Sercomm AP101nA Скачать руководство пользователя страница 45

Страница: 45 / 105

Wireless Access Point User Guide

Using WPA-Enterprise

This is the most secure and most complex system.

WPA-Enterprise mode provides greater security and centralized management, but it is more
complex to configure.

Wireless Station Configuration

For each of the following items, each Wireless Station must have the same settings as the
Wireless Access Point.

Mode

On each PC, the mode must be set to

Infrastructure

SSID (ESSID)

This must match the value used on the Wireless Access Point.

The default value is

wireless

Note! The SSID is case sensitive.

802.1x
Authentication

Each client must obtain a Certificate which is used for authentication for
the Radius Server.

802.1x
Encryption

Typically, EAP-TLS is used. This is a dynamic key system, so keys do
NOT have to be entered on each Wireless station.

However, you can also use a static WEP key (EAP-MD5); the Wireless
Access Point supports both methods simultaneously.

Radius Server Configuration

If using

WPA-Enterprise

mode, the Radius Server on your network must be configured as

follow:

It must provide and accept

Certificates

for user authentication.

There must be a

Client Login

for the Wireless Access Point itself.

The Wireless Access Point will use its Default Name as its Client Login name. (How-

ever, your Radius server may ignore this and use the IP address instead.)

The

Shared Key

, set on the

Security

Screen of the Access Point, must match the

Shared Secret

value on the Radius Server.

Encryption

settings must be correct.

Содержание AP101nA

Страница 1: ...802 11n Wireless Access Point AP101nA WNAP 3000PE User s Guide...

Страница 2: ...R 4 PC AND SERVER CONFIGURATION 40 Overview 40 Using WEP 40 Using WPA PSK WPA2 PSK 41 Using WPA Enterprise 42 802 1x Server Setup Windows 2000 Server 43 802 1x Client Setup on Windows XP 53 Using 802...

Страница 3: ...Vista 91 APPENDIX D ABOUT WIRELESS LANS 93 Overview 93 Wireless LAN Terminology 93 APPENDIX E COMMAND LINE INTERFACE 96 Overview 96 Command Reference 96 P N 956YHZ0001 Copyright 2008 All Rights Reser...

Страница 4: ...Wireless Access Point incorporates many advanced features carefully designed to provide sophisticated functions while being easy to use x Standards Compliant The Wireless Access Point complies with th...

Страница 5: ...her x VLAN Support The 802 1Q VLAN standard is supported allowing traffic from differ ent sources to be segmented Combined with the multiple SSID feature this provides a powerful tool to control acces...

Страница 6: ...er you can use it to provide accounting data on Wireless clients x Syslog Support If you have a Syslog Server the Wireless Access Point can send its log data to your Syslog Server x SNMP Support SNMP...

Страница 7: ...g transmitted or received via the Wireless access point Data includes network traffic as well as user data Status On Error condition Off Normal operation Blinking During start up and when the Firmware...

Страница 8: ...to the factory default values To Clear All Data and restore the factory default values 1 Hold the Reset Button until the Status Red LED blinks TWICE usually more than 5 seconds 2 Release the Reset Bu...

Страница 9: ...maximize reliability and performance follow these guidelines x Use an elevated location such as wall mounted or on the top of a cubicle x Place the Wireless Access Point near the center of your wirel...

Страница 10: ...hernet The Wireless Access Point supports PoE Power over Ethernet To use PoE 1 Do not connect the supplied power adapter to the Wireless Access Point 2 Connect one end of a standard category 5 LAN cab...

Страница 11: ...ser Setup using the Windows Utility A simple Windows setup utility is supplied on the CD ROM This utility can be used to assign a suitable IP address to the Wireless Access Point Using this utility is...

Страница 12: ...he Wireless Access Point Description Any extra information for the Wireless Access Point entered by the administrator Note If the desired Wireless Access Point is not listed check that the device is i...

Страница 13: ...word again 6 Check the following screens and configure as necessary for your environment Use the on line help if necessary The later sections in this Chapter also provides more details about each of t...

Страница 14: ...a Wireless connection to it may be not possible x If your LAN contains a Router or Routers ensure the PC used for configuration is on the same LAN segment as the Wireless Access Point 3 Start your Web...

Страница 15: ...Management menu 9 Use the Apply and Reboot buttons on the menu to apply your changes and restart the Wireless Access Point Setup is now complete Wireless stations must now be set to match the Wireless...

Страница 16: ...ion Access Point Name Enter a suitable name for this Access Point Description If desired you can enter a description for the Access Point Country Domain The country or domain which is matching your cu...

Страница 17: ...allocate IP Addresses to PCs DHCP clients on your LAN when they start up The default and recommended value is Enabled x The Start IP Address and Finish IP Address fields set the values used by the DHC...

Страница 18: ...anced Settings on the System menu to view a screen like the following Figure 9 System Advanced Settings Screen Data System Advanced Settings Screen VLAN Enable 802 1Q VLAN This option is only useful i...

Страница 19: ...nvalid LLTD Enable Link Layer Topology Discovery Enable this if you want to use Link Layer Topology Discovery proto col LLTD feature STP Enable Spanning tree Protocol Enable this if you want to use th...

Страница 20: ...creen like the following Figure 10 Wireless Basic Screen Data Wireless Basic Settings Screen Operation Turn Radio On Enable this to use the wireless feature Wireless Mode Select the desired option x D...

Страница 21: ...nt x Bridge Point to Point Bridge to a single AP You must provide the MAC address of the other AP in the PTP Bridge AP MAC Address field x Bridge Multi Point Select this only if this AP is the Master...

Страница 22: ...Access Point Setup Select Remote AP If the other AP is on line you can click the Select Remote AP button and select from a list of available APs 19...

Страница 23: ...AP name is displayed x SSID The current SSID associated with this VAP x Security System The current security system e g WPA PSK is dis played Enable Button Enable the selected VAP Configure Button Cha...

Страница 24: ...ess Point Isolation within VAP If enabled then each Wireless station using the Access Point is invisible to other Wireless stations In most business stations this setting should be Disabled Security S...

Страница 25: ...us Server This is usually done using digital certificates x Each user s wireless client must support 802 1x and provide the Radius authentication data when required x All data transmission is encrypte...

Страница 26: ...urity None No security is used Anyone using the correct SSID can connect to your network Security Settings WEP This is the 802 11b standard Data is encrypted before transmission but the encryption sys...

Страница 27: ...a particular method select the appropriate value Open System or Shared Key All Wireless stations must then be set to use the same method Key Input Select Hex or ASCII depending on your input method A...

Страница 28: ...Data is encrypted using a 256Bit key derived from this key Other Wireless Stations must use the same key WPA Encryption The encryption method is TKIP Wireless Stations must also use TKIP Group Key Upd...

Страница 29: ...ed from this key Other Wireless Stations must use the same key WPA Encryption The encryption method is AES Wireless Stations must also use AES Group Key Update This refers to the key used for broadcas...

Страница 30: ...is key Other Wireless Stations must use the same key WPA Encryption The encryption method is TKIP for WPA PSK and AES for WPA2 PSK Group Key Update This refers to the key used for broadcast transmissi...

Страница 31: ...Radius Screen WPA with Radius WPA Encryption The encryption method is TKIP Wireless Stations must also use TKIP Group Key Update This refers to the key used for broadcast transmissions Enable this if...

Страница 32: ...us Screen WPA2 with Radius WPA Encryption The encryption method is AES Wireless Stations must also use AES Group Key Update This refers to the key used for broadcast transmissions Enable this if you w...

Страница 33: ...a WPA and WPA2 with Radius Screen WPA and WPA2 with Radius WPA Encryption The encryption method is TKIP for WPA and AES for WPA2 Group Key Update This refers to the key used for broadcast transmission...

Страница 34: ...to authenticate each user See Chapter4 for details of user configuration x Each user s wireless client must support 802 1x x All data transmission is encrypted using the WEP standard You only have to...

Страница 35: ...ange This setting if only available if using Dynamic WEP Keys If you want the Dynamic WEP keys to be updated regularly enable this and enter the desired lifetime in minutes Static WEP Key EAP MD5 Enab...

Страница 36: ...t Enter the key value to match the Radius Server Secondary Authentica tion Server The Secondary Authentication Server will be used when the Primary Authentication Server is not available Accounting Se...

Страница 37: ...r on the LAN for Access Control Warning Ensure your own PC is in the Trusted Wireless Stations list before enabling this feature Local Trusted Stations This table lists any Wireless Stations you have...

Страница 38: ...eless Stations This lists any Wireless Stations which you have designated as Trusted Other Wireless Stations This list any Wireless Stations detected by the Access Point which you have not designated...

Страница 39: ...Stations list Edit To change an existing entry in the Trusted Stations list select it and click this button 1 Select the Station in the Trusted Station list 2 Click the Edit button The address will b...

Страница 40: ...ients voice and multimedia traffic will be given a higher priority than other traffic No Acknowledgement If enabled then WMM acknowledgement is disabled Depend ing on the environment disabling acknowl...

Страница 41: ...e desired option The default is Long The Short setting takes less time when used in a good environment 802 11b Protection Mode The Protection system is intended to prevent older 802 11b devices from i...

Страница 42: ...selected enter the PIN code from the client device in this field and click Register button x If the third option is selected enter the displayed PIN code to the client device Change AP Settings Enter...

Страница 43: ...so more complex Using WEP For each of the following items each Wireless Station must have the same settings as the Wireless Access Point Mode On each PC the mode must be set to Infrastructure SSID ESS...

Страница 44: ...to Infrastructure SSID ESSID This must match the value used on the Wireless Access Point The default value is wireless Note The SSID is case sensitive Wireless Security On each client Wireless securi...

Страница 45: ...or the Radius Server 802 1x Encryption Typically EAP TLS is used This is a dynamic key system so keys do NOT have to be entered on each Wireless station However you can also use a static WEP key EAP M...

Страница 46: ...default prompts ensure that DNS is installed and enabled during installa tion Services Installation 1 Select the Control Panel Add Remove Programs 2 Click Add Remove Windows Components from the left...

Страница 47: ...ess Point User Guide Figure 27 Components Screen 4 Click Next 5 Select the Enterprise root CA and click Next Figure 28 Certification Screen 6 Enter the information for the Certificate Authority and cl...

Страница 48: ...be stopped before continuing Click Ok then Finish DHCP server configuration 1 Click on the Start Programs Administrative Tools DHCP 2 Right click on the server entry as shown and select New Scope Figu...

Страница 49: ...r the router address for the current subnet The router address may be left blank if there is no router Click Next 10 For the Parent domain enter the domain you specified for the domain controller setu...

Страница 50: ...select New Certificate to Issue Figure 33 Certificate Authority Screen 3 Select Authenticated Session and Smartcard Logon select more than one by holding down the Ctrl key Click OK Figure 34 Template...

Страница 51: ...ect the Group Policy tab choose Default Domain Policy then click Edit Figure 36 Group Policy Tab 7 Select Computer Configuration Windows Settings Security Settings Public Key Policies right click Auto...

Страница 52: ...puter then click Next Figure 38 Certificate Template Screen 10 Ensure that your certificate authority is checked then click Next 11 Review the policy change information and click Finish 12 Click Start...

Страница 53: ...ss Access Point and set the shared secret as entered on the Security Settings of the Wireless Access Point 5 Click Finish 6 Right click on Remote Access Policies select New Remote Access Policy 7 Assu...

Страница 54: ...Authentication tab Enable Extensible Authentication Protocol and select Smart Card or other Certificate Deselect other authentication meth ods listed Click OK Figure 41 Authentication Screen 12 Selec...

Страница 55: ...Access Login for Users 1 Select Start Programs Administrative Tools Active Directory Users and Computers 2 Double click on the user who you want to enable 3 Select the Dial in tab and enable Allow acc...

Страница 56: ...are using Windows XP x You are connecting to a Windows 2000 server for authentication x You already have a login User name and password on the Windows 2000 server Client Certificate Setup 1 Connect t...

Страница 57: ...Wireless Access Point User Guide Figure 44 Wireless CA Screen 5 Select User certificate request and select User Certificate the click Next Figure 45 Request Type Screen 6 Click Submit 54...

Страница 58: ...e 46 Identifying Information Screen 7 A message will be displayed then the certificate will be returned to you Click Install this certificate Figure 47 Certificate Issued Screen 8 You will receive a c...

Страница 59: ...k Connection and select Properties 3 Select the Authentication Tab and ensure that Enable network access control using IEEE 802 1X is selected and Smart Card or other Certificate is selected from the...

Страница 60: ...encryption for a wireless network follow this procedure 1 Click on the Wireless Networks tab Figure 50 Wireless Networks Screen 2 Select the wireless network from the Available Networks list and clic...

Страница 61: ...Wireless Access Point User Guide Figure 51 Properties Screen Setup for Windows XP and 802 1x client is now complete 58...

Страница 62: ...ey is pro vided for me automatically Instead you must enter the WEP key manually ensuring it matches the WEP key used on the Access Point Figure 52 Properties Screen Note On some systems the 64 bit WE...

Страница 63: ...However you may need to perform the following operations on a regular basis x If using the Access Control feature update the Trusted PC database as required See Access Control in Chapter 3 for details...

Страница 64: ...dress was obtained from a DHCP Server on your network It will display Enabled or Disabled DHCP Server Enabled or Disabled is displayed for the DHCP server status Ethernet Status The current Ethernet s...

Страница 65: ...t User Guide Statistics Screen This screen is displayed when the Statistics button on the Status screen is clicked It shows details of the traffic flowing through the Wireless Access Point Figure 54 S...

Страница 66: ...ection between the AP and the client Usually clients associ ate with only one 1 AP at any time Disassociation The number of Disassociation packets received Disassociation breaks the existing connectio...

Страница 67: ...AP if you didn t change the name the default name is used BSSIS The MAC address of the VAP SSID The SSID assigned to this VAP Broadcast SSID Indicates whether or not the SSID is broadcast Security The...

Страница 68: ...ata Activity Log Data Current Time The system date and time is displayed Log The Log shows details of the connections to the Wireless Access Point Buttons Refresh Update the data on screen Save to Fil...

Страница 69: ...Data Station List Screen Station List MAC Address The MAC physical address of each Wireless Station is displayed Mode The mode of each Wireless Station SSID This displays the SSID used the Wireless st...

Страница 70: ...s Point s Man agement menu x Admin Login x Auto Config Update x Config File x SNMP Settings x Log Settings x Upgrade Firmware Admin Login Screen The Admin Login screen allows you to assign a password...

Страница 71: ...nabled you must provide a port number in the field below Either HTTP or HTTPS must be enabled HTTP Port Number Enter the port number to be used for HTTP connections to this device The default value is...

Страница 72: ...equests from other AP will be ignored Provide admin login name and password If enabled the login name and password need to be provided Provide Respond to Auto Configuration setting If enabled the Resp...

Страница 73: ...f cur rent settings to a file Once you have the Access Point working properly you should back up the settings to a file on your computer You can later restore the Access Point s settings from this fil...

Страница 74: ...ory default settings click Set to Defaults button Note x This will terminate the current connection The Access Point will be unavailable until it has restarted x By default the Access Point will act a...

Страница 75: ...igure 61 SNMP Screen Data SNMP Screen General SNMP Use this to enable or disable SNMP as required Read Only com munity Data can be read but not changed Read Write Com munity Data can be read and setti...

Страница 76: ...ed Only this station The IP address is checked and must match the address you enter in the IP address field provided If selected you must enter the IP address of the required station Traps Version Sel...

Страница 77: ...if different PCs act as the Syslog server at different times x Unicast Select this if the same PC is always used as the Syslog server If selected you must enter the server ad dress in the field provi...

Страница 78: ...dress the log is to be sent to E mail Log Now Press this button to let the log to be e mailed immediately Log Email Alerts Use these checkboxes to determine which events are included in the log Checki...

Страница 79: ...e the following Figure 63 Firmware Upgrade Screen To perform the Firmware Upgrade 1 Click the Browse button and navigate to the location of the upgrade file 2 Select the upgrade file Its name will app...

Страница 80: ...802 11b CCK 11 Mbps 5 5 Mbps DQPSK 2 Mbps DBPSK 1 Mbps Operating Frequencies 2 412 2 497 GHz 11b Operating Channels 802 11g 11 for North America 13 for Europe ETSI 14 for Japan 802 11b 11 for North Am...

Страница 81: ...IEEE 802 11d x CTS only CTS RTS protect mechanism support x WMM support x WPS support x Wireless isolations Operation Mode x Common AP PTMP PTP x Universal Repeater x Universal Client x Rogue AP Dete...

Страница 82: ...2c v3 x LLTD x Only wired users to be able to control x Auto configuration Other Features x DHCP client x WINS client x Radius client x Enable Disable wireless x Network Integrality Check x FTP client...

Страница 83: ...om that to which the receiver is connected x Consult the dealer or an experienced radio TV technician for help To assure continued compliance any changes or modifications not expressly approved by the...

Страница 84: ...IP Address automatically DHCP client restart it x You can use the following method to determine the IP address of the Wireless Access Point and then try to connect using the IP address in stead of th...

Страница 85: ...n the Wire less Access Point x On the PC the wireless mode is set to Infrastructure x If using the Access Control feature the PC s name and address is in the Trusted Stations list x If using 802 1x mo...

Страница 86: ...no need to change the TCP IP of each PC Just configure the Wireless Access Point to match your existing LAN The following sections provide details about checking the TCP IP settings for various types...

Страница 87: ...n IP Address automatically This is the default Windows settings To work correctly you need a DHCP server on your LAN Using Specify an IP Address If your PC is already configured for a fixed specified...

Страница 88: ...gs Windows NT4 0 1 Select Control Panel Network and on the Protocols tab select the TCP IP protocol as shown below Figure 67 Windows NT4 0 TCP IP 2 Click the Properties button to see a screen like the...

Страница 89: ...P address from a DHCP Server This is the default Windows setting This is the default Windows settings To work correctly you need a DHCP server on your LAN Using Specify an IP Address If your PC is alr...

Страница 90: ...Right click the Local Area Connection icon and select Properties You should see a screen like the following Figure 69 Network Configuration Win 2000 3 Select the TCP IP protocol for your network card...

Страница 91: ...ndows setting This is the default Windows settings To work correctly you need a DHCP server on your LAN Using a fixed IP Address Use the following IP Address If your PC is already configured for a fix...

Страница 92: ...lick the Local Area Connection and choose Properties You should see a screen like the following Figure 71 Network Configuration Windows XP 3 Select the TCP IP protocol for your network card 4 Click on...

Страница 93: ...is the default Windows setting To work correctly you need a DHCP server on your LAN Using a fixed IP Address Use the following IP Address If your PC is already configured for a fixed specified IP add...

Страница 94: ...l Area Connection Status and choose Properties Click Continue to the User Account Control dialog box then you should see a screen like the following Figure 73 Network Configuration Windows Vista 3 Sel...

Страница 95: ...ss automatically This is the default Windows setting To work correctly you need a DHCP server on your LAN Using a fixed IP Address Use the following IP Address If your PC is already configured for a f...

Страница 96: ...ess Stations e g Notebook PCs with wireless cards to a wired Ethernet LAN The Wireless Stations can then access all LAN resources Access Points can only function in Infrastructure mode and can communi...

Страница 97: ...ccess Point If more than one Access Point can be used the one with the strongest signal is used This can only happen within an ESS x If using Ad hoc mode no Access Point all Wireless stations should b...

Страница 98: ...ed 802 1x This uses the 802 1x standard for client authentication and WEP for data encryption If possi ble you should use WPA Enterprise instead because WPA encryption is much stronger than WEP encryp...

Страница 99: ...ssword 3 Once connected you can use any of the commands listed in the following Command Reference Command Reference The following commands are available config vap Config Virtual AP X Display CLI Comm...

Страница 100: ...eway Display Gateway IP Address get gtkupdate Display Group Key Update Mode get gtkupdateinterval Display Group Key Update Interval in Seconds get http Display HTTP Mode get httpport Display HTTP Port...

Страница 101: ...Short Preamble Usage get snmpreadcommu nity Display SNMP Read Community get snmpwritecommu nity Display SNMP Write Community get snmpmode Display SNMP Mode get snmpmanagemode Display SNMP Manager Mode...

Страница 102: ...1n A MPDU Aggregation Mode set 11namsdu Set 11n A MSDU Aggregation Mode set 11nguardinterval Set 11n Guard Interval Mode set 11nsubchannel Set 11n Extension Sub Channel set 11nradioband Set 11n Radio...

Страница 103: ...et isolation Set Isolate All Virtual APs State set key Set WEP Key Value set keylength Set WEP Key Length set lltd Set LLTD Mode set md5supplicant Set 802 1x MD5 Supplicant Mode set md5suppname Set 80...

Страница 104: ...thproto Set SNMP v3 Authentication Protocol set snmpv3authkey Set SNMP v3 Authentication Key set snmpv3privproto Set SNMP v3 Private Protocol set snmpv3privkey Set SNMP v3 Private Key set ssid Set Ser...

Страница 105: ...reless Access Point User Guide set wmm Set WMM Mode set wmmnoack Set WMM No Acknowledge factoryrestore Restore to Default Factory Settings apply To make the changes take effect exit Quit the telnet 10...

Результаты поиска

Содержание AP101nA

Отзывы:

Бренды по названию

Популярные бренды

Sercomm AP101nA, Руководство пользователя

Результаты поиска

Содержание AP101nA

Отзывы:

Бренды по названию

Популярные бренды