background image

Configuring WPA/WPA2 Enterprise (RADIUS)    115

A   Wireless Client Settings and RADIUS Server Setup

2. Configure the following settings on the Association tab on the Network Properties dialog.

3. Configure these settings on the Authentication tab.

4. Click Properties to bring up the Smart Card or other Certificate Properties dialog and 

enable the “Validate server certificate” option.

Click OK on all dialogs to close and save your changes.

5. To complete the client configuration you must now obtain a certificate from the RADIUS 

server and install it on this client. For information on how to do this see “Obtaining a TLS-
EAP Certificate for a Client” on page 119.

WPA clients should now be able to connect to the access point using their TLS certificates. 
The certificate you installed is used when you connect, so you will not be prompted for login 

Network Authentication

WPA

Data Encryption

TKIP or AES depending on how this option is configured on the 
access point.

Note: When the Cipher Suite on the access point is set to “Both”, 
then TKIP clients with a valid TKIP key and AES clients with a 
valid CCMP (AES) key can associate with the access point. For 
more information, see Administrators Guide and Online Help on 
the access point.

Enable IEEE 802.1X 
authentication for this network

Enable (click to check) this option.

EAP Type

Choose Smart Card or other Certificate.

Validate Server Certificate

Enable this option (click to check the box).

Certificates

In the certificate list shown, select the certificate for this client.

Enable (click to check) 
“Validate server certificate”

3

Select (check) the name of certificate
on this client (downloaded from
RADIUS server in a prerequisite procedure)

Содержание DWL-8500AP

Страница 1: ...Copyright 2008 All rights reserved Unified Access Point AP Administrator s Guide Product Model DWL 3500AP DWL 8500AP Unified Wired Wireless Access System Release 2 1 May 2008...

Страница 2: ...2 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide...

Страница 3: ...c IP Addressing on the AP 23 Recovering an IP Address 23 Discovering a Dynamically Assigned IP Address 23 Using the Reset Button 23 3 Installing the Access Point 25 Installing the Unified Access Point...

Страница 4: ...ork Time Protocol Server 79 Enabling or Disabling a Network Time Protocol NTP Server 80 7 Maintaining the Access Point 81 Managing the Configuration File 81 Resetting the Factory Default Configuration...

Страница 5: ...ining a TLS EAP Certificate for a Client 119 Configuring the RADIUS Server for VLAN Tags 122 B CLI for AP Configuration 125 How to Access the Access Point CLI 125 Telnet Connection to the AP 125 SSH C...

Страница 6: ...6 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide...

Страница 7: ...e 7 Virtual Access Point Page 44 Figure 8 Static WEP Configuration 45 Figure 9 Static WEP Example 48 Figure 10 Providing a Wireless Client with a WEP Key 49 Figure 11 IEEE 802 1X Configuration 50 Figu...

Страница 8: ...8 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide...

Страница 9: ...erver Attributes for MAC Authentication 67 Table 20 Load Balancing 68 Table 21 VLAN Priority Tags 74 Table 22 QoS Settings 76 Table 23 SNTP Settings 80 Table 24 Managed Access Point 88 Table 25 Loggin...

Страница 10: ...10 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide Table 44 Time Related Commands 149 Table 45 System Management 150 Table 46 CLI Class Instances 150...

Страница 11: ...ode Chapter 9 Viewing Access Point Status Appendix A Wireless Client Settings and RADIUS Server Setup Appendix B CLI for AP Configuration Audience This guide is intended for the following audience Sys...

Страница 12: ...the UI Table 1 Typographical Conventions Symbol Example Description Bold Click Update to save your settings Menu titles page names and button names Blue Text See Document Conventions on page 11 Hyper...

Страница 13: ...and Limitations 13 About This Document Figure 1 shows an example of the online help available from the links on the user interface Figure 1 Administrator UI Online Help Online Help Navigation Click to...

Страница 14: ...14 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide...

Страница 15: ...less Access System and you manage it by using the D Link Unified Switch If an AP is in Managed Mode the Administrator Web UI Telnet and SSH services are disabled This document describes how to perform...

Страница 16: ...of up to 54 Mbps for IEEE 802 11a or IEEE 802 11g 108 Mbps for IEEE 802 11a Turbo and 11 Mbps for IEEE 802 11b Wireless Features The following list describes some of the DWL 3500AP and DWL 8500AP wire...

Страница 17: ...EE 802 1X Supplicant Networking The DWL 3500AP and DWL 8500AP access points have the following networking features Dynamic Host Configuration Protocol DHCP support for dynamically obtaining network co...

Страница 18: ...P or TFTP Backup and restore of access point configuration by using HTTP or TFTP Access Point Hardware The Unified Access Point software supports the following hardware features Power port and power a...

Страница 19: ...gs for the Unified Access Points Administrator s Computer Requirements Wireless Client Requirements Dynamic and Static IP Addressing on the AP Using the Reset Button Default Settings for the Unified A...

Страница 20: ...it Power 100 percent Rate Sets Supported Mbps IEEE 802 1a 54 48 36 24 18 12 9 6 IEEE 802 1g 54 48 36 24 18 12 11 9 6 5 5 2 1 Turbo 5 GHz 108 96 72 48 36 24 18 12 Rate Sets Mbps Basic Advertised IEEE 8...

Страница 21: ...Network Time Protocol NTP None Table 3 Requirements for the Administrator s Computer Required Software or Component Description Ethernet Connection to the Access Point The computer used to configure t...

Страница 22: ...ctive features of the administration interface Security Settings Ensure that security is disabled on the wireless client used to initially configure the access point Table 4 Requirements for Wireless...

Страница 23: ...me network the IP address for each AP will be unique Recovering an IP Address If you experience trouble communicating with the access point you can recover a static IP address by resetting the AP conf...

Страница 24: ...24 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide...

Страница 25: ...ess If you use VLANs or IEEE 802 1X Authentication port security on your network you might need to configure additional settings on the AP before it can connect to the network Installing the Unified A...

Страница 26: ...address in the same subnet as the default IP address on the access point The default IP address for the access point is 10 90 90 91 If you use this method you will need to reconfigure the cabling for...

Страница 27: ...e AP enter the new IP address of the AP into the Web browser If you used a DHCP server and you do not know the new IP address of the AP use the following procedures to obtain the information A Connect...

Страница 28: ...this happens wireless clients will temporarily lose connectivity We recommend that you change access point settings when WLAN traffic is low For more information about the fields and configuration op...

Страница 29: ...as described in Configuring the Ethernet Interface on page 31 MAC Address Shows the MAC address of the access point The address shown here is the MAC address associated with the management interface...

Страница 30: ...ow the IP address use the following steps to view the IP address of the access point 1 Using a null modem cable connect a VT100 ANSI terminal or a workstation to the console serial port If you attache...

Страница 31: ...tagged VLAN If you already have a management VLAN configured on your network with a different VLAN ID you must change the VLAN ID of the management VLAN on the access point Using the Web UI to configu...

Страница 32: ...gged VLAN This means that all traffic is untagged until you disable untagged VLANs change the untagged traffic VLAN ID or change the VLAN ID for a virtual access point VAP or a client using RADIUS Unt...

Страница 33: ...down Set the untagged VLAN ID set untagged vlan vlan id 1 4094 View the connection type get management dhcp status Use DHCP as the connection type set management dhcp client status up Use a Static IP...

Страница 34: ...get untagged vlan Property Value vlan id 1 status down DLINK WLAN AP Configuring IEEE 802 1X Authentication On networks that use IEEE 802 1X port based network access control a supplicant client cann...

Страница 35: ...gs Changing some access point settings might cause the AP to stop and restart system processes If this happens wireless clients will temporarily lose connectivity We recommend that you change access p...

Страница 36: ...y connecting both into a network hub then your access point is already connected to the LAN The next step is to test some wireless clients If you configured the access point by using a direct cable co...

Страница 37: ...gned for multiple simultaneous configuration changes If more than one administrator is logged on to the Administration Web pages and making changes to the configuration there is no guarantee that all...

Страница 38: ...38 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide...

Страница 39: ...ireless infrastructure is accessed only by the intended users The details of each security mode are described in the following sections Some of the security modes use an external RADIUS server for cli...

Страница 40: ...ness of a security protocol How the protocol manages keys What kind of encryption algorithm or formula the protocol uses to encode and decode the data Whether the protocol has integrated user authenti...

Страница 41: ...he more advanced encryption methods such as Temporal Key Integrity Protocol TKIP and AES CCMP used in Wi Fi Protected Access WPA or WPA2 Additionally compatibility issues may be cumbersome because of...

Страница 42: ...erprise with RADIUS is an implementation of the Wi Fi Alliance IEEE 802 11i standard which includes AES CCMP and TKIP mechanisms This mode requires the use of a RADIUS server to authenticate users On...

Страница 43: ...d to select TKIP instead See next bullet 3 The third best choice is WPA Enterprise with the encryption algorithm set to TKIP Some clients have interoperability issues with CCMP and TKIP enabled at sam...

Страница 44: ...C Authentication Type None All other VAPs are disabled by default The default SSID for VAPs 1 7 is Virtual Access Point x where x is the VAP ID To prevent unauthorized access to the Unified Access Poi...

Страница 45: ...work configuration or for problem solving but it is not recommended for regular use on the internal network because it is not secure Static WEP Static WEP is not the most secure mode available but it...

Страница 46: ...ransfer Key Index Select a key index from the drop down menu Key indexes 1 through 4 are available The default is 1 The Transfer Key Index indicates which WEP key the access point will use to encrypt...

Страница 47: ...curity mode Specify the authentication algorithm you want to use by choosing one of the following options Open System Shared Key Note You can also select both the Open System and Shared Key check boxe...

Страница 48: ...at same string as WEP key 3 Client stations can use different keys to transmit data to the access point Or they can all use the same key but this is less secure because it means one station can decryp...

Страница 49: ...Authentication Protocol EAP messages are sent over an IEEE 802 11 wireless network using a protocol called EAP Encapsulation Over LANs EAPOL IEEE 802 1X provides dynamically generated keys that are pe...

Страница 50: ...ngs By default each VAP uses the global RADIUS settings that you define for the AP at the top of the VAP page To use the global RADIUS server settings make sure the check box is selected To use a sepa...

Страница 51: ...PA If all client stations on the network support the original WPA but none support the newer WPA2 then select WPA WPA2 If all client stations on the network support WPA2 we suggest using WPA2 which pr...

Страница 52: ...ations on the network support WPA2 we suggest using WPA2 which provides the best security per the IEEE 802 11i standard WPA and WPA2 If you have a mix of clients some of which support WPA2 and others...

Страница 53: ...lowing A valid TKIP RADIUS IP address and RADIUS Key A valid CCMP AES IP address and RADIUS Key Use Global RADIUS Server Settings By default each VAP uses the global RADIUS settings that you define fo...

Страница 54: ...connecting to your network but it will not prevent even the simplest of attempts by a hacker to connect or monitor unencrypted traffic Suppressing the SSID broadcast offers a very minimal level of pr...

Страница 55: ...e configuration pages for the features in this chapter are located under the Manage heading on the Administration Web UI Setting the Wireless Interface Wireless settings describe aspects of the LAN re...

Страница 56: ...d For more information see Using the 802 11h Wireless Mode on page 57 IEEE 802 11h is a standard that provides two services required to satisfy certain regulatory domains for the 5 GHz band These two...

Страница 57: ...2 11g If you are operating in an 802 11h enabled domain the AP attempts to use the channel you assign If the channel has been blocked by a previous radar detection or if the AP detects a radar on the...

Страница 58: ...onfiguring Radio Settings Radio settings directly control the behavior of an IEEE 802 11 compliant radio device in the access point Specifically a user can control operational mode power level frequen...

Страница 59: ...Dynamic Turbo 2 4 GHz Super AG Super AG is a radio mode that attempts to increases performance through bursting and frame compression Performance increases when the AP communicates with Super AG enab...

Страница 60: ...reshold Specify a number between 256 and 2 346 to set the frame size threshold in bytes The fragmentation threshold is a way of limiting the size of frames transmitted over the network If a packet exc...

Страница 61: ...een 0 and 256 Transmit Power Enter a percentage value for the transmit power level for this access point The default value which is 100 can be more cost efficient than a lower percentage since it give...

Страница 62: ...affects network performance You can configure each VAP to use a different VLAN or you can configure multiple VAPs to use the same VLAN VAP0 is always enabled and is assigned to VLAN 1 by default For t...

Страница 63: ...t The RADIUS IP is the IP address of the global RADIUS server RADIUS Key Enter the RADIUS Key in the text box The RADIUS Key is the shared secret key for the global RADIUS server The text you enter wi...

Страница 64: ...nel Private Group ID The RADIUS assigned VLAN ID overrides the VLAN ID you configure on the VAP page Note Any RADIUS assigned VLAN cannot be the same as the management VLAN You configure the untagged...

Страница 65: ...an None additional fields appear Note The Security mode you set here is specifically for this Virtual Access Point For more information about the security options see Configuring Virtual Access Point...

Страница 66: ...When a wireless client attempts to associate with an AP the AP looks up the client s MAC address on the RADIUS server If it is found the global allow or deny setting is applied If it is not found the...

Страница 67: ...ADIUS server as described in Table 19 Table 18 MAC Authentication Field Description Filter To set the MAC Address Filter click one of the following buttons Allow only stations in the list Block all st...

Страница 68: ...e Load Balancing page you must click Update to apply the changes and to save the settings Changing some access point settings might cause the AP to stop and restart system processes If this happens wi...

Страница 69: ...affic volume competing for bandwidth during a busy time of day The most noticeable degradation in service on a busy overloaded network will be evident in time sensitive applications like Video Voice o...

Страница 70: ...automatically provide minimum transmission delay for Voice Video multimedia and mission critical applications and rely on best effort parameters for traditional IP data For example time sensitive Voi...

Страница 71: ...t the first two of these downstream traffic flowing from the access point to client station AP EDCA parameters and the upstream traffic flowing from the station to the access point station EDCA parame...

Страница 72: ...that would occur if multiple APs got access to the medium at the same time and tried to transmit data simultaneously The more active users you have on a network the more significant the performance ga...

Страница 73: ...al of time when a Wi Fi Multimedia WMM client station has the right to initiate transmissions onto the wireless medium WM 802 1p and DSCP tags IEEE 802 1p is an extension of the IEEE 802 standard and...

Страница 74: ...oritization Table 21 outlines the VLAN priority and DSCP values Table 21 VLAN Priority Tags VLAN Priority Priority DSCP Value 0 Best Effort 0 1 Background 16 2 Background 8 3 Best Effort 24 4 Video 32...

Страница 75: ...uted Channel Access EDCA Parameters affect traffic flowing from the access point to the client station Station Enhanced Distributed Channel Access EDCA Parameters affect traffic flowing from the clien...

Страница 76: ...pacing AIFS specifies a wait time in milliseconds for data frames Valid values for AIFS are 1 through 255 For more information see EDCF Control of Data Frames and Arbitration Interframe Spaces on page...

Страница 77: ...acket bursts on the wireless network A packet burst is a collection of multiple frames transmitted without header information The decreased overhead results in higher throughput and better performance...

Страница 78: ...illiseconds for data frames Valid values for AIFS are 1 through 255 For more information see EDCF Control of Data Frames and Arbitration Interframe Spaces on page 71 cwMin Minimum Contention Window Th...

Страница 79: ...here in the Maximum Contention Window is the upper limit in milliseconds for the doubling of the random backoff value This doubling continues until either the data frame is sent or the Maximum Conten...

Страница 80: ...ses If this happens wireless clients will temporarily lose connectivity We recommend that you change access point settings when WLAN traffic is low Table 23 SNTP Settings Field Description Network Tim...

Страница 81: ...ation Create a backup of the running configuration file on to a management station Restore the AP configuration from a backup file Upgrade the firmware Reboot the AP Managing the Configuration File Th...

Страница 82: ...the Configuration page Resetting the Factory Default Configuration If you are experiencing problems with the Unified Access Point and have tried all other troubleshooting measures click Reset This re...

Страница 83: ...4 Click Download to save the file Use the following steps to save a copy of the current settings on an access point to a backup configuration file by using HTTP 1 Uncheck the Use TFTP to download the...

Страница 84: ...ministration Web UI is not accessible until the AP has rebooted Use the following steps to save a copy of the current settings on an access point to a backup configuration file by using HTTP 1 Uncheck...

Страница 85: ...the firmware on an access point by using TFTP 1 Click the Upgrade tab in the Maintenance section Information about the current firmware version is displayed and an option to upgrade a new firmware im...

Страница 86: ...are Image file enter it in the New Firmware Image textbox Otherwise click the Browse button and locate the firmware image file The firmware upgrade file supplied must be in the format FileName tar Do...

Страница 87: ...Modes Every 30 seconds the D Link Unified Switch sends a keepalive message to all of the access points it manages Each AP checks for the keepalive messages on the SSL TCP connection As long as the AP...

Страница 88: ...ss Point you can configure the IP addresses of up to four D Link Unified Switches that can manage it In order to manage the AP the Unified Switch and AP must discover each other There are multiple way...

Страница 89: ...ge displays the DNS names or IP addresses of up to four D Link Unified Switches that the AP learned about from a DHCP server on your network For information about how to configure a DHCP server to res...

Страница 90: ...90 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide...

Страница 91: ...ollowing sections Viewing Interface Status Viewing Events Logs Viewing Transmit and Receive Statistics Viewing Client Association Information Viewing Neighboring Access Points Viewing Interface Status...

Страница 92: ...ss Interface on page 55 and Configuring Radio Settings on page 58 Viewing Events Logs The Events Log shows real time system events on the access point such as wireless clients associating with the AP...

Страница 93: ...ate Changing some access point settings might cause the AP to stop and restart system processes If this happens wireless clients will temporarily lose connectivity We recommend that you change access...

Страница 94: ...re a remote Linux server using the syslog daemon Example of Using Linux syslogd The following steps activate the syslog daemon on a Linux server Make sure you have root user identity for these tasks 1...

Страница 95: ...Relay Host If you disabled the Log Relay Host clicking Update will disable remote logging Viewing Transmit and Receive Statistics The Transmit Receive page provides some basic information about the c...

Страница 96: ...r VAP interface Status Shows whether the interface is up or down MAC Address MAC address for the specified interface The access point has a unique MAC address for each interface For the DWL 8500AP eac...

Страница 97: ...t and Receive Information Total Packets Indicates total packets sent in Transmit table or received in Received table by this access point Total Bytes Indicates total bytes sent in Transmit table or re...

Страница 98: ...e AP in order to collect information about other APs within range Status The Authenticated and Associated Status shows the underlying IEEE 802 11 authentication and association status which is present...

Страница 99: ...boring device is an access point that supports the IEEE 802 11 Wireless Networking Framework in Infrastructure Mode Ad hoc indicates a neighboring station running in Ad hoc Mode Stations set to ad hoc...

Страница 100: ...radio uses for transmitting and receiving The channel is set in Radio Settings See Configuring Radio Settings on page 58 Rate Shows the rate in megabits per second at which this access point is curren...

Страница 101: ...lient Configuring WPA WPA2 Personal on a Client Using an External Authentication Server Configuring IEEE 802 1X Security on a Client Configuring WPA WPA2 Enterprise RADIUS Configuring the RADIUS Serve...

Страница 102: ...he factory with the latest drivers Accessing Wireless Client Security Settings The procedures in this section describe how to access the wireless security settings on a Microsoft Windows XP system and...

Страница 103: ...ociation and Authentication tabs for the selected network displays List of available networks will change depending on client location Each network or access point that that is detected by the client...

Страница 104: ...Encryption Disabled as described below If you do have security configured on a client for properties of an unsecure network the security settings can prevent successful access to the network because o...

Страница 105: ...can associate with the AP Clients configured to use WEP in Shared mode must have a valid WEP key in order to associate with the AP Clients configured to use WEP as an Open system can associate with th...

Страница 106: ...ty Protocol TKIP Advanced Encryption Algorithm AES and Counter mode CBC MAC Protocol CCMP mechanisms PSK employs a pre shared key for an initial check of client credentials If you configured the Unifi...

Страница 107: ...w this option is configured on the access point Note When the Cipher Suite on the access point is set to Both then TKIP clients with a valid TKIP key and AES clients with a valid CCMP AES key can asso...

Страница 108: ...cate for a Client This appendix does not describe how to configure an EAP PEAP client with a RADIUS server Configuring IEEE 802 1X Security on a Client IEEE 802 1X is the standard defining port based...

Страница 109: ...ettings 3 Configure wireless clients to use IEEE 802 1X security and Smart Card or other Certificate as described in this section 4 Obtain a certificate for this client as described in Obtaining a TLS...

Страница 110: ...page 119 Network Authentication Open Data Encryption WEP Note An RC4 stream cipher is used to encrypt the frame body and cyclic redundancy checking CRC of each IEEE 802 11 frame This is the same encr...

Страница 111: ...l Key Integrity Protocol TKIP mechanisms This mode requires the use of a RADIUS server to authenticate users This security mode also provides backwards compatibility for wireless clients that support...

Страница 112: ...ty with PEAP authentication on each client as follows Choose either TKIP or AES for the Data Encryption mode Choose WPA Choose Protected EAP PEAP then click Properties 1 2 Disable click to uncheck Cho...

Страница 113: ...n external RADIUS server on the network to support it If you want to use IEEE 802 1X mode with EAP TLS certificates for authentication and authorization of clients you must have an external RADIUS ser...

Страница 114: ...ettings 3 Configure wireless clients to use WPA security and Smart Card or other Certificate as described in this section 4 Obtain a certificate for this client as described in Obtaining a TLS EAP Cer...

Страница 115: ...tificates The certificate you installed is used when you connect so you will not be prompted for login Network Authentication WPA Data Encryption TKIP or AES depending on how this option is configured...

Страница 116: ...ame and password for both this procedure and the following one that describes how to obtain and install a certificate on the wireless client Please consult the documentation for your RADIUS server for...

Страница 117: ...g your RADIUS server and bring up the Internet Authentication Service 2 In the left panel right click on RADIUS Clients node and choose New RADIUS Client from the popup menu 3 On the first screen of t...

Страница 118: ...Rights Reserved D Link Unified Access Point Administrator s Guide IP address for the access point Click Next 4 For the Shared secret enter the RADIUS Key you provided to the access point on the Secur...

Страница 119: ...e configuration of the RADIUS server PKI and CA server Consult the documentation for those products For information about configuring Microsoft Windows PKI software or installing a CA see the Microsof...

Страница 120: ...ver or of the Certificate Authority CA depending on the configuration of your infrastructure 2 Click Yes to proceed to the secure Web page for the server The Welcome screen for the Certificate Server...

Страница 121: ...have user accounts configured at this point This document does not describe how to set up Administrative user accounts on the RADIUS server Please consult the documentation for your RADIUS server for...

Страница 122: ...assign a user to a VLAN and switches dynamically use this information to configure the port on the switch automatically Selection of the VLAN is usually based on the identity of the user The RADIUS s...

Страница 123: ...up ID VLANID In the case of FreeRADIUS server the following options may be set in the users file to add the necessary attributes example user Auth Type EAP User Password nopassword Tunnel Type 13 Tunn...

Страница 124: ...124 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide...

Страница 125: ...CLI You can use any of the following methods to access the command line interface CLI for the access point or wireless network Telnet Connection to the AP SSH Connection to the AP Telnet Connection t...

Страница 126: ...password The login name is admin and the default password is admin After a successful login the screen shows the Access Point Name prompt You are now ready to enter CLI commands at the command line p...

Страница 127: ...rname and password The login name is admin If you did not change the default password press ENTER when you are prompted for a password The default password is blank After a successful login the screen...

Страница 128: ...bssvap0 There are multiple BSSes and they are named so this command returns information on the BSS named wlan0bssvap0 The following example uses the get command on a named class to get all instances g...

Страница 129: ...et vap vap2 with radio wlan0 to vlan id 123 NOTE For information on interfaces used in this example such as wlan0 or vap2 see Interface Naming Convention on page 132 Using the add Command The add comm...

Страница 130: ...be displayed Enter TAB again to display all available completions Example 1 At a blank command line enter TAB twice to get a list of all commands DLINK WLAN AP add Add an instance to the running conf...

Страница 131: ...available from the CLI Table 32 Keyboard Shortcuts Keyboard Shortcut Action on CLI Ctrl a Move the cursor to the beginning of the current line Ctrl e Move the cursor to the end of the current line Ctr...

Страница 132: ...ically do Up Down arrow keys also work for this Ctrl d Exit the CLI At a blank command prompt typing Ctrl d closes the CLI Typing Ctrl d within command text also removes characters one at a time at cu...

Страница 133: ...get set add and remove commands you are viewing and changing values on the running configuration only If you do not save the configuration by executing the save running or set config startup running c...

Страница 134: ...l Therefore it is important to consult the class and property reference to understand the acceptable values for properties given the values of other properties For more information see CLI Classes and...

Страница 135: ...assword test1234 Table 35 Status Commands Action Command Global command to get all detail on a Basic Service Set BSS This is a useful command to use to get a comprehensive picture of how the AP is cur...

Страница 136: ...shows values you can set on the log Get Transmit Receive Statistics for all interfaces Note You can also view all transmit and receive statistics individually get interface all ip mac ssid tx packets...

Страница 137: ...erver mode Dynamic up Manual down get host dns via dhcp Set DNS Nameservers to Use Static IP Addresses Dynamic to Manual Mode set host dns via dhcp down set host static dns 1 ip_address set host stati...

Страница 138: ...radio interface wlan1 Set the radio mode to IEEE 802 11a set radio wlan0 mode a only applicable for radio interface wlan0 Set the radio mode to Dynamic Turbo 5 GHz set radio wlan0 mode dynamic turbo...

Страница 139: ...nna diversity auto primary secondary Add a basic rate set add basic rate wlan0 rate integer Get current basic rates get basic rate Add supported rate add supported rate wlan0 rate integer Get current...

Страница 140: ...0 ssid For VAP 3 on radio 2 get interface wlan1vap3 ssid Set the SSID Note For VAP 0 use wlanx where x is the radio For VAPs 1 7 use wlanxvapy where x is the radio and y is the VAP ID set interface wl...

Страница 141: ...e key type to ASCII enter the following command set interface wlan0 wep key ascii yes To se the key type to Hex enter the following command set interface wlan0 wep key ascii no 5 Set the WEP keys The...

Страница 142: ...s DLINK AP get bss wlan0bssvap0 detail The following command gets details about the interface and shows the WEP Key settings specifically DLINK AP get interface wlan0 detail Set Security to IEEE 802 1...

Страница 143: ...AP ID For example to configure security on VAP 3 on radio 2 use wlan1vap3 instead of wlan0 in all of the following commands 1 Set the Security Mode DLINK AP set interface wlan0 security wpa personal 2...

Страница 144: ...wpa personal key KeepSecret Shared secret keys can include spaces and special characters if the key is placed inside quotation marks as in the first example above If the key is a string of characters...

Страница 145: ...e pre authentication for WPA2 clients Enable pre authentication if you want WPA2 wireless clients to send pre authentication packet The pre authentication information will be relayed from the access p...

Страница 146: ...Use the get command to view the updated security configuration and see the results of the new settings DLINK AP get interface wlan0 security The following command gets details about how the internal...

Страница 147: ...n to the access point station to AP Keep in mind that station to AP parameters apply only when WMM is enabled To get and set QoS settings on the client station use the wme queue class name in the comm...

Страница 148: ...n Windows cwmin cwmax on the AP On the AP set tx queue wlan0 with queue Queue_Name to cwmin cwmin_Value cwmax cwmax_Value Example set tx queue wlan0 with queue data1 cwmin 15 cwmax 31 Setting Minimum...

Страница 149: ...to this queue data0 vo Video High priority queue minimum delay Time sensitive video data is automatically sent to this queue data1 vi Best Effort Medium priority queue medium throughput and delay Mos...

Страница 150: ...med classes For example one interface might have a name of eth0 to indicate that it is an Ethernet interface while another interface could have a name of wlan0 to indicate it is a wireless LAN WLAN in...

Страница 151: ...ave an ip property with a value of 10 0 0 1 and mask property with a value of 255 0 0 0 To view the IP address and mask for a specific interface you must identify the instance in the command The follo...

Страница 152: ...152 2001 2008 D Link Corporation All Rights Reserved D Link Unified Access Point Administrator s Guide...

Страница 153: ...es of 1 and 2 Mbps It was formally adopted in 1997 but has been mostly superseded by 802 11b IEEE 802 11 is also used generically to refer to the family of IEEE standards for wireless local area netwo...

Страница 154: ...mprehensive IEEE standard for security in a wireless local area network WLAN that describes Wi Fi Protected Access 2 WPA2 It defines enhancements to the MAC Layer to counter the some of the weaknesses...

Страница 155: ...etwork in situations where formal infrastructure is not required Ad hoc mode is also referred to as peer to peer mode or an independent basic service set IBSS AES The Advanced Encryption Standard AES...

Страница 156: ...for encryption and message integrity AES CCMP requires a hardware coprocessor to operate CGI The Common Gateway Interface CGI is a standard for running external programs from an HTTP server It specifi...

Страница 157: ...me of a Web server and www dlink com is the fully qualified name of that server DNS translates the domain name www dlink com to some IP address for example 66 93 138 219 A domain name identifies one o...

Страница 158: ...EE 802 11g stations over 20 Mbps transmission rates at 2 4GHz when paired with Orthogonal Frequency Division Multiplexing OFDM Built into ERP and the IEEE 802 11g standard is a scheme for effective in...

Страница 159: ...org Infrastructure Mode Infrastructure Mode is a Wireless Networking Framework in which wireless stations communicate with each other by first going through an Access Point In this mode the wireless s...

Страница 160: ...related services such as virtual hosting network consulting Web design etc J Jitter Jitter is the difference between the latency or delay in packet transmission from one node to another across a netwo...

Страница 161: ...ware devices Built in twisted pair cabling and auto sensing enable connection between like devices with the use of a standard Ethernet cable For example if a wireless access point supports MDI MDIX on...

Страница 162: ...data for transmission will be structured and formatted along with low level protocols for communication and addressing For example protocols such as CSMA CA and components like MAC addresses and Frame...

Страница 163: ...to point links PPP is designed to operate both over asynchronous connections and bit oriented synchronous systems PPPoE Point to Point Protocol over Ethernet PPPoE is a specification for connecting t...

Страница 164: ...otocol IRDP to communicate with other routers to configure the best route between any two hosts The router performs little filtering of data it passes RSSI The Received Signal Strength Indication RSSI...

Страница 165: ...24 The subnet mask allows a router to quickly determine if an IP address is local or needs to be forwarded by performing a bitwise AND operation on the mask and the IP address For example if an IP add...

Страница 166: ...A Unicast sends a message to a single specified receiver In wireless networks unicast usually refers to an interaction in which the access point sends data traffic in the form of IEEE 802 1X Frames di...

Страница 167: ...ngle access point creates an infrastructure basic service set BSS whereas multiple access points are organized in an extended service set ESS WLAN Wireless Local Area Network WLAN is a LAN that uses h...

Страница 168: ...authentication WRAP Wireless Robust Authentication Protocol WRAP is an encryption method for 802 11i that uses AES but another encryption mode OCB for encryption and integrity X XML The Extensible Ma...

Отзывы: