manualshive.com logo in svg

Planex GW-AP54SAG, User Manual

The Planex GW-AP54SAG comes with a comprehensive User Manual, available for free download from manualshive.com. This manual provides detailed instructions and guidance to maximize the performance and functionality of this exceptional product, ensuring a seamless user experience. Easily access the manual and unleash the full potential of your GW-AP54SAG.

Share
Download
background image

 

 

 

33

 

 

 

 

Radius Settings 

Radius servers provide centralized authentication services to wireless clients. Two Radius serv-
ers can be defined: one acts as a primary, and the other acts as a backup. 

Two user authentication methods can be enabled: one based on MAC address filter, the other 

based on 802.1x EAP authentication. 

MAC address filtering based authentication requires a MAC address filter table to be created in 

either the GW-AP54SAG (as described in the section 

MAC Filtering Settings

) and/or the Radius 

server. During the authentication phase of a wireless station, the MAC address filter table is 
searched for a match against the wireless client’s MAC address to determine whether the sta-
tion is to be allowed or denied to access the network. 

The Radius server can also be used for 802.1x EAP authentication. IEEE 802.1x is an IEEE 
standard that is based on a framework that involves stations to be authenticated (called Suppli-
cant), an authentication server (a Radius Server) that provides authentication services, and an 
authenticator that provides necessary translation and mediating functions between the authen-

tication server and the stations to be authenticated. The GW-AP54SAG acts as an authentica-

Summary of Contents for GW-AP54SAG

Page 1: ......

Page 2: ...eval system or transmitted in any form or by any means whether electronic mechanical photocopying recording or oth erwise without the prior writing of the publisher Windows 95 98 Me and Windows 2000 XP are trademarks of Microsoft Corp Pentium is trademark of Intel All copyright reserved ...

Page 3: ...n 17 Setup Wizard 17 Time Settings 18 Device IP Settings 18 Wireless SETTINGS 20 Advanced Settings 26 Password Settings 26 System Management 26 MAC Filtering Settings 29 SSID Settings 30 Wireless Settings 31 Operational Mode 32 Radius Settings 33 DoS Settings 35 Managing the GW AP54SAG 36 How to View the device Status 36 How to View the System Log 37 Wireless Client Table 37 Bridge Table 38 Radio ...

Page 4: ...etween the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help FCC Caution To assure continued compliance example use only shielded interface ca bles when connecting to computer or peripheral devices any changes or modifications not expressly approved by the...

Page 5: ...adio band as the 802 11b technology it can inter operate with existing 11Mbps 802 11b devices Therefore you can protect your existing in vestment in 802 11b client cards and migrate to the high speed 802 11g standard as your needs grow To address growing security concerns in a wireless LAN environment different levels of secu rity can be enabled in the GW AP54SAG including To disable SSID broadcas...

Page 6: ... IP address Multiple security measures SSID hiding Access Control List WEP based encryp tion 64 128 152 bits enhanced Security with 802 1x using a primary and a backup Radius Server with without dynamic WEP keys WPA PSK and WPA Extensive monitoring capability such as event logging traffic error statistics moni toring Support of remote logging Easy configuration and monitoring through the use of a ...

Page 7: ...onfigured in the Access Point mode the GW AP54SAG allows a group of wireless stations to communicate with each other through it Such a network is called an Infrastructure BSS The GW AP54SAG further provides bridging functions between the wireless network and the wired LAN network When multiple access points are connected to the same LAN segment stations can roam from one GW AP54SAG to another with...

Page 8: ...d other AP s operating in the WDS mode The system will support up to eight such AP s in a WDS configuration Note that an GW AP54SAG running in the WDS mode can also support wireless stations si multaneously as shown in the left most AP in the diagram below Setting Up the device The GW AP54SAG can be managed remotely by a PC through either the wired or wireless network To do this the GW AP54SAG mus...

Page 9: ...nce A U T O M A T I C I P The GW AP54SAG can also be configured to obtain an IP address automatically from a DHCP server on the network This address is called dynamic because it is only dynamically assigned to the device which may change depending on the IP assignment policy used by the DHCP server on the network Since the IP address in this case may change from time to time this method is not rec...

Page 10: ... you have purchased followed by steps of how to power up and connect the GW AP54SAG Finally this section explains how to configure a Win dows PC to communicate with the GW AP54SAG What s in the Box The GW AP54SAG package contains the following items One GW AP54SAG One 5V AC power adapter with a barrel connector One of the CD ROM User s Manual Chapter 2 ...

Page 11: ...rate DHCP server will be available for assigning dynamic and often private IP addresses to requesting DHCP clients This means that the GW AP54SAG normally will not need to enable the DHCP server function Additionally since you need to perform various configuration changes to the GW AP54SAG including the SSID Channel number the WEP key etc it is necessary to associate a fixed IP address with the GW...

Page 12: ...will work with the AP with each other and with devices on the wired LAN network Setting up a Windows PC or wireless client as DHCP clients The following will give detailed steps of how to configure a PC or a wireless client to obtain IP addresses automatically For other types of configuration please refer to the correspond ing user manual In the case of using a LAN attached PC the PC must have an ...

Page 13: ...Step 7 Click Properties and check the settings in each of the TCP IP Properties window Bindings Tab both Client for Microsoft Networks and File and printer sharing for Microsoft Networks should be se lected Gateway Tab All fields should be blank DNS Configuration Tab Disable DNS should be selected IP Address Tab Obtain IP address automatically should be selected Step 8 With the GW AP54SAG powered ...

Page 14: ...power can be monitored from this display GW AP54SAGLEDDescription Label 11a 11g LAN 100 POWER Steady Light 11a Wireless Link is active 11g Wireless Link is active Link is active Link at 100Mbps Power OFF No 11a Wireless connection No 11g Wireless connection No LAN connec tion Link at 10Mbps No Power FLASH XMT RCV Data XMT RCV Data XMT RCV Data N A N A ...

Page 15: ...vices Through A Hub To The GW AP54SAG The GW AP54SAG provides an RJ45 LAN interface that you can use to connect to a PC or an external hub Step 1 Connect to the LAN port Plug this end into any port of an Ethernet hub switch ...

Page 16: ...the local LAN environment The GW AP54SAG is designed so that all basic configuration may be effected through the a standard Web browser such as Microsoft Internet Explorer From a PC that has been configured as described in Chapter 2 enter the IP address of the GW AP54SAG as the URL in your browser e g http 192 168 1 100 Note The IP address of your PC must be in the same IP subnet as the GW AP54SAG...

Page 17: ... menu an administrator login screen will appear prompting you for the password in order to log on If you are logging on for the first time you should use the factory default setting 0000 The password is always displayed as a string of asterisks Click the LOG ON button to start the configuration session Setup Wizard The Setup Wizard will guide you through a series of configuration screens to set up...

Page 18: ... time settings page appears The device time is automatically set to the local time of the management PC at the first time a connection is made To modify the de vice s time modify the appropriate fields then click NEXT D E V I C E I P S E T T I N G S ...

Page 19: ...s important to note that there are similar addresses falling in the standard private IP address range and it is an essential security feature of the device Because of this private IP address the device can no longer be accessed seen from the Internet Gateway IP Address Enter the IP address of your default gateway DNS Server The Domain Name System DNS is a server on the Internet that translates log...

Page 20: ...t is recommended that your GW AP54SAG should be assigned a static IP address in order to make it easy for you to manage the device later on W I R E L E S S S E T T I N G S Network Name SSID The SSID is the network name used to identify a wireless network The SSID must be the same for all devices in the wireless network i e in the same BSS Several access points on a network can have the same SSID T...

Page 21: ...s to get associated 802 11a turbo 802 11g turbo super a without turbo super g without turbo super a with dynamic turbo super g with dynamic turbo or super a with static turbo super g with static turbo protocol the turbo mode is only applied where the regula tion allows The same explanation for both of the radios Regulatory Domain Please make sure that your regulatory domain matches your region The...

Page 22: ...phrase and click the GENERATE button to generate the four keys So you can use a mne monic string as the pass phrase instead of memorizing the four keys Key Index You have to specify which of the four keys will be active Once you enable the WEP function please make sure that both the GW AP54SAG and the wireless client stations use the same key Note Some wireless client cards only allow Hexadecimal ...

Page 23: ...eys 64 128 152 bit to have data encryption Here you do not have to enter the WEP key manually because it will be generated automatically and dynamically NOTE After you have finished the configuration wizard you have to configure the Radius Settings in Advanced Settings in order to make the 802 1x function work WPA PSK ...

Page 24: ...ireless client stations use the same key Encryption Type There are two encryption types TKIP and CCMP AES While CCMP provides better security than TKIP some wireless client stations may not be equipped with the hardware to support it You can select Both to allow TKIP clients and CCMP clients to con nect to the Access Point at the same time Group Rekey Interval A group key is used for multicast bro...

Page 25: ...shared key required The Encryption Type and Group Rekey Interval settings are same as WPA PSK Finish Setup Wizard and Save Your Settings After stepping through the Wizard s pages you can press the FINISH button for your modifica tion to take effect This also makes your new settings saved into the permanent memory on your system ...

Page 26: ...tings tab on the top row of the window allows you to perform modifications that normally you may not need to do for general operations except changing your password from the default factory setting this is highly recommended for security purposes Password Settings The default factory password is password To change the password press the Password Settings button to enter the Password Settings scree...

Page 27: ...l Management The local management feature allows you to manage your GW AP54SAG locally through the use of an HTTP browser System Administration The Access Point allows you to designate special port numbers other than the standard 80 for http for remote management It also allows you to specify the duration of idle time inactivity before a web browser session times out The default time out value is ...

Page 28: ...vents RFC 3164 When the GW AP54SAG en counters an error or warning condition e g a log in attempt with an invalid password it will create a log in the system log table To be able to remotely view such system log events you need to check the Enable Syslog box and configure the IP address of a Syslog daemon When doing so the GW AP54SAG will send logged events over network to the daemon for future re...

Page 29: ...d by the Access Point and sent to in the network You can define trap managers in the system You can add a trap manager by entering a name an IP address followed by pressing the ADD button You can delete a trap manager by selecting the corresponding entry and press the DELETE SELECTED button You enable a trap manager by checking the Enable box in the corresponding entry or disable the trap manager ...

Page 30: ... table lists all configured MAC Filter entries To delete entries check the corresponding select boxes and then press DELETE SELECTED SSID Settings The Access Point can allow user to set up different SSID settings Enable VLAN QoS or DiffServ QoS Each this SSID setting is based on which Security Policy ...

Page 31: ... or control frames larger than specified RTS threshold must be transmitted following the RTS CTS handshake exchange mechanism The RTS threshold should have a value between 256 2347 bytes with a default of 2347 It is recommended that this value does not deviate from the default too much Fragmentation Threshold When the size of a unicast frame exceeds the fragmentation threshold it will be fragmente...

Page 32: ... to 255 with a default value of 3 User Limitation Input what s the maximum users can connect with Access Point through SSID The default value is 100 Enable privacy separator for 2 radio enable disable Radio 1 Radio 2 Transmit Power 100 75 50 25 12 Operational Mode The GW AP54SAG can be configured to operate in one of the following three modes as men tioned previously in Chapter 1 1 Access Point 2 ...

Page 33: ...s server During the authentication phase of a wireless station the MAC address filter table is searched for a match against the wireless client s MAC address to determine whether the sta tion is to be allowed or denied to access the network The Radius server can also be used for 802 1x EAP authentication IEEE 802 1x is an IEEE standard that is based on a framework that involves stations to be auth...

Page 34: ... the primary server will be tried first Server IP The IP address of the RADIUS server Port Number The port number that your RADIUS server uses for authentication The de fault setting is 1812 Shared secret This is used by your RADIUS server in the Shared Secret field in Radius pro tocol messages The shared secret configured in the GW AP54SAG must match the shared secret configured in the RADIUS ser...

Page 35: ...oadcast packets to our system or other clients rapidly and continuously this makes our system too busy to process other legitimate request From High to Low High means highest security Low means lowest security Ping flooding filtering Ping flooding is a simple brute force denial of service attack The at tacker sends a flood of ICMP packets to your machine If they are doing this from a host with bet...

Page 36: ...ow to upgrade the firmware of your GW AP54SAG How to save or restore configuration changes How to reset the configuration to the factory default How to reboot your GW AP54SAG What if you forgot the password How to View the device Status You can monitor the system status and get general device information from the Device In formation screen Chapter 4 ...

Page 37: ... left side of the Device Status window to view log events recorded in the system The System Log entries are shown in the main screen along with the log level the severity level of messages that are being displayed lower is severer and the up time which is the amount of time since the GW AP54SAG was boot up Wireless Client Table The wireless client table lists the current wireless clients and its M...

Page 38: ...ridge table shows all MAC entries learned from the wired LAN interface wireless clients and WDS peers if running in the WDS mode You can check this table by clicking Bridge Table at the left side of the Device Status window ...

Page 39: ...39 Radio Table Radio table lists current Mode channel client associated with them and transmit packet re ceived packet data error ...

Page 40: ...rmally this is done when a new version of firmware offers new features that you want or solves problems that you have encountered with the current version System upgrade can be performed through the System Upgrade window as follows Step 1 Select System Tools then Firmware Upgrade from the menu and the following screen displays ...

Page 41: ...elling you that the operation is completed you need to reset the system to have the new firmware take effect Note It is recommended that you do not upgrade your GW AP54SAG unless the new firmware contains a new feature that you want or if it contains a fix to a problem that you ve encountered How to Save or Restore Configuration Changes You can save system configuration settings to a file and late...

Page 42: ...d file or click the RESTORE FROM FILE button to restore the system configuration from the specified file How to reset the configuration to the factory default You can reset the configuration of your GW AP54SAG to the factory default settings To do it Step 1 Select Factory Default from the System Tools menu you will see the following screen Step 2 Click YES to go ahead and restore the configuration...

Page 43: ...clients and therefore will disrupt any current data traffic What if you Forgot the Password If you forgot the password the only way to recover is to clear the device configuration and re turn the unit to its original state as shipped from the factory You can do this by pressing the hardware restore button on the back of the device and hold for two seconds Please note that this will also clear your...

Page 44: ...ord entered will be echoed back as asterisks After the Carriage Return is entered if the password string is validated the command prompt Command will be displayed and the user can then issue other commands Otherwise the password prompt will be redisplayed Most commands are single line commands and commands are not context sensitive each com mand is independent of other commands before or after it ...

Page 45: ...rver primary enter server IP Unspecified 192 168 1 10 enter port number 1812 1 65535 1812 enter shared secret The first prompt means current IP setting is not specified yet and there is no default for that The second prompt means a number between 1 and 65535 is expected with 1812 being the default During the first time a particular parameter is configured typing a carriage return will cause the de...

Page 46: ... if the string contains embedded blanks Names representing filters and MAC addresses could be up to 30 characters in length password and SNMP community read write strings are up to 15 characters in length When the password and SNMP community write string are entered they are echoed back as a string of s for protection while other parameters such as WEP keys are echoed back the way they are typed i...

Page 47: ...d e g by save config will be lost save config Description Save the current configuration onto the flash so the configuration will be kept after the system is rebooted set http port port number 1 65535 Description Set the HTTP server port for device management to the one specified set http timeout timeout value in minutes 1 60 Description Set the timeout value for the HTTP management session set pr...

Page 48: ...ue in minutes 1 60 Description Set the timeout value for a TELNET management session show arp table Description Display the ARP table of the system show http Description Display the current configurations of the HTTP management function show system Description Display the current basic system configurations show system ip Description Display the current device IP settings of the system show telnet...

Page 49: ...e Description Display the currently configured MAC filter mode 3 SNMP Commands disable snmp Description Disable the SNMP function enable snmp Description Enable the SNMP function set community string read write string up to 15 characters Description Configure the SNMP READ WRITE community string show community string read Description Display the SNMP READ community string show snmp Description Dis...

Page 50: ...ty log level 1 7 Description Enable the trace function with the specified log level on the specified facility If no log level is specified the previously configured log level is used set log level log level 1 7 Description Set the log level set syslogd IP address Description Configure the IP address of the remote syslog daemon This is used for the remote syslog function show log level Description ...

Page 51: ...ication Description Enable the use of external RADIUS servers for MAC address access control enable radius server primary secondary Description Enable the use of the primary secondary RADIUS server set radius server reattempt reattempt interval in minutes 5 60 Description Configure the reattempt time for the system to contact the primary RADIUS server after the primary RADIUS server was down set r...

Page 52: ...n square brackets alone on a line Section names are allowed to contain any character but square brackets or linefeeds For example sectionName Basically a section corresponds to a configuration item a section contains zero or more key and value pairs that are the settings for the configuration item A section name is case in sensitive 2 Keys and Values A section contains zero or more key and value p...

Page 53: ...ISPType dhcp Hostname name ISPType pppoe PPPoEUserName name PPPOEPassword password PPPOEServiceName service PPPOEConnection Type demand_dialing PPPOEMTU 1492 PPPOEMRU 1492 PPPOESessionType normal PPPOESession Type unnumbered_link KeepPrivateLan enable disable UnnumberedIP 192 168 1 100 UnnumberedNet mask 255 255 255 0 WAN Interface Configuration ISPType the WAN connection type static dhcp pppoe pp...

Page 54: ... MpppoeLanIP 2 2 0 0 MpppoeLanNetmask 255 255 0 0 TPIPRange enable TPPortRange disable TPKeyword disable TPNetBios enable TPRuleIPRange 50 0 0 0 20 TPRuleNetwork 60 0 0 0 24 TPRulePortRange 40000 50000 TPRuleKeyword key pattern Multiple PPPoE Sessions Configuration There could be multiple entries max 7 entries each entry contains the following items MpppoeSessionName a mnemonic name for this entry...

Page 55: ...SID broadcast Radio1Mode radio mode of radio 1 11a 11at a turbo 11sa super a without turbo 11sast super a with static turbo 11sadt super a with dynamic turbo Radio2Mode radio mode of radio 2 11g b 11g or 11b 11g 11gt g turbo 11sg super g without turbo 11sgst super g with static turbo 11sgdt super g with dynamic turbo Radio1Channel Radio2Channel channel number 1 2 3 or auto Radio1TxPower Radio2TxPo...

Page 56: ...sk wpa For wep type WEPAutoGenerateKey whether use a pass phrase to generate WEP keys enable disable WEPPassPhrase WEP key pass phrase if WEPAutoGenerateKey is enable WEPPassPhraseLength the length of keys that should be generated from the pass phrase if WEPAutoGenerateKey is enable If WEPAutoGenerateKey is disable the 4 WEP keys should be specified For each WEP key i WEPKeyiType specifies the key...

Page 57: ...ternet Gateway WLAN Ac cess Point with WDS support RepeaterMAC if OpMode is repeater this item is required to configure the peer s MAC address Radio1WDSEntry Radio2WDSEntry WDSName wds peer WDSMAC 00 11 22 33 44 55 WDS Entry Configuration for Radio 1 2 There could be multiple entries max 8 entries each entry contains the following items WDSName a mnemonic name for the peer WDSMAC the MAC address o...

Page 58: ...the STP function is enabled en able disable SNMP SnmpState enable SysName name SysLocation Input System Loca tion SysContact Input Contact Person ReadCommunity public WriteCommunity private SNMP Configuration SnmpState whether the SNMP function is enabled enable disable If SnmpState is enable the following items can be included SysName system name string SysLocation system location description Sys...

Page 59: ...ndaryPort 1812 RadiusSecondarySharedSe cret 2222 External Primary Secondary RADIUS Server Configuration RadiusPrimaryState RadiusSecondaryState whether use the external primary secondary RADIUS server enable disable If the RadiusPrimaryState RadiusSecondaryState is enable the following items have to be configured RadiusPrimaryIP RadiusSecondaryIP the IP address of the external primary secondary RA...

Page 60: ...orm Level medium DOSPingFloodLevel medium DoS Denial of Service Configuration DOSAuthenticateState whether enable authentica tion failure attack enable disable DOSBroadcastState whether enable broadcast storm prevention enable disable DOSPingState whether enable ping flood prevention enable disable DOSAuthFailTimes if DOSAuthenticateState is enable this items configures the number of failures that...

Page 61: ... IEEE 802 11b 11 5 5 2 1 Mbps with auto fallback Physical Specification External Power Adapter with DC5V 2A Input PCB Dimension 100 mm x 100 mm Desktop Instillation Wall Ceiling Mountable Hardware Antenna 1 x RJ45 1 x Restore Button 1 x External Antenna 1 x Internal Antenna 5 x LED 1 x Power 2 x LAN Link Act 100 2 x WLAN 11a 11g Security WEP 64 bit 128 bit 152 bit Encryption MAC Access Control for...

Reviews:

No comments

Related manuals for GW-AP54SAG

H3C MSR900-E Routers Installation Manual preview
MSR900-E Routers
Brand: H3C Pages: 38
H3C MSR810 Safety Manual preview
MSR810
Brand: H3C Pages: 64
D-Link DAP-2553 - Wireless N Dual Band Gigabit Access... Quick Installation Manual preview
DAP-2553 - Wireless N Dual Band Gigabit Access...
Brand: D-Link Pages: 32
Conceptronic C54BRS4 Quick Installation Manual preview
C54BRS4
Brand: Conceptronic Pages: 121
LevelOne WAB-5120 Quick Installation Manual preview
WAB-5120
Brand: LevelOne Pages: 14
3Com 3CRWE675075 - 11a/b/g Wireless LAN Workgroup... User Manual preview
3CRWE675075 - 11a/b/g Wireless LAN Workgroup...
Brand: 3Com Pages: 70
TRENDnet TEW-2K1 Quick Installation Manual preview
TEW-2K1
Brand: TRENDnet Pages: 29
Atlantis Land A07-WA6102X-2 Specification Sheet preview
A07-WA6102X-2
Brand: Atlantis Land Pages: 2
Airlink101 AP671W User Manual preview
AP671W
Brand: Airlink101 Pages: 56
Loopcomm LP-8096 User Manual preview
LP-8096
Brand: Loopcomm Pages: 66
Loopcomm LP-7316K User Manual preview
LP-7316K
Brand: Loopcomm Pages: 83
Motorola AP6562E Installation Manual preview
AP6562E
Brand: Motorola Pages: 48
Motorola WA840G Specifications preview
WA840G
Brand: Motorola Pages: 2
Motorola MC-802 User Manual preview
MC-802
Brand: Motorola Pages: 15
Motorola AP6532 Installation Manual preview
AP6532
Brand: Motorola Pages: 48
Motorola AP6562 Installation Manual preview
AP6562
Brand: Motorola Pages: 60
Motorola MOTOMESH Duo 4300-49 User Manual preview
MOTOMESH Duo 4300-49
Brand: Motorola Pages: 90
Motorola MOTOwi4 25600 Hardware Installation preview
MOTOwi4 25600
Brand: Motorola Pages: 106

Brands by name

Popular brands

Load more brands