Alcatel Lucent Stellar WLAN OmniAccess Stellar Range Instruction Manual

Alcatel Lucent Stellar WLAN OmniAccess Stellar Range

Product Information

Specifications

• Product Name: OmniAccess Stellar AP
• Operating System: AWOS Release 4.0.8
• Hardware Supported : AP1411, AP1431, AP1451, and more
• Software Features : DRM Enhancement, 6GHz Feature Implementations, Wi-Fi Enhanced OpenTM, Mesh Enhancement, ICMP Filtering Policy, Voice/Video awareness events/logging, and more

Product Usage Instructions

Installation

1. Read all sections of the release notes before installing new hardware or loading new software.
2. Ensure compatibility with supported hardware and software versions.
3. Follow the specific installation instructions provided in the user manual.

Configuration

1. Access the device configuration settings through the designated interface.
2. Configure the desired features based on your requirements.
3. Save configurations to ensure settings are retained.

Troubleshooting

1. If encountering issues, refer to the troubleshooting section of the user manual.
2. Follow the recommended steps to diagnose and resolve problems.
3. Contact customer support for further assistance if needed.

FAQ

• Q: What should I do if the device does not connect to the network?
  • A: Check the network settings and ensure proper configuration. Verify cable connections and network availability.
• Q: How can I update the device firmware?
  • A: Follow the firmware update instructions provided in the user manual. Download the latest firmware from the official website and proceed with the update process.
• Q: Can I extend the Wi-Fi coverage of the device?
  • A: Yes, you can extend the coverage by strategically placing additional access points and configuring them to create a mesh network.

Release Notes

OmniAccess Stellar AP

AWOS Release 4.0.8 – GA Release

These release notes accompany the OmniAccess Stellar Operating System (AWOS) Release 4.0.8 software for the Stellar APs. This document provides important information on individual software and hardware features. Since much of the information in the release notes is not included in the hardware and software user manuals, it is important to read all sections of this document before installing new hardware or loading new software.

Release Notes
Part Number 033753-10 Rev. A

Alcatel-Lucent Enterprise. Copyright © 2024. All rights reserved.

Related Documentation

The release notes should be used in conjunction with the associated manuals as listed below.
User manuals can be downloaded at: https://myportal.al- enterprise.com/.dfdf.

Stellar AP Quick Start Guide

The Quick Start Guide assists you in quickly connecting to and configuring the Stellar AP.

Stellar AP Installation Guide

Provides technical specifications and installation procedures for the Stellar AP.

Stellar AP Configuration Guide

Includes procedures for managing and configuring all aspects of the Stellar AP using the built-in web interface.

Technical Tips, Field Notices, Upgrade Instructions

Contracted customers can visit our customer service website at: https://myportal.al-enterprise.com/.

Hardware Supported

AP1101, AP1201, AP1220 series, AP1230 series, AP1251, AP1251-RW-B, AP1261-RW-B, AP1201H, AP1201L, AP1201HL, AP1320 series, AP1360 series, AP1201BG, AP1301, AP1301H, AP1311, AP1331, AP1351, AP1451, AP1431, AP1411.

Supported Mode

The AWOS 4.0.8.16 is ONLY applicable for Express mode and OmniVista Cirrus 10.4.2, can NOT be used for OmniVista 2500 and OmniVista Cirrus 4.

New Software Features and Enhancements

The following software features are new with this release, subject to the feature exceptions and problem reports described later in these release notes:

Whitelist configuration for social login and external portal – Allow wildcard (Express & OVNG)| All
DFS Radar detection analytics (OVNG)| All
Voice/Video awareness events/logging (Express & OVNG)| Except AP1101, AP1201H, AP1201HL, AP1201L, AP1261-RW-B
AP should include PMF capability of clients in user. report (OVNG)| Except AP1101, AP1201H, AP1201HL, AP1201L, AP1261-RW-B
AP should report PoE and txchain fields in apinfo.report (OVNG)| Except AP1101, AP1201H, AP1201HL, AP1201L, AP1261-RW-B
Device Troubleshooting Enhancements in AP| All
Dynamic VLAN support (Express)| All Wi-Fi 6/6E products: AP1320 series, AP1360 series, AP1301, AP1301H, AP1311,

AP1331, AP1351, AP1451, AP1431, AP1411

Add current thresholds to apinfo.report| Except AP1101, AP1201H, AP1201HL, AP1201L, AP1261-RW-B
AWOS add “hostname” in DHCP request (Express & OVNG)| All
No Wired port show when view port of AP1301H/1311 when no client is connected (OVNG)| Except AP1101, AP1201H, AP1201HL, AP1201L, AP1261-RW-B
Client Isolation functionality should be extended to Wired downlink ports on Access Points (Express)| AP1201H, AP1201HL, AP1301H, AP1311

Note: ICMP Filtering Policy (OVNG) is ready on AWOS build, OVNG is going to be supported on OVNG 10.4.4.

Fixed Problem Reports Between Build 4.0.7MR4 and 4.0.8.16

ALEISSUE-1767

Case number: 00710455

| Summary:

Atrium#00710455 – Stellar AP lost config, rebooting the AP solved the issue.

**Explanation:**

It is optimized in some cases AP does not get pre-config from OmniVista Cirrus 10:

 | 1.    In some cases AP is not getting the preconfig. In this case AP will use the config present in its flash if there is one already present.

2.   If Administrators execute save to running-config on OmniVista Cirrus 10 and AP gets an empty preconfig, AP will not save the empty one.

****Click for additional information

---|---

Open/Known Problems

The problems listed here include problems known at the time of the product’s release. Any problems not discussed in this section should be brought to the attention of the Service and Support organization as soon as possible. Please contact customer support for updates on problem reports (PRs) where no known workaround was available at the time of release.

applications, there is no restrictions (packets are not dropped by AP, no redirection to Restricted Web page).| No workaround.
Management VLAN| When the management VLAN is enabled, setting the static IP may fail.| The static IP must be set first, and then enable the management VLAN.
DPI| [reflexive] configure link tracking. DPI_DROP does not take effect.| After modifying the reflexive, the client needs to go online and offline again, which can return to normal.
AP stateful IPv6 address| The IPv6 address of the dual-stack AP is a stateful address. After configuring the open type of WLAN, to associate the WLAN with the wireless network card of win 7 11n set to single-stack V6, check the network on-off condition of the V6 address.| When you manually configure a V6 address of the same network segment on the client as the gateway address, you can communicate with the same network address.
DPI FTP policy| Create one policy list binding and two policies, resulting that the user not accessing the FTP.| No workaround.
WCF| WCF does not support L3 roaming scenarios.| No workaround.
Option82| After enabling the option82 feature, in some scenarios, user roaming and reacquiring IP addresses can cause a brief broadcast storm.| Will be fixed in future release.
AP1411 Radio Configuration| After switching the radio, the previously unused band is set to a disabled state (Express).| Manually enable the band in AP RF.
SNMPv3| Some special characters can cause SNMP communication issues. The special characters include the following: $,”,()| Don’t using these special characters.
6G wIPS| 6G radio does not support the wIPS feature.| Will be supported in future releases.
mDNS| AP1411/AP1431 does not support the mDNS feature.| Will be supported in future releases.
ALEISSUE-1529| AP1101 rebooted due to kernel panic.| Will be fixed on AWOS 5.0.1.
DPI| DPI memory leak issue.| Will be fixed in future releases.
Mesh| 1.If AP working on DFS channel, the client/mesh client can’t connect to AP.| 1. Change the channel to a non-DFS channel.

2. Will be fixed in future release.

 | 2. Create new WLAN on band different from Mesh, will cause reconnect on mesh network.|
---|---|---
PPSK| PPSK feature on the AP applied an error VLAN to client.| Enable MAC authentication. Will be fixed on AWOS 4.0.7MR5
Force 5G| The Force 5G feature does not work for certain clients.| Will be fixed on AWOS 4.0.7MR5
Client Isolate| The client can’t access the network in Mesh non-root AP and Client Isolate is enabled on WLAN.| Disable Client Isolate.

Will be fixed on AWOS 4.0.7MR5

Captive Portal| The client can access the network without CP authentication in roaming scenarios.| Set a default ARP in the Authentication Strategy.
WIPS| The module loading configuration is abnormal.| Will be fixed on AWOS 4.0.7MR5
Dynamic VLAN| 1.    When dynamic VLAN is assigned for client, ACL and Client isolation for wired user will not take effect.

2.    When client roaming with dynamic VLAN, client IP may not be displayed on UI.

3.    Kick off iPhone client, and then connect to WLAN with dynamic VLAN, it can’t obtain IP address sometimes, it can be recovered by forgetting the network and connect again. No issue on another type of client.

| Will be supported in future releases.
Enhanced Open| Modify Enhanced Open WLAN to Open, Client can’t obtain IP address, this issue happens only on AP1101.| Disable/Enable WLAN.

Will be fixed in future releases.

WLAN Scope| Modify existing PSK WLAN Scope type from all to specific AP, client can’t connect to this WLAN, the issue only happens on AP1431.| Will be fixed on AWOS 5.0.1/AWOS 4.0.7MR5.
Static WEP| Wireless client can still connect to WLAN when the configured index value different from the WLAN’s index.| Will be fixed in future releases.
Wired Client| For devices that support a downlink port, there are issues below:

1.    Wired Client will go offline and online when modifying Wireless WLAN or Downlink port config.

2.    Plug and unplug Wired Client to OAW-AP1301H and move it to other ports of Switches in the same LAN, then plug it back to OAW-AP1301H, will cause an FDB learn error in rare cases. Disable and enable the corresponding port can recover.

| Will be fixed in future release.
DSCP| When configuring tagged VLAN ID on 5G WLAN, DSCP does not take effect.| Will be fixed in future release.

Limitations and/or Dependencies

2.    WCF does not support blocking mobile application access. Client’s packets are not restricted (packet not dropped by AP, no redirection to Restricted Web Page)

 |  | 3.    WCF does not support RAP scenario.

4.    When using Iphone roaming between Aps, the reject page can’t be redirected when using Safari, but it works ok for another browser such as Chrome

5.    If the mobile device has already cached the DNS for the corresponding URL, the WCF functionality will not take effect.

6.    WCF Feature is not supported when WLAN Client enabled secure DNS (DoT or DoH)

---|---|---
HTTPs CP over proxy| All| For iOS does not support configuring URL to bypass the proxy, this function does not work on iOS devices.
AP 802.1x

client

| All| Wireless clients can’t connect to internet on untag VLAN with AOS switch due to AOS switch treat all untag devices as 802.1x client.
Wired Port| AP1201HL| 1.    AP1201HL switches to a Group with downlink configuration, wired client cannot access it.

2.    AP1201HL enables trust tag and option 82, wired client may not obtain IP address

DRM| All| In some cases, when the channel utilization reaches more than 90%, the channel does not switch automatically, which seriously affects the user experience.
IGMP Snooping| All Stellar Wi-Fi 6 AP

Models

| For 11AX devices, if there is no multicast querier in the environment, the conversion from multicast to unicast may fail. We recommend that the switch of IGMP Snooping

feature be turned on by default.

Mesh| All| Multicast to unicast is not supported in Mesh mode.
DPI| AP1201/ AP1220

series/ AP1251

| When DPI function is enabled, it is recommended to have an initial free memory size of about 30MB after AP booting up for system stable running. If the booting up free

memory size is far less than 30MB, suggest removing unnecessary WLAN/VLAN/Policy/DPI rule on AP1201/AP1220/AP1251.

Bypass VLAN| AP1201H/ AP1201HL| If the bypass VLAN function is enabled, setting VLAN id A, and setting the management VLAN to tag VLAN id is also A, which will cause the AP itself to be

inaccessible and affect the operation of AP. Therefore, there is a restriction here that the tag for managing VLAN cannot be the same as bypass.

mDNS| AP1201H/ AP1201HL

/AP1261- RW-B

| AP1201H/1201HL/AP1261-RW-B Downlink Terminal does not support mDNS message forwarding.
Show device name| All| When some clients connect to wlan, there is no option12 field in the dhcp message, so its hostname cannot be displayed.
Management VLAN

Static IP LACP

| AP1351/A P1451| When configure LACP + Management VLAN + Static IP for AP1351, the network will not be reachable after AP reboot if LACP aggregated link is formed, the workaround of this issue should be disable LACP on switch side.
Link aggregation| All| Link aggregation with management VLANs has a certain probability of failure
Link aggregation| AP1351| There is very low probability on AP1351 that ethernet PHY fail to receive messages in the scenario of link aggregation.
ALEISSUE-1294| All| This improvement might cause some lower version of SSH clients cannot connect to Stellar AP running this new build, upgrade SSH client version will avoid this problem.
ALEISSUE-1343| AP1201H( L)| VLAN 4090-4094 is not allowed configured.
11K| Aps without

scan radio

| To make sure 11k function work as expected，we should configure the AP background scanning on “Working Channel and Non-working Channel”.
Client Isolation| All| 1.  Client A connects to WLAN1 with ARP1, and Client B connects to WLAN2 with ARP2, in this case, If Client A and B need to communicate to each other, both of the two clients need to be added into the whitelist, either one of the Clients add into whitelist can’t ensure communication between these two clients.

2.  In case of Express mode, configure WLAN using internal portal + external MAC authentication, client isolation will not work, suggest using internal or external

portal authentication only.

Express mode WLAN number| All| Starting with AWOS 4.0.5 in Express mode, we can create 15 user SSIDs on clusters with following models.
 |  | •  AP1301H, AP132x, AP1331, AP136x, AP1351 & AP1451

If a cluster has any of the following models, limit remains at 7 user SSIDs.

•  AP1311, AP1301, AP12xx and AP1101

---|---|---
ALEISSUE-1367| All| OV IP was not supposed to be included in the local breakout IP range.
RAP wired downlink port| All Stellar AP with downlink wired

port.

| 1.  Trust tag VLAN ID should not be same as Mac VLAN ID.

2.  After enabled trust tag, should not use VLAN0.

3.  Don’t support authentication and policy rules.

Certificate management| All| In express mode, the password of the certificate does not support special characters.
WPA3+11r| All| Some clients do not support WPA3+11r.
Dynamic VLAN| All Stellar Wi-Fi 6 AP

Models

| For Dynamic VLAN is only supported for all Wi-Fi 6 AP models under Express mode, it is not suggested to enable the function when there is Wi-Fi 5 APs in this Cluster.

There will be roaming issues when client roams between Wi-Fi 6 and Wi-Fi 5 APs.

Enhanced Open Transition Mode| All| Mobile devices with Android OS connect to Enhanced Open Transition Mode WLAN, sometimes it connects to Open WLAN and sometimes it connects to OWE WLAN, When the issue happens AP works as expected broadcasting beacons with related Transition mode info IE. It is suggested to upgrade mobile devices to latest software

version.

USB flash drive| OAW- AP1301| Plug in the USB flash drive, and doing factory reset or OS upgrade, AP can’t obtain IP address when AP boots up again, power cycle the device will recover.

New Software Feature Descriptions
DRM Enhancement (Express & OVNG)

Stellar AP performs DRM at first bootup to select the best channel/power assignment. Subsequently, the algorithm is run every 6 hours unless the selected channel is a DFS channel and a radar signal gets detected. Some environments recommend channel reassignments happen only every 24 hours and typically during non-peak hours. Some other environments want to ensure channel transitions occur faster when AP makes a decision.

As part of RF profile in the Background scanning section, we provide the option to set:

DRM Interval – Provide option in hours. Default value 6Hrs. Min value 0.5Hr – Max value 12.  DRM change hour – (default anytime). User has option to select any specific hour of the day between 0- 23 hours.

Note: DFS radar detection change will take effect immediately.

Go to Express UI Wireless- >RF, click DRM Time Control.

By default, DRM interval is taken effect, the default value is 6Hrs.

6GHz Feature Implementations (Express & OVNG)

In this release, 6G Dedicated scanning and 6G CSA function are supported.

For 6G Dedicated scanning, go to AP UI page -> RF Environment (products support 6G), choose 6GHz Band, and click One Time button.

For 6G CSA function, go to Express UI -> Wireless -> RF, select one AP that supports 6G, and roll down on the Edit RF Information page, you can see CSA configurations in the “Others” section, the default configuration is the same as 2.4G and 5.8G.

Wi-Fi Enhanced Open™ (Express & OVNG)

The enhanced open transition mode enables a seamless transition from open unencrypted WLAN connections without adversely impacting the end-user experience. It provides the ability for enhanced open and non-enhanced open clients to connect to the same open system virtual AP. In this mode the AP broadcasts two different types of BSSID. One legacy Open SSID on 2.4/5GHz band, and one Enhanced Open SSID on 2.4/5/6GHz band.

To create enhanced open transition mode WLAN, go to Express UI and create new WLAN, select “Enhanced Open” in Key Management.

Select checkbox “Transition Mode” in Enhanced Open.

Mesh Enhancement (Express)

Mesh Enhancement is supported in OVE & OVC mode in AWOS 4.0.7MR4, and in this release, it is supported in Express mode.

Both (wpa2&wpa3) wpa3-personal

11AX| 6G| wpa3-personal

The default configuration for 4.0.7MR3 is as follows:

11AC devices

11AX devices

Whitelist Configuration for Social Login and External Portal – Allow Wildcard (Express & OVNG) 

Allow in walled garden configuration wildcard leading domains, AP will snoop all the DNS traffic and dynamically add resolved IP addresses of wildcard matched domain into walled garden IP address list.

Go to Express UI -> Access -> Blocklist & Allowlist -> Walled Garden

Dynamic VLAN Support (Express)

Radius Dynamic VLAN assignment. This allows the network to advertise a single SSID, allows specific users to inherit different VLANs based on the user credential. This allows the wireless client to remain on the same VLAN as it moves within a campus network.

Note: it is ONLY supported on 11AX products.

Go to Express UI -> WLAN -> Create WLAN, select Security Level with Enterprise, and configure Radius Server parameters in the screenshot below, the feature will be taken effect if Radius Server returns desired VLAN to AP.

The following RADIUS attributes are supported in Stellar Express mode (RFC-2868):

• Tunnel-Type (IEFT #64) = VLAN
• Tunnel-Medium-Type (IEFT #65) = 802 (6)
• Tunnel-Private-Group-ID (IEFT #81) = [tag, string]

AWOS Add “hostname” in DHCP Request (Express & OVNG) AWOS AP sends “hostname” in every DHCP request for both IPv4 and IPv6. In DHCPv4, option 12 must be used for hostname. In DHCPv6, option 39 must be used for hostname.

It is implemented as below:

Use APAABBCC (use last 6 hex of MAC) for DHCP requests and keep the current hostname in AP’s Shell and Management UI. If user modifies its AP name, AWOS will use AP name changed by user.

You can change the AP name in Express UI below, in AP configuration page.

Client Isolation Functionality Should be Extended to Wired Downlink Ports on Access Points (Express)

Client isolation is supported for SSID, when enabled all clients on the wireless network across APs can only communicate with the default gateway. We also support along with client isolation, configuring allowlist of MAC addresses that are open to communication. In this release, Client Isolation is also supported on wired downlink port, when enabled on wired downlink port, all clients can only communicate with default gateway and allowed contact list if configured as part of the ARP that gets assigned.

To enable the functionality, go to Express UI -> Network -> Wired Network Configuration, toggle the “Client Isolate” switch on.

Note: Allowed contacts list can’t be configured in Express mode.

Technical Support

Alcatel-Lucent Enterprise technical support is committed to resolving our customer’s technical issues in a timely manner. Customers with inquiries should contact us at:

Region Phone Number

• North America 1-800-995-2696
• Latin America 1-877-919-9526
• Europe Union +800 00200100 (Toll-Free) or +1(650)385-2193
• Asia Pacific +65 6240 8484

Email: ale.welcomecenter@al-enterprise.com

Internet: Customers with Alcatel-Lucent service agreements may open cases 24 hours a day via Alcatel– Lucent’s support web page at: https://myportal.al- enterprise.com/.

Upon opening a case, customers will receive a case number and may review, update, or escalate support cases online. Please specify the severity level of the issue per the definitions below. For fastest resolution, please have telnet or dial-in access, hardware configuration—module type and revision by slot, software revision, and configuration file available for each switch.

Severity 1 – The production network is down resulting in a critical impact on business—no workaround is available.
Severity 2 – Segment or Ring is down or intermittent loss of connectivity across network.
Severity 3 – Network performance is slow or impaired—no loss of connectivity or data.
Severity 4 – Information or assistance on product features, functionality, configuration, or installation.

www.al-enterprise.com The Alcatel-Lucent name and logo are trademarks of Nokia used under license by ALE. To view other trademarks used by affiliated companies of ALE Holding, visit: www.al- enterprise.com/en/legal/trademarks-copyright. All other trademarks are the property of their respective owners. The information presented is subject to change without notice. Neither ALE Holding nor any of its affiliates assumes any responsibility for inaccuracies contained herein. © Copyright 20XX ALE International, ALE USA Inc. All rights reserved in all countries

References

• Network, Cloud & Communications solutions | Alcatel-Lucent Enterprise
• Trademarks Copyright | Alcatel-Lucent Enterprise

Read User Manual Online (PDF format)

Download This Manual (PDF format)

Download this manual  >>