background image

NP727 User’s Manual V1.00 

 

 

4.3 Firewall 

 

The system provides an added security feature, L2 firewall, in addition to typical AP security. Layer-2 firewall offers 

a firewall function that is tailored specifically for layer 2 traffics, providing another choice of shield against possible 

security threats coming from/going to WLAN (AP interfaces); hence, besides firewall policies configured on 

gateways, this extra security feature will assist to mitigate possible security breach.  

 

4.3.1  Layer 2 Firewall Settings 

It provides an overview of firewall rules in the system; 6 default rules with up to total 20 firewall rules are available 

for configuration. 

 

Layer 2 Firewall Overview 

 

From the overview table, each rule is designated with the following fields:  

 

No.:

 The numbering will decide the priority to let the system carry out the available firewall rules in the 

table.   

 

State: 

The check marks will enable the respective rules. 

 

Action

: “DROP” denotes a block rule; “ACCEPT” denotes a pass rule. 

 

Name:

 It shows the name of the rule. 

 

EtherType:

 It denotes the type of traffics subject to this rule. 

 

Summary of Contents for INFRASTRUCTURE SERIES

Page 1: ...NetComm INFRASTRUCTURE Series In wall Wireless Access Point USER GUIDE...

Page 2: ...tings 29 4 1 3 Management Services 30 4 2 Wireless 31 4 2 1 Virtual AP Overview 31 4 2 2 General Settings 33 4 2 3 VAP Configuration 35 4 2 4 Security Settings 36 4 2 5 Repeater Settings 39 4 2 6 Adva...

Page 3: ...NP727 User s Manual V1 00 4 5 3 Repeater Information 62 4 5 4 Event Log 61 4 6 Online Help 62...

Page 4: ...tage of running fewer cables in the duct The Power over Ethernet PoE LAN port on the NP727 serves as the power feed as well as the wired network feed Alternatively it can also be powered via an AC ada...

Page 5: ...net Access Controller the combination has been pre integrated to provide solutions for many applications 1 4 Document Conventions Represents essential steps actions or messages that should not be igno...

Page 6: ...NP727 User s Manual V1 00 2 System Overview 2 1 Package Contents The standard package of the NP727 includes y NP727 x 1 y Screws Face Plate Kit x 1 y Product CD ROM x 1...

Page 7: ...auto fallback 54 48 36 24 18 12 11 9 6 5 5 2 and 1 Mbps h Receiver Sensitivity 1 802 11g 54Mbps 74dBm 2 802 11b 11Mbps 89dBm h RF output power 1 EU AU 100mW EIRP Note EIRP Transmit Power Antenna Gain...

Page 8: ...CCMP AES h Setting for TKIP CCMP AES key s refreshing period h Hidden ESSID support h MAC Address filtering MAC ACL h MAC authentication with RADIUS servers h Maximum number of registered RADIUS serv...

Page 9: ...se T Ethernet h LED Indicators 1 Power 1 LAN 1 WLAN Environment h Operation Temperature 20 50 C h Storage Temperature 20 70 C h Operation Humidity 10 80 Non condensing h Storage Humidity 5 90 Non cond...

Page 10: ...LAN port The antenna is built in chip antenna Front Panel 1 RESET Button Press the button to restart the system Press the button for more than 30 seconds to reset the system to default settings 2 LAN...

Page 11: ...NP727 User s Manual V1 00 In Wall Panel 1 POWER SOCKET Attach the power adapter here it accepts 12VDC 1 5A 2 PoE LAN The LAN port is for connection with wired networks or PoE Switch...

Page 12: ...he hardware of the NP727 Before the installation assemble the following parts accordingly for the in wall placement Step 1 Unpack the box and remove the cover and the frame Step 2 Lock the screw corre...

Page 13: ...NP727 User s Manual V1 00 Step 4 Cover it with faceplate...

Page 14: ...r end of the cable to a switch a router or a hub The NP727 is then connected to your existing wired LAN network 3 There are two ways to supply power over to THE NP727 1 Connect the power adapter to th...

Page 15: ...e NP727 in the TCP IP of your PC such as the following example Please note that the IP address used shall not be duplicated with the IP address of other devices within the same network IP Address 192...

Page 16: ...NP727 User s Manual V1 00 To logout simply click on the Logout button at the upper right hand corner of the interface to return to the Administrator Login Page...

Page 17: ...Admin Password tab h Enter a new password with length up to 32 characters and then click SAVE to save the new password Note Click SAVE to save the changes but you must reboot the system upon the compl...

Page 18: ...ettings h Click on the Wireless button and then select the General tab h Determine the Band and Channel settings Select your preferred Band and Channel for your wireless connection For example select...

Page 19: ...AP profile settings a Select the VAP Config tab to configure the settings for each VAP b An administrator can enable or disable specific VAP from the drop down list box of Profile Name h Check VAP sta...

Page 20: ...NP727 User s Manual V1 00 h Click on the Wireless button h Select the Security tab to configure your preferred security types The following uses VAP 1 security configuration as an example...

Page 21: ...NP727 User s Manual V1 00 1 Choose WEP as its Security Type When WEP is selected provide the desired Authentication key length format index and values...

Page 22: ...NP727 User s Manual V1 00 2 Choose 802 1X as its Security Type When 802 1X authentication is selected provide the desired WEP key length and the corresponding settings of RADIUS server...

Page 23: ...K as its Security Type When WPA PSK is selected provide the desired pre shared key and Cipher Suite 4 Choose WPA Radius as its Security Type When WPA Radius is selected provide the Cipher type and the...

Page 24: ...h Select WDS from the drop down list of Repeater Type h Configure WDS link parameters a Select preferred Security Type b Enter MAC Address of Remote AP peer AP and click Add h To configure peer AP s A...

Page 25: ...ring is properly connected and please ensure the accurate execution of Step 5 as described above Congratulations The NP727 is now installed and configured successfully It is strongly recommended to ma...

Page 26: ...s are grouped into branches System Wireless Firewall Utilities and Status OPTION FUNCTION System Information Network Settings System Management Services Virtual AP Overview General Settings VAP Config...

Page 27: ...recommended to have different values in each AP h Name The system name used to identify this system h Description Further information about this installation h Location The geographic location y Time...

Page 28: ...hile this method is chosen at least one NTP server s IP address should be provided It is recommended to provide the IP address of both NET Server 1 and 2 in case of any NTP service failure 2 Manually...

Page 29: ...t the parameters manually Enter the IP Address Netmask and Gateway provided by your ISP y Primary and Secondary DNS Server If any host information is given in FQDN format full qualified domain name en...

Page 30: ...the NP727 s system status h Community String Specify the password for Read and Write h Trap Enable or Disable the feature When enabled events on Cold Start Interface Up Down and Association Disassocia...

Page 31: ...N ID security settings etc Such VAP capability enables different levels of service to meet actual requirements 4 2 1 Virtual AP Overview An overall status is collected in this page including Enable Di...

Page 32: ...security type connects to the screen of Security Settings MAC ACL The hyperlink showing Allow or Disable connects to the screen of Access Control Settings Advanced Settings The hyperlink of advanced...

Page 33: ...t Preamble This option can be turned on to enable Short Preamble frames y Channel Select the appropriate channel from the drop down list box to correspond with your network settings for example Channe...

Page 34: ...ations are illustrated as below Mode Channel Rate Power Disable NA NA NA 802 11b 1 2 3 4 5 6 7 8 9 10 11 12 13 Auto 1M 2M 5 5M 11M 802 11g 1 2 3 4 5 6 7 8 9 10 11 12 13 Auto 6M 9M 12M 18M 24M 36M 48M...

Page 35: ...VAP function y Profile Name The profile name of each VAP for identity management purpose y ESSID ESSID Extended Service Set ID indicates a unique SSID used by a client device to associate with a speci...

Page 36: ...ods in each VAP profile Thus the administrator can depend on the need to provide different service levels to clients The security type includes None WEP 802 1X WPA PSK and WPA RADIUS y None No authent...

Page 37: ...NP727 User s Manual V1 00 y 802 1X Provide RADIUS authentication and enhanced WEP y WPA PSK Provide shared key authentication in WPA data encryption...

Page 38: ...NP727 User s Manual V1 00 y WPA RADIUS Authenticate users by RADIUS and provide WPA data encryption...

Page 39: ...27 will support 4 WDS links to its peer APs Security Type None WEP or TKIP AES can be configured to decide which encryption is to be used for WDS connections respectively Please fill in remote peer s...

Page 40: ...eater is chosen please provide the SSID of upper bound AP for uplink connection Security Type None WEP or WPA PSK can be configured for this Repeater connection Please note the security type configure...

Page 41: ...r a value between 256 and 2346 The default is 2346 A packet size larger than this threshold will be fragmented sent in several pieces instead of one block before transmission A smaller value results i...

Page 42: ...s that are connected to them By enabling this function the NP727 will automatically broadcast information of associated wireless stations to its peer access points This will help wireless stations roa...

Page 43: ...for MAC ACL control 1 Disable Access Control No MAC address check required 2 MAC ACL Allow List Deny all except those in the Allow List When selecting MAC ACL Allow List all wireless connections to t...

Page 44: ...enticate incoming MAC addresses by RADIUS When selecting RADIUS ACL all incoming MAC addresses will be authenticated by RADIUS Please note that each VAP s MAC ACL and its security type showing on the...

Page 45: ...ntly used by the respective AP or repeater Rate The transmitting rate of the respective AP Signal The signal strength of the respective AP Security The encryption type used by the respective AP Setup...

Page 46: ...Setup to configure the WPA PSK setting for associating with the target AP The following configuration box will then appear at the bottom of the screen Information provided here must be consistent wit...

Page 47: ...o mitigate possible security breach 4 3 1 Layer 2 Firewall Settings It provides an overview of firewall rules in the system 6 default rules with up to total 20 firewall rules are available for configu...

Page 48: ...tion After SAVE button is clicked and system reboot the rule will be removed Layer 2 Firewall Settings Screen Remove rule To edit a specific rule Ed in Setting column of firewall list will lead to the...

Page 49: ...is 802 1Q It can be used to indicate the type of encapsulated traffics Opcode when EtherType is ARP RARP This list can be used to specify the ARP Opcode in ARP header Source MAC Address Mask indicate...

Page 50: ...mn of firewall list will lead to the following page for re ordering confirmation After SAVE button is clicked and system reboot the order of rules will be updated Move Rule Screen Please make sure all...

Page 51: ...NP727 User s Manual V1 00 Layer 2 Firewall Overview Check State...

Page 52: ...in this list will become options to choose in firewall rule when EtherType is IPv4 Overview of Firewall Services There are 28 firewall services available in default settings these default services ca...

Page 53: ...be validated against possible threats like DHCP starvation attack in addition the trusted DHCP server IP MAC can be specified to prevent rogue DHCP server ARP Inspection When enabled ARP packets will...

Page 54: ...is strongly recommended to change the default administrator s password to a secure password Only alpha numeric characters pattern is allowed and it is strongly recommended to take a combination of bo...

Page 55: ...NP727 User s Manual V1 00 4 3 2 Network Utilities THE NP727 provides a PING utility for possible network trouble shooting...

Page 56: ...take effect y Backup Settings Click Save to save the current system configurations to a backup file on a local disk It is recommended to make a backup before any configuration changes are made y Rest...

Page 57: ...ge appearing to notify the administrator to restart the system after a successful firmware upgrade Please restart the system after upgrading the firmware Note It is recommended to check the firmware v...

Page 58: ...27 safely The process shall take about three minutes Click Reboot to restart the system Please wait for the blinking timer to complete its countdown before accessing the system web management interfac...

Page 59: ...al V1 00 4 5 Status This section includes the following functions Overview Clients Repeater and Event Log 4 5 1 System Overview The System Overview page provides an overview of the system status for t...

Page 60: ...dress The MAC address of LAN Interface IP Address The IP address of the LAN Interface Subnet Mask The Subnet Mask of the LAN Interface LAN Interface Gateway The Gateway of the LAN Interface MAC Addres...

Page 61: ...corresponding parameters or investigate the settings of network devices to improve network communication performance y Associated VAP The name of an associated VAP Virtual Access Point y ESSID Extende...

Page 62: ...function either Universal Repeater or WDS Encryption The encryption type used None WEP or WPA PSK WDS Link Status The table will be displayed when WDS mode is selected For more information on the repe...

Page 63: ...er Settings SSID SSID of the upper bound AP to be associated with Tx Rate The transmit rate of the Repeater SNR The SNR Signal to Noise Ratio indicates the relative signal strength between the upper b...

Page 64: ...ime date when the event happened y Hostname Indicate which host records this event Note that all events in this page are local event so the hostname in this field are all the same However in remote sy...

Page 65: ...r s Manual V1 00 4 6 Online Help The Help button is at the upper right hand corner of the display screen Click Help for the Online Help window and then click the hyperlink of the relevant information...

Page 66: ...ined in the Quick Start Guide For further information regarding the advanced features of this product please refer to the configuring sections in the User Guide or contact a Network Specialist DYNALIN...

Reviews: