manualshive.com logo in svg

Intellinet 520638, User Manual

The Intellinet 520638 User Manual is your comprehensive guide to unlocking the full potential of this remarkable product. With easy-to-follow instructions and step-by-step illustrations, you can effortlessly set up and maximize the performance of your Intellinet device. Download this free manual from our website today for a hassle-free experience.

Share
Download
background image

 

1. Select 

Enabled

 from the 

Functionality

 drop-down list. 

2. Set 

the 

Access control type

 to 

exclusive

3. 

Specify the MAC address of a wireless client to be denied access, and then click 

Add

4. 

Repeat Steps 3 for other wireless clients. 

To delete an entry in the access control table: 

Click 

Delete

 next to the entry. 

 

3.5.3. IEEE 802.1x/RADIUS 

IEEE 802.1x 

Port-Based Network Access Control

 is a new standard for solving some security issues 

associated with IEEE 802.11, such as lack of user-based authentication and dynamic encryption key 
distribution. With IEEE 802.1x and the help of a RADIUS (Remote Authentication Dial-In User Ser-
vice) server and a user account database, an enterprise or ISP (Internet Service Provider) can manage 
its mobile users’ access to its wireless LANs. Before granted access to a wireless LAN supporting 
IEEE 802.1x, a user has to issue his or her 

user name

 and 

password

 or 

digital

 

certificate

 to the 

backend RADIUS server by EAPOL (Extensible Authentication Protocol Over LAN). The RADIUS 
server can record accounting information such as when a user logs on to the wireless LAN and logs 
off from the wireless LAN for monitoring or billing purposes. 

The IEEE 802.1x functionality of the WIASA is controlled by the 

security mode

 (see Section 3.5.1.1). 

So far, the WIASA supports two authentication mechanisms—EAP-MD5 (Message Digest version 5) 
and EAP-TLS (Transport Layer Security). If EAP-MD5 is used, the user has to give his or her 

user 

name

 and 

password

 for authentication. If EAP-TLS is used, the wireless client computer automati-

cally gives the user’s 

digital certificate

 that is stored in the computer hard disk or a smart card for au-

thentication. And after a successful EAP-TLS authentication, a session key is automatically generated 
for wireless packets encryption between the wireless client computer and its associated WIASA. To 
sum up, EAP-MD5 supports only user authentication, while EAP-TLS supports user authentication as 
well as dynamic encryption key distribution. 

 

40

Summary of Contents for 520638

Page 1: ...Wireless Broadband Switch Router Standard Pro Advanced Advanced User s Guide Version 2 10 Last Updated 01 17 2003 ...

Page 2: ...he receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is con nected Consult the dealer or an experienced radio TV technician for help FCC Caution To assure continued compliance example use only shielded interface cables when connecting to computer or peripheral devices Any changes ...

Page 3: ...er special attention must be paid to the dangers of electric shock and static electricity when work ing with electrical equipment All guidelines of this and of the computer manufacture must therefore be allowed at all times to ensure the safe use of the equipment EU Countries Intended for Use The ETSI version of this device is intended for home and office use in Austria Belgium Denmark Finland Fra...

Page 4: ... Client Computers 15 2 6 2 Connecting the Wireless Broadband Switch Router to a Modem 15 2 7 Setting up Client Computers 16 2 7 1 Configuring IEEE 802 11b Related Settings 16 2 7 2 Configuring TCP IP Related Settings 16 2 8 Confirming the Settings of the Wireless Broadband Switch Router and Client Computers 17 2 8 1 Checking if the IEEE 802 11b Related Settings Work 17 2 8 2 Checking if the TCP IP...

Page 5: ...42 3 6 1 Filters and Firewall 42 3 6 2 Management 44 Appendix A 46 A 1 Default Settings 46 A 2 LED Definitions 47 Appendix B Troubleshooting 49 B 1 Wireless Settings Problems 49 B 2 TCP IP Settings Problems 50 B 3 Unknown Problems 52 iv ...

Page 6: ...install and configure a newly acquired wireless broadband switch router Following the steps the wireless broadband switch router can be quickly set up to work In Chapter 3 detailed explanations of each Web management page are given for the user to understand how to fine tune the settings of a wireless broadband router to meet his or her specific needs In the remainder of this guide a wireless broa...

Page 7: ...from client computers to DNS servers on the Internet And DNS responses from the DNS serv ers can be forwarded back to the client computers Static DNS mappings The administrator can specify static FQDN Fully Quali fied Domain Name to IP address mappings Therefore a host on the internal network can access a server also on the intranet by a registered FQDN DHCP server The wireless router can automati...

Page 8: ...filtering is performed by NAT URL filtering Preventing users from accessing unwelcome Web sites The HTTP HeperText Transfer Protocol traffic to the specified Web sites identified by URLs Uni versal Resource Locators is blocked WAN ICMP requests blocking Some DoS Denial of Service attacks are based on ICMP requests with large payloads Such kind of attacks can be blocked Stateful Packet Inspection S...

Page 9: ...m log System events can be logged and viewed using a Web browser for troubleshooting purposes 4 Port Ethernet Switch The wireless broadband switch router provides a 4 port Ethernet switch so that a stand alone Ethernet hub switch is not necessary for connecting Ethernet client computers to the router Power over Ethernet optional Supplying power to a wireless broadband router over an Ethernet cable...

Page 10: ...or PoE Power over Ethernet The wireless broadband router automatically selects the suitable one depend ing on your decision To power the wireless broadband switch router by the supplied power adapter 1 Plug the power adapter to an AC socket 2 Plug the connector of the power adapter to the power jack of the wireless broadband switch router NOTE This product is intended to be power supplied by a Lis...

Page 11: ...computer For maintenance configuration of a deployed WIASA either a wireless com puter or a wired computer can be employed as the managing computer NOTE If you are using the browser Opera to configure a WIASA click the menu item File click Preferences click File types and edit the MIME type text html to add a file extension sht so that Opera can work properly with the Web management pages of the W...

Page 12: ... s recommended that there are no other computers connected to the switch hub so that you can be 100 percent sure that the WIASA will be the DHCP server of the managing computer NOTE One connector of the Ethernet cable must be plugged into the LAN CONFIG Ethernet jack of the WIASA for configuration 2 4 1 2 Switch Router Connect the Ethernet managing computer to anyone of the LAN switch ports of the...

Page 13: ...ess from the WIASA WinIPCfg exe is a GUI program and has command buttons for releasing the current IP address and re obtaining an IP address IPConfig exe is a com mand line program and the release option releases the current IP address and the renew option triggers the Windows DHCP client subsystem to re obtain an IP address NOTE By default the first assignable IP address of the DHCP server on the...

Page 14: ...sword link to change the value of the password see Section 3 3 2 for more information TIP Since the start page shows the current settings and status of the WIASA it can be saved or printed within the Web browser for future reference On the start page click the ConfigWizard link to use a configuration wizard to quickly change the configuration of the WIASA Fig 5 The Start page 9 ...

Page 15: ...ignment for the Ethernet WAN interface is achieved by PPPoE select Router with a PPPoE Based DSL Cable Connection If the WIASA is to be used with a DSL or cable modem and the IP address assignment for the Ethernet WAN interface is achieved by DHCP select Router with a DHCP Based DSL Cable Connection If the WIASA is to be used with a DSL or cable modem and the IP address of the Ethernet WAN interfa...

Page 16: ...be in Router with a PPPoE Based DSL Cable Connection mode two IP addresses are needed one for the Ethernet wireless LAN interfaces and the other for the WAN in terface The IEEE 802 11b interface and the Ethernet LAN interface share the LAN IP address The LAN IP address must be set manually to a private IP address say 192 168 0 xxx The default LAN IP address is 192 168 0 1 and the default subnet ma...

Page 17: ...ained automatically by DHCP from the ISP If you are using Tel stra BigPond cable based Internet service select the Connect with BigPond Cable check box and specify the User name Password and the IP address of your Login server which is provided by your ISP 2 5 3 4 Router with a Static IP DSL Cable Connection Fig 10 TCP IP settings for Router with a Static IP DSL Cable Connection mode If the WIASA ...

Page 18: ...these default settings need no change As for the WAN IP address it is obtained automatically by PPP from the ISP Consult your ISP for the correct User name Password and Telephone number settings The WIASA automatically disconnects the PPP dial up connection after there has been no traffic to the Internet for a period specified by Idle disconnect time NOTE If Idle disconnect time is set to 0 the PP...

Page 19: ... 13 Settings changes are highlighted in red Fig 14 Settings review On the final page you can review all the settings you have made Changes are highlighted in red If they are OK click Save Restart to apply the new settings Or you can go back to previous pages to 14 ...

Page 20: ...net port of the switch hub to which all the Ethernet client computers have been connected 2 6 1 2 Switch Router To connect the switch router with Ethernet client computers 1 Plug one connector of a normal not crossover Ethernet cable to a LAN Ethernet switch port of the WIASA and the other connector to the Ethernet jack of the Ethernet NIC of a client com puter 2 If necessary use a normal Ethernet...

Page 21: ... Mode SSID and WEP settings NOTE A client must be in infrastructure mode so that it can associate with a wireless access point or broadband router NOTE The SSID of the wireless client computer and the SSID of the WIASA must be identical Or in case the SSID broadcasts capability of the WIASA is enabled by default the SSID of the wire less client computer could be set to any NOTE Both the wireless c...

Page 22: ... Check if the client computer is associated to an access point and the access point is the WIASA If the check fails see Appendix B 1 Wireless Settings Problems for troubleshooting 2 8 2 Checking if the TCP IP Related Settings Work To check if a client computer can access the Internet 1 Open a Windows Command Prompt window on the client computer 2 Type ping wiasa where wiasa is a placeholder for th...

Page 23: ...nts on the WIASA work in conjunction with the print client components on a client computer and they communicate through TCP IP The print client components expose a vir tual communication port on the client computer so that on the client computer the driver of the printer must be configured to print to this virtual port When an application on the client computer is printing the print data is sent t...

Page 24: ...he start page contains a menu for you to carry out commands Here is a brief descrip tion of the hyperlinks on the menu Home For going back to the start page ConfigWizard For you to quickly set up the WIASA Status Status information Wireless Clients The status of the wireless clients currently associated with the WI ASA DHCP Mappings Current IP MAC address mappings System Log System events log 19 ...

Page 25: ...ess Control and RADIUS Remote Authentication Dial In User Service settings for better wireless security Advanced Advanced settings of the WIASA Filters Firewall Packet filtering and firewall settings for user access control and protection from hacker attacks from the Internet respectivel Management Remote Web based management UPnP and SNMP settings 3 1 2 Save Save Restart and Cancel Commands Fig 1...

Page 26: ...esh Clicking Home brings you back to the start page Clicking Refresh updates the shown status information 3 2 Seeing Status 3 2 1 Associated Wireless Clients Fig 19 Status of associated wireless clients On this page the status information of each associated client including its MAC address IP address user name if the client has been IEEE 802 1x authenticated number of bytes it has send number of 2...

Page 27: ...c mapping indicates that the DHCP client always obtains the specified IP address from the DHCP server You can set static DHCP mappings in the Static DHCP Mappings section of the DHCP Server configuration page see Section 3 4 4 A dynamic mapping indicates that the DHCP server chooses an IP address from the IP address pool specified by the First allocateable IP address and Allocateable IP address co...

Page 28: ...connected to its Ethernet WAN interface The client computers can therefore share this DSL cable based Internet connection by the NAT server functionality The IP address of the Ethernet WAN interface is obtained automatically by DHCP from the ISP Router with a Static IP DSL Cable Connection In this mode the WIASA assumes that a DSL or cable modem is connected to its Ethernet WAN interface The clien...

Page 29: ...WIASA 1 Get a computer that will be used as a TFTP server and as a managing computer to trigger the upgrade process 2 For a wireless broadband router connect the computer and the LAN CONFIG Ethernet port with a crossover Ethernet cable For a wireless broadband switch router connect the computer and one of the LAN Ethernet switch port with a normal Ethernet cable 3 Configure the IP address of the c...

Page 30: ...work NOTE Due to the unreliable nature of wireless media it s highly recommended that the TFTP server and the to be upgraded WIASA be connected by Ethernet and on the same LAN so that the upgrade process would be smooth NOTE After the firmware is upgraded be sure to delete the contents of the Web browser cache so that the Web management pages can be shown correctly NOTE A failed upgrade may corrup...

Page 31: ...IASA s configuration settings will be saved as AaBbCcDdEeFf hex by the TFTP server where AaBbCcDdEeFf is the WIASA s MAC address For example if the WIASA s MAC address is 00 01 02 33 44 55 the configura tion backup file will be 000102334455 hex NOTE Remember to select the Accept write requests check box of TFTP Server To restore the configuration of WIASA 1 Get a computer that will be used as a TF...

Page 32: ...operational mode re quires different addressing settings 3 4 1 1 Simple Access Point Fig 27 TCP IP settings for Simple Access Point mode If the WIASA was set to be in Simple Access Point mode one IP address is needed This IP address can be manually set or automatically assigned by a DHCP server on the LAN If you are manually setting the IP address Subnet mask and Default gateway settings set them ...

Page 33: ...ses these default set tings need no change As for the WAN IP address it is obtained automatically by PPPoE from the ISP Consult your ISP for the correct User name Password and Service name settings Custom MAC Address of WAN Interface enables you to change the MAC address of the Ethernet WAN interface Therefore if the ISP provided DSL or cable modem works only with the ISP provided Ethernet card fo...

Page 34: ...he default subnet mask is 255 255 255 0 In most cases these default set tings need no change As for the WAN IP address it is obtained automatically by DHCP from the ISP If you are using Tel stra BigPond cable based Internet service select the Connect with BigPond Cable check box and specify the User name Password and the IP address of your Login server which is provided by the ISP Custom MAC Addre...

Page 35: ...168 0 xxx The default LAN IP address is 192 168 0 1 and the default subnet mask is 255 255 255 0 In most cases these default set tings need no change As for the WAN IP address it must be manually set Consult your ISP for the correct IP address Default gateway Subnet mask Primary DNS server and Secondary DNS server settings Custom MAC Address of WAN Interface enables you to change the MAC address o...

Page 36: ... ISP for the correct User name Password and Telephone number settings The WIASA automatically disconnects the PPP dial up connection after there has been no traffic to the Internet for a period specified by Idle disconnect time NOTE If Idle disconnect time is set to 0 the PPP dial up connection will not be disconnected The AT commands settings are for modem compatibility The default AT commands fo...

Page 37: ...s For example an inter nal Web server for the intranet say 192 168 0 2 may be associated with the domain name www wiasa com To give an internal server a domain name 1 Specify the domain name and the private IP address of the internal server 2 Select the corresponding Enabled check box for the internal server 3 4 3 NAT Server 3 4 3 1 Basic Fig 34 Basic NAT server settings When the WIASA is in Route...

Page 38: ...WIASA Technology decides to use 61 16 33 114 for the wireless broadband router 61 16 33 115 for their public Web server and 61 16 33 116 for their public POP3 server And the administrator has registered with InterNIC Inter net Network Information Center some domain name to IP address mappings www wiasa com to 61 16 33 115 and pop3 wiasa com to 61 16 33 116 However the public Web server and POP3 se...

Page 39: ... preset internal servers 1 Select the corresponding Enabled check boxes for the kinds of servers FTP IMAP4 SMTP POP3 TELNET and HTTP you want to expose 2 Specify the private IP addresses of the internal servers To expose other internal servers 1 Specify the Service Name Private IP Address Port Number and whether the service is TCP based or UDP based for a non preset internal server you want to exp...

Page 40: ...sses In most cases Default gateway and Primary DNS server should be set to the IP address of the WI ASA s LAN interfaces e g the default LAN IP address is 192 168 0 1 and Subnet mask is set to 255 255 255 0 NOTE There should be only one DHCP server on the LAN otherwise DHCP would not work prop erly If there is already a DHCP server on the LAN disable the DHCP server functionality of the WIASA 3 4 ...

Page 41: ...D and Transmit power Fig 39 IEEE 802 11b communication settings For specific needs such as configuring the WIASA as a wireless LAN to LAN bridge the AP func tionality can be disabled so that no wireless client can associate with the WIASA The number of available RF channels depends on local regulations therefore you have to choose an appropriate regulatory domain to comply with local regulations T...

Page 42: ...s as an access point for the notebook computers and it forwards packets sent from the notebook computers to AP 1 through WDS Then AP 1 forwards the packets to the Ethernet LAN Packets destined for the note book computers follow a reverse path from the Ethernet LAN through the APs to the notebook com puters In this way AP 2 plays a role of AP repeater NOTE A WIASA can have up to 6 WDS links to othe...

Page 43: ...ASA When the Wireless client isolation setting is set to This AP only wireless clients of this WIASA as an AP cannot see each other and wireless to wireless traffic is blocked When the setting is set to All APs in this subnet traffic among wireless users of different APs in the same IP subnet is blocked This feature is useful for WLANs deployed in public places In this way hackers have no chance t...

Page 44: ...The Authentication algo rithm setting is provided for better compatibility with wireless clients with various WLAN network adapters There are three options available including Open System Shared Key and Auto See Section 3 5 3 for more information about IEEE 802 1x NOTE Each field of a WEP key setting is a hex decimal number from 00 to FF For example when the security mode is set to 64 bit WEP you ...

Page 45: ...tal certificate to the backend RADIUS server by EAPOL Extensible Authentication Protocol Over LAN The RADIUS server can record accounting information such as when a user logs on to the wireless LAN and logs off from the wireless LAN for monitoring or billing purposes The IEEE 802 1x functionality of the WIASA is controlled by the security mode see Section 3 5 1 1 So far the WIASA supports two auth...

Page 46: ...IUS server after failing to communicate with the primary RADIUS server An IEEE 802 1x capable WIASA and its RADIUS server s share a secret key so that they can au thenticate each other In addition to its IP address a WIASA can identify itself by an NAS Network Access Server identifier Each IEEE 802 1x capable WIASA must have a unique NAS identifier Fig 46 IEEE 802 1x RADIUS settings TIP Refer to t...

Page 47: ...cified in the Policy setting A rule is composed of 5 parts What to do if a packet meets this rule Action Protocol type All ICMP TCP UDP Source IP address range Source IP Address AND Source Subnet Mask Destination IP address range Destination IP Address AND Destination Subnet Mask Port ranges A source destination IP address range is determined by performing an AND operation on the source destinatio...

Page 48: ...ckets based on a set of criteria for abnormal content Therefore SPI can detect hacker attacks and can summarily reject an attack if the packet fits a suspicious profile To enable SPI select the Enable SPI Stateful Packet Inspection check box Some DoS Denial of Service attacks are based on sending invalid ICMP request packets to hosts The WIASA can be set to not accept any ICMP requests on the Ethe...

Page 49: ...the WAN interface of a WIASA is configured to be 61 16 33 113 the URL for managing this WIASA is http 61 16 33 113 8080 3 6 2 2 UPnP Fig 51 UPnP settings UPnP Universal Plug and Play enables a Windows XP user to automatically discover peripheral de vices by HTTP When the UPnP functionality is enabled you can see the WIASA in My Network Places of Windows XP The WIASA can be given a friend name that...

Page 50: ... of traps Cold Start Warm Start Link Up Link Down and SNMP Authentication Failure NOTE SNMP Authentication Failure is issued when using an incorrect community string to manage the WIASA via SNMP and the SNMP MIB II OID snmpEnableAuthenTraps is enabled disabled by default To specify a trap target 1 Type the IP address of the target host 2 Type the Community for the host 3 Select the corresponding c...

Page 51: ...the label on the housing of the WIASA Security Mode Open System Selected WEP Key Key 1 WEP Key 1 00 00 00 00 00 WEP Key 2 00 00 00 00 00 WEP Key 3 00 00 00 00 00 WEP Key 4 00 00 00 00 00 MAC Address Based Access Control Disabled Access Control Table Type Inclusive Wireless Client Isolation Disabled AP Load balancing Disabled WAN Interface Type Static IP DSL Cable Changeable MAC Address IEEE 802 11...

Page 52: ... ICMP Request Blocking Disabled State Packet Inspection SPI Disabled Management Remote Web Based Management Disabled UPnP Enabled SNMP Enabled SNMP read community public SNMP write community private Telnet Enabled A 2 LED Definitions There are several LED indicators on the housing of a WIASA They are defined as follows Wireless Broadband Router PPP PPP PPPoE Lights up when a PPP or PPPoE link has ...

Page 53: ...interface LNK Link Lights up when the Ethernet WAN interface is initialized successfully ACT Active Lights up when the Ethernet WAN interface is transmitting or receiving data 100 10 1 4 10 100 Ethernet LAN switch ports LNK Link Lights up when an Ethernet cable is connected firmly to this Ethernet port ACT Active Lights up when this Ethernet port is transmitting or receiving data 48 ...

Page 54: ...n B 1 Wireless Settings Problems The wireless client computer cannot associate with an access point Is the wireless client set in infrastructure mode Check the operating mode of the WLAN NIC Is the SSID of the WLAN NIC identical to that of the prospective access point or WIASA Check the SSID setting of the WLAN NIC and of the WIASA Is the WEP functionality of the prospective access point or WIASA ...

Page 55: ... client computer receives the DNS reply it knows the IP address of the correspondent host and sends further packets to this IP address As illustrated in Fig 53 the communication path could be broken at some of the stages The OS provided network diagnostic tool ping exe can be employed to find out TCP IP related commu nication problems NOTE If two or more NICs are installed and operating on a clien...

Page 56: ...dress of the gateway in the same IP subnet Find out the answer on the start page of the Web Based Network Manager Is the NAT server functionality of the WIASA enabled Find out the answer on the start page of the Web Based Network Manager If you cannot find any incorrect settings of the WIASA the default gateway of the WIASA may be really down or there are other communication problems on the networ...

Page 57: ...ault Web browser on your computer Fig 54 Wireless Router AP Browser The WIASA stops working and does not respond to Web management requests The firmware of the WIASA may be stuck in an incorrect state Press the Reset button on the housing of the WIASA or unplug the power connector from the power jack and then re plug the connector to restart the WIASA Contact our technical support representatives ...

Reviews:

No comments

Related manuals for 520638

UNICOM WEP-72104G-1 Specifications preview
WEP-72104G-1
Brand: UNICOM Pages: 1
Ebyte E30-400M30S User Manual preview
E30-400M30S
Brand: Ebyte Pages: 11
Arris VAP4641 Quick Start Manual preview
VAP4641
Brand: Arris Pages: 2
Grandstream Networks GWN7664LR Quick Installation Manual preview
GWN7664LR
Brand: Grandstream Networks Pages: 12
Sercomm RP052M User Manual preview
RP052M
Brand: Sercomm Pages: 14
Cisco uBR905 Installation Manual preview
uBR905
Brand: Cisco Pages: 90
Loopcomm LP-2396K User Manual preview
LP-2396K
Brand: Loopcomm Pages: 94
AEG BOF18B2 Original Instructions Manual preview
BOF18B2
Brand: AEG Pages: 24
AEG KHF 4203 Instruction Manual preview
KHF 4203
Brand: AEG Pages: 48
JVC HA-A9T Startup Manual preview
HA-A9T
Brand: JVC Pages: 2
JVC HA-ET103BT Startup Manual preview
HA-ET103BT
Brand: JVC Pages: 2
JVC HA-KD10W Startup Manual preview
HA-KD10W
Brand: JVC Pages: 2
JVC HA-A7T Startup Manual preview
HA-A7T
Brand: JVC Pages: 2
JVC HA-FX29BT Instructions preview
HA-FX29BT
Brand: JVC Pages: 2
JVC HA-FX103BT Startup Manual preview
HA-FX103BT
Brand: JVC Pages: 2
JVC HA-S22W Startup Manual preview
HA-S22W
Brand: JVC Pages: 2
JVC KS-HP2 Instructions preview
KS-HP2
Brand: JVC Pages: 2
JVC HA-NP35T Startup Manual preview
HA-NP35T
Brand: JVC Pages: 2

Brands by name

Popular brands

Load more brands