Cover sheet Instructor Manual - ASSA ABLOY Univ Ratio on battery side of lock Signal Strength on...
26
Student Manual IP Systems & Software
Transcript of Cover sheet Instructor Manual - ASSA ABLOY Univ Ratio on battery side of lock Signal Strength on...
Student Manual
IP Systems&
Software
1
ASSA ABLOY
Certified Integrator IP Enabled Lock
Training
WELCOMESyou to
The Purpose of this class
Teaching you to set up and program the lock.
The Purpose of this class
We will NOT be teaching:
Computer Networking
Network Installation
Network Encryption
Network Security
Only What’s Needed To Make The Lock Work!
2
If More Information Is Needed…
We Can Provide The Documents That Will Answer Your Questions!
Agenda:
Conducting a site survey
Setting up the lock
Using the software
Sequence of Events
3
First, A Site Survey is conducted to ensure proper wireless coverage
Second, The Network Administratorprovides information about the network
Third, He enters this information into the NCT Program, providing a file for the CI
4
Fourth, The CI enters info about the lock using the LCT Program
Fifth, He Uploads all this info into the lock
Sixth, The Lock CommunicatesTo the Host Computer
5
Seventh, Users, Time Zones and other info is programmed using
EAC Software
1
The First Step
We need to verify the wireless network coverage at the door.
We do this by conducting a site survey.
A successful installation begins with verifying the network coverage at the opening.
Site Survey
Necessary for successful deployment of wireless Locksets
Creates a Wireless coverage picture of the facility
– Hot Spots
– Dead Zones
Determines if more APs are needed
A laptop will not work for this.
It has a large WiFi Antenna.
The Lock has a small antenna in a metal case.
2
Site Survey Tool (SST)
The Cisco AIR-CB21AG-A-K9 can be purchased. The card covers 802.11A/B/G standards
It comes with a Cisco Site Survey Tool utility
Allows for use with any laptop with a PCMCIA CardBus slot.
Provides Real Time Data
Cisco Aironet Utility – Associate with network
Insert the Cisco card into your Laptop
Open the Cisco Aironet Utility and find and associate with the wireless network
– Click on the Scan button
How to conduct a site survey…
Cisco Aironet Utility – Associate with network
Find the SSID that the IT department has given you
– Click “Activate”
3
Cisco Aironet Utility – Associate with network
Type in a familiar name for you to remember the settings on the “Profile Name”field
Cisco Aironet Utility – Associate with networkClick the “Security” tab.
You can see the type of security being used on this wireless network.
You have now “ASSOCIATED”with the AP and wireless network.
You can now run the Cisco Site Survey UtilityProgram.
Cisco SST Utility
Click the first tab, “Associated Access Point” (AP) status
The utility provides a graphical and numerical representation of
– Signal strength
– Noise
– Signal/Noise ratio in dB
– Link Speed in Mbps
The utility also gives information about what AP it is currently associated with.
4
Cisco SST Utility
A second tab, AP scan list, shows all available APs
This is helpful in determining conditions like over lapping channels and adjacent (Cisco suggests five channel separation between APs)
It also gives a general overview of available APs and SSIDs in the area
How to conduct a Site SurveyWhat you need– Close all doors that the
signal must pass through from the AP to the lock to emulate worst case scenario
– Laptop with/ Cisco SST software installed
– Cisco Aeronet Card
– Site Survey Forms 1 per door
– IT Information– Need SSID
– Need encryption info
Site Survey Form - IT
<Need Info From Each Door>Estimated distance to AP:
<Need Info From Each Door>Signal/Noise Ratio on battery side of lock
<Need Info From Each Door>Signal Strength on battery side of lock
<Need Info From Each Door>Survey tool used:
<Only Need To Enter Once>Gateway IP (if not DHCP):
<Only Need To Enter Once>Subnet (if not DHCP):
<Only Need To Enter Once>Wireless Encryption type:
<Only Need To Enter Once>Host PC IP Address:
<Only Need To Enter Once>Static IP Address Possible for Host PC?
<Only Need To Enter Once>Potential Lock IP (If static):
<Only Need To Enter Once>MAC Address Reservations?
<Only Need To Enter Once>DCHP or Static IPs:
<Only Need To Enter Once>Ports Available/Open (2571 & 8023)
5
How to Site Survey4. Walk to Lock location
5. Get Signal, noise and signal to noise ratio on the outside and inside of the door (with the door closed)
6. Record values on Site Survey Sheet
7. View the AP list for overlapping APs in the area
8. Note any overlap in channels
9. Repeat for every door
10.Evaluate results for each door
Example
This is a comparison between two doors
Signal Strength is not the only factor in a site Survey– The picture on the left is a lock that has stable communication
– The picture on the right is a lock that has intermittent communication
Note the top lines or signal strength is almost the same pictureto picture. But the non working lock on the right has a red for transmit speed and shows a lower Signal/Noise ratio. This indicates a bad connection.
Any questions about conducting a site survey?
How to Complete a Site Survey
6
Please visit:
Need more information?
For an online version
www.AssaAbloyAmericasUniversity.com
Sequence of Events
Setting up the lock
WHO? WHAT? WHERE? WHEN? HOW?
Five questions we need to answer…
7
Setting up the lock
We have to tell the lock WHO it is
Determine WHAT system it will talk to
Tell the lock WHERE that system is
WHEN the lock will communicate
HOW it will communicate
A Sixth question…
WHY are we taking these steps?
???The Lock Doesn't Know
Anything!
To answer these questions, we will be using two tools:
Lock Configuration Tool - LCT
Network Configuration Tool - NCT
8
Network & Lock Configuration ToolsThe lock and network configuration tools were created to ease the install process by creating a tool that uses simple GUIs
Network Configuration Tool– Simple for IT professionals to
enter IT information in a secure fashion to the installers
Lock Configuration Tool– Uses the data you entered into the NCT program and inputs that into the lock
– Easy to use GUI that allows for lock installers to set up locks with little IT knowledge
Wireless Lock Configuration
Configurable Items:– IP Address
– DHCP or Static
– Host IP (Computer that runs the Access Control Software) Always a Static Value!
– Subnet
– Encryption
– Serial Number (Electronic serial number in the lock)
– Set by Factory
1
How to use NCT
Open the NCT file on your computer
Configuration Tool – NCT Overview
Used to create site file
Each lock is defined and named
File contains all IT info– IP Address
– Subnet
– Encryption
– SSID
– Port
– Host IP
NCT – Enter Site NameSite name– The site name is
the designation for this set of locks and is typically represented by the company name, company plus division, etc.
2
NCT – Enter Inactivity TimeoutInactivity Timeout– The Inactivity
Timeout determines how long the LCT will wait for user input before automatically terminating. This is a security measure. The default value is 300 seconds or 5 minutes.
NCT – Enter Installer PasswordInstaller Password – The Installer
Password allows the installer to use the data but not to view the network communication parameters.
NCT – Enter IT PasswordIT Password – The IT Password
allows the IT administrator to view and edit all network communication parameters for all defined locks.
3
NCT – 2. Lock Info (if DHCP)
Lock Info – By default the
‘Locks’ section will be in “View Mode”.
– To create a new lock entry, click on the “New” button.
– The Lock area will change color and “Add Mode” will be displayed Information can now be entered.
NCT – Enter Lock Name (if DHCP)
Name – Helps the installer
identify the lock
– “West Stairwell Door”
– “Rear Exterior Door”, etc
– Use meaningful names
NCT – Enter Lock Serial Number (if DHCP)
Serial Number – Serial number - 16
character identifier taken from the label on the lock controller or from the lock information sticker included in each box
4
NCT – Check Box “DHCP” (if DHCP)
DHCP – DHCP
– If this box is checked, the IT department has determined that the locks will be assigned IP addresses dynamically by their system– In this case, the IP
Address, Subnet Mask and Gateway fields remain blank
NCT – Enter IP Info (if Static)
Static IP’s– If this DHCP box is
un-checked, the locks need to be assigned the IP Address, Subnet Mask and Gateway as determined by the IT department
NCT – Enter SSID (DHPC or Static)
SSID– For determining
which wireless network should the locks communicate through to the network
– Information must be supplied by the IT department
– Case sensitive
5
NCT – Enter EAC IP Address (DHPC or Static)
EAC IP Address– EAC IP Address
(Host Address)
– Must be a static IP address of the Access Control Software Server
NCT – Enter EAC Port Info (DHPC or Static)
Ports– 2571 by default
– This allows the locks to communicate directly to the computer that controls the locks (Host PC)
– The IT department may need to “open”ports for these locks to talk directly to the Host PC and no where else on the network
NCT – Enter Encryption Info (DHPC or Static)
Encryption – Encryption Type
(optional)
– WPA, WEP or LEAP
– If WPA-PSK, (WPA-TKIP) insert Key given by IT
– If WEP, insert Key given by IT (must be HEX)
– If LEAP, enter the Key, LEAP User Name and LEAP Password
6
NCT – Enter the AES Key Info (DHPC or Static)
LOCK AES Key
- Encrypts the data from the lock to the host PC and vice-versa
– The 128 bit AES Key (for “packetized data”)
– If used:
– Enter the Key by hand, or
– The system will generate the Key when you push the “Generate” button
NCT – DPAC Info and DPAC Rate
DPAC (Lock Radio Module)– The fields “DPAC User
Name” and “DPAC Password” are not used at this time
NCT – Save your input (DHPC or Static)
Save – You must SAVE TWICE
– First, use the SAVE button at the bottom of the screen to save this particular lock’s info
– Second, Click “File”at the top of the screen and use “Save As” to save the actual Network Configuration File. (*.slct)
7
NCT – Saving a Configuration FileSave & Close– Always SAVE your
work after entering any data.– To save a
configuration file click “Save” from the “File”menu.
– It is recommended that when saving a configuration file, it should be saved as a “.slct” file extension.
– Click on the ‘File name’ drop-down menu to select “Secure LCT Configuration files (*.slct)”
– To terminate the application click on the close box in the upper right corner of the main window or click on “Exit” in the “File” menu.
NCT – Edit a LockEdit – You can edit a lock
at anytime.
– The screen color turns yellow.
– Remember to SAVE after making any changes
NCT – Copy a LockCopy – To copy an existing
lock, first select it in the list on the left side of the window and then click “Copy”. The Lock area will change color and “Add Mode”will be displayed
– All of the data from the selected lock is cloned and available for editing..
– Notice that the “Edit”button changes to “Save” and the “Delete” button changes to “Cancel”.
–
8
NCT –Opening an Existing NCT File
Open – Opening an existing
configuration is done by clicking on “Open”in the “File” menu (next to “Help”).
– You can either double-click the desired file or highlight it and select ‘Open’
– The IT Password will be required to open any *.slct files
NCT is Complete!
Now the IT Department will give that file to you…
Sequence of Events
1
How to use LCT
Open the LCT file on your computer
Lock Configuration Tool - LCT
Used to configure wireless settings for locks
Simple easy to use
Speeds up installations
File encryption keeps IT data secure
What you need:– Laptop
– Serial Port
– Serial to Rj11 Adapter Cable
LCT - Open a .lct or .slct file
Start by Opening the file you just created in NCT
You will need the Installer password!
It will display the last config file opened in this drop down
After doing that return to the file menu and open the Setup
2
LCT - Setup Menu, COM Ports
Set the Comm port
`
LCT – COM Ports, Device Manager, Ports
`
> START> CONTROL PANEL
> SYSTEM
> HARDWARE
>DEVICE MANAGER>PORTS
LCT – Setup Menu, Temp Users & Firmware
Input the test card or test PIN number or both
Confirm the firmware version is the most current.
The firmware is available on the install CD for NCT/LCT in the firmware folder. It is required to complete the setup
3
LCT – Connect to lock
Select the correct lock you are working on
If you don’t know, the configuration tool will change to the correct lock, based on serial number.
If you connect to a lock that is not in the .LCT file (the file you created with the NCT program) you will get an error message.– Update the .LCT file to
correct with the NCT program
LCT - Communicate with Lock
Now click
– Connect to Lock (lock must be connected to computer)
– Update firmware
– Configure Lock
The program will not allow you to move on to the next step without successfully completing the previous step.
Verify DHCP (if Applicable)
– Uncheck Verify DHCP if using static IP addresses
LCT – Additional Configuration Options
After configuration you can:
– Add Temporary Users
– Delete Temporary Users
– Delete All Users
– Reset NVRAM (Reset Lock)
– Get Network Device Info– Gives network info, confirms
connection to the wireless network or Access Point (AP)
– Verify Connection to Host– Confirms there is a connection
between the lock and its host IP
4
Sequence of Events
Sequence of Events
Any Questions?
