manualshive.com logo in svg

ZyXEL Communications NXC-8160, User Manual

The ZyXEL Communications NXC-8160 is a cutting-edge wireless LAN controller, offering top-notch performance and reliability. Ensure seamless setup and optimization with the free User Manual available for download from our website. Streamline your network management with this innovative solution.

Share
Download
background image

Appendix E Wireless LANs

NXC-8160 User’s Guide

186

For EAP-TLS authentication type, you must first have a wired connection to the network and 
obtain the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) 
can be used to authenticate users and a CA issues certificates and guarantees the identity of 
each certificate owner.

EAP-MD5 (Message-Digest Algorithm 5)

MD5 authentication is the simplest one-way authentication method. The authentication server 
sends a challenge to the wireless client. The wireless client ‘proves’ that it knows the password 
by encrypting the password with the challenge and sends back the information. Password is 
not sent in plain text. 

However, MD5 authentication has some weaknesses. Since the authentication server needs to 
get the plaintext passwords, the passwords must be stored. Thus someone other than the 
authentication server may access the password file. In addition, it is possible to impersonate an 
authentication server as MD5 authentication method does not perform mutual authentication. 
Finally, MD5 authentication method does not support data encryption with dynamic session 
key. You must configure WEP encryption keys for data encryption. 

EAP-TLS (Transport Layer Security)

With EAP-TLS, digital certifications are needed by both the server and the wireless clients for 
mutual authentication. The server presents a certificate to the client. After validating the 
identity of the server, the client sends a different certificate to the server. The exchange of 
certificates is done in the open before a secured tunnel is created. This makes user identity 
vulnerable to passive attacks. A digital certificate is an electronic ID card that authenticates the 
sender’s identity. However, to implement EAP-TLS, you need a Certificate Authority (CA) to 
handle certificates, which imposes a management overhead. 

EAP-TTLS (Tunneled Transport Layer Service) 

EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the 
server-side authentications to establish a secure connection. Client authentication is then done 
by sending username and password through the secure connection, thus client identity is 
protected. For client authentication, EAP-TTLS supports EAP methods and legacy 
authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2. 

PEAP (Protected EAP)   

Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, 
then use simple username and password methods through the secured connection to 
authenticate the clients, thus hiding client identity. However, PEAP only supports EAP 
methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), 
for client authentication. EAP-GTC is implemented only by Cisco.

LEAP

LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE 
802.1x. 

Summary of Contents for NXC-8160

Page 1: ...www zyxel com NXC 8160 Business WLAN Controller User s Guide Version 1 0 12 2008 Edition 2...

Page 2: ......

Page 3: ...ay It contains information on setting up your network and configuring for Internet access Support Disc Refer to the included CD for support documents ZyXEL Web Site Please refer to www zyxel com for a...

Page 4: ...t A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more characters and then press the E...

Page 5: ...Conventions NXC 8160 User s Guide 5 Icons Used in Figures Figures in this User s Guide may use the following generic icons NXC 8160 Computer Notebook computer Server Wireless Signal Modem Router Acce...

Page 6: ...ght supply voltage for example 110V AC in North America or 230V AC in Europe Not to remove the plug and plug into a wall outlet by itself always attach the plug to the power supply first before insert...

Page 7: ...ce meets ETSI and FCC certification requirements when using the included antenna s Only use the included antenna s If you wall mount your device make sure that no electrical lines gas or water pipes w...

Page 8: ...Safety Warnings NXC 8160 User s Guide 8...

Page 9: ...Configurator 27 LAN and WAN Settings 33 LAN Settings 35 WLAN Settings 41 Access Points and System Tools 63 Access Points 65 System Tools 67 Advanced Settings Events and Reports 73 Advanced Settings 75...

Page 10: ...Contents Overview NXC 8160 User s Guide 10...

Page 11: ...of the NXC 8160 23 1 2 1 Wireless Internet Access 23 1 2 2 Captive Portal Security 24 1 2 3 Backup NXC 8160 25 1 3 Ways to Manage the NXC 8160 25 1 4 Good Habits for Managing the NXC 8160 26 1 5 Fron...

Page 12: ...in This Chapter 41 4 1 2 What You Need to Know 41 4 2 The ESSID Settings Screen 43 4 2 1 About ESSID Security Settings 47 4 2 2 Configuring ESSID Security Settings 49 4 2 3 Renaming ESSIDs 54 4 3 The...

Page 13: ...1 2 What You Need to Know 75 7 2 Network Redundancy 76 7 2 1 Configuring the Redunancy Screen 78 7 3 The Syslog Monitor Screen 79 7 4 The SNMP Screen 80 7 4 1 Configuring SNMP 81 7 5 The Centralized C...

Page 14: ...oduct Specifications 107 Part VI Appendices and Index 111 Appendix A Setting Up Your Computer s IP Address 113 Appendix B Importing Certificates 137 Appendix C IP Addresses and Subnetting 161 Appendix...

Page 15: ...EE 802 1x Authentication 51 Figure 18 Security WPA Personal WPA2 Personal 52 Figure 19 Security WPA Enterprise WPA2 Enterprise 53 Figure 20 WLAN ESSID Definition SSID Table 54 Figure 21 WLAN ESSID Def...

Page 16: ...ork And Internet 117 Figure 60 Windows Vista Network and Sharing Center 118 Figure 61 Windows Vista Network and Sharing Center 118 Figure 62 Windows Vista Local Area Connection Properties 119 Figure 6...

Page 17: ...141 Figure 100 Internet Explorer 7 Certificate Import Wizard 142 Figure 101 Internet Explorer 7 Website Identification 142 Figure 102 Internet Explorer 7 Public Key Certificate File 143 Figure 103 In...

Page 18: ...xample Before Subnetting 164 Figure 140 Subnetting Example After Subnetting 165 Figure 141 Conflicting Computer IP Addresses Example 169 Figure 142 Conflicting Computer IP Addresses Example 169 Figure...

Page 19: ...e WPA2 Enterprise 54 Table 16 WLAN ESSID Definition SSID Table 55 Table 17 WLAN ESSID Definition MAC ACL 56 Table 18 WLAN ESSID Definition RADIUS 57 Table 19 WLAN ESSID Definition WMM 58 Table 20 WLAN...

Page 20: ...t Cable Pin Assignments 108 Table 48 IP Address Network Number and Host ID Example 162 Table 49 Subnet Masks 163 Table 50 Maximum Host Numbers 163 Table 51 Alternative Subnet Mask Notation 163 Table 5...

Page 21: ...21 PART I Introduction Getting to Know Your NXC 8160 23 Introducing the Web Configurator 27...

Page 22: ...22...

Page 23: ...r cannot work properly The NXC 8160 provides secure wireless connectivity to your wired network The NWA 8500 access point can broadcast on two radio channels simultaneously allowing it to support two...

Page 24: ...n connect to the rest of the network or Internet Typically you often find captive portal pages in public hotspots such as bookstores coffee shops and hotel rooms to name a few as soon as you attempt t...

Page 25: ...se the same wireless settings such as SSID channel IEEE 802 11 mode and security If the main NXC 8160 fails wireless clients can still access the Internet or wired network by connecting to the backup...

Page 26: ...unstable or even crashes If you backed up an earlier configuration file you would not have to totally re configure the NXC 8160 You could simply restore your last configuration 1 5 Front Panel LEDs L...

Page 27: ...ons are allowed in Internet Explorer or Mozilla Firefox 2 2 Accessing the NXC 8160 Web Configurator 1 Make sure your NXC 8160 hardware is properly connected and prepare your computer computer network...

Page 28: ...e parts A title bar B main window C status bar D navigation panel 2 4 1 Title Bar The title bar provides an icon in the upper right corner 2 4 2 Main Window The main window shows the screen you select...

Page 29: ...e This field displays how long the NXC 8160 has been running since it last started up The NXC 8160 starts up when you turn it on when you restart it or reset to the defaults using the Maintenance scre...

Page 30: ...f any which are not assigned to a radio Table 3 Web Configurator Status Screen continued LABEL DESCRIPTION Table 4 Navigation Panel Summary LINK FUNCTION Status This screen shows the NXC 8160 s genera...

Page 31: ...e 5 Web Configurator About Screen LABEL DESCRIPTION Firmware Version This field displays the firmware version number and the date created AppsFS This field displays the firmware version number and the...

Page 32: ...Chapter 2 Introducing the Web Configurator NXC 8160 User s Guide 32...

Page 33: ...I LAN and WAN Settings The LAN Screen 36 The Wireless Subnets Screen 39 The ESSID Settings Screen 43 The MAC ACL Screen 55 The RADIUS Screen 56 The WMM Screen 57 The Radios Screen 59 The Assignments S...

Page 34: ...34...

Page 35: ...e two separate networks The following graphic gives an example Figure 9 LAN and WAN 3 1 1 What You Can Do in This Chapter The LAN screen lets you configure the NXC 8160 s IP address and other LAN TCP...

Page 36: ...group can communicate with each other even if there are other devices in the network Tagged VLAN A tagged VLAN uses a VLAN ID to identify VLAN group membership The VLAN ID associates traffic with a s...

Page 37: ...o different VLAN groups by connecting to another VLAN aware switch 3 2 1 1 VLAN Tagging The NXC 8160 supports IEEE 802 1q VLAN tagging Tagged VLAN uses an explicit tag VLAN ID in the MAC header of a f...

Page 38: ...way the device connected to port 1 on switch A can configure the NXC 8160 Wireless clients connected to SSID x or y cannot manage the NXC 8160 itself but they can communicate with port 2 or 3 on swit...

Page 39: ...icular situation If the ISP or your network administrator assigns you a block of registered IP addresses follow their instructions in selecting the IP addresses and the subnet mask If the ISP did not...

Page 40: ...te IP Addresses Every machine on the Internet must have a unique address If your networks are isolated from the Internet for example only between your two branch offices you can assign any IP addresse...

Page 41: ...e the NXC 8160 s built in wireless radio transmitters Section 4 6 on page 59 The Assignments screen lets you assign the NXC 8160 s ESSIDs to one of its two built in radios Section 4 7 on page 61 4 1 2...

Page 42: ...so the weakest Many people use it strictly to deter unintentional usage of their wireless network by outsiders Wi Fi Protected Access WPA The WPA protocol affords users with vastly stronger security t...

Page 43: ...ings Screen Click WLAN ESSID Definition to open this screen This is where you can configure the device s wireless settings such as ESSID and authentication security among other things The ESSID is the...

Page 44: ...8160 User s Guide 44 Figure 13 Multiple ESSIDs Example In this example both AP 1 and AP 2 are broadcasting on 2 radio channels Within each channel each AP can create up to 16 ESSIDs Figure 14 WLAN ESS...

Page 45: ...e Disabling Allow Store Forward also disables the Allow Inter Ess Forward option Allow Inter Ess Forward An Extended Service Set ESS consists of a series of overlapping Basic Service Sets each contain...

Page 46: ...s an ESSID to have the following security settings WPA WPA2 Personal TKIP AES Pre Shared Key Authentication WPA WPA2 Enterprise TKIP AES 802 1x Authentication Captive Portal Select this option to set...

Page 47: ...local user database and if you do not have a RADIUS server you cannot set up user names and passwords for your users Unauthorized devices can still see the information that is sent in the wireless net...

Page 48: ...clients use WPA Personal WPA Enterprise or stronger encryption IEEE 802 1x and WEP encryption are better than none at all but it is still possible for unauthorized devices to figure out the original...

Page 49: ...ity Simply put this option provides no security whatsoever over the wireless network If you do not enable any wireless security on your NXC 8160 your network is open to any wireless networking device...

Page 50: ...Select a WEP key to use for data encryption The default key is key 1 To set the WEP keys select ASCII or HEX as the Input Format and enter the key in the field provided Select ASCII option to enter AS...

Page 51: ...on or WEP128 802 1x Authentication from the drop down list WEP Keys WEP Wired Equivalent Privacy provides data encryption to prevent unauthorized wireless stations from accessing data transmitted over...

Page 52: ...re 18 Security WPA Personal WPA2 Personal RADIUS Server 1 4 The NXC 8160 can use an external RADIUS server to authenticate users RADIUS servers are checked in order from 1 to 4 for example if server 1...

Page 53: ...160 network Select ASCII or HEX as the Input Format and enter the key in the field provided Type a pre shared key from 8 to 63 case sensitive ASCII characters including spaces and symbols or type a pr...

Page 54: ...a new group key out to all clients The re keying process is the WPA equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis Enter a time interval betw...

Page 55: ...dentification tag which the NXC 8160 can use to either grant or deny permission to the computer when it tries to connect to an ACL configured ESSID If the MAC ACL is not configured for a particular ES...

Page 56: ...utive failures of the server The order of priority is 1 to 4 Figure 22 WLAN ESSID Definition RADIUS Table 17 WLAN ESSID Definition MAC ACL LABEL DESCRIPTION All MACs This list displays all MAC address...

Page 57: ...data packets may suddenly be sent to the back of the priority queue if they hit say an ISP in Great Britain that wants to minimize its voice traffic in order to save bandwidth for other kinds of data...

Page 58: ...have minimal deleterious side effects on the data packets Quality of Service CWmin This indicates the current value of the Minimum Contention Window for the given WMM parameter This is the minimum nu...

Page 59: ...s to open this screen This is where you can configure the NXC 8160 s built in wireless radio transmitters Figure 24 WLAN Radios Save Click Save to store your changes Cancel Click Reset to begin config...

Page 60: ...ysical Layer Convergance Protocol PLCP It is provided to improve throughput efficiency when transmitting either voice or video data packets Note This option is only available when the given radio s WL...

Page 61: ...o peer network or as complex as a number of computers with wireless LAN adapters communicating through access points which bridge network traffic to the wired LAN Table 21 WLAN Assignments LABEL DESCR...

Page 62: ...LAN controller Every wireless network must follow these basic guidelines Every wireless client in the same wireless network must use the same SSID The SSID is the name of the wireless network It stand...

Page 63: ...ART III Access Points and System Tools The Access Points Screen 65 The Apply Screen 68 The Reboot Screen 68 The Maintenance Screen 69 The Time Date Screen 70 The Passwords Screen 71 The Upgrade Screen...

Page 64: ...64...

Page 65: ...rms and concepts may help as you read through this chapter Power over Ethernet Power over Ethernet PoE is a system that allows the transfer of electrical power over an RJ 45 Ethernet cable This allows...

Page 66: ...y to put the changes into effect Power on all Click this button to toggle all RJ 45 ports to the On position in order to receive power directly from the NXC 8160 As soon as you make your selection cli...

Page 67: ...default configuration Section 6 4 on page 69 The Time Date screen lets you configure the NXC 8160 s time and date settings Section 6 5 on page 70 The Passwords screen lets you change the NXC 8160 s m...

Page 68: ...next time you restart the device Figure 28 System Tools Apply The following table describes the labels in this screen 6 3 The Reboot Screen Click System Tools Reboot to open this screen This is where...

Page 69: ...onfiguration Save Click the Save button to save your NXC 8160 s configuration settings as an ecf file When the button is clicked your web browser prompts you to save the file in a local destination Up...

Page 70: ...nd date Once selected choose an NTP server from the Main list You can also choose a second server from the Backup list in the event that the NXC 8160 cannot connect with the Main server it will try to...

Page 71: ...s Time Date LABEL DESCRIPTION Table 27 System Tools Passwords LABEL DESCRIPTION Level Select the user name admin operator or root you want to configure in this screen To access the web configurator us...

Page 72: ...LABEL DESCRIPTION Upgrade File Upload the binary image file that is intended to upgrade your device s firmware here You can either enter the file path in the box or use the Browse button to locate it...

Page 73: ...nts and Reports Network Redundancy 76 The Syslog Monitor Screen 79 The SNMP Screen 80 The Centralized Configuration Screen 82 The IDS Screen 85 The Portal Screen 86 The Others Screen 92 The Events Log...

Page 74: ...74...

Page 75: ...configure the NXC 8160 s response to denial of service type attacks on your network Section 7 6 on page 85 The Portal screen lets you configure your captive portal web page parameters Section 7 7 on...

Page 76: ...o ensure the network remains stable in the event that the main servers become unreliable The NXC 8160 allows you to set up a standby NXC 8160 as a means to maintain your network intergrity in such a m...

Page 77: ...contact with the backup NXC 8160 B then the backup takes over for the main When this happens users connected to the wireless network may experience a momentary disconnect as the backup APs take over F...

Page 78: ...the connections to the main WLAN controller and the referenced host If the connection to the main WLAN controller is down and the connection to the referenced host is up the backup WLAN controller bec...

Page 79: ...how often they are sent Figure 37 Advanced Syslog Monitor The following table describes the labels in this screen Table 30 Advanced Syslog Monitor LABEL DESCRIPTION Enable Syslog Select the check box...

Page 80: ...s It executes applications that control and monitor managed devices The managed devices contain object variables managed objects that define each piece of information to be collected about a device Ex...

Page 81: ...rom an ESSID The reason code is an IEEE 802 11 reason code Key error Client Client MAC ESSID ESSID Cipher suite Cipher This trap is sent in case of any key error during four way handshake MIC error or...

Page 82: ...Reference Host is up This trap is sent when the reference server is up and active Sent by the main NXC 8160 Reference Host is down This trap is sent when the reference server is down Sent by the main...

Page 83: ...guration Member LABEL DESCRIPTION Enable Master Select this option to have the NXC 8160 act as a master controller You can manage the member controllers through the master controller SSH Keys Set key...

Page 84: ...connections Switch Table This table shows the NXC 8160s added to the centralized configuration group The master controller s entry is grayed out You cannot configure it Status This field displays whic...

Page 85: ...ttacks Upon detection the system sends an SNMP trap message notifying you of the event and if applicable provides attacker details such as the attacker s MAC address for example You can then use this...

Page 86: ...Select this option to limit the number of authentication messages the NXC 8160 allows itself to receive You can configure this option on a Per Station or All Stations basis De Authentication Flood Sel...

Page 87: ...age which could for example contain Terms of Use to which a user must agree before being granted unlimited Internet access Open Access is used primarily for networks that grant open access to end user...

Page 88: ...n of the Portal page allows you to configure a list of pre approved IP addresses outside of your network that will bypass the captive portal For example if you have a corporate website that is outside...

Page 89: ...n button By default and if left blank this is Login but you can customize it how you see fit for example if your captive portal web page is for your Shanghai office you may want to use the localized v...

Page 90: ...olor values Upload Apply Click this button to upload any changes to the NXC 8160 s built in captive portal web page Preview Click this button to preview a temporary copy of the changes you have made t...

Page 91: ...must contain two text input tags one for username and one for password 6 The username tag must have the parameter name f_username 7 The password tag must have the parameter name f_password 8 If image...

Page 92: ...obe response MAC Authentication Select this option to authenticate each ESSID connection by using a client computer s MAC address and an associated RADIUS server Even if a client computer does not sup...

Page 93: ...ion protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network In the following figure computer A on the Internet u...

Page 94: ...mputer 2 Encryption Method Once the identification is verified both the client and server must agree on the type of encryption method to use 3 Authentication and Data Transmission After the identifica...

Page 95: ...rts and list of events Section 8 2 on page 95 The Events Log History screen lets you view the last 300 events logs recorded by the NXC 8160 Section 8 2 1 on page 98 The Reports screen let you iew the...

Page 96: ...erity This displays a numerical indicator of the event severity Description This displays a description of the event Type This displays a numerical indicator of the event type Pause Click this button...

Page 97: ...37 disassociation req 38 reassociation req 39 eapol start 40 eapol logoff 41 nav duration 42 ids end 43 ids duration attack 44 ids association flood attack 45 ids disassociation flood attack 46 ids a...

Page 98: ...d 63 fw upgrade reconfigured 64 diagnostics report 65 ap incompatibility 66 ap compatibility Table 41 Events Logs Severity Indicators INDICATOR EVENT TYPE Table 42 Events Logs Events Log History LABEL...

Page 99: ...og History The following table describes the labels in this screen Table 43 Events Logs Events Log History LABEL DESCRIPTION Downlink Throughput Mbps This displays the connection speed or downlink thr...

Page 100: ...Chapter 8 Events Reports NXC 8160 User s Guide 100...

Page 101: ...101 PART V Troubleshooting and Specifications Troubleshooting 103 Product Specifications 107...

Page 102: ...102...

Page 103: ...wer cord included with the NXC 8160 3 Make sure the power cord is connected to the NXC 8160 and plugged in to an appropriate power source Make sure the power source is turned on 4 Disconnect and re co...

Page 104: ...hardware connections and make sure the LEDs are behaving as expected See the Quick Start Guide and Section 1 5 on page 26 3 Make sure your Internet browser does not block pop up windows and has JavaS...

Page 105: ...160 3 If this does not work you have to contact your vendor V I cannot Telnet to the NXC 8160 You cannot use Telnet to access the NXC 8160 The NXC 8160 supports SSH Secure SHell and allows a secure en...

Page 106: ...wireless adapter installed is within the transmission range of the AP s connected to the NXC 8160 7 Make sure the AP s connected to the NXC 8160 is receiving power from the NXC 8160 and working prope...

Page 107: ...n condensing Storage Humidity 5 95 RH non condensing Certifications EMC FCC Part 15 Class B CE EMC Class B C Tick Class B Safety CSA International UL60950 1 EN60950 1 Table 45 Firmware Specifications...

Page 108: ...f IGMP Internet Group Management Protocol used to join multicast groups see RFC 2236 Time and Date Get the current time and date from an external server when you turn on your NXC 8160 You can also set...

Page 109: ...uct Specifications NXC 8160 User s Guide 109 1 IRD 1 OTD 1 IRD 1 IRD 2 IRD 2 OTD 2 IRD 2 IRD 3 OTD 3 IRD 3 OTD 3 OTD 6 OTD 6 IRD 6 OTD 6 OTD Table 47 Ethernet Cable Pin Assignments WAN LAN ETHERNET CA...

Page 110: ...Chapter 10 Product Specifications NXC 8160 User s Guide 110...

Page 111: ...ion Some details may not apply to your NXC 8160 Setting Up Your Computer s IP Address 113 Importing Certificates 137 IP Addresses and Subnetting 161 Pop up Windows JavaScripts and Java Permissions 171...

Page 112: ...112...

Page 113: ...cate with the other devices on your network Windows Vista XP 2000 Mac OS 9 OS X and all versions of UNIX LINUX include the software components you need to use TCP IP on your computer If you manually a...

Page 114: ...s XP NT 2000 The following example uses the default Windows XP display theme but can also apply to Windows 2000 and Windows NT 1 Click Start Control Panel Figure 52 Windows XP Start Menu 2 In the Cont...

Page 115: ...e 115 3 Right click Local Area Connection and then select Properties Figure 54 Windows XP Control Panel Network Connections Properties 4 On the General tab select Internet Protocol TCP IP and then cli...

Page 116: ...ess that was assigned to you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided 7 Click OK to close the...

Page 117: ...on shows screens from Windows Vista Professional 1 Click Start Control Panel Figure 57 Windows Vista Start Menu 2 In the Control Panel click the Network and Internet icon Figure 58 Windows Vista Contr...

Page 118: ...connections Figure 60 Windows Vista Network and Sharing Center 5 Right click Local Area Connection and then select Properties Figure 61 Windows Vista Network and Sharing Center During this procedure c...

Page 119: ...pendix A Setting Up Your Computer s IP Address NWD271N User s Guide 119 6 Select Internet Protocol Version 4 TCP IPv4 and then select Properties Figure 62 Windows Vista Local Area Connection Propertie...

Page 120: ...address that was assigned to you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided Click Advanced 9 C...

Page 121: ...1 Mac OS X 10 3 and 10 4 The screens in this section are from Mac OS X 10 4 but can also apply to 10 3 1 Click Apple System Preferences Figure 64 Mac OS X 10 4 Apple Menu 2 In the System Preferences w...

Page 122: ...es pane opens select Built in Ethernet from the network connection type list and then click Configure Figure 66 Mac OS X 10 4 Network Preferences 4 For dynamically assigned settings select Using DHCP...

Page 123: ...ress In the Subnet Mask field type your subnet mask In the Router field type the IP address of your device Figure 68 Mac OS X 10 4 Network Preferences Ethernet 6 Click Apply Now and close the window V...

Page 124: ...NWD271N User s Guide 124 Mac OS X 10 5 The screens in this section are from Mac OS X 10 5 1 Click Apple System Preferences Figure 70 Mac OS X 10 5 Apple Menu 2 In System Preferences click the Network...

Page 125: ...Figure 72 Mac OS X 10 5 Network Preferences Ethernet 4 From the Configure list select Using DHCP for dynamically assigned settings 5 For statically assigned settings do the following From the Configu...

Page 126: ...OS X 10 5 Network Preferences Ethernet 6 Click Apply and close the window Verifying Settings Check your TCP IP properties by clicking Applications Utilities Network Utilities and then selecting the a...

Page 127: ...al configuration The following screens use the default Ubuntu 8 installation Make sure you are logged in as the root administrator Follow the steps below to configure your computer IP address in GNOME...

Page 128: ...e window enter your admin account name and password then click the Authenticate button Figure 77 Ubuntu 8 Administrator Account Authentication 4 In the Network Settings window select the connection th...

Page 129: ...t select Static IP address if you have a static IP address Fill in the IP address Subnet mask and Gateway address fields 6 Click OK to save the changes and close the Properties dialog box and return t...

Page 130: ...fying Settings Check your TCP IP properties by clicking System Administration Network Tools and then selecting the appropriate Network device from the Devices tab The Interface Statistics column shows...

Page 131: ...epending on your specific distribution release version and individual configuration The following screens use the default openSUSE 10 3 installation Make sure you are logged in as the root administrat...

Page 132: ...dow opens select Network Devices and then click the Network Card icon Figure 84 openSUSE 10 3 YaST Control Center 4 When the Network Settings window opens click the Overview tab select the appropriate...

Page 133: ...k the Address tab Figure 86 openSUSE 10 3 Network Card Setup 6 Select Dynamic Address DHCP if you have a dynamic IP address Select Statically assigned IP Address if you have a static IP address Fill i...

Page 134: ...Guide 134 8 If you know your DNS server IP address es click the Hostname DNS tab in Network Settings and then enter the DNS server information in the fields provided Figure 87 openSUSE 10 3 Network Se...

Page 135: ...the Task bar to check your TCP IP properties From the Options sub menu select Show Connection Information Figure 88 openSUSE 10 3 KNetwork Manager When the Connection Status KNetwork Manager window op...

Page 136: ...Appendix A Setting Up Your Computer s IP Address NWD271N User s Guide 136...

Page 137: ...ate Many ZyXEL products such as the NSA 2401 issue their own public key certificates These can be used by web browsers on a LAN or WAN to verify that they are in fact connecting to the legitimate devi...

Page 138: ...Vista 1 If your device s web configurator is set to use SSL certification then the first time you browse to it you are presented with a certification error Figure 90 Internet Explorer 7 Certification...

Page 139: ...icates Document Title 139 4 In the Certificate dialog box click Install Certificate Figure 93 Internet Explorer 7 Certificate 5 In the Certificate Import Wizard click Next Figure 94 Internet Explorer...

Page 140: ...en go to step 9 Figure 95 Internet Explorer 7 Certificate Import Wizard 7 Otherwise select Place all certificates in the following store and then click Browse Figure 96 Internet Explorer 7 Certificate...

Page 141: ...tle 141 9 In the Completing the Certificate Import Wizard screen click Finish Figure 98 Internet Explorer 7 Certificate Import Wizard 10 If you are presented with another Security Warning click Yes Fi...

Page 142: ...allation message Figure 100 Internet Explorer 7 Certificate Import Wizard 12 The next time you start Internet Explorer and go to a ZyXEL web configurator page a sealed padlock icon appears in the addr...

Page 143: ...ompted you can install a stand alone certificate file if one has been issued to you 1 Double click the public key certificate file Figure 102 Internet Explorer 7 Public Key Certificate File 2 In the s...

Page 144: ...This section shows you how to remove a public key certificate in Internet Explorer 7 1 Open Internet Explorer and click Tools Internet Options Figure 104 Internet Explorer 7 Tools Menu 2 In the Intern...

Page 145: ...nd then click Remove Figure 106 Internet Explorer 7 Certificates 4 In the Certificates confirmation click Yes Figure 107 Internet Explorer 7 Certificates 5 In the Root Certificate Store dialog box cli...

Page 146: ...then the first time you browse to it you are presented with a certification error 2 Select Accept this certificate permanently and click OK Figure 109 Firefox 2 Website Certified by an Unknown Author...

Page 147: ...a ZyXEL web configurator and installing a public key certificate when prompted you can install a stand alone certificate file if one has been issued to you 1 Open Firefox and click Tools Options Figu...

Page 148: ...rt Figure 113 Firefox 2 Certificate Manager 4 Use the Select File dialog box to locate the certificate and then click Open Figure 114 Firefox 2 Select File 5 The next time you visit the web site click...

Page 149: ...tificate in Firefox This section shows you how to remove a public key certificate in Firefox 2 1 Open Firefox and click Tools Options Figure 115 Firefox 2 Tools Menu 2 In the Options dialog box click...

Page 150: ...ertificate that you want to remove and then click Delete Figure 117 Firefox 2 Certificate Manager 4 In the Delete Web Site Certificates dialog box click OK Figure 118 Firefox 2 Delete Web Site Certifi...

Page 151: ...gurator is set to use SSL certification then the first time you browse to it you are presented with a certification error 2 Click Install to accept the certificate Figure 119 Opera 9 Certificate signe...

Page 152: ...g to a ZyXEL web configurator and installing a public key certificate when prompted you can install a stand alone certificate file if one has been issued to you 1 Open Opera and click Tools Preference...

Page 153: ...ocument Title 153 3 In the Certificates Manager click Authorities Import Figure 123 Opera 9 Certificate manager 4 Use the Import certificate dialog box to locate the certificate and then click Open Fi...

Page 154: ...ialog box click Install Figure 125 Opera 9 Install authority certificate 6 Next click OK Figure 126 Opera 9 Install authority certificate 7 The next time you visit the web site click the padlock in th...

Page 155: ...ving a Certificate in Opera This section shows you how to remove a public key certificate in Opera 9 1 Open Opera and click Tools Preferences Figure 127 Opera 9 Tools Menu 2 In Preferences Advanced Se...

Page 156: ...o remove and then click Delete Figure 129 Opera 9 Certificate manager 4 The next time you go to the web site that issued the public key certificate you just removed a certification error appears There...

Page 157: ...to use SSL certification then the first time you browse to it you are presented with a certification error 2 Click Continue Figure 130 Konqueror 3 5 Server Authentication 3 Click Forever when prompted...

Page 158: ...ou 1 Double click the public key certificate file Figure 133 Konqueror 3 5 Public Key Certificate File 2 In the Certificate Import Result Kleopatra dialog box click OK Figure 134 Konqueror 3 5 Certifi...

Page 159: ...Menu 2 In the Configure dialog box select Crypto 3 On the Peer SSL Certificates tab select the certificate you want to delete and then click Remove Figure 137 Konqueror 3 5 Configure 4 The next time...

Page 160: ...Appendix B Importing Certificates Document Title 160...

Page 161: ...are a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the host I...

Page 162: ...part of the host ID The following example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal By convention subnet masks always consist...

Page 163: ...by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet This is usually specified by writing a follow...

Page 164: ...ws the company network before subnetting Figure 139 Subnetting Example Before Subnetting You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate sub networks The sub...

Page 165: ...1 254 Example Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need to b...

Page 166: ...et 3 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Add...

Page 167: ...BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 255 128 25 2 126 2 255 255 255 192 26 4 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 252 30...

Page 168: ...ed You don t need to change the subnet mask computed by the NXC 8160 unless you are instructed to do otherwise Private IP Addresses Every machine on the Internet must have a unique address If your net...

Page 169: ...omputer B which is a DHCP client Neither can access the Internet This problem can be solved by assigning a different static IP address to computer A or setting computer A to obtain an IP address autom...

Page 170: ...n not use the same IP address In the following example the computer and the router s LAN port both use 192 168 1 1 as the IP address The computer cannot access the Internet This problem can be solved...

Page 171: ...et Explorer Pop up Blockers You may have to disable pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blocking a...

Page 172: ...eb pop up blockers you may have enabled Figure 145 Internet Options Privacy 3 Click Apply to save this setting Enable Pop up Blockers with Exceptions Alternatively if you only want to allow pop up win...

Page 173: ...e 173 Figure 146 Internet Options Privacy 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 167 1 4 Click Add to move...

Page 174: ...ay properly in Internet Explorer check that JavaScripts are allowed 1 In Internet Explorer click Tools Internet Options and then the Security tab Figure 148 Internet Options Security 2 Click the Custo...

Page 175: ...ngs Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Java permissio...

Page 176: ...d then the Advanced tab 2 Make sure that Use Java 2 for applet under Java Sun is selected 3 Click OK to close the window Figure 151 Java Sun Mozilla Firefox Mozilla Firefox 2 0 screens are used here S...

Page 177: ...ripts and Java Permissions NXC 8160 User s Guide 177 Figure 152 Mozilla Firefox Tools Options Click Content to show the screen below Select the check boxes as shown in the following screen Figure 153...

Page 178: ...Appendix D Pop up Windows JavaScripts and Java Permissions NXC 8160 User s Guide 178...

Page 179: ...ndent Basic Service Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an ad hoc wireless LAN Figure 154 Peer to Peer Communication in an Ad hoc Netw...

Page 180: ...ed connection between APs is called a Distribution System DS This type of wireless LAN topology is called an Infrastructure WLAN The Access Points not only provide communication with the wired network...

Page 181: ...ally overlap however To avoid interference due to overlap your AP should be on a channel at least five channels away from a channel that an adjacent AP is using For example if your region has 11 chann...

Page 182: ...quested transmission Stations can send frames smaller than the specified RTS CTS directly to the AP without the RTS Request To Send CTS Clear to Send handshake You should only configure RTS CTS if the...

Page 183: ...ort it and to provide more efficient communications Use the dynamic setting to automatically use short preamble when all wireless devices on the network support it otherwise the NXC 8160 uses long pre...

Page 184: ...of IEEE 802 1x are User based identification that allows for roaming Support for RADIUS Remote Authentication Dial In User Service RFC 2138 2139 for centralized user profile and accounting management...

Page 185: ...and the RADIUS server for user accounting Accounting Request Sent by the access point requesting accounting Accounting Response Sent by the RADIUS server to indicate that it has started or stopped ac...

Page 186: ...reless clients for mutual authentication The server presents a certificate to the client After validating the identity of the server the client sends a different certificate to the server The exchange...

Page 187: ...defines stronger encryption authentication and key management than WPA Key differences between WPA or WPA2 and WEP are improved data encryption and user authentication If both an AP and the wireless c...

Page 188: ...ith and the packet is dropped By generating unique data encryption keys for every data packet and by creating an integrity checking mechanism MIC with TKIP and AES it is more difficult to decrypt data...

Page 189: ...ient s authentication request to the RADIUS server 2 The RADIUS server then checks the user s identification against its database and grants or denies network access accordingly 3 A 256 bit Pairwise M...

Page 190: ...o this table to see what other security parameters you should configure for each authentication method or key management protocol type MAC address filters are not dependent on how you configure these...

Page 191: ...or site each 1dB increase in gain results in a range increase of approximately 5 Actual results may vary depending on the network environment Antenna gain is sometimes specified in dBi which is how mu...

Page 192: ...in a direct line of sight to each other to attain the best performance For omni directional antennas mounted on a table desk and so on point the antenna up For omni directional antennas mounted on a w...

Page 193: ...CC Interference Statement The device complies with Part 15 of FCC rules Operation is subject to the following two conditions This device may not cause harmful interference This device must accept any...

Page 194: ...FCC RF exposure compliance requirements a separation distance of at least 20 cm must be maintained between the antenna of this device and all persons 5250MHz 5350MHz Notices Changes or modifications n...

Page 195: ...cement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or...

Page 196: ...Appendix F Legal Information NXC 8160 User s Guide 196...

Page 197: ...Headquarters Worldwide Support E mail support zyxel com tw Sales E mail sales zyxel com tw Telephone 886 3 578 3942 Fax 886 3 578 2439 Web www zyxel com www europe zyxel com FTP ftp zyxel com ftp eur...

Page 198: ...Fax 358 9 4780 8448 Web www zyxel fi Regular Mail ZyXEL Communications Oy Malminkaari 10 00700 Helsinki Finland France E mail info zyxel fr Telephone 33 4 72 52 97 97 Fax 33 4 72 52 19 20 Web www zyx...

Page 199: ...gawa ku Tokyo 141 0022 Japan Kazakhstan Support http zyxel kz support Sales E mail sales zyxel kz Telephone 7 3272 590 698 Fax 7 3272 590 689 Web www zyxel kz Regular Mail ZyXEL Kazakhstan 43 Dostyk A...

Page 200: ...rzei 1A 03 715 Warszawa Poland Russia Support http zyxel ru support Sales E mail sales zyxel ru Telephone 7 095 542 89 29 Fax 7 095 542 89 25 Web www zyxel ru Regular Mail ZyXEL Russia Ostrovityanova...

Page 201: ...ZyXEL Thailand Co Ltd 1 1 Moo 2 Ratchaphruk Road Bangrak Noi Muang Nonthaburi 11000 Thailand Ukraine Support E mail support ua zyxel com Sales E mail sales ua zyxel com Telephone 380 44 247 69 78 Fax...

Page 202: ...Appendix G Customer Support NXC 8160 User s Guide 202...

Page 203: ...tralized configuration technical reference 93 Certificate Authority See CA certifications 193 notices 194 viewing 194 channel 62 181 interference 181 client definition 42 Clustering Management ZyXEL S...

Page 204: ...nformation Base See MIB managing the device good habits 26 master controller 82 member device 82 Message Integrity Check MIC 188 MIB 80 N NAT 39 168 navigation panel 30 network redundancy 76 NTP defin...

Page 205: ...195 note 195 web configurator 27 WEP definition 42 WEP Wired Equivalent Privacy 49 WEP key 49 Wi Fi Protected Access 52 187 wireless client 62 wireless client WPA supplicants 189 wireless LAN introdu...

Reviews:

No comments

Related manuals for NXC-8160

Hansen HS2 Specifications, Applications, Service Instructions & Parts preview
HS2
Brand: Hansen Pages: 4
GBD BA100 Instructions For Installations preview
BA100
Brand: GBD Pages: 68
ZKTeco PA10 Quick Start Manual preview
PA10
Brand: ZKTeco Pages: 8
EasyIO FT Series User Reference preview
FT Series
Brand: EasyIO Pages: 18
Eaton XN300 Manual preview
XN300
Brand: Eaton Pages: 288
Eaton S701 Instruction Leaflet preview
S701
Brand: Eaton Pages: 8
YOKOGAWA UT35A-L User Manual preview
UT35A-L
Brand: YOKOGAWA Pages: 150
YOODA NANO Series Quick Start Manual preview
NANO Series
Brand: YOODA Pages: 3
YMGI 584 Series User Manual preview
584 Series
Brand: YMGI Pages: 8
Insignia NS-GPS4RC101 Quick Setup Manual preview
NS-GPS4RC101
Brand: Insignia Pages: 2
Thermomart PID-4CH-SSR Instruction Manual preview
PID-4CH-SSR
Brand: Thermomart Pages: 6
hager TRB221A-5A Manual preview
TRB221A-5A
Brand: hager Pages: 4
Quantum R-net Basic Operation Instructions preview
R-net
Brand: Quantum Pages: 20
YASKAWA CIMR-VC*****H**-00 series Quick Start Manual preview
CIMR-VC*****H**-00 series
Brand: YASKAWA Pages: 32
YASKAWA S-II Series Instructions Manual preview
S-II Series
Brand: YASKAWA Pages: 35
B meters RFM-MB2 Quick Start Manual preview
RFM-MB2
Brand: B meters Pages: 2
IDS X-Series X-SMS V2 Quick User Manual preview
X-Series X-SMS V2
Brand: IDS Pages: 2
Larco MAX1524 Manual preview
MAX1524
Brand: Larco Pages: 15

Brands by name

Popular brands

Load more brands