ZyXEL Communications NWA-3550 Скачать руководство пользователя страница 339 | Manualshive

Страница: 339 / 408

background image

Appendix B Wireless LANs

NWA-3500/NWA-3550 User’s Guide

339

However, MD5 authentication has some weaknesses. Since the authentication
server needs to get the plaintext passwords, the passwords must be stored. Thus
someone other than the authentication server may access the password file. In
addition, it is possible to impersonate an authentication server as MD5
authentication method does not perform mutual authentication. Finally, MD5
authentication method does not support data encryption with dynamic session
key. You must configure WEP encryption keys for data encryption.

EAP-TLS (Transport Layer Security)

With EAP-TLS, digital certifications are needed by both the server and the wireless
clients for mutual authentication. The server presents a certificate to the client.
After validating the identity of the server, the client sends a different certificate to
the server. The exchange of certificates is done in the open before a secured
tunnel is created. This makes user identity vulnerable to passive attacks. A digital
certificate is an electronic ID card that authenticates the sender’s identity.
However, to implement EAP-TLS, you need a Certificate Authority (CA) to handle
certificates, which imposes a management overhead.

EAP-TTLS (Tunneled Transport Layer Service)

EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for
only the server-side authentications to establish a secure connection. Client
authentication is then done by sending username and password through the
secure connection, thus client identity is protected. For client authentication, EAP-
TTLS supports EAP methods and legacy authentication methods such as PAP,
CHAP, MS-CHAP and MS-CHAP v2.

PEAP (Protected EAP)

Like EAP-TTLS, server-side certificate authentication is used to establish a secure
connection, then use simple username and password methods through the
secured connection to authenticate the clients, thus hiding client identity.
However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2
and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is
implemented only by Cisco.

LEAP

LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of
IEEE 802.1x.

«
...
337
338
339
340
341
...
»

Содержание NWA-3550

Страница 1: ...550 802 11a g Dual Radio Wireless Business AP 802 11a g Dual Radio Outdoor WLAN Business AP Copyright 2009 ZyXEL Communications Corporation Firmware Version 3 7 Edition 2 8 2009 Default Login Details...

Страница 2: ......

Страница 3: ...g up your network and configuring for Internet access Note It is recommended you use the web configurator to configure the NWA Support Disc Refer to the included CD for support documents ZyXEL Web Sit...

Страница 4: ...contact your vendor then contact a ZyXEL office for the region in which you bought the device See http www zyxel com web contact_us php for contact information Please have the following information re...

Страница 5: ...font A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more characters and then press th...

Страница 6: ...ed in Figures Figures in this User s Guide may use the following generic icons The NWA icon is not an exact representation of your NWA Table 1 Common Icons NWA Computer Notebook Server Printer Telepho...

Страница 7: ...as it might cause electrocution If the power adaptor or cord is damaged remove it from the device and the power source Do NOT attempt to repair the power adaptor or cord Contact your local vendor to o...

Страница 8: ...Safety Warnings NWA 3500 NWA 3550 User s Guide 8...

Страница 9: ...eless Configuration 119 SSID Screen 145 Wireless Security Screen 155 RADIUS Screen 169 Layer 2 Isolation Screen 173 MAC Filter Screen 179 IP Screen 183 Rogue AP Detection 187 Remote Management Screens...

Страница 10: ...Contents Overview NWA 3500 NWA 3550 User s Guide 10...

Страница 11: ...25 1 2 2 1 Bridge Repeater Mode Example 26 1 2 3 AP Bridge 28 1 2 4 MBSSID 28 1 2 5 Pre Configured SSID Profiles 30 1 2 6 Configuring Dual WLAN Adaptors 30 1 3 CAPWAP 31 1 4 Ways to Manage the NWA 32...

Страница 12: ...52 3 3 3 2 Set up Layer 2 Isolation 53 3 3 3 3 Activate the Guest Profile 54 3 3 4 Testing the Wireless Networks 54 3 4 How to Set Up and Use Rogue AP Detection 55 3 4 1 Set Up and Save a Friendly AP...

Страница 13: ...WAP 87 5 2 1 CAPWAP Discovery and Management 88 5 2 2 CAPWAP and DHCP 88 5 2 3 CAPWAP and IP Subnets 88 5 2 4 Notes on CAPWAP 89 5 3 The Management Mode Screen 90 Chapter 6 AP Controller Mode 93 6 1 O...

Страница 14: ...ess Screen 120 8 3 The Wireless Screen 123 8 3 1 Access Point Mode 123 8 3 2 Bridge Repeater Mode 126 8 3 3 AP Bridge Mode 131 8 3 4 MBSSID Mode 136 8 4 Technical Reference 139 8 4 1 Spanning Tree Pro...

Страница 15: ...curity WPA2 or WPA2 MIX 164 10 2 6 Security WPA PSK WPA2 PSK WPA2 PSK MIX 166 10 3 Technical Reference 167 Chapter 11 RADIUS Screen 169 11 1 Overview 169 11 1 1 What You Can Do in the RADIUS Screen 17...

Страница 16: ...gue AP Screen 192 Chapter 16 Remote Management Screens 195 16 1 Overview 195 16 1 1 What You Can Do in the Remote Management Screens 196 16 1 2 What You Need To Know About Remote Management 196 16 2 T...

Страница 17: ...int of a Certificate 234 Chapter 19 Log Screens 235 19 1 Overview 235 19 1 1 What You Can Do in the Log Screens 235 19 1 2 What You Need To Know About Logs 236 19 2 The View Log Screen 236 19 3 The Lo...

Страница 18: ...r 23 Maintenance 275 23 1 Overview 275 23 2 What You Can Do in the Maintenance Screens 275 23 3 What You Need To Know 275 23 4 System Status Screen 276 23 4 1 Show Statistics Screen 276 23 5 Associati...

Страница 19: ...ppendices and Index 303 Appendix A Setting Up Your Computer s IP Address 305 Appendix B Wireless LANs 331 Appendix C Pop up Windows JavaScripts and Java Permissions 347 Appendix D Importing Certificat...

Страница 20: ...Table of Contents NWA 3500 NWA 3550 User s Guide 20...

Страница 21: ...21 PART I Introduction Introducing the NWA 23 The Web Configurator 37 Status Screens 83 Management Mode 87 Tutorial 41...

Страница 22: ...22...

Страница 23: ...less modules and supporting up to eight Basic Service Set Identifiers BSSID simultaneously The Quality of Service QoS features allow you to prioritize time sensitive or highly important applications s...

Страница 24: ...ch operating mode are shown below Note A different channel should be configured for each WLAN interface to reduce the effects of radio interference 1 2 1 Access Point The NWA is an ideal access soluti...

Страница 25: ...STP to prevent bridge loops When the NWA is in Bridge Repeater mode security between APs the Wireless Distribution System or WDS is independent of the security between the wireless stations and the AP...

Страница 26: ...ess Distribution System allowing the computers in LAN 1 to connect to the computers in LAN 2 Figure 4 Bridging Example Be careful to avoid bridge loops when you enable bridging in the NWA Bridge loops...

Страница 27: ...in bridge mode is connected to a wired LAN while communicating with another wireless bridge that is also connected to the same wired LAN Figure 6 Bridge Loop Bridge Connected to Wired LAN To prevent b...

Страница 28: ...tween the wireless stations and the AP If you do not enable WDS security traffic between APs is not encrypted When WDS security is enabled both APs must use the same pre shared key Unless specified th...

Страница 29: ...SID appears to be a different access point As in any wireless network clients can associate only with the SSIDs for which they have the correct security settings For example you might want to set up a...

Страница 30: ...t not have access to the rest of the network Layer 2 isolation is enabled see Section on page 178 and QoS is set to NONE Intra BSS traffic blocking is also enabled see Section 8 1 2 on page 120 These...

Страница 31: ...t other access points The managed APs receive all their configuration information from the controller AP The CAPWAP dataflow is protected by Datagram Transport Layer Security DTLS The following ZyXEL...

Страница 32: ...uess and that consists of different types of characters such as numbers and letters Write down the password and put it in a safe place Back up the configuration and make sure you know how to restore i...

Страница 33: ...ntrol who can manage your NWA See Chapter 16 on page 195 for more information If you enable remote management ensure you have enabled remote management only on the IP addresses services or interfaces...

Страница 34: ...ions 1 7 1 Antennas Your NWA has two wireless LAN adaptors WLAN1 and WLAN2 WLAN1 uses the RF1 antenna or the antenna on the right when facing the device WLAN2 uses the RF2 antenna or the antenna on th...

Страница 35: ...D mode and is functioning normally The NWA is in AP Bridge or Bridge Repeater mode and has not established a Wireless Distribution System WDS connection or The NWA is not receiving power 3 WL2 Green O...

Страница 36: ...connection Blinking The NWA has a 10 Mbps Ethernet connection and is sending or receiving data Yellow On The NWA has a 100 Mbps Ethernet connection Blinking The NWA has a 100 Mbps Ethernet connection...

Страница 37: ...t to the NWA refer to the Quick Start Guide 2 Launch your web browser 3 Type http 192 168 1 2 as the URL default 4 Type 1234 default as the password and click Login In some versions the default passwo...

Страница 38: ...ess the web configurator you will need to use the RESET button This replaces the current configuration file with the factory default configuration file This means that you will lose all the settings y...

Страница 39: ...ures such as MGNT MODE Controller AP Standalone AP or Managed AP SYSTEM General Password and Time Setting WIRELESS Wireless SSID Security RADIUS Layer 2 Isolation MAC Filter IP ROGUE AP Configuration...

Страница 40: ...Chapter 2 The Web Configurator NWA 3500 NWA 3550 User s Guide 40...

Страница 41: ...sing the same security and Quality of Service QoS settings See Section 1 2 1 on page 24 for details Use Bridge Repeater operating mode if you want to use the NWA to communicate with other access point...

Страница 42: ...y Profile Configure RADIUS authentication optional Configure internal AUTH SERVER optional Configure Layer 2 Isolation optional Configure MAC Filter optional Select 802 11 Mode and Channel ID Configur...

Страница 43: ...ple Wireless Networks In this example you have been using your NWA as an access point for your office network See your Quick Start Guide for information on how to set up your NWA in Access Point mode...

Страница 44: ...ork VoIP_SSID has access to all resources and a high QoS setting The guest network Guest_SSID has access to the Internet and the network printer only and a low QoS setting To configure these settings...

Страница 45: ...g Mode Log in to the NWA see Section 2 2 on page 37 Click Wireless Wireless The Wireless screen appears 3 3 1 1 Access Point Set the NWA s WLAN Interface WLAN1 is set to Access Point operating mode an...

Страница 46: ...ble allows you to activate or deactivate SSID profiles Your wireless network was previously using the SSID03 profile so select SSID04 in one of the Profile list boxes number 3 in this example Select t...

Страница 47: ...You cannot change this security profile without changing the standard network s parameters so when you set up security for the VoIP_SSID and Guest_SSID profiles you will need to set different security...

Страница 48: ...he SSID to wireless clients scanning the area 3 The standard network SSID04 is currently using the security01 profile so use a different profile for the VoIP network If you used the security01 profile...

Страница 49: ...you do not have a RADIUS server for authentication so select WPA2 PSK in the Security Mode field WPA2 PSK provides strong security that anyone with a compatible wireless client can use once they know...

Страница 50: ...onfigure the Guest Network When you are setting up the wireless network for guests to your office your primary concern is to keep your network secure while allowing access to certain resources such as...

Страница 51: ...D changes the SSID profile name Guest_SSID remains the same as before 2 Select Disable from the Hide Name SSID list box This makes it easier for guests to configure their own computers wireless client...

Страница 52: ...y 2 Select WPA PSK in the Security Mode field WPA PSK provides strong security that is supported by most wireless clients Even though your Guest_SSID clients do not have access to sensitive informatio...

Страница 53: ...reen appears Figure 26 Tutorial Layer 2 Isolation The Guest_SSID network uses the l2isolation01 profile by default so select its entry and click Edit The following screen displays Figure 27 Tutorial L...

Страница 54: ...led Try to access each network using the correct security settings and then using incorrect security settings such as the WPA PSK for another active network If the behavior is different from expected...

Страница 55: ...ecurity considerations In this example you want to ensure that your company s data is not accessible to an attacker gaining entry to your wireless network through a rogue AP Your wireless network oper...

Страница 56: ...network When configuring the rogue AP feature on your NWAs in this example you will need to use the information in the following table You need the IP addresses of your APs to access their Web configu...

Страница 57: ...P Detection 3 Set up e mail alerts 4 Configure your other access points 5 Test the setup 3 4 1 Set Up and Save a Friendly AP list Take the following steps to set up and save a list of access points yo...

Страница 58: ...The Friendly AP screen now appears as follows Figure 31 Tutorial Friendly AP After Data Entry 3 Next you will save the list of friendly APs in order to provide a backup and upload it to your other acc...

Страница 59: ...ing appears click Save Figure 33 Tutorial Warning 5 Save the friendly AP list somewhere it can be accessed by all the other access points on the network In this example save it on the network file ser...

Страница 60: ...Period Detection field Figure 35 Tutorial Periodic Rogue AP Detection 2 In the Period field enter how often you want the NWA to scan for rogue APs You can have the NWA scan anywhere from once every te...

Страница 61: ...LOGS Log Settings The following screen appears Figure 36 Tutorial Log Settings 2 In this example your mail server s IP address is 192 168 1 25 Enter this IP address in the Mail Server field 3 Enter a...

Страница 62: ...ss points on your network to do the same things For each access point take the following steps 1 From a computer on the wired network enter the access point s IP address and login to its Web configura...

Страница 63: ...nfigurator and click ROGUE AP Rogue AP Refresh to have the NWA perform a scan immediately Check the ROGUE AP Rogue AP screen You should see an entry in the list with the same MAC address as your rogue...

Страница 64: ...You want to set up a second wireless network to allow only Bob to access Server 2 and the Internet 3 5 3 Setup In this example you have already set up the NWA in MBSSID mode see Chapter 12 on page 173...

Страница 65: ...To configure MAC filtering you need to know the MAC addresses of the devices Alice and Bob use to connect to the network which are as follows 3 5 4 Configure the SERVER_1 Network First you will set u...

Страница 66: ...s Guide 66 Take the following steps to configure the SERVER_1 network 1 Log into the NWA s Web Configurator and click Wireless SSID The following screen displays showing the SSID profiles you already...

Страница 67: ...and click Edit The following screen displays Figure 40 Tutorial Layer 2 Isolation Edit 4 Enter the network switch s MAC Address and add a Description NET_SWITCH in this case in Index 1 s entry 5 Ente...

Страница 68: ...u entered The SERVER_1 network is now configured 3 5 5 Configure the SERVER_2 Network Next you will configure the SERVER_2 network that allows Bob to access secure server 2 and the Internet To do this...

Страница 69: ...ck that the NWA is using the correct SSIDs MAC filters and layer 2 isolation profiles 1 Click Wireless Wireless Check that the Operating Mode is MBSSID and that the correct SSID profiles are selected...

Страница 70: ...ecurity settings do the following Attempt to access Server 1 You should be able to do so Attempt to access the Internet You should be able to do so Attempt to access Server 2 You should be unable to d...

Страница 71: ...the individual Security layer 2 isolation and MAC filter profiles for the relevant network If this does not help see the Troubleshooting chapter in this User s Guide 3 6 How to Configure Management M...

Страница 72: ...Setup In this example each of your NWA standalone AP mirror each other They all have the same SSID profiles stored First you need to download the configuration file from one of your NWAs for backup pu...

Страница 73: ...oller APs 3 Add the newly converted managed APs B C and D from step 4 to the Managed Access Points List of the NWA primary controller AP 4 Check your settings and test the configuration This example u...

Страница 74: ...as soon as the secondary controller AP fails to detect the primary AP controller s presence This happens when the primary controller AP is disconnected from the network rebooting or turned off Note W...

Страница 75: ...ncy Then select Primary AP Controller and enter the IP address of the secondary controller AP required Click Apply Note Only NWAs in managed AP mode are visible to the controller AP 3 6 5 Setting Your...

Страница 76: ...be managed to controller APs that are within range even if the controller AP belongs to another network 3 You are logged out of the Web Configurator and the screen shows a message that the device is r...

Страница 77: ...AP Lists Figure 50 Tutorial AP List Un Managed 2 Select the NWA managed APs from the Un Managed Access Points List as shown in the screen above You can also identify these managed APs by filling in th...

Страница 78: ...anaged 4 In the screen that opens choose the radio profile for each WLAN radio and click Apply Figure 52 Tutorial Managed AP WLAN Radio Profile In this example the 1st floor NWA managed AP uses radio0...

Страница 79: ...hecking your Setup MGNT Mode Settings Open the wireless client s screen that list the available networks within range In the image above we can see Mktg Grp 6 which is the SSID in the WLAN1 radio prof...

Страница 80: ...Chapter 3 Tutorial NWA 3500 NWA 3550 User s Guide 80...

Страница 81: ...n 119 SSID Screen 145 Wireless Security Screen 155 RADIUS Screen 169 Layer 2 Isolation Screen 173 MAC Filter Screen 179 IP Screen 183 Rogue AP Detection 187 Remote Management Screens 195 Internal RADI...

Страница 82: ...82...

Страница 83: ...look at the current status of the device system resources and interfaces The Status screen also provides detailed information about system statistics associated wireless clients and logs 4 2 The Stat...

Страница 84: ...less screen WLAN2 Operating Mode This field displays the current operating mode of the second wireless module AP Bridge Repeater AP Bridge or MBSSID You can change the operating mode in the Wireless W...

Страница 85: ...is not in use SSID Status Interface This column displays each of the NWA s wireless interfaces SSID This field displays each of the SSIDs currently in use BSSID This field displays the MAC address of...

Страница 86: ...x or full duplex mode Full duplex refers to a device s ability to send and receive simultaneously while half duplex indicates that traffic can flow in only one direction at a time The Ethernet port mu...

Страница 87: ...eless Access Points CAPWAP network 5 2 About CAPWAP The NWA supports CAPWAP This is ZyXEL s implementation of the IETF s CAPWAP protocol RFC 4118 The CAPWAP dataflow is protected by Datagram Transport...

Страница 88: ...to its Managed Access Points list and provides the managed AP with default configuration information as well as securely transmitting the DTLS pre shared key The managed AP is ready for association wi...

Страница 89: ...implementation of the CAPWAP protocol When the AP controller uses its internal Remote Authentication Dial In User Service RADIUS server managed APs also use the AP controller s authentication server...

Страница 90: ...ou do this the NWA can be configured ONLY by the management AP If you do not have an AP controller on your network and want to return the NWA to standalone mode you must use its physical RESET button...

Страница 91: ...NWA restarts Wait a short while before you attempt to log in again If you changed the mode to Managed AP you cannot log in as the web configurator is disabled you must manage the NWA through the manag...

Страница 92: ...Chapter 5 Management Mode NWA 3500 NWA 3550 User s Guide 92...

Страница 93: ...view information about your managed wireless network Use the AP Lists screen Section 6 4 on page 97 to manage connected APs Use the Configuration screen Section 6 5 on page 101 to control the way in w...

Страница 94: ...the wireless clients of the managed APs 6 1 3 Before You Begin The Controller AP options are only available when the NWA is set to function in this mode Therefore ensure that you have switched modes...

Страница 95: ...all the Managed APs B Note A managed AP may potentially be turned off if it is within range of its controller AP while the controller AP updates its settings The managed AP retains the last settings a...

Страница 96: ...its a management request over the network Management Mode When the NWA is in AP controller mode this displays Controller AP Status On line This field displays the number of access points managed by th...

Страница 97: ...ast synchronization with the secondary AP controller succeeded SUCCESS or failed DISABLED Last Synchronization Time This field displays the last date and time when the NWA synchronized settings with t...

Страница 98: ...d AP Select Click the topmost box either to select or deselect all NWAs in the list Click an NWA s checkbox to select it and apply a corresponding action You can also click several items at the same t...

Страница 99: ...re in managed AP mode but which are not currently controlled by the NWA Index This is the index number of an unmanaged AP that is requesting to be managed by the NWA Select Click the topmost box eithe...

Страница 100: ...board characters Enable Breathing LED Select this box to disable the WLAN LED light Clear this box to enable the WLAN LED WLAN1 Radio Profile Select the radio profile you want to use for this AP Confi...

Страница 101: ...ations between the NWA and its managed APs This key is used to encrypt DTLS Datagram Transport Layer Security transmissions Enter 8 32 English keyboard characters The proprietary AutoPSK protocol tran...

Страница 102: ...Profile Edit screens which are available only in AP controller mode The following Profile Edit screens are identical to those in standalone mode Table 15 Redundancy Screen LABEL DESCRIPTION Redundancy...

Страница 103: ...e Screen Use this screen to configure radio profiles Radio profiles contain information about an AP s wireless settings and can be applied to APs managed by the NWA In AP Controller mode click Profile...

Страница 104: ...rofile Edit Radio screen select a profile and click Edit The following screen displays Figure 68 Radio Edit Screen Channel ID This field displays the wireless channel the radio profile uses Edit Click...

Страница 105: ...n the 802 11 Radio Mode field Select this if you do not want to use DFS Dynamic Frequency Selection DFS dynamic frequency selection allows an AP to detect other devices in the same channel If there is...

Страница 106: ...dication Message DTIM is the time period after which broadcast and multicast packets are transmitted to mobile clients in the Active Power Management mode A high DTIM value can cause clients to lose c...

Страница 107: ...pter 6 AP Controller Mode NWA 3500 NWA 3550 User s Guide 107 Apply Click Apply to save your changes Reset Click Reset to begin configuring this screen afresh Table 17 Radio Edit Screen LABEL DESCRIPTI...

Страница 108: ...Chapter 6 AP Controller Mode NWA 3500 NWA 3550 User s Guide 108...

Страница 109: ...e on the device 7 1 1 What You Can Do in the System Screens Use the General screen see Section 7 2 on page 111 to specify the System name Domain name and Web Configurator timeout limit You can also co...

Страница 110: ...rmation on address assignment please refer to RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines for Management of IP Address Space IP Address and Subnet Mask Similar to the way...

Страница 111: ...structed to do otherwise 7 2 General Screen Use the General screen to identify your NWA over the network Click System General The following screen displays Figure 70 System General The following table...

Страница 112: ...dress The field to the right displays the read only DNS server IP address that the DHCP assigns Select User Defined if you have the IP address of a DNS server Enter the DNS server s IP address in the...

Страница 113: ...ect this to have the NWA use the local management password already configured on the device 1234 is the default Use new setting Select this if you want to change the local management password Old Pass...

Страница 114: ...ing PEAP authentication in your RADIUS server this password field is limited to 14 ASCII characters in length RADIUS Select the RADIUS server profile of the RADIUS server that is to authenticate manag...

Страница 115: ...d this page the NWA synchronizes the time with the time server if configured Current Date This field displays the last updated date from the time server Time and Date Setup Manual Select this radio bu...

Страница 116: ...Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening Start Date Configure th...

Страница 117: ...then attempts to synchronize with one of the following pre defined list of NTP time servers End Date Configure the day and time when Daylight Saving Time ends if you selected Enable Daylight Saving Th...

Страница 118: ...rs it randomly selects one server and tries to synchronize with it If the synchronization fails then the NWA goes through the rest of the list in order from the first one tried until either it is succ...

Страница 119: ...above the NWA ZyXEL Device allows access to another bridge device A and a notebook computer B upon verifying their settings and credentials It denies access to other devices C and D with configuratio...

Страница 120: ...is traffic between wireless stations in the BSS When Intra BSS traffic blocking is disabled wireless stations A and B can access the wired network and communicate with each other When Intra BSS traffi...

Страница 121: ...ws wireless communication to other devices in the network Bridge Repeater The NWA acts as a wireless network bridge and establishes wireless links with other APs You need to know the MAC address of th...

Страница 122: ...a different channel than an adjacent AP access point to reduce interference Wireless Mode The IEEE 802 1x standard was designed to extend the features of IEEE 802 11 to support extended authenticatio...

Страница 123: ...s screen to choose the operating mode for your NWA Click Wireless Wireless The screen varies depending upon the operating mode you select Note Some fields in this screen may not apply to your NWA mode...

Страница 124: ...11a to allow only IEEE 802 11a compliant WLAN devices to associate with the NWA If you are configuring both WLAN interfaces it is recommended that you set the WLAN interfaces into different 802 11 mod...

Страница 125: ...ssages It is the maximum data fragment size that can be sent Enter an even number between 256 and 2346 Beacon Interval When a wirelessly networked device sends a beacon it includes with it a beacon in...

Страница 126: ...ps only Clients can always connect to the access point at this speed Optional Clients can connect to the access point at this speed when permitted to do so by the AP Disabled Clients cannot connect to...

Страница 127: ...peater The following table describes the bridge labels in this screen Table 24 Wireless Bridge Repeater LABEL DESCRIPTIONS WLAN Interface Select which WLAN adapter you want to configure It is recommen...

Страница 128: ...list box Click MAINTENANCE and then the Channel Usage tab to open the Channel Usage screen to make sure the channel is not already used by another AP or independent peer to peer wireless network To ha...

Страница 129: ...ic between APs is not encrypted Note WDS security is independent of the security settings between the NWA and any wireless clients When you enable WDS security also do the following Select the type of...

Страница 130: ...iversity Antenna diversity uses multiple antennas to reduce signal interference Enable Breathing LED Select this box to disable the WLAN LED light Clear this box to enable the WLAN LED Enable Spanning...

Страница 131: ...n NWA 3500 NWA 3550 User s Guide 131 8 3 3 AP Bridge Mode Use this screen to have the NWA function as a bridge and access point simultaneously Select AP Bridge as the Operating Mode The following scre...

Страница 132: ...enabling fast frame and packet bursting Disable channel switching for DFS This field displays only when you select 802 11a in the 802 11 Radio Mode field Select this if you do not want to use DFS Dyna...

Страница 133: ...elps save current consumption of the access point DTIM Delivery Traffic Indication Message DTIM is the time period after which broadcast and multicast packets are transmitted to mobile clients in the...

Страница 134: ...re shared key Configure WDS security and the relevant PSK in each of your other access point s Note Other APs must use the same encryption method to enable WDS security TKIP Select this to enable Temp...

Страница 135: ...a bridge to interact with other R STP compliant bridges in your network to ensure that only one path exists between any two stations on the network Select the check box to activate STP on the NWA Ena...

Страница 136: ...diplays Figure 79 Wireless MBSSID The following table describes the labels in this screen Table 26 Wireless MBSSID LABEL DESCRIPTION WLAN Interface Select which WLAN adapter you want to configure It i...

Страница 137: ...hannel ID Set the operating frequency channel depending on your particular region To manually set the NWA to use a channel select a channel from the drop down list box Click MAINTENANCE and then the C...

Страница 138: ...00 Full Power 50 25 12 5 or Minimum See the product specifications for more information on your NWA s output power Note Reducing the output power also reduces the NWA s effective broadcast radius Rate...

Страница 139: ...e pre configured VoIP_SSID profile and another of which is always the pre configured Guest_SSID profile Configure SSID profiles in the SSID screen Enable Antenna Diversity Select this to use antenna d...

Страница 140: ...mines the lowest cost spanning tree with STP it enables the root port and the ports that are the designated ports for connected LANs and disables all other ports that participate in STP Network packet...

Страница 141: ...ther channel then resumes communications on the new channel 8 4 3 Roaming A wireless station is a device with an IEEE 802 11a b g compliant wireless interface An access point AP acts as a bridge betwe...

Страница 142: ...less station moves between coverage areas Wireless stations can still associate with other APs even if you disable roaming Enabling roaming ensures correct traffic forwarding bridge tables are updated...

Страница 143: ...on the access point the new access point must have the user profile for the wireless station The adjacent access points should use different radio channels when their coverage areas overlap All acces...

Страница 144: ...Chapter 8 Wireless Configuration NWA 3500 NWA 3550 User s Guide 144...

Страница 145: ...figure above the NWA has three SSID profiles configured a standard profile SSID04 a profile with high QoS settings for Voice over IP VoIP users VoIP_SSID and a guest profile that allows visitors acces...

Страница 146: ...ings of your SSID profile you need to know the Media Access Control MAC addresses of the devices you want to allow access to it Each SSID profile references the settings configured in the following sc...

Страница 147: ...D profile on the NWA SSID This field displays the name of the wireless profile on the network When a wireless client scans for an AP to associate with this is the name that is broadcast and seen in th...

Страница 148: ...onfigure and click Edit to go to the SSID configuration screen Table 29 SSID LABEL DESCRIPTION Table 30 Configuring SSID LABEL DESCRIPTION Profile Name Displays the name identifying this profile SSID...

Страница 149: ...value assigned to it it is assigned the default priority If you select ATC from the QoS list the NWA automatically assigns priority based on packet size If you select ATC WMM from the QoS list the NW...

Страница 150: ...lications include both those that require a low level of latency and a low level of jitter such as Voice over IP or Internet gaming and those for which jitter alone is a problem such as Internet radio...

Страница 151: ...M function prioritizes all packets transmitted onto the wireless network using WMM QoS and prioritizes all packets transmitted onto the wired network using ATC See Section 9 2 1 on page 148 for detail...

Страница 152: ...size The following table shows how priorities are assigned for packets coming from the WLAN to the LAN when using ATC WMM 9 3 4 Type Of Service ToS Network traffic can be classified by setting the To...

Страница 153: ...n the ToS octet so that non DiffServ compliant ToS enabled network device will not conflict with the DSCP mapping The DSCP value determines the forwarding behavior the PHB Per Hop Behavior that each p...

Страница 154: ...uses for specific DSCP values Table 36 ToS and IEEE 802 1d to WMM QoS Priority Level Mapping DSCP VALUE WMM QOS PRIORITY LEVEL 224 192 voice 160 128 video 96 0 A A The NWA also uses best effort for a...

Страница 155: ...re 86 Securing the Wireless Network In the figure above the NWA ZyXEL Device checks the identity of devices A and B before giving them access to the network In this scenario A is denied access to the...

Страница 156: ...use the wireless network Furthermore there are ways for unauthorized wireless users to get a valid user name and password Then they can use that user name and password to use the wireless network You...

Страница 157: ...which security mode the wireless client uses Passphrase A passphrase functions like a password In WEP security mode it is further converted by the NWA into a complicated string that is referred to as...

Страница 158: ...able describes the labels in this screen Table 38 Wireless Security LABEL DESCRIPTION Index This is the index number of the security profile Profile Name This field displays a name given to a security...

Страница 159: ...is screen to set the selected profile to Wired Equivalent Privacy WEP security mode Select WEP in the Security Mode field to display the following screen Figure 89 Security WEP The following table des...

Страница 160: ...uto to have the NWA allow association with wireless clients that use Open System mode Data transfer is encrypted as long as the wireless client has the correct WEP key for encryption The NWA authentic...

Страница 161: ...thenticatio n Timer Specify how often wireless stations have to resend user names and passwords in order to stay connected The default value is 0 which means the reauthentication off Note If wireless...

Страница 162: ...this field ASCII Select this option to enter ASCII characters as the WEP keys Hex Select this option to enter hexadecimal characters as the WEP keys The preceding 0x is entered automatically Key 1 to...

Страница 163: ...wireless station authentication is done using a RADIUS server the reauthentication timer on the RADIUS server has priority Idle Timeout The NWA automatically disconnects a wireless station from the wi...

Страница 164: ...s priority Idle Timeout The NWA automatically disconnects a wireless station from the wired network after a period of inactivity The wireless station needs to enter the user name and password again be...

Страница 165: ...the AP sends a new group key out to all clients The re keying process is the WPA equivalent of automatically changing the group key for an AP and all stations in a WLAN on a periodic basis Setting of...

Страница 166: ...nisms used for WPA and WPA PSK are the same The only difference between the two is that WPA PSK uses a simple common password instead of user specific credentials Type a pre shared key from 8 to 63 ca...

Страница 167: ...s clients then use WEP key encrypting A higher bit key offers better security You can manually enter 64 bit 128 bit or 152 bit WEP keys More information on Wireless Security can be found in Appendix A...

Страница 168: ...Chapter 10 Wireless Security Screen NWA 3500 NWA 3550 User s Guide 168...

Страница 169: ...that supports authentication authorization and accounting The access point is the client and the server is the RADIUS server Figure 95 RADIUS Server Setup In the figure above wireless clients A and U...

Страница 170: ...onnected to the network Accounting which keeps track of the client s network activity RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless client and the n...

Страница 171: ...with the Index number above Primary Configure the fields below to set up user authentication and accounting Backup If the NWA cannot communicate with the Primary accounting server you can have the NWA...

Страница 172: ...ield is not available when you select Internal Share Secret Enter a password up to 128 alphanumeric characters as the key to be shared between the external authentication server and the NWA The key mu...

Страница 173: ...access the main network router B The router provides access to the Internet and the network printer D while preventing the client from accessing other computers and servers on the network The client c...

Страница 174: ...page 175 to configure the MAC addresses of the wireless client AP computer or router to which you want to allow the associated wireless clients to have access 12 1 2 What You Need To Know About Layer...

Страница 175: ...en appears as shown next Figure 98 Layer 2 Isolation The following table describes the labels in this screen Table 46 Layer 2 Isolation LABEL DESCRIPTION Index This is the index number of the profile...

Страница 176: ...ofile in the Wireless SSID Edit screen of the relevant SSID profile Figure 99 Layer 2 Isolation Configuration Screen The following table describes the labels in this screen Table 47 Layer 2 Isolation...

Страница 177: ...x number of the MAC address MAC Address Type the MAC addresses of the wireless client AP computer or router that you want to allow the associated wireless clients to have access to in these address fi...

Страница 178: ...C Address field and enter File Server C in the Description field Figure 101 Layer 2 Isolation Example 1 Example 2 Restricting Access to Client In the following example wireless clients 1 and 2 can com...

Страница 179: ...t because its MAC address is in the allowed association list specified in the NWA ZyXEL Device The MAC address of client A is either denied association or is not in the list of allowed wireless client...

Страница 180: ...nce one MAC filter profile The NWA provides 16 MAC Filter profiles each of which can hold up to 128 MAC addresses Click Wireless MAC Filter The screen displays as shown 13 2 1 Configuring the MAC Filt...

Страница 181: ...the filter action for the list of MAC addresses in the MAC address filter table Select Deny Association to block access to the router MAC addresses not listed will be allowed to access the router Sele...

Страница 182: ...Chapter 13 MAC Filter Screen NWA 3500 NWA 3550 User s Guide 182...

Страница 183: ...bove illustrates one possible setup of your NWA The gateway IP address is 192 168 1 1 and the IP address of the NWA is 192 168 1 2 default The gateway and the device must belong in the same subnet mas...

Страница 184: ...access the NWA again Use fixed IP address Select this option if your NWA is using a static IP address When you select this option fill in the fields below IP Address Enter the IP address of your NWA i...

Страница 185: ...ain your IP address from the IANA from an ISP or have it assigned by a private network If you belong to a small organization and your Internet access is through an ISP the ISP can provide you with the...

Страница 186: ...Chapter 14 IP Screen NWA 3500 NWA 3550 User s Guide 186...

Страница 187: ...antage of a rogue AP s weaker or non existent security to gain access to the network or set up their own rogue APs in order to capture information from wireless clients If a scan reveals a rogue AP yo...

Страница 188: ...details of all IEEE 802 11a b g n wireless access points within the NWA s coverage area except for the NWA itself and the access points included in the friendly AP list 15 1 2 What You Need To Know Ab...

Страница 189: ...gitimate network to pose a severe security threat In the following example an attacker X is stationed in a vehicle outside a company building using a rogue access point equipped with a powerful antenn...

Страница 190: ...ust also enter a time value in the Period field Select No to turn rogue AP detection off Period minutes Enter the period you want the NWA to wait between scanning for rogue APs between 10 and 60 minut...

Страница 191: ...a wireless access point to the list You must know the device s MAC address MAC Address Enter the MAC address of the AP you wish to add to the list Description Enter a short explanatory description ide...

Страница 192: ...This field displays the last time the NWA scanned for the AP Description This is the description you entered when adding the AP to the list Delete Click this button to remove an AP s entry from the l...

Страница 193: ...t time the NWA scanned for the AP Description If you want to move the AP s entry to the friendly AP list enter a short explanatory description identifying the AP before you click Add to Friendly AP Li...

Страница 194: ...Chapter 15 Rogue AP Detection NWA 3500 NWA 3550 User s Guide 194...

Страница 195: ...f the NWA s interfaces Remote Management allows a user to administrate the device over the network You can manage your NWA from a remote location via the following interfaces WLAN LAN Both WLAN and LA...

Страница 196: ...s es a network systems manager can access the NWA 16 1 2 What You Need To Know About Remote Management The following terms and concepts may help as you read through this chapter Telnet Telnet is short...

Страница 197: ...monitor managed devices SNMP allows a manager and agents to communicate for the purpose of accessing information such as packets received node port status etc Remote Management Limitations Remote man...

Страница 198: ...reen Use this screen to configure your NWA for remote Telnet access You can use Telnet to access the NWA s Command Line Interface CLI Click REMOTE MGNT TELNET The following screen displays Figure 113...

Страница 199: ...You must have certificates already configured in the Certificates My Certificates screen Server Port This is set to port 22 by default You can change the server port number for a service if needed how...

Страница 200: ...t to port 21 by default You may change the server port number for a service if needed however you must use the same port number in order to use that service for remote management Server Access Select...

Страница 201: ...ed computer that is allowed to communicate with the NWA using this service Select All to allow any computer to access the NWA using this service Choose Selected to just allow the computer with the IP...

Страница 202: ...an allow only secure web configurator access by setting the HTTP Server Access field to Disable and setting the HTTPS Server Access field to an interface s Secured Client IP Address A secure client is...

Страница 203: ...ION SNMP Configuration Get Community Enter the Get Community which is the password for the incoming Get and GetNext requests from the management station The default is public and allows all requests S...

Страница 204: ...ve the NWA use the User account s security settings or select Admin to have the NWA use the Admin account s security settings Use the Configure SNMPv3 User Profile link to set up each account s securi...

Страница 205: ...ble SNMPv3Admin Click this to activate the security settings for this Admin account User Name Enter the name you want to use for authentication with managers using SNMP v3 Password Enter the password...

Страница 206: ...for authentication with managers using SNMP v3 Password Enter the password for the user name Confirm Password Retype the password for verification Access Type The default value for this is Get This a...

Страница 207: ...an agent Trap Used by the agent to inform the manager of some events 16 6 2 Supported MIBs The NWA supports MIB II that is defined in RFC 1213 and RFC 1215 as well as the proprietary ZyXEL private MI...

Страница 208: ...MIB whyReboot 1 3 6 1 4 1 890 1 5 1 3 0 1 This trap is sent with the reason for restarting before the system reboots warm start System reboot by user is added for an intentional reboot for example dow...

Страница 209: ...NWA Z using its internal RADIUS server to control access to a wired network A wireless notebook A requests access by sending its credentials The NWA consults its internal RADIUS server s list of user...

Страница 210: ...r The NWA has a built in RADIUS server that can authenticate wireless clients or other trusted APs Certificates are used by wireless clients to authenticate the RADIUS server These are digital signatu...

Страница 211: ...valid certificate Send a certification request to a certification authority which then issues a certificate Use the My Certificate Import screen to import the certificate and replace the request SELF...

Страница 212: ...ct this check box to have the NWA use the IP Address and Shared Secret to authenticate a trusted AP IP Address Type the IP address of the trusted AP in dotted decimal notation Shared Secret Enter a pa...

Страница 213: ...es Reset Click Reset to begin configuring this screen afresh Table 62 Trusted AP Screen LABEL DESCRIPTION Table 63 Trusted Users LABEL DESCRIPTION This field displays the trusted user index number Act...

Страница 214: ...ireless clients make access requests to trusted APs which relay the requests to the NWA Figure 122 Trusted APs Overview Password Type a password up to 31 ASCII characters for this user profile Note th...

Страница 215: ...Protected EAP and MD5 authentication is implemented on the internal RADIUS server using simple username and password methods over a secure TLS connection See Appendix A on page 303 for more informati...

Страница 216: ...Chapter 17 Internal RADIUS Server NWA 3500 NWA 3550 User s Guide 216...

Страница 217: ...provide a way to exchange public keys for use in authentication Figure 123 Certificates Example 18 1 1 What You Can Do in the Certificates Screen Use the My Certificate screens see Chapter 18 on page...

Страница 218: ...is Privacy Enhanced Mail format uses 64 ASCII characters to convert a binary X 509 certificate into a printable form Binary PKCS 7 This is a standard that defines the general syntax for data including...

Страница 219: ...he request SELF represents a self signed certificate SELF represents the default self signed certificate which the NWA uses to sign imported trusted remote host certificates CERT represents a certific...

Страница 220: ...lowing to delete a certificate that shows SELF in the Type field 1 Make sure that no other features such as HTTPS VPN SSH are configured to use the SELF certificate 2 Click the details icon next to an...

Страница 221: ...Table 65 Certificates My Certificate Import LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse to find it Browse Click Browse to find the cer...

Страница 222: ...icate Create The following table describes the labels in this screen Table 66 Certificates My Certificate Create LABEL DESCRIPTION Certificate Name Type up to 31 ASCII characters not including spaces...

Страница 223: ...te a self signed certificate Select Create a self signed certificate to have the NWA generate the certificate and act as the Certification Authority CA itself This way you do not need to apply to a ce...

Страница 224: ...Certificate Management Protocol CMP is a TCP based enrollment protocol that was developed by the Public Key Infrastructure X 509 working group of the Internet Engineering Task Force IETF and is speci...

Страница 225: ...ate s name In the case of a self signed certificate you can set it to be the one that the NWA uses to sign the trusted remote host certificates that you import to the NWA Click Certificates My Certifi...

Страница 226: ...s the only one in the list The NWA does not trust the certificate and displays Not trusted in this field if any certificate on the path has expired or been revoked Refresh Click Refresh to display the...

Страница 227: ...icate s path MD5 Fingerprint This is the certificate s message digest that the NWA calculated using the MD5 algorithm SHA1 Fingerprint This is the certificate s message digest that the NWA calculated...

Страница 228: ...field displays the certificate index number The certificates are listed in alphabetical order Name This field displays the name used to identify this certificate Subject This field displays identifyi...

Страница 229: ...to have the NWA check the CRL before trusting any certificates issued by the certification authority Otherwise the field displays No Details Click Details to view in depth information about the certi...

Страница 230: ...fore trusting a certificate issued by the certification authority Click Certificates Trusted CAs to open the Trusted CAs screen Click the details icon to open the Trusted CAs Details screen Figure 130...

Страница 231: ...tion path Certificate Information These read only fields display detailed information about the certificate Type This field displays general information about the certificate CA signed means that a Ce...

Страница 232: ...st s actual certificate because the NWA has signed the certificate thus causing this value to be different from that of the remote host s actual certificate See Section 18 1 2 on page 218 for how to v...

Страница 233: ...n altered by anyone else along the way Tim generates a public key pair one public key and one private key 2 Tim keeps the private key and makes the public key openly available This means that anyone w...

Страница 234: ...our computer 2 Make sure that the certificate has a cer or crt file name extension Figure 131 Certificates on Your Computer 3 Double click the certificate s icon to open the Certificate window Click t...

Страница 235: ...e or origin can be traced Logs are also essential for auditing and keeping track of changes made by users Figure 133 Accessing Logs in the Network The figure above illustrates three ways to access log...

Страница 236: ...black Receiving Logs via Email If you want to receive logs in your email account you need to have the necessary details ready such as the Server Name or SMPT Address of your email account Ensure that...

Страница 237: ...in the Log Settings page Index This field displays the log entry index number Time This field displays the time the log was recorded Message This field states the reason for the log Source This field...

Страница 238: ...r s Guide 238 19 3 The Log Settings Screen Use this screen to configure where and when the NWA will send the logs and which logs and or immediate alerts to send Click Logs Log Settings The following s...

Страница 239: ...ng Syslog logging sends a log to an external syslog server used to store logs Active Click Active to enable syslog logging Syslog IP Address Enter the server name or IP address of the syslog server th...

Страница 240: ...SAGE DESCRIPTION Time calibration is successful The NWA has adjusted its time based on information from the time server Time calibration failed The NWA failed to get information from the time server D...

Страница 241: ...datagrams for the Network 1 Redirect datagrams for the Host 2 Redirect datagrams for the Type of Service and Network 3 Redirect datagrams for the Type of Service and Host 8 Echo 0 Echo message 11 Time...

Страница 242: ...the settings in the NWA you must do this in order to record logs 19 4 4 Displaying Logs Use the sys logs display command to show all of the logs in the NWA s log Use the sys logs category display comm...

Страница 243: ...mple shows how to set the NWA to record the error logs and alerts and then view the results ras sys logs load ras sys logs category error 3 ras sys logs save ras sys logs display access time source de...

Страница 244: ...Chapter 19 Log Screens NWA 3500 NWA 3550 User s Guide 244...

Страница 245: ...ove the NWA allows station A to connect to the internet but not to the server It allows station B to connect to the server but not to the Internet 20 1 1 What You Can Do in the VLAN Screen Use the Wir...

Страница 246: ...ed on the settings in the Wireless VLAN screen See Section 20 3 3 on page 253 for more information Note To use RADIUS VLAN you must first select Enable VIRTUAL LAN and configure the Management VLAN ID...

Страница 247: ...n this screen Table 77 VLAN Wireless VLAN FIELD DESCRIPTION VIRTUAL LAN Setup Enable VIRTUAL LAN Select this box to enable VLAN tagging Wireless VIRTUAL LAN Setup Management VLAN ID Enter a number fro...

Страница 248: ...ID they use to connect to the NWA Index This is the index number of the SSID profile Name This is the name of the SSID profile SSID This is the SSID the profile uses VLAN ID Enter a VLAN ID number fro...

Страница 249: ...ame field When you select this check box only users with names configured in this screen can access the network through the NWA VLAN Mapping Table Use this table to map names to VLAN IDs so that the R...

Страница 250: ...LAN VLAN ID 1 The following procedure shows you how to configure a tagged VLAN Note Use the out of band management port or console port to configure the switch if you misconfigure the management VLAN...

Страница 251: ...lowing steps in the switch web configurator 1 Click VLAN under Advanced Application 2 Click Static VLAN 3 Select the ACTIVE check box 4 Type a Name for the VLAN ID 5 Type a VLAN Group ID This should b...

Страница 252: ...ions in the Quick Start Guide to set up your NWA for configuration The NWA should be connected to the VLAN aware switch In the above example the switch is using port 1 to connect to your computer and...

Страница 253: ...aware device you will lock yourself out of the NWA If this happens you must reset the NWA to access it again 20 3 3 Configuring Microsoft s IAS Server Example Dynamic VLAN assignment can be used with...

Страница 254: ...nd 4094 4c If a or b are not matched the NWA uses the VLAN ID configured in the WIRELESS VLAN screen and the wireless station This VLAN ID is independent and hence different to the ID in the VLAN scre...

Страница 255: ...rmine which user accounts belong to which VLAN groups Click the Add button and configure the VLAN group details 3 Repeat the previous step to add each VLAN group required Figure 145 Add Group Members...

Страница 256: ...general at the bottom For example if the Day And Time Restriction policy is still present it should be moved to the bottom or deleted to allow the VLAN Group policies to take precedence 1a Right click...

Страница 257: ...splays Select a remote access policy and click the Add button The policy is added to the field below Only one VLAN Group should be associated with each policy 5 Click OK and Next in the next few scree...

Страница 258: ...dit Dial in Profile screen displays Click the Authentication tab and select the Extensible Authentication Protocol check box 7a Select an EAP type depending on your authentication needs from the drop...

Страница 259: ...51 Encryption Tab Settings 9 Click the IP tab and select the Client may request an IP address check box for DHCP support 10 Click the Advanced tab The current default parameters returned to the NWA sh...

Страница 260: ...el Medium Type Tunnel Pvt Group ID Tunnel Type 11a Click the Add button 11b Select Tunnel Medium Type 11c Click the Add button Figure 153 RADIUS Attribute Screen 12 The Enumerable Attribute Informatio...

Страница 261: ...for this policy This Name should match a name in the VLAN mapping table on the NWA Wireless stations belonging to the VLAN Group specified in this policy will be given a VLAN ID specified in the NWA...

Страница 262: ...17a Click the Close button 17b The completed Advanced tab configuration should resemble the following screen Figure 157 Completed Advanced Tab Note Repeat the Configuring Remote Access Policies proce...

Страница 263: ...ith a VLAN ID incoming VLAN ID These incoming VLAN packets are forwarded to the NWA The NWA compares the VLAN ID in the packet header with each SSID s configured VLAN ID and second Rx VLAN ID settings...

Страница 264: ...o restore the default configuration file 4 Select the SSID profile you want to configure SSID03 in this example and enter the VLAN ID number between 1 and 4094 5 Enter a Second Rx VLAN ID The followin...

Страница 265: ...connect choose this option For example if your company s graphic design team has their own NWA and they have 10 computers you can load balance for 10 Later if someone from the sales department visits...

Страница 266: ...for their turn or get shunted to the nearest identical AP The following figure depicts an NWA with a hard bandwidth limit of 6 Megabits per second Mbps Bandwidth up to 6 Mbps is considered balanced Mo...

Страница 267: ...en appears Figure 161 Load Balancing The following table describes the labels in this screen Table 80 Load Balancing FIELD DESCRIPTION Enable Load Balancing Select this option to turn on wireless load...

Страница 268: ...en it becomes overloaded If you set this option to Disable then the AP simply delays the connection until it can afford the bandwidth it requires or it shunts the connection to another AP within its b...

Страница 269: ...ck the connections that are pushing it over its balanced bandwidth allotment Figure 163 Kicking a Connection Connections are kicked based on either idle timeout or signal strength The NWA first looks...

Страница 270: ...Chapter 21 Load Balancing NWA 3160 Series User s Guide 270...

Страница 271: ...given area they introduce the possibility of heightened radio interference especially if some or all of them are broadcasting on the same radio channel This can make accessing the network potentially...

Страница 272: ...h channels are currently unused then set your device to use one of them But with Dynamic Channel Selection the NWA does this automatically 22 2 The DCS Screen Use this screen to configure your Dynamic...

Страница 273: ...he sensitivity level the more frequently the NWA switches channels As a consequence anyone connected to the NWA will experience more frequent disconnects and reconnects DCS Client Aware Select Enable...

Страница 274: ...Chapter 22 Dynamic Channel Selection NWA 3160 Series User s Guide 274...

Страница 275: ...t screen Section 23 5 on page 278 to view the wireless stations that are currently associated with the NWA Use the Channel Usage screen Section 23 6 on page 279 to view whether a channel is used by an...

Страница 276: ...following table describes the labels in this screen 23 4 1 Show Statistics Screen Use this screen to view diagnostic information about the NWA Click Maintenance Show Statistics The following screen po...

Страница 277: ...ode Full duplex refers to a device s ability to send and receive simultaneously while half duplex indicates that traffic can flow in only one direction at a time The Ethernet port must use the same sp...

Страница 278: ...status of the bridge connection which can be Up or Down TxPkts This is the number of transmitted packets on the wireless bridge RxPkts This is the number of received packets on the wireless bridge Po...

Страница 279: ...ignal This field displays the RSSI Received Signal Strength Indicator of the wireless connection WDS Link This section displays only when bridge mode is activated on one of the NWA s WLAN adaptors Lin...

Страница 280: ...e Set IBSS as one that doesn t See the chapter on wireless configuration for more information on basic service sets BSS and extended service sets ESS MAC Address This field displays the MAC address of...

Страница 281: ...t In some operating systems you may see the following icon on your desktop Figure 172 Network Temporarily Disconnected After two minutes log in again and check your new firmware version in the System...

Страница 282: ...backup or upload your NWA s configuration file You can also reset the configuration of your device in this screen Click Maintenance Configuration The following figure displays Figure 174 Maintenance C...

Страница 283: ...minute before logging into the NWA again Figure 175 Configuration Upload Successful The NWA automatically restarts in this time causing a temporary network disconnect In some operating systems you may...

Страница 284: ...Upload Error 23 8 3 Back to Factory Defaults Pressing the Reset button in this section clears all user entered configuration information and returns the NWA to its factory defaults as shown on the sc...

Страница 285: ...Maintenance NWA 3500 NWA 3550 User s Guide 285 Click Maintenance Restart The following screen displays Click Restart to have the NWA reboot This does not affect the NWA s configuration Figure 179 Rest...

Страница 286: ...Chapter 23 Maintenance NWA 3500 NWA 3550 User s Guide 286...

Страница 287: ...287 PART III Troubleshooting and Specifications Troubleshooting 289 Product Specifications 297...

Страница 288: ...288...

Страница 289: ...ons and LEDs The NWA does not turn on None of the LEDs turn on Make sure you are using the power adaptor or cord included with the NWA Make sure the power adaptor or cord is connected to the NWA and p...

Страница 290: ...ur NWA s System Name enter it in your browser s URL bar The default System Name is NWA Series See Section 7 2 on page 111 for information on locating and changing the NWA s System Name Note If you cha...

Страница 291: ...NWA skip this step If there is no DHCP server on your network make sure your computer s IP address is in the same subnet as the NWA Reset the device to its factory defaults and try to access the NWA...

Страница 292: ...ow set to none I cannot use FTP to upload download the configuration file I cannot use FTP to upload new firmware See the troubleshooting suggestions for I cannot see or access the Login screen in the...

Страница 293: ...secondary controller AP cannot configure any of the managed APs However it still has to be turned on to synchronize with the primary controller AP s latest settings Be sure you update the primary cont...

Страница 294: ...with the NWA but my Internet connection is not available anymore Check the hardware connections and make sure the LEDs are behaving as expected See the Quick Start Guide and Section 1 7 on page 34 Re...

Страница 295: ...and your wireless station are using the same wireless and wireless security settings Make sure traffic between the WLAN and the LAN is not blocked by the firewall on the NWA Make sure you allow the N...

Страница 296: ...Chapter 24 Troubleshooting NWA 3500 NWA 3550 User s Guide 296...

Страница 297: ...cables Power over Ethernet PoE IEEE 802 3af compliant Antenna Specifications Two external antenna connectors N Type Output Power IEEE 802 11b g 17 dBm IEEE 802 11a 14 dBm Operating Environment Tempera...

Страница 298: ...s associated with your NWA from communicating with other wireless clients APs computers or routers in a network Multiple BSSID MBSSID MBSSID mode allows the NWA to operate up to 8 different wireless n...

Страница 299: ...ded FTP and TFTP Servers The embedded FTP and TFTP servers enable fast firmware upgrades as well as configuration file backups and restoration Auto Configuration Administrators can use text configurat...

Страница 300: ...try Canada RSS 210 Australia AS NZS 4268 EMC EMI USA FCC Part 15 Subpart B EU EN 301 489 17 V1 2 1 08 2002 EN 55022 2006 Canada ICES 003 Australia AS NZS CISPR22 EMC EMS EU EN 301 489 1 V1 5 1 11 2004...

Страница 301: ...in dBi 8 9 14 18 6 8 8 18 Max VSWR 2 0 1 1 5 1 1 5 1 1 5 1 2 0 1 2 0 1 2 0 1 2 0 1 HPBW Horizontal 360 65 30 15 65 50 360 18 HPBW Vertical 15 60 30 5 75 50 20 18 Impedance Ohm 50 50 50 50 50 50 50 Con...

Страница 302: ...N PLUG to N PLUG for 6M 91 005 075002G N PLUG to N PLUG for 9M 91 005 075003G N PLUG to N PLUG for 12M 91 005 075004G N PLUG to N PLUG for 1M LMR 200 91 005 074001G N PLUG to RP SMA PLUG for 3M 91 005...

Страница 303: ...ing Up Your Computer s IP Address 305 Wireless LANs 331 Pop up Windows JavaScripts and Java Permissions 347 Importing Certificates 355 IP Addresses and Subnetting 381 Text File Based Auto Configuratio...

Страница 304: ...304...

Страница 305: ...P 2000 Mac OS 9 OS X and all versions of UNIX LINUX include the software components you need to use TCP IP on your computer If you manually assign IP information instead of using a dynamic IP make sur...

Страница 306: ...Up Your Computer s IP Address NWA 3500 NWA 3550 User s Guide 306 1 Click Start Control Panel Figure 180 Windows XP Start Menu 2 In the Control Panel click the Network Connections icon Figure 181 Windo...

Страница 307: ...Guide 307 3 Right click Local Area Connection and then select Properties Figure 182 Windows XP Control Panel Network Connections Properties 4 On the General tab select Internet Protocol TCP IP and the...

Страница 308: ...P address that was assigned to you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided 7 Click OK to clo...

Страница 309: ...ection shows screens from Windows Vista Professional 1 Click Start Control Panel Figure 185 Windows Vista Start Menu 2 In the Control Panel click the Network and Internet icon Figure 186 Windows Vista...

Страница 310: ...connections Figure 188 Windows Vista Network and Sharing Center 5 Right click Local Area Connection and then select Properties Figure 189 Windows Vista Network and Sharing Center Note During this pro...

Страница 311: ...x A Setting Up Your Computer s IP Address NWA 3500 NWA 3550 User s Guide 311 6 Select Internet Protocol Version 4 TCP IPv4 and then select Properties Figure 190 Windows Vista Local Area Connection Pro...

Страница 312: ...atic IP address that was assigned to you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided Click Advan...

Страница 313: ...e 313 Mac OS X 10 3 and 10 4 The screens in this section are from Mac OS X 10 4 but can also apply to 10 3 1 Click Apple System Preferences Figure 192 Mac OS X 10 4 Apple Menu 2 In the System Preferen...

Страница 314: ...rences pane opens select Built in Ethernet from the network connection type list and then click Configure Figure 194 Mac OS X 10 4 Network Preferences 4 For dynamically assigned settings select Using...

Страница 315: ...tatically assigned settings do the following From the Configure IPv4 list select Manually In the IP Address field type your IP address In the Subnet Mask field type your subnet mask In the Router fiel...

Страница 316: ...tings Check your TCP IP properties by clicking Applications Utilities Network Utilities and then selecting the appropriate Network Interface from the Info tab Figure 197 Mac OS X 10 4 Network Utility...

Страница 317: ...Appendix A Setting Up Your Computer s IP Address NWA 3500 NWA 3550 User s Guide 317 2 In System Preferences click the Network icon Figure 199 Mac OS X 10 5 Systems Preferences...

Страница 318: ...ist of available connection types Figure 200 Mac OS X 10 5 Network Preferences Ethernet 4 From the Configure list select Using DHCP for dynamically assigned settings 5 For statically assigned settings...

Страница 319: ...tting Up Your Computer s IP Address NWA 3500 NWA 3550 User s Guide 319 In the Router field enter the IP address of your NWA Figure 201 Mac OS X 10 5 Network Preferences Ethernet 6 Click Apply and clos...

Страница 320: ...Linux Ubuntu 8 GNOME This section shows you how to configure your computer s TCP IP settings in the GNU Object Model Environment GNOME using the Ubuntu 8 Linux distribution The procedure screens and f...

Страница 321: ...ure 203 Ubuntu 8 System Administration Menu 2 When the Network Settings window opens click Unlock to open the Authenticate window By default the Unlock button is greyed out until clicked You cannot ma...

Страница 322: ...icate window enter your admin account name and password then click the Authenticate button Figure 205 Ubuntu 8 Administrator Account Authentication 4 In the Network Settings window select the connecti...

Страница 323: ...operties In the Configuration list select Automatic Configuration DHCP if you have a dynamic IP address In the Configuration list select Static IP address if you have a static IP address Fill in the I...

Страница 324: ...in the Network Settings window and then enter the DNS server information in the fields provided Figure 208 Ubuntu 8 Network Settings DNS 8 Click the Close button to apply the changes Verifying Setting...

Страница 325: ...w to configure your computer s TCP IP settings in the K Desktop Environment KDE using the openSUSE 10 3 Linux distribution The procedure screens and file locations may vary depending on your specific...

Страница 326: ...500 NWA 3550 User s Guide 326 1 Click K Menu Computer Administrator Settings YaST Figure 210 openSUSE 10 3 K Menu Computer Menu 2 When the Run as Root KDE su dialog opens enter the admin password and...

Страница 327: ...window opens select Network Devices and then click the Network Card icon Figure 212 openSUSE 10 3 YaST Control Center 4 When the Network Settings window opens click the Overview tab select the approp...

Страница 328: ...click the Address tab Figure 214 openSUSE 10 3 Network Card Setup 6 Select Dynamic Address DHCP if you have a dynamic IP address Select Statically assigned IP Address if you have a static IP address F...

Страница 329: ...r s Guide 329 8 If you know your DNS server IP address es click the Hostname DNS tab in Network Settings and then enter the DNS server information in the fields provided Figure 215 openSUSE 10 3 Netwo...

Страница 330: ...on the Task bar to check your TCP IP properties From the Options sub menu select Show Connection Information Figure 216 openSUSE 10 3 KNetwork Manager When the Connection Status KNetwork Manager wind...

Страница 331: ...endent network which is commonly referred to as an ad hoc network or Independent Basic Service Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an...

Страница 332: ...xtended Service Set ESS consists of a series of overlapping BSSs each containing an access point with each access point connected together by a wired network This wired connection between APs is calle...

Страница 333: ...t AP access point to reduce interference Interference occurs when radio signals from different access points overlap causing interference and degrading performance Adjacent channels partially overlap...

Страница 334: ...must first send an RTS Request To Send message to the AP for permission to send it The AP then responds with a CTS Clear to Send message to all other stations within its range to notify them to defer...

Страница 335: ...ngth of the synchronization field in a packet Short preamble increases performance as less time sending preamble means more time for sending data All IEEE 802 11b g compliant wireless adapters support...

Страница 336: ...igure shows the relative effectiveness of these wireless security methods available on your NWA Note You must enable the same wireless security settings on the NWA and on all wireless clients that you...

Страница 337: ...the wireless clients RADIUS RADIUS is based on a client server model that supports authentication authorization and accounting The access point is the client and the server is the RADIUS server The R...

Страница 338: ...and LEAP Your wireless LAN device may not support all authentication types EAP Extensible Authentication Protocol is an authentication protocol that runs on top of the IEEE 802 1x transport mechanism...

Страница 339: ...ssive attacks A digital certificate is an electronic ID card that authenticates the sender s identity However to implement EAP TLS you need a Certificate Authority CA to handle certificates which impo...

Страница 340: ...A2 Wi Fi Protected Access WPA is a subset of the IEEE 802 11i standard WPA2 IEEE 802 11i is a wireless security standard that defines stronger encryption authentication and key management than WPA Key...

Страница 341: ...Pairwise Master Key PMK key to the AP that then sets up a key hierarchy and management system using the PMK to dynamically generate unique data encryption keys to encrypt every data packet that is wi...

Страница 342: ...tication enables fast roaming by allowing the wireless client already connecting to an AP to perform IEEE 802 1x authentication with another AP before connecting to it Wireless Client WPA Supplicants...

Страница 343: ...wireless clients Figure 222 WPA 2 with RADIUS Application Example WPA 2 PSK Application Example A WPA 2 PSK application looks as follows 1 First enter identical passwords into the AP and all wireless...

Страница 344: ...ol type MAC address filters are not dependent on how you configure these security features Table 99 Wireless Security Relational Matrix AUTHENTICATION METHOD KEY MANAGEMENT PROTOCOL ENCRYPTIO N METHOD...

Страница 345: ...overage area Antenna Gain Antenna gain measured in dB decibel is the increase in coverage within the RF beam width Higher antenna gain improves the range of the signal for better communications For an...

Страница 346: ...grees very directional to 120 degrees less directional Directional antennas are ideal for hallways and outdoor point to point applications Positioning Antennas In general antennas should be mounted as...

Страница 347: ...rnet Explorer versions may vary Internet Explorer Pop up Blockers You may have to disable pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Ser...

Страница 348: ...x in the Pop up Blocker section of the screen This disables any web pop up blockers you may have enabled Figure 225 Internet Options Privacy 3 Click Apply to save this setting Enable pop up Blockers w...

Страница 349: ...00 NWA 3550 User s Guide 349 2 Select Settings to open the Pop up Blocker Settings screen Figure 226 Internet Options Privacy 3 Type the IP address of your device the web page that you do not want to...

Страница 350: ...ck Add to move the IP address to the list of Allowed sites Figure 227 Pop up Blocker Settings 5 Click Close to return to the Privacy screen 6 Click Apply to save this setting JavaScripts If pages of t...

Страница 351: ...xplorer click Tools Internet Options and then the Security tab Figure 228 Internet Options Security 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that E...

Страница 352: ...lick OK to close the window Figure 229 Security Settings Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button...

Страница 353: ...s NWA 3500 NWA 3550 User s Guide 353 5 Click OK to close the window Figure 230 Security Settings Java JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 Make su...

Страница 354: ...Appendix C Pop up Windows JavaScripts and Java Permissions NWA 3500 NWA 3550 User s Guide 354 3 Click OK to close the window Figure 231 Java Sun...

Страница 355: ...cates These can be used by web browsers on a LAN or WAN to verify that they are in fact connecting to the legitimate device and not one masquerading as it However because the certificates were not iss...

Страница 356: ...the first time you browse to it you are presented with a certification error Figure 232 Internet Explorer 7 Certification Error 2 Click Continue to this website not recommended Figure 233 Internet Ex...

Страница 357: ...A 3500 NWA 3550 User s Guide 357 4 In the Certificate dialog box click Install Certificate Figure 235 Internet Explorer 7 Certificate 5 In the Certificate Import Wizard click Next Figure 236 Internet...

Страница 358: ...matically select certificate store based on the type of certificate click Next again and then go to step 9 Figure 237 Internet Explorer 7 Certificate Import Wizard 7 Otherwise select Place all certifi...

Страница 359: ...t Certificate Store dialog box choose a location in which to save the certificate and then click OK Figure 239 Internet Explorer 7 Select Certificate Store 9 In the Completing the Certificate Import W...

Страница 360: ...lly click OK when presented with the successful certificate installation message Figure 242 Internet Explorer 7 Certificate Import Wizard 12 The next time you start Internet Explorer and go to a ZyXEL...

Страница 361: ...one has been issued to you 1 Double click the public key certificate file Figure 244 Internet Explorer 7 Public Key Certificate File 2 In the security warning dialog box click Open Figure 245 Interne...

Страница 362: ...00 NWA 3550 User s Guide 362 1 Open Internet Explorer and click Tools Internet Options Figure 246 Internet Explorer 7 Tools Menu 2 In the Internet Options dialog box click Content Certificates Figure...

Страница 363: ...icates Authorities tab select the certificate that you want to delete and then click Remove Figure 248 Internet Explorer 7 Certificates 4 In the Certificates confirmation click Yes Figure 249 Internet...

Страница 364: ...following example uses Mozilla Firefox 2 on Windows XP Professional however the screens can also apply to Firefox 2 on all platforms 1 If your device s web configurator is set to use SSL certificatio...

Страница 365: ...the address bar which you can click to open the Page Info Security window to view the web page s security information Figure 252 Firefox 2 Page Info Installing a Stand Alone Certificate File in Firefo...

Страница 366: ...Certificates NWA 3500 NWA 3550 User s Guide 366 1 Open Firefox and click Tools Options Figure 253 Firefox 2 Tools Menu 2 In the Options dialog box click Advanced Encryption View Certificates Figure 2...

Страница 367: ...tes Import Figure 255 Firefox 2 Certificate Manager 4 Use the Select File dialog box to locate the certificate and then click Open Figure 256 Firefox 2 Select File 5 The next time you visit the web si...

Страница 368: ...ng a Certificate in Firefox This section shows you how to remove a public key certificate in Firefox 2 1 Open Firefox and click Tools Options Figure 257 Firefox 2 Tools Menu 2 In the Options dialog bo...

Страница 369: ...e Figure 259 Firefox 2 Certificate Manager 4 In the Delete Web Site Certificates dialog box click OK Figure 260 Firefox 2 Delete Web Site Certificates 5 The next time you go to the web site that issue...

Страница 370: ...time you browse to it you are presented with a certification error 2 Click Install to accept the certificate Figure 261 Opera 9 Certificate signer not found 3 The next time you visit the web site clic...

Страница 371: ...nd Alone Certificate File in Opera Rather than browsing to a ZyXEL web configurator and installing a public key certificate when prompted you can install a stand alone certificate file if one has been...

Страница 372: ...Appendix D Importing Certificates NWA 3500 NWA 3550 User s Guide 372 2 In Preferences click Advanced Security Manage certificates Figure 264 Opera 9 Preferences...

Страница 373: ...NWA 3550 User s Guide 373 3 In the Certificates Manager click Authorities Import Figure 265 Opera 9 Certificate manager 4 Use the Import certificate dialog box to locate the certificate and then click...

Страница 374: ...stall authority certificate 6 Next click OK Figure 268 Opera 9 Install authority certificate 7 The next time you visit the web site click the padlock in the address bar to open the Security informatio...

Страница 375: ...porting Certificates NWA 3500 NWA 3550 User s Guide 375 1 Open Opera and click Tools Preferences Figure 269 Opera 9 Tools Menu 2 In Preferences Advanced Security Manage certificates Figure 270 Opera 9...

Страница 376: ...ificate you just removed a certification error appears Note There is no confirmation when you delete a certificate authority so be absolutely certain that you want to go through with it before clickin...

Страница 377: ...queror 3 5 Server Authentication 3 Click Forever when prompted to accept the certificate Figure 273 Konqueror 3 5 Server Authentication 4 Click the padlock in the address bar to open the KDE SSL Infor...

Страница 378: ...en prompted you can install a stand alone certificate file if one has been issued to you 1 Double click the public key certificate file Figure 275 Konqueror 3 5 Public Key Certificate File 2 In the Ce...

Страница 379: ...security details Removing a Certificate in Konqueror This section shows you how to remove a public key certificate in Konqueror 3 5 1 Open Konqueror and click Settings Configure Konqueror Figure 278...

Страница 380: ...e next time you go to the web site that issued the public key certificate you just removed a certification error appears Note There is no confirmation when you remove a certificate authority so be abs...

Страница 381: ...mber and the other part is the host ID In the same way that houses on a street share a common street name the hosts on a network share a common network number Similarly as each house has its own house...

Страница 382: ...and which bits are part of the host ID using a logical AND operation The term subnet is short for sub network A subnet mask has 32 bits If a bit in the subnet mask is a 1 then the corresponding bit in...

Страница 383: ...k number determines the maximum number of possible hosts you can have on your network The larger the number of network number bits the smaller the number of remaining host ID bits An IP address with h...

Страница 384: ...ess For example 192 1 1 0 25 is equivalent to saying 192 1 1 0 with subnet mask 255 255 255 128 The following table shows some possible subnet masks using both notations Table 102 Maximum Host Numbers...

Страница 385: ...s is 192 168 1 0 The first three octets of the address 192 168 1 are the network number and the remaining octet is the host ID allowing a maximum of 28 2 or 254 possible hosts The following figure sho...

Страница 386: ...55 255 128 is subnet A itself and 192 168 1 127 with mask 255 255 255 128 is its broadcast address Therefore the lowest IP address that can be assigned to an actual host for subnet A is 192 168 1 1 an...

Страница 387: ...UMBER LAST OCTET BIT VALUE IP Address 192 168 1 64 IP Address Binary 11000000 10101000 00000001 01000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 64 Lowest Host...

Страница 388: ...192 168 1 255 Highest Host ID 192 168 1 254 Table 107 Subnet 4 continued IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE Table 108 Eight Subnets SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BR...

Страница 389: ...vate use please do not use any other number unless you are told otherwise You must also enable Network Address Translation NAT on the NWA Once you have decided on the network number pick an IP address...

Страница 390: ...works 10 0 0 0 10 255 255 255 172 16 0 0 172 31 255 255 192 168 0 0 192 168 255 255 You can obtain your IP address from the IANA from an ISP or it can be assigned from a private network If you belong...

Страница 391: ...ew You can use plain text configuration files to configure the wireless LAN settings on multiple APs The AP can automatically get a configuration file from a TFTP server at startup or after renewing D...

Страница 392: ...ad the file from the specified TFTP server The AP then uses the file to configure wireless LAN settings Note Not all DHCP servers allow you to specify options 66 and 67 Manual Configuration Use the fo...

Страница 393: ...e must use the following format Figure 284 Configuration File Format The first line must be ZYXEL PROWLAN Table 113 Configuration via SNMP STEPS MIB VARIABLE VALUE Step 1 pwTftpServer Set the IP addre...

Страница 394: ...age with the line number and reason for the first error subsequent errors during the processing of an individual configuration file are not recorded You can use SNMP management software to display the...

Страница 395: ...index 1 wcfg security save wcfg ssid 1 name ssid wep wcfg ssid 1 security Test wep wcfg ssid 1 l2iolation disable wcfg ssid 1 macfilter disable wcfg ssid save ZYXEL PROWLAN VERSION 12 wcfg security 2...

Страница 396: ...Test wpapsk wcfg security 3 mode wpapsk wcfg security 3 passphrase qwertyuiop wcfg security 3 reauthtime 1800 wcfg security 3 idletime 3600 wcfg security 3 groupkeytime 1800 wcfg security save wcfg ss...

Страница 397: ...Test 8021x wcfg ssid 2 radius radius rd wcfg ssid 3 name ssid wpapsk wcfg ssid 3 security Test wpapsk wcfg ssid 4 name ssid wpa2psk wcfg ssid 4 security Test wpa2psk wcfg ssid save line starting with...

Страница 398: ...Appendix F Text File Based Auto Configuration NWA 3500 NWA 3550 User s Guide 398...

Страница 399: ...arising out of the application or use of any products or software described herein Neither does it convey any license under its patent rights nor the patent rights of others ZyXEL further reserves the...

Страница 400: ...evision reception which can be determined by turning the device off and on the user is encouraged to try to correct the interference by one or more of the following measures 1 Reorient or relocate the...

Страница 401: ...yXEL Limited Warranty ZyXEL warrants to the original end user purchaser that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase...

Страница 402: ...e or purpose ZyXEL shall in no event be held liable for indirect or consequential damages of any kind to the purchaser To obtain the services of this warranty contact your vendor You may also refer to...

Страница 403: ...thentication server 23 auto configuration 391 auto configuration status 394 B backup 282 Basic Service Set 120 see BSS bridge 25 28 Bridge Protocol Data Units BPDUs 140 Bridge Repeater 24 25 BSS 28 29...

Страница 404: ...FCC interference statement 399 file version 393 filtering 23 firmware file maintenance 276 fragmentation threshold 335 friendly AP list 189 191 FTP 32 197 restrictions 197 G general setup 111 guest S...

Страница 405: ...ity Check MIC 341 mobile access 23 mode 24 N NAT 389 network 23 network access 23 network bridge 25 network number 110 network traffic 23 O operating mode 24 out of band management 250 P Pairwise Mast...

Страница 406: ...ath costs 140 STP port states 141 STP terminology 140 subnet 381 subnet mask 110 298 382 subnetting 385 syntax conventions 5 system name 111 system timeout 198 T tagged VLAN example 250 telnet 198 tem...

Страница 407: ...interface 24 WMM 149 WPA 23 340 key caching 342 pre authentication 342 user authentication 342 vs WPA PSK 341 wireless client supplicant 342 with RADIUS application example 342 WPA2 23 340 user authe...

Страница 408: ...Index NWA 3500 NWA 3550 User s Guide 408...

Отзывы:

Нет отзывов

Похожие инструкции для NWA-3550

PowerLine DHP-W611AV

Бренд: D-Link Страницы: 78

Бренд: D-Link Страницы: 32

Бренд: D-Link Страницы: 6

Бренд: D-Link Страницы: 221

Express Ethernetwork DI-707P

Бренд: D-Link Страницы: 14

Бренд: D-Link Страницы: 12

Бренд: TDC Страницы: 27

AirPlus XtremeG Ethernet-to-Wireless Bridge...

Бренд: D-Link Страницы: 31

Бренд: Paradyne Страницы: 1

ADSL 2/2+ Router with USB Port ADE-3410v2

Бренд: Planet Страницы: 62

PBE-5AC-300-ISO

Бренд: Ubiquiti Страницы: 28

802.11a/b/g SDIO WiFi Module SDM3100

Бренд: Abocom Страницы: 14

Бренд: Abocom Страницы: 1

GS2020E GigaSPIRE BLAST

Бренд: Calix Страницы: 15

Бренд: ATTO Technology Страницы: 2

Бренд: NetComm Страницы: 65

Бренд: Flexwatch Страницы: 13

GigaVUE H TA100-CXP

Бренд: Gigamon Страницы: 115

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды