TP-Link FESTA FS352GP 52-Port Gigabit Smart Switch User Manual

User Guide

Festa Cloud-Based Controller

About this Guide

This User Guide provides information for centrally managing TP-Link devices via the Festa Cloud-

Based Controller. Please read this guide carefully before operation.

Intended Readers

This User Guide is intended for network managers familiar with IT concepts and network terminologies.

Conventions

When using this guide, notice that:

■ Features available in the Festa Cloud-Based Controller may vary due to your region, controller

version, and device model. All images, steps, and descriptions in this guide are only examples and may

not reflect your actual experience.

■ The information in this document is subject to change without notice. Every effort has been made

in the preparation of this document to ensure accuracy of the contents, but all statements, information,

and recommendations in this document do not constitute the warranty of any kind, express or implied.

Users must take full responsibility for their application of any products.

■ This guide uses the specific formats to highlight special messages. The following table lists the

notice icons that are used throughout this guide.

In this guide, the following conventions are used:

Controller Stands for the Festa Cloud-Based Controller.

Gateway Stands for the Festa Gateway.

Switch Stands for the Festa Switch.

AP Stands for the Festa AP.

Note

The note contains the helpful information for a better use of the Controller.

Configuration Guidelines

Provide tips for you to learn about the feature and its configurations.

More Information

■ For technical support, the latest version of the User Guide and other information, please visit

https://www.tp-link.com/support/?type=smb.

■ To ask questions, find answers, and communicate with TP-Link users or engineers, please visit

https://community.tp-link.com/business to join TP-Link Community.

CONTENTS

About this Guide

Festa Cloud-Based Controller Solution Overview

Overview ....................................................................................................................................................................... 2

Core Components .................................................................................................................................................... 3

Get Started with Festa Cloud-Based Controller

Set Up Your Festa Cloud-Based Controller .................................................................................................... 6

Navigate the Controller UI ...................................................................................................................................... 7

Configure Controller Settings ............................................................................................................................11

System Settings .................................................................................................................................................................. 11

Controller Settings ............................................................................................................................................................. 12

Manage Account .....................................................................................................................................................15

Introduction to User Accounts and Role ............................................................................................................... 15

Create and Manage User Accounts ......................................................................................................................... 15

Manage and Configure Sites

Create Sites ............................................................................................................................................................... 18

Configure Site Settings .........................................................................................................................................21

Site Configuration ............................................................................................................................................................... 21

Services .................................................................................................................................................................................... 22

Advanced Features ........................................................................................................................................................... 23

Device Account ................................................................................................................................................................... 25

Manage, Configure, and Monitor Devices

Adopt Devices .......................................................................................................................................................... 28

Introduction to the Devices Page ....................................................................................................................30

Configure and Monitor the Gateway ................................................................................................................ 34

Configure the Gateway .................................................................................................................................................... 34

Monitor the Gateway ......................................................................................................................................................... 43

Configure and Monitor Switches .......................................................................................................................46

Configure Switches ........................................................................................................................................................... 46

Monitor Switches ................................................................................................................................................................ 68

Configure and Monitor APs .................................................................................................................................72

Configure APs ....................................................................................................................................................................... 72

Monitor APs ........................................................................................................................................................................... 83

Configure the Network with the Festa Cloud-Based Controller

Configure Wired Networks ..................................................................................................................................94

Set Up an Internet Connection ................................................................................................................................... 94

Configure LAN Networks ............................................................................................................................................. 112

Configure Wireless Networks .......................................................................................................................... 125

Set Up Basic Wireless Networks ............................................................................................................................. 125

Advanced Settings ......................................................................................................................................................... 130

WLAN Schedule ................................................................................................................................................................ 131

802.11 Rate Control ....................................................................................................................................................... 132

MAC Filter ............................................................................................................................................................................. 133

Multicast/Broadcast Management ........................................................................................................................ 134

Network Security .................................................................................................................................................. 136

ACL .......................................................................................................................................................................................... 136

URL Filtering ........................................................................................................................................................................ 145

Transmission .......................................................................................................................................................... 149

Routing ................................................................................................................................................................................... 149

Bandwidth Control ........................................................................................................................................................... 152

Port Forwarding ................................................................................................................................................................ 154

Configure VPN ....................................................................................................................................................... 157

VPN .......................................................................................................................................................................................... 157

VPN User............................................................................................................................................................................... 184

Create Profiles ....................................................................................................................................................... 187

Time Range ......................................................................................................................................................................... 187

Groups ................................................................................................................................................................................... 189

Rate Limit .............................................................................................................................................................................. 191

Authentication ....................................................................................................................................................... 194

Portal ....................................................................................................................................................................................... 194

RADIUS Profile ................................................................................................................................................................... 199

Services ................................................................................................................................................................... 202

Dynamic DNS ..................................................................................................................................................................... 202

SNMP ...................................................................................................................................................................................... 204

SSH .......................................................................................................................................................................................... 205

IPTV.......................................................................................................................................................................................... 206

Monitor the Network

View the Status of Network with Dashboard ............................................................................................. 210

Page Layout of Dashboard ......................................................................................................................................... 210

Explanation of Widgets ................................................................................................................................................. 211

Monitor the Network with Map ........................................................................................................................ 213

Topology ............................................................................................................................................................................... 213

Heat Map............................................................................................................................................................................... 214

View the Statistics During Specified Period with Insights .................................................................... 220

Past Portal Authorizations .......................................................................................................................................... 220

VPN Status........................................................................................................................................................................... 220

View and Manage Logs ...................................................................................................................................... 224

Alerts ....................................................................................................................................................................................... 224

Events ..................................................................................................................................................................................... 225

Notifications ........................................................................................................................................................................ 226

Monitor the Network with Tools ......................................................................................................................... 227

Network Check .................................................................................................................................................................. 227

Terminal ................................................................................................................................................................................. 228

Monitor and Manage the Clients

Manage Wired and Wireless Clients in Clients Page .............................................................................. 231

Introduction to Clients Page ...................................................................................................................................... 231

Using the Clients Table to Monitor and Manage the Clients ................................................................... 231

Using the Properties Window to Monitor and Manage the Clients ...................................................... 233

Manage Client Authentication in Hotspot Manager ................................................................................ 238

Dashboard ........................................................................................................................................................................... 238

Authorized Clients .......................................................................................................................................................... 238

Vouchers .............................................................................................................................................................................. 239

Form Auth Data ................................................................................................................................................................. 242

Operators ............................................................................................................................................................................. 243

Festa Cloud-Based Controller

Solution Overview

Festa Cloud-Based Controller Solution offers centralized and efficient management for configuring

small and mid-size business networks comprised of security gateways, switches, and wireless access

points.

With a reliable network management platform powered by the TP-Link Festa Cloud-Based Controller,

you can develop comprehensive, software-defined networking across demanding, high-traffic

environments with robust wired and wireless solutions.

The chapter includes the following sections:

• 1 Overview

• 2 Core Components

Festa Cloud-Based Controller Solution Overview

1 Overview

Festa Cloud-Based Controller Solution is designed to provide business-class networking solutions for

demanding, high-traffic environments such as small businesses, home offices, and cafes. It simplifies

deploying and managing large-scale enterprise networks and offers easy maintenance, ongoing

monitoring, and flexible scalability.

This figure shows a sample architecture of a Festa enterprise network:

Gateway

Site C

Site B

Site A

Site E

Site D

Switch

AP AP

Gateway

Switch

AP APAP

Gateway

APAP

Switch

APAP

Gateway

Switch

Gateway

AP APAP

Unied

Management from

One Interface

Gateways

Switches

Access Points

Site A Site B Site C Site D Site E

Festa Cloud-Based Controller

The interconnected elements that work together to deliver a unified enterprise network include: Festa

Cloud-Based Controller, gateways, switches, access points, and client devices. Beginning with a

base of client devices, each element adds functionality and complexity as the network is developing,

interconnecting with the elements above and below it to create a comprehensive, secure wired and

wireless solution.

The Festa Cloud-Based Controller is a command center and management platform at the heart of the

network. With a single platform, the network administrators configure and manage enterprise networks

comprised of gateways, switches, and wireless access points in batches. This unleashes new levels of

management to avoid complex and costly over-provisioning.

Festa Cloud-Based Controller Solution Overview

2 Core Components

A Festa network consists of the following core components:

■ Festa Cloud-Based Controller — A command center and management platform at the heart of

network solution for the enterprise. With the single platform, the network administrators can

configure and manage all the Festa products which have all your needs covered in terms of routing,

switching and Wi-Fi.

■ Gateways — Boast excellent data processing capabilities and an array of powerful functions,

including IPsec/OpenVPN/PPTP/L2TP VPN, Load Balance, and Bandwidth Control, which are ideal

for the business network where a large number of users require a stable, secure connection.

■ Switches — Offer flexible and cost-effective network solution with powerful Layer 2 features and

PoE options. Advanced features such as Access Control will satisfy advanced business networks.

■ Access Points — Satisfy the mainstream Wi-Fi Standard and address your high-density access

needs with TP-Link’s innovation to help you build the versatile and reliable wireless network for all

business applications.

Festa Cloud-Based Controller

The Festa Cloud-Based Controller is deployed on the Festa Cloud server. With free cloud access, you

can configure and manage the devices via the Cloud Service.

Cloud Server

Cloud Controller

Internet

Festa Gateway

Festa Switch

Festa Access Points

...

In this guide, the Festa Cloud-Based Controller is referred to as the Controller.

Gateways

TP-Link’s Festa Gateway supports Gigabit Ethernet connections on both WAN and LAN ports which

keep the data moving at top speed. Including all the routing and network segmentation functions that

a business gateway must have, the Festa Gateways will be the backbone of the network. Moreover,

Festa Cloud-Based Controller Solution Overview

the gateways provide a secure and easy approach to deploy site-to-site VPN tunnels and access for

remote clients.

Switches

TP-Link’s Festa Switch provides high-performance and enterprise-level security strategies and lots of

advanced features, which is an ideal access-edge for the network.

Access Points

TP-Link’s Festa Access Point provides business-class Wi-Fi with superior performance and range

which guarantees reliable wireless connectivity for the network.

Get Started with Festa Cloud-Based

Controller

This chapter guides you on how to get started with the Festa Cloud-Based Controller to configure the

network. The chapter includes the following sections:

• 1 Set Up Your Festa Cloud-Based Controller

• 2 Navigate the Controller UI

• 3 Configure Controller Settings

• 4 Manage Account

Get Started with Festa Cloud-Based Controller

1 Set Up Your Festa Cloud-Based Controller

Festa Cloud-Based Controller Solution is designed for scalable networks. Deployments and

configurations vary according to actual situations. Understanding your network requirements is the

first step when planning to provision any project. After you have identified these requirements, follow

the steps below to initially set up the Cloud-Based Controller:

1. Make sure that your devices can access the internet.

2. Launch a web browser and enter https://festa.tplinkcloud.com in the address bar. Enter your TP-

Link ID and password to log in. If you do not have a TP-Link ID, create a TP-Link ID first.

3. Click Add Controller and register for a Festa Cloud-Based Controller. Follow the instructions to

complete the setup process.

4. Add devices with the serial number. Make sure the devices are online and in factory default.

Note:

Festa provides centralized management with free cloud access. Additional fees may apply for adavanced features implemented in the

future.

Get Started with Festa Cloud-Based Controller

2 Navigate the Controller UI

As you start using the management interface of the Controller (Controller UI) to configure and monitor

your network, it is helpful to familiarize yourself with the Controller UI.

■ Overview

Visual data keeps the network administrator informed about the accurate status of every network

device and client on the wired and wireless network.

The Controller UI is grouped into task-oriented menus. These menus are located in the top right-

hand corner and the left-hand navigation bar of the page. Note that the settings and features that

appear in the UI depend on your user account permissions. The following image depicts the main

elements of the Controller UI.

The elements in the top right corner of the screen give quick access to:

Organization Management

Global View — Knowthestatusofallyoursitesataglance,managethesites,configurethecontroller,andmanage

accounts of the controller.

Site View — Knowthestatusofyournetworkataglance,gaininsights,andmanagenetworkdevices.

Hotspot Manager — Centrallymonitorandmanagetheclientsauthorizedbyportalauthentication.

Global Search Feature

Click

and enter the keywords to quickly look up the functions that you want to configure. You can also search for the

devices by their MAC addresses and device names in the Site View.

My Account

Click the account icon

to display account information, Account Settings and Log Out. You can change your

password on Account Settings.

More Settings

Click

to display About and Tutorial.

About: Click to display the controller version.

Tutorial: Click to view the quick Getting Started Guide which demonstrates the navigation and tools available for the

Controller.

Get Started with Festa Cloud-Based Controller

■ Global View

In the Global View, you can know the site status at a glance, manage sites, configure the controller,

and manage accounts of the controller.

• ControllerOverview—Knowthereal-timeoverallstatusoftheController.

Site, which means logically separated network location, is the largest unit for managing networks

with the Cloud-Based Controller. You can simultaneously configure features for multiple devices at

a site.

• Site List—Create, edit, and manage all the sites to deploy the whole network.

• Site Bookmark – Click Bookmark to place frequently-used sites on the top of the list.

Get Started with Festa Cloud-Based Controller

The left-hand navigation bar in the Global View provides access to:

Dashboard displays a summarized view of the Controller. You can add and edit sites in the

dashboard page and check the general status of different sites on the Controller.

Devices displays all TP-Link devices discovered on the site and their general information.

This list view can change depending on your monitoring need through customizing the

columns. You can click any device on the list to reveal the Properties window for more

detailed information of each device and provisioning individual configurations to the

device.

Logs shows log lines about varied activities of users, devices, and systems events, such

as administrative actions and abnormal device behaviors. Comprehensive logs make

historical information more accurate, readily accessible, and usable, which allows for

proactive troubleshooting. You can determine alert-level events and enable pushing

notifications.

Account allows you to add new users, check the basic information of the current user, and

view the permissions of different roles.

Settings allows you to provision and configure all your network devices on the same site in

minutes and maintain the controller system for best performance.

■ Site View

In the specific site, you can know the status of your network at a glance, gain insights, and manage

network devices all in the platform.

• ISP Load and Widgets — Keep you informedof accurate, real-time status of every network

device and client.

Get Started with Festa Cloud-Based Controller

The left-hand navigation bar in the Site View provides access to:

Dashboard displays a summarized view of the network status through different

visualizations. The widget-driven dashboard is a powerful tool that arms you with real-time

data for monitoring the network.

Map generates the system topology automatically and you can look over the provisioning

status of devices. By clicking on each node, you can view the detailed information of each

device. You can also upload images of your location for a visual representation of your

network.

Devices displays all TP-Link devices discovered on the site and their general information.

This list view can change depending on your monitoring need through customizing the

columns. You can click any device on the list to reveal the Properties window for more

detailed information of each device and provisioning individual configurations to the

device.

Clients displays a list view of wired and wireless clients that are connected to the network.

This list view can change depending on your monitoring need through customizing the

columns. You can click any clients on the list to reveal the Properties window for more

detailed information of each client and provisioning individual configurations to the client.

Insights displays a list of statistics of your network device, clients and services during a

specified period. You can change the range of date in one-day increments.

Log shows log lines about varied activities of users, devices, and systems events, such

as administrative actions and abnormal device behaviors. Comprehensive logs make

historical information more accurate, readily accessible, and usable, which allows for

proactive troubleshooting. And you can determine alert-level events and enable pushing

notifications.

Tools provides various network tools for you to test the device connectivity and open

Terminal to execute CLI or Shell commands.

Settings allows you to provision and configure all your network devices on the same site in

minutes and maintain the controller system for best performance.

Get Started with Festa Cloud-Based Controller

3 Configure Controller Settings

Controller Settings control the appearance and behavior of the Controller.

3. 1 System Settings

Select Global View from the drop-down list of Organization in the upper right corner. Go to Settings

> System Settings. Information about the Controller Status will be shown, including Controller Name,

System Time, Uptime, and Controller Version.

Get Started with Festa Cloud-Based Controller

3. 2 Controller Settings

Go to Settings > Controller Settings.

■ General Settings

In General Settings, configure the following parameters.

Controller Name Specify the Controller Name to identify the controller.

Country/Region Select the Country/Region of the Controller according to your location. The configuration of

Country/Region here only takes effect on the Controller. To configure the Country/Region

for sites, go to the Site Configuration.

Time Zone Select the Time Zone of the Controller according to your region. For controller settings and

statistics, time is displayed based on the Time Zone.

Daylight Saving Time Enable the feature if your country/region implements DST.

Time Offset Select the time added in minutes when Daylight Saving Time starts.

Starts On Specify the time when the DST starts. The clock will be set forward by the time offset you

specify.

Ends On Specify the time when the DST ends.The clock will be set back by the time offset you

specify.

Get Started with Festa Cloud-Based Controller

■ User Interface

In User Interface, configure the following settings to customize your interface.

Language Select the language shown in the interface.

Use 24-Hour Time Enable the feature according to your preference.

Statistic/DashBoard

Timezone

Select the timezone shown in the Statistic/Dashboard.

Fixed Menu Enable the feature and the menu column will not come out.

Dark Settings Enable the feature and your interface will be in dark mode.

Show Pending Devices With this option enabled, the devices in Pending status will be shown, and you can

determine whether to adopt them. With this option disabled, they will not be shown, thus

you cannot adopt any new devices.

Refresh Button Enable the option, the Refresh button will be shown on the top right of the interface.

Cloud Firmware

Detection

This option is a global switch. If it is turned off, all cloud firmware detections will not be

executed and prompted.

Devices Update

Notification

With Devices Update Notification enabled, the controller will query the cloud for device

firmware updates.

Get Started with Festa Cloud-Based Controller

■ App-Side Device Notifications

With this function enabled, the controller will send notifications to the app when your devices go online

or offline.

Get Started with Festa Cloud-Based Controller

4 Manage Account

4. 1 Introduction to User Account and Role

■ User

The Festa Cloud-Based Controller offers three levels of access available for users: main administrator,

administrator, and viewer.

Multi-level administrative account presents a hierarchy of permissions for different levels of access to

the controller as required. This approach ensures security and gives convenience for management.

Moreover, in the user account list of the main administrator, all accounts created by the main

administrator will be displayed. The accounts created by each administrator will be hidden by default,

making the interface more systematic and to the point.

■ Role

In Account > Role, three roles corresponding to the user accounts are displayed. You can view the

details or permissions of each role.

• Main Administrator

The Main Administrator has access to all features.

The account who first launches the Controller will be the main administrator. It cannot be changed

and deleted.

• Administrator

Administrators have no permission to some modules, mainly including global view logs and settings.

Administrators can be created and deleted by the main administrator and administrators.

• Viewer

Viewers can view the status and settings of the network, and change the settings in Hotspot

Manager.

The entrance to Account page is hidden for viewers, and they can be created or deleted by the

main administrator and administrators.

4. 2 Create and Manage User Accounts

The Controller automatically sets up the main administrator, which cannot be deleted. The main

administrator can create, edit, and delete other levels of cloud user accounts.

To create and manage cloud user account, follow these steps:

1. Select Global from the drop-down list of Organization in the top-right corner. Go to Account > User.

2. Click Add New User.

Get Started with Festa Cloud-Based Controller

3. Specify the parameters and click Invite.

TP-Link ID Enter an email address of the created cloud user, and then an invitation email will be sent

to the email address.

If the email address has already been registered as a TP-Link ID, it will become a valid

cloud user after accepting the invitation.

If the email address has not been registered, it will receive an invitation email for

registration. After finishing registration, it will automatically becomes a valid cloud user.

Role Select a role for the created cloud user.

Administrator: This role has permissions to adopt and/or manage devices of the sites

chosen in the site privileges, edit itself, create/edit/delete viewer accounts in its privileged

sites. However, it cannot delete itself or edit/delete main administrator and other

administrator accounts.

Viewer: This role can view the information of the sites chosen in the site privileges. It can

only edit itself.

Site Privileges Assign the site permission to the created cloud user.

All: The created user has permission in all sites, including all new-created sites.

Sites: The created user has permission in the sites that are selected. Select the sites by

checking the box before them.

Manage and Congure Sites

Start managing your network by creating and configuring sites so that you can configure and monitor

your devices centrally while keeping things organized. The chapter includes the following sections:

• 1 Create Sites

• 2 Configure Site Settings

ManageandCongureSites

1 Create Sites

Overview

Different sites are logically separated network locations, like different subsidiary companies or

departments. It is best practice to create one site for each LAN (Local Area Network) and add all the

devices within the network to the site, including the gateway, switches and APs.

Gateway

Site C

Site B

Site A

Site E

Site D

Switch

AP AP

Gateway

Switch

AP APAP

Gateway

APAP

Switch

APAP

Gateway

Switch

Gateway

AP APAP

Unied

Management from

One Interface

Gateways

Switches

Access Points

Site A Site B Site C Site D Site E

Festa Cloud-Based Controller

Devices at one site need unified configurations, whereas those at different sites are not relative. To

make the best of a site, configure features simultaneously for multiple devices at the site, such as VLAN

for switches, and SSID and WLAN Schedule for APs, rather than set them up one by one.

Configuration

To create and manage a site, follow these steps:

1 ) Create a site.

2 ) View and edit the site.

3 ) Go into the site.

ManageandCongureSites

Create a Site View and Edit the Site Go Into the Site

To create a site, choose one from the following methods according to your needs.

■ Create a site from scratch

1. In Global View, click +Add New Site in the Site List section.

2. Enter a Site Name to identify the site, and configure other parameters according to where the

site is located. Create a username and password for login to newly adopted devices. Then click

Apply. The new site will be added to the Site List and the drop-down list of Organization.

■ Copy an existing site

You can quickly create a site based on an existing one by copying its site configuration, wired

configuration, and wireless configuration among others. After that, you can flexibly modify the new

site configuration to make it different from the old.

1. In the Site List, click

in the ACTION column of the site which you want to copy.

2. Enter a Site Name to identify the new site. Click Apply. The new site will be added to the Site List

and the drop-down list of Organization.

ManageandCongureSites

Create a Site View and Edit the Site Go Into the Site

After you create the site, you can view the site status in the Site List. You can click the icons in the

ACTION column to edit, copy, delete and launch the site.

Create a Site View and Edit the Site Go Into the Site

To monitor and configure a site, you need first go into the site.

Click the

icon of the site in the Site List to go into the site. Alternatively, select the site from the drop-

down list of Organization.

The Organization field indicates the site which you are currently in. Some configuration items in the menu

are applied to the site which you are currently in, whereas others are applied to the whole controller.

ManageandCongureSites

2 Configure Site Settings

You can view and modify the configurations of the current site in Site Settings, including the basic

site information, centrally-managed device features, and the device account. The features and device

account configured here are applied to all devices on the site, so you can easily manage the devices

centrally.

2. 1 Site Configuration

Overview

In Site Configuration, you can view and modify the site name, location, time zone, and application

scenario of the current site.

Configuration

Select a site from the drop-down list of Organization in the top-right corner, go to Settings > Site, and

configure the following information of the site in Site Configuration. Click Save.

Site Name Specify the name of the current site. It should be no more than 64 characters.

Country/Region Select the location of the site.

Time Zone Select the time zone of the site.

ManageandCongureSites

Network Time Protocol With Network Time Protocol (NTP) enabled, the NTP server will assign network time to the

site. Enter the IP address(es) of the NTP (Network Time Protocol) server.

Daylight Saving Time Enable the feature if your country/region implements DST. When it is enabled, the icon

will appear on the upper right, showing the DST settings and status.

Time Offset Select the time added in minutes when Daylight Saving Time starts.

Starts On Specify the time when the DST starts. The clock will be set forward by the time offset you

specify.

Ends On Specify the time when the DST ends.The clock will be set back by the time offset you

specify.

Application Scenario Specify the application scenario of the site. To customize your scenario, click Create New

Group in the drop-down list.

2. 2 Services

Overview

In Services, you can view and modify the features applied to devices on the current site. Some features

are applied to all devices, such as LED, while some are applied to APs only, such as Channel Limit and

Mesh.

Configuration

Select a site from the drop-down list of Sites in the top-right corner, go to Settings > Site, and configure

the following features for the current site in Services. Click Save.

ManageandCongureSites

LED Enable or disable LEDs of all devices in the site.

By default, the device follows the LED setting of the site it belongs to. To change the LED

setting for certain devices, refer to Manage, Configure, and Monitor Devices.

Channel Limit (For Outdoor APs) When enabled, outdoor APs do not use the channel with the frequency

ranging from 5150 MHz to 5350 MHz to meet the local laws and regulations limit in EU

countries.

Mesh When enabled, APs supporting Mesh can establish the mesh network at the site.

Connectivity Detection (For APs in the mesh network) Specify the method of Connection Detection when mesh is

enabled.

In a mesh network, the APs can send ARP request packets to a fixed IP address to test the

connectivity. If the link fails, the status of these APs will change to Isolated.

Auto (Recommended): Select this method and the mesh APs will send ARP request packets

to the default gateway for the detection.

Custom IP Address: Select this method and specify a desired IP address. The mesh APs

will send ARP request packets to the custom IP address to test the connectivity. If the IP

address of the AP is in different network segments from the custom IP address, the AP will

use the default gateway IP address for the detection.

Full-Sector DFS (For APs in the mesh network) With this feature enabled, when radar signals are detected on

current channel by one AP, the other APs in the mesh network will be also informed. Then

all APs in the mesh network will switch to an alternate channel.

To enable this feature, enable Mesh first.

LLDP Click the checkbox to enable LLDP (Link Layer Discovery Protocol) for device discovery

and auto-configuration of VoIP devices.

Advanced Features

(For APs) When enabled, you can configure more features for APs in Advanced Features.

When disabled, these features keep the default settings.

For detailed configuration, refer to Advanced Features.

2. 3 Advanced Features

Overview

Advanced features include Fast Roaming, Band Steering, and Beacon Control. They are applicable to

APs only. With these advanced features configured properly, you can improve the network’s stability,

reliability and communication efficiency.

Advanced features are recommended to be configured by network administrators with the WLAN

knowledge. If you are not sure about your network conditions and the potential impact of all settings,

keep Advanced Features disabled in Services to use their default configurations.

ManageandCongureSites

Configuration

Select a site from the drop-down list of Organization in the top-right corner, go to Settings > Site,

and enable Advanced Features in Services first. Then configure the following features in Advanced

Features. Click Save.

Fast Roaming With this feature enabled, wireless clients that support 802.11k/v can improve fast roaming

experience when moving among different APs.

By default, it is disabled. This feature is available for some certain devices.

Dual Band 11k Report When disabled, the controller provides neighbor list that contains only neighbor APs in the

same band with which the client is associated.

When enabled, the controller provides neighbor list that contains neighbor APs in both

2.4 GHz and 5 GHz bands.

This feature is available only when Fast Roaming is enabled. By default, it is disabled.

Force-Disassociation With this feature disabled, the AP only issues an 802.11v roaming suggestion when a

client’s link quality drops below the predefined threshold and there is a better option of AP,

but whether to roam or not is determined by the client.

With this feature enabled, the AP will force disassociate the client if it does not re-associate

to another AP.

This feature is available only when Fast Roaming is enabled. By default, it is disabled.

ManageandCongureSites

Band Steering Band steering can adjust the number of clients in 2.4 GHz and 5 GHz bands to provide

better wireless experience.

When enabled, multi-band clients will be steered to the 5 GHz band according to the

configured parameters. This function can improve the network performance because the 5

GHz band supports a larger number of non-overlapping channels and is less noisy.

Beacon Control Beacons are transmitted periodically by the AP to announce the presence of a wireless

network for the clients. Click

, select the band, and configure the following parameters of

Beacon Control.

Beacon Interval: Specify how often the APs send a beacon to clients. By default, it is 100.

DTIM Period: Specify how often the clients check for buffered data that are still on the AP

awaiting pickup. By default, the clients check for them at every beacon.

DTIM (Delivery Traffic Indication Message) is contained in some Beacon frames indicating

whether the AP has buffered data for client devices. An excessive DTIM interval may reduce

the performance of multicast applications, so we recommend that you keep the default

interval, 1.

RTS Threshold: RTS (Request to Send) can ensure efficient data transmission by avoiding

the conflict of packets. If a client wants to send a packet larger than the threshold, the RTS

mechanism will be activated to delay packets of other clients in the same wireless network.

We recommend that you keep the default threshold, which is 2347. If you specify a

low threshold value, the RTS mechanism may be activated more frequently to recover

the network from possible interference or collisions. However, it also consumes more

bandwidth and reduces the throughput of the packet.

Fragmentation Threshold: Fragmentation can limit the size of packets transmitted over the

network. If a packet to be sent exceeds the Fragmentation threshold, the Fragmentation

function will be activated, and the packet will be fragmented into several packets. By

default, the threshold is 2346.

Fragmentation helps improve network performance if properly configured. However, too

low fragmentation threshold may result in poor wireless performance because of the

increased message traffic and the extra work of dividing up and reassembling frames.

Airtime Fairness: With this option enabled, each client connecting to the AP can get the

same amount of time to transmit data so that low-data-rate clients do not occupy too much

network bandwidth and network performance improves as a whole. We recommend you

enable this function under multi-rate wireless networks.

2. 4 Device Account

You can specify a device account for all adopted devices on the site in batches. Once the devices

are adopted by the Controller, their username and password become the same as settings in Device

Account to protect the communication between the controller and devices. By default, the username

is admin and the password is generated randomly.

ManageandCongureSites

Select a site from the drop-down list of Organization. Go to Settings > Site and modify the username

and password in Device Account. Click Save and the new username and password are applied to all

devices on the site.

Manage, Congure, and Monitor

Devices

This chapter guides you on how to manage, configure and monitor controller-managed devices,

including gateways, switches and APs. You can configure the devices individually or in batches to

modify the configurations of certain devices. The chapter includes the following sections:

• 1 Adopt Devices

• 2 Introduction to the Devices Page

• 3 Configure and Monitor the Gateway

• 4 Configure and Monitor Switches

• 5 Configure and Monitor APs

Manage,Congure,andMonitorDevices

1 Adopt Devices

Overview

After you create a site, add your devices to the site by making the controller adopt them. Make sure that

your devices in each LAN are added to the corresponding site so that they can be managed centrally.

Gateway

Site C

Site B

Site A

Site E

Site D

Switch

AP AP

Gateway

Switch

AP APAP

Gateway

APAP

Switch

APAP

Gateway

Switch

Gateway

AP APAP

Unied

Management from

One Interface

Gateways

Switches

Access Points

Site A Site B Site C Site D Site E

Festa Cloud-Based Controller

Configuration

To adopt the devices on the Controller, follow these steps:

1 ) Connect to the internet.

2 ) Adopt the devices.

Manage,Congure,andMonitorDevices

Connect to the Internet Adopt the Devices

1. Set up the network.

Make sure that your devices are connected to the internet.

Switch

LAN 1

Gateway A

AP AP

Internet

Unied

Management from

One Interface

Gateway

Switch

APs

Site

Festa Cloud-Based

Controller

If you are using firewalls in your network, make sure that the firewall does not block traffic from the

Controller. To configure your firewall policy, you may want to know the URL of the Controller. After

you open the web page of the Controller, you can get the URL from the address bar of the browser.

2. (Optional) Test the network.

If you are not sure whether the devices are connected to the internet, it is recommended to do the

ping test from the devices to a public IP address, such as 8.8.8.8.

If the ping result shows the packets are received, it implies that the devices are connected to the

internet. Otherwise, the devices are not connected to the internet, and you need to check your

network.

Connect to the Internet Adopt the Devices

On the controller configuration page, go into the site where you want to add the devices. Go to Devices

and click +Add Devices. Use the S/N to add your devices to the Controller. Once the devices are

adopted, they are subject to central management in the site.

Manage,Congure,andMonitorDevices

2 Introduction to the Devices Page

Overview

The Devices page displays all TP-Link devices discovered by the Controller and their general information.

For an easy monitoring of the devices, you can customize the column and filter the devices for a better

overview of device information. Also, quick operations and Batch Edit are available for configurations.

According to the connection status, the devices have the following status: PENDING, ISOLATED,

CONNECTED, MANAGED BY OTHERS, HEARTBEAT MISSED, and DISCONNECTED. The icons in the

Status column are explained as follows:

The device is in Standalone Mode or with factory settings, and has not been adopted

by the Controller. To adopt the device, click , and the Controller will use the default

username and password to adopt it. When adopting, its status will change from

ADOPTING, PROVISIONING, CONFIGURING, to CONNECTED eventually.

(For APs in the mesh network) The AP once managed by the Controller via a wireless

connection now cannot reach the gateway. You can rebuild the mesh network by

connecting it to an AP in the CONNECTED status, then the isolated AP will turn into a

connected one. For detailed configuration, refer to Mesh.

The device has been adopted by the Controller and you can manage it centrally. A

connected device will turn into a pending one after you forget it.

The device has already been managed by another Controller. You can reset the device or

provide the username and password to unbind it from another controller and adopt it in

the current Controller.

A transition status between CONNECTED and DISCONNECTED.

Once connected to the Controller, the device will send inform packets to the Controller in

a regular interval to maintain the connection. If the Controller does not receive its inform

packets in 30 seconds, the device will turn into the HEARTBEAT MISSED status. For a

heartbeat-missed device, if the Controller receives an inform packet from the device in

5 minutes, its status will become CONNECTED again; otherwise, its status will become

DISCONNECTED.

The connected device has lost connection with the Controller for more than 5 minutes.

Manage,Congure,andMonitorDevices

(For APs in the mesh network) When this icon appears with a status icon, it indicates the

AP with mesh function and no wired connection is detected by the Controller. You can

connect it to an uplink AP through Mesh.

Configuration

■ Customize the Column

To customize the columns, click

next to Action and check the boxes of information type.

To change the list order, click the column head and

will appear to indicate the ascending or

descending order.

■ Filter the Devices

Use the search box and tab bar above the table to filter the devices.

To search the devices, enter the text in the search box or select a tag from the drop-down list. As

for the device tag, refer to the general configuration of switches and APs.

To filter the devices, a tab bar is above the table to filter the devices by

device type. You can also filter the devices by their status by clicking

in the Status column.

If you select the APs tab, another tab bar

will be available to

change the column quickly.

Overview Displays the device name, IP address, status, model, firmware version, uptime, clients,

download traffic, upload traffic, and channel by default.

Mesh Displays the information of devices in the mesh network, including the device name,

IP address, status, model, uplink device, channel, and the number of downlink devices,

clients and hops by default.

Performance Displays the device name, IP address, status, uptime, channel, the number of 2.4 GHz

and 5 GHz clients, Rx rate, and Tx rate by default.

Manage,Congure,andMonitorDevices

Config Displays the device name, status, version, WLAN group, and the radio settings for

2.4 GHz and 5 GHz by default.

■ Quick Operations

Click the icons in Header or the Action column to quickly adopt, locate, upgrade, or reboot the

device.

Click to upgrade the managed devices in batches.

Click to check if there is new firmware for the managed devices.

(For pending devices) Click to adopt the device.

(For connected switches and APs) Click this icon and the LEDs of the device will flash

to indicate the device’s location. The LEDs will keep flashing for 10 minutes, or you can

click the

icon to stop the flashing.

(For connected devices) Click to reboot the device.

Click to upgrade the device’s firmware version. This icon appears when the device has

a new firmware version.

■ Batch Edit (for Switches and APs)

After selecting the Gateway/Switches or APs tab, you can adopt or configure the switches or

APs in batches. Batch Config is available only for the devices in CONNECTED/DISCONNECTED/

HEARTBEAT MISSED/ISOLATED status, while Batch Adopt is available for the devices in the

PENDING/MANAGED BY OTHERS status.

Manage,Congure,andMonitorDevices

Click Batch Action. select Batch Adopt, click the checkboxes of devices, and click Done. If the

selected devices are all in the PENDING status, the Controller will adopt then with the default

username and password. If not, enter the username and password manually to adopt the devices.

Click Batch Action, select Batch Config, click the checkboxes of devices, and click Done. Then the

Properties window appears. There are two tabs in the window: Devices and Config.

In Devices, you can click to remove the device from the current batch configuration.

In Config, all settings are Keep Existing by default. For detailed configurations, refer to the

configuration of switches and APs.

Click to minimize the Properties window to an icon. To reopen the minimized Properties

window, click

Click to maximize the Properties window. You can also use the icon on pages other

than the Devices page.

Click to close the Properties window of the chosen device(s). Note that the unsaved

configuration will be lost.

The number on the lower-right shows the number of devices in the batch

configuration.

Manage,Congure,andMonitorDevices

3 Configure and Monitor the Gateway

In the Properties window, you can configure the gateway managed by the Controller and monitor its

performance. By default, all configurations are synchronized with the current site.

To open the Properties window, click the entry of the gateway. A monitor panel and several tabs are

listed in the Properties window. Most features to be configured are gathered in the Config tab, such as

IP, SNMP, and Hardware Offload, while other tabs are mainly used to monitor the devices.

Note:

• You can adopt only one gateway in one site.

• The available functions in the window vary due to the model and status of the device.

3. 1 Configure the Gateway

In the Properties window, you can view and configure the ports in Ports, and configure the gateway

features in Config.

Manage,Congure,andMonitorDevices

Ports

In Ports, you can view the status and edit settings of the ports.

To configure a port, click in the table.

Manage,Congure,andMonitorDevices

Link Speed Select the speed mode for the port.

Auto: The port negotiates the speed and duplex automatically.

Manual: Specify the speed and duplex from the drop-down list manually.

Mirroring Mirroring is used to analyze network traffic and troubleshoot network problems.

Enable this option to set the edited port as the mirroring port, then specify one or

multiple mirrored ports. The gateway will sends a copy of traffics passing through the

mirrored ports to the mirroring port.

Mirror Mode Specify the directions of the traffic to be mirrored.

Ingress and Egress: Both the incoming and outgoing packets through the mirrored

port will be copied to the mirroring port.

Ingress: The packets received by the mirrored port will be copied to the mirroring

port.

Egress: The packets sent by the mirrored port will be copied to the mirroring port.

Config

In the Properties window, click Config and then click the sections to configure the features applied to

the gateway.

■ General

In General, you can specify general settings of the gateway.

Name Specify a name of the device.

LED

Select the way that device’s LEDs work.

Use Site Settings: The device’s LED will work following the settings of the site. To view and

modify the site settings, refer to Services.

On/Off: The device’s LED will keep on/off.

Manage,Congure,andMonitorDevices

■ Radios (for wireless gateways only)

In Radios, you can control how and what type of radio signals the gateway emits. Select each

frequency band and configure the parameters. Different models support different bands.

Status If you disable the frequency band, the radio on it will turn off.

Channel Width Specify the channel width of the band. Different bands have different available options. We

recommend using the default value.

Channel Specify the operation channel of the gateway to improve wireless performance. If you

select Auto for the channel setting, the gateway scans available channels and selects the

channel where the least amount of traffic is detected.

Tx Power Specify the Tx Power (Transmit Power) in the 4 options: Low, Medium, High and Custom.

The actual power of Low, Medium and High are based on the minimum transmit power

(Min. Txpower) and maximum transmit power (Max. TxPower), which may vary in different

countries and regions.

Low: Min. TxPower + (Max. TxPower-Min. TxPower) * 20% (round off the value)

Medium: Min. TxPower + (Max. TxPower-Min. TxPower) * 60% (round off the value)

High: Max. TxPower

Custom: Specify the value manually.

■ WLANs

In WLANs, you can apply the WLAN group to the gateway and specify a different SSID name and

password to override the SSID in the WLAN group. After that, clients can only see the new SSID and

Manage,Congure,andMonitorDevices

use the new password to access the network. To create or edit WLAN groups, refer to Configure

Wireless Networks.

(Only for configuring a single device) To override the SSID, select a WLAN group, click in the entry

and then the following page appears.

SSID Override Enable or disable SSID Override on the gateway. After enabling SSID Override, specify the

new SSID and password to override the current one.

Note:IftheSSIDisenabledwith11osPPSK,theoverridefunctionwillmaketheSSID

unavailable.

VLAN Override Enable or disable VLAN Override. After enabling VLAN Override, enter a VLAN ID to assign

the new SSID to the VLAN.

Manage,Congure,andMonitorDevices

■ Services

In Services, you can configure SNMP to write down the location and contact detail. You can also

click Manage to jump to Settings > Services > SNMP, and for detailed configuration of SNMP

service, refer to SNMP.

■ Advanced

In Advanced, you can configure advanced settings to make better use of network resources.

Manage,Congure,andMonitorDevices

Hardware Offload Hardware Offload can improve performance and reduce CPU utilization by using the

hardware to offload packet processing.

Note that this feature cannot take effect if QoS, Bandwidth Control, or Session Limit

is enabled. To configure Bandwidth Control and Session Limit for the gateway, refer

to Transmission.

LLDP LLDP (Link Layer Discovery Protocol) can help discover devices.

Echo Server Echo Server is used to test the connectivity and monitor the latency of the network

automatically or manually. If you click Custom, enter the IP address or hostname of

your custom server.

Maximum Associated

Clients

Enable this function and specify the maximum number of connected clients. If the

connected client reaches the maximum number, the gateway will disconnect those

with weaker signals to make room for other clients requesting connections.

RSSI Threshold Enable this function and enter the threshold of RSSI (Received Signal Strength

Indication). If the client’s signal strength is weaker than the threshold, the client will

lose connection with the gateway.

No Acknowledgement Enable this function to specify that the gateway will not acknowledge frames with

QoS No Ack. Enabling No Acknowledgment can bring more efficient throughput, but

it may increase error rates in a noisy Radio Frequency (RF) environment.

Unscheduled Automatic

Power Save Delivery

When enabled, this function can greatly improve the energy-saving capacity of

clients.

OFDMA (Only for models supporting 802.11 ax) Enable this feature to enable multiple users

to transmit data simultaneously, and it will greatly improves speed and efficiency.

Note that the benefits of OFDMA can be fully enjoyed only when the clients support

OFDMA.

Manage,Congure,andMonitorDevices

■ Manage Device

In Manage Device, you can upgrade the device’s firmware version manually, move it to another site,

synchronize the configurations with the controller, and forget the gateway.

Custom Upgrade Click Browse and choose a file from your computer to upgrade the device. When

upgrading, the device will be rebooted and readopted by the controller. You can also

check the box of Upgrade all devices of the same model in the site after the firmware

file is uploaded.

Move to Site Select a site which the device will be moved to. After moving to another site, device

configurations on the prior site will be replaced by that on the new site, and its traffic

history will be cleared.

Manage,Congure,andMonitorDevices

Force Provision Click Force Provision to synchronize the configurations of the device with the

controller. The device will lose connection temporarily, and be adopted to the

controller again to get the configurations from the controller.

Forget This Device Click Forget and then the device will be removed from the controller. Once forgotten,

all configurations and history related to the device will be wiped out.

Download Device Info If the device has an abnormality, you can download the device information and

provide it to our R&D personnel to analyze the problem.

Note:

Firmware updates are required for earlier devices to obtain complete information.

■ Common Settings

In Common Settings, you can click the path to jump to corresponding modules quickly.

Manage,Congure,andMonitorDevices

3. 2 Monitor the Gateway

One panel and four tabs are provided to monitor the device in the Properties window: Monitor Panel,

Details, Networks, Clients, and Mesh.

Monitor Panel

The monitor panel displays the gateway’s ports, and it uses colors and icons to indicate different

connection status and port types. When the gateway is pending or disconnected, all ports are disabled.

You can hover the cursor over the port icon for more details.

Manage,Congure,andMonitorDevices

Details

In Details, you can view the basic information of the gateway and the statistics of WAN ports to know

the device’s running status briefly. The listed information varies with devices.

Networks

In Networks, you can view the network information of the gateway.

Manage,Congure,andMonitorDevices

Clients

In Clients, you can view the wireless clients of the gateway.

Mesh (For wireless gateway only)

In Mesh, you can view the mesh downlinks of the gateway.

Manage,Congure,andMonitorDevices

4 Configure and Monitor Switches

In the Properties window, you can configure one or some switches connected to the Controller and

monitor the performance. Configurations changed in the Properties window will be applied only to the

selected switch(es). By default, all configurations are synchronized with the current site.

To open the Properties window, click the entry of a switch, or click Batch Action, and then Batch Config

to select switches for batch configuration. A monitor panel and several tabs are listed in the Properties

window. Most features to be configured are gathered in the Ports and Config tab, such as the port

mirroring, IP address, and Management VLAN, while other tabs are mainly used to monitor the devices.

Note:

• The available functions in the window vary due to the model and status of the device.

• In Batch Config, you can only configure the selected devices, and the unaltered configurations will keep the current settings.

4. 1 Configure Switches

In the Properties window, you can view and configure the profiles applied to ports in Ports, and in Config,

you can configure the switch features.

Ports

Port and LAG are two tabs designed for physical ports and LAGs (Link Aggregation Groups), respectively.

Under the Port tag, all ports are listed but you can configure physical ports only, including overriding the

applied profiles, configuring Port Mirroring, and specifying ports as LAGs. Under the LAG tag, all LAGs

are listed and you can view and modify the configurations of existing LAGs.

Manage,Congure,andMonitorDevices

■ Port

In Port, you can view and configure all ports’ names and applied profiles.

Status Displays the port status in different colors.

: The port profile is Disabled. To enable it, click to change the profile.

: The port is enabled, but no device or client is connected to it.

: The port is running at 1000 Mbps.

: The port is running at 10/100 Mbps.

Profile Displays the profile applied to the port.

Action

: Click to edit the port name and configure the profile applied to the port.

: (For PoE ports) Click to reboot the connected powered devices (PDs).

Manage,Congure,andMonitorDevices

To configure a single port, click in the table. To configure ports in batches, click the checkboxes

and then click Edit Selected. Then you can configure the port name and profile. By default, all

settingsareKeepExistingforbatchconfiguration.

Name Enter the port name.

Profile

Select the profile applied to the port from the drop-down list. Click Manage Profiles to

jump to view and manage profiles. For details, refer to Configure Wired Networks.

Profile Overrides Click the checkbox to override the applied profile. The parameters to be configured

vary in Operation modes,

With Profile Overrides enabled, select an operation mode and configure the following parameters

to override the applied profile, configure a mirroring port, or configure a LAG.

Manage,Congure,andMonitorDevices

• Override the Applied Profile

If you select Switching for Operation, configure the following parameters and click Apply to

override the applied profile. To discard the modifications, click Remove Overrides and all profile

configurations will become the same as the applied profile.

PoE Mode (Only for PoE ports) Select the PoE (Power over Ethernet) mode for the port.

Off: Disable PoE function on the PoE port.

802.3at/af: Enable PoE function on the PoE port.

Manage,Congure,andMonitorDevices

Link Speed Select the speed mode for the port.

Auto: The port negotiates the speed and duplex automatically.

Manual: Specify the speed and duplex from the drop-down list manually.

Port Isolation Click the checkbox to enable Port Isolation. An isolated port cannot communicate

directly with any other isolated ports, while the isolated port can send and receive

traffic to non-isolated ports.

Flow Control With this option enabled, when a device gets overloaded it will send a PAUSE

frame to notify the peer device to stop sending data for a specified period of time,

thus avoiding the packet loss caused by congestion.

EEE Click the checkbox to enable EEE (Energy Efficient Ethernet) to allow power

reduction.

Loopback Control

Loopback refers to the routing of data streams back to their source in the

network. You can disable loopback control for the network or choose a method to

prevent loopback happening in your network.

Off: Disable loopback control on the port.

Loopback Detection Port Based: Loopback Detection Port Based helps detect

loops that occur on a specific port. When a loop is detected on a port, the port will

be blocked.

Loopback Detection VLAN Based: Loopback Detection VLAN Based helps detect

loops that occur on a specific VLAN. When a loop is detected on a VLAN, the

VLAN will be blocked.

Spanning Tree: Select STP (Spanning Tree Protocal) to prevent loops in the

network. STP helps block specific ports of the switches to build a loop-free

topology and detect topology changes and automatically generate a new loop-

free topology. To make sure Spanning Tree takes effect on the port, go to the

Config tab and enable Spanning Tree on the switch.

LLDP-MED Click the checkbox to enable LLDP-MED (Link Layer Discovery Protocol-Media

Endpoint Discovery) for device discovery and auto-configuration of VoIP (Voice

over Internet Protocol) devices.

Bandwidth Control Select the type of Bandwidth Control functions to control the traffic rate and

specify traffic threshold on each port to make good use of network bandwidth.

Off: Disable Bandwidth Control for the port.

Rate Limit: Select Rate limit to limit the ingress/egress traffic rate on each port.

With this function, the network bandwidth can be reasonably distributed and

utilized.

Storm Control: Select Storm Control to allow the switch to monitor broadcast

frames, multicast frames and UL-frames (Unknown unicast frames) in the network.

If the transmission rate of the frames exceeds the specified rate, the frames will

be automatically discarded to avoid network broadcast storm.

Ingress Rate Limit With Rate Limit selected, click the checkbox and specify the upper rate limit for

receiving packets on the port.

Manage,Congure,andMonitorDevices

Egress Rate Limit When Rate Limit selected, click the checkbox and specify the upper rate limit for

sending packets on the port.

Broadcast Threshold With Storm Control selected, click the checkbox and specify the upper rate limit

for receiving broadcast frames. The broadcast traffic exceeding the limit will be

processed according to the Action configurations.

Multicast Threshold With Storm Control selected, click the checkbox and specify the upper rate limit

for receiving multicast frames. The multicast traffic exceeding the limit will be

processed according to the Action configurations.

Unknown Unicast

Threshold

With Storm Control selected, click the checkbox and specify the upper rate

limit for receiving unknown unicast frames. The traffic exceeding the limit will be

processed according to the Action configurations.

Action When Storm Control selected, select the action that the switch will take when the

traffic exceeds its corresponding limit.

Drop: With Drop selected, the port will drop the subsequent frames when the

traffic exceeds the limit.

Shutdown: With Shutdown selected, the port will be shutdown when the traffic

exceeds the limit.

Recover Time With Shutdown selected as the Action, specify the recover time, and the port will

be opened after the specified time.

DHCP L2 Relay Click the checkbox to enable DHCP L2 Relay for the network.

Format Select the format of option 82 sub-option value field.

Normal: The format of sub-option value field is TLV (type-length-value).

Private: The format of sub-option value field is just value.

Circuit ID (Optional) Enter the customized circuit ID. The circuit ID configurations of the

switch and the DHCP server should be compatible with each other. If it is not

specified, the switch will use the default circuit ID when inserting Option 82 to

DHCP packets.

Remote ID (Optional) Enter the customized remote ID. The remote ID configurations of the

switch and the DHCP server should be compatible with each other. If it is not

specified, the switch will use its own MAC address as the remote ID.

• Configure a Mirroring Port

If you select Mirroring as Operation, the edited port can be configured as a mirroring port.

Specify other ports as the mirrored port, and the switch sends a copy of traffics passing

through the mirrored port to the mirroring port. You can use mirroring to analyze network traffic

and troubleshoot network problems.

To configure Mirroring, select the mirrored port or LAG, specify the following parameters, and

click Apply. To discard the modifications, click Remove Overrides and all profile configurations

become the same as the applied profile.

Manage,Congure,andMonitorDevices

Note that the mirroring ports and the member ports of LAG cannot be selected as mirrored

ports.

PoE Mode (Only for PoE ports) Select the PoE mode for the port.

Off: Disable PoE on the PoE port.

802.3at/af: Enable PoE on the PoE port.

Link Speed Select the speed mode for the port.

Auto: The port negotiates the speed and duplex automatically.

Manual: Specify the speed and duplex from the drop-down list manually.

Manage,Congure,andMonitorDevices

Bandwidth Control Bandwidth control optimizes network performance by limiting the bandwidth of

specific sources.

Off: Disable bandwidth control on the port.

Rate Limit: Enable bandwidth control on the port, and you need to specify the

ingress and/or egress rate limit.

Ingress Rate Limit With Rate Limit selected, click the checkbox and specify the upper rate limit for

receiving packets on the port. With this function, the network bandwidth can be

reasonably distributed and utilized.

Egress Rate Limit With Rate Limit selected, click the checkbox and specify the upper rate limit for

sending packets on the port. With this function, the network bandwidth can be

reasonably distributed and utilized.

• Configure a LAG

If you select Aggregating as Operation, you can aggregate multiple physical ports into a logical

interface, which can increase link bandwidth and enhance the connection reliability.

Configuration Guidelines:

• Ensure that both ends of the aggregation link work in the same LAG mode. For example, if the local end

works in LACP mode, the peer end should also be set as LACP mode.

• Ensure that devices on both ends of the aggregation link use the same number of physical ports with

the same speed, duplex, jumbo and flow control mode.

• A port cannot be added to more than one LAG at the same time.

• LACP does not support half-duplex links.

• One static LAG supports up to eight member ports. All the member ports share the bandwidth evenly.

If an active link fails, the other active links share the bandwidth evenly.

• One LACP LAG supports multiple member ports, but at most eight of them can work simultaneously,

and the other member ports are backups. Using LACP protocol, the switches negotiate parameters and

determine the working ports. When a working port fails, the backup port with the highest priority will

replace the faulty port and start to forward data.

• The member port of an LAG follows the configuration of the LAG but not its own. Once removed, the

LAG member will be configured as the default All profile and Switching operation.

• The port enabled with Port Security, Port Mirror, or MAC Address Filtering cannot be added to an LAG,

and the member port of an LAG cannot be enabled with these functions.

To configure a new LAG, select other ports to be added to the LAG, specify the LAG ID, and

choose a LAG type. Click Apply. To discard the modifications, click Remove Overrides and all

Manage,Congure,andMonitorDevices

profile configurations become the same as the applied profile. For other parameters, configure

them under the LAG tab.

LAG ID Specify the LAG ID of the LAG. Note that the LAG ID should be unique.

The valid value of the LAG ID is determined by the maximum number of LAGs

supported by your switch. For example, if your switch supports up to 14 LAGs,

the valid value ranges from 1 to 14.

Static LAG In Static LAG mode, the member ports are added to the LAG manually.

Active LACP/

Passive LACP

LACP extends the flexibility of the LAG configurations. In LACP, the switch

uses LACPDU (Link Aggregation Control Protocol Data Unit) to negotiate the

parameters with the peer end. In this way, the two ends select active ports and

form the aggregation link.

Active LACP: In this mode, the port will take the initiative to send LACPDU.

Passive LACP: In this mode, the port will not send LACPDU before receiving the

LACPDU from the peer end.

Manage,Congure,andMonitorDevices

■ LAG

LAGs (Link Aggregation Groups) are logical interfaces aggregated, which can increase link

bandwidth and enhance the connection reliability. You can view and edit the LAGs under the LAG

tab. To configure physical ports as a LAG, refer to Configure a LAG.

Status Displays the status in different colors.

: The LAG profile is Disable. To enable it, click to change the profile.

: The port is enabled, but no device or client is connected to it.

: The LAG ports are running at 1000 Mbps.

: The LAG port are running at 10/100 Mbps.

Ports Displays the port number of LAG ports.

Profile Displays the profile applied to the port.

Action

: Click to edit the port name and configure the profile applied to the port.

: Click to delete the LAG. Once deleted, the ports will be configured as the default

All profile and Switching operation. You can configure the ports under the Port tab.

Click to configure the LAG name and the applied profile.

Name Enter the port name.

Manage,Congure,andMonitorDevices

Profile Select the profile applied to the port from the drop-down list. Click Manage Profiles to

jump to view and manage profiles. For details, refer to Configure Wired Networks.

Profile Overrides Click the checkbox to override the applied profile. The parameters to be configured

vary in Operation modes.

With Profile Overrides enabled, you can reselect the LAG members and configure the following

parameters.

Link Speed Select the speed mode for the port.

Auto: The port negotiates the speed and duplex automatically.

Manual: Specify the speed and duplex from the drop-down list manually.

Port Isolation Click the checkbox to enable Port Isolation. An isolated port cannot

communicate directly with any other isolated ports, while the isolated port can

send and receive traffic to non-isolated ports.

Flow Control With this option enabled, when a device gets overloaded it will send a PAUSE

frame to notify the peer device to stop sending data for a specified period of

time, thus avoiding the packet loss caused by congestion.

Manage,Congure,andMonitorDevices

EEE Click the checkbox to enable EEE (Energy Efficient Ethernet) to allow power

reduction.

Loopback Control

Loopback refers to the routing of data streams back to their source in the

network. You can disable loopback control for the network or choose a method

to prevent loopback happening in your network.

Off: Disable loopback control on the port.

Loopback Detection Port Based: Loopback Detection Port Based helps detect

loops that occur on a specific port. When a loop is detected on a port, the port

will be blocked.

Loopback Detection VLAN Based: Loopback Detection VLAN Based helps

detect loops that occur on a specific VLAN. When a loop is detected on a VLAN,

the VLAN will be blocked.

Spanning Tree: Select STP (Spanning Tree Protocal) to prevent loops in the

network. STP helps block specific ports of the switches to build a loop-free

topology and detect topology changes and automatically generate a new loop-

free topology. To make sure Spanning Tree takes effect on the port, go to the

Config tab and enable Spanning Tree on the switch.

Bandwidth Control Select the type of Bandwidth Control functions to control the traffic rate and

traffic threshold on each port to ensure network performance.

Off: Disable Bandwidth Control for the port.

Rate Limit: Select Rate limit to limit the ingress/egress traffic rate on each port.

With this function, the network bandwidth can be reasonably distributed and

utilized.

Storm Control: Select Storm Control to allow the switch to monitor broadcast

frames, multicast frames and UL-frames (Unknown unicast frames) in the

network. If the transmission rate of the frames exceeds the specified rate, the

frames will be automatically discarded to avoid network broadcast storm.

Ingress Rate Limit With Rate Limit selected, click the checkbox and specify the upper rate limit for

receiving packets on the port.

Egress Rate Limit With Rate Limit selected, click the checkbox and specify the upper rate limit for

sending packets on the port.

Broadcast Threshold With Storm Control selected, click the checkbox and specify the upper rate limit

for receiving broadcast frames. The broadcast traffic exceeding the limit will be

processed according to the Action configurations.

Multicast Threshold With Storm Control selected, click the checkbox and specify the upper rate limit

for receiving multicast frames. The multicast traffic exceeding the limit will be

processed according to the Action configurations.

Unknown Unicast

Threshold

With Storm Control selected, click the checkbox and specify the upper rate

limit for receiving unknown unicast frames. The traffic exceeding the limit will be

processed according to the Action configurations.

DHCP L2 Relay Click the checkbox to enable DHCP L2 Relay for the network.

Manage,Congure,andMonitorDevices

Action With Storm Control selected, select the action that the switch will take when the

traffic exceeds its corresponding limit.

Drop: With Drop selected, the port will drop the subsequent frames when the

traffic exceeds the limit.

Shutdown: With Shutdown selected, the port will be shutdown when the traffic

exceeds the limit.

Recover Time With Shutdown selected as the Action, specify the recover time, and the port will

be opened after the specified time.

Config

In Config, click the sections to configure the features applied to the selected switch(es), including the

general settings, services, and networks.

■ General

In General, you can specify the device name and LED settings of the switch, and categorize it via

device tags.

Manage,Congure,andMonitorDevices

Name (Only for configuring a single device) Specify a name of the device.

LED

Select the way that device’s LEDs work.

Use Site Settings: The device’s LED will work following the settings of the site. To view and

modify the site settings, refer to Services.

On/Off: The device’s LED will keep on/off.

Device Tags Select a tag from the drop-down list or create a new tag to categorize the device.

Jumbo Configure the size of jumbo frames. By default, it is 1518 bytes.

Generally, the MTU (Maximum Transmission Unit) size of a normal frame is 1518 bytes.

If you want the switch supports to transmit frames of which the MTU size is greater than

1518 bytes, you can configure the MTU size manually here.

Hash Algorithm Select the Hash Algorithm, based on which the switch can choose the port to forward the

received packets. In this way, different data flows are forwarded on different physical links

to implement load balancing.

SRC MAC: The computation is based on the source MAC addresses of the packets.

DST MAC: The computation is based on the destination MAC addresses of the packets.

SRC MAC+DST MAC: The computation is based on the source and destination MAC

addresses of the packets.

SRC IP: The computation is based on the source IP addresses of the packets.

DST IP: The computation is based on the destination IP addresses of the packets.

SRC IP+DST IP: The computation is based on the source and destination IP addresses of

the packets.

Manage,Congure,andMonitorDevices

■ VLAN Interface

In VLAN Interface, you can configure Management VLAN and different VLAN interface for the

switch. The general information of the existing VLAN interface are displayed in the table.

Manage,Congure,andMonitorDevices

To configure a single VLAN interface, hover the mouse on the entry and click to edit the settings.

Manage,Congure,andMonitorDevices

Management VLAN Click the checkbox if you want to use the VLAN interface as Management VLAN. Note

that the controller will fail to manage your devices with wrong Management VLAN

configurations. If you are not sure about your network conditions and the potential impact

of any configurations, we recommend that you keep the default configurations.

The management VLAN is a VLAN created to enhance the network security. Without

Management VLAN, the configuration commands and data packets are transmitted in the

same network. There are risks of unauthorized users accessing the management page

and modifying the configurations. A management VLAN can separate the management

network from the data network and lower the risks.

IP Address Mode

(when Management

VLAN enabled)

Select a mode for the interface to obtain its IP address, and the VLAN will communicate

with other networks including VLANs with the IP address.

Static: Assign an IP address to the interface manually, specify the IP Address and Subnet

Mask for the interface.

When the VLAN interface is set as the Management VLAN, it is optional for you to specify

the Default Gateway and Primary/Secondary DNS for the interface.

DHCP: Assign an IP address to the interface through a DHCP server.

When you want to let device use a fixed IP address, enable Use Fixed IP Address and

specify the Network and IP Address based on needs.

When the VLAN interface is set as the Management VLAN, you can further enable

Fallback IP Address, and specify the Fallback IP Address, Fallback IP Mask, and Fallback

Gateway (optional). If the VLAN interface fails to get an IP address from the DHCP server,

the fallback IP address will be used for the interface.

DHCP Option 12 When DHCP is selected as the IP Address Mode, you can specify the hostname of the

DHCP client in the field. The DHCP client will use option 12 to tell the DHCP server their

hostname.

DHCP Mode Select a mode for the clients in the VLAN to obtain their IP address.

None: Do not use DHCP to assign IP addresses.

DHCP Server: Assign an IP address to the clients through a DHCP server.

When DHCP Server is selected, you can specify the DHCP Range, and the IP addresses in

the range can be assigned to the clients in the VLAN. Also, it is optional for you to specify

the DHCP Option 138, Primary/Seconday DNS, Default Gateway, and Lease Time. DHCP

Option 138 informs the DHCP client of the controller's IP address when the client sends

a request to the DHCP server, and specify Option 138 as the controller's IP address here.

Lease Time decides how long the client can use the assigned IP address.

DHCP Relay: It allows clients in the VLAN to obtain IP addresses from a DHCP server

ion different subnet. When DHCP Relay is selected, specify the IP address of the DHCP

server in Server Address.

IPv6 Click the checkbox to enable IPv6.

Manage,Congure,andMonitorDevices

Mode Select a mode for the clients in the VLAN to obtain their IPv6 address.

Dynamic IP (SLAAC/DHCPv6): If your ISP uses Dynamic IPv6 address assignment, either

DHCPv6 or SLAAC+Stateless DHCP, select Dynamic IP (SLAAC/DHCPv6)

Static: Enter the static IPv6 address, prefix length, primary DNS server, and secondary

DNS server information received from your ISP.

When choosing Dynamic IP (SLAAC/DHCPv6), select whether to get the DNS address

dynamically from your ISP or designate the DNS address manually.

Get Dynamic DNS: The DNS address will be automatically assigned by the ISP.

Use the Following DNS Addresses: Enter the DNS address provided by the ISP.

■ Static Route

In Static Route, you can configure entries of static route for the switch. The general information of

the existing static route entries are displayed in the table. For an existing static route, click

to edit

the settings, and click

to delete it.

Manage,Congure,andMonitorDevices

To add a new static route entry, click and configure the parameters.

Status Click the checkbox to enable or disable the static route.

IP Version Select IPv4 or IPv6.

Destination IP/

Subnet

When IP Version is IPv4, specify Destination IP/Subnet. When IP Version is IPv6, specify

Destination IP/Prefix Length. They identify the network traffic which the Static Route entry

controls.

You can click + Add Subnet to specify multiple entries or click

to delete them.

Next Hop Specify the IP address for your devices to forward the corresponding network traffic.

Distance Specify the priority of a static route. It is used to decide the priority among routes to

the same destination. Among routes to the same destination, the route with the lowest

distance value will be recorded into the routing table.

Manage,Congure,andMonitorDevices

■ Services

In Services, you can configure Management VLAN, Loopback Control and SNMP.

Management VLAN Display the name of the current Management VLAN.

To configure the Management VLAN, please go to Config > VLAN Interface. Note that the

controller will fail to manage your devices with wrong Management VLAN configurations.

If you are not sure about your network conditions and the potential impact of any

configurations, we recommend that you keep the default configurations.

The management VLAN is a VLAN created to enhance the network security. Without

Management VLAN, the configuration commands and data packets are transmitted in the

same network. There are risks of unauthorized users accessing the management page

and modifying the configurations. A management VLAN can separate the management

network from the data network and lower the risks.

Manage,Congure,andMonitorDevices

Loopback Detection When enabled, the switch checks the network regularly to detect the loopback.

Note that Lopback Detection and Spanning Tree are not available at the same time.

Spanning Tree Select a mode for Spanning tree. This feature is available only when Loopback Detection

is disabled.

Off: Disable Spanning Tree on the switch.

STP: Enable STP (Spanning Tree Protocal) to prevent loops in the network. STP helps to

block specific ports of the switches to build a loop-free topology and detect topology

changes and automatically generate a new loop-free topology.

RSTP: Enable RSTP (Rapid Spanning Tree Protocal) to prevent loops in the network. RSTP

provides the same features as STP with faster spanning ree convergence.

Priority: When STP/RSTP enabled, specify the priority for the swith in Spanning Tree. In

STP/RSTP, the switch with the highest priority will be selected as the root of the spanning

tree. The switch with the lower value has the higher priority.

SNMP

(Only for configuring a single device) Configure SNMP to write down the location and

contact detail. You can also click Manage to jump to Settings > Services > SNMP, and for

detailed configuration of SNMP service, refer to SNMP.

Manage,Congure,andMonitorDevices

■ Manage Device

In Manage Device, you can upgrade the device’s firmware version manually, move it to another site,

synchronize the configurations with the controller and forget the switch.

Custom Upgrade Click Browse and choose a file from your computer to upgrade the device. When

upgrading, the device will be rebooted and readopted by the Controller. You can also

check the box of Upgrade all devices of the same model in the site after the firmware

file is uploaded.

Copy Configuration Select another device at the current site to copy its configurations.

Move to Site Select a site which the device will be moved to. After moving to another site, device

configurations on the prior site will be replaced by that on the new site, and its traffic

history will be cleared.

Manage,Congure,andMonitorDevices

Force Provision (Only for configuring a single device) Click Force Provision to synchronize the

configurations of the device with the Controller. The device will lose connection

temporarily, and be adopted to the controller again to get the configurations from the

controller.

Forget This Device Click Forget and then the device will be removed from the Controller. Once forgotten,

all configurations and history related to the device will be wiped out.

Download Device Info If the device has an abnormality, you can download the device information and

provide it to our R&D personnel to analyze the problem.

Note:

Firmware updates are required for earlier devices to obtain complete information.

4. 2 Monitor Switches

One panel and two tabs are provided to monitor the device in the Properties window: Monitor Panel,

Details, and Clients.

Monitor Panel

The monitor panel displays the switch’s ports and uses colors and icons to indicate the connection

status and port type. When the switch is pending or disconnected, all ports are disabled.

PoE

A PoE port connected to a powered device (PD).

Uplink

An uplink port connected to WAN.

Mirroring

A mirroring port that is mirroring another switch port.

STP Blocking A port in the Blocking status in Spanning Tree. It receives and sends BPDU (Bridge

Protocal Data Unit) packets to maintain the spanning tree. Other packets are dropped.

Manage,Congure,andMonitorDevices

You can hover the cursor over the port icon (except disabled ports) for more details. The displayed

information varies due to connection status and port type.

Status Displays the negotiation speed of the port.

Tx Bytes Displays the amount of data transmitted as bytes.

Rx Bytes Displays the amount of data received as bytes.

Profile

Displays the name of profile applied to the port, which defines how the packets in both

ingress and egress directions are handled. For detailed configuration, refer to Create

Profiles.

PoE Power Displays the PoE power supply for the PD device.

Uplink Displays the name of device connected to the uplink port.

Mirroring From Displays the name of port that is mirrorred.

LAG ID Displays the name of ports that are aggregated into a logical interface.

Details

In Details, you can view the basic information, traffic information, and radio information of the device to

know the device’s running status.

Manage,Congure,andMonitorDevices

■ Overview

In Overview, you can view the basic information of the device. The listed information will be varied

due to the device’s model and status.

■ Uplink (Only for the switch connected to a controller-managed gateway/switch in Connected

status)

Click Uplink to view the uplink information, including the uplink port, the uplink device, the negotiation

speed, and transmission rate.

Manage,Congure,andMonitorDevices

■ Downlink (Only for the switch connected to controller-managed devices in Connected status)

Click Downlink to view the downlink information, including the downlink ports, devices model and

MAC address as well as negotiation speed.

Clients

In Clients, you can view the information of clients connected to the switch, including the client name, IP

address and the connected port. You can click the client name to open its Properties window.

Manage,Congure,andMonitorDevices

5 Configure and Monitor APs

In the Properties window, you can configure one or some APs connected to the Controller and monitor

the performanc. Configurations changed in the Properties window will be applied only to the selected

AP(s). By default, all configurations are synchronized with the current site.

To open the Properties window, click the entry of an AP, or click Batch Action, and then Batch Config to

select APs for batch configuration. A monitor panel and several tabs are listed in the Properties window.

Most features to be configured are gathered in the Config tab, such as IP, radios, SSID, and VLAN, while

other tabs are mainly used to monitor the device.

Note:

• The available functions in the window vary due to the model and status of the device.

• In Batch Config, you can only configure the selected devices, and the unaltered configurations will keep the current settings.

• In Batch Config, if some functions, such as the 5 GHz band, are available only on some selected APs, the corresponding

configurations will not take effect. To configure them successfully, check the model of selected devices first.

5. 1 Configure APs

In the Properties window, click Config and then click the sections to configure the features applied to

the selected AP(s).

Manage,Congure,andMonitorDevices

■ General

In General, you can specify the device name and LED settings of the AP, and categorize it via device

tags.

Name (Only for configuring a single device) Specify a name of the device.

LED

Select the way that device’s LEDs work.

Use Site Settings: The device’s LED will work following the settings of the site. To view and

modify the site settings, refer to Services.

On/Off: The device’s LED will keep on/off.

Wi-Fi Control (Only for Certain wall plate APs) Enable Wi-Fi Control, and it will take effect only when the

LED feature is enabled. After enabling Wi-Fi Control, you can press the LED button on the

AP to turn on/off the Wi-Fi and LED at the same time.

Device Tags Select a tag from the drop-down list or create a new tag to categorize the device.

■ IP Settings (Only for configuring a single device)

In IP Settings, select an IP mode and configure the parameters for the device.

If you select DHCP as the mode, make sure there is a DHCP server in the network and then the

device will obtain dynamic IP address from the DHCP server automatically. If you want to let the

device use a fixed IP address, you can enable Use Fixed IP Address, and set the network and IP

address based on needs. Also, you can set a fallback IP address to hold an IP address in reserve for

Manage,Congure,andMonitorDevices

the situation in which the device fails to get a dynamic IP address. Enable Fallback IP and then set

the IP address, IP mask and gateway.

Manage,Congure,andMonitorDevices

If you select Static as the mode, set the IP address, IP mask, gateway, and DNS server for the static

address.

If you enable IPv6, select a mode for the AP to obtain an IPv6 address.

If you select Dynamic IP (SLAAC/DHCPv6) as the mode, choose whether to get the DNS address

dynamically from your ISP or designate the DNS address manually.

Manage,Congure,andMonitorDevices

If you select Static as the mode, set the IPv6 address, prefix length, primary DNS server, and

secondary DNS server information received from your ISP.

■ Radios

In Radios, you can control how and what type of radio signals the AP emits. Select each frequency

band and configure the parameters. Different models support different bands.

Manage,Congure,andMonitorDevices

Status If you disable the frequency band, the radio on it will turn off.

Channel Width Specify the channel width of the band. Different bands have different available options. We

recommend using the default value.

Channel Specify the operation channel of the AP to improve wireless performance. If you select

Auto for the channel setting, the AP scans available channels and selects the channel

where the least amount of traffic is detected.

Tx Power Specify the Tx Power (Transmit Power) in the 4 options: Low, Medium, High and Custom.

The actual power of Low, Medium and High are based on the minimum transmit power

(Min. Txpower) and maximum transmit power (Max. TxPower), which may vary in different

countries and regions.

Low: Min. TxPower + (Max. TxPower-Min. TxPower) * 20% (round off the value)

Medium: Min. TxPower + (Max. TxPower-Min. TxPower) * 60% (round off the value)

High: Max. TxPower

Custom: Specify the value manually.

■ WLANs

In WLANs, you can apply the WLAN group to the AP and specify a different SSID name and password

to override the SSID in the WLAN group. After that, clients can only see the new SSID and use the

new password to access the network. To create or edit WLAN groups, refer to Configure Wireless

Networks.

Manage,Congure,andMonitorDevices

(Only for configuring a single device) To override the SSID, select a WLAN group, click in the entry

and then the following page appears.

SSID Override Enable or disable SSID Override on the AP. If SSID Override enabled, specify the new SSID

and password to override the current one.

VLAN Enable or disable VLAN. If VLAN enabled, enter a VLAN ID to add the new SSID to the

VLAN.

Manage,Congure,andMonitorDevices

■ Services

In Services, you can enable Management VLAN to protect your network and configure SNMP and

web server parameters.

Management VLAN To configure Management VLAN, create a network in LAN first, and then select it as the

management VLAN on this page. For details, refer to Configure Wireless Networks.

The management VLAN is a VLAN created to enhance the network security. Without

Management VLAN, the configuration commands and data packets are transmitted in the

same network. There are risks of unauthorized users accessing the management page

and modifying the configurations. A management VLAN can separate the management

network from the data network and lower the risks.

SNMP

(Only for configuring a single device) Configure SNMP to write down the location and

contact detail. You can also click Manage to jump to Settings > Services > SNMP, and for

detailed configuration of SNMP service, refer to SNMP.

Manage,Congure,andMonitorDevices

Layer-3 Accessibility With this feature enabled, devices from a different subnet can access controller-managed

devices.

LLDP LLDP (Link Layer Discovery Protocol) can help discover devices.

■ Smart Antenna (For certain outdoor APs)

In Smart Antenna, you can turn on the function to improve Wi-Fi performance for user-heavy

scenarios through antenna array and intelligent algorithm. This help overcome obstacles and signal

interference.

■ Advanced

In Advanced, configure Load Balance and QoS to make better use of network resources. Load

Balance can control the client number associated to the AP, while QoS can optimize the performance

when handling differentiated wireless traffics, including traditional IP data, and other types of audio,

video, streaming media.

Manage,Congure,andMonitorDevices

Select each frequency band and configure the following parameters and features.

Max Associated Clients Enable this function and specify the maximum number of connected clients. If the

connected client reaches the maximum number, the AP will disconnect those with

weaker signals to make room for other clients requesting connections.

RSSI Threshold Enable this function and enter the threshold of RSSI (Received Signal Strength

Indication). If the client’s signal strength is weaker than the threshold, the client will

lose connection with the AP.

No Acknowledgment Enable this function to specify that the APs will not acknowledge frames with QoS

No Ack. Enabling No Acknowledgment can bring more efficient throughput, but it

may increase error rates in a noisy Radio Frequency (RF) environment.

Unscheduled Automatic

Power Save Delivery

When enabled, this function can greatly improve the energy-saving capacity of

clients.

OFDMA (Only for AP supporting 802.11 ax) Enable this feature to enable multiple users to

transmit data simultaneously, and it will greatly improves speed and efficiency.

Note that the benefits of OFDMA can be fully enjoyed only when the clients

support OFDMA.

Manage,Congure,andMonitorDevices

■ Manage Device

In Manage Device, you can upgrade the device’s firmware version manually, move it to another site,

synchronize the configurations with the controller and forget the AP.

Custom Upgrade Click Browse and choose a file from your computer to upgrade the device. When

upgrading, the device will be rebooted and readopted by the controller. You can also

check the box of Upgrade all devices of the same model in the site after the firmware

file is uploaded.

Copy Configuration Select another device at the current site to copy its configurations.

Move to Site Select a site which the device will be moved to. After moving to another site, device

configurations on the prior site will be replaced by that on the new site, and its traffic

history will be cleared.

Manage,Congure,andMonitorDevices

Force Provision (Only for configuring a single device) Click Force Provision to synchronize the

configurations of the device with the controller. The device will lose connection

temporarily, and be adopted to the controller again to get the configurations from the

controller.

Forget this AP Click Forget and then the device will be removed from the controller. Once forgotten,

all configurations and history related to the device will be wiped out.

Download Device Info If the device has an abnormality, you can download the device information and

provide it to our R&D personnel to analyze the problem.

Note:

Firmware updates are required for earlier devices to obtain complete information.

5. 2 Monitor APs

One panel and three tabs are provided to monitor the device in the Properties window: Monitor Panel,

Details, Clients, and Mesh.

Monitor Panel

The monitor panel illustrates the active channel information on each radio band, including the AP’s

operation channel, radio mode and channel utilization. Four colors are used to indicate the percentage

of Rx Frames (blue), Tx Frames (green), Interference (orange), and Free bandwidth (gray).

Manage,Congure,andMonitorDevices

You can hover the cursor over the channel bar for more details.

Ch.Util.(Busy/Rx/Tx) Displays channel utilization statistics.

Busy: Displays the sum of Tx, Rx, and also non-WiFi interference, which indicates how busy

the channel is.

Rx: Indicates how often the radio is in active receive mode.

Tx: Indicates how often the radio is in active transmit mode.

Tx Pkts/Bytes Displays the amount of data transmitted as packets and bytes.

Rx Pkts/Bytes Displays the amount of data received as packets and bytes.

Tx Error/Dropped Displays the percentage of transmit packets that have errors and the percentage of

packets that were dropped.

Rx Error/Dropped Displays the percentage of receive packets that have errors and the percentage of

packets that were dropped.

Details

In Details, you can view the basic information, traffic information, and radio information of the device to

know the device’s running status.

Manage,Congure,andMonitorDevices

■ Overview

In Overview, you can view the basic information of the device. The listed information varies due to

the device’s status.

■ LAN (Only for devices in the Connected status)

Click LAN to view the traffic information of the LAN port, including the total number of packets, the

total size of data, the total number of packets loss, and the total size of error data in the process of

receiving and transmitting data.

Manage,Congure,andMonitorDevices

■ Uplink (Wired) (Only for devices in the Connected status)

Click Uplink (Wired) to view the traffic information related to the uplink AP, including the duplex type,

negotiated speed, ratio of packets number and size, and dynamic downstream rate.

■ Uplink (Wireless) (Only for devices in the Connected status)

Click Uplink (Wireless) to view the traffic information related to the uplink AP, including the signal

strength, transmission rate, ratio of packets number and size, and dynamic downstream rate.

Manage,Congure,andMonitorDevices

■ Radios (Only for devices in the Connected status)

Click Radio to view the radio information including the frequency band, the wireless mode, the

channel width, the channel, and the transmitting power. You can also view parameters of receiving/

transmitting data on each radio band.

Clients

In Clients, you can view the information of users and guests connecting to the AP, including client

name, MAC address and the connected SSID. Users are clients connected to the AP’s SSID with Guest

Manage,Congure,andMonitorDevices

Network disabled, while Guests are clients connected to that with Guest Network enabled. You can

click the client name to open its Properties window.

Mesh (Only for pending/connected/isolated devices supporting Mesh)

Mesh is used to establish a wireless network or expand a wired network through wireless connection

on 5 GHz radio band. In practical application, it can help users to conveniently deploy APs without

requiring Ethernet cable. After mesh network establishes, the APs can be configured and managed in

the controller in the same way as wired APs. Meanwhile, because of the ability to self-organize and self-

configure, mesh also can efficiently reduce the configuration.

Note that only certain AP models support Mesh, and the APs should be in the same site to establish a

Mesh network.

To understand how mesh can be used, the following terms used in the Controller will be introduced:

Root AP The AP is managed by the Controller with a wired data connection that can be configured

to relay data to and from mesh APs (downlink AP).

Isolated AP When the AP which has been managed by the Controller before connects to the network

wirelessly and cannot reach the gateway, it goes into the Isolated state.

Mesh AP An isolated AP will become a mesh AP after establishing a wireless connection to the AP

with network access. A pending AP, connecting wirelessly to the AP with network access,

can also become a mesh AP after being adopted by the Controller.

Uplink AP/Downlink AP Among mesh APs, the AP that offers the wireless connection for other APs is called uplink

AP. A Root AP or an intermediate AP can be the uplink AP. And the AP that connects to

the uplink AP is called downlink AP. An uplink AP can offer direct wireless connection for 4

downlink APs at most.

Wireless Uplink The action that a downlink AP connects to the uplink AP.

Manage,Congure,andMonitorDevices

Hops In a deployment that uses a root AP and more than one level of wireless uplink with

intermediate APs, the uplink tiers can be referred to by root, first hop, second hop and so

on. The hops should be no more than 3.

A common mesh network is shown as below. Only the root AP is connected by an Ethernet cable, while

other APs have no wired data connection. Mesh allows the isolated APs to communicate with pre-

configured root AP on the network. Once powered up, factory default or unadopted APs can detect the

AP in range and make itself available for adoption in the controller.

Host A (Controller Host) Switch

Internet

Router (DHCP Server)

Root AP Mesh AP

Wired Connection

Wireless Uplink

(Hops: 1)

(Hops: 2)

Mesh APs

Internet

After all the APs are adopted, a mesh network is established. The APs connected to the network

via wireless connection also can broadcast SSIDs and relay network traffic to and from the network

through the uplink AP.

To build a mesh network, follow the steps below:

1 ) Enable Mesh function.

2 ) Adopt the Root AP.

3 ) Set up wireless uplink by adopting APs in Pending(Wireless) or Isolated status.

Manage,Congure,andMonitorDevices

1. Go to Settings > Site to make sure Mesh is enabled.

2. Go to Devices to make sure that the Root AP has been adopted by the controller. The status of the

Root AP is Connected.

3. Install the AP that will uplink the Root AP wirelessly. Make sure the intended location is within the

range of Root AP. The APs that is waiting for Wireless Uplink includes two cases: factory default

APs and APs that has been managed by the controller before. Go to Devices to adopt an AP in

Pending (Wireless) status or link an isolated AP.

1) For the factory default AP, after powering on the device, the AP will be in Pending (Wireless)

status with the icon

in the controller. Click to adopt the AP in Pending (Wireless)

status in the Devices list.

Manage,Congure,andMonitorDevices

After adoption begins, the status of Pending (Wireless) AP will become Adopting (Wireless) and

then Connected (Wireless). It should take roughly 2 minutes to show up Connected (Wireless)

with the icon

within your controller.

2) For the AP that has been managed by the Controller before and cannot reach the gateway,

it goes into Isolated status when it is discovered by controller again. Click

to connect the

Uplink AP in the Devices list.

The following page will be shown as below, click Link to connect the Uplink AP.

Once mesh network has been established, the AP can be managed by the controller in the same way

as a wired AP. You can click the AP’s name in the Devices list, and click Mesh to view and configure the

mesh parameters of the AP in the Properties window.

In Mesh, if the selected AP is an uplink AP, this page lists all downlink APs connected to the AP.

Manage,Congure,andMonitorDevices

If the selected AP is a downlink AP, this page lists all available uplink APs and their channel, signal

strength, hop, and the number of downlink APs. You can click Rescan to search the available uplink APs

and refresh the list, and click Link to connect the uplink AP and build up a mesh network.

The icon appears before the priority uplink AP of the downlink AP. If you want to set

another AP as the priority AP, click Link in Action column.

The icon appears before the current uplink AP of the downlink AP.

Tips:

• You can manually select the priority uplink AP that you want to connect in the uplink AP list. To build a mesh

network with better performance, we recommend that you select the uplink AP with the strongest signal, least

hop and least downlink AP.

• Auto Failover is enabled by default, and it allows the controller automatically select an uplink AP for the isolated

AP to establish Wireless Uplink. And the controller will automatically select a new uplink AP for the mesh APs

when the original uplink fails. For more details about Mesh global configurations, refer to the Mesh feature in

Services

Congure the Network with Festa

Cloud-Based Controller

This chapter guides you on how to configure the network with the Festa Cloud-Based Controller. As

the command center and management platform at the heart of the network, the Controller provides

a unified approach to configuring enterprise networks comprised of gateways, switches, and wireless

access points. The chapter includes the following sections:

• 1 Configure Wired Networks

• 2 Configure Wireless Networks

• 3 Network Security

• 4 Transmission

• 5 Configure VPN

• 6 Create Profiles

• 7 Authentication

• 8 Services

Configure the Network with Festa Cloud-Based Controller

1 Configure Wired Networks

Wired networks enable your wired devices and clients including the gateway, switches, APs and PCs to

connect to each other and to the internet.

As shown in the following figure, wired networks consist of two parts: Internet and LAN.

Internet

Switch A

Festa Cloud-Based Controller

FTP Server

Switch B

Switch C

Gateway

WAN Port

Wired Networks

LAN

LAN Port

Internet

For Internet, you determine the number of WAN ports on the gateway and how they connect to the

internet. You can set up an IPv4 connection and IPv6 connection to your internet service provider

(ISP) according to your needs. The parameters of the internet connection for the gateway depend on

which connection types you use. For an IPv4 connection, the following internet connection types are

available: Dynamic IP, Static IP, PPPoE, L2TP, and PPTP. For an IPv6 connection, the following internet

connection types are available: Dynamic IP (SLAAC/ DHCPv6), Static IP, PPPoE, 6to4 Tunnel, and Pass-

Through (Bridge). And, when more than one WAN port is configured, you can configure Load Balancing

to optimize the resource utilization if needed.

For LAN, you configure the wired internal network and how your devices logically separate from or

connect to each other by means of VLANs and interfaces. Advanced LAN features include IGMP

Snooping, DHCP Server and DHCP Options, PoE, Voice Network, Port Isolation, Spanning Tree, LLDP-

MED, and Bandwidth Control.

1. 1 Set Up an Internet Connection

Configuration

To set up an internet connection, follow these steps:

1 ) Configure the number of WAN ports on the gateway based on needs.

Configure the Network with Festa Cloud-Based Controller

2 ) Configure WAN Connections. You can set up the IPv4 connection, IPv6 connection, or both.

3 ) (Optional) Configure Load Balancing if more than one WAN port is configured.

Select WAN Mode Configure WAN Connections (Optional) Configure Load Balancing

Select a site from the drop-down list of Organization. Go to Settings > Wired Networks > Internet to

load the following page. In WAN Mode, configure the number of WAN ports deployed by the gateway

and other parameters. Then click Apply.

WAN Settings Overrides With this option disabled, the WAN settings of the newly adopted gateway in

standalone mode will take effect on the controller.

When this option is turned on, the gateway will use the configurations on the Controller

after adoption. Please make sure the configurations are correct. Otherwise the

gateway may be unable to access the internet after adoption. If the adopted device

does not support some pre-configurations, the relevant configurations will be deleted

after adoption.

Gateway Model Specify the gateway model and version. If you change the gateway, follow the web

instructions to select WAN ports and copy WAN port settings.

If the number of preconfigured WAN ports does not match the number of WAN ports

enabled in the adopted gateway, the gateway will automatically reboot after adoption.

Online Detection Interval Select how often the WAN ports detect WAN connection status. If you don’t want to

enable online detection, select Disable.

Online Detection results will influence whether Load Balancing and Link Backup

features take effect. The smaller the online detection interval, the faster Load

Balancing and Link Backup features will respond, and meanwhile more detection

packets will be sent.

Configure the Network with Festa Cloud-Based Controller

Select WAN Mode Configure WAN Connections (Optional) Configure Load Balancing

Note:

The number of configurable WAN ports is decided by WAN Mode.

• Set Up USB Modem Connection

Select a site from the drop-down list of Organization. Go to Settings > Wired Networks > Internet. In the

WAN Ports Config section, click the edit icon of USB Modem and configure the parameters.

Description Enter a description for identification.

USB Modem Display whether a USB modem is connected to the device and the name of the

connected USB modem.

Config Type Select a configuration type for the USB modem.

Auto: Use the Location and Mobile ISP information below for configuration.

Manually: Enter the Dial Number, APN, Username, and password provided by your

Mobile ISP.

Location Select your location.

Mobile ISP Select your mobile ISP.

Configure the Network with Festa Cloud-Based Controller

Message Display the current status of the SIM card.

SIM/UIM PIN (Optional) Enter the PIN of your SIM card.

The field is required when the following information appears in the Message: PIN

protection is enabled and the PIN is invalid.

Connection Mode

Select the connection mode.

Connect Automatically: The gateway will use the USB modem to connect to the

internet automatically.

Connect Manually: You need to turn on/off the internet manually on the device page,

refer to Monitor the Gateway.

Authentication

Mode

Select the Authentication mode for the USB modem. The default value is Auto, and it is

recommended to keep the default value.

MTU Size Specify the MTU (Maximum Transmission Unit) of the USB WAN port. The default value

is 1480, and it is recommended to keep the default value.

MTU is the maximum data unit transmitted in the physical network.

Use the following

DNS Servers

Enable the feature if you want to specify the Primary and Secondary DNS servers

manually.

• Set Up IPv4 Connection

Select a site from the drop-down list of Organization. Go to Settings > Wired Networks > Internet. In

the WAN Ports Config section, click the edit icon of a WAN port and configure the Connection Type

according to the service provided by your ISP.

Connection Type Dynamic IP: If your ISP automatically assigns the IP address and the corresponding parameters,

choose Dynamic IP.

Static IP: If your ISP provides you with a fixed IP address and the corresponding parameters,

choose Static IP.

PPPoE: If your ISP provides you with a PPPoE account, choose PPPoE.

L2TP: If your ISP provides you with an L2TP account, choose L2TP.

PPTP: If your ISP provides you with a PPTP account, choose PPTP.

Configure the Network with Festa Cloud-Based Controller

■ Dynamic IP

Choose Connection Type as Dynamic IP and configure the parameters.

Unicast DHCP With this option enabled, the gateway will require the DHCP server to assign the

IP address by sending unicast DHCP packets. Usually you need not to enable the

option.

Primary DNS Server /

Secondary DNS Server

Enter the IP address of the DNS server provided by your ISP if there is any.

Host Name Enter a name for the gateway.

MTU Specify the MTU (Maximum Transmission Unit) of the WAN port.

MTU is the maximum data unit transmitted in the physical network. When the

connection type is Dynamic IP, MTU can be set in the range of 576-1500 bytes.

The default value is 1500.

Internet VLAN Add the WAN port to a VLAN and you need to specify the VLAN ID. Generally, you

don’t need to manually configure it unless required by your ISP.

Internet VLAN Priority Priority is only available when Internet VLAN is enabled. The Internet VLAN

Priority function helps to prioritize the internet traffic based on your needs.

You can determine the priority level for the traffic by specifying the tag. The

tag ranges from 0 to 7. None means the packet will be forwarded without any

operation.

WAN IP Alias WAN IP Alias supports configuring multiple IP addresses on one WAN port, and

these IP addresses can be used to configure virtual server and other functions.

Configure the Network with Festa Cloud-Based Controller

■ Static IP

Choose Connection Type as Static IP and configure the parameters.

IP Address Enter the IP address provided by your ISP.

Subnet Mask Enter the subnet mask provided by your ISP.

Default Gateway Enter the default gateway provided by your ISP.

Primary DNS Server /

Secondary DNS Server

Enter the IP address of the DNS server provided by your ISP if there is any.

MTU Specify the MTU (Maximum Transmission Unit) of the WAN port.

MTU is the maximum data unit transmitted in the physical network. When the

connection type is Static IP, MTU can be set in the range of 576-1500 bytes. The

default value is 1500.

Internet VLAN Add the WAN port to a VLAN and you need to specify the VLAN ID. Generally, you

don’t need to manually configure it unless required by your ISP.

Internet VLAN Priority Priority is only available when Internet VLAN is enabled. The Internet VLAN

Priority function helps to prioritize the internet traffic based on your needs.

You can determine the priority level for the traffic by specifying the tag. The

tag ranges from 0 to 7. None means the packet will be forwarded without any

operation.

WAN IP Alias WAN IP Alias supports configuring multiple IP addresses on one WAN port, and

these IP addresses can be used to configure virtual server and other functions.

100

Configure the Network with Festa Cloud-Based Controller

■ PPPoE

Choose Connection Type as PPPoE and configure the parameters.

Username Enter the PPPoE username provided by your ISP.

Password Enter the PPPoE password provided by your ISP.

Get IP address from ISP With this option enabled, the gateway gets IP address from ISP when setting up

the WAN connection.

With this option disabled, you need to specify the IP Address provided by your

ISP.

Primary DNS Server /

Secondary DNS Server

Enter the IP address of the DNS server provided by your ISP if there is any.

101

Configure the Network with Festa Cloud-Based Controller

Connection Mode Connect Automatically: The gateway activates the connection automatically

when the connection is down. You need to specify the Redial Interval, which

decides how often the gateway tries to redial after the connection is down.

Connect Manually: You can manually activate or terminate the connection.

Time-Based: During the specified period, the gateway will automatically activate

the connection. You need to specify the Time Range when the connection is up.

Service Name KeepitblankunlessyourISPrequiresyoutoconfigureit.

MTU Specify the MTU (Maximum Transmission Unit) of the WAN port.

MTU is the maximum data unit transmitted in the physical network. When the

connection type is PPPoE, MTU can be set in the range of 576-1492 bytes. The

default value is 1492.

MRU Specify the MRU (Maximum Receive Unit) of the WAN port. MRU is the maximum

data unit transmitted in the Data link layer.

Internet VLAN Add the WAN port to a VLAN and you need to specify the VLAN ID. Generally, you

don’t need to manually configure it unless required by your ISP.

Internet VLAN Priority Priority is only available when Internet VLAN is enabled. The Internet VLAN

Priority function helps to prioritize the internet traffic based on your needs.

You can determine the priority level for the traffic by specifying the tag. The

tag ranges from 0 to 7. None means the packet will be forwarded without any

operation.

Secondary Connection Secondary connection is required by some ISPs. Select the connection type

required by your ISP.

None: Select this if the secondary connection is not required by your ISP.

Static IP: Select this if your ISP provides you with a fixed IP address and subnet

mask for the secondary connection. You need to specify the IP Address and

Subnet Mask provided by your ISP.

Dynamic IP: Select this if your ISP automatically assigns the IP address and

subnet mask for the secondary connection.

102

Configure the Network with Festa Cloud-Based Controller

■ L2TP

Choose Connection Type as L2TP and configure the parameters.

Username Enter the L2TP username provided by your ISP.

Password Enter the L2TP password provided by your ISP.

VPN Server / Domain Name Enter the VPN Server/Domain Name provided by your ISP.

Get IP address from ISP With this option enabled, the gateway gets IP address from ISP when setting up

the WAN connection.

With this option disabled, you need to specify the IP address provided by your

ISP.

Primary DNS Server /

Secondary DNS Server

Enter the IP address of the DNS server provided by your ISP if there is any.

103

Configure the Network with Festa Cloud-Based Controller

Connection Mode Connect Automatically: The gateway activates the connection automatically when

the connection is down. You need to specify the Redial Interval, which decides

how often the gateway tries to redial after the connection is down.

Connect Manually: You can manually activate or terminate the connection.

Time-Based: During the specified period, the gateway will automatically activate

the connection. You need to specify the Time Range when the connection is up.

MTU Specify the MTU (Maximum Transmission Unit) of the WAN port.

MTU is the maximum data unit transmitted in the physical network. When the

connection type is L2TP, MTU can be set in the range of 576-1460 bytes. The

default value is 1460.

Internet VLAN Add the WAN port to a VLAN and you need to specify the VLAN ID. Generally, you

don’t need to manually configure it unless required by your ISP.

Internet VLAN Priority Priority is only available when Internet VLAN is enabled. The Internet VLAN Priority

function helps to prioritize the internet traffic based on your needs. You can

determine the priority level for the traffic by specifying the tag. The tag ranges

from 0 to 7. None means the packet will be forwarded without any operation.

Secondary Connection Select the connection type required by your ISP.

Static IP: Select this if your ISP provides you with a fixed IP address and subnet

mask for the secondary connection. You need to specify the IP Address, Subnet

Mask, Default Gateway (Optional), Primary DNS Server (Optional), and Secondary

DNS Server (Optional) provided by your ISP.

Dynamic IP: Select this if your ISP automatically assigns the IP address and subnet

mask for the secondary connection.

104

Configure the Network with Festa Cloud-Based Controller

■ PPTP

Choose Connection Type as PPTP and configure the parameters.

Username Enter the PPTP username provided by your ISP.

Password Enter the PPTP password provided by your ISP.

VPN Server / Domain Name Enter the VPN Server/Domain Name provided by your ISP.

Get IP address from ISP With this option enabled, the gateway gets IP address from ISP when setting up

the WAN connection.

With this option disabled, you need to specify the IP address provided by your

ISP.

Primary DNS Server /

Secondary DNS Server

Enter the IP address of the DNS server provided by your ISP if there is any.

Connection Mode Connect Automatically: The gateway activates the connection automatically when

the connection is down. You need to specify the Redial Interval, which decides

how often the gateway tries to redial after the connection is down.

Connect Manually: You can manually activate or terminate the connection.

Time-Based: During the specified period, the gateway will automatically activate

the connection. You need to specify the Time Range when the connection is up.

105

Configure the Network with Festa Cloud-Based Controller

MTU Specify the MTU (Maximum Transmission Unit) of the WAN port.

MTU is the maximum data unit transmitted in the physical network. When the

connection type is PPTP, MTU can be set in the range of 576-1420 bytes. The

default value is 1420.