RayTalk RB-100g User Manual Download Page 96

Page: 96 / 108

Wireless Access Point User Guide

802.1x

This uses the 802.1x standard for client authentication, and WEP for data encryption. If possi-
ble, you should use WPA-802.1x instead, because WPA encryption is much stronger than
WEP encryption.

If this option is used:

•

The Access Point must have a "client login" on the Radius Server.

•

Each user must have a "user login" on the Radius Server.

•

Each user's wireless client must support 802.1x and provide the login data when required.

•

All data transmission is encrypted using the WEP standard. You only have to select the
WEP key size; the WEP key is automatically generated.

Summary of Contents for RB-100g

Page 1: ...Wireless Bridge Access Point RB 100g User s Guide...

Page 2: ...18 System Screen 34 Wireless Screens 36 Basic Settings Screen 36 Advanced Settings 39 CHAPTER 4 PC AND SERVER CONFIGURATION 41 Overview 41 Using WEP 41 Using WPA PSK 42 Using WPA 802 1x 43 802 1x Ser...

Page 3: ...TCP IP Settings Windows NT4 0 86 Checking TCP IP Settings Windows 2000 88 Checking TCP IP Settings Windows XP 90 APPENDIX D ABOUT WIRELESS LANS 92 Overview 92 Wireless LAN Terminology 92 APPENDIX E CO...

Page 4: ...o lower speeds when the environment does not permit maximum throughput Features of your Wireless Access Point The Wireless Access Point incorporates many advanced features carefully designed to provid...

Page 5: ...isolated from each other VLAN Support The 802 1Q VLAN standard is supported allowing traffic from differ ent sources to be segmented Combined with the multiple SSID feature this provides a powerful to...

Page 6: ...s Accounting Support If you have a Radius Server you can use it to provide accounting data on Wireless clients Syslog Support If you have a Syslog Server the Wireless Access Point can send its log dat...

Page 7: ...t Panel Status On Error condition Off Normal operation Blinking During start up and when the Firmware is being upgraded Power On Normal operation Off No power LAN On The LAN Ethernet port is active Of...

Page 8: ...ar ALL data and restore ALL settings to the factory default values To Clear All Data and restore the factory default values 1 Power Off the Access Point 2 Hold the Reset Button down while you Power On...

Page 9: ...nes Use an elevated location such as wall mounted or on the top of a cubicle Place the Wireless Access Point near the center of your wireless coverage area If possible ensure there are no thick walls...

Page 10: ...s Point supports PoE Power over Ethernet To use PoE 1 Do not connect the supplied power adapter to the Wireless Access Point 2 Connect one end of a standard category 5 LAN cable to the Ethernet port o...

Page 11: ...Browser Setup using the Windows Utility A simple Windows setup utility is supplied on the CD ROM This utility can be used to assign a suitable IP address to the Wireless Access Point Using this utili...

Page 12: ...nstalled in the Wireless Access Point Description Any extra information for the Wireless Access Point entered by the administrator Note If the desired Wireless Access Point is not listed check that th...

Page 13: ...ment Use the on line help if necessary The later sections in this Chapter also provides more details about each of these screens Access Control MAC level access control Security Profiles Wireless secu...

Page 14: ...less Access Point is configured establishing a Wireless connection to it may be not possible If your LAN contains a Router or Routers ensure the PC used for configuration is on the same LAN segment as...

Page 15: ...e Management menu 9 Use the Apply Restart button on the menu to apply your changes and restart the Wireless Access Point Setup is now complete Wireless stations must now be set to match the Wireless A...

Page 16: ...rusted If you have not added any stations this table will be empty For each Wireless station the following data is displayed MAC Address the MAC or physical address of each Wire less station Connected...

Page 17: ...se this when adding or editing a Trusted Station Address The MAC physical address of the Trusted Wireless Station Use this when adding or editing a Trusted Station Buttons Add a Trusted Wireless Stati...

Page 18: ...quired 4 Click Update to save your changes Add To add a Trusted Station which is not in the Other Wireless Stations list enter the required data and click this button Clear Clear the Name and Address...

Page 19: ...t SSID setting on the Basic screen is enabled 802 11b g Bridge Mode Select the primary profile for 802 11b and 802 11g 2 4 GHz band Bridge Mode This setting determines the SSID and security settings u...

Page 20: ...If your Wireless Access Point only has a single band then only 1 option is available Security Settings Select the desired option and then enter the settings for the selected method The available optio...

Page 21: ...ypted using the WPA standard Keys are automatically generated so no key input is required 802 1x This uses the 802 1x standard for client authentication and WEP for data encryp tion If possible you sh...

Page 22: ...Wireless Access Point has the correct address port number and shared key for login to your Radius Server These parameters are entered either on the Security page or the Radius based MAC authenticatio...

Page 23: ...twork Radius Port If this field is visible enter the port number used for connections to the Radius Server Client Login Name If this field is visible it displays the name used for the Client Login on...

Page 24: ...the security method used 2 Add users on your RADIUS server as required and allow access by these users 3 Client PCs must have the correct Wireless settings in order to associate with the Wireles Acce...

Page 25: ...rnet access is allowed Otherwise the user remains on the login page Clients which pass the authentication are listed as xx xx xx xx xx xx WEB au thentication in the log table and station status would...

Page 26: ...to complete the login procedure Login URL Enter the URL of the page on your local Web Server you wish users to see when they attempt to access the Internet but are not logged in Login Failure URL Ent...

Page 27: ...me method Key Input Select Hex or ASCII depending on your input method All keys are converted to Hex ASCII input is only for convenience Key Value Enter the key values you wish to use The default key...

Page 28: ...y Other Wireless Stations must use the same key WPA Encryption Select the desired option Other Wireless Stations must use the same method TKIP Unicast point to point transmissions are encrypted using...

Page 29: ...or broadcast transmissions Enable this if you want the keys to be updated regularly Key Lifetime This field determines how often the Group key is dynamically updated Enter the desired value Update Gro...

Page 30: ...s option is selected This Access Point must have a client login on the Radius Server Each user must have a user login on the Radius Server Normally a Certificate is used to authenticate each user See...

Page 31: ...28 bit WEP AES CCMP CCMP is the most common sub type of AES Advanced Encryption System Most systems will simply say AES If selected both Unicast point to point and multicast broadcast transmissions ar...

Page 32: ...ified time period Radius MAC Authentication The current status is displayed This will always be Disabled because Radius MAC Authentication is not available with WPA 802 1x The Configure button for thi...

Page 33: ...d This Access Point must have a client login on the Radius Server Each user must have a user login on the Radius Server Normally a Certificate is used to authenticate each user See Chapter4 for detail...

Page 34: ...Both Dynamic and Static keys can be used simultaneously allowing clients using either method to use the Access Point Key Exchange This setting if only available if using Dynamic WEP Keys If you want...

Page 35: ...Authentication The current status is displayed Click the Configure button to configure this feature if required UAM The current status is displayed Click the Configure button to configure this featur...

Page 36: ...Server on your LAN and you wish the Access Point to obtain an IP address automatically Fixed If selected the following data must be entered IP Address The IP Address of this device Enter an unused IP...

Page 37: ...Setup WINS Server Name IP Address Enter the name or IP address of your WINS server 35...

Page 38: ...11b and 802 11g this is the default and will allow connec tions by both 802 11b and 802 1g wireless stations 802 11b if selected only 802 11b connections are allowed 802 11g wireless stations will onl...

Page 39: ...s Point Client Repeater act as a client or repeater for another Access Point If selected you must provide the address MAC address of the other AP in the Repeater AP MAC Address field In this mode all...

Page 40: ...This is not required unless the Bridge Mode is Point to Point Bridge PTP In this case you must enter the MAC address of the other AP in this field In PTMP mode only allow specified APs This is only f...

Page 41: ...een Select the desired option Do NOT select the 802 11g or ODFM options unless ALL of your wireless clients support this 802 11b clients will not be able to connect to the Access Point if either of th...

Page 42: ...time when used in a good environment Output Power Level Select the desired power output Higher levels will give a greater range but are also more likely to cause interference with other devices Anten...

Page 43: ...n is also more com plex Using WEP For each of the following items each Wireless Station must have the same settings as the Wireless Access Point Mode On each PC the mode must be set to Infrastructure...

Page 44: ...to Infrastructure SSID ESSID This must match the value used on the Wireless Access Point The default value is wireless Note The SSID is case sensitive Wireless Security On each client Wireless securi...

Page 45: ...r the Radius Server 802 1x Encryption Typically EAP TLS is used This is a dynamic key system so keys do NOT have to be entered on each Wireless station However you can also use a static WEP key EAP MD...

Page 46: ...default prompts ensure that DNS is installed and enabled during installa tion Services Installation 1 Select the Control Panel Add Remove Programs 2 Click Add Remove Windows Components from the left s...

Page 47: ...rver Configuration Figure 22 Components Screen 4 Click Next 5 Select the Enterprise root CA and click Next Figure 23 Certification Screen 6 Enter the information for the Certificate Authority and clic...

Page 48: ...st be stopped before continuing Click Ok then Finish DHCP server configuration 1 Click on the Start Programs Administrative Tools DHCP 2 Right click on the server entry as shown and select New Scope F...

Page 49: ...the router address for the current subnet The router address may be left blank if there is no router Click Next 10 For the Parent domain enter the domain you specified for the domain controller setup...

Page 50: ...d select New Certificate to Issue Figure 28 Certificate Authority Screen 3 Select Authenticated Session and Smartcard Logon select more than one by holding down the Ctrl key Click OK Figure 29 Templat...

Page 51: ...t the Group Policy tab choose Default Domain Policy then click Edit Figure 31 Group Policy Tab 7 Select Computer Configuration Windows Settings Security Settings Public Key Policies right click Automa...

Page 52: ...Computer then click Next Figure 33 Certificate Template Screen 10 Ensure that your certificate authority is checked then click Next 11 Review the policy change information and click Finish 12 Click St...

Page 53: ...Access Point and set the shared secret as entered on the Security Settings of the Wireless Access Point 5 Click Finish 6 Right click on Remote Access Policies select New Remote Access Policy 7 Assumi...

Page 54: ...the Authentication tab Enable Extensible Authentication Protocol and select Smart Card or other Certificate Deselect other authentication meth ods listed Click OK Figure 36 Authentication Screen 12 Se...

Page 55: ...ess Login for Users 1 Select Start Programs Administrative Tools Active Directory Users and Computers 2 Double click on the user who you want to enable 3 Select the Dial in tab and enable Allow access...

Page 56: ...You are using Windows XP You are connecting to a Windows 2000 server for authentication You already have a login User name and password on the Windows 2000 server Client Certificate Setup 1 Connect to...

Page 57: ...PC and Server Configuration Figure 39 Wireless CA Screen 5 Select User certificate request and select User Certificate the click Next Figure 40 Request Type Screen 6 Click Submit 55...

Page 58: ...gure 41 Identifying Information Screen 7 A message will be displayed then the certificate will be returned to you Click Install this certificate Figure 42 Certificate Issued Screen 8 You will receive...

Page 59: ...Connection and select Properties 3 Select the Authentication Tab and ensure that Enable network access control using IEEE 802 1X is selected and Smart Card or other Certificate is selected from the E...

Page 60: ...le encryption for a wireless network follow this procedure 1 Click on the Wireless Networks tab Figure 45 Wireless Networks Screen 2 Select the wireless network from the Available Networks list and cl...

Page 61: ...PC and Server Configuration Figure 46 Properties Screen Setup for Windows XP and 802 1x client is now complete 59...

Page 62: ...key is pro vided for me automatically Instead you must enter the WEP key manually ensuring it matches the WEP key used on the Access Point Figure 47 Properties Screen Note On some systems the 64 bit W...

Page 63: ...c However you may need to perform the following operations on a regular basis If using the Access Control feature update the Trusted PC database as required See Access Control in Chapter 3 for details...

Page 64: ...will display Enabled or Disabled Wireless Channel Frequency The Channel currently in use is displayed Wireless Mode The current mode e g 802 11g is displayed AP Mode The current Access Point mode is...

Page 65: ...ion is the process of ending an existing authentication relationship Association The number of Association packets received Association creates a connection between the AP and the client Usually clien...

Page 66: ...st packets transmitted to or received from Wireless Stations using Multicast transmission Management Number of Management packets transmitted to or received from Wireless Stations Control Number of Co...

Page 67: ...if you didn t change the name the default name is used SSID The SSID assigned to this profile Broadcast SSID Indicates whether or not the SSID is broadcast Band The Wireless band 2 4 GHz or 5 GHz use...

Page 68: ...reen Data Activity Log Data Current Time The system date and time is displayed Log The Log shows details of the connections to the Wireless Access Point Buttons Refresh Update the data on screen Save...

Page 69: ...he name is not know unknown is displayed for the name MAC Address The MAC physical address of each Wireless Station is displayed Mode The mode of each Wireless Station SSID This displays the SSID used...

Page 70: ...Auto Config Update Config File Log Settings Rogue APs SNMP Upgrade Firmware Admin Login Screen The Admin Login screen allows you to assign a password to the Wireless Access Point This password limits...

Page 71: ...rovide a port number in the field below Either HTTP or HTTPS must be enabled HTTP Port Number Enter the port number to be used for HTTP connections to this device The default value is 80 Enable HTTPS...

Page 72: ...in Connections Perform Auto Configu ration on this AP next restart If checked this AP will perform Auto Configuration the next time it restarts The wired LAN NOT the Wireless LAN will be searched for...

Page 73: ...o see if a Firmware FW upgrade is available on the specified FTP Server If enabled Enter the desired time interval in days between checks Select the desired option for installation see next item Provi...

Page 74: ...copy of cur rent settings Once you have the Access Point working properly you should back up the settings to a file on your computer You can later restore the Access Point s settings from this file if...

Page 75: ...ctory default settings click Set to Defaults button Note This will terminate the current connection The Access Point will be unavailable until it has restarted By default the Access Point will act as...

Page 76: ...used Broadcast Syslog data is broadcast Use this option if different PCs act as the Syslog server at different times Send to specified Syslog Server Select this if the same PC is always used as the Sy...

Page 77: ...e AP Detection checkbox and select the desired wireless band and time interval Scan Select the desired Wireless band to scan to Rogue APs and enter the desired time interval between each scan Detectio...

Page 78: ...nged Read Write Data can be read and setting changed Managers Any Station The IP address of the manager station is not checked Only this station The IP address is checked and must match the address yo...

Page 79: ...e following Figure 59 Firmware Upgrade Screen To perform the Firmware Upgrade 1 Click the Browse button and navigate to the location of the upgrade file 2 Select the upgrade file Its name will appear...

Page 80: ...terface Operating Channels 802 11g 13 for North America 13 for Europe ETSI 14 for Japan 802 11b 11 for North America 14 for Japan 13 for Europe ETSI Operating temperature 0 55 Storage temperature 20 7...

Page 81: ...nels Support Automatic Wireless Channel Selection Antenna selection Tx Power Adjustment Country Selection Preamble Type long or short support RTS Threshold Adjustment Fragmentation Threshold Adjustmen...

Page 82: ...Message Log Access Control list file support Configuration file Backup Restore Statistics support Device discovery program Windows Utility Other Features DHCP client WINS client Firmware Upgrade HTTP...

Page 83: ...and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help To assure conti...

Page 84: ...restart it You can use the following method to determine the IP address of the Wireless Access Point and then try to connect using the IP address in stead of the name To Find the Access Point s IP Add...

Page 85: ...C the wireless mode is set to Infrastructure If using the Access Control feature the PC s name and address is in the Trusted Stations list If using 802 1x mode ensure the PC s 802 1x software is confi...

Page 86: ...need to change the TCP IP of each PC Just configure the Wireless Access Point to match your existing LAN The following sections provide details about checking the TCP IP settings for various types of...

Page 87: ...P Address automatically This is the default Windows settings To work correctly you need a DHCP server on your LAN Using Specify an IP Address If your PC is already configured for a fixed specified IP...

Page 88: ...tings Windows NT4 0 1 Select Control Panel Network and on the Protocols tab select the TCP IP protocol as shown below Figure 63 Windows NT4 0 TCP IP 2 Click the Properties button to see a screen like...

Page 89: ...ddress from a DHCP Server This is the default Windows setting This is the default Windows settings To work correctly you need a DHCP server on your LAN Using Specify an IP Address If your PC is alread...

Page 90: ...2 Right click the Local Area Connection icon and select Properties You should see a screen like the following Figure 65 Network Configuration Win 2000 3 Select the TCP IP protocol for your network ca...

Page 91: ...ws setting This is the default Windows settings To work correctly you need a DHCP server on your LAN Using a fixed IP Address Use the following IP Address If your PC is already configured for a fixed...

Page 92: ...ht click the Local Area Connection and choose Properties You should see a screen like the following Figure 67 Network Configuration Windows XP 3 Select the TCP IP protocol for your network card 4 Clic...

Page 93: ...the default Windows setting To work correctly you need a DHCP server on your LAN Using a fixed IP Address Use the following IP Address If your PC is already configured for a fixed specified IP addres...

Page 94: ...ss Stations can then access all LAN resources Access Points can only function in Infrastructure mode and can communicate only with Wireless Stations which are set to Infrastructure mode SSID ESSID BSS...

Page 95: ...hould be set to use the same Channel However most Wireless stations will still scan all Channels to see if there is an existing Ad hoc group they can join WEP WEP Wired Equivalent Privacy is a standar...

Page 96: ...h stronger than WEP encryption If this option is used The Access Point must have a client login on the Radius Server Each user must have a user login on the Radius Server Each user s wireless client m...

Page 97: ...e admin for the User Name and password for the Password 3 Once connected you can use any of the commands listed in the following Command Reference Using the CLI Serial Port 1 Use a standard serial por...

Page 98: ...rd 6 You will then see the prompt and can then use any of the commands listed in the follow ing Command Reference Command Reference The following commands are available Display CLI Command List admin...

Page 99: ...isplay Burst Time get calibration Display Noise And Offset Calibration Mode get cckTrigHigh Display Higher Trigger Threshold for CCK Phy Errors for ANI Control get cckTrigLow Display Lower Trigger Thr...

Page 100: ...ption Keys get login Display Login User Name get minimumrate Display Minimum Rate get nameaddr Display IP address of name server get nf Display Noise Floor get noiseImmunityLvl Display ANI Parameter f...

Page 101: ...splay Station Status get SuperG Display SuperG Feature Status get systemname Display Access Point System Name get telnet Display Telnet Mode get timeout Display Telnet Timeout get tzone Display Time Z...

Page 102: ...te Display Auto Update Enable Disable get autoUpgradeOnly Display Install later version only Enable Disable get autoUpdateInterval Display Auto Update Interval 1 31days get ftpServer Display FTP Serve...

Page 103: ...play Trap Receiver IP get wdsMacList Display WDS Mac Address List get enableWirelessClient Display Wireless Client Enable Disable get isolationType Display Isolation Type get winsEnable Display WINS S...

Page 104: ...rst Time set calibration Set Calibration Period set cckTrigHigh Set Higher Trigger Threshold for CCK Phy Errors For ANI Control set cckTrigLow Set Lower Trigger Threshold for CCK Phy Errors For ANI Co...

Page 105: ...rate Set Minimum Rate set nameaddress Set Name Server IP address set noiseImmunityLvl Set ANI Parameter for Noise Immunity Level set ofdmTrigHigh Set Higher Trigger Threshold for OFDM Phy Errors for A...

Page 106: ...ess set softwareretry Set Software Retry set spurImmunityLvl Set ANI Parameter for Spur Immunity Level set ssid Set Service Set ID set ssidsuppress Set SSID Suppress Mode set SuperG Super G Features s...

Page 107: ...t Enable Disable set autoChangeName Set provide admin login name and password Enable Disable set autoSetResp Set Provide respond to Auto Config request Enable Disable set autoUpdate Set Auto Update En...

Page 108: ...tation Address set trapMode Set Trap Mode set trapVersion Set Trap Version set trapSendMode Set Trap Send Mode set trapRecvIp Set Trap Receiver IP set description Set Access Point Description set dhcp...

Search results

Summary of Contents for RB-100g

Reviews:

Related manuals for RB-100g

Brands by name

Popular brands

RayTalk RB-100g, User Manual

Search results

Summary of Contents for RB-100g

Reviews:

Related manuals for RB-100g

Brands by name

Popular brands