OCNA Wireless Slides v1.0.0 EN

00 OCNA Wireless Overview
•
OCNA Certification Courses Overview
Training Preparation
• Classroom Pre-Lab Topology
• Trainer-Switch Profiles (1-12 Students)
© 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 1

OCNA Certification Courses Overview
Omada Certified Network Administrator (OCNA)
Chap 1. Omada SDN Solution Introduction
Chap 2. Device Discovery, Adopting & Management
Chap 3. Basic Network Settings and Monitoring
Chap 4. Portal & Hotspot
Chap 5. Wireless Fundamentals
Chap 6. Demand Analysis
Chap 7. Network Planning & Optimization
Chap 8. Troubleshooting
OCNA Certification & Badge

Training Preparation
Laptop
• Run OC200 Web Interface on Browser

• Run Tools like Discover Utility, Putty, Iperf.
• Run Online Tools like heatmap.
Smartphone
• Run Omada APP

• Run Tools like Iperf client.
• Work as a wireless client.
Demo Kit
• Including OC200 *1 + EAP653 *2 +

SG2008P *1
• Build basic Omada Topology for Labs.
Classroom Pre-Lab Topology
Trainer-Gateway Trainer-Switch
Student-X-Switch
Student-1-Switch
192.168.X0.1/24
192.168.10.1/24
Student-1-OC200 Student-X-OC200
Student-1-AP1 Student-1-AP2 192.168.10.1/24 Student-X-AP1 Student-X-AP2 192.168.X0.1/24
192.168.10.1/24 192.168.10.1/24 192.168.X0.1/24 192.168.X0.1/24

Trainer-Switch Profiles (1-12 Students)
S.0X VLAN Type IP S.0X VLAN Type IP S.0X VLAN Type IP
10 MGMT 192.168.10.1/24 50 MGMT 192.168.50.1/24 90 MGMT 192.168.90.1/24

S.01 S.05 S.09
(Port 1) (Port 5) (Port 9)
11 LAN1 192.168.11.1/24 51 LAN1 192.168.51.1/24 91 LAN1 192.168.91.1/24
S.02 20 MGMT 192.168.20.1/24 S.06 60 MGMT 192.168.60.1/24 S.10 100 MGMT 192.168.100.1/24
21 LAN1 192.168.21.1/24 61 LAN1 192.168.61.1/24 101 LAN1 192.168.101.1/24
31 LAN1 192.168.31.1/24 71 LAN1 192.168.71.1/24 111 LAN1 192.168.111.1/24
41 LAN1 192.168.41.1/24 81 LAN1 192.168.81.1/24 121 LAN1 192.168.121.1/24

01 Omada SDN Solution
Introduction
•
•
TP-Link Brand Overview
Omada SDN Solution Overview
• Omada EAP
• Omada Switch
• Omada Gateway
• Omada Controller
• Accessories

TP-Link Business Networking Milestones 2023
Ranks 1st in Small-Business
Wi-Fi and 5th in Enterprise
2020 Wi-Fi share in units, and 2nd
Omada SDN in Enterprise Ethernet
2016 launched in Q2 Switches share in ports in Q1,
2023***
Released Omada
Business Wi-Fi,
and entered the
international
2010 business Wi-Fi
market 2022
2002 World's No.1
• World’s No.1 Wi-Fi
brand in the
Released their first Products Provider
managed switch,
global WLAN 2019 for 12 Years*
market*
broadband radio • Omada EAP sales
• Omada Pro
and series of
1996 2014 totaled over 1
Solution launched
networking million pcs
TP-Link products Entered the • Recognized for 4
overseas
established business Wi-Fi consecutive years
2005 market in China • Entered Gartner
in the Gartner
Mainland Magic Quadrant**
Entered the Magic Quadrant**
international
1998 market
Developed and *Source: IDC Worldwide Quarterly WLAN Tracker

**Source: Gartner, Magic Quadrant for Enterprise Wired and Wireless LAN Infrastructure, November 2022.
produced their first ***Source: Gartner, Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 1Q23
Ethernet switch Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and
internationally and is used herein with permission. All rights reserved.
© 2023 TP-Link Corporation Limited. Not for distribution or reproduction.
7
TP-Link Business Networking
Recognized For 4 Consecutive Years
in the Gartner Magic Quadrant for
Enterprise Wired and Wireless LAN Infrastructure
*Source: Gartner, Magic Quadrant for Enterprise Wired and Wireless LAN
Infrastructure, November 2022.
© 2023 TP-Link Corporation Limited. Confidential information. Not for distribution or reproduction.
Omada — The Smarter Cloud Solution for Business Networking
TP-Link Omada provides one-stop access to high-quality services and high-performance products for small and medium-sized
businesses, integrating complete network devices such as access points, switches, and routers. It’s ideal for use in hotels, offices,
retail, schools, and more.
Long-Range Long-Range
Outdoor AP Outdoor AP B2B Focused Brand
Outdoor AP
Wall Plate AP
On-Premises Software-Defined Networking
Ceiling Mount AP Controllers (SDN)
Full Line Controllers, APs,

Switches (PoE and Non-PoE),
Routers, and Accessories
Centralized Multi-Site Cloud

Management
Omada
Gateway Higher Efficiency, Higher
Reliability, and Higher Security

9
Omada — The Smarter Cloud Solution for Business Networking
Controller Type Management Scale Management Devices

• Cloud-Based • Cloud-Based: Unlimited Devices • Omada Access Points
• On-Premises Software • Software: 10,000 Devices • Omada Switches
• On-Premises Hardware • Hardware: 500 (OC300) / 100 (OC200) EAPs • Omada Gateways
10
Omada EAPs
Specially-Designed Access Points for All Kinds of Environments.
High-Density Wide Area Outdoor In-Room Wi-Fi

Scenarios Coverage Environments
Wi-Fi 7 / 6E / 6 / 5 Access Ceiling Mount Access Outdoor Access Points Wall Plate Access Points
Points Points
EAP660 HD EAP773 EAP625-Outdoor HD EAP655-Wall
EAP620 HD EAP683 LR EAP215-Bridge KIT EAP615-Wall

Omada Wi-Fi 7 EAPs
EAP783 EAP770, EAP773
Speed BE22000 Tri-Band BE11000 Tri-Band
2.4 GHz Speed 1376 574

5 GHz Speed 8640 4320
6 GHz Speed (Mbps) 11520 5760
Ethernet Ports 2 x 10G 1 x 10G
Power Supply 802.3bt / 12V DC without power 802.3bt / 12V DC

adapter included (EAP773 without power adapter included)
Client Capacity 768 (256 per band) 384 (128 per band)

Omada Wi-Fi 6 Ceiling Mount EAPs
EAP690E HD EAP680 EAP670 EAP660 HD EAP650 EAP620 HD EAP610

EAP683 LR* EAP673* EAP653* EAP613*
Speed AXE11000 AX6000 AX5400 AX3600 AX3000 AX1800 AX1800

Quad-Band
2.4 GHz Speed 1148 1148 574 1148 574 574 574
5 GHz Speed 2402 + 2402 4804 4804 2402 2402 1201 1201
6 GHz Speed (Mbps) 4804 / / / / / /
Ethernet Ports 1 x 10G 1 x 2.5G 1 x 2.5G 1 x 2.5G 1 x 1G 1 x 1G 1 x 1G
Power Supply 802.3bt 802.3at 802.3at 802.3at 802.3at / 48V 802.3at / 48V 802.3at / 48V
12V DC 12V DC 12V DC 12V DC Passive PoE / Passive PoE / Passive PoE /
12V DC 12V DC 12V DC
Client Capacity 2048 (512 x 4) 512 (256 x 2) 256 (128 x 2) 1024 (512 x2) 256 (128 x 2) 1024 256 (128 x 2)
*: these models don’t have power adapters included. © 2023 TP-Link Corporation Limited. Not for distribution or reproduction.
Omada Wi-Fi 6 Outdoor and Wall-Plate EAPs
EAP650-Outdoor EAP625-Outdoor HD EAP610- EAP655-Wall EAP650-Wall EAP615-

EAP623-Outdoor HD Outdoor Wall
Speed AX3000 AX1800 AX1800 AX3000 AX3000 AX1800
2.4 GHz Speed 574 574 574 574 574 574

5 GHz Speed 2402 1201 1201 2402 2402 1201
Ethernet Ports 1 x 1G 1 x 1G 1 x 1G 4 x 1G 2 x 1G 4 x 1G
Power Supply 802.3at 802.3at 802.3at 802.3at 802.3at 802.3at

48V Passive PoE 48V Passive PoE 48V Passive
PoE
Client Capacity 256 (128 x 2) 1024 (512 x 2) 256 (128 x 2) 128 (64 x 2) 128 (64 x 2) 128 (64 x 2)

Omada Wi-Fi 5 EAPs
EAP265 HD EAP245 EAP225 EAP225-Outdoor EAP235-Wall EAP230-Wall

EAP223
Speed AC1750 AC1750 AC1350 AC1200 AC1200 AC1200
2.4 GHz Speed 450 450 450 300 300 300

5 GHz Speed 1300 1300 867 867 867 867
Ethernet Ports 2 x 1G 2 x 1G 1 x 1G 1 x 1G 4 x 1G 2 x 1G
Power Supply 802.3af 802.3af 802.3af 802.3af 802.3at 802.3at

Passive PoE Passive PoE Passive PoE Passive PoE
Client Capacity 512 (256 x 2) 220 (110 x 2) 220 (110 x 2) 220 (110 x 2) 200 (100 x 2) 200 (100 x 2)

Reverse PoE Switch
RP108GE is mainly applied to places where there are no power outlets, like the roof of a building or corridors. Supporting reverse PoE
functionality, ports 1 to 7 can automatically detect and receive power from households. In this case, it can be used to power the
switch itself and then further power other Passive PoE devices via port 8 and the DC output port. Enhanced with basic management
features like VLAN and QoS, RP108GE shares the same software functions with TP-Link Easy Smart switches.
Model RP108GE
7 Gigabit Passive PoE-in RJ45 Ports

Voltage: 24/48 V (Mixing is not supported)
1 Gigabit Passive PoE-out RJ45 Port

Ports Voltage: Depends on the input voltage of
PoE-in ports
1 DC Output Port
Voltage: 5/12 V
Power Pin of
Ethernet 4/5+ 7/8-
Cable
Note:
PoE Supply Passive PoE
1. DC out is a power output port, do not connect it to any power source.
2. Set the required voltage of the powered device before connecting.
Deployment Desktop / Wall Mounting
Omada Switches
Lightning-Fast 10G / Multi-Gigabit Switching Solution with Centralized Management Capability.
10G Router Full 10G Fiber Switch Core Server / NAS
PoE Switch with 10G Uplink Wi-Fi 7 / 6E / 6 Access Points with 10G or Switch with 10G Uplink
2.5G Ports
Connecting PoE Devices, Hassle-Free Connecting Wi-Fi 7/6E/6 APs with 10G or 2.5G PoE Switch Lightning-Fast Wired Connections

Omada L2+ Managed Full 10GE SFP+ Switches
SX3016F SX3008F SX3206HPP
SFP+ Ports 16 8 2
RJ45 Ports / / 4 x 10GE
Installation 19-inch Rackmount 13-inch Rackmount
PoE & Budget / / 802.3bt

200 W
Switch Capacity 320 Gbps 160 Gbps 120 Gbps
MAC Address Table 32K 32K 32K

Omada L2+ Managed 10GE + 2.5GE Switches
SG3210XHP-M2 SG3210X-M2 SG3218XP-M2 SG3428XPP-M2 SG3428X-M2
SFP+ Ports 2 2 2 4 4
RJ45 Ports 8 x 2.5GE 8 x 2.5GE 16 x 10GE 24 x 2.5GE 24 x 2.5GE
Installation 19-inch Rackmount 13-inch Rackmount 19-inch Rackmount
PoE & Budget 802.3at / 802.3at 802.3at /

240 W 240 W 500 W
Switch Capacity 80 Gbps 80 Gbps 120 Gbps 200 Gbps 200 Gbps
MAC Address Table 16K 16K 16K 32K 32K

Omada L2+ Managed 10GE + 1GE Switches
SG3428XMP SG3428X SG3452XP SG3452X SG3428XF
SFP+ Ports 4 4 4 4 4
SFP Ports / / / / 24
RJ45 Ports 24 x 1GE 24 x 1GE 48 x 1GE 48 x 1GE /
Installation 19-inch Rackmount
PoE & Budget 802.3at / 802.3at / /

384 W 500 W

Omada 10G Network Topology Example
LAG + STP
Device & Link Redundancy
SX3016F SX3016F
SG3428X SG3428XMP SG3428XPP-M2 SX3206HPP
1GE Wired Clients 1GE PoE Devices 2.5GE PoE Devices 10GE EAP

Omada L2+ Managed 10GE + 1GE Switches
SG3210 SG3428MP SG3428 SG3452P SG3452
SFP Ports 2 4 4 4 4
RJ45 Ports 8 x 1GE 24 x 1GE 24 x 1GE 48 x 1GE 48 x 1GE
Installation 13-inch Rackmount 19-inch Rackmount
PoE & Budget / 802.3at / 802.3at /

384 W 384 W

Omada Smart Switches
SG2008 SG2210P SG2016P SG2218 SG2428P

SG2008P SG2210MP SG2218P
SFP Ports / 2 / 2 4
RJ45 Ports 8 x 1GE 8 x 1GE 16 x 1GE 16 x 1GE 24 x 1GE
Installation Desktop 19-inch Rackmount
PoE & Budget 802.3at 802.3at 802.3at 802.3at 802.3at

62 W (for SG2008P) 62 W (for SG2210P) 120 W 150 W (for SG2218P) 250 W
150 W (for SG2210MP)

Omada Routers
Provide secure internet access for an integrated Omada SDN solution and centralized management.
Max NAT
Throughput
ER8411
10G
ER707-M2 • 1× 10GE SFP+ WAN
2.5G • 1× 10GE SFP+
• 1× 2.5G RJ45 WAN
• 1× 2.5G RJ45
WAN/LAN
• 1× Gigabit SFP
ER7212PC ER706W WAN/LAN
1G
ER605 ER7206 WAN/LAN
• 1× Gigabit SFP
• 8× GE RJ45 WAN/LAN
• 5 × GE RJ45 (1 WAN, 3 • 1 × SFP WAN, • 2× Gigabit SFP • 1× Gigabit SFP WAN/LAN
• Console Port
WAN/LAN, 1 LAN) • 5 × GE RJ45 (1 WAN, 2 WAN/LAN WAN/LAN • 4× GE RJ45 WAN/LA
• Rackmount
• 940 Mbps NAT WAN/LAN, 2 LAN) • 1× GE RJ45 WAN • 1× GE RJ45 WAN • Dynamic / Static IP,
• USB
Throughput • 940 Mbps NAT • 1× GE RJ45 LAN/WAN • 4× GE RJ45 LAN/WAN PPPoE, PPTP, L2TP
• Dynamic / Static IP,
• Desktop Throughput • 8× GE RJ45 PoE+ LAN • 3.0 Gbps Wi-Fi 6 • IPSec, SSL, L2TP,
OpenVPN, WireGuard PPPoE, PPTP, L2TP
• Dynamic / Static IP, • Dynamic / Static IP, • 110 W PoE Buget (HE160)
• IPSec, SSL, L2TP,
PPPoE, PPTP, L2TP PPPoE, PPTP, L2TP • Dynamic / Static IP, • Dynamic / Static IP, • Static Routing, Policy
OpenVPN, WireGuard
• IPSec, PPTP, L2TP, • IPSec, PPTP, L2TP, PPPoE, PPTP, L2TP PPPoE, PPTP, L2TP Routing
• Static Routing, Policy
OpenVPN, WireGuard OpenVPN, WireGuard • IPSec, PPTP, L2TP, • IPSec, SSL, L2TP, • Load Balance
Routing
• Static Routing, Policy • Static Routing, Policy OpenVPN, WireGuard OpenVPN, WireGuard • ACL
• Load Balance
Routing Routing • Static Routing, Policy • Static Routing, Policy • Web Authentication
• ACL
• Load Balance • Load Balance Routing Routing • Multi-Net DHCP/VLAN
• Web Authentication
• ACL • ACL • Load Balance • Load Balance • Integration with Omada
• Multi-Net DHCP/VLAN
• Web Authentication • Web Authentication • ACL • ACL SDN
• Integration with Omada
• Multi-Net DHCP/VLAN • Multi-Net DHCP/VLAN • Web Authentication • Web Authentication
SDN
• Integration with Omada • Integration with Omada • Multi-Net DHCP/VLAN • Multi-Net DHCP/VLAN
SDN SDN • Integration with Omada
SDN
Omada 3-in-1 Omada AX3000 Omada Multi-Gigabit Omada 10G VPN
Gigabit VPN Router Gigabit VPN Router Gigabit VPN Router VPN Router Router
© 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 24 24

Omada Controllers — Flexible Options for Centralized Cloud Management
Omada SDN provides two ways of management—Cloud-Based Controller (completely in the cloud) and Hybrid-Cloud Controller (on-
premises) with full cloud access, giving you a wide selection and full control of the whole network from the cloud to fit your business needs.
On-Premises Controller (Hybrid Cloud)

Type
Omada Hardware Controller Omada Software Controller
Usage Method Connect to the intranet Deploy to intranet servers or private clouds
OC200: ≤ 100 APs + 20 Switches + 10 Routers
Management Scale OC300: ≤ 500 APs + 100 Switches + 100 Routers Unlimited*
OC400: ≤ 1000 APs + 100 Switches + 100 Routers (TBD)
Network Type Small/Medium local networks Medium/Large networks
Pricing Model Hardware Costs Free
Cloud Access √ √
Automatic Channel Selection √ √
Automatic Transmit Power Adjustment √ √
Zero-Touch Provisioning - -
10+ (English, Spanish, Portuguese, German, French, Korean, Japanese, Russian, Italian, Turkish,
Multi-Language Interface
Traditional Chinese, and more)
*Actual management scale of the Omada Software Controller depends on the PC/server’s hardware specifications.

Omada Hardware Controller – OC200
Cloud LED: Showing the connection status with Cloud Platform.
Power LED: Showing the power-on status.
Cloud LED ETH1(PoE IN): Connected to a standard 802.3af or 802.3at PoE device,
such as a TP-Link PoE switch, to transmit data and gain power supply
simultaneously.
ETH2: Connected to a device to transmit data.
Power LED
USB Port: Connected to a storage device to automatically back up the
configuration file and database. This function is only available when
ETH1(PoE in)
USB Port OC200 is powered by a PoE device.
ETH2 Reset Button Reset Button: Reset Button.
Kensington Security Slot: Secure the lock (not provided) into the security
slot to prevent the device from being
Micro USB: Connected to a USB Power Source (5V DC, minimum 1A) to
gain power supply if PoE is not available.
Kensington Security Slot
Micro USB

Omada Hardware Controller - OC300
Cloud LED Cloud LED: Showing the connection status with Cloud Platform.
• On: The device is bound to a TP-Link ID.
• Slow Flashing: The device is connected to cloud but not bound to a
TP-Link ID.
• Quick Flashing: The device is being reset to its factory default settings.
• Off: The device is disconnected from the cloud.
Power LED: Showing the power-on status.
Reset Button 1G ETH1 & ETH2 Port: Bridge Port. Connect a device to transmit data.
USB 3.0
Power LED USB Port: Connected to a storage device to automatically back up the
1000M ETH1&ETH2 configuration file and database.
Reset Button: Reset Button.
Kensington Security Slot: Secure the lock (not provided) into the security
slot to prevent the device from being
Ground Connection: Connect to the ground for lightning protection.
Power Socket: Connect the female connector of the power cord here, and
the male connector to the AC power outlet (100-240V~50/60Hz).
Kensington Security Slot
Power Socket
Ground Connection
On-Premises Controller with Cloud Access
Omada offers cloud access to its on-premises centralized management platforms—Omada Software Controller or Omada Hardware
Controller—to give you control of the whole network wherever you are through the Omada app or Web UI, without any additional service
subscription fees.
Omada Management Interface

Cloud Access
1. Associate to the server 2. Log in
or
Cloud Access to
Omada
Controller Omada App Web Browser
Omada Routers
or
Omada Hardware Omada Software Omada Switches Omada Access Point

Controller Controller on
PC/Server

Cloud Management with the Omada App
Follow configuration instructions on the free Omada app to get set up in minutes. The Omada app lets you configure settings, monitor the
network status, and manage clients, all from a phone or tablet.
Cloud Access to
Centralized
Management
Real-time Monitoring
and Management
Standalone
Management

Omada Accessories——PoE Adapters
802.3af/at Compliant
Access Point
802.3af/at Compliant
IP Camera
PoE+ Injector
POE160S
Router or Switch
Up to 100 m
PoE Injector PoE Splitter Non-PoE Wireless

POE150S POE10R Access Point
Access Points
Supporting Passive
PoE
Passive PoE Adapter

Omada Accessories—— PoE Adapters
POE170S
POE160S
• 2× GE Ports POE2412G POE4818G POE4824G
POE260S
• 802.3af/at/bt
• 2× GE Ports (type 3) • 1× GE Non- • 1× GE Non- • 1× GE Non-
• 2× 2.5GE POE10R
• 802.3af/at • 60 W PoE PoE Input PoE Input PoE Input
Ports POE10E
• 30 W PoE Power Port Port Port
POE150S • 802.3af/at
Power • Desktop / • 2× GE PoE • 1× GE • 1× GE • 1× GE
• 30 W PoE • 2× FE PoE
• Desktop / Wall port Passive PoE Passive PoE Passive PoE
• 2× GE Ports Power
Mounting • 1 power Port (1× PoE Output Port Output Port
• 802.3af Wall Output Port
• Desktop / in, 1× PoE out)
Mounting • 155×70×42 socket (DC • Up to 12 W • Up to 18 W • Up to 24 W
• 15.4 W PoE Wall
• 125×59.4×3 mm OUT 5/9/12V) • Compatible PoE Power PoE Power PoE Power
Power Mounting
6.8 mm • 802.3af with (Max. 24 VDC) (Max. 48 VDC) (Max. 48 VDC)
• Desktop • 125×59.4×3
• Desktop 802.3af/at • Desktop / • Desktop /
• External • Desktop /
6.8 mm PSE and PD
• 80.8×54×24 Wall Wall Wall
48VDC/0.5A
mm devices Mounting Mounting
power Mounting
• Desktop • 85.8×43.9×3 • 85.8×43.9×3
adapter • 110×57×38.
• 71×26×16.2m 5 mm 5 mm 8 mm
• 80.8×54×24
m
mm 12 W Passive 18 W Passive 24 W Passive
802.3af 802.3at
802.3af 802.3at 802.3at 802.3bt PoE PoE PoE
GE PoE FE PoE
GE PoE Injectors Splitter Extender GE Passive PoE Adapters

Omada Accessories—— Media Converters
TP-Link media converters seamlessly transition between electrical and optical signals, enabling long-distance data transmission for
commercial applications like park security surveillance and wireless networking.
IP Camera
Up to 2 km
…..
Access Switches Media Media Switches
Point Converter Converter
(FC311A-2) (FC311B-2)
Router
PC

Omada Accessories—— 100 Mbps MC
5 VDC, Single Mode & Single Fiber 9 VDC
Ideal for newly deployed systems with higher cost-effectiveness Ideal for existing systems with 9 VDC power supplies
Max
Transmission
FC111A-20 MC111CS
FC111B-20 FC111PB-20 MC110CS MC112CS
20 km
• 100 Mbps • 100 Mbps • 100 Mbps
• 100 Mbps
• 9/125 μm Single-mode • 9/125 μm Single-mode • Single-mode Fiber
MC100CM • Single-mode Fiber
2 km
Fiber Fiber • 20 km
• 100 Mbps • 20 km
• 20 km • 20 km • 2× SC Fiber ports
• Multi-mode Fiber • WDM Bi-
• WDM Bi-Directional • WDM Bi-Directional • 1× FE RJ-45 Port
• 2 km Directional
• 1× SC Fiber port • 1 × SC Fiber port • Wave length: 1310
• 2× SC Fiber ports • 1× SC Fiber port
• 1× FE RJ-45 Port • 1× FE 802.3af RJ-45 nm
• 1× FE RJ-45 Port • 1× FE RJ-45 Port
• A-20: 1550/1310 nm Port • 9 VDC /0.6 A input
• Wave length: 1310 • MC111CS:
• B-20: 1310/1550 nm • Tx: 1310 nm
nm • 1550/1310 nm
• 5 VDC /0.6 A input • Rx: 1550 nm
• 9 VDC /0.6 A input • MC112CS:
• 48 VDC /0.5 A input • 1310/1550 nm
• 802.3af PoE Output • 9 VDC /0.6 A input
FE Media Converters (5 VDC) FE Media Converters (9 VDC)

Omada Accessories—— Gigabit MC
5 VDC, Single Mode & Single Fiber 9 VDC
Ideal for newly deployed systems with higher cost-effectiveness Ideal for existing systems with 9 VDC power supplies
Max
Transmission
FC311A-20 MC220L
FC311B-20 MC210CS • 1 Gbps
20 km
• 1.25 Gbps • 1 Gbps • Multi-mode/Single
FC311A-2
• 9/125μm Single-mode • Single-mode Fiber mode
FC311B-2
2 km • 20 km • SFP Module
Fiber
• 1.25 Gbps
• 20 km • 2× SC Fiber ports • Maximum distance
• 9/125 μm Single-mode
• 1× GE RJ-45 Port depends on the
Fiber
• 1× SC Fiber port MC200CM
550 m
• 1 × GE RJ-45 Port • Wave length:1310 inserted SFP
• 2 km • 1 Gbps
• A-20: 1550/1310 nm nm module
• WDM Bi-Directional • Multi-mode Fiber
• B-20: 1310/1550 nm • 9 VDC / 0.6 A input • 1× 1000 Mbps SFP
• 1× SC Fiber port • 0.55 km or 0.22 km
• 5 VDC / 0.6 A input Slot
• 1× GE RJ-45 Port • 2× SC Fiber ports
• 1× GE RJ-45 Port
• A-2: 1550nm/1310nm • 1× GE RJ-45 Port
• Hot-Swappable FX
• B-2: 1310nm/1550nm • Wave length: 850
Port
• 5 VDC / 0.6 A input nm
• 9 VDC /0.6 A input
• 9 VDC / 0.6 A input
SFP Module
GE Media Converters (5 VDC) GE Media Converters (9 VDC)
Omada Accessories—— SFP/SFP+ Modules
Max
Transmission SM321A
SM321B SM311LS
20 km
• 1.25 Gbps • 1.25 Gbps SM5110-LR
10 km • 9/125 μm Single- • 9/125 μm Single-
SM321A-2 mode Fiber mode Fiber • 10 Gbps
SM321B-2 • WDM Bi- • Transmit distance: • 9/125 μm Single-
2 km
Directional 20 km mode Fiber
• 1.25 Gbps SM311LM
• Transmit distance: • 2× LC Ports • Transmit distance:
550 m • 9/125 μm Single- SM5110-SR
20 km • Wave length: 10 km
mode Fiber • 1.25 Gbps
300 m • 1× LC Port 1310 nm • 2× LC Ports
• WDM Bi- • 50/125 μm or • 10 Gbps
• A: 1550 nm / 1310 • Wave length:
Directional 62.5/125 μm • 50/125 μm or
nm 1310 nm
• Transmit distance:
Multi-mode Fiber 62.5/125 μm
2 km • B: 1310 nm / 1550
nm • Transmit distance: Multi-mode Fiber
• 1× LC Port
550 m or 275 m • Transmit distance:
• A-2: 1550 nm /
1310 nm • 2× LC Ports 300 m or 33 m
• B-2: 1310 nm / • Wave length: 850 • 2× LC Ports
1550 nm nm • Wave length: 850
nm
GE GE GE GE 10G 10G
SFP Modules SFP+ Modules

Omada Accessories—— SFP/SFP+ RJ45 Modules
Max Data
Rate
SM5310-T
• 10.3125 Gbps
SM331T
• XFI MAC interface
• 10GBASE-T: UTP cat.6a or above
• 1.25 Gbps
(max 30m)
• 1000BASE-X MAC interface
• 1000BASE-T/ 2.5GBASE-T/ 5GBASE-
• 1000BASE-T: UTP cat.5e or above
T: UTP cat.5e or above (max 100m)
(max 100m)
• Hot Swappable
• Hot Swappable
• DDM
• Power Consumption: max 0.8 W
• Power Consumption: max 2.5 W
• Plug & Play
• Plug & Play
GE 10G
SFP RJ45 Module SFP+ RJ45 Module

02 Device Discovery,
Adopting & Management
•
•
Omada Controller Overview
Lab #1 APP Standalone Management
• L2 Management
• Lab #2 OC200 Initialization & Cloud Management
• Lab #3 Local Adoption (OC200 adopt AP & SW)
• L3 Management
• Lab #4 Remote Adopting via Omada Discovery Utility

Omada Device Management Method
All Omada devices, including Omada Gateway, Omada Switch, and Omada EAP, except Omada 3-in-1 Gateway, support two
management methods:
• Standalone Mode: manage each device individually through each devices’ Web or CLI.
• Controller Mode: centrally manage devices through an Omada SDN Controller.

Via IP address
Web Browser
Via Domain Name:
• EAP only
• Wireless clients are connected to the EAP SSID
Standalone Mode • Visit tplinkeap.net
• Omada AP and Omada Wireless Gateway only

Omada APP • For Android and iOS mobile clients
• Clients must connect to the network, and
obtain valid IP address
Lab #1 APP Standalone Management

Omada SDN Solution and Omada Controller Management
• Omada SDN Controller is a centralized management platform to monitor and manage Omada devices. It’s the core center of
Omada SDN Solution, which allow us to manage the entire network more conveniently and effectively.
• Omada devices being managed by the Omada SDN Controller operates in the controller mode.
• There are three kinds of Omada SDN Controller: Omada Software Controller, Omada Hardware Controller and Omada
Cloud-Based Controller.
Ceiling Mount Managed

Omada
Router
Omada
Wall-Plate Omada Switch
Access Point
Smart
Outdoor
Omada SDN Controller

Omada SDN Controller
• Cloud-based, no hardware required.

Cloud-Based Controller • No Operation & Maintenance required for the controller .
• Flexible expansion with no limits on the management scale.
• Flexible installation, no dedicated server required.

• Discover Omada devices on the same network automatically.
Hardware
• OC200 and OC300 can managed up to 130 (100 EAP + 10 Gw + 20 Sw)
Controller
and 700 (500 EAP + 100 Gw + 100 Sw) Omada Devices respectively.
• Free to use.
• Manage up to 10,000 Omada devices, depending on the Server
Software Controller
hardware specifications.
• Operation & Maintenance required.

Omada Cloud Portal
• https://omada.tplinkcloud.com and create your TP-Link ID to access Omada Cloud services.
• Click “+ Add Controller” to create your Cloud-Based Controller, or initialize a Hardware Controller.
• Enable Cloud Access on a Software Controller and bind your TP-Link ID.
• Launch a controller to remotely manage the network.
Manage all your Omada SDN Controllers remotely via the Omada Cloud Portal

Initialize Your OC200 via Omada Cloud Portal
• Connect OC200 to the network, and power it on using PoE or Micro USB, and ensure it can access the Internet.
• Wait for the Cloud LED to flash slowly, which indicates it is connected to the Omada Cloud.
• Click “+ Add Controller” and add a Hardware Controller on Omada Cloud Portal.
• Input the OC200’s Device Key on the bottom label, then follow the step-by-step instructions for a quick setup.
Add your Hardware Controller or Create a Cloud-Based Controller on Omada Cloud Portal
Initialize Your OC200 Locally
• Connect OC200 to the network, and power it on using PoE or Micro USB
• Check the DHCP Client list, and find the IP address of your OC200
• Access the OC200 with its local IP address, and follow the wizard to set up it.
Access OC200 web page with its local IP address

Initialize Your OC200 via Omada APP
• Install Omada APP via Google Play or Apple Store.
• Launch Omada APP and log in your TP-Link ID.
• Click “ + “ and scan the QR code on the bottom label of your OC200, then follow the step-by-step instructions for a quick
setup.
Scan the QR code for easy binding OC200 with your TP-Link ID TP-Link Corporation Limited. Not for distribution or reproduction.
© 2023 45
Install Omada Software Controller (Optional)
• Supported OS:
• Windows 7 / 8 / 10 / 11 / Server
• Linux: Ubuntu 16.04, 18.04, 20.04, Debian 8, 9, 10, 11, CentOS 6, 7
• Dependencies:
• OpenJDK / Oracle Java 8 and above
• MongoDB v3 and v4
• jsvc, curl for Linux version
• Installation Steps
• For Windows: manually install OpenJDK / Java first (https://www.tp-link.com/support/faq/3086/ ) then run the installer;
• For Linux: Refer to FAQ -- https://www.tp-link.com/support/faq/3272/

Lab #2 OC200 Initialization & Cloud
Management

Omada Device Status
Status Explanation
Pending The device can be discovered by your Omada SDN Controller and is ready to adopt.
Managed by The device is already been managed by another controller.

Others You can reset it or enter the username and password to adopt and manage it with your controller.
Provisioning The device is being configured in sync with the controller and may reboot during this phase.
Connected The device is managed by your controller, and performing normally.
Configuring When the controller is issuing settings to the device after you make some settings.
A transition between Connected and Disconnected. The device was once managed by your controller,
Heartbeat Missed
but has lost connection with the controller for more than 30 seconds.
Disconnected The device becomes Disconnected when it loses connection with the controller for more than 5 minutes.
The device was once managed by your controller via a Mesh connection, still can be detected by other
Isolated
EAPs but cannot reach the gateway.

Omada Management Protocol
• Latest Omada Management Protocol uses:
• UDP port 29810 for device discovery;
• TCP port 29814 for device management;
• TCP port 8043 for firmware transmission;
• TCP port 29815 and 29816 for Packet Capture and Remote Control Terminal.
Omada Management Protocol data packets
OC200
192.168.0.200
Omada EAP
192.168.0.100
Omada SDN Controller and Omada devices communicate using the private Omada Management Protocol
Local Device Discovery
Device actively sends Omada Device Discovery packets

via Broadcast, to UDP port 29810
OC200
192.168.0.200
Pending EAP
192.168.0.100 Click to Adopt the device
Controller replies its management port 29814

via Unicast, from UDP port 29810
Local Device Adopting and Management
Device actively sends connection requests

via Unicast, to TCP port 29814
OC200
192.168.0.200
Pending EAP
192.168.0.100 Controller and device create a TLS tunnel for encryption
Controller attempts to adopt the device using Device Account
Controller configures and manages the device
Lab #3 Local Adoption (OC200 adopt
AP & SW)

Remote Device Discovery
• Omada devices actively broadcast Omada Device Discovery data packets so that the Omada Controller on the same subnet
can discover them.
• When the Omada Controller and Omada devices are not on the same subnet, it is necessary to inform the devices of the
controller’s contact information (IP address or URL), here are some methods:
• Omada Discovery Utility
• DHCP Option 138
• Standalone Web
WAN IP: 1.2.3.4
• Standalone CLI
ER605
Pending EAP
OC200
192.168.0.200
Inform the Omada EAP of the remote OC200’s IP address
to create the Omada management connection.

Remote Device Discovery – Port Forwarding
• When the Omada Controller and Omada devices are not on the same network and are connected via the Internet, you may
need to set up Port Forwarding for the controller on the gateway.
OC200
ER605 192.168.0.200
Pending EAP
Name Source IP Interface Source Port Destination IP:Port Protocol

Omada Device Discovery 0.0.0.0 / 0 WAN 29810 192.168.0.200:29810 UDP
Omada Device Management 0.0.0.0 / 0 WAN 29811-29816 192.168.0.200:29811- TCP
29816
Omada HTTPS 0.0.0.0 / 0 WAN 8043 192.168.0.200:8043 TCP

Remote Device Discovery – Omada Discovery Utility
Omada Discovery Utility can discover all Omada Devices on the same subnet, and inform them of the Controller’s IP address or
URL.
• Install Omada Discovery Utility on Windows computers or Mac ( https://www.tp-link.com/support/faq/2533/ )
• Connect your PC to the same subnet as the devices, run the utility, and wait for all devices to be discovered, select the
devices, enter the controller’s IP address or URL, and the device account ( “admin / admin” in factory reset status ), then the
devices will actively send Omada Device Discovery data packets to the IP address or URL.
Use Omada Discovery Utility to discover all devices and inform them of the controller’s IP or URL
Remote Device Discovery – DHCP Option 138
• DHCP Option 138 can be used to notify the devices of the controller’s IP address. Note that URL is not supported.
• Enable DHCP Option 138 on the devices’ DHCP Server, and set the controller’s IP address.
• When a device requests an IP address from the DHCP Server, the server issues DHCP Option 138 at the same time so that the
device knows the controller’s IP address, and then actively sends Omada Device Discovery data packets to the controller.
• DHCP Option 138 allows you to batch process all devices on the network, even after a hardware reset, the devices still
know about the controller IP address.
Configure DHCP Option 138 on Omada Gateway in Controller and Standalone mode.

Remote Device Discovery – Standalone Web
• Omada devices can operate in standalone mode or in controller mode.
• After logging in to the standalone Web, you can configure the controller’s Inform URL or IP address, then the device will
actively send Omada Device Discovery data packets to the controller.
• When you first log into the device Web, you need to create a new account, or modify the default password, so you will be
requested to provide the modified account for the controller to adopt the device.
• For Omada Gateway: go to System Tools > Controller Settings, enter the Inform URL/IP Address.
• For Omada Switch / EAP: go to System > Controller Settings, enter the Inform URL/IP Address.
Enter Inform URL/IP Address in standalone Web © 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 57
Remote Device Discovery – Standalone CLI
• Omada Switch supports access via SSH, Telnet, and Console Port, log into your account, the command to set the inform
URL/IP Address is controller inform-url [URL/IP] .
Switch> enable
Switch# config
Switch(config)# controller inform-url 1.2.3.4

Check out FAQ -- https://www.tp-link.com/support/faq/3534/ to learn more on the usage of Omada switch CLI.
• Omada EAP supports access via SSH, log into your account, the command to set the inform URL/IP Address is xsetctrladdr
[URL/IP].
xsetctrladdr 1.2.3.4
• Then the device will actively send Omada Device Discovery data packets to the controller, note to provide the modified
account for the controller to adopt the device.

Lab #4 Remote Adopting via Omada
Discovery Utility

Batch EAP Adopting / Config
• Devices > Batch Action > Batch Adopt, select the EAPs to be adopted, click Done, and then the controller will try to adopt the
pending EAPs using the default account, and you will be prompted to enter the new account if the account has been modified
before.
• Devices > Batch Action > Batch Config, select the EAPs to be configured, click Done, and then you can change some
settings in batch.

03 Basic Network Settings
and Monitoring
•
•
Omada Controller Overview
Common Wireless Configuration
• Common Wired Configuration
• Lab #5 Site Config & Migration
• Lab #6 Lab-Mesh of AP

Main Page
Site & Account
Feature Bars
Setting and Monitoring Area
RF Scanning result of 5 GHz

Dashboard
The dashboard shows the status of the whole network, including the connection information of the router, switch, AP, and clients.
Show the network traffic, warning/alerts/logs, etc. Help you view the current network status, traffic status, equipment, and client
conditions in real-time.
The Dashboard interface on the Omada Controller

Dashboard – Customized Dashboard Page
You can also customize the information cards that need to be displayed in the dashboard according to the demand. The cards include
System, Network, and Client information.
The Dashboard interface on the Omada Controller

Statistics – Performance
Show the traffic data of the router, switch, and AP separately. Can display the data in 5 minutes, hourly, daily.
• Router: User counts, Usage, Traffic, Packets
• Switch: User counts, Usage
• EAP: User counts, Usage, Traffic, Packets, Dropped, Errors, Retries
The Performance Statistics interface on the Omada Controller

Statistics – Switch Statistics
• Display the connection status of switch ports (PoE, Uplink, Link Speed, mirroring, STP Blocking).
• Display the traffic of each port (Transmitted, Received).
The Switch Statistics interface on the Omada Controller

MAP – topology
• Display the network topology status timely.
• Display the uplink, and link speed of wired devices （Need to click Link Labels in the upper right corner ）.
• Display the connected SSID, radio and channel of wireless clients.
If the network status or device connection problem occurs, it can help administrators to perform network diagnoses quickly.
Clients
AP
Gateway Switch
Controller
The Map interface on the Omada Controller

Devices
Display the information of router, switch, and AP. You can configure the specific devices by clicking the “DEVICE NAME”.
• Router: Details, Networks, Ports, Configuration, Statistics
• Switch: Details, Ports, Clients, Configuration, Statistics
• AP: Details, Clients, Mesh, Configuration, Tools, Statistics
The Device List on the Omada Controller The EAP/Switch configuration interface on the Omada Controller

Clients
Display the information of connected wired and wireless clients. You can configure the specific clients by clicking the “USERNAME”.
• Details: Display the MAC address, IP address, Hostname, Uptime, Connected port of clients.
• History: Display the connection history of clients, including connection date/time, duration and traffic download every time.
• Config: Configure the host name, rate limit value and static IP for clients.
The Client List on the Omada Controller
The Client configuration interface on the Omada Controller

Insights
Display the information on Known Clients, Past Connections, Past Portal Authorizations, Switch Status, Port Forwarding, VPN Status,
Routing Table, Dynamic DNS, Rogue APs, QoS Data, etc.
Rogue APs can view some of the illegal APs that may be present in the environment.

Logs
Logs including Error, Alerts, and Info. Depending on the type it can be categorized as Operation, System, Device, Client.
We can also customize the level of the log. For example, set Voucher Created from the Event level to Alert level.
The Log interface on the Omada Controller

Wireless settings - Overview
• The SSID is configured to be distributed by default to all EAPs that

have been adopted by the Omada Controller.
• With Guest Network enabled, guest network will block clients from
reaching any private IP subnet.
• Each EAP may broadcast up to 8 simultaneous SSIDs (not

recommended for airtime efficiency)
The SSID settings interface on the Omada controller

Wireless settings – Wireless Security
• None, WPA-Personal, WPA-Enterprise, PPSK without RADIUS, PPSK with RADIUS.
• WPA-Personal uses the same password to connect to the same SSID and is the one we most often use.
• WPA-Enterprise requires Radius Server to be configured for use, with a different password for each connected user.
• PPSK can realize the use of different passwords to connect to the same SSID.
The SSID Security settings interface on the Omada Controller

Wireless settings – Rate Limit
• Rate limit can prevent clients from taking up bandwidth for long periods of time causing other clients to be unable to use the
network properly.
• Client Rate Limit: When enabled, you can limit the download and/or upload rate of each client to balance bandwidth usage.
• SSID Rate Limit : When enabled, you can limit the download and/or upload rate on each band of this SSID.
The Rate Limit settings interface on the Omada controller The Rate Limit Profiles interface on the Omada controller

WLAN Group
• By default, the Omada SDN Controller will issue the Default WLAN configuration to all the EAPs in the current site.
• To make some specific EAPs in this site broadcast different SSIDs, you can create WLAN Groups and configure SSIDs for
each group under Wireless Networks, then apply these groups to the desired EAPs from Devices page.
The WLAN Group config interface on the Omada controller

Mesh - Overview
• Mesh is used to establish a wireless network or expand a wired network through wireless connection on 5GHz radio band. In
practical application, with Mesh network, most of cable wiring is no longer required, AP can be deployed anywhere as the
user need.
• To provide Wi-Fi coverage for a beach/farm, in traditional wired AP deployment, all APs will be connected with Ethernet cable.
However, Ethernet cable wiring can be very expensive and time-consuming when using traditional deploy method. In this
situation, if the AP supports Mesh, we can deploy the APs wirelessly.
Mesh Network topology Mesh Network topology of beach

Mesh - Basic Concepts of EAP
Basic Concepts for Mesh of EAP
Basic
Explanation
Concepts
Data link between AP and its direct front-end
Uplink
EAP device.
Root AP The wired AP in a Mesh network.
Mesh AP AP with wireless uplink.
The AP providing wireless uplink for Mesh AP

Uplink AP
will be called the Uplink AP for this Mesh AP.
The Mesh AP connecting to other AP

Downlink AP wirelessly will be called as Downlink AP for the
other AP.
The relative distance between Mesh AP and
Root AP.
Hop
For TP-Link Mesh network, it supports 3 hops Mesh Network topology
in maximum.

Mesh - Configuration
• The Mesh feature based on a specific firmware. EAP will support Mesh only after upgraded to the firmware with release note
says “support Mesh” or later firmware.
• Omada EAP Mesh technology cannot be networked with other mesh technologies, like OneMesh, DecoMesh.
• Auto Failover: When one or more APs are failed in EAP Mesh network, with Auto Failover feature enabled, the Mesh network
will recover automatically. Auto Failover is disable by default.
The Mesh settings interface on the Omada controller Auto Failover topology

802.1Q VLAN
• VLAN (Virtual Local Area Network) is a technology that divides the LAN into several different virtual LANs (VLAN).
• Enhance network security, restrict broadcast storm domain and ease the management.
• Create a new VLAN in networks first, and then configure the profile.
With VLANs, a client can only communicate with the clients

in the same VLAN
Create New LAN on the Omada controller
LAN Profiles
• When a new Interface / VLAN is created in networks, a corresponding profile is added by default.
• The profile is used to define the properties of switch ports, including PoE, VLAN, 802.1x, port isolation, spanning tree, LLDP-MED,
bandwidth control, etc.
• Each default profile including one default VLAN (untagged) and the PVID (native network) is equal to the VLAN ID.
• We can customize different LAN Profiles and bind the Profile to different ports of the switch to achieve different VLAN requirements.
LAN Profile on the Omada controller Detailed information about VLAN 10 Profile

LAN Profiles
• All profile is the profile bound to all ports of the switch by default, at this time the port belongs to all the VLANs that have been created,
and the PC can get the IP address from the default LAN after connecting.
• If VLAN 10 profile is bound to the port of the switch, the port will only belong to VLAN 10, the egress rule is untagged, and the PVID is
10. PC can get the IP address from the VLAN 10 after connecting.
• When a port is bound to Disable Profile, this port is shutdown and does not forward any data.
LAN Profile on the Omada Controller
Bound VLAN 10 Profile to switch port

Auto Backup
• Omada SDN Controller supports to save the backup configuration file to File Server via FTP, TFTP, SFTP, SCP protocols. If we choose
to save to Local File, different controller types may save to different locations.
• For Omada Software Controller, it will save the backup configuration file in the same path as the controller software.
• For Omada Hardware Controller, OC300 will save the backup file in its storage space or USB drive, while OC200 will save in the USB
drive.
Auto Backup settings interface on the Software Controller
Auto Backup settings interface on the Hardware Controller

Lab #5 Site Config & Migration

Lab #6 Mesh of AP

04 Portal & Hotspot
•
•
Portal & Hotspot
Portal Access Control
• Hotspot Operator
• Lab #7 Portal & Hotspot Manager

What is Portal？
Portal is a popular access authentication method utilized

primarily in public areas such as hotels, airports, malls, and
more.
In these settings, open Wi-Fi networks are often provided to

make it easier for customers to connect, and Portal is
employed for authentication purposes.
Upon connecting to the SSID, customer’s devices will

automatically display a web page that prompts them to
accept the terms of usage or enter their authentication
information. With portal authentication, network providers
can customize the login page and incorporate
advertisements.

Omada Portal Authentication
Authentication Types:
• None: one click login;
• Simple Password: enter a preset password;
• Hotspot: multiple authentication types provided;
• RADIUS Server: enter the username and password

configured on the external or built-in RADIUS server.
• External LDAP Server: enter the username and

password configured on the external LDAP server.
• External Portal Server: authenticate via the external

Portal server.
After the client is authenticated, the client will be redirected to the landing
page, which can be either the Original URL or a customized Promotional
URL, depending on the settings.

Omada Portal Working Mechanism
The workflow of Omada Portal is as follows:
1. A customer's client connects to the wireless network with

Portal configured, and attempts to access the internet.
5
2. The EAP intercepts the request and asks the client to access
the Portal;
3. The client visits the Omada Controller’s Portal, selects an

authentication method, and submits the authentication 4
information;
Omada Controller 2
4. After successful authentication, the controller notifies the EAP
to forward the client’s traffic; 3 1
5. The client has access to the Internet;
6. When the authentication expires, the EAP intercepts the client

again and re-executes the authentication workflow.
Wireless Client

Omada Portal Access Control Policy
• Pre-Authentication Access: allows unauthenticated

clients to access the specific network resource. For
example, you can add to the list some IP addresses or
URLs that are required for internal system or Portal
authentication.
• Authentication-Free Client: allows the specific clients to

access the specific network resources without
authentication. For example, you can add some IoT
clients to the list so that they can directly connect to the
Wi-Fi and access the network.

Omada Portal Hotspot
Omada supports multiple Hotspot authentication methods:
• Voucher: enter a unique voucher code generated by the

controller within a pre-defined time usage;
• Local User: enter the username and password of an

local account on the Omada Controller;
• SMS: enter the phone number and submit the received

verification code;
• RADIUS: enter the username and password of an

account created on the RADIUS server;
• Form Auth: fill in a survey to pass the authentication.

Omada Portal Hotspot Manager
Hotspot Manager is a portal management system designed to centrally monitor and manage clients authorized through hotspot
authentication.
It allows you to create Hotspot Operator accounts for secretaries, receptionists, and other designated personnel who can
access the Hotspot Manager and perform actions such as granting, revoking, or extending guest access.

Voucher Management
• Centrally create & manage vouchers;
• Option to print vouchers for distribution, with printing language and currencies customized;
• Review voucher statistics & revoke vouchers.

Form Auth & Local User Management
Form Auth Local User
• Create a survey with flexible question types; • Centrally create & manage local users, with export and
import supported;
• Publish the survey, view and export data for in-depth
analysis. • Set rate limit, traffic limit, and maximum users for each
account.

Lab #7 Portal & Hotspot Manager

05 Wireless Fundamentals
•
•
RF Fundamentals
FSPL
• 2.4 / 5 / 6GHz Band & Channel
• Wi-Fi 5 / 6 / 7 Comparing and Key Features
• MIMO / MU-MIMO
• MCS
• DFS

What is RF?
As we are aware, wireless communication employs electromagnetic waves to transmit information. Some examples of wireless
communication devices include radios, microwave ovens, Bluetooth headsets, Wi-Fi routers, and many more.
RF (Radio Frequency) is a frequency range for electromagnetic waves that can be used for communication signals.
FM Radio Microwave Oven Bluetooth Wi-Fi

88~108 MHz 2.45 GHz 2.4~2.485 GHz 2.4~2.4835 GHz
5.17~5.33 GHz
5.47~5.835 GHz
5.925~7.125 GHz

Propagation behavior of RF signals
To transmit information using an RF signal, it is essential to understand how the RF signal propagates through the air.
For instance, in a meeting room, when someone speaks out loud, the sound waves travel through the air and reach the receivers'
ears, enabling them to hear the message and receive the intended information.
RF signals behave similarly, based on what is called the Free Space Propagation Model. Generally speaking, an RF signal will
propagate in every spatial direction, and all surrounding devices may receive the signals.

Free Space Path Loss (FSPL)
When a radio frequency signal is freely propagated in space, its strength decreases with the increase in propagation distance.
Similar to how the closer you are to a light bulb, the brighter the light is, and the farther you are from the bulb, the dimmer the light
becomes.
As the transmission distance increases, the area covered by the signal also increases. At the same time, the energy contained in
each unit area decreases.
In free space, the intensity of RF decreases with distance.

Free Space Path Loss (FSPL)
• Path Loss is greatest near the transmitter;
• The higher the frequency, the greater the attenuation rate;
• For the same transmitted power, 2.4 GHz has higher coverage than 5 GHz, which in turn has higher coverage than 6 GHz.
Weak Signal
Strong Signal

dB & dBm
• dBm stands for decibel mill watts, it is the signal strength or power level. 0 dBm is defined as 1mW.
• dB refers to decibels. A decibel reading signifies the amount of increase or decrease in a signal.
• + / - 10 dB corresponds to an increase or decrease in power by a factor of 10;
• + / - 3dB is approximately an increase or decrease in power by a factor of 2.
Power Power level (dBm) Notes
400 mW 26
20 dBm is 3 dB smaller than 23 dBm, halving the power.
200 mW 23
100 mW 20
1 mW 0
100 W -10
-10 dBm is 10 dB smaller than 0 dBm, the power is reduced
10 W -20
to one-tenth.
100 nW -40
1 nW -60

Signal Attenuation
• Intensity of signal reduced due to path obstructions & FPSL
• Wave behavior (ex. Reflect, scatter, absorb) vs. wall materials
• Reduce TX power for more controlled, predictable coverage
Predict attenuation to wireless signals with Omada Heatmap with wall drawings
Use Antenna to Focus Energy
Here is an example: A bulb emits light in all directions, the brightness depends on the power of the bulb itself. We know that a 10
Watt bulb is usually brighter than a 1 Watt bulb. Now we put the 1 Watt bulb into a flashlight with a reflector. The reflector can
focus the light into a specific direction. Since the light is focused, the brightness of this 1 Watt bulb can be equal to the 10 Watt
bulb in this specific direction.
In an RF system, the bulb is the transmitter and the reflector is the antenna. So antenna “amplifies” the signal by focusing it, so
that we can get a better signal in a specific direction.

Antenna Gain
• An isotropic antenna is defined as a hypothetical antenna having the same radiation in all directions.
• Antenna gain is the ratio of the power density in a given direction to the power density of an isotropic antenna in the same
direction, which is expressed in dBi (dB isotropic).
For example, a reflector can focus the light into a specific direction so that the brightness of a 1-watt bulb is equal to that of a 10-
watt bulb in the specific direction, therefore this reflector has a gain of 10 dB. The gain of an antenna is similar.
• Under the same conditions, the higher the gain, the more directional, and the farther the wave travels, but the worse the signal
in other areas.
Wireless Heatmap of EAP225-Outdoor © 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 103
Antenna Radiation Patterns
• Antenna Radiation Patterns demonstrate the radio intensity with respect to direction.
• Test the radio intensity of the antenna in all directions on a certain plane, and calculate the difference between the intensity in
each direction and the maximum intensity on the plane, expressed in dB.
• The outer circle represents 0 dB, the closer the curve is to the outer circle, the stronger the radio intensity, i.e., the
stronger the antenna gain is in that direction.
• The following are the three most commonly used planes.

• Azimuth (theta90): refers to the “horizontal”; overhead view of the EAP
• Elevation-0/90: refers to the “vertical”; side view of the EAP
Antenna Radiation Patterns of EAP670. Refer to EAP datasheet for more models’ patterns.
2.4GHz Band & Channel
• 2.4~2.4835 GHz
• Channels 1, 6, and 11 are 3 non-overlapping 20 MHz channels;
• In the case of channels 1, and 2~5, they overlap in frequency, which can lead to wireless interference;

5 GHz Band & Channel
• Four 5 GHz bands are available for WLANs: UNII-1, UNII-2, UNII-2 Extended, and UNII-3, commonly referred to as Bands 1, 2, 3,
and 4.
• Up to 25 non-overlapping 20 MHz channels, 12 non-overlapping 40 MHz channels, 6 non-overlapping 80 MHz channels, and 2
non-overlapping 160 MHz channels;
• Higher channel width for higher rates, more channels for greater flexibility for WLAN deployments;

DFS Bands
• Dynamic Frequency Selection (DFS) is a channel allocation scheme specified for Wi-Fi, to prevent it from interfering with
wireless systems, such as military radar, satellite communication, weather radar.
• Bands 2 and 3 (UNII-2 and UNII-2 Extend) susceptible to DFS (Dynamic Frequency Selection).
• Wi-Fi networks operating in bands 2 and 3 are required to employ a radar detection and avoidance capability.
TDWR (Terminal Doppler Weather Radar) UNII-2 and UNII-2E are DFS bands

Start
DFS Operations
The flowchart shows how an Omada EAP operates on a DFS channel.

Choose a DFS
• Channel Availability Check (CAC): The EAP radio scans the DFS channel
channel to check for any radar signals before transmitting any

frames in the channel. This commonly takes 1 minute, but could
take up to 10 minutes if one of the weather radar channels (120, CAC
(1-10 Minutes)
124, and 128) is selected for an Omada EAP in the EU hardware
version.
• Channel Non-Occupancy Period: If the EAP detects that a radar Y

Radar Move to a Non-DFS
is using a specific DFS channel, it marks the channel as non- detected? channel
available and excludes it from the list of available channels.
N
Y
When operating on DFS channel & radar signals are detected, most of
Omada EAPs stop transmitting wireless signals and move to a non- Start Tx and keep Radar
monitoring detected?
DFS channel in bands 1 or 4 (UNII-1 or UNII-3).
N

• Many more available channels than 2.4 GHz and 5 GHz bands;
• Up to 7 non-overlapping 160 MHz channels, and 3 non-overlapping 320 MHz channels;
• Not affected by DFS.

• The United States and Canada have allocated the whole 6 GHz band for WLAN use.
• Europe, Japan, and the United Kingdom allocate the UNII-5 band for WLAN use.
• UNII-5: 5.925 ~ 6.425 GHz
• UNII-6: 6.425 ~ 6.525 GHz
• UNII-7: 6.525 ~ 6.875 GHz
• UNII-8: 6.875 ~ 7.125 GHz
Countries Enabling Wi-Fi in 6 GHz, from Wi-Fi Alliance

2.4/5 GHz 20 MHz Channel Assignments
• For 2.4 GHz bands, use channels 1 / 6 / 11, and try to set different channels for neighboring APs;
• For 5 GHz bands, try to set different channels in different bands (UNII-1 and UNII-3) for neighboring APs when available, or
non-adjacent channels in the same band.
1 11 48 149
11 6 1 157 36 161
1 11 44 153
Use different channels for neighboring APs Use non-adjacent channels for neighboring APs.
(Pink for channel 1, purple for channel 6, yellow for channel 11) (Pink for UNII-1 channels, yellow for UNII-3 channels)

Channel Bonding
1. Channel Bonding: neighboring 20 MHz channels are bonded together to form a larger channel, a 80 MHz channel can provide
4 times the bandwidth of 20 MHz.
2. Channel Bonding improves bandwidth, but causes more interference, and reduces transmit power, which in turn reduces SNR
(signal-to-noise ratio).
• 2.4 GHz: 40 MHz WLAN features 20 + 20 MHz channels. Note: it is never appropriate to use 40 MHz in any multi-
AP environment on the 2.4 GHz band.
• 5 GHz: 80 MHz WLAN features 20 + 20 + 20 +20 MHz channels; up to 160 MHz is supported. Note: 40 MHz is typical
for a wide variety of deployments, using 160 MHz is impractical in any multi-AP environment, and 80 MHz channels
tend to be practical only in small deployments where DFS channels are usable.

Effective Isotropic Radiated Power (EIRP)
• EIRP is the antenna’s maximum power output in the direction with the highest antenna gain, that is the Maximum Output
Power of the wireless access point.
• EIRP is controller by the government bodies, therefore, a wireless access point is not permitted to emit signals above a
specified EIRP.
• Omada EAP products of different hardware versions (US, EU, CA, JP, etc.) comply with the corresponding specifications.

Transmit (Tx) vs. Receive (Rx) Signals
• Tx power (EIRP) is usually expressed in Positive dBm units. For example, +23 dBm represents 200 mW.
• Signal Strength of different bands was calculated using FSPL as shown below.
• Rx power (RSSI, Received Signal Strength Indication) is usually < 1 mW, and is therefore expressed in Negative dBm. For
example, -48 dBm.
Strong
Weak
Omada Heatmap supports displaying the signal strength.

Omada EAP Channel Operation
• The default is Auto, which performs a wireless scan during startup and selects the best channel from the available channel list.
It may result in strong wireless interference and low total throughput as the wireless network operates.
• It is suggested that a Site Survey be performed and that channels be manually assigned to access points throughout the site
using a thorough channel plan. Primarily, different channels for neighboring APs (same floor and across floors).
While the wireless network operates, the Auto channel settings may result in
strong wireless interference and a low total throughput rate.
Omada AI WLAN Optimization
AI WLAN Optimization determines the optimum wireless channel and power for Omada EAPs based on environmental factors
including network topology, deployment size, traffic, and client factors, ensuring a better experience for wireless clients of each
Omada EAP.
• Automatic Channel Optimization
• Automatic Power Optimization
AI WLAN Optimization Settings

MIMO
MIMO (Multiple-Input Multiple-Output) technology is designed to improve wireless performance by using multiple radio chains
to make wireless transmission. There are two different situations in MIMO systems:
1. Spatial Multiplexing: a high-rate signal is split into multiple lower-rate streams and each stream is transmitted from a different
transmit antenna to the corresponding receiver antenna. It is a very powerful technique for increasing channel capacity at higher
signal-to-noise ratios (SNR).
Data=123
Data=456
Data=123456789 Data=123456789
Transmitter Receiver
Data=789

MIMO -- Beamforming
2. Beamforming: increases the received signal gain by making signals emitted from different antennas add up constructively and
to reduce the multipath fading effect.
Data=123456789
Data=123456789
Data=123456789 Transmitter Receiver

Data=123456789
Data=123456789

MU-MIMO
MU-MIMO (Multi-User Multiple-Input Multiple-Output) technology is designed to make one transmitter send different data to
different receivers at the same time. In a wireless network without MU-MIMO, only one client can communicate with an AP at a
time.
If both the AP and the clients support MU-MIMO, an AP can communicate with each client using separate spatial streams. Since
clients no longer have to wait, the overall throughput of the wireless network will increase.
For example, as shown in the figure below, the transmitter supports 3 streams, receiver 1 supports 2 streams, and receiver 2
supports 1 stream, all three support MU-MIMO, and the transmitter can send data to two receivers at the same time.
Data=123
Data=123456
Data=456 Receiver1
Data=123456789
Transmitter
Data=789
Data=789
Receiver2

IEEE 802.11 WLAN Standards
IEEE (Institute of Electrical and Electronic Engineers) is an international organization that is responsible for creating and
maintaining the communication standard.
802.11 is a working group of IEEE for WLAN standards. The standard provide the basis for wireless network products using the
Wi-Fi brand and are the world's most widely used wireless computer networking standards.
Radio Frequency Max Stream Data
Generation IEEE Standard Bandwidth (MHz) MIMO
(GHz) Rate
Wi-Fi 0 802.11 2.4 2 Mbps 22 —
Wi-Fi 1 802.11b 2.4 11 Mbps 22 —
Wi-Fi 2 802.11a 5
54 Mbps 20 —
Wi-Fi 3 802.11g 2.4
Wi-Fi 4 802.11n 2.4 / 5 150 Mbps X 4 HT20 / 40 4

VHT 20 / 40 / 80 /
Wi-Fi 5 802.11ac 5 866 Mbps X 8 8
160
HE 20 / 40 / 80 /
Wi-Fi 6 802.11ax 2.4 / 5 / 6 (Wi-Fi 6E) 1201 Mbps X 8 8
160
EHT 20 / 40 / 80 /
Wi-Fi 7 802.11be 2.4 / 5 / 6 2882 Mbps x 16 16
160 / 320

Wi-Fi 7
With the upcoming 7th generation of Wi-Fi, the ultimate online experience will be unleashed.
• 320 MHz: Wi-Fi 7 unleashes the full potential of the 6 GHz band to double the bandwidth of the last generation. Extending
channel width to 320 MHz also enables many more simultaneous transmissions at the fastest possible speeds.
• 16 × 16 MU-MIMO: Wi-Fi 7 increases the number of spatial streams from 8 to 16. The theoretical physical transmission rate is
thus doubled.
• 4K-QAM: Wi-Fi 7 adopts a higher-order modulation scheme: 4096-QAM. This means 20% higher theoretical transmission
rates than Wi-Fi 6’s 1024-QAM.
• Multi-Link Operation: With Multi-Link Operation (MLO), Wi-Fi 7 enables devices to simultaneously send and receive data
across different frequency bands and channels to increase throughput, reduce latency, and improve reliability.
• Preamble Puncturing: with Preamble Puncturing, the interference can be blocked, opening up more channels to use.
MLO
Wi-Fi 6
Wi-Fi 6 products have become a staple in many markets. Compared with its predecessor Wi-Fi 5 (11ac Wi-Fi), Wi-Fi 6 combines
two industry-leading and innovative technologies — OFDMA and 1024-QAM — to improve speed, increase efficiency, and reduce
congestion in high-density environments.
• 160 MHz
• 1024-QAM
• 8 x 8 MU-MIMO
• OFDMA: Imagine your Wi-Fi connection as a series of delivery trucks delivering data packets to your devices. With Wi-Fi 5,
each delivery truck or “packet” could only deliver one parcel to one device at a time. But with OFDMA, each truck can deliver
multiple parcels to multiple devices simultaneously. This vast improvement in efficiency works for both uploads and
downloads.
Wi-Fi 5 without OFDMA Wi-Fi 6 with OFDMA

MCS
The MCS (Modulation Coding Scheme) index is a list of modulation schemes and coding schemes that are currently used to send
data between Wi-Fi devices.
• Modulation schemes: the way data is formatted prior to transmission;
• Coding schemes: how the data is encoded while being transmitted.
Simply put, MCS defines the optional theoretical rates between the AP and the wireless client. They dynamically negotiate a
MCS index number, and then communicate using parameters including modulation type, coding rate, defined by the MCS index
number.
The higher the MCS index number, the higher the MCS rate / max data rate of the Wi-Fi connection.
Part of the MCS Index of Wi-Fi 6 (https://mcsindex.com/) © 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 123
DRS
• DRS = Dynamic Rate Selection, also known as Dynamic Rate Shifting, Adaptive Rate Selection, or Automatic Rate Selection.
• DRS adjusts the MCS index number of each transmitted packet based on the RCS (Rate Control Algorithm), which is defined
by WLAN device manufacturers and is usually related to RSSI, SNR (signal-to-noise ratio), Retransmission Rate, etc.
• The higher the MCS index number, the higher the requirements for RSSI and SNR, and the higher the theoretical rate; while the
lower MCS index number, the lower the theoretical transmission rate, but the lower the requirements for RSSI and SNR, the
longer the transmission distance can be covered.
RSSI = -30 dBm RSSI = -55 dBm RSSI = -65 dBm RSSI = -80 dBm
MCS Index 11 MCS Index 11 MCS Index 7 MCS Index 1
06 Demand Analysis
•
•
Client Number
Wireless Network Coverage Area
• Bandwidth
• Device Selection

Gathering Original Demand
Full communication with the customer at the beginning of the project and extracting the user's requirements is the most
important part of a project. Refer to the following aspects when communicating with your customer:
Customer Basic Info
• Customer industry: Education/MDU/Hospitality/POS···

• Role: Technical or non-technical. Title in customer’s company.
Project Basic Info
• Project industry / Location / Current progress / Target data for POC.

• Project target: Floorplan for WLAN coverage area / Wireless or wired client number.
Network Basic Info
• Current solution (Omada or not) and pain point.

• Product selection.
• Key feature required, like ACL/Portal Authentication.
• Advanced feature required, like PPSK/Open API or customized feature.

Extract Key Technical Parameters
Professional B2B customers usually provide RFI (Request for Information) or RFP (Request for Proposal) documents to clarify key
technical requirements.
SMB customers usually can not provide RFI/RFP documents, so we need to extract the key requirements from the user's
description and translated into the technical parameters of the network equipment, for example:
Requirement Description Technical Parameters
• 1080P Video Stream • ≥5Mbps per Client

• Full Signal Bar Everywhere • Minimum RSSI ≥ -70dBm
• Concurrent 100 User • Max Network Capacity 150 Clients
• 2*1Gbps Circuit from ISP • Multi WAN Connection, 2.5G Port
• Advertisement • Portal Authentication

Key Demand: Type and Number of Clients
Clients are usually categorized into wired and wireless clients.
Wired clients are categorized into PoE Devices (e.g., IP Phone, AP, etc.) and non-PoE devices (PC, IPTV, etc.) according to whether
they are PoE-powered or not.
Wireless clients are categorized by supported wireless protocols as Legacy devices (802.11n or earlier standards only), Wi-Fi 5
devices (802.11ac), Wi-Fi 6 devices (802.11ax), and Wi-Fi 7 devices (802.11be).
Network Clients
Wired Clients Wireless Clients

Non-
PoE Legacy Wi-Fi 5 Wi-Fi 6 Wi-Fi 7
PoE
Standard 802.11a/b/g/
Passive PoE AC/DC 802.11ac 802.11ax 802.11be
PoE n
Requires PoE PSE like PoE Choose AP supports the same or later standard
Switch or PoE Injector of most wireless clients.
Key Demand: Wireless Network Coverage
Wireless network coverage requirements need to consider the type of target area, size, obstacle distribution, client density and
other factors.
Usually, we use Heatmap to reflect the wireless coverage situation, and we can also use Heatmap tool to adjust the wireless
coverage effect of a specific area to make it meet the requirements.
Rooms Restaurant Indoor Public Place Indoor Public Place

(High Client Density) (Low Client Density)
Outdoor Area Floors Wireless Clients Site Number

Key Demand: Throughput
Network Throughput determines how “fast” network the client can get which is the most common network requirement.
Network Throughput is usually affected by three factors: ISP Bandwidth, LAN Throughput, and WLAN Throughput.
Minimum
Throughput
The actual throughput of the client conforms to the "barrel effect“.
Which means the actual throughput of the client is limited by the lowest one of the three factors above.
Network Throughput
ISP
Bandwid LAN Throughput WLAN Throughput
th
Wireless
Service
Port/Uplink Speed Data Processing Capacity Standar SNR Airtime
Level
d
2.5Gbp P ac ket CCI/AC

100Mbps 1Gbps 10Gbps VPN NAT DPI RSSI
s Forwarding
I
Through proper equipment selection, network planning and configuration, the impact of short boards
in the network on the overall performance can be minimized.

Lab #8 Omada Network
Deployment Advisor

Lab #9 Omada Heatmap
Design Center

Network Planning &
07 Optimization
•
•
Network Planning
Lab #8 Calculate RSSI, SNR, Signal
• Lab #9 Estimate WLAN Throughput
• Lab #10 Channel Scanning
• Network Deployment
• Lab #11 AP Band Steering
• Lab #12 RSSI Threshold
• Wireless Optimization
• Lab #13 WLAN Benchmarking
• Wired Optimization

Co-Channel Interference
• CCI = signals from competing WLANs using the same channel

(sufficiently strong per CCA/NAV)
• Co-channel interference is not actually an interference but more a

sort of congestion
• Increased channel utilization means less airtime & decreased speed
36
48
136
112
36
RF Scanning result of 5 GHz
Avoid CCI in 5Ghz networks by reusing channels

no fewer than two neighbor cells away
Adjacent Channel Interference
• ACI = interference from competing WLANs on neighboring in-
band channels
• The ACI harms the performance of all of the networks.
• Non-overlapping channels = non-overlapping bandwidths of

peak power density (ex. 1,6,11)
RF Scanning result of 2.4 GHz
The 2.4GHz spectrum experiences severe ACI when

channel reuse plans are not strictly followed
Signal-to-Noise Ratio
• SNR = It refers to the ratio of signal to noise in a system, and is a technical indicator to measure the reliability of communication quality of a
wireless communication system.
• The air is full of random electromagnetic waves, and wireless communications must distinguish the signal from the noise in the background
• The further a received signal is from the noise floor, the better the signal quality.
Schematic diagram of SNR

Calculate SNR
The signal-to-noise ratio is not actually a ratio, but rather the decibel difference between the SIGNAL (RSSI) and the NOISE
SIGNAL – NOISE = SNR (dB)
(-68) dBm – (-79) dBm = SNR (dB)
11 = SNR (dB)
• SNR is one of the most important parameters for evaluating wireless performance
Correspondence between SNR and signal level
SNR（dB） Signal Level Connection and Speed
> 40 Excellent signal Always associated and lightening fast
25 to 40 Very good signal Always associated and very fast
15 to 25 Low signal Always associated and usually fast
10 to 15 Very low signal Mostly associated and mostly slow
5 to 10 No signal Not associated and no go

Airtime Fairness
• Slower devices that transmit take longer to send or receive data once they have been given the opportunity. Meanwhile, other faster
devices must wait for the slower device to complete the transmission process
• It divides the Wi-Fi signal into many same time slots, and each Wi-Fi device takes turns to send or receive data from the Internet
within its own time slot
• Recommend enable this function in multi-rate wireless networks
Schematic diagram of Airtime Fairness Configuration interface for Airtime Fairness on Omada Controller

Lab #10 Calculate RSSI, SNR, Signal

Lab #11 Estimate WLAN Throughput

Site Surveys (Overview)
To give the most satisfactory solution, Site Survey is an

essential step. The following steps are the basic content of a
complete site survey:
1. Determine the Schedule: First of all, we need to confirm that

the site survey is feasible and arrange a time with the user.
2. Collect Information: Communicate with customers to collect as
much information as possible. For example, to make a heat map
simulation, a floor plan is usually needed.
3. Make Initial Solution: Based on all the information above, make
an initial solution for a field test.
4. Field Test: Verify and optimize the solution.
5. Report: Summary of the site survey.
Floor Plan of Site

Heatmap Simulation
Based on the information of AP models and numbers, use wireless planner tools (Ekahau, AirMagnet, etc.) to simulate the
coverage & wireless speed of the plan. The Omada Controller and the official website have a heat map feature: https://static-
code.tp-link.com/omada-controller-heatmap/index.html
We can also revise the plan by analyzing the simulation results. Here take AirMagnet for example.
Step 1: Import Floor Plan Step 2: Place Walls & APs Step 3: Generate Heatmap & Report

Site Surveys （On Site）
• Observe 2.4Ghz and 5Ghz usage for each EAP
• Do the RF Scanning of each EAP
• Some simple customized configuration for each EAP, like device name and device
tags, which makes it easier to manage multiple devices
2.4Ghz and 5Ghz usage of EAP
The Locate function helps to identify the Omada EAP Private configuration interface for EAP
Check the wireless environment
• Use some tools, like inSSIDer or WiFi Analyzer do the WLAN scanning and overview the whole wireless environment
• Measure in real-time: channel occupancy, signal levels, radios
• Modify the radios parameters of the EAP according to the scanning results
WLAN Scanning result of inSSIDer © 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 144
Lab #12 Channel Scanning

Band Steering
• When there are too many clients connected to an AP on the 2.4GHz frequency, the efficiency of communication will be diminished.
In this situation, we can enable the Band Steering function to solve this issue.
• Band Steering pushes dual-band clients to the wider and faster 5GHz band, improving overall network performance, especially in
high-client-density environments.
Explanation of the different modes of band steering
Setting Description
Disable Turn off Band Steering
Dual-band clients will be

Prefer 5 GHz/ 6 GHz steered to the 5GHz / 6GHz
band when appropriate.
Balance Balance traffic on all bands

Configuration interface for Band Steering on Omada Controller

Lab #13 AP Band Steering

Fast Roaming
• When the distance between the client and the AP is getting longer, the signal becomes weaker than the threshold, the client needs
to connect to another AP for better internet experience. We call this process as “roaming”.
• Fast Roaming is a feature that allows your Wi-Fi clients to switch their connection from one AP to another quickly to get stronger Wi-
Fi signal, improving your Wi-Fi experience, as well as optimizing the load of each AP by adjusting the number of clients connected to
them
• 802.11k, 802.11v and 802.11r are all standards designed to roaming and TP-Link EAP support these standards.
Schematic diagram of Fast Roaming

Usage Scenario of Fast Roaming
• In large malls, people will deploy many APs to provide the network. In this case, people will suffer from internet interruption while
moving from one site to another.
• However, if the APs support Fast Roaming, then when the client devices are roaming among the APs, they will roam from one AP to
another AP quickly, the roaming time is so short that people will not feel the internet interruption.
The client device will have a good

connection when it is roaming

802.11k/v/r Protocol
• 802.11k, 802.11v and 802.11r are all standards designed to create a more seamless
roaming experience for wireless clients. Fast Roaming of EAP is based on 802.11k/v
protocol and this function will take effect only when the wireless clients support
802.11k/v protocol.
• AI Roaming provides better roaming performance, based on 802.11k/v protocol and

a self-developed AI algorithm. Omada Controller will communicate with EAP to
collect some information, and then provide a dynamic and optimized suggestion for
Configuration interface for
clients to roam. Roaming on Omada Controller
802.11k 802.11v 802.11r
It helps wireless clients select With 802.11v, the AP will With 802.11r, the time for
a stronger signal, decrease evaluate client’s connection wireless authentication will be
the time used to scan the quality and help the wireless reduced, it’s suitable for the
surrounding Wi-Fi, thus have clients to roam to be best AP, WPA2-PSK and the WPA-
a better roaming. which will provide a better Enterprise encryption method.
WLAN experience.

Tips for Fast Roaming
In wireless network, when we deploy the APs via Ethernet cable, please notice that :
• It is better to have a coverage of 20%-30% overlap between adjacent APs.
• We should choose different channels to reduce interference between APs.
• The SSID, password of the authentication should be the same.
Coverage of overlap between adjacent APs

RSSI Threshold with Sticky Client
• RSSI = Received Signal Strength Indication, is the power strength of the signal received by the client.
• With this feature configured, when a client's signal is weaker than the RSSI Threshold you set, the client will be disconnected from
the EAP.
• Sticky Client: A sticky client remains connected to an AP even as the device roams further and further away from the AP.
• RSSI Threshold is mainly about solving the problem of sticky clients not roaming and need to set the RSSI a bit larger.
Configuration interface for 2.4 GHz RSSI Configuration interface for 5 GHz RSSI
Threshold on Omada Controller Threshold on Omada Controller
Lab #14 RSSI Threshold

Wireless Experience & Wireless Signal Strength
• Signal strength is measured in dBm, expressed only in negative values (with a minus sign in front). Higher signal strength brings a
better wireless network experience.
• However, RSSI is not an optimal parameter for measuring the wireless environment due to the presence of noise.
• SNR excludes the interference of noise and provides a better measure of the wireless environment.
> 40 dB 25~40 dB 25~40 dB
Maximum signal Excellent signal The signal strength is Application Level

strength, clients may be strength, anything down still good and reliable.
right next to the access to this level will get the Smooth VoIP/ HD streaming video/
point. perfect experience. P2P downloading experience
5~10 dB 10~15 dB
It is the minimum value
Will not be able to connect Application Level
required to make a
or make use of any
connection. You cannot Basic Web/ email experience
services with this signal
count on a reliable
strength.
connection at this level.

Obstacles Loss
In Different obstacles will cause varying levels of attenuation. When we decide the AP’s mounting site, in most cases, we usually need to
make sure the total attenuation of the obstacle between the AP and the target coverage area is no more than 20 dB.
Values for different materials on signal attenuation
Obstacles Attenuation
Brick Wall 4 ~ 12 dB
Brick Wall Pro 15 ~ 30 dB
Wooden 3 ~ 9 dB
-40~30 dBm -65~55 dBm < -75 dBm
Synthetic Material 2 ~ 8 dB
Perfect Signal Good Signal Bad Signal
Asbestos 3 ~ 9 dB
Glazed Window 4 ~ 12 dB
Wall Wall Thick Stained Glass 8 ~ 15 dB
Concrete 25 ~ 35 dB
Schematic of obstacles loss
Bullet-Proof Glass 25 ~ 35 dB
Metal 30 ~ 40 dB

Wireless Coverage and Installation Tips of EAP
Wireless coverage of AP is an important parameter which we usually need to take into consideration. The following form is the
recommended coverage of EAP. But please note, the real coverage depends on the environment a lot, it may be less due to the effects
of signal interference and obstacles.
Recommended coverage of EAP in different forms
Ceiling Mount EAP Wall Plate EAP Outdoor EAP
Design
Radius 15 Meters Radius 10 Meters Radius 200 Meters

(in its front side) (in its front side) (360°direction)
Recommended Ceilin
g
Coverage Wall
r=10m r=200m
r=15m
pole

Ceiling Mount EAP
Celling Mount EAP equips with the Omni-directional

antenna. The recommended signal coverage direction
is shown in the right image.
• The coverage radius (r) differs when the mounting height (h) changes.
• In practice, the mounting height should be no more than 8m. Recommended coverage of Ceiling Mount EAP
Height and coverage comparison table of

Ceiling Mount EAP
Height (m) Radius (m)
1 3.5
2 7
3 10
4 12
5 17
6 20
7 24
Relationship between height and coverage of Ceiling Mount EAP
8 27
Ceiling Mount EAP
Recommended installation location for Ceiling Mount EAP Recommended installation location for Ceiling Mount EAP
When mounting ceiling APs, we had better choose the The ceiling AP should be mounted facedown and
central part of the ceiling with no obstacles. Otherwise, outside of the ceiling sockets. If it’s mounted inside
the cross girder may block the Wi-Fi signal. the ceiling sockets, the metal rack and the ceiling
socket will affect the Wi-Fi signal.

Wall Plate EAP
Wall Plate EAP equips with the Omni-directional antenna. We can estimate the r = h * tan(74°) ≈ 3.48H (similar to Ceiling
The recommended signal coverage direction is shown EAP). Since wall plate EAP is mainly used in small rooms, it is
below (similar to Ceiling EAP). sufficient for wall EAP to cover it.
Height and coverage comparison

table of Wall Plate EAP
Height (m) Radius (m)

1 3.5
2 7
3 10
4 12
5 17
Relationship between height and

Recommended coverage of Wall Plate EAP coverage of Wall Plate EAP

Wall Plate EAP
Wall plate EAP supports the wall mount installation method, one EAP for 1-2 rooms guarantees a robust wireless signal and allows
guests to enjoy their Wi-Fi network.
• EAP615-Wall, EAP235-Wall, EAP225-Wall support 86mm, Standard EU, Standard US wall junction box.
• EAP115-Wall, EAP230-Wall support 86mm, Standard EU wall junction box.
86mm wall junction box
Standard EU wall junction box
Standard US wall junction box

Outdoor EAP
• Outdoor EAP is equipped with a 360° Omni-directional

antenna. The best signal area is the horizontal tangent
plane of the antenna.
• So please make sure the installation site of outdoor EAP is

not too high, or the lower place may have bad signal
strength.
• If the installation site of Outdoor EAP is much high (such as

up to 5 meters), it is recommended to position the antennas
at 45-degree angles for optimal Wi-Fi performance.
• For the EAP610-OD and EAP650-OD, since it has a built-in

antenna, the difference in signal strength between the front
and side of the EAP needs to be taken into account when
installing it.

Transmit Power Optimization
Theoretically, the actual transmission speed of clients is about 50 percent of the link speed. If there is serious environmental
interference that causes packet loss and packet retransmission, the actual transmission speed may be less.
• In the actual wireless environment, if the distance between adjacent

APs is much closer (less than 15 meters), it’s recommended to
decrease the Tx power to reduce the wireless interference.
• The following table shows the recommended Tx power information

of 5GHz for different distance pairs, which may vary a bit from one
EAP model to another.
Recommended Tx power information of 5GHz for EAP
Distance (m) Tx power (dBm)

15 30
12 26
10 24
8 22 Configuration interface for 2.4 GHz Tx Power

on Omada Controller
5 20

Channel and Channel Width Optimization
802.11 n/ac/ax protocols support binding two or more channels together to increase network bandwidth. Although the channel
binding technology can improve the bandwidth, the wider channel also means more frequency resources are occupied and increase
the wireless interference effect.
• For 2.4GHz radio, we can use 14 channels (the EU version supports 1-13 channels, the US version supports 1-11 channels),
but there are only three non-overlapping channels. We recommend using channels 1,6,11 alternately when deploying the
2.4GHz network.
Schematic diagram of 2.4GHz channel

• For 5GHz radio, it has more channel resources, which are all non-overlapping (with 20MHz channel width). For the 802.11
ac/ax protocol, it recommends using lower channel width to reduce the wireless interference, such as using the 40MHz
channel width. If the interference is much severe, the 20MHz channel width can be considered, though it will decrease the
wireless speed.
Schematic diagram of 5 GHz channel

The figure below is an example of how to set channels for EAPs in a hotel guest room.
• For 2.4G radio, use 1/6/11 channels alternately with 20MHz channel width (HT20).
• For 5G radio, use different channels alternately with 20MHz channel width (HT20).
1 / 153
6 /161 1 / 149 48 149
11 / 44
157 36 161
6 / 36 11 / 40
1 / 157
44 153
Recommended Channel of neighbor EAP Use non-adjacent channels for neighboring EAP
AI WLAN Optimization
• AI WLAN Optimization is the advanced feature of Omada Controller. With this feature, the controller will detect WiFi
interference and monitor the wireless environment.
• Automatic Channel Optimization: The controller will scan the wireless environment to conclude the optimum operation
channels for the APs.
• Automatic Power Optimization: The controller will scan the wireless environment to conclude the optimum transmission
power for the APs.
• Several optimizations allow the APs within the network to be tuned to the best parameters for the best experience.

MCS & Actual Speed
MCS defines the optional theoretical rate between the AP and the wireless client. MCS is usually displayed on wireless clients as
link speed. Due to the additional 802.11 packets header, transmission distance, the actual transmission speed of clients is about
50 percent of the link speed.
Check the link speed on PC Check the link speed on mobile phone

Lab #15 WLAN Benchmarking

Loopback Detection
• Loops can take up most of the switch's resources and can even paralyze the entire network
• When the switch detects that the data packet which is sent out from a certain port can be sent back and received at the
same port, we consider that there is a loop within the network. Then the switch can mark these ports or even block them.
Configuration interface for Loopback Detection on Omada Controller
• Port-Based: When a loop is detected on a port, the port

will be blocked.
Common Loop Topologies • VLAN Based: When a loop is detected on a VLAN, the
VLAN will be blocked

Spanning Tree
• When deploying network, we usually install more than one link between devices for link redundancy, so if one link fails, the
other link can take over the job.
• But link redundancy may bring another problem: loop. Loop will cause broadcast storm and even network paralysis. STP
(Spanning Tree) is the solution to this problem.
• Loopback Detection is to prevent network loops due to incorrect operation. STP is more for device redundancy.
STP
A loop can cause broadcast storms and With STP enabled, the loop gone
network paralysis
Port Isolation
• Port isolation can isolate interfaces in the same VLAN, which can reduces the waste of VLAN resources to achieve Layer 2
isolation.
• Actually, it’s used to limit traffic flow from a single port to a group of ports to improve the network security.
• IPTV deployed in hotels can prevent video streaming disruption with this feature.
Router
Switch
An isolated port cannot communicate

directly with any other isolated ports,
PC1 PC2
while the isolated port can send and
192.168.0.100/24 192.168.0.200/24 receive traffic to non-isolated ports.
VLAN 10

DHCP Filter
• DHCP Spoofing Attack: The hacker sets up a rogue DHCP server to distributes wrong IP addresses, DNS server and default
gateway to your client. Then your data will be sent to the hacker. This is a big threat to network security.
• With DHCP Filter, you can designate the legal DHCP server and refuse other illegal servers to prevent DHCP Spoofing Attack.
• Especially effective in preventing some customers from privately connecting routers within the network.
Enable
DHCP Filter
DHCP Client Legal DHCP Server
DHCP Client Rogue DHCP

DHCP Spoofing Attack Server
Configuration interface for DHCP Filter on Omada Controller

IGMP Snooping
IPTV Source
• IGMP snooping can make the multicast data be only
forwarded to the devices which need multicast and will not
be forwarded to other devices.
Multicast Router
• Multicast data will not be sent to the links which do not
request the multicast. So it can conserve bandwidth on
those links.
Layer 2 Switch
IGMP Snooping
MLD Snooping is for IPv6 multicast traffic

PC TV

08 Troubleshooting
• Common wireless network problems and
solution ideas
• Common Troubleshooting Tools

802.11 Frame Types Various 802.11 Frame Types and Subtypes
Management Control Data

• Control frames: Channel access and data delivery
Association
• Management frames: Discovery, association, authentication for Control Frame Extension Data
Request/Response
WLANs
Reassociation
Block ACK Request Reserved
• Data frames: Payload information for layers 3 to 7 Request/Response
Probe
Block ACK Null (no data)
Request/Response
Schematic diagram of 802.11 Frame
Reserved Power Save Poll QoS Data
Beacon RTS
Authentication CTS
Deauthentication ACK
Action

Network Traffic Types
• Unicast = 1:1
• Multicast = 1:some
• Broadcast = 1:all
• The wireless link rate for broadcasting is at most 54 Mbps;

switching to unicast allows for tens of times the wireless link
ARP Request
rate, increasing the efficiency of data processing.
Mitigating broadcast/multicast traffic is crucial for optimal

Configuration interface for Multicast to unicast on Omada Controller
network performance, especially in WLANs
Wireless Client Connection Failure - Signal Problems
AP Issue WLAN configuration

Hardware issue RF Configuration issue
Software issue Power setting issue
… …
Wireless client issue Signal Signal interference

NIC incompatibility
NIC malfunction
Problems Severe interference in
wireless environment
… …
Antenna issue
Antenna Signal countermeasure
malfunction
Feeder malfunction
…

Wireless Client Connection Failure - Signal Problems
Weak signal at
Reboot EAP
site
Test for nearby

The client No interference to
can access the optimize the wireless
network？ environment
Closing
Yes Troubleshooting
Is the client No Replace the nearest Yes
associated with the nearest EAP
EAP? The signal
back to normal?
Yes
Test wireless signal
strength No
Yes Contact Tech

Support
Whether No
Channel and power
the signal is ≥-65 dB
adjustment
strength？
Yes
Is there an No Adjusting the position

obstacle between the test point of the nearest EAP or
and the EAP? adding new EAPs
Yes
Wireless Client Link Speed Slow
Yes Troubleshooting the

Slow link speed to Is the wireless
cause of weak signals
wireless client signal weak?
and improving RSSI
No
Reboot
EAP/wireless Is the wireless No Change the wireless
client mode settings correct? mode of EAP
Closing
Yes Troubleshooting
Back to No No Adjusting the bandwidth Back to Yes

Is the bandwidth
normal? setting normal?
setting correct?
No
Yes
Yes
Contact Tech
Closing Detection of airspace Support
Is there air-port Yes interference and
Troubleshooting
interference? optimization of the airspace
environment
No

Troubleshooting process for slow wireless client network speed
Slow network Troubleshooting packet
Check if the
No loss, loops, and IP
speed of wireless network between the AP and
client address conflicts in
the gateway is normal
wired networks
Reboot Yes
EAP/wireless
client Check if channel No Reduce Tx power of
utilization is normal？ neighboring EAPs Closing
No Troubleshooting
Back to Yes
normal?
Check if there is Yes Delete Speed Limit Yes
Yes Back to
rate limit settings on the SSID Configuration
Closing normal? No
or the client.
Troubleshooting
No
Check if the Troubleshooting weak Contact Tech

signal strength and No signal coverage issues Support
link speed of the wireless client and optimizing the
are normal? wireless environment
Yes
Check if the low-rate Yes Configure SSID or client

No
client has a high-traffic speed limit
service.
No
Wireless Client Packet Loss Problem Troubleshooting Process
Yes Troubleshooting the

Wireless client Is the wireless
cause of weak signals
packet loss signal weak?
and improving RSSI
No
Confirm Yes Check whether the
Reboot wireless Closing
whether it is an individual client client enabled power
client Troubleshooting
issue? saving state
No
Is the Yes
Back to No Yes Reduce Tx power of Back to
normal? channel utilization or
neighboring EAPs normal?
noise high?
Yes No
No
Closing No Contact Tech
Check that the Loops may exist in the Support
Troubleshooting
EAP's CPU and memory are topology
normal？
Yes
Check that ping Yes The problem is on the

does not lose packets on the wired side
wireless side
No

External Portal redirection failure troubleshooting process
Check if the No
External Portal Configure the Portal
Portal server is configured
redirection failure server correctly
correctly?
Yes
The problem is with
Check if the No these clients rather
issue happens for all kinds Closing
than the
of client? Troubleshooting
Omada Controller
Yes
Yes
Check if Back to
the authentication page No Check if the URL normal?
can be opened when entering configuration is correct
the URL？ No
Yes
Contact Tech
Check No Checking status of Support
whether inputting any IP can
Portal Server
redirect?
Yes
Check if there Yes Remove the ACL

is any ACL setting for settings
the Portal.
No
Network Check
• Ping: The ping command is a very common method used
when troubleshooting device accessibility problems, It
uses ICMP echo messages to determine the following:
 Whether the remote host is active or inactive.
 Round-trip delay used to communicate with the host.
 Packet loss.
• Traceroute: The traceroute command is used to search

for the route actually used by packets as they are
transmitted to their destination.
Configuration interface for Network Check on Omada Controller

Packet Capture
• Wireshark: The most commonly used tools for capturing and

analyzing packets.
• Packet Capture: This feature requires EAP firmware support
• Wireless packet: Unlike wired data, there are a lot of wireless

packets in the air
• Sniffer: Through wireless packet sniffing, it can capture packets

that cannot be captured on the wireless interface, such as EAPOL
Configuration interface for Packet Capture on Omada Controller

Terminal
• SSH: With SSH you can get extended logs or other information that can
not be found in the UI of Controller/EAP.
• For example, cliclientd wltool sta is to show basic statistics of all clients.
Please refer to official website for other commands.
• If you want to use third-party SSH software, such as Putty, remember that
you need to enable SSH on the Omada Controller first.
Enable SSH on Omada Controller Configuration interface for Putty Configuration interface for Terminal on Omada Controller

Exam OCNA Certification Exam

OCNA Wireless Slides v1.0.0 EN

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

OCNA Wireless Slides v1.0.0 EN

Uploaded by

Copyright:

Available Formats

00 OCNA Wireless Overview

• Classroom Pre-Lab Topology

• Trainer-Switch Profiles (1-12 Students)

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 1

Omada Certified Network Administrator (OCNA)

Chap 1. Omada SDN Solution Introduction

Chap 2. Device Discovery, Adopting & Management

Chap 3. Basic Network Settings and Monitoring

Chap 4. Portal & Hotspot

Chap 5. Wireless Fundamentals

Chap 6. Demand Analysis

Chap 7. Network Planning & Optimization

OCNA Certification & Badge

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 2

• Run OC200 Web Interface on Browser

• Run Omada APP

• Including OC200 *1 + EAP653 *2 +

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 4

10 MGMT 192.168.10.1/24 50 MGMT 192.168.50.1/24 90 MGMT 192.168.90.1/24

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 5

Omada SDN Solution Overview

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 6

Developed and *Source: IDC Worldwide Quarterly WLAN Tracker

Full Line Controllers, APs,

Centralized Multi-Site Cloud

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction.

Controller Type Management Scale Management Devices

Specially-Designed Access Points for All Kinds of Environments.

High-Density Wide Area Outdoor In-Room Wi-Fi

EAP660 HD EAP773 EAP625-Outdoor HD EAP655-Wall

EAP620 HD EAP683 LR EAP215-Bridge KIT EAP615-Wall

EAP783 EAP770, EAP773

Speed BE22000 Tri-Band BE11000 Tri-Band

2.4 GHz Speed 1376 574

Ethernet Ports 2 x 10G 1 x 10G

Power Supply 802.3bt / 12V DC without power 802.3bt / 12V DC

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction.

EAP690E HD EAP680 EAP670 EAP660 HD EAP650 EAP620 HD EAP610

Speed AXE11000 AX6000 AX5400 AX3600 AX3000 AX1800 AX1800

Ethernet Ports 1 x 10G 1 x 2.5G 1 x 2.5G 1 x 2.5G 1 x 1G 1 x 1G 1 x 1G

EAP650-Outdoor EAP625-Outdoor HD EAP610- EAP655-Wall EAP650-Wall EAP615-

Speed AX3000 AX1800 AX1800 AX3000 AX3000 AX1800

2.4 GHz Speed 574 574 574 574 574 574

Power Supply 802.3at 802.3at 802.3at 802.3at 802.3at 802.3at

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction.

EAP265 HD EAP245 EAP225 EAP225-Outdoor EAP235-Wall EAP230-Wall

Speed AC1750 AC1750 AC1350 AC1200 AC1200 AC1200

2.4 GHz Speed 450 450 450 300 300 300

Power Supply 802.3af 802.3af 802.3af 802.3af 802.3at 802.3at

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction.

7 Gigabit Passive PoE-in RJ45 Ports

1 Gigabit Passive PoE-out RJ45 Port

Lightning-Fast 10G / Multi-Gigabit Switching Solution with Centralized Management Capability.

10G Router Full 10G Fiber Switch Core Server / NAS

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction. 17

SX3016F SX3008F SX3206HPP

RJ45 Ports / / 4 x 10GE

Installation 19-inch Rackmount 13-inch Rackmount

PoE & Budget / / 802.3bt

Switch Capacity 320 Gbps 160 Gbps 120 Gbps

MAC Address Table 32K 32K 32K

© 2023 TP-Link Corporation Limited. Not for distribution or reproduction.

SG3210XHP-M2 SG3210X-M2 SG3218XP-M2 SG3428XPP-M2 SG3428X-M2

• Including OC200 1 + EAP653 2 +