Ruckus Wireless Wireless ZoneDirector Скачать руководство пользователя страница 26 | Manualshive

Страница: 26 / 80

background image

Ruckus Wireless ZoneDirector User Guide | Managing a Wireless Local Area Network

22

2

When the

WLANs

workspace appears, you will want to review, then change the secu-

rity options for the internal network. To start, click

Edit

in the internal row.

3

When the

Editing (corporate)

features appear, look at the two main categories—

Authentication Options

and

Encryption Options

.

4

If you click an

Authentication Option Method

such as

Open

,

Shared

, or

802.1x

, differ-

ent sets of encryption options are displayed:

•

Open

allows you to configure a WPA- or WEP-based encryption, or “none” if you're

so inclined. After selecting a WPA or WEP, you can then enter a passphrase or key
text of your choosing.

•

Shared

limits you to WEP-key encryption.

•

802.1x

EAP

allows you to choose from all available encryptions, but you do not

need to create a key or passphrase.

5

Depending on your Authentication Option Method selection, review and reconfigure
the related

Encryption Options

.

6

Review the

Advanced Options

to change any settings as needed. (For example, if you

switch to 802.1x, you'll need to choose an authentication server from the menu.)

7

When you are finished, click

OK

to apply your changes.

Using the built-in EAP server

(

Requires the selection of “Local Database” as the authentication server.

) If you are re-con-

figuring your internal WLAN to use 802.1x/EAP authentication, you normally have to gener-
ate and install certificates for your wireless users. With the built-in EAP server and Zero-IT
Wireless Activation, certificates are automatically generated and installed on the end user's
computer. Users simply follow the instructions provided during the Zero-IT Wireless Activa-
tion process to complete this task. Once it is done, users can connect to the internal WLAN
using 802.1x/EAP authentication.

Authentication with an external RADIUS server

You could use an external RADIUS server for your wireless client 802.1x/EAP authentication.
An EAP-aware RADIUS server is required for this application. Also, you might need to deploy
your own certificates for wireless client devices and for the RADIUS server you are using. In
this case, the Ruckus ZoneDirector works as a bridge between your wireless clients and the
RADIUS server during the wireless authentication process. Ruckus ZoneDirector allows wire-
less clients to access the networks only after successful authentication of the wireless cli-
ents by the RADIUS server.

«
...
24
25
26
27
28
...
»

Содержание Wireless ZoneDirector

Страница 1: ...User Guide Ruckus Wireless ZoneDirector Release 3 0...

Страница 2: ...tions may cause harmful interference to radio communications How ever there is no guarantee that interference will not occur in a par ticular installation If this device does cause harmful interferenc...

Страница 3: ...e ZoneDirector to the Factory Default State 17 Managing a Wireless Local Area Network 19 An Overview of Wireless Networks 20 Customizing Ruckus WLAN Security 20 Setting Dynamic Pre Shared Key Expirati...

Страница 4: ...vity 57 Monitoring Access Point Status 58 Detecting Rogue Access Points 58 Evaluating and Optimizing Network Coverage 59 Customizing Background Radio Frequency Scans 60 Setting Administrator Preferenc...

Страница 5: ...pass through the ZoneDirector thereby eliminating potential bottlenecks as higher speed Wi Fi technologies such as 802 11n emerge In addition the ZoneDirector supports rogue AP detection and the abili...

Страница 6: ...Director This is a normal reset and does not set AP back to factory defaults Not pictured Power connection in rear FIGURE 1 1 10 100 1000 LED Status If off If steady amber If flashing amber If steady...

Страница 7: ...from a Windows XP Vista client without aid of IT staff Dashboard When you first log into your ZoneDirector with WebUI the Dashboard appears displaying a number of widgets containing indicators and ta...

Страница 8: ...Usage Summary Details on connected clients and transmission information Most Active Client Devices Identification of most active clients by MAC address IP address and user names The usage is the tota...

Страница 9: ...d widgets represent the indicators displayed as part of the active dashboard Indi cator widgets can be added or removed to enhance your ZoneDirector summary needs Adding a Widget To add widgets do the...

Страница 10: ...ration to a higher security certificate based 802 1x EAP configuration Your choice mostly depends on what kinds of cli ent authentication your users client devices support For example some of your WLA...

Страница 11: ...devices for example laptop computers and PCs are recorded and tracked If for any reason you need to block a client device from network use you can do via the ZoneDirector WebUI For more on configurin...

Страница 12: ...the System Name 10 Updating the Internal Clock 10 Changing the System Log Settings 11 Setting up Email Alarm Notification 13 Customizing the Guest Login Page 14 Upgrading ZoneDirector and ZoneFlex AP...

Страница 13: ...the now active fields IP Address Netmask and Gateway are required DHCP If you select DHCP no further information is required 4 Click Apply to save your settings You will lose connection to the ZoneDir...

Страница 14: ...ur Ruckus ZoneDirector is automatically synchronized with the clock on your administration PC during the initial setup You can use the WebUI to check the cur rent time on the internal clock which show...

Страница 15: ...will be deleted if the ZoneDirector is powered down If you want a permanent record of all logging activities you can set up your syslog server to receive log contents from the ZoneDirector then use t...

Страница 16: ...ngs FIGURE 2 5 3 Make your selections from these syslog server options Event Log Level Select one of the three logging levels Show more Warning and Critical Events or Critical Events Only Remote Syslo...

Страница 17: ...il address of your choosing To activate this option follow these steps 1 Go to Configure Alarm Settings When the Alarm Settings page appears the Email Notifications features appear FIGURE 2 6 2 Click...

Страница 18: ...o is no bigger than two inches long on any side or larger than 200kB 1 Go to Configure Guest Access 2 Locate the Web Portal Logo features FIGURE 2 7 3 If your logo is ready for use click Browse to ope...

Страница 19: ...the Software Upgrade features appear click Browse 3 When the Browse dialog box appears use it to locate and open the upgrade package 4 When the upgrade file name appears in the text field the Browse b...

Страница 20: ...appears click Save 4 When the Save As dialog box appears enter a name for this archive file pick a desti nation folder then click Save 5 Make sure the filename ends in a TGZ extension 6 When the Down...

Страница 21: ...When this process begins you will be logged out of the WebUI When the reset is complete the Status LED is a blinking red then a blinking green indicating that the system is in the factory default sta...

Страница 22: ...le on the right side of the front panel of the ZoneDirector 2 Insert a straightened paper clip in the hole and press for at least 5 seconds After the reset is complete the Status LED is a blinking red...

Страница 23: ...tting Dynamic Pre Shared Key Expiration 24 Configuring Access Control Lists 24 Creating a New WLAN 26 Creating a New WLAN for Workgroup Use 30 Adding New Access Points to the WLAN 31 Reviewing the Cur...

Страница 24: ...reate the custom WLAN and link it to qualified user accounts by roles and 2 assist all qualified users to prepare their client devices for custom WLAN connection As a result you will have the default...

Страница 25: ...e IEEE 802 11i stan dard AES Switch to this algorithm for stronger encryption Passphrase Replace the current passphrase with a new one 3 Click OK to apply any changes Switching to a different security...

Страница 26: ...the menu 7 When you are finished click OK to apply your changes Using the built in EAP server Requires the selection of Local Database as the authentication server If you are re con figuring your int...

Страница 27: ...to their wireless device connection settings If switching to 802 1x based security 1 Applies only to the use of the built in EAP server Each user should be able to repeat the Zero IT Wireless Activati...

Страница 28: ...re allowed to associate to ZoneDirector managed APs Using the Access Controls configura tion options you define Layer 2 ACLs also known as MAC address ACLs which can then be applied to one or more WLA...

Страница 29: ...lect the Restriction mode as either allow or deny 6 Type a MAC address in the MAC Address text box then click Create New to save the address The added address appears next to the Stations field 7 Repe...

Страница 30: ...LANs For example you might want to create a WLAN for WEP only client devices Or you might want to create a WLAN that utilizes 802 1x EAP and certificates The following shows how to create such WLANs t...

Страница 31: ...PA2 Not available to Shared authentication Provides a higher level of encryption and is more secure WPA and WPA2 require selection of an encryption algorithm as detailed below WEP 64 Provides a lower...

Страница 32: ...stations that associate to a guest WLAN The only difference between a WLAN with wireless client isolation enabled and a guest WLAN is that a guest WLAN requires users to enter a guest pass before they...

Страница 33: ...our users are connecting with computers running Windows XP SP2 Vista an automatic activation script is generated for them to install security settings of WLANs configured on the Ruckus ZoneDirector If...

Страница 34: ...tion or encryption methodologies in this new WLAN locate the corporate WLAN record and click Clone A workspace appears displaying the default settings of a new WLAN using the same zero IT configuratio...

Страница 35: ...AP as you distribute them 3 Connect the APs to the LAN with Ethernet cables 4 Connect each AP to a power source Verifying Approving new APs 1 Go to Monitor Access Points 2 When the Access Points page...

Страница 36: ...Ruckus Wireless ZoneDirector User Guide Managing a Wireless Local Area Network 32 FIGURE 3 6...

Страница 37: ...to the WLAN 3 Click Apply to save your settings This will affect only new unapproved APs FIGURE 3 7 Editing Access Point Parameters You can add a description or change the channelization channel or t...

Страница 38: ...AN tagged The WLAN in VLAN qualifications include the following Verifying that the VLAN switch supports native VLANs A native VLAN is a VLAN that allows the user to designate untagged frames going in...

Страница 39: ...nticated wireless client will be passed onto the ZoneDirector from the AP via the management VLAN If the client belongs to a par ticular VLAN ZoneDirector will add the corresponding VLAN tag before pa...

Страница 40: ...nt devices follow the next set of steps Temporarily disconnecting specific client devices Follow these steps to temporarily disconnect a client device from your WLAN The user can simply reconnect manu...

Страница 41: ...nitor Map View If Map View displays a floorplan with active device symbols you can assess the perfor mance of individual APs in terms of coverage For detailed information on the Map View see Using the...

Страница 42: ...igure Access Points 2 Review the Access Points table and identify an AP that you want to adjust 3 Click the Edit button in that AP row 4 Review and adjust any of the following Editing AP options MAC A...

Страница 43: ...erver 40 Adding New User Accounts to ZoneDirector 42 Managing Current User Accounts 43 Creating New User Roles 44 Configuring System Wide Guest Access Policy 45 Managing Guest Pass Access 46 Activatin...

Страница 44: ...i cate wireless users using your existing Active Directory server an existing RADIUS server or to create new user accounts in the internal user database To use a RADIUS or Active Direc tory server as...

Страница 45: ...ss of the Active Directory server Enter a Port number if different from 389 for Active Directory or 1812 for RADIUS For Active Directory only Enter the Domain name of the Active Directory server for e...

Страница 46: ...the text fields with the appropriate entries Username Enter a name for this user up to 32 characters in length using letters numbers and the period character User names are case sensitive Full Name En...

Страница 47: ...ptions appear make the needed changes 4 If a role must be replaced open that menu and choose a new role for this user For more information see Creating New User Roles on page 44 5 Click OK to save you...

Страница 48: ...1 Go to Configuration Roles The Roles and Policies page appears displaying a Default role in the Roles table 2 Click Create New below the Roles table FIGURE 4 4 3 Enter a Name and a short Description...

Страница 49: ...The Guest Access page appears FIGURE 4 5 2 Under Enable Guest Access System side select the Authentication to use Use guest pass authentication Redirect the user to a page requiring a valid guest pas...

Страница 50: ...l down to Guest Access Guest Pass Generation FIGURE 4 6 3 If you require a specific authentication server toggle the Authentication Server drop down list to select the appropriate server 4 Set the gue...

Страница 51: ...er a name for this role Description Enter a short description of this role s application Group Attributes This field is only available if you choose Active Directory as your authentication server Ente...

Страница 52: ...guest access to specified subnets By default guest pass users are automatically blocked from the ZoneDi rector subnet 192 168 0 2 24 You can configure up to 5 IP subnets to be blocked to guest access...

Страница 53: ...n database After they discover the WLAN on their wireless device or laptop they open their browser connect to the Login page and enter the required login information 1 Go to Configure WLANs 2 When the...

Страница 54: ...internal user database automatically generated user certificates and keys are deleted whenever the associated user account is deleted from the user database In the case of using Windows Active Direct...

Страница 55: ...plan Image 52 Using the Map View Tools 54 Reviewing Current Alarms 56 Reviewing Recent Network Events 57 Clearing Recent Events Activities 57 Reviewing Current User Activity 57 Monitoring Access Point...

Страница 56: ...ailed infor mation And finally the All Events log displays the most recent actions by users devices and network in chronological order Configure Use the options in this tab to assess the current state...

Страница 57: ...he APs to the correct locations This will give you a powerful monitoring tool 1 Have the list of APs handy with MAC addresses and locations 2 Go to Monitor Map View if it s not already in view 3 Look...

Страница 58: ...de of the Map View See item number 8 below for the description of the Signal For Show Rogue APs selecting Yes displays the detected rogue APs in the floorplan 3 Unplaced APs area As noted in Importing...

Страница 59: ...ctory balance between markers and floorplan details 11 Scale legend To properly assess the distances in a floorplan a scaler has been pro vided so that you can place APs in the most precise location T...

Страница 60: ...hen the All Alarms page appears the Alarms table lists the unresolved alarms the most recent at the top FIGURE 5 3 3 Review the contents of this table The Activities column is especially informative 4...

Страница 61: ...ies button to see a complete list with all categories represented in chronological order Clearing Recent Events Activities To review the current events and if appropriate clear all resolved events fol...

Страница 62: ...manufacturer s AP and connects it to the LAN to gain wireless access to other LAN resources This would potentially allow even more unauthorized users to access your corporate LAN posing a security ri...

Страница 63: ...n a neighboring network you can mark it as known Evaluating and Optimizing Network Coverage If there are gaps or dead spots in your worksite WLAN coverage you can use ZoneDirector to assess network RF...

Страница 64: ...locating the actual APs in accordance with Map View repositioning disconnect and reconnect each AP to a power source 5 When ZoneDirector has recalibrated the Map View after each AP restart you can ass...

Страница 65: ...ng the check box which results in a minor increase in AP performance but removes the detection of rogue APs from ZoneDirec tor monitoring 4 You can also decrease the scan frequency as less frequent sc...

Страница 66: ...62 CHAPTER 6 Setting Administrator Preferences Chapter Contents Changing the ZoneDirector Administrator User Name and or Password 63 Changing the Language Used in WebUI 63 Upgrading the License 64...

Страница 67: ...ed solely to log into ZoneDirec tor with WebUI Password Confirm Password Delete the texts in both fields and type the same text for a new password 3 Click Apply to save your settings The changes go in...

Страница 68: ...to upgrade your license Once you load the license via the WebUI it takes effect immediately Current license information description PO number status etc is displayed in the WebUI To import a new licen...

Страница 69: ...d User Logins 66 Fixing User Connections 67 Diagnosing Poor Network Performance 68 Starting a Radio Frequency Scan 69 Reviewing Self Healing and Intrusion Prevention Options 70 Generating a Debug File...

Страница 70: ...ist of options may be applicable based on your client system s qualifications Option 1 If Windows XP SP2 Vista is on the client machine check the wireless network adapter to verify the implementation...

Страница 71: ...tion automati cally renews itself any previous problems will hopefully be bypassed To debug an active user connection follow these steps 1 Go to Monitor Currently Active Clients 2 When the Currently A...

Страница 72: ...and send notification to that user with instruc tions on how to re configure their client and log into the WLAN again At the end of this process the user should be reconnected If problems persist the...

Страница 73: ...ally start a complete radio frequency scan that assesses all possible frequencies in all devices at one time follow these steps 1 Go to Admin Diagnostic FIGURE 7 2 2 When the Diagnostic page appears l...

Страница 74: ...is activated default excessive 802 11 probe request frames and management frames launched by malicious attackers will be discarded Repeat Authentication Failure If this capability is activated any cli...

Страница 75: ...k Restart The Status column now displays Disconnected After restart is complete and the Ruckus ZoneDirector detects the active AP the sta tus will be returned to Connected Restarting the Ruckus ZoneDi...

Страница 76: ...nts Activities Logs 11 AP markers overview 55 APs Access Points 31 detecting rogue devices 58 placing markers on a floorplan map 53 restarting 71 see also Access Points verifying new APs 31 Archived Z...

Страница 77: ...oard overview 52 Dashboard WebUI explained 3 Debug file generating 70 Deleting a User Record 43 Description Map View options 38 New WLAN creation 27 option values 27 Detecting rogue Access Points 58 D...

Страница 78: ...ng AP status 58 Monitoring Client Devices 36 Monitoring ZoneDirector overview 52 N Name ESSID New WLAN creation 27 option values 27 Network addressing changing 9 network performance diagnosing 68 New...

Страница 79: ...diagnosing poor WLAN performance 68 generating a debug file 70 manually scanning radio frequencies 69 problems with user connections 66 restarting the ZoneDirector 71 reviewing current activity 57 re...

Страница 80: ...customizing 20 WLAN performance using Map View 37 WLAN security client authentication 29 overview 6 switching modes 21 WLAN in VLAN qualifications 34 WLANs blocking client devices 36 creating addition...

Отзывы:

Нет отзывов

Похожие инструкции для Wireless ZoneDirector

Бренд: E-ZY Страницы: 8

WAC6500 Indoor Series

Бренд: ZyXEL Communications Страницы: 2

Бренд: ZyXEL Communications Страницы: 263

Бренд: wattsonic Страницы: 60

Бренд: Icidu Страницы: 16

Бренд: Billion Страницы: 61

Бренд: Huawei Страницы: 21

Бренд: Huawei Страницы: 7

Бренд: Huawei Страницы: 28

Бренд: Huawei Страницы: 36

Бренд: Huawei Страницы: 22

Бренд: Huawei Страницы: 8

Бренд: Huawei Страницы: 24

Бренд: Huawei Страницы: 34

Бренд: Huawei Страницы: 64

Бренд: Huawei Страницы: 32

Бренд: Huawei Страницы: 20

Бренд: Huawei Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды