background image

 

15

WPA 

 

An effort by the Wi-Fi Alliance to overcome the security limitations of WEP. WPA is subset of the 

IEEE's 802.11i wireless security specification. Key to WPA is the use of Temporal Key Integrity 

Protocol (TKIP) to bolster encryption of wireless packets. In addition, WPA will use 802.1x and EAP 

authentication, based on a central authentication server, such as RADIUS. 

 

Check Box was used to switch the function of the WPA. When the WPA function is enabled, the 

Wireless user must 

authenticate

 to this device first to use the Network service. RADIUS Server 

 

Encryption 

TKIP

 - Temporal Key Integrity Protocol is part of the IEEE 802.11i encryption standard for 

wireless LANs. TKIP is the next generation of WEP, the Wired Equivalency Protocol, which is 

used to secure 802.11 wireless LANs. TKIP provides per-packet key mixing, a message integrity 

check and a re-keying mechanism, thus fixing the flaws of WEP. 

AES

 - The Advanced Encryption Standard, also known as Rijndael, is a block cipher adopted as 

an encryption standard by the US government. It is expected to be used worldwide and analysed 

extensively, as was the case with its predecessor, the Data Encryption Standard (DES). 

 

RADIUS IP address

 or the 802.1X server’s domain-name 

RADIUS port

 : Default setting is 1812 

RADIUS Shared Key

 : Key value shared by the RADIUS server and this device. This key value is 

consistent with the key value in the RADIUS server. 

 

 

Содержание WAP-0010

Страница 1: ...1 WAP 0010 MIMO Access Point User Manual Ver 1 00 0604 ...

Страница 2: ...ipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against radio interference in a commercial environment This equipment can generate use and radiate radio frequency energy and if not installed and used in accordance with the instructions in this manual may cause har...

Страница 3: ...2 WEP Wired Equivalent Privacy 13 802 1X 14 WPA 15 WPA PSK WPA Pre Shared Key 16 WPA2 AES Advanced Encryption Standard 17 WPA2 PSK AES 18 WPA1 WPA2 19 WPA PSK WPA2 PSK 20 WDS Wireless Distribution System 21 MAC Address Control 22 Advanced Wireless Setting 24 4 2 4 Change Password 25 4 3 ADVANCE SETTING 26 4 3 1 System Time 26 4 3 2 SNMP Setting 27 4 4 TOOLBOX 28 4 4 1View Log 28 4 4 2 Firmware Upg...

Страница 4: ...sensing Ethernet switch z DHCP server supported All of the networked computers can retrieve TCP IP settings automatically from this product z Web based configuring Configurable through any networked computer s web browser using Netscape or Internet Explorer Wireless functions z High speed for wireless LAN connection Up to 54Mbps data rate by incorporating Orthogonal Frequency Division Multiplexing...

Страница 5: ...nking Status is flashed once per second to indicate system is alive Blinking The WAN port is sending or receiving data WLAN Wireless activity Green Blinking Sending or receiving data via wireless Link 1 4 Link status Green On An active station is connected to the corresponding LAN port Blinking The corresponding LAN port is sending or receiving data 10 100M Data Rate Green On Data is transmitting ...

Страница 6: ...6 2 1 2 Rear Panel Figure 2 2 Rear Panel LED Ports Port Description PWR Power inlet 12V 1A Port 1 4 the ports where you will connect networked computers and other devices ...

Страница 7: ...red LAN connection connects an Ethernet cable from your computer s Ethernet port to one of the LAN ports of this product b Wireless LAN connection locate this product at a proper position to gain the best transmit performance 3 Power on Connecting the power cord to power inlet and turning the power switch on this product will automatically enter the self test phase When it is in the self test phas...

Страница 8: ...ol you can use the ping command to check if your computer has successfully connected to this product The following example shows the ping procedure for Windows platforms First execute the ping command ping 192 168 123 254 If the following messages appear Pinging 192 168 123 254 with 32 bytes of data Reply from 192 168 123 254 bytes 32 time 2ms TTL 64 a communication link between your computer and ...

Страница 9: ...Then type this product s IP address in the Location for Netscape or Address for IE field and press ENTER For example http 192 168 123 254 After the connection is established you will see the web user interface of this product There are two appearances of web user interface for general users and for system administrator To log in as an administrator enter the system password the factory setting is ...

Страница 10: ...Primary Setup This option is primary to enable this product to work properly Enter your WAP 0010 IP address here The default IP address is 192 168 123 254 LAN IP Address the IP address of this device The computers on your network must use the LAN IP address of your product You can change it if necessary ...

Страница 11: ...gs of DHCP server include the following items 1 DHCP Server Choose Disable or Enable default is Disable 2 IP Pool Starting Address IP Pool Ending Address Whenever there is a request the DHCP server will automatically allocate an unused IP address from the IP address pool to the requesting computer You must specify the starting and ending address of the IP address pool 3 Domain Name Optional this i...

Страница 12: ... beacons that have some information including ssid so that he wireless clients can know how many ap devices by scanning function in the network Therefore This function is disabled the wireless clients can not find the device from beacons Channel The 802 11 standard defines a total of 14 frequency channels The FCC allows channels 1 through 11 within the U S whereas most of Europe can use channels 1...

Страница 13: ...d Wired Equivalent Privacy WEP WEP is a shared key only It uses the symmetrical RC4 algorithm and a PRNG Pseudo Random Number Generator The original standard specified 40 a k a 64 and 128 bit key lengths with a 24 bit initialization vector IV When you enable the 128 or 64 bit WEP key security please select one WEP key to be used and input 26 or 10 hexadecimal 0 1 2 8 9 A B F digits ...

Страница 14: ...s Kerberos one time passwords certificates and public key authentication Please refer to Appendix B for more information Check Box was used to switch the function of the 802 1X When the 802 1X function is enabled the Wireless user must authenticate to this device first to use the Network service RADIUS Server RADIUS IP address or the 802 1X server s domain name RADIUS port Default setting is 1812 ...

Страница 15: ...tocol is part of the IEEE 802 11i encryption standard for wireless LANs TKIP is the next generation of WEP the Wired Equivalency Protocol which is used to secure 802 11 wireless LANs TKIP provides per packet key mixing a message integrity check and a re keying mechanism thus fixing the flaws of WEP AES The Advanced Encryption Standard also known as Rijndael is a block cipher adopted as an encrypti...

Страница 16: ...ess LANs TKIP is the next generation of WEP the Wired Equivalency Protocol which is used to secure 802 11 wireless LANs TKIP provides per packet key mixing a message integrity check and a re keying mechanism thus fixing the flaws of WEP AES The Advanced Encryption Standard also known as Rijndael is a block cipher adopted as an encryption standard by the US government It is expected to be used worl...

Страница 17: ... 11i makes use of the Advanced Encryption Standard AES block cipher WEP and WPA use the RC4 stream cipher Check Box was used to switch the function of the WPA When the WPA2 function is enabled the Wireless user must authenticate to this device first to use the Network service RADIUS Server RADIUS IP address or the 802 1X server s domain name RADIUS port Default setting is 1812 RADIUS Shared Key Ke...

Страница 18: ...ey but with the Advanced Encryption Standard AES block cipher 1 Select Pre share Key Mode If you select HEX you have to fill in 64 hexadecimal 0 1 2 8 9 A B F digits If ASCII the length of Pre share key is from 8 to 63 2 Fill in the key Ex 12345678 ...

Страница 19: ...2 When the WPA1 WPA2 function is enabled the Wireless user must authenticate to this device first to use the Network service RADIUS Server RADIUS IP address or the 802 1X server s domain name RADIUS port Default setting is 1812 RADIUS Shared Key Key value shared by the RADIUS server and this device This key value is consistent with the key value in the RADIUS server ...

Страница 20: ...ly which Security type WPA PSK or WPA2 PSK the client uses to encrypt 1 Select Pre share Key Mode If you select HEX you have to fill in 64 hexadecimal 0 1 2 8 9 A B F digits If ASCII the length of Pre share key is from 8 to 63 2 Fill in the key Ex 12345678 ...

Страница 21: ...WDS link the only thing that is needed is to configure the access points at one end of the WDS link with the MAC address of the PC card in the access point at the other end of the link The following screen captures show the GUIs that are to be manipulated to make this work 1 Click the WDS Setting 2 Select the Enable the Wireless Bridging and enter the remote site AP MAC address that needs to have ...

Страница 22: ... a client is denied to connect to this device it means the client can t access to the Internet either Choose allow or deny to allow or deny the clients whose MAC addresses are not in the Control table please see below to connect to this device Association control Check Association control to enable the controlling of which wireless client can associate to the wireless LAN If a client is denied to ...

Страница 23: ... allow the corresponding client to connect to this device A When Association control is checked check A will allow the corresponding client to associate to the wireless LAN In this page we provide the following Combobox and button to help you to input the MAC address You can select a specific client in the DHCP clients Combobox and then click on the Copy to button to copy the MAC address of the cl...

Страница 24: ... can wait in low power mode before waking up to handle the beacon Network managers can adjust the beacon interval usually measured in milliseconds ms RTS threshold Request to Send Threshold The RTS threshold specifies the packet size of an RTS transmission This helps control traffic flow through an access point especially one with many clients Fragment In networking a packet whose size exceeds the...

Страница 25: ...etwork cards You may choose between Open System Shared Key and Both Open System If the Access Point is using Open System then the wireless adapter will need to be set to the same authentication mode Shared Key Shared Key is when both the sender and the recipient share a secret key Both Select Both for the network adapter to select the Authentication mode automatically depending on the Access Point...

Страница 26: ...ng 4 3 1 System Time Get Date and Time using PC Date and Time Selected if you want to synchronize the device time setting with your connected PC Set Date and Time manually Selected if you want to Set Date and Time manually ...

Страница 27: ...capability to remotely manage a computer network by polling and setting terminal values and monitoring network events Enable SNMP You must check to enable SNMP function Get Community Setting the community of GetRequest your device will response Set Community Setting the community of SetRequest your device will accept ...

Страница 28: ... 4 Toolbox 4 4 1View Log You can View system log by clicking the View Log button Refresh Click the Refresh to update the system log page Download Save the log as text file format Clear logs Clean up the log ...

Страница 29: ...rade button 4 4 3 Backup Setting You can backup your settings by clicking the Backup Setting button and save it as a bin file Once you want to restore these settings please click 1 Firmware Upgrade button click 2 Browser to select the bin file you ve saved then click 3 Upgrade ...

Страница 30: ...30 4 4 4 Reset to default You can also reset this product to factory default by clicking the Reset to default button 4 4 5 Reboot You can also reboot this product by clicking the Reboot button ...

Страница 31: ...rd manual Moreover the Section B 2 tells you how to set TCP IP values for working with this device correctly Windows 98SE as the example A 1 Install TCP IP Protocol into Your PC 1 Click Start button and choose Settings then click Control Panel 2 Double click Network icon and select Configuration tab in the Network window 3 Click Add button to add network component into your PC 4 Double click Proto...

Страница 32: ...2 Set TCP IP Protocol for Working with device 1 Click Start button and choose Settings then click Control Panel 2 Double click Network icon Select the TCP IP line that has been associated to your network card in the Configuration tab of the Network window 3 Click Properties button to set the TCP IP protocol for this device 4 Now you have two setting methods ...

Страница 33: ...33 a Select Obtain an IP address automatically in the IP Address tab b Don t input any value in the Gateway tab ...

Страница 34: ...b B Configure IP manually a Select Specify an IP address in the IP Address tab The default IP address of this product is 192 168 123 254 So please use 192 168 123 xxx xxx is between 1 and 253 for IP Address field and 255 255 255 0 for Subnet Mask field ...

Страница 35: ... address of this product default IP is 192 168 123 254 in the New gateway field and click Add button c In the DNS Configuration tab add the DNS values which are provided by the ISP into DNS Server Search Order field and click Add button ...

Страница 36: ...ofessional without Service Pack 1 Wireless Cardbus PC2 Microsoft Windows XP Professional with Service Pack 1a or latter Wireless Cardbus Authentication Server Windows 2000 RADIUS server with Service Pack 3 and HotFix Q313664 Note Windows 2000 RADIUS server only supports PEAP after upgrade to service pack 3 and HotFix Q313664 You can get more information from http support microsoft com default aspx...

Страница 37: ...ication method to MD5_Challenge or using smart card or other certificate on RADIUS server according to the test condition 3 1 2 Setup DUT 1 Enable the 802 1X check the Enable checkbox 2 Enter the RADIUS server IP 3 Enter the shared key The key shared by the RADIUS server and DUT 4 We will change 802 1X encryption key length to fit the variable test condition 3 1 3 Setup Network adapter on PC 1 Cho...

Страница 38: ... Windows 2000 RADIUS server Authentication testing 4 1DUT authenticate PC1 using certificate PC2 follows the same test procedures 1 Download and install the certificate on PC1 Fig 4 2 PC1 choose the SSID of DUT as the device 3 Set authentication type of wireless client and RADIUS server both to EAP_TLS 4 Disable the wireless connection and enable again 5 The DUT will send the user s certificate to...

Страница 39: ...ndows XP will prompt that the authentication process is success or fail and end the authentication procedure Fig 6 7 Terminate the test steps when PC1 get dynamic IP and PING remote host successfully Figure 3 Certificate information on PC1 Figure 4 Authenticating ...

Страница 40: ... 5 Windows XP will prompt that the authentication process is success or fail and end the authentication procedure 6 Terminate the test steps when PC2 get dynamic IP and PING remote host successfully Support Type The device supports the types of 802 1x Authentication PEAP CHAPv2 and PEAP TLS Note 1 PC1 is on Windows XP platform without Service Pack 1 2 PC2 is on Windows XP platform with Service Pac...

Страница 41: ...rp a If you can not find the information of MAC please make the cable to plug in lan port of ap and ping the lan ip address then arp a There are some information in the screen For example AP1 AP2 AP3 IP 192 168 123 254 IP 192 168 123 253 IP 192 168 123 252 Mac 00 11 6b 00 0f fe Mac 00 11 6b 00 0f fd Mac 00 11 6b 00 0f fc SSID Default SSID Default SSID Default Channel 11 Channel 11 Channel 11 DHCP ...

Страница 42: ...nt2 can get ip from dhcp server of AP1 Then Client1 and Client2 can get information each other AP1 Setting AP1ÅÆ AP2 Remote Mac 00 11 6b 00 0f fd AP1ÅÆ AP3 Remote Mac 00 11 6b 00 0f fc AP2 Setting AP2ÅÆ AP1 Remote Mac 00 11 6b 00 0f fe AP3 Setting AP3ÅÆ AP1 Remote Mac 00 11 6b 00 0f fe ...

Отзывы: