless you have enabled portal function. However it is
recommended to keep the controller running for monitor purpose and scheduled
operation.

Q3:How many clients does one AP supported?

The maximum clients number is 100, and the recommend clients number is 35 for one AP.
Q&A
Q4:Which is the right TP-LINK EAP for me?
Troubleshooting

T1: Why cannot I login to the EAP's management interface?

Case 1: 403 Forbidden


Once EAP is adopted by the EAP controller you can only change the configuration and
check the status of the EAP through the EAP controller. If you try to access the EAP‘s
management interface you will receive an error page in the browser.
Case 2: Username or password incorrect
The User Account of EAP Device will be changed to Device Account for unified
management. While one EAP being forgotten/disconnected from the EAP Controller, all
settings keep the same as before being forgotten. So the User Account of EAP Device is the
same as the Device Account now.

T2:I have enabled portal but after I connect to the guest network it will not
redirect me to the portal page when I try to access google. What should I do?

Google and some other websites uses https but https cannot be redirected. Please try to
visit any http websites.
Troubleshooting

T3: Why I see the below page when use IE to connect to EAP controller on Windows
Server 2012?
T3: Why I see the below page when use IE to connect to EAP controller on Windows
Server 2012?(cont.)

By default the security level of IE on server 2012 is high which will disable scripting. However when
access EAP controller Javascript needs to be loaded. We are sure that the Javascript of the EAP
controller is quite safe so we can add EAP controller server IP to trusted site.
Reversion History

Time Version Remark Author


12/4/2014 V1 Initial Release Rick Li
1/29/2015 V2 For EAP Controller Sheldon Lu
6/23/2015 V3 For EAP Controller James Yang
7/20/2015 V4 Add feature intro for Luke Wang
EAP controller 2.0.3