Honeywell Vx9 Manual
Have a look at the manual Honeywell Vx9 Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 178 Honeywell manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
6 - 7 Aggressive Scan On When set to On and the current connection to an AP weakens, the radio ag- gressively scans for available APs. Aggressive scanning works with standard scanning (set through Roam Trig- ger, Roam Delta and Roam Period). Aggressive scanning should be set to On unless there is significant co-channel interference due to overlapping APs on the same channel. Options are: On, Off CCX FeaturesOptimized Use of Cisco Compatible Extensions (CCX) radio management and AP specified maximum transmit power features. Options are: Full - Use Cisco IE and CCX version number, support all CCX features. The option known as “On” in previous versions. Optimized –Use Cisco IE and CCX version number, support all CCX fea- tures except AP assisted roaming, AP specified maximum transmit power and radio management. Off - Do not use Cisco IE and CCX version number. Cisco IE = Cisco Information Element. WMM Off Use of Wi-Fi Multimedia extensions. Auth Server Type 1 Specifies the type of authentication server. Options are: Type 1 (ACS server) and Type 2 (non-ACS server) TTLS Inner MethodAuto-EAP Authentication method used within the secure tunnel created by EAP-TTLS. Options are: AUTO-EAP (Any available EAP method), MSCHAPV2, MSCHAP, PAP CHAP, EAP-MSCHAPV2 PMK Cach- ingStandard Type of Pairwise Master Key (PMK) caching to use when WPA2 is in use. PMK caching is designed to speed up roaming between APs by allowing the client and the AP to cache the results of 802.1X authentications, eliminating the need to communicate with the ACS server. Standard PMK is used when there are no controllers. The reauthentication information is cached on the original AP. The client and the AP use the cached information to perform the four-way handshake to exchange keys. Opportunistic PMK (OPMK) is used when there are controllers. The reauthentication information cached on the controllers. The client and the controller behind the AP use the cached in- formation to perform the four-way handshake to exchange keys. If the selected PMK caching method is not supported by the network infra- structure, every roam requires full 802.11X authentication, including interac- tion with the ACS server. If the active profile is using WPA2 CCKM, the global PMK Caching setting is ignored and the client attempts to use CCKM. Options are: Standard, OPMK TX Diversity On How to handle antenna diversity when transmitting packets to the Access Point. Options are: Main only, Aux only, and On. RX Diversity On-start on MainHow to handle antenna diversity when receiving packets from the Access Point. Options are: Main only, Aux only, On-start on main, and On-start on Aux. Frag Thresh 2346 If the packet size (in bytes) exceeds the specified number of bytes set in the fragment threshold, the packet is fragmented (sent as several pieces in- stead of as one block). Use a low setting in areas where communication is poor or where there is a great deal of wireless interference. Options are: Any number between 256 bytes and 2346 bytes. RTS Thresh 2347 If the packet size exceeds the specified number of bytes set in the Request to Send (RTS) threshold, an RTS is sent before sending the packet. A low RTS threshold setting can be useful in areas where many client devices are associating with the Access Point. This parameter cannot be changed. LED Off The LED on the wireless card is not visible to the user when the wireless card is installed in a sealed mobile device. Options are: On, Off. PropertyDefault ValueExplanation
6 - 8 Tray Icon N/A The tray icon is not displayed when the Thor VX9 is running a Windows Em- bedded Standard 2009, Windows Embedded Standard 7 or Windows 7 Pro- fessional operating system. Admin PasswordSUMMIT (or Blank)A string of up to 64 alphanumeric characters that must be entered when the Admin Login button is tapped. If Hide Password is On, the password is masked when typed in the Admin Password Entry dialog box. The password is case sensitive. This value is masked when the Admin is logged out. Options are: none. Auth Timeout 8 seconds Specifies the number of seconds the Laird software waits for an EAP au- thentication request to succeed or fail. If the authentication credentials are stored in the active profile and the au- thentication times out, the association fails. No error message or prompting for corrected credentials is displayed. If the authentication credentials are not stored in the active profile and the authentication times out, the user is again prompted to enter the credentials. Options are: An integer from 3 to 60. Certs Path C:\Program Files\Laird\ CertsA valid directory path, of up to 64 characters, where WPA Certificate Author- ity and User Certificates are stored on the mobile device when not using the Windows certificates store. Ensure the Windows folder path exists before assigning the path in this parameter. See Certificates (page 6-64) for in- structions on obtaining CA and User Certificates. This value is masked when the Admin is logged out. Options are: none. The complete path is C:\Program Files\Laird\certs Supplicant Laird Selected the supplicant to be used, Laird or Third Party. When Laird is se- lected the LCM is used to configure the radio, When Third Party is selected the LCM is not used to configure the radio. Auto Profile Off Determines if this profile PropertyDefault ValueExplanation
6 - 9 Admin Login To login to Administrator mode, enter the admin password and tap the Login button. Once logged in, the button label changes to Logout. The admin is automatically logged out when the LCM is exited. Enter the Admin password (the default password is SUMMIT and is case sensitive) and tap OK. If the pass- word is incorrect, an error message is displayed. The Administrator default password can be changed on the tab. The end-user can: Turn the radio on or off on the Configuration tab. Select an active Profile on the Configuration tab. View the current parameter settings for the profiles on the Profile tab. View the global parameter settings on the Globals tab. View the current connection details on the Status tab. View radio status, software versions and regulatory domain on the Diagnostics tab. Access additional troubleshooting features on the Diagnostics tab. After Admin Login, the end-user can also: Create, edit, rename and delete profiles on the Profile tab. Edit global parameters on the Globals tab.
6 - 10 Diagnostics Start > All Programs > Laird > Laird Configuration Manager > Diagnostics tab The Diagnostics screen can be used for troubleshooting network traffic and radio connectivity issues. This screen displays the status of the Wi-Fi radio. About – Use this button to view the version of the LCM and other software information. Advanced – Use this to access details status information, ping tools and other utilities. Status The Status screen shows the active profile and connection details.
6 - 11 Ping The Ping screen is used to ping another device. IP - Displays the IP address of the Thor VX9 Use the text box at the upper right to enter the IP address to ping. Information on the selected function is dis- played in the output box in the center of the screen. Start (Stop) - Start a continuous ping to the IP address specified in the text box in the upper right of this screen. Once the button is clicked, the ping begins and the button label changes to Stop. Clicking the button ends the ping. The ping also ends when any other button on this screen is clicked. The results of the ping are displayed in the output box. The parameters below are used to configure the ping process: Renew IP – Obtain a new IP address through release and renew. All activity is logged in the output box. If a fixed IP address has been assigned to the radio, this is also noted in the Diagnostic Output box. Note that the current IP address is displayed above this button. Reconnect – Use this button to apply (or reapply) the current profile and attempt to associate or authenticate to the wireless LAN. All activity is logged in the output box.Parameter Default Description Delay (ms) 1000 The amount of time, in milliseconds, between each ping after a Start Ping button tap. Options are: Any number between 0 and 30000 ms. Timeout (ms) 5000 The amount of time, in milliseconds, that a device will be continuously pinged. The Stop Ping button can be tapped to end the ping process ahead of the ping timeout. Options are: Any number between 0 and 30000 ms. Payload 32 bytes Maximum amount of data to be transmitted on a ping. Options are: 32 bytes, 64, 128, 256, 512, or 1024 bytes.
6 - 12 Utilities This screen displays the regulatory domain and logging options. Reg. Domain: The regulatory domain for which the network card is configured. Use the pull down list to select the desired level of logging: Disabled (no logging, default) 1- Text (Low) 2 - Text 3 - Text (High) 4 - Serial (Low) 5 - Serial 6 - Serial (High) Dump Location - Tap this button and browse to save the log files. Using a standard Windows explorer interface a file name and location can be specified. The default is to save the log file as sdc_diags.txt in the Windows Docu- ments Library. Import/Export - Use this option to import radio configuration from or export radio configuration to a file. Use the browse feature to specify location and file name.
6 - 13 Sign-On vs. Stored Credentials When using wireless security that requires a user name and password to be entered, the Laird Configuration Manager offers these choices: The Username and Password may be entered on the Credentials screen. If this method is selected, anyone using the device can access the network. The Username and Password are left blank on the Credentials screen. When the device attempts to connect to the network, a sign on screen is displayed. The user must enter the Username and Password at that time to authenticate. When using LCM with the Thor VX9, there is an option on the Global tab to use the Windows user name and password to log on instead of any username and password stored in the profile. To Use Stored Credentials 1. After completing the other entries in the profile, scroll down for the credentials entry. 2. Enter the Username and Password. 3. Click the Commit button. 4. For LEAP and WPA/LEAP, configuration is complete. 5. Importing the CA certificate into the Windows certificate store is optional. 6. For EAP-TLS, import the User Certificate into the Windows certificate store. 7. Return to the Profile tab. 8. Select the CA certificate. The certificate can be specified by file name (from the Certs path), a certificate selected from the Windows certificate store or the full certificate store. 9. For EAP-TLS, select the User Cert (User Certificate filename). 10. If using EAP FAST and manual PAC provisioning, input the PAC filename and password. 11. Click the Commit button. 12. If changes are made to the stored credentials, click Commit to save those changes before making any additional changes to the profile or global parameters. 13. Verify the device is authenticated by reviewing the Status tab. When the device is property configured, the Status tab indicates the device is Authenticated and the method used. Note: See Configuring the Profile (page 6-16) for more details. Note: If invalid credentials are entered into the stored credentials, the authentication will fail. No error message is displayed. The user may or may not be prompted to enter valid credentials. To Use Sign On Screen 1. After completing the other entries in the profile, leave the user name and password blank. 2. Importing the CA certificate into the Windows certificate store is optional. 3. For EAP-TLS, import the User Certificate into the Windows certificate store. 4. Select the CA certificate. The certificate can be specified by file name (from the Certs path), a certificate selected from the Windows certificate store or the full certificate store. 5. For EAP-TLS, select the User Cert (User Certificate filename). 6. If using EAP FAST and manual PAC provisioning, input the PAC filename and password. Windows 7 Professional and Windows Embedded Standard 7 only: The credentials login and password entry window may not always display in the foreground. When the Thor VX9 attempts to connect to the network, click the flashing icon in the Notification bar to display the login screen. Enter the user name and password and click OK to close the window. This procedure may need to be followed after the following events: The Thor VX9 returns from sleep, hibernate or sleep The Thor VX9 is restarted A different active profile is selected from the Configuration tab Invalid credentials have been entered
6 - 14 7. Click the Commit button. 8. When the device attempts to connect to the network, a sign-on screen is displayed. 9. Enter the Username and Password. Click the OK button. 10. Verify the device is authenticated by reviewing the Status tab. When the device is property configured, the indi- cates the device is Authenticated and the method used. 11. The sign-on screen is displayed after a reboot. Note: See Configuring the Profile (page 6-16) for more details. If a user enters invalid credentials and clicks OK, the device associates but does not authenticate. The user is again prompted to enter credentials. If the user clicks the Cancel button, the device does not associate. The user is not prompted again for credentials until: the device is rebooted, the radio is disabled then enabled, the Reconnect button on the is clicked or the profile is modified and the Commit button is clicked.
6 - 15 Windows Certificate Store vs. Certs Path Note: It is important that all dates are correct on the Thor VX9 and host computers when using any type of certificate. Certificates are date sensitive and if the date is not correct authentication will fail. User Certificates EAP-TLS authentication requires a user certificate. The user certificate must be stored in the Windows certificate store. To generate the user certificate, see Generate a User Certificate (page 6-68). To import the user certificate into the Windows certificate store, see Install a User Certificate (page 6-70). A Root CA certificate is also needed. Refer to the section below. Root CA Certificates Root CA certificates are required for EAP/TLS, PEAP/GTC and PEAP/MSCHAP. Two options are offered for storing these certificates. They may be imported into the Windows certificate store or copied into the Certs Path directory. Certs Path 1. See Generate a Root CA Certificate (page 6-64) and follow the instructions to download the Root Certificate to a PC. 2. Copy the certificate to specified directory on the mobile device. The default location for Certs Path is C:\Pro- gram Files\Laird\certs. A different location may be specified by using the Certs Path global variable. 3. On the Profile tab, select File Name for the CA Cert property 4. Enter the certificate name in the pop-up window and tap OK. 5. Tap Commit to save the profile changes. Windows Certificate Store 1. See Generate a Root CA Certificate (page 6-64) and follow the instructions to download the Root Certificate to a PC. 2. To import the certificate into the Windows store, See Install a Root CA Certificate (page 6-66). 3. Either a specific certificate or the whole certificate store can be used. Profile tab, choose Use Full MS Store to use all certificates in the store. Profile tab, choose Select Cert for the CA Cert property. From the pop-up window, select the desired certificate and tap OK. 4. Tap Commit to save the profile changes. If using the Windows Certificate Store, the Windows Account must have a password. The password cannot be left blank. The Laird Configuration Manager uses the Windows user account credentials to access the Certificate Store. The Windows user account credentials need not be the same as the credentials entered in the Laird Configuration Manager. !
6 - 16 Configuring the Profile Use the instructions in this section to complete the entries on the Profile tab according to the type of wireless security used by your network. The instructions that follow are the minimum required to successfully connect to a network. Your system may require more parameters than are listed in these instructions. Please see your system administrator for complete infor- mation about your network and its wireless security requirements. To begin the configuration process: From the Configuration tap Manage Profiles > Admin Login. Enter the password and tap Login. If using a single profile, edit the default profile with the parameters for your network. Select the Default profile from the pull-down menu. Make any desired parameter changes as described in the applicable following section determined by network security type and click the Commit button to save the changes. IMPORTANT – Remember to click the Commit button after making changes to ensure the changes are saved. The LCM may display a reminder if the Commit button is not clicked before an attempt is made to close or browse away from the tab in focus if there are unsaved changes. If changes are made to the stored credentials, click Commit to save those changes first before making any additional changes.