manualshive.com logo in svg

ZyXEL Communications nwa series, User Manual

Share
Download
ZyXEL Communications nwa series User Manual Download Page 166

Chapter 13 AP Profile

NWA/WAC/WAX Series User’s Guide

166

The following table describes the labels in this screen.

Table 65   Configuration > Object > AP Profile > SSID > Security List > Add/Edit Security Profile> Security 

Mode: wpa2

LABEL

DESCRIPTION

General Settings

Profile Name

Enter up to 31 alphanumeric characters for the profile name. This name is only visible in 
the Web Configurator and is only for management purposes. Spaces and underscores 
are allowed.

Security Mode

Select a security mode from the list: 

none

enhanced-open

wep

wpa2

wpa2-mix

 or 

wpa3

.

enhanced-open

 uses Opportunistic Wireless Encryption (OWE) which encrypts the 

wireless connection when possible.

Authentication Settings

Enterprise

Select this to enable 802.1X secure authentication with a RADIUS server.

ReAuthentication 

Timer

Enter the interval (in seconds) between authentication requests. Enter a 0 for unlimited 
time.

Personal

This field is available when you select the 

wpa2

wpa2-mix 

or 

wpa3

 security mode.

Select this option to use a Pre-Shared Key (PSK) with WPA2 encryption or Simultaneous 
Authentication of Equals (SAE) with WPA3 encryption.

Pre-Shared Key

Enter a pre-shared key of between 8 and 63 case-sensitive ASCII characters (including 
spaces and symbols) or 64 hexadecimal characters.

Advance

Note: Click on the 

Show Advanced Settings

 button to show the fields describe below.

Cipher Type

Select an encryption cipher type from the list.

auto

 - This automatically chooses the best available cipher based on the cipher in 

use by the WiFi client that is attempting to make a connection.

aes

 - This is the Advanced Encryption Standard encryption method. It is a more 

recent development over TKIP and considerably more robust. Not all WiFi clients may 

support this.

Idle timeout

Enter the idle interval (in seconds) that a client can be idle before authentication is 
discontinued.

Group Key Update 
Timer

Enter the interval (in seconds) at which the AP updates the group WPA2 encryption key.

Management Frame 
Protection

This field is configurable only when you select 

wpa2

 in the 

Security Mode

 field and set 

Cipher Type

 to 

aes

.

Data frames in 802.11 WLANs can be encrypted and authenticated with WEP, WPA or 
WPA2. But 802.11 management frames, such as beacon/probe response, association 
request, association response, de-authentication and disassociation are always 
unauthenticated and unencrypted. IEEE 802.11w Protected Management Frames allows 
APs to use the existing security mechanisms (encryption and authentication methods 
defined in IEEE 802.11i WPA/WPA2) to protect management frames. This helps prevent 
wireless DoS attacks.

Select the check box to enable management frame protection (MFP) to add security to 
802.11 management frames. This option is always enabled if you select 

enhanced-open 

or 

WPA3 

as the

 Security Mode.

If 

Optional

 is selected, WiFi clients will not be not required to support MFP. Management 

frames will be encrypted if the clients support MFP.

If 

Required

 is selected, WiFi clients must support MFP in order to join the Zyxel Device’s 

WiFi network.

Radius Settings

Summary of Contents for nwa series

Page 1: ...A WAC WAX Series 802 11 a b g n ac ax Access Point Copyright 2022 Zyxel and or its affiliates All rights reserved Management IP Address http DHCP assigned IP OR http 192 168 1 2 User Name admin Passwo...

Page 2: ...nce Guide explains how to use the Command Line Interface CLI and CLI commands to configure the Zyxel Device Note It is recommended you use the Web Configurator to configure the Zyxel Device Web Config...

Page 3: ...ferred to as the Zyxel Device in this guide Product labels screen names field labels and field choices are all in bold font A right angle bracket within a screen name denotes a mouse click For example...

Page 4: ...ard 76 Setup Wizard 82 Monitor 89 Network 104 Wireless 117 Bluetooth 134 User 137 AP Profile 144 MON Profile 177 WDS Profile 180 Certificates 182 System 198 Log and Report 220 File Manager 232 Diagnos...

Page 5: ...iple Radio and BandFlex 28 Chapter 2 AP Management 30 2 1 Management Mode 30 2 1 1 Standalone 30 2 1 2 Nebula Control Center 31 2 1 3 AP Controller AC 32 2 2 Switching Management Modes 33 2 3 Zyxel On...

Page 6: ...b Configurator 61 4 3 Navigating the Web Configurator 64 4 3 1 Title Bar 65 4 3 2 Navigation Panel 66 4 3 3 Standalone Mode Navigation Panel Menus 67 4 3 4 Cloud Mode Navigation Panel Menus 69 4 3 5 T...

Page 7: ...etwork 104 9 1 Overview 104 9 1 1 AP Controller Management 104 9 1 2 What You Can Do in this Chapter 106 9 2 IP Setting 107 9 3 VLAN 108 9 4 Storm Control 113 9 5 AC AP Controller Discovery 113 9 6 NC...

Page 8: ...1 What You Can Do in this Chapter 144 13 1 2 What You Need To Know 144 13 2 Radio 147 13 2 1 Add Edit Radio Profile 148 13 3 SSID 155 13 3 1 SSID List 155 13 3 2 Add Edit SSID Profile 156 13 4 Securi...

Page 9: ...ter 17 System 198 17 1 Overview 198 17 1 1 What You Can Do in this Chapter 198 17 2 Host Name 198 17 3 Power Mode 199 17 4 Date and Time 200 17 4 1 Pre defined NTP Time Servers List 202 17 4 2 Time Se...

Page 10: ...t You Can Do in this Chapter 232 19 1 2 What you Need to Know 232 19 2 Configuration File 233 19 2 1 Example of Configuration File Download Using FTP 237 19 3 Firmware Package 238 19 3 1 Example of Fi...

Page 11: ...253 Chapter 25 Cloud Mode 254 25 1 Overview 254 25 2 Cloud Mode Web Configurator Screens 254 25 3 Dashboard 255 Chapter 26 Network 257 26 1 Overview 257 26 1 1 What You Can Do in this Chapter 257 26 2...

Page 12: ...67 28 3 Zyxel Device Management Access and Login 268 28 4 Internet Access 272 28 5 WiFi Network 273 28 6 Resetting the Zyxel Device 275 28 7 Getting More Troubleshooting Help 275 Appendix A Importing...

Page 13: ...ent see Section 2 1 on page 30 When two or more APs are interconnected this network is called a Wireless Distribution System WDS See Section 1 3 2 on page 24 for more information on root and repeater...

Page 14: ...rted Channel Width 2 4G 20 40 MHz 5G 20 40 80 MHz 2 4G 20 40 MHz 5G 20 40 80 MHz 2 4G 20 40 MHz 5G 20 40 80 MHz 2 4G 20 40 MHz 5G 20 40 80 MHz 2 4G 20 40 MHz 5G 20 40 80 MHz 2 4G 20 40 MHz 5G 20 40 80...

Page 15: ...o No No No No Yes No NCC Discovery Yes Yes Yes Yes No Yes No 802 11r Fast Roaming Support Yes Yes Yes Yes Yes Yes Yes 802 11k v Assisted Roaming Yes Yes Yes Yes Yes Yes Yes Bluetooth Low Energy BLE No...

Page 16: ...en WEP WPA2 MIX WPA3 Personal Enterprise None Enhanced open WEP WPA2 MIX WPA3 Personal Enterprise None WEP WPA2 MIX Personal Enterprise Number of SSID Profiles 64 64 64 Number of WiFi Radios 2 2 2 Mon...

Page 17: ...Standards IEEE 802 11a IEEE 802 11b IEEE 802 11g IEEE 802 11n IEEE 802 11ac IEEE 802 11a IEEE 802 11b IEEE 802 11g IEEE 802 11n IEEE 802 11ac IEEE 802 11a IEEE 802 11b IEEE 802 11g IEEE 802 11n IEEE...

Page 18: ...No No Yes No Internal Antennas Yes Yes No Yes Antenna Switch Yes per radio physical switch No No No Smart Antenna No Yes Yes Yes Console Port 4 Pin Serial 4 Pin Serial RJ 45 serial RJ 45 serial LED Lo...

Page 19: ...5G 20 40 80 160 MHz 2 4G 20 40 MHz 5G 20 40 80 160 MHz 2 4G 20 40 MHz 5G 20 40 80 MHz NWA210AX supports 160 MHz Available Security Modes None Enhanced open WEP WPA2 MIX WPA3 Personal Enterprise None E...

Page 20: ...logs Table 5 WiFi 6E Models Comparison Table FEATURES WAX620D 6E WAX640S 6E NWA220AX 6E Supported WiFi Standards IEEE 802 11a IEEE 802 11b IEEE 802 11g IEEE 802 11n IEEE 802 11ac IEEE 802 11ax IEEE 8...

Page 21: ...Internal Antennas Yes Yes Yes Antenna Switch Yes per AP No No Smart Antenna No Yes No Console Port 4 Pin Serial 4 Pin Serial 4 Pin Serial LED Locator Yes Yes Yes LED Suppression Yes Yes Yes AC AP Cont...

Page 22: ...s bridge that connects to a root AP and extends the network to wired client devices If a client D tries to set up his own AP R with weak security settings the network becomes exposed to threats The RF...

Page 23: ...eless bridge can connect two wired networks through a wireless connection The root AP X is connected to a network with Internet access The wireless repeater Y is connected to the root AP X to expand t...

Page 24: ...2 on page 118 and Section 15 2 on page 180 for more details Unless specified the term security settings refers to the traffic between the WiFi clients and the AP At the time of writing repeater secur...

Page 25: ...for hardware connections 1 Go to Configuration Object WDS Profile in your root AP Web Configurator and click Add 2 Enter a profile name a WDS SSID and a pre shared key 3 Go to Configuration Wireless...

Page 26: ...e of WiFi channels that you specify in a MON Profile either in the 2 4 GHz or 5 GHz band To scan both bands you need to set both radio 1 and radio 2 in MON Mode Once a rogue AP is detected the network...

Page 27: ...Device 1 4 1 MBSSID A Basic Service Set BSS is the set of devices forming a single WiFi network usually an access point and one or more WiFi clients The Service Set IDentifier SSID is the name of a B...

Page 28: ...st radio is always set to use the 2 4 GHz band The 6 GHz band provides less coverage but has the highest amount of channels among the three frequency bands Use the 6 GHz band for the most congestion f...

Page 29: ...Chapter 1 Introduction NWA WAC WAX Series User s Guide 29 Figure 6 Dual Radio Application Figure 7 Triple Radio Application...

Page 30: ...respectively When the Zyxel Device is managed by the NCC or an AC it acts as a DHCP client and obtains an IP address from the NCC AC It can be configured ONLY by the NCC AC To change the Zyxel Device...

Page 31: ...Your network can also be managed through your smartphone using the Nebula Mobile app See Section on page 254 for an example NCC managed network topology NCC allows different levels of management You...

Page 32: ...ce can connect to and sync with the NCC 2 1 3 AP Controller AC If the Zyxel Device supports management using an AC see Section 9 1 1 on page 104 such as the ZyWALL ATP ZyWALL VPN USG FLEX and the NXC...

Page 33: ...in a different subnet Make sure AC Discovery is enabled see Section 9 5 on page 113 The AC manages the Zyxel Device automatically when it is discovered AC to NCC Register the Zyxel Device at the NCC...

Page 34: ...he ZON Utility on your PC please make sure it meets the requirements listed below Operating System At the time of writing the ZON Utility is compatible with Windows 7 both 32 bit 64 bit versions Windo...

Page 35: ...w information about ZON icon in the upper right hand corner of the screen Then select the Supported model and firmware version link If your device is not listed here see the device release notes for Z...

Page 36: ...vices in your network Figure 12 Discovery 5 The ZON Utility screen shows the devices discovered Figure 13 ZON Utility Screen 6 Select a device and then use the icons to perform actions Some functions...

Page 37: ...Password Use this icon to change the admin password of the selected device You must know the current admin password before changing to a new one 9 Configure Controller Discovery and NCC Discovery The...

Page 38: ...nterface on the discovered device that first received an ZDP discovery request from the ZON utility System Name This field displays the system name of the discovered device Location This field display...

Page 39: ...FTP This protocol can be used for firmware upgrades and configuration backup and restore Simple Network Management Protocol SNMP The Zyxel Device can be monitored by an SNMP manager See the SNMP chapt...

Page 40: ...service personnel has attached an appropriate ground lug to the ground cable 1 Remove one of the ground screws from the Zyxel Device s rear panel 2 Secure a green yellow ground cable 18 AWG or smalle...

Page 41: ...Section 1 2 on page 14 to check which models support these features Refer to Chapter 21 on page 246 for the LED Suppression and Locator menus in standalone mode The following models have single LEDs...

Page 42: ...ting to the NCC Green Amber Blinks between amber and green alternately 3 times and then turns solid green for 3 seconds The Zyxel Device is discovering the NCC Green Green On The Zyxel Device is ready...

Page 43: ...e is undergoing firmware upgrade Table 10 NWA1123 ACv2 LED continued COLOR STATUS DESCRIPTION Table 11 WAC6303D S NWA1123 AC HD and NWA5123 AC HD LED COLOR STATUS DESCRIPTION Amber Blinks between ambe...

Page 44: ...vice s wireless interface is activated but there are no WiFi clients connected when it is in limited power mode see Table 28 on page 76 Note The color of the white LED may have slight differences for...

Page 45: ...s solid green for 3 seconds The Zyxel Device is discovering an AC Green Amber Blinks between amber and green alternately 2 times and then turns solid green for 3 seconds The Zyxel Device is managed by...

Page 46: ...Acv3 NWA110AX NWA210AX WAX510D WAX610D WAX630S and WAX650S LED Red Steady On The Zyxel Device failed to boot up or is experiencing system failure Slow Blinking Blink for 3 times Off for 3s The Uplink...

Page 47: ...een alternately 3 times and then turns solid green for 3 seconds The Zyxel Device is discovering the NCC or an AC Green Amber Blinks between amber and green alternately 2 times and then turns solid gr...

Page 48: ...ull power mode see Table 28 on page 76 White Slow Blinking On for 100ms per second Locator LED is on It switches off automatically after the configured amount of time 1 60 min Default duration is 10 m...

Page 49: ...D 6E LED Figure 22 WAX640S 6E LED The following are the LED descriptions for your NWA220AX 6E WAX620D 6E and WAX640S 6E Table 14 NWA220AX 6E WAX620D 6E and WAX640S 6E LED COLOR STATUS DESCRIPTION Ambe...

Page 50: ...power mode see Table 28 on page 76 the Zyxel Device s wireless interface is activated and or WiFi clients are connected to the Zyxel Device Note WiFi networks turn off automatically when NWA220AX 6E...

Page 51: ...which allows you to see the actual location of the Zyxel Device among several devices in the network See Section 1 2 on page 14 to check which models support these features Refer to Chapter 21 on page...

Page 52: ...d green alternately 1 second interval The Zyxel Device is searching for discovering the NCC Green Amber Blinks between amber and green alternately 3 times and then turns solid green for 3 seconds The...

Page 53: ...able 15 NWA1123 AC PRO LEDs continued LED COLOR STATUS DESCRIPTION Table 16 NWA1302 AC LEDs LED COLOR STATUS DESCRIPTION PWR SYS Amber Blinks between amber and green alternately 1 second interval The...

Page 54: ...f The Zyxel Device is in standalone mode UPLINK Amber On The port is operating as a 10 100 Mbps connection Blinking The Zyxel Device is sending receiving data through the port at 10 100 Mbps Green On...

Page 55: ...to the NCC or to an AC Green Green On The Zyxel Device is ready for use Slow Blinking On for 1s Off for 1ss The wireless module of the Zyxel Device is disabled or failed Red On There is system error a...

Page 56: ...ctive Off The 2 4 GHz WLAN is not active WLAN Green On The 5 GHz WLAN is active Off The 5 GHz WLAN is not active UPLINK Amber On The port is operating as a 100 Mbps connection Blinking The Zyxel Devic...

Page 57: ...l The Zyxel Device is booting up Green Green On The Zyxel Device is ready for use Slow Blinking On for 1s Off for 1s The wireless module of the Zyxel Device is disabled or failed Red On There is syste...

Page 58: ...to Ceiling and is active Amber On The 2 4 GHz radio is set to Wall and is active Off The 2 4 GHz WLAN is not active WLAN Green On The 5 GHz radio is set to Ceiling and is active Amber On The 5 GHz ra...

Page 59: ...is system error and the Zyxel Device cannot boot up or the Zyxel Device suffered a system failure Fast Blinking On for 50ms Off for 50ms The Zyxel Device is doing firmware upgrade Slow Blinking Blink...

Page 60: ...he port is not connected WLAN Green On The 2 4 GHz WLAN is active Off The 2 4 GHz WLAN is not active WLAN Green On The 5 GHz WLAN is active Off The 5 GHz WLAN is not active LAN Amber On The port is op...

Page 61: ...t enabled by default Java permissions enabled by default 4 2 Accessing the Web Configurator 1 Make sure your Zyxel Device hardware is properly connected and your computer is connected to the Zyxel Dev...

Page 62: ...using the Zyxel Nebula Control Center NCC or access the link to the NCC as shown in the following figure Otherwise continue with the next step The NCC is a cloud based network management system that a...

Page 63: ...s current password 5 Select the language you prefer for the Web Configurator Click Login 6 The wizard screen opens when the Zyxel Device is accessed for the first time or when you reset the Zyxel Dev...

Page 64: ...ult user account this screen does not appear anymore 4 3 Navigating the Web Configurator The following summarizes how to navigate the Web Configurator from the Dashboard screen The following figures s...

Page 65: ...rview of links to the Web Configurator screens Click a screen s link to go to that screen A B C Table 20 Title Bar Web Configurator Icons LABEL DESCRIPTION Wizard Click this to open the wizard See Cha...

Page 66: ...o remove the currently displayed information Note See the Command Reference Guide for information about the commands 4 3 2 Navigation Panel Use the menu items on the navigation panel to open screens t...

Page 67: ...r needs For details on the Dashboard s features see Chapter 6 on page 76 Monitor Menu The monitor menu screens display status and statistics information Table 21 Monitor Menu Screens Summary FOLDER OR...

Page 68: ...or user sessions and rules to force user authentication AP Profile Radio Create and manage WiFi radio settings files that can be associated with different APs SSID Create and manage WiFi SSID security...

Page 69: ...FUNCTION File Manager Configuration File Manage and upload configuration files for the Zyxel Device Firmware Package View the current firmware version and to upload firmware Shell Script Manage and r...

Page 70: ...w to display the entries The options available vary depending on the type of fields in the column Here are some examples of what you can do Sort in ascending alphabetical order Sort in descending reve...

Page 71: ...e column 4 Select a column heading and drag and drop it to change the column order A green check mark displays next to the column s title when you drag the column to a valid new location 5 Use the ico...

Page 72: ...like the firewall for example you can select an entry and click Add to create a new entry after the selected entry Edit Double click an entry or select it and click Edit to open a screen where you ca...

Page 73: ...73 PART I Standalone Configuration...

Page 74: ...e shutdown command before you turn off the Zyxel Device or remove the power Not doing so can cause the firmware to become corrupt Table 27 Starting and Stopping the Zyxel Device METHOD DESCRIPTION Tur...

Page 75: ...me models do not have a RESET button due to feature differences Clicking Maintenance Shutdown Shutdown or using the shutdown command Clicking Maintenance Shutdown Shutdown or using the shutdown comman...

Page 76: ...es the labels in this screen Table 28 Dashboard LABEL DESCRIPTION Widget Settings A Use this link to re open closed widgets Widgets that are already open appear grayed out Refresh Time Setting B Set t...

Page 77: ...xel Device s onboard flash memory is currently being used Ethernet Neighbor Local Port Description This field displays the port of the Zyxel Device on which the neighboring device is discovered Model...

Page 78: ...evice s power status Full the Zyxel Device receives power using a power adapter and or through a PoE switch injector using IEEE 802 3at PoE plus or IEEE 802 3bt WAX650S only at the time of writing Lim...

Page 79: ...ummary If an Ethernet interface does not have any physical ports associated with it its entry is displayed in light gray text Click the Detail icon to go to a more detailed summary screen of interface...

Page 80: ...s indicates the channel number the radio is using Antenna This indicates the antenna orientation for the radio Wall or Ceiling This field is not available if the Zyxel Device does not allow you to adj...

Page 81: ...The y axis represents the percentage of CPU usage time The x axis shows the time period over which the CPU usage occurred Refresh Interval Enter how often you want this window to be automatically upda...

Page 82: ...the country where the Zyxel Device is located Note The Country field is not available and you cannot change the country code if the Zyxel Device products comply with the U S laws policies and regulat...

Page 83: ...ed You then need to check the router for the IP address assigned to the Zyxel Device in order to access the Zyxel Device s Web Configurator again Otherwise select Static IP when the Zyxel Device is NO...

Page 84: ...ord fields your current password will not be changed Figure 44 Wizard Change Password and Uplink Connection 7 2 3 Step 3 SSID Use this screen to enable disable or edit an SSID profile Select an SSID p...

Page 85: ...i clients 6 GHz is the frequency used by IEEE 802 11ax WiFi clients Security Type Select WPA2 or WPA3 to add security on this WiFi network Otherwise select OPEN or Enhanced Open to allow any WiFi clie...

Page 86: ...least interference Otherwise select Manual and specify a channel the Zyxel Device will use in the 2 4 GHz or 5 GHz wireless LAN The options vary depending on the frequency band and the country you ar...

Page 87: ...g message will display when you select 6G Click OK to return to the previous page Figure 49 Wizard Invalid Band Warning Message 7 2 5 Summary Use this screen to check whether what you have configured...

Page 88: ...Chapter 7 Setup Wizard NWA WAC WAX Series User s Guide 88 Figure 50 Wizard Summary...

Page 89: ...he Detected Device screen Section 8 7 on page 98 displays information about suspected rogue APs The View Log screen Section 8 8 on page 101 displays the Zyxel Device s current log messages You can cha...

Page 90: ...ays the current status of each physical port on the Zyxel Device Down The port is not connected Speed Duplex The port is connected This field displays the port speed and duplex setting Full or Half VI...

Page 91: ...number of packets transmitted from the Zyxel Device on the physical port since it was last connected RxPkts This field displays the number of packets received by the Zyxel Device on the physical port...

Page 92: ...lick this to update the information in the window right away Port Usage Port Selection Select the Ethernet port for which you want to view the packet statistics Switch to Grid View Click this to displ...

Page 93: ...cing is disabled or the radio is in monitor mode MAC Address This displays the MAC address of the radio Radio This indicates the radio number on the Zyxel Device to which it belongs OP Mode This indic...

Page 94: ...click the More Information button in the Radio List screen Upload This displays the total number of packets received by the radio Download This displays the total number of packets transmitted by the...

Page 95: ...s the labels in this screen Table 34 Monitor Wireless AP Information Radio List More Information LABEL DESCRIPTION SSID Detail This list shows information about all the WiFi clients that have connecte...

Page 96: ...esents the amount of time over which the data moved across this radio Station Count This graph displays the connected station information of the radio over the preceding 24 hours Stations The y axis r...

Page 97: ...me of the WiFi network to which the station is connected A single AP can have multiple SSIDs or networks Security Mode This indicates which secure encryption methods is being used by the station to co...

Page 98: ...cted to a root AP directly or via another repeater the uplink information is displayed When the Zyxel Device is in repeater mode and connected to a root AP and other repeater s both the uplink and dow...

Page 99: ...Chapter 8 Monitor NWA WAC WAX Series User s Guide 99 Figure 58 Monitor Wireless Detected Device for Zyxel Device that supports Monitor mode...

Page 100: ...el Device Detect Now Click this button for the Zyxel Device to scan for APs in the network Detected Device Mark as Rogue AP Click this button to mark the selected AP as a rogue AP For more on managing...

Page 101: ...ck a column s heading cell to sort the table entries by that column s criteria Click the heading cell again to reverse the sort order The Web Configurator saves the filter settings once you click Sear...

Page 102: ...Source Address This displays when you show the filter Type the source IP address of the incoming packet that generated the log message Do not include the port in this filter Destination Address This d...

Page 103: ...rated the log message It is the same value used in the Display and other Category fields Message This field displays the reason the log message was generated The text count x where x is a number appea...

Page 104: ...and the managed IP address of the Zyxel Device is 192 168 1 2 default but if the Zyxel Device is assigned an IP address by a DHCP server the default 192 168 1 2 will not be used The gateway and the Z...

Page 105: ...Points list and you decide which available APs to manage If the AC is in Always Accept mode it automatically adds the Zyxel Device to its Managed Access Points list and provides the managed Zyxel Devi...

Page 106: ...owing figure Figure 63 CAPWAP and DHCP Option 138 Notes on AC Management This section lists some additional features of Zyxel s implementation of the CAPWAP protocol When the AC uses its internal Remo...

Page 107: ...erface a DHCP client and automatically get the IP address subnet mask and gateway address from a DHCP server Use Fixed IP Address Select this if you want to specify the IP address subnet mask and gate...

Page 108: ...y using colon hexadecimal notation Metric Enter the priority of the gateway if any on the LAN interface The Zyxel Device decides which gateway to use based on this priority The lower the number the hi...

Page 109: ...broadcast packets go to each and every individual port With VLAN all broadcasts are confined to a specific broadcast domain Wireless Bridge VLAN ID Wireless bridge VLAN allows you to have clients in...

Page 110: ...to identify the VLAN membership of a frame across bridges A VLAN tag includes the 12 bit VLAN ID and 3 bit user priority The VLAN ID associates a frame with a specific VLAN and provides the informatio...

Page 111: ...l Device and not one assigned to it from outside the network LAN Setting Port Setting Edit Double click an entry or select it and click Edit to open a screen where you can modify the entry s settings...

Page 112: ...displays the name of each VLAN VID This field displays the VLAN ID Note The VLAN ID you set here will be added as an entry in the Wireless Bridge VLAN Settings table Member This field displays the VLA...

Page 113: ...by an AC on your network When you do this the Zyxel Device can be configured ONLY by the AC See Section 9 1 1 on page 104 for more information on AC management Apply Click Apply to save your changes...

Page 114: ...cast to get the AC s IP address If the Zyxel Device and a Zyxel AC such as a ZyWALL ATP are in the same subnet it will be managed by the controller automatically Manual Select this option and enter th...

Page 115: ...er NCC Nebula Control Center Discovery Setting Enable Select this option to turn on NCC discovery on the Zyxel Device The Zyxel Device will try to discover the NCC and go into NCC management mode when...

Page 116: ...AC WAX Series User s Guide 116 Apply Click Apply to save your changes back to the Zyxel Device Reset Click Reset to return the screen to its last saved settings Table 43 Configuration Network NCC Disc...

Page 117: ...teract with other devices such as the printer or with the Internet Your Zyxel Device is the AP 10 1 1 What You Can Do in this Chapter The AP Management screen Section 10 2 on page 118 allows you to ma...

Page 118: ...re that allows an AP to automatically select the radio channel which it broadcasts For more information see Section 10 6 on page 131 Load Balancing Wireless Wireless load balancing is the process wher...

Page 119: ...Chapter 10 Wireless NWA WAC WAX Series User s Guide 119 Figure 73 Configuration Wireless AP Management...

Page 120: ...Chapter 10 Wireless NWA WAC WAX Series User s Guide 120 Figure 74 Configuration Wireless AP Management for Zyxel Device with multiple Ethernet ports in Repeater mode...

Page 121: ...tors the broadcast area for other APs then passes their information on to the Zyxel Device where it can be determined if those APs are friendly or rogue If a radio is set to this mode it cannot receiv...

Page 122: ...ry in the table Remove Select an entry and click this to remove the selected entry This field is a sequential value It is not associated with any VLAN ID Wireless Bridge Vlan ID Enter a VLAN ID for th...

Page 123: ...rofile to radio 2 Otherwise the second radio will not be working Radio 2 WDS Profile This field is available only when the radio is in Root AP or Repeater mode Select the WDS profile the radio uses to...

Page 124: ...the Zyxel Device in this field If there is a high density of APs in an area decrease the output power of the Zyxel Device to reduce interference with other APs Note Reducing the output power also redu...

Page 125: ...lists show MAC addresses in txt file format separated by line breaks Rogue AP Detection This feature allows the Zyxel Device to monitor the WiFi signals for other wireless APs see also Section 1 3 3...

Page 126: ...ss NWA WAC WAX Series User s Guide 126 Figure 77 Configuration Wireless Rogue AP for Zyxel Devices that support Monitor mode Figure 78 Configuration Wireless Rogue AP for Zyxel Devices that support Ro...

Page 127: ...Click this button to add an AP to the list and assign it either friendly or rogue status Edit Select an AP in the list to edit and reassign its status Remove Select an AP in the list to remove This fi...

Page 128: ...Configuration Wireless Rogue AP Add Edit Rogue Friendly AP List LABEL DESCRIPTION MAC Enter the MAC address of the AP you want to add to the list A MAC address is a unique hardware identifier in the...

Page 129: ...s allows the station to automatically attempt to connect to another less burdened AP if one is available Max Station Number Enter the threshold number of stations at which the Zyxel Device begins load...

Page 130: ...d the bandwidth or the laptop is picked up by a different AP with bandwidth to spare Figure 81 Delaying a Connection The second response your AP can take is to disassociate with clients that are pushi...

Page 131: ...r must open his AP configuration options and manually change the channel to one that no other AP is using or at least a channel that has a lower level of interference in order to give the connected st...

Page 132: ...llowing four channels 1 4 7 and 11 While they are situated sufficiently close to both each other and the three so called safe channels 1 6 and 11 that interference becomes inevitable the severity of i...

Page 133: ...limits the number of devices allowed to connect to your AP But any new connections will be just rejected when the AP is overloaded Load balancing by traffic level limits the number of connections to t...

Page 134: ...rsally Unique Identifier UUID major number and minor number These packets also contain a TX transmit power measured at a reference point which is used to approximate a device s distance from the beaco...

Page 135: ...ckets Table 49 Configuration Bluetooth Advertising Settings LABEL DESCRIPTION Edit Click this to edit the selected entry Activate To turn on an entry select it and click Activate Inactivate To turn of...

Page 136: ...mal digits in the range of A F a f and 0 9 split into five groups separated by hyphens The UUID format is as follows xxxxxxxx xxxx xxxx xxxx xxxxxxxxxxxx 8 4 4 4 12 Generate new UUID Click this button...

Page 137: ...this chapter User Account A user account defines the privileges of a user logged into the Zyxel Device User accounts are used in controlling access to configuration and services in the Zyxel Device Us...

Page 138: ...ble click an entry or select it and click Edit to open a screen where you can modify the entry s settings Remove To remove an entry select it and click Remove The Zyxel Device confirms you want to rem...

Page 139: ...53 Configuration User User Add Edit A User LABEL DESCRIPTION User Name Type the user name for this user account You may use 1 31 alphanumeric characters underscores _ or dashes but the first characte...

Page 140: ...user has to renew the current session before the user is logged out You can specify 1 to 1440 minutes You can enter 0 to make the number of minutes unlimited Admin users renew the session every time t...

Page 141: ...ck an entry or select it and click Edit to open a screen where you can modify the entry s settings This field is a sequential value and it is not associated with a specific entry User Type These are t...

Page 142: ...ote This does not affect the existing accounts User Logon Settings Limit the number of simultaneous logons for administration account Select this check box if you want to set a limit on the number of...

Page 143: ...40 minutes You can enter 0 to make the number of minutes unlimited Admin users renew the session every time the main screen refreshes in the Web Configurator Access users can renew the session by clic...

Page 144: ...dio on a single AP can broadcast up to 8 SSIDs You can have a maximum of 64 SSID profiles on the Zyxel Device Security This profile type defines the security settings used by a single SSID It controls...

Page 145: ...rnal RADIUS server for authentication Authentication of user identity is required to connect to the WiFi network IEEE 802 1X The IEEE 802 1X standard outlines enhanced security methods for both the au...

Page 146: ...et Wake Time The AP negotiates with client devices so client devices only wakes up and communicates with the AP in specific periods This conserves client devices battery life WiFi 6E IEEE 802 11ax Ext...

Page 147: ...de information of the 6 GHz band in management frames sent over the 2 4 GHz 5 GHz bands WiFi 6E clients only need to scan the lower bands 2 4 GHz 5 GHz to connect to the AP in the 6 GHz band reducing...

Page 148: ...o turn on an entry select it and click Activate Inactivate To turn off an entry select it and click Inactivate Object Reference Click this to view which other objects are linked to the selected radio...

Page 149: ...Chapter 13 AP Profile NWA WAC WAX Series User s Guide 149 Figure 94 Configuration Object AP Profile Radio Add Edit...

Page 150: ...allows both IEEE802 11n and IEEE802 11a compliant WLAN devices to associate with the Zyxel Device 11ac allows IEEE802 11n IEEE802 11a and IEEE802 11ac compliant WLAN devices to associate with the Zyx...

Page 151: ...e Zyxel Device switches between Note The method is automatically set to auto when no channel is selected or any one of the previously selected channels is not supported Channel ID This field is availa...

Page 152: ...option to have the Zyxel Device survey the other APs within its broadcast radius at the end of the specified time interval DCS Time Interval This field is available when you set Channel Selection to...

Page 153: ...ou enter here Set the RTS CTS equal to or higher than the fragmentation threshold to turn RTS CTS off Beacon Interval When a wirelessly networked device sends a beacon it includes with it a beacon int...

Page 154: ...set to 5G and Channel Selection is set to DCS Enable this to temporarily blacklist the wireless channels in the Dynamic Frequency Selection DFS range whenever a radar signal is detected by the Zyxel...

Page 155: ...een click Configuration Object AP Profile SSID SSID List Note You cannot add or remove an SSID profile after running the setup wizard Figure 95 Configuration Object AP Profile SSID SSID List Default M...

Page 156: ...his button is not available after you configure the Zyxel Deviceusing the wizard Object Reference Click this to view which other objects are linked to the selected SSID profile for example radio profi...

Page 157: ...racters for the profile name This name is only visible in the Web Configurator and is only for management purposes Spaces and underscores are allowed SSID Enter the SSID name for this profile This is...

Page 158: ...for activities like placing and receiving VoIP phone calls WMM_VIDEO All wireless traffic to the SSID is tagged as video data This is recommended for activities like video conferencing WMM_BEST_EFFOR...

Page 159: ...f a target IP address Select this option to allow the Zyxel Device to answer ARP requests for an IP address on behalf of a client associated with this SSID This can reduce broadcast traffic and improv...

Page 160: ...ile SSID Security List continued LABEL DESCRIPTION Table 62 Configuration Object AP Profile SSID Security List Add Edit Security Profile Security Mode none LABEL DESCRIPTION General Settings Profile N...

Page 161: ...nal accounting server and your Zyxel Device The key is not sent over the network Accounting Interim Update This field is available only when you enable user accounting through an external authenticati...

Page 162: ...terval in seconds that a client can be idle before authentication is discontinued Management Frame Protection This field is configurable only when you select wpa2 in the Security Mode field and set Ci...

Page 163: ...Add Edit Security Profile Security Mode wep LABEL DESCRIPTION General Settings Profile Name Enter up to 31 alphanumeric characters for the profile name This name is only visible in the Web Configurat...

Page 164: ...Select this to have the Zyxel Device use the specified RADIUS server Radius Server IP Address Enter the IP address of the RADIUS server to be used for authentication Radius Server Port Enter the port...

Page 165: ...vice to provide the NAS Network Access Server IP address attribute enter it here NAS Identifier If the RADIUS server requires the Zyxel Device to provide the NAS Network Access Server identifier attri...

Page 166: ...tomatically chooses the best available cipher based on the cipher in use by the WiFi client that is attempting to make a connection aes This is the Advanced Encryption Standard encryption method It is...

Page 167: ...en the external accounting server and the Zyxel Device The key must be the same on the external accounting server and your Zyxel Device The key is not sent over the network Accounting Interim Update T...

Page 168: ...curity Profile Security Mode wpa2 mix LABEL DESCRIPTION General Settings Profile Name Enter up to 31 alphanumeric characters for the profile name This name is only visible in the Web Configurator and...

Page 169: ...he RADIUS server to be used for authentication Radius Server Port Enter the port number of the RADIUS server to be used for authentication Radius Server Secret Enter the shared secret password of the...

Page 170: ...he NAS Network Access Server identifier attribute enter it here The NAS identifier is to identify the source of access request It could be the NAS s fully qualified domain name OK Click OK to save you...

Page 171: ...ates two virtual APs VAPs with a primary wpa3 or enhanced open and fallback wpa2 or none security method Advance Note Click on the Show Advanced Settings button to show the fields describe below Idle...

Page 172: ...ret Enter a password up to 128 alphanumeric characters as the key to be shared between the external accounting server and the Zyxel Device The key must be the same on the external accounting server an...

Page 173: ...5 Configuration Object AP Profile SSID MAC Filter List Add Edit MAC Filter Profile Table 68 Configuration Object AP Profile SSID MAC Filter List LABEL DESCRIPTION Add Click this to add a new MAC filte...

Page 174: ...e Name Enter up to 31 alphanumeric characters for the profile name This name is only visible in the Web Configurator and is only for management purposes Spaces and underscores are allowed Filter Actio...

Page 175: ...Isolation Profile This screen allows you to create a new layer 2 isolation profile or edit an existing one To access this screen click the Add button or select a layer 2 isolation profile from the lis...

Page 176: ...ed Add Click this to add a MAC address to the profile s list Edit Click this to edit the selected MAC address in the profile s list Remove Click this to remove the selected MAC address from the profil...

Page 177: ...tor mode configurations that can be used by the Zyxel Device 14 2 MON Profile This screen allows you to create monitor mode configurations that can be used by the APs To access this screen log into th...

Page 178: ...information about MON Mode Figure 110 Configuration Object MON Profile Add Edit MON Profile Object Reference Click this to view which other objects are linked to the selected monitor mode profile for...

Page 179: ...fic channels through which to cycle sequentially when the Channel dwell time expires Selecting this options makes the Scan Channel List options available Set Scan Channel List 2 4 GHz Select one or mo...

Page 180: ...d create WDS profiles that can be used by the APs To access this screen click Configuration Object WDS Profile Figure 111 Configuration Object WDS Profile The following table describes the labels in t...

Page 181: ...75 Configuration Object WDS Profile Add Edit WDS Profile LABEL DESCRIPTION Profile Name Enter up to 31 alphanumeric characters for the profile name WDS SSID Enter the SSID with which you want the Zyx...

Page 182: ...e made openly available The other key is private and must be kept secure These keys work like a handwritten signature in fact certificates are often referred to as digital signatures Only you can writ...

Page 183: ...ificates Certificates offer the following benefits The Zyxel Device only has to store the certificates of the certification authorities that you decide to trust no matter how many devices you need to...

Page 184: ...Device you should verify that you have the correct certificate You can do this using the certificate s fingerprint A certificate s fingerprint is a message digest calculated using the MD5 or SHA1 alg...

Page 185: ...your certificates To remove an entry select it and click Remove The Zyxel Device confirms you want to remove it before doing so Subsequent certificates move up by one when you take this action Object...

Page 186: ...s issuing certification authority such as a common name organizational unit or department organization or company and country With self signed certificates this is the same information as in the Subj...

Page 187: ...acters You can use alphanumeric characters the hyphen and the underscore State Province Identify the state or province where the certificate owner is located You can use up to 31 characters You can us...

Page 188: ...y information is correct and that your Internet connection is working properly if you want the Zyxel Device to enroll a certificate online 16 2 2 Edit My Certificates Click Configuration Object Certif...

Page 189: ...Chapter 16 Certificates NWA WAC WAX Series User s Guide 189 Figure 115 Configuration Object Certificate My Certificates Edit...

Page 190: ...Version This field displays the X 509 version number Serial Number This field displays the certificate s identification number given by the certification authority or generated by the Zyxel Device Su...

Page 191: ...ail PEM format PEM uses lowercase letters uppercase letters and numerals to convert a binary certificate into a printable form You can copy and paste a certification request into a certification autho...

Page 192: ...y thus you do not need to import any certificate that is signed by one of these certificates Table 79 Configuration Object Certificate My Certificates Import LABEL DESCRIPTION File Type in the locatio...

Page 193: ...e The Zyxel Device confirms you want to remove it before doing so Subsequent certificates move up by one when you take this action Object Reference You cannot delete certificates that any of the Zyxel...

Page 194: ...Chapter 16 Certificates NWA WAC WAX Series User s Guide 194 authority Figure 118 Configuration Object Certificate Trusted Certificates Edit...

Page 195: ...maintaining the OCSP server usually a certification authority LDAP Server Select this check box if the directory server uses LDAP Lightweight Directory Access Protocol LDAP is a protocol over TCP tha...

Page 196: ...that the key can be used to sign certificates and KeyEncipherment means that the key can be used to encrypt text Basic Constraint This field displays general information about the certificate For exa...

Page 197: ...r a CRL The first is real time status information The second is a reduction in network traffic since the Zyxel Device only gets information on the certificates that it needs to verify not a huge list...

Page 198: ...PS access to the Zyxel Device The SSH screen Section 17 6 on page 211 configures SSH Secure SHell for securely accessing the Zyxel Device s command line interface The FTP screen Section 17 7 on page 2...

Page 199: ...This name is propagated to DHCP clients connected to interfaces with the DHCP server enabled This name can be up to 254 alphanumeric characters long Spaces are not allowed but dashes are accepted Appl...

Page 200: ...e labels in this screen Table 85 Configuration System Date Time LABEL DESCRIPTION Current Time and Date Current Time This field displays the present time of your Zyxel Device Current Date This field d...

Page 201: ...rts using Daylight Saving Time at 2 A M local time So in the United States you would select Second Sunday March and type 2 in the at field Daylight Saving Time starts in the European Union on the last...

Page 202: ...ed NTP time servers have been tried 17 4 2 Time Server Synchronization Click the Sync Now button to get the time and date from the time server you specified in the Time Server Address field When the L...

Page 203: ...FTP management access are not secure Figure 124 Secure and Insecure Service Access From the WAN 17 5 1 Service Access Limitations A service cannot be used to access the Zyxel Device when you have dis...

Page 204: ...xel Device must always authenticate itself to the HTTPS client the computer which requests the HTTPS connection with the Zyxel Device whereas the HTTPS client only should authenticate itself when the...

Page 205: ...icate To do that the SSL client must have a CA signed certificate from a CA that has been imported as a trusted CA on the Zyxel Device Click Trusted CAs to go to the Configuration Object Certificate T...

Page 206: ...When you attempt to access the Zyxel Device HTTPS server you will see the error message shown in the following screen Figure 127 Security Alert Dialog Box Google Chrome Select Advanced Proceed to 192...

Page 207: ...self signed certificate import the self signed certificate into your operating system as a trusted certificate To have the browser trust the certificates issued by a certificate authority import the...

Page 208: ...a Personal Certificate You need a password in advance The CA may issue the password or you may have to specify it during the enrollment Double click the personal certificate given to you by the CA to...

Page 209: ...es User s Guide 209 3 Enter the password given to you by the CA 4 Have the wizard determine where the certificate should be saved on your computer or select Place all certificates in the following sto...

Page 210: ...ck Finish to complete the wizard and begin the import process 6 You should see the following screen when the certificate is correctly installed on your computer 17 5 5 6 Using a Certificate When Acces...

Page 211: ...single certificate as in the example 3 You next see the Web Configurator login screen 17 6 SSH You can use SSH Secure SHell to securely access the Zyxel Device s command line interface SSH is a secure...

Page 212: ...er key and sends the result back to the server The client automatically saves any new server public keys In subsequent connections the server public key is checked against the saved version on the cli...

Page 213: ...for secure connections Figure 132 Configuration System SSH The following table describes the labels in this screen Table 88 Configuration System SSH LABEL DESCRIPTION Enable Select the check box to al...

Page 214: ...re the SSH client to accept connection using SSH version 2 3 A window displays prompting you to store the host key in you computer Click Yes to continue Figure 133 SSH Example 1 Store Host Key Enter t...

Page 215: ...nently added 192 168 1 2 RSA1 to the list of known hosts Administrator 192 168 1 2 s password Table 89 Configuration System FTP LABEL DESCRIPTION Enable Select the check box to allow or disallow the c...

Page 216: ...erform network management functions It executes applications that control and monitor managed devices The managed devices contain object variables managed objects that define each piece of information...

Page 217: ...You can download the Zyxel Device s MIBs from www zyxel com 17 8 2 SNMP Traps The Zyxel Device will send traps to the SNMP manager when any one of the following events occurs 17 8 3 Configuring SNMP T...

Page 218: ...GetNext requests from the management station The default is public and allows all requests Set Community Enter the Set community which is the password for incoming Set requests from the management sta...

Page 219: ...d be encrypted by MD5 for authentication Select SHA to require the SNMPv3 user s password be encrypted by SHA for authentication Privacy Select the type of encryption the SNMPv3 user must use to conne...

Page 220: ...8 3 on page 222 specify which logs are e mailed where they are e mailed and how often they are e mailed 18 2 Email Daily Report Use this screen to start or stop data collection and view various statis...

Page 221: ...Chapter 18 Log and Report NWA WAC WAX Series User s Guide 221 Figure 139 Configuration Log Report Email Daily Report...

Page 222: ...number here as is on the mail server for mail traffic Mail Subject Type the subject line for the outgoing e mail Select Append system name to add the Zyxel Device s system name to the subject Select A...

Page 223: ...ere alerts are e mailed The Log Setting screen provides a summary of all the settings You can use the Edit Log Setting screen to maintain the detailed settings such as log categories e mail addresses...

Page 224: ...ings Activate To turn on an entry select it and click Activate Inactivate To turn off an entry select it and click Inactivate This field is a sequential value and it is not associated with a specific...

Page 225: ...Chapter 18 Log and Report NWA WAC WAX Series User s Guide 225 Figure 141 Configuration Log Report Log Setting Edit System Log Setting...

Page 226: ...ype the e mail address to which alerts are delivered Sending Log Select how often log information is e mailed Choices are When Full Hourly and When Full Daily and When Full and Weekly and When Full Da...

Page 227: ...create log messages alerts and debugging information from this category the Zyxel Device does not e mail debugging information however even if this setting is selected E mail Server 1 Select whether e...

Page 228: ...t this check box to send log information according to the information in this section You specify what kinds of messages are included in log information in the Active Log section Log Format This field...

Page 229: ...ebug logs yellow check mark send the remote server log messages alerts and debugging information for all log categories This field is a sequential value and it is not associated with a specific addres...

Page 230: ...red X do not log any information for any category for the system log or e mail any logs to e mail server 1 or 2 enable normal logs green check mark create log messages and alerts for all categories fo...

Page 231: ...l logs green checkmark create log messages and alerts from this category enable normal logs and debug logs yellow check mark create log messages alerts and debugging information from this category the...

Page 232: ...checks your current firmware version and uploads firmware to the Zyxel Device The Shell Script screen Section 19 4 on page 240 stores names downloads uploads and runs shell script files 19 1 2 What y...

Page 233: ...ript the Zyxel Device processes the file line by line The Zyxel Device checks the first line and applies the line if no errors are detected Then it continues with the next line If the Zyxel Device fin...

Page 234: ...s and applies it If there are no errors the Zyxel Device uses it and copies it to the lastgood conf configuration file as a back up file If there is an error the Zyxel Device generates a log and copie...

Page 235: ...plicate of the configuration file Remove Click a configuration file s row to select it and click Remove to delete it from the Zyxel Device You can only delete manually saved configuration files You ca...

Page 236: ...on file s errors and starts the Zyxel Device with a fully valid configuration file Click OK to have the Zyxel Device start applying the configuration file or click Cancel to close the screen This colu...

Page 237: ...Zyxel Device to your computer Type get followed by the name of the configuration file This examples uses get startup config conf Last Modified This column displays the date and time that the individu...

Page 238: ...tes Do not turn off or reset the Zyxel Device while the firmware update is in progress C ftp 192 168 1 2 Connected to 192 168 1 2 220 Welcome to Pure FTPd privsep TLS 220 You are user number 1 of 5 al...

Page 239: ...ownload the firmware package from www zyxel com and unzip it The firmware file uses a bin extension for example 600ABFH0C0 bin Do the following after you have obtained the firmware file 1 Connect your...

Page 240: ...Script Use shell script files to have the Zyxel Device use commands that you specify Use a text editor to create the shell script files They must use a zysh filename extension Click Maintenance File M...

Page 241: ...Download to save the configuration to your computer Copy Use this button to save a duplicate of a shell script file on the Zyxel Device Click a shell script file s row to select it and click Copy to...

Page 242: ...ser s Guide 242 Browse Click Browse to find the zysh file you want to upload Upload Click Upload to begin the upload process This process may take up to several minutes Table 101 Maintenance File Mana...

Page 243: ...rovides an easy way for you to generate a file containing the Zyxel Device s configuration and diagnostic information You may need to generate this file and send it to customer support during troubles...

Page 244: ...If the Zyxel Device is connected to the Zyxel gateway or ZyWALL you might need to configure the Zyxel gateway or ZyWALL to allow remote capture on the Zyxel Device Not all models support wireless remo...

Page 245: ...ort Enter the number of the server port you want the packet analyzer to connect to in order to capture traffic going through the Zyxel Device The default port number is 2002 Start Click this button to...

Page 246: ...several devices in the network 21 2 Suppression Screen The LED Suppression feature allows you to control how the LEDs of your Zyxel Device behave after it s ready The default LED suppression setting o...

Page 247: ...ault setting is 10 minutes While the locator is running the turn on button will gray out and return after it s finished If you make changes to the time default setting it will be stored as the default...

Page 248: ...activate the locator The Locator function will show the actual location of the Zyxel Device between several devices in the network Otherwise click Turn Off to disable the locator feature Automaticall...

Page 249: ...see if your Zyxel Device has an antenna switch Figure 155 WAC Physical Antenna Switch Note With the physical antenna switch you apply the same antenna orientation settings to both radios You can set...

Page 250: ...le Software Control option to use the Web Configurator to adjust coverage depending on each radio s antenna orientation for better coverage Select Wall if you mount the Zyxel Device to a wall Select C...

Page 251: ...u reboot Otherwise the changes are lost when you reboot Reboot is different to reset reset returns the Zyxel Device to its default configuration 23 2 Reboot This screen allows remote users can restart...

Page 252: ...w Shutdown writes all cached data to the local storage and stops the system processes Shutdown is different to reset reset returns the Zyxel Device to its default configuration 24 2 Shutdown To access...

Page 253: ...253 PART II Local Configuration in Cloud Mode...

Page 254: ...can check the NCC s Access Point Monitor Access Points screen or the connected gateway for the Zyxel Device s current LAN IP address Alternatively disconnect the gateway or disable its DHCP server fu...

Page 255: ...s screen Table 105 Dashboard LABEL DESCRIPTION AP Information MAC Address This field displays the MAC address of the Zyxel Device Serial Number This field displays the serial number of the Zyxel Devic...

Page 256: ...go to NCC and register your Zyxel Device 1 Internet Green The Zyxel Device is connected to the Internet Orange The Zyxel Device is not connected to the Internet 2 Nebula Green The Zyxel Device is con...

Page 257: ...sure your VLAN settings allow the Zyxel Device to connect to the Internet so you could manage it with NCC 26 1 1 What You Can Do in this Chapter The IP Setting screen Section 26 2 on page 257 configu...

Page 258: ...y Enter the IP address of the gateway The Zyxel Device sends packets to the gateway when it does not know how to route the packet to its destination The gateway should be on the same network as the in...

Page 259: ...ick Configuration Network VLAN Figure 163 Configuration Network VLAN Each field is described in the following table Table 107 Configuration Network VLAN LABEL DESCRIPTION VLAN Settings Management VLAN...

Page 260: ...u need to provide it to customer support during troubleshooting The Diagnostics Remote Capture screen Section 27 4 on page 262 enables remote packet captures on wired or wireless interfaces through an...

Page 261: ...yxel Device A pop up window asks you to confirm that you want to delete the shell script file Click OK to delete the shell script file or click Cancel to close the screen without deleting the shell sc...

Page 262: ...4 Remote Capture Use this screen to capture network traffic going through the Zyxel Device and output the captured packets to a packet analyzer also known as network or protocol analyzer such as Wires...

Page 263: ...new log messages automatically overwrite existing log messages starting with the oldest existing log message first Events that generate an alert as well as a log message display in red Regular logs d...

Page 264: ...tice and info from highest priority to lowest priority This field is read only if the Category is Debug Log Source Address This displays when you show the filter Type the source IP address of the inco...

Page 265: ...lds Message This field displays the reason the log message was generated The text count x where x is a number appears at the end of the Message field if log consolidation is turned on and multiple ent...

Page 266: ...266 PART III Appendices and Troubleshooting...

Page 267: ...E power injector switch 2 Make sure the power adapter or PoE power injector switch is connected to the Zyxel Device and plugged in to an appropriate power source Make sure the power source is turned o...

Page 268: ...for the Zyxel Device s current LAN IP address I cannot see or access the Login screen in the Web Configurator 1 Make sure you are using the correct IP address The default IP address in standalone mode...

Page 269: ...the Login screen but I cannot log in to the Zyxel Device 1 Make sure you have entered the user name and password correctly The default password is 1234 This fields are case sensitive so make sure Caps...

Page 270: ...management VLAN and IP address settings on the Zyxel Device also pushes these changes to the NCC Do this only if your device cannot otherwise connect to the NCC 5 Make sure your Zyxel Device does not...

Page 271: ...After changing your Zyxel Device settings using the NCC wait 1 2 minutes for the changes to take effect I can only see newer logs Older logs are missing When a log reaches the maximum number of log m...

Page 272: ...e WiFi settings on the WiFi clients are the same as the settings on the Zyxel Device 4 Disconnect all the cables from your Zyxel Device and follow the directions in the Quick Start Guide again 5 Reboo...

Page 273: ...there are minimum obstacles such as walls and ceilings between the Zyxel Device and the wireless client Avoid placing the Zyxel Device inside any type of box that might block WiFi signals I cannot acc...

Page 274: ...d numerals to convert a binary X 509 certificate into a printable form Binary PKCS 7 This is a standard that defines the general syntax for data including digital signatures that may be encrypted A PK...

Page 275: ...dministrator password s you can reset the Zyxel Device to its factory default settings Any configuration files or shell scripts that you saved on the Zyxel Device should still be available afterwards...

Page 276: ...s such as the Zyxel Device issue their own public key certificates These can be used by web browsers on a LAN or WAN to verify that they are in fact connecting to the legitimate device and not one mas...

Page 277: ...ificates NWA WAC WAX Series User s Guide 277 Export a Certificate 1 If your device s Web Configurator is set to use SSL certification then upon browsing with it for the first time you are presented wi...

Page 278: ...Appendix A Importing Certificates NWA WAC WAX Series User s Guide 278 2 Click Advanced Proceed to x x x x unsafe 3 In the Address Bar click Not Secure Certificate Invalid...

Page 279: ...Appendix A Importing Certificates NWA WAC WAX Series User s Guide 279 4 In the Certificate dialog box click Details Copy to File 5 In the Certificate Export Wizard click Next...

Page 280: ...A Importing Certificates NWA WAC WAX Series User s Guide 280 6 Select the format and settings you want to use and then click Next 7 Type a filename and specify a folder to save the certificate in Cli...

Page 281: ...ate Export Wizard screen click Finish 9 Finally click OK when presented with the successful certificate export message Import a Certificate After storing the certificate in your computer see Export a...

Page 282: ...Appendix A Importing Certificates NWA WAC WAX Series User s Guide 282 1 Open your web browser click the menu icon and click Settings...

Page 283: ...Appendix A Importing Certificates NWA WAC WAX Series User s Guide 283 2 Scroll down and click Advanced to expand the menu Under Privacy and security click Manage certificates...

Page 284: ...AX Series User s Guide 284 3 In the Certificates pop up screen click Trusted Root Certification Authorities Click Import to start the Certificate Import Wizard 4 Click Next when the wizard pops up and...

Page 285: ...Appendix A Importing Certificates NWA WAC WAX Series User s Guide 285 5 Select the certificate file you want to import and click Open 6 Click Next...

Page 286: ...Appendix A Importing Certificates NWA WAC WAX Series User s Guide 286 7 Confirm the settings displayed and click Finish 8 If presented with a security warning click Yes...

Page 287: ...notified of the successful import Install a Stand Alone Certificate File Rather than installing a public key certificate using web browser settings you can install a stand alone certificate file if o...

Page 288: ...tificates NWA WAC WAX Series User s Guide 288 3 Click Next on the first wizard screen click Place all certificates in the following store and click Browse 4 Select Trusted Root Certificate Authorities...

Page 289: ...Appendix A Importing Certificates NWA WAC WAX Series User s Guide 289 5 Confirm the information shown on the final wizard screen and click Finish 6 If presented with a security warning click Yes...

Page 290: ...e 290 7 Finally click OK when you are notified of the successful import Remove a Certificate in Google Chrome This section shows you how to remove a public key certificate in Google Chrome on Windows...

Page 291: ...cates NWA WAC WAX Series User s Guide 291 2 Scroll down and click Advanced to expand the menu Under Privacy and security click Manage certificates 3 In the Certificates pop up screen click Trusted Roo...

Page 292: ...move 5 Click Yes when you see the following warning message 6 Confirm the details displayed in the warning message and click Yes Firefox The following example uses Mozilla Firefox on Windows 7 You fir...

Page 293: ...C WAX Series User s Guide 293 Export a Certificate 1 If your device s Web Configurator is set to use SSL certification then the first time you browse to it you are presented with a certification error...

Page 294: ...WAX Series User s Guide 294 3 Click Details Export 4 Type a filename and click Save Import a Certificate After storing the certificate in your computer you need to import it in trusted root certificat...

Page 295: ...Appendix A Importing Certificates NWA WAC WAX Series User s Guide 295 1 Open Firefox and click Tools Options...

Page 296: ...ing Certificates NWA WAC WAX Series User s Guide 296 2 In the Options page click Privacy Security scroll to the bottom of the page and then click View Certificates 3 In the Certificate Manager click A...

Page 297: ...r s Guide 297 4 Use the Select File dialog box to locate the certificate and then click Open 5 Select Trust this CA to identify websites and click OK Removing a Certificate in Firefox This section sho...

Page 298: ...Importing Certificates NWA WAC WAX Series User s Guide 298 1 Open Firefox and click Tools Options 2 In the Options page click Privacy Security scroll to the bottom of the page and then click View Cer...

Page 299: ...he Certificate Manager click Authorities and select the certificate you want to remove Click Delete or Distrust 4 In the following dialog box click OK 5 The next time you go to the web site that issue...

Page 300: ...0 1a2f 0015 2001 db8 1a2f 0 0 15 or 2001 db8 0 0 1a2f 15 Prefix and Prefix Length Similar to an IPv4 subnet mask IPv6 uses an address prefix to represent the network address An IPv6 prefix length spec...

Page 301: ...lowing table describes some of the predefined multicast addresses The following table describes the multicast addresses which are reserved and can not be assigned to a multicast group Table 112 Predef...

Page 302: ...and automatically generated Unlike DHCPv6 Dynamic Host Configuration Protocol version six which is used in IPv6 stateful autoconfiguration the owner and status of addresses don t need to be maintaine...

Page 303: ...server S2 For an IA_TA the client may send a Renew or Rebind message at the client s discretion DHCP Relay Agent A DHCP relay agent is on the same network as the DHCP clients and helps forward messag...

Page 304: ...que If there is an address to be resolved or verified the Zyxel Device also sends out a neighbor solicitation message When the Zyxel Device receives a neighbor advertisement in response it stores the...

Page 305: ...ault Windows XP and Windows 2003 support IPv6 This example shows you how to use the ipv6 install command on Windows XP 2003 to enable IPv6 This also displays how to use the ipconfig command to see aut...

Page 306: ...r DHCPv6 Client Install as service 3 Select Start Control Panel Administrative Tools Services 4 Double click Dibbler a DHCPv6 client 5 Click Start and then OK 6 Now your computer can obtain an IPv6 ad...

Page 307: ...ect Start All Programs Accessories Command Prompt 6 Use the ipconfig command to check your dynamic IPv6 address This example shows a global address 2001 b021 2d 1000 obtained from a DHCP server C ipco...

Page 308: ...com index shtml for the latest information Please have the following information ready when you contact an office Required Information Product model and serial number Warranty Information Date that y...

Page 309: ...com pk Philippines Zyxel Philippines http www zyxel com ph Singapore Zyxel Singapore Pte Ltd http www zyxel com sg Taiwan Zyxel Communications Corporation https www zyxel com tw zh Thailand Zyxel Tha...

Page 310: ...s https www zyxel com fi fi France Zyxel France https www zyxel fr Germany Zyxel Deutschland GmbH https www zyxel com de de Hungary Zyxel Hungary SEE https www zyxel com hu hu Italy Zyxel Communicatio...

Page 311: ...sk Spain Zyxel Communications ES Ltd https www zyxel com es es Sweden Zyxel Communications https www zyxel com se sv Switzerland Studerus AG https www zyxel ch de https www zyxel ch fr Turkey Zyxel T...

Page 312: ...cations Corporation https www zyxel com co es Ecuador Zyxel Communications Corporation https www zyxel com co es South America Zyxel Communications Corporation https www zyxel com co es Middle East Is...

Page 313: ...for compliance could void the user s authority to operate the device This product has been tested and complies with the specifications for a Class B digital device pursuant to Part 15 of the FCC Rules...

Page 314: ...e undesired operation of the device The radio transmitter 2468C 11ACAP22W WAC500H 2468C 11ACAP22 WAC500 and NWA1123ACv3 2468C WAC5302DS WAC5302D Sv2 2468C NWA5123AC NWA1123 AC v2 2468C NWA5123ACHD NWA...

Page 315: ...1 PIFA U FL 3 08 2400 2483 5 MHz 2 PIFA U FL 3 07 2400 2483 5 MHz 3 PIFA U FL 4 06 5150 5250 MHz 3 91 5725 5850 MHz 4 PIFA U FL 3 99 5150 5250 MHz 3 79 5725 5850 MHz NWA5123 AC HD 1 PIFA I PEX 3 2400...

Page 316: ...50MHz 2 PIFA I PEX 0 2400 2483 5 MHz 4 5 5150 5350MHz 5 2 5470 5725MHz 5 5 5725 5850MHz 3 Dipole I PEX 0 2400 2483 5 MHz 4 5 5150 5350MHz 5 2 5470 5725MHz 5 5 5725 5850MHz 4 Dipole I PEX 0 2400 2483 5...

Page 317: ...oris e aux deux conditions suivantes 1 l appareil ne doit pas produire de brouillage 2 L appareil doit accepter tout brouillage radio lectrique subi m me si le brouillage est susceptible d en comprome...

Page 318: ...3 AC 1 PIFA U FL 3 08 2400 2483 5 MHz 2 PIFA U FL 3 07 2400 2483 5 MHz 3 PIFA U FL 4 06 5150 5250 MHz 3 91 5725 5850 MHz 4 PIFA U FL 3 99 5150 5250 MHz 3 79 5725 5850 MHz NWA5123 AC HD 1 PIFA I PEX 3...

Page 319: ...0MHz 2 PIFA I PEX 0 2400 2483 5 MHz 4 5 5150 5350MHz 5 2 5470 5725MHz 5 5 5725 5850MHz 3 Dipole I PEX 0 2400 2483 5 MHz 4 5 5150 5350MHz 5 2 5470 5725MHz 5 5 5725 5850MHz 4 Dipole I PEX 0 2400 2483 5...

Page 320: ...rps Cet quipement est conforme aux limites d exposition aux rayonnements ISED tablies pour un environnement non contr l Cet quipement doit tre install et utilis avec un minimum de 22 cm NWA1123 AC HD...

Page 321: ...W The band 5 150 MHz to 5 350 MHz is 199 07 mW The band 5 470 MHz to 5 725 MHz is 743 02 mW WAC6503D S The band 2 400 MHz to 2 483 5 MHz is 99 54 mW The band 5 150 MHz to 5 350 MHz is 183 65 mW The ba...

Page 322: ...ur d une distance sup rieure 300 m tres doivent tre notifi es l Institut Belge des services Postaux et des T l communications IBPT Visitez http www ibpt be pour de plus amples d tails Espa ol Spanish...

Page 323: ...at auja no Elektronisko sakaru direkcijas Vair k inform cijas http www esd lv Lietuvi kalba Lithuanian iuo Zyxel deklaruoja kad is ranga atitinka esminius reikalavimus ir kitas 2014 53 EU Direktyvos...

Page 324: ...t dedie a une fonction unique il doit etre utilise avec notre logiciel proprietaire de divertissement interactif Ce produit sera propose par un reseau de distribution controle et installe par des prof...

Page 325: ...3ACv3 WAC500 WAC500H WAC5302D Sv2 NWA1123 ACv2 NWA1123 AC HD NWA5123 AC NWA5123 AC HD WAC6502D E WAC6502D S WAC6503D S WAX510D NWA110AX WAX610D NWA210AX WAX630S WAX640S 6E WAX620D 6E and NWA220AX 6E Z...

Page 326: ...e Symbols Various symbols are used in this product to ensure correct usage to prevent danger to the user and others and to prevent property damage The meaning of these symbols are described below It i...

Page 327: ...al working conditions Note Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including...

Page 328: ...BSS Bluetooth BLE see Bluetooth Low Energy BLE See Bluetooth Low Energy advertisements 135 advertising settings 136 BLE 134 Bluetooth Low Energy 15 17 18 20 21 134 Bluetooth Smart 134 iBeacon 134 iBe...

Page 329: ...nfig bad conf 234 syntax 232 system default conf 236 uploading 237 uploading with FTP 215 use without restart 232 contact information 308 cookies 61 copyright 313 CPU usage 77 80 current date time 78...

Page 330: ...ol version 6 see IPv6 IP Address 104 257 gateway IP address 104 IP subnet 104 IPv6 300 addressing 300 EUI 64 302 global address 300 interface ID 302 link local address 300 Neighbor Discovery Protocol...

Page 331: ...es 182 users account user 137 Online Certificate Status Protocol OCSP 197 vs CRL 197 overview 13 74 254 P pop up windows 61 power off 75 power on 74 product registration 327 Public Key Infrastructure...

Page 332: ...SSID 27 SSID profile pre configured 27 SSID profiles 27 SSL 204 starting the device 74 startup config conf 236 if errors 234 missing at restart 234 present at restart 234 startup config bad conf 234 s...

Page 333: ...troduction 109 VRPT Vantage Report 224 228 W warm start 74 warranty 327 note 327 WDS 24 Web Configurator 38 61 access 61 requirements 61 supported browsers 61 WEP Wired Equivalent Privacy 145 wireless...

Reviews:

No comments

Brands by name

Popular brands

Load more brands