The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Follow these steps to access the Cisco Aironet 600 Series OfficeExtend access point GUI.
Step 1 Connect your laptop to the local Ethernet port 1, or 2 on the 600 Series OfficeExtend access point.
Note Ethernet port 4 (Remote LAN port) may not be used to configure the 600 Series OfficeExtend access point.
Step 2 With the 600 Series OfficeExtend access point connected to your home router/gateway as described in the procedure “Installing the Access Point” section, enter the IP address of the 600 Series OfficeExtend access point in the Address field of your Internet browser (http://<ap-ipaddress>) and click Go.
Note The default IP address is 10.0.0.1.
Note Make sure your laptop is not connected to your company’s network using a virtual private network (VPN) connection.
The 600 Series Office Extend Access Point Login page is displayed.
Step 3 When prompted, enter the username and password to log into the access point.
Note The default username and password are admin and admin.
The 600 Series OfficeExtend Access Point welcome page is displayed.
Step 4 On the 600 Series OfficeExtend Access Point welcome page, click Enter. The 600 Series Office Extend Access Point Home page is displayed.
Figure 2-1 Home Page with AP Info Tab View
The GUI consists of these pages:
Note When modifying any of the settings described in the following sections, ensure that you click Apply for the settings to take effect.
This is a multi-tab page shows general information about the AP settings, information about configured Local SSIDs and available Corporate SSIDs, and a summary of the client association statistics. It contains the following tabs:
The AP Info tab (see Figure 2-1) shows the access point name, IP address, AP mode, AP MAC address, AP uptime, software version, CAPWAP status, and WAN gateway status.
This page also shows radio-specific information including status, frequency/channel, transmit power, number of packets in and out, and number of bytes in and out.
The CAPWAP status shows the status of the AP’s CAPWAP connection with the controller. The CAPWAP status can be:
If the WAN connection is established and the AP’s Gateway is reachable then the WAN status is shown as Reachable, else it is shown as Not Reachable.
The SSID tab (see Figure 2-2) lists configured Local SSIDs and available Corporate SSIDs and the configured security policy. Additionally, for Corporate SSIDs, split-tunnel status is also displayed.
The Client tab (see Figure 2-3) give the details of associated clients with Local as well as Corporate SSIDs. For each connected client, this page reports the client MAC address, WLAN SSID, elapsed association time, number of bytes in and out, number of duplicates and retries, and the number of failed decryptions.
This page which allows you to configure different options like personal SSID, local DHCP server, etc.
The Configuration page is a multi-tab page which allows you to configure the following options:
The main options that can be configured on this page are:
Wherever applicable, default values will be shown.
The System tab (see Figure 2-4) displays general system information, such as username and password for the access point and radio interface information.
Figure 2-4 Configuration–System Tab
The SSID tab (see Figure 2-5) contains the fields necessary for you to configure and set up security for your personal SSIDs.
Figure 2-5 Configuration–SSID Tab
The Configuration DHCP tab (see Figure 2-6) contains the fields necessary for you to change your DHCP scope.
Figure 2-6 Configuration–DHCP Tab
The Configuration WAN tab (see Figure 2-7) contains the fields necessary for you to configure the IP address of the Wireless LAN controller on your access point.
Figure 2-7 Configuration-WAN Tab
The Firewall page (see Figure 2-8) allows you to enable or disable the firewall feature on the AP. If enabled, the Firewall Mode shows Firewall Enabled.
To disable the firewall, from the drop-down list choose Disabled, and then click Apply. The firewall is disabled by default.
The following firewall settings are available:
Note All firewall settings are applicable on the WAN port for local traffic (traffic sent directly to the Internet, and not to the corporate network). Firewall protection for CAPWAP traffic and traffic sent through the controller to the corporate office is configured and monitored on the WLC.
Figure 2-8 Configuration–Firewall Page
The order of precedence of the firewall settings is as given below:
The filters you can apply are categorized into the two sections – LAN Application Access and LAN Access Client. See Figure 2-9.
Figure 2-9 Firewall–Filtering Page
Using the LAN Application Access set of filters (see Figure 2-9) you can enable or disable for LAN clients, the access to certain pre-configured applications on the Internet. This filter also provides an easy way of granting access for a non-Admin end user.
You can enable or disable access to the following 10 pre-configured application types. This configuration allows LAN machines to access, through the OEAP, the selected applications and services over the Internet:
The LAN Access Client set of filters (see Figure 2-9) provide a more fine grained but controlled unblocking of packets based on protocol, port, and IP range. This configuration also allows LAN devices to access, through the OEAP, the selected applications and services over the Internet. A maximum of 10 such filters are allowed. You need to specify the protocol (TCP/UDP), LAN client IP range and destination port range to configure each filters.
The Port Forwards settings (see Figure 2-10) allow you to configure port forwarding rules for packets from WAN port to Local LAN clients and back. A maximum of 10 Port Forwards can be set, but the ranges should not overlap and should be of the same size. Every rule takes protocol (TCP/UDP), WAN port range, Local LAN client IP (where traffic will be forwarded), and LAN port range as parameters.
Figure 2-10 Firewall–Forwarding Settings Page
The DMZ feature allows one network computer connected to a local LAN or WLAN to be exposed to the Internet for using special-purpose services such as Internet gaming. The DMZ feature forwards all the ports terminating on a WAN IP (set as the DMZ IP Address) at the same time to one PC.
The DMZ feature, if enabled, will forward all incoming WAN packets to the LAN machine, except the CAPWAP control/data and packets which are destined to any ports and which have a port forwarding rule. The DMZ feature is not applicable to corporate networks such as Remote-LAN and Corp WLAN.
However, the Port Forwards feature is more secure, compared to DMZ feature because the former only opens the ports you want to have opened, while DMZ opens all the ports of one computer, exposing the computer to the Internet/WAN.
The Download/Upload page (see Figure 2-12) allows the following functions;
Figure 2-12 Download/Upload Page
This page shows you the logged errors and allows you to clear the log. Click Clear to clear the log.
The Network Diagnostics page (see Figure 2-13) allows you to run the Speed Test and Link Test for the Network between AP and Controller. To run diagnostics, click Start Diagnostics.
Figure 2-13 Network Diagnostics
The functionalities of the Network Diagnostics page are as follows:
Note You can run the Speed and Link tests from the AP’s GUI, the controller’s GUI, and the controller’s CLI.
Running Network Diagnostics via Controller CLI
From the wireless LAN controller CLI, you can use the following command to run network diagnostics:
show ap network-diagnostics ap-name
Running Network Diagnostics via Controller GUI
You can initiate the network diagnostics tests from the Network Diagnostics tab in the controller GUI. This tab is available at Wireless > All APs > Details.