Lancom L-305agn Wireless страница 46 Скачать руководство пользователя | Manualshive

Страница: 46 / 98

background image

LANCOM L

-

300 Access Point Serie

Chapter 4: Security settings

45

EN

4 Security settings

Your LANCOM device has numerous security functions. You find in this chapter
all information needed for an optimal protection of the base station.



You can carry out the configuration of security settings very quickly
and conveniently with the Security Wizards in LANconfig and
WEBconfig.

4.1

Security in the wireless LAN

Wireless LANs are potentially a significant security risk. It is a common
assumption that it is simple to misuse data transferred by wireless.

Wireless LAN devices from LANCOM Systems enable the latest security tech-
nologies to be used.

Suppress SSID broadcast – closed network

Access control by MAC address

LANCOM Enhanced Passphrase Security (LEPS)

Encrypted data transfer (802.11i/WPA or WEP)

802.1x / EAP

Optional IPSec-over-WLAN VPN

4.1.1

Suppress SSID broadcast – closed network

Every wireless LAN compliant with IEEE 802.11 has its own network name
(SSID). This network name facilitates the identification and servicing of wire-
less LANs.

A wireless LAN can be set up so that any user has access. These networks are
known as open networks. An open network is accessible to users even if they
do not know the network name. Access is possible simply by entering the net-
work name 'ANY'.

A closed network denies access to clients trying to access 'ANY' The user must
enter the correct network name for this to work. Hidden networks remain invi-
sible.

«
...
44
45
46
47
48
...
»

Содержание L-305agn Wireless

Страница 1: ...L 305agn Wireless LANCOM L 310agn Wireless LANCOM L 315agn dual Wireless LANCOM L 305agn Wireless LANCOM L 310agn Wireless LANCOM L 315agn dual Wireless Handbuch Manual c o n n e c t i n g y o u r b u...

Страница 2: ...LANCOM L 305agn Wireless LANCOM L 310agn Wireless LANCOM L 315agn dual Wireless...

Страница 3: ...t at the time of printing Trademarks Windows Windows Vista Windows XP and Microsoft are registered trademarks of Microsoft Corp The LANCOM Systems logo LCOS and the name LANCOM are registered trademar...

Страница 4: ...Draft 2 0 standard includes many new mechanisms such as the use of MIMO 40 MHz channels packet aggregation and block acknow ledgement in order to increase the bandwidth available for user applicati o...

Страница 5: ...u with this task Further infor mation is also available in the chapter Security settings We would additionally like to ask you to refer to our Internet site www lan com eu for the latest information a...

Страница 6: ...o you around the clock should you have any queries regarding the topics discussed in this manual or require any further support The area Support will help you with many answers to frequently asked que...

Страница 7: ...n 23 2 1 Package contents 23 2 2 System requirements 23 2 2 1 Configuring the LANCOM devices 23 2 2 2 Operating access points in managed mode 24 2 3 Status displays and interfaces 24 2 3 1 Status disp...

Страница 8: ...ced wireless LAN configuration 55 5 1 WLAN configuration with the wizards in LANconfig 55 5 2 Special wireless LAN parameters for 802 11n 57 5 2 1 Compatibility 57 5 2 2 Performance settings for the w...

Страница 9: ...r antennas 84 7 1 1 Antenna diversity 84 7 1 2 Installing the AirLancer Extender antennas 85 7 2 LANCOM Public Spot Option 87 8 Troubleshooting 89 8 1 No DSL connection is established 89 8 2 DSL data...

Страница 10: ...he Internet There are obvious advantages to wireless LANs Notebooks and PCs can be installed where they are needed problems with missing connections or structural changes are a thing of the past with...

Страница 11: ...reference to 802 11n in this document always implies the cur rent draft 2 0 which is not a standard adopted by the IEEE Some of the improvements refer to the physical layer PHY which describes the tra...

Страница 12: ...en distance than in 802 11a b g networks 1 2 2 Compatibility with other standards The 802 11n standard is backwardly compatible to previous standards IEEE 802 11a b g However some of the advantages of...

Страница 13: ...ignal but in parallel over several The data throughput that can be achieved with OFDM modulation depends on the following para meters among other things Number of carrier signals Whereas 802 11a g use...

Страница 14: ...a throughput and improved wireless coverage For example the Access Point splits the data into two groups which are then sent simultaneously via separate antennas to the WLAN client Data through put ca...

Страница 15: ...ghput As mentioned above it is virtually impossible to transmit different signals on the same chan nel simultaneously as the receiver cannot distinguish between them MIMO uses the reflection of electr...

Страница 16: ...rom power sockets at the WLAN client or when using PoE as the electricity supply for the Access Point Even if the aim of four spatial streams has not yet been achieved the use of two separate data con...

Страница 17: ...ls as there are data streams for transmission 40 MHz channels As the above explanation of OFDM modulation states data throughput rises with an increasing number of carrier signals because this allows...

Страница 18: ...ouble the amount of carrier signals can be obtained 108 in total The maximum data throughput when using improved OFDM modu lation and two parallel data streams thus rises to 270 Mbps Short guard inter...

Страница 19: ...the management events that occur when the transmission medium is actually accessed Thus the transmitter must negotiate access authorization with the other receivers before transmitting each data pack...

Страница 20: ...e but they differ in the way aggregated frames are acknow ledged Mac Service Data Units Aggregation MSDUA combines several Ethernet packets together to form one common wireless LAN packet This packet...

Страница 21: ...e protocol Layer 2 QoS tagging WLAN Wireless transmission by IEEE 802 11g and IEEE 802 11b Wireless transmission by IEEE 802 11a and IEEE 802 11h Wireless transmission by IEEE 802 11b g and IEEE 802 1...

Страница 22: ...ted RADIUS server VLAN Intra Cell Blocking WLAN QoS IEEE 802 11e WME LAN Connection Gigabit ethernet connector 10 100 1000 Base TX autosensing auto node hub PoE by IEEE 802 3af Fast Ethernet LAN port...

Страница 23: ...rades Monitoring and management of the WLAN with Rogue AP Detection Optional software extensions LANCOM Public Spot Option Optional hardware extensions AirLancer Extender antennas for increased range...

Страница 24: ...hing is missing please contact your retailer or the address stated on the delivery slip of the unit 2 2 System requirements 2 2 1 Configuring the LANCOM devices Computers that connect to a LANCOM must...

Страница 25: ...3 Status displays and interfaces 2 3 1 Status displays Meanings of the LEDs In the following sections we will use different terms to describe the behaviour of the LEDs Blinking means that the LED is...

Страница 26: ...ity Wizard Power WLAN Link Off Device switched off Green Blinking Self test after power up Green On perma nently Device operational Red green Blinking alterna tely Device insecure Configuration passwo...

Страница 27: ...the context menu right mouse click Reset charge and time limits The charge settings are defined in LANconfig under Management Costs these settings are only avai lable if the Complete configuration di...

Страница 28: ...NCOM L 310agn Wireless only Connector for the first external antenna Connector for the supplied power adapter Ethernet socket 10 100 1000Base Tx for connection to the LAN The available transfer rate i...

Страница 29: ...th two separate antennas which are combined to provide the antenna diversity The module WLAN 2 supports IEEE 802 11n compliant MIMO mode for higher data throughput better radio coverage and longer ran...

Страница 30: ...cing the effort of installation Power is fed into the LAN at a central location by using a PoE injector a power hub or power switch It is important that the cables used in the LAN are equipped with al...

Страница 31: ...s released the device will restart with the restored factory settings Reset button This option controls the behavior of the reset button when it is pressed Ignore The button is ignored Please observe...

Страница 32: ...Wireless LAN Configuration Antennas are only to be attached or changed when the device is swit ched off Mounting or demounting antennas while the device swit ched on may cause the destruction of the...

Страница 33: ...ply over LAN cabling Please make sure to use only the power adapter listed in the technical specifications The use of the wrong power adapter can be of danger to the device or persons LAN interface Ca...

Страница 34: ...lation of the Windows compatible system software LANtools as supplied You may skip this section if you use your L 300 Access Point exclusively with computers running operating systems other than Windo...

Страница 35: ...computer to monitor all of your LANCOM routers and LANCOM access points WLANmonitor enables the observation and surveillance of wireless LAN networks Clients connected to the access points are shown a...

Страница 36: ...g and WEBconfig each have their own description With all of the necessary information collected in advance this basic configuration can now take place quickly and in ease At the end of this chapter we...

Страница 37: ...he fully automatic TCP IP configuration is only possible in certain network environments For this reason the Setup Wwizard analyses the connected LAN to see whether fully automatic configuration is po...

Страница 38: ...the DHCP server will subsequently use for the other devices in the network provided the DHCP server is acti vated You have so far also used IP addresses on the computers in the LAN Required informati...

Страница 39: ...e found in the LCOS reference manual under Managing rights for different administrators In the managed mode the LANCOM Wireless Routers and LANCOM Access Points automatically receive the same root pas...

Страница 40: ...nfirm your choice with Next Specify whether or not the router should act as a DHCP server Make your selection and confirm with Next In the following window specify the password for configuration acces...

Страница 41: ...h WEBconfig you need to know how to con tact the device Device behavior and accessibility for configuration via a Web browser depend on whether the DHCP server and DNS server are active in the LAN alr...

Страница 42: ...onfiguration computer Network with DHCP server If a DHCP server for the assignment of IP addresses is active in the LAN an unconfigured LANCOM device disables its own DHCP server switches to DHCP clie...

Страница 43: ...priate fields Observe the use of upper and lower case If you used the general configuration access only enter the corresponding password The user name field remains blank in this case As an alternativ...

Страница 44: ...automatically assign valid IP addresses to all of the computers in the LAN The correct TCP IP configuration of the PCs in the LAN depends on the method used to assign IP addresses within the LAN IP a...

Страница 45: ...es in the network are assigned static ally then for each PC the IP address of the LANCOM must be set in the TCP IP configuration as the standard gateway and as a DNS server For further information and...

Страница 46: ...h nologies to be used Suppress SSID broadcast closed network Access control by MAC address LANCOM Enhanced Passphrase Security LEPS Encrypted data transfer 802 11i WPA or WEP 802 1x EAP Optional IPSec...

Страница 47: ...haracters to each MAC address The connection to the access point and the subsequent encryp tion with IEEE 802 11i or WPA is only possible with the right combination of passphrase and MAC address LEPS...

Страница 48: ...most secure passphrase variant is to employ 802 11i WPA2 in combination with AES The key should be randomly selected from the largest possible range of num bers and should be as long as possible 32 t...

Страница 49: ...ty of encryption techniques Keep your keys as secret as possible Never write down a key Popular but completely unsuitable are for example Notebooks wallets and text files on the computer Do not pass o...

Страница 50: ...y settings of the wireless network with the security wizard as far as your device has a WLAN interface 4 3 1 Wizard for LANconfig Mark your LANCOM in the selection window Select from the command bar E...

Страница 51: ...ed your wireless network with encryption and access control lists With the help of 802 11i WPA or WEP you can encrypt the data in your wireless network with different encryption methods such as AES TK...

Страница 52: ...If you do not require remote configuration please ensure to switch it off If you need to make use of remote configuration ensure that you do not fail to password protect the configuration see the sec...

Страница 53: ...as a gateway and are not visible themselves The router separates the Internet from the intranet like a wall The application of IP masquerading is set in the routing table for every route individually...

Страница 54: ...a 802 1x Have you activated the protection of your WAN access in case the device is stolen After being stolen the device can theoretically be operated at another location by unauthorized persons Passw...

Страница 55: ...LANCOM L 300 Access Point Serie Chapter 4 Security settings 54 EN can be set so that a press is either ignored or it causes a re start depen ding on the time for which it is held pressed...

Страница 56: ...reless LAN The settings include the general shared parameters and also the individual settings for one or more logical wireless LAN networks WLAN radio cells or SSIDs Mark your LANCOM Access Point in...

Страница 57: ...nd attempts to register with a wireless network In this case the device serves for example to link a cabled network device to an Access Point over a wireless connection In this operating mode parallel...

Страница 58: ...ompatible to the previous IEEE 802 11a b g wireless LAN standards even though not all 802 11n functions are sup ported in this mode Compatibility can be allowed or restricted by selecting the operatin...

Страница 59: ...a streams to be implemented to transmit double the amount of data Improving wireless coverage Cyclic shift diversity CSD can be used to transmit a radio signal in different phases This reduces the ris...

Страница 60: ...on are used Modulation Coding Scheme MCS A specific MCS number denotes a unique combination from the modula tion of the individual carriers BPSK QPSK 16QAM 64QAM coding rate i e proportion of error co...

Страница 61: ...t guard interval This increases the effective time available for data transmission and thus the data through put However the wireless LAN system becomes more liable to disruption that can be caused by...

Страница 62: ...ess LAN General Logical WLAN Settings Transmission You can find these parameters in WEBconfig or telnet under Expert Configu ration Setup Interfaces WLAN Transmission 5 3 Point to point connections LA...

Страница 63: ...ta throughput rates can be achieved WLAN Router ANTENNA BUILDING ACCESS POINT ANTENNA BUILDING ACCESS POINT ANTENNA BUILDING MIMO AP 802 11n POLARIZATION DIVERSITY BUILDING MIMO AP 802 11n POLARISATIO...

Страница 64: ...s point takes over the leadership when selecting a free WLAN channel Slave All other access points will search for a channel until they have found a transmitting Master 802 11a indoor AP Directional a...

Страница 65: ...links The following basic questions must be answered when designing wireless links Which antennas are necessary for the desired application How do the antennas have to be positioned to ensure problem...

Страница 66: ...ry of use The operator of the wireless LAN system is responsible for ensuring that local regulations are met Positioning the antennas Antennas do not broadcast their signals linearly but within an ang...

Страница 67: ...er and receiver d are known R 0 5 d The wavelength in the 2 4 GHz band is approx 0 125 m in the 5 GHz band approx 0 05 m Example With a separating distance of 4 km between the two antennae the radius...

Страница 68: ...el of the highest obstruction of approx 13 m in the 5 GHz band 9 m Antenna power The power of the antennas must be high enough to ensure acceptable data transfer rates On the other hand the country sp...

Страница 69: ...find further information on the geometrical design of wireless paths and the alignment of antennas with the help of LANCOM soft ware in the LCOSreference manual The current signal quality over a P2P c...

Страница 70: ...on Point to point activates the option Adjusting Point to Point WLAN Antennas The Point to point entry is only visible in the LANmonitor if the monitored device has at least one base station defined...

Страница 71: ...the second antenna is then adjusted to attain the best signal quality 5 4 Measuring wireless bridges After planning and installation the wireless bridge can be analyzed to deter mine the actual data t...

Страница 72: ...he channel selection scheme to either Master or Slave If the peers of the P2P connections are to be identified via their station names then enter a unique name for this WLAN station For models with mu...

Страница 73: ...the WLAN MAC address on a sticker located under each of the antenna connectors Only use the string that is marked as the WLAN MAC or MAC ID The other addresses that may be found are not the WLAN MAC...

Страница 74: ...he appropriate WLAN interface i e WLAN 1 if you are using the first WLAN module for the P2P connection WLAN 2 if you are using the second module e g as with an access point with two WLAN modules Activ...

Страница 75: ...ase LEPS can be used to secure single point to point P2P connections with an individual passphrase Even if an access point in a P2P installation is stolen and the passphrase and MAC address become kno...

Страница 76: ...ual devices with an Ethernet interface into a wireless LAN LANCOM devices with a WLAN module can be switched to client mode whereupon they act as conventional wireless LAN adapters and not as access p...

Страница 77: ...ttings client behavior can be configured from the Client mode tab under the settings for the physical interfaces The configuration of the client settings can also be carried out with the WLAN Wizards...

Страница 78: ...e networks In the WLAN clients the SSIDs of the networks to which the client stations are to connect must be entered To enter the SSIDs change to the General tab under LANconfig in the Wireless LAN co...

Страница 79: ...from the list of logical WLAN settings Enable encryption and match the encryption method to the settings for the access point In WLAN client operating mode the LANCOM Access Points and LANCOM Wireles...

Страница 80: ...is ente red as a combination username password For TLS in addition the EAP TLS device certificate including the private key Under WEBconfig or Telnet the network settings for the logical WLAN interfac...

Страница 81: ...d is the authentication data as supplied to you by your Internet provider Internet provider unknown If the list in the Setup Wizard does not contain your provider you will be asked step by step for al...

Страница 82: ...ection window From the command line select Extras Setup Wizard In the selection menu select the Setup Wizard Set up Internet connec tion and confirm the selection with Next In the following windows yo...

Страница 83: ...firewall filter that provides effective protection from the Internet for your LAN The core concept of the stateful inspection firewall is that the only data transfers that are con sidered to be valid...

Страница 84: ...t are to be carried out by the rule on a data packet Finally the new rule is given a name it is activated and you define whe ther further rules are to be considered when the rule acts on a data packet...

Страница 85: ...om the LANCOM Web site under www lancom eu You will also find further information on calculating the best configu ration for AirLancer Extender antennas and third party antennas that you wish to conne...

Страница 86: ...avai lable in our Polarization Diversity techpaper 7 1 2 Installing the AirLancer Extender antennas Not for LANCOM L 305agn Wireless The following diversity antennas are available as accessories for...

Страница 87: ...following when connecting antennas Antenna connector 1 must always be used Depending on the model mounting and cabling the second antenna may be connec ted either to connector 2 or connector 3 The con...

Страница 88: ...ed for company networks and for wireless net working in the home However for public access services the standard setup lacks important mechanisms for authentication and billing of individual users AAA...

Страница 89: ...ports railway stations exhibition grounds or universi ties The LANCOM Public Spot Option equips an access point with these functions and upgrades it to a wireless Public Spot Mobile users HTTP HTTPS R...

Страница 90: ...fer protocol been selected The transfer protocol is set along with the basic settings The basic setup wiz ard will enter the correct settings for numerous DSL providers automatically Only if your DSL...

Страница 91: ...The cause of this problem is what is known as the TCP IP receive window size of the Windows operating system that is set to a value too small for asynchronous connec tions Instructions on how to incre...

Страница 92: ...supply unit NEST 12V 1A DC S Hohlstkr 2 1 5 5mm RoHS LANCOMItem no 110524 Type designation on the power supply unit Type 15 2230S Antennas 3 internal antennas Three dualband dipole antennas supplied...

Страница 93: ...D9a 2 4 5 GHz outdoor antenna item no 61224 AirLancer Extender O D60a 5 GHz outdoor antenna item no 61222 AirLancer Extender O D80g 2 4 GHz outdoor antenna item no 61221 AirLancer cable NJ NP 3m anten...

Страница 94: ...WAN interface 10 100 1000Base TX DSL interface Nur LANCOM L 305agn Wireless und LANCOM L 310agn Wireless 8 pin RJ45 socket corresponding to ISO 8877 EN 60603 7 BI_DA stands for Bi directional pair A...

Страница 95: ...that the devices of the type described in this documentation are in agreement with the basic requirements and other relevant regulations of the 1995 5 EC directive The CE declarations of conformity fo...

Страница 96: ...rd 51 Configuration port 28 Configuration protection 38 Connect charge protection 40 Contact assignment 93 Configutation interface 94 LAN interface 93 Outband 94 D Default gateway 43 52 DFS 65 DHCP 43...

Страница 97: ...querading Netmask 36 Network mask 37 52 O Optional antennas 84 Options and accessories 84 P P2P 46 Package contents 23 Password 38 39 PAT see IP masquerading Point to point 46 61 point to point 19 20...

Страница 98: ...s in the LAN 43 Windows size 90 TCP IP configuration Fully automatic 36 Manual 36 37 TCP IP filter 21 52 Telnet 52 TFTP 52 Transfer protocol 89 U UDP 52 W WEBconfig System requirements 24 WEP 21 45 47...

Отзывы:

Нет отзывов

Похожие инструкции для L-305agn Wireless

Бренд: Canon Страницы: 4

Бренд: TRENDnet Страницы: 2

Бренд: TP-Link Страницы: 2

Бренд: Gigabyte Страницы: 57

Бренд: BT Страницы: 2

iPAQ Connection Point CP-1

Бренд: Compaq Страницы: 50

150Mbps ADSL2/2+

Бренд: Kraun Страницы: 67

Бренд: Linksys Страницы: 40

Бренд: Pepwave Страницы: 58

Бренд: Pepwave Страницы: 76

Бренд: Encore Страницы: 25

Бренд: Encore Страницы: 62

Бренд: USR IOT Страницы: 66

Бренд: u-blox Страницы: 31

Бренд: EnGenius Страницы: 52

EOC-8610-S series

Бренд: EnGenius Страницы: 59

Бренд: EnGenius Страницы: 64

Бренд: EnGenius Страницы: 74

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды