manualshive.com logo in svg

ZyXEL Communications NXC-8160, Руководство пользователя

Поделиться
Скачать
ZyXEL Communications NXC-8160 Скачать руководство пользователя страница 188

Appendix E Wireless LANs

NXC-8160 User’s Guide

188

Encryption 

Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol 
(TKIP), Message Integrity Check (MIC) and IEEE 802.1x. WPA and WPA2 use Advanced 
Encryption Standard (AES) in the Counter mode with Cipher block chaining Message 
authentication code Protocol (CCMP) to offer stronger encryption than TKIP.

TKIP uses 128-bit keys that are dynamically generated and distributed by the authentication 
server. AES (Advanced Encryption Standard) is a block cipher that uses a 256-bit 
mathematical algorithm called Rijndael. They both include a per-packet key mixing function, 
a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with 
sequencing rules, and a re-keying mechanism.

WPA and WPA2 regularly change and rotate the encryption keys so that the same encryption 
key is never used twice. 

The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up 
a key hierarchy and management system, using the PMK to dynamically generate unique data 
encryption keys to encrypt every data packet that is wirelessly communicated between the AP 
and the wireless clients. This all happens in the background automatically.

The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data 
packets, altering them and resending them. The MIC provides a strong mathematical function 
in which the receiver and the transmitter each compute and then compare the MIC. If they do 
not match, it is assumed that the data has been tampered with and the packet is dropped. 

By generating unique data encryption keys for every data packet and by creating an integrity 
checking mechanism (MIC), with TKIP and AES it is more difficult to decrypt data on a Wi-Fi 
network than WEP and difficult for an intruder to break into the network. 

The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only 
difference between the two is that WPA(2)-PSK uses a simple common password, instead of 
user-specific credentials. The common-password approach makes WPA(2)-PSK susceptible to 
brute-force password-guessing attacks but it’s still an improvement over WEP as it employs a 
consistent, single, alphanumeric password to derive a PMK which is used to generate unique 
temporal encryption keys. This prevent all wireless devices sharing the same encryption keys. 
(a weakness of WEP)

User Authentication 

WPA and WPA2 apply IEEE 802.1x and Extensible Authentication Protocol (EAP) to 
authenticate wireless clients using an external RADIUS database. WPA2 reduces the number 
of key exchange messages from six to four (CCMP 4-way handshake) and shortens the time 
required to connect to a network. Other WPA2 authentication features that are different from 
WPA include key caching and pre-authentication. These two features are optional and may not 
be supported in all wireless devices.

Key caching allows a wireless client to store the PMK it derived through a successful 
authentication with an AP. The wireless client uses the PMK when it tries to connect to the 
same AP and does not need to go with the authentication process again.

Pre-authentication enables fast roaming by allowing the wireless client (already connecting to 
an AP) to perform IEEE 802.1x authentication with another AP before connecting to it.

Содержание NXC-8160

Страница 1: ...www zyxel com NXC 8160 Business WLAN Controller User s Guide Version 1 0 12 2008 Edition 2...

Страница 2: ......

Страница 3: ...ay It contains information on setting up your network and configuring for Internet access Support Disc Refer to the included CD for support documents ZyXEL Web Site Please refer to www zyxel com for a...

Страница 4: ...t A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more characters and then press the E...

Страница 5: ...Conventions NXC 8160 User s Guide 5 Icons Used in Figures Figures in this User s Guide may use the following generic icons NXC 8160 Computer Notebook computer Server Wireless Signal Modem Router Acce...

Страница 6: ...ght supply voltage for example 110V AC in North America or 230V AC in Europe Not to remove the plug and plug into a wall outlet by itself always attach the plug to the power supply first before insert...

Страница 7: ...ce meets ETSI and FCC certification requirements when using the included antenna s Only use the included antenna s If you wall mount your device make sure that no electrical lines gas or water pipes w...

Страница 8: ...Safety Warnings NXC 8160 User s Guide 8...

Страница 9: ...Configurator 27 LAN and WAN Settings 33 LAN Settings 35 WLAN Settings 41 Access Points and System Tools 63 Access Points 65 System Tools 67 Advanced Settings Events and Reports 73 Advanced Settings 75...

Страница 10: ...Contents Overview NXC 8160 User s Guide 10...

Страница 11: ...of the NXC 8160 23 1 2 1 Wireless Internet Access 23 1 2 2 Captive Portal Security 24 1 2 3 Backup NXC 8160 25 1 3 Ways to Manage the NXC 8160 25 1 4 Good Habits for Managing the NXC 8160 26 1 5 Fron...

Страница 12: ...in This Chapter 41 4 1 2 What You Need to Know 41 4 2 The ESSID Settings Screen 43 4 2 1 About ESSID Security Settings 47 4 2 2 Configuring ESSID Security Settings 49 4 2 3 Renaming ESSIDs 54 4 3 The...

Страница 13: ...1 2 What You Need to Know 75 7 2 Network Redundancy 76 7 2 1 Configuring the Redunancy Screen 78 7 3 The Syslog Monitor Screen 79 7 4 The SNMP Screen 80 7 4 1 Configuring SNMP 81 7 5 The Centralized C...

Страница 14: ...oduct Specifications 107 Part VI Appendices and Index 111 Appendix A Setting Up Your Computer s IP Address 113 Appendix B Importing Certificates 137 Appendix C IP Addresses and Subnetting 161 Appendix...

Страница 15: ...EE 802 1x Authentication 51 Figure 18 Security WPA Personal WPA2 Personal 52 Figure 19 Security WPA Enterprise WPA2 Enterprise 53 Figure 20 WLAN ESSID Definition SSID Table 54 Figure 21 WLAN ESSID Def...

Страница 16: ...ork And Internet 117 Figure 60 Windows Vista Network and Sharing Center 118 Figure 61 Windows Vista Network and Sharing Center 118 Figure 62 Windows Vista Local Area Connection Properties 119 Figure 6...

Страница 17: ...141 Figure 100 Internet Explorer 7 Certificate Import Wizard 142 Figure 101 Internet Explorer 7 Website Identification 142 Figure 102 Internet Explorer 7 Public Key Certificate File 143 Figure 103 In...

Страница 18: ...xample Before Subnetting 164 Figure 140 Subnetting Example After Subnetting 165 Figure 141 Conflicting Computer IP Addresses Example 169 Figure 142 Conflicting Computer IP Addresses Example 169 Figure...

Страница 19: ...e WPA2 Enterprise 54 Table 16 WLAN ESSID Definition SSID Table 55 Table 17 WLAN ESSID Definition MAC ACL 56 Table 18 WLAN ESSID Definition RADIUS 57 Table 19 WLAN ESSID Definition WMM 58 Table 20 WLAN...

Страница 20: ...t Cable Pin Assignments 108 Table 48 IP Address Network Number and Host ID Example 162 Table 49 Subnet Masks 163 Table 50 Maximum Host Numbers 163 Table 51 Alternative Subnet Mask Notation 163 Table 5...

Страница 21: ...21 PART I Introduction Getting to Know Your NXC 8160 23 Introducing the Web Configurator 27...

Страница 22: ...22...

Страница 23: ...r cannot work properly The NXC 8160 provides secure wireless connectivity to your wired network The NWA 8500 access point can broadcast on two radio channels simultaneously allowing it to support two...

Страница 24: ...n connect to the rest of the network or Internet Typically you often find captive portal pages in public hotspots such as bookstores coffee shops and hotel rooms to name a few as soon as you attempt t...

Страница 25: ...se the same wireless settings such as SSID channel IEEE 802 11 mode and security If the main NXC 8160 fails wireless clients can still access the Internet or wired network by connecting to the backup...

Страница 26: ...unstable or even crashes If you backed up an earlier configuration file you would not have to totally re configure the NXC 8160 You could simply restore your last configuration 1 5 Front Panel LEDs L...

Страница 27: ...ons are allowed in Internet Explorer or Mozilla Firefox 2 2 Accessing the NXC 8160 Web Configurator 1 Make sure your NXC 8160 hardware is properly connected and prepare your computer computer network...

Страница 28: ...e parts A title bar B main window C status bar D navigation panel 2 4 1 Title Bar The title bar provides an icon in the upper right corner 2 4 2 Main Window The main window shows the screen you select...

Страница 29: ...e This field displays how long the NXC 8160 has been running since it last started up The NXC 8160 starts up when you turn it on when you restart it or reset to the defaults using the Maintenance scre...

Страница 30: ...f any which are not assigned to a radio Table 3 Web Configurator Status Screen continued LABEL DESCRIPTION Table 4 Navigation Panel Summary LINK FUNCTION Status This screen shows the NXC 8160 s genera...

Страница 31: ...e 5 Web Configurator About Screen LABEL DESCRIPTION Firmware Version This field displays the firmware version number and the date created AppsFS This field displays the firmware version number and the...

Страница 32: ...Chapter 2 Introducing the Web Configurator NXC 8160 User s Guide 32...

Страница 33: ...I LAN and WAN Settings The LAN Screen 36 The Wireless Subnets Screen 39 The ESSID Settings Screen 43 The MAC ACL Screen 55 The RADIUS Screen 56 The WMM Screen 57 The Radios Screen 59 The Assignments S...

Страница 34: ...34...

Страница 35: ...e two separate networks The following graphic gives an example Figure 9 LAN and WAN 3 1 1 What You Can Do in This Chapter The LAN screen lets you configure the NXC 8160 s IP address and other LAN TCP...

Страница 36: ...group can communicate with each other even if there are other devices in the network Tagged VLAN A tagged VLAN uses a VLAN ID to identify VLAN group membership The VLAN ID associates traffic with a s...

Страница 37: ...o different VLAN groups by connecting to another VLAN aware switch 3 2 1 1 VLAN Tagging The NXC 8160 supports IEEE 802 1q VLAN tagging Tagged VLAN uses an explicit tag VLAN ID in the MAC header of a f...

Страница 38: ...way the device connected to port 1 on switch A can configure the NXC 8160 Wireless clients connected to SSID x or y cannot manage the NXC 8160 itself but they can communicate with port 2 or 3 on swit...

Страница 39: ...icular situation If the ISP or your network administrator assigns you a block of registered IP addresses follow their instructions in selecting the IP addresses and the subnet mask If the ISP did not...

Страница 40: ...te IP Addresses Every machine on the Internet must have a unique address If your networks are isolated from the Internet for example only between your two branch offices you can assign any IP addresse...

Страница 41: ...e the NXC 8160 s built in wireless radio transmitters Section 4 6 on page 59 The Assignments screen lets you assign the NXC 8160 s ESSIDs to one of its two built in radios Section 4 7 on page 61 4 1 2...

Страница 42: ...so the weakest Many people use it strictly to deter unintentional usage of their wireless network by outsiders Wi Fi Protected Access WPA The WPA protocol affords users with vastly stronger security t...

Страница 43: ...ings Screen Click WLAN ESSID Definition to open this screen This is where you can configure the device s wireless settings such as ESSID and authentication security among other things The ESSID is the...

Страница 44: ...8160 User s Guide 44 Figure 13 Multiple ESSIDs Example In this example both AP 1 and AP 2 are broadcasting on 2 radio channels Within each channel each AP can create up to 16 ESSIDs Figure 14 WLAN ESS...

Страница 45: ...e Disabling Allow Store Forward also disables the Allow Inter Ess Forward option Allow Inter Ess Forward An Extended Service Set ESS consists of a series of overlapping Basic Service Sets each contain...

Страница 46: ...s an ESSID to have the following security settings WPA WPA2 Personal TKIP AES Pre Shared Key Authentication WPA WPA2 Enterprise TKIP AES 802 1x Authentication Captive Portal Select this option to set...

Страница 47: ...local user database and if you do not have a RADIUS server you cannot set up user names and passwords for your users Unauthorized devices can still see the information that is sent in the wireless net...

Страница 48: ...clients use WPA Personal WPA Enterprise or stronger encryption IEEE 802 1x and WEP encryption are better than none at all but it is still possible for unauthorized devices to figure out the original...

Страница 49: ...ity Simply put this option provides no security whatsoever over the wireless network If you do not enable any wireless security on your NXC 8160 your network is open to any wireless networking device...

Страница 50: ...Select a WEP key to use for data encryption The default key is key 1 To set the WEP keys select ASCII or HEX as the Input Format and enter the key in the field provided Select ASCII option to enter AS...

Страница 51: ...on or WEP128 802 1x Authentication from the drop down list WEP Keys WEP Wired Equivalent Privacy provides data encryption to prevent unauthorized wireless stations from accessing data transmitted over...

Страница 52: ...re 18 Security WPA Personal WPA2 Personal RADIUS Server 1 4 The NXC 8160 can use an external RADIUS server to authenticate users RADIUS servers are checked in order from 1 to 4 for example if server 1...

Страница 53: ...160 network Select ASCII or HEX as the Input Format and enter the key in the field provided Type a pre shared key from 8 to 63 case sensitive ASCII characters including spaces and symbols or type a pr...

Страница 54: ...a new group key out to all clients The re keying process is the WPA equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis Enter a time interval betw...

Страница 55: ...dentification tag which the NXC 8160 can use to either grant or deny permission to the computer when it tries to connect to an ACL configured ESSID If the MAC ACL is not configured for a particular ES...

Страница 56: ...utive failures of the server The order of priority is 1 to 4 Figure 22 WLAN ESSID Definition RADIUS Table 17 WLAN ESSID Definition MAC ACL LABEL DESCRIPTION All MACs This list displays all MAC address...

Страница 57: ...data packets may suddenly be sent to the back of the priority queue if they hit say an ISP in Great Britain that wants to minimize its voice traffic in order to save bandwidth for other kinds of data...

Страница 58: ...have minimal deleterious side effects on the data packets Quality of Service CWmin This indicates the current value of the Minimum Contention Window for the given WMM parameter This is the minimum nu...

Страница 59: ...s to open this screen This is where you can configure the NXC 8160 s built in wireless radio transmitters Figure 24 WLAN Radios Save Click Save to store your changes Cancel Click Reset to begin config...

Страница 60: ...ysical Layer Convergance Protocol PLCP It is provided to improve throughput efficiency when transmitting either voice or video data packets Note This option is only available when the given radio s WL...

Страница 61: ...o peer network or as complex as a number of computers with wireless LAN adapters communicating through access points which bridge network traffic to the wired LAN Table 21 WLAN Assignments LABEL DESCR...

Страница 62: ...LAN controller Every wireless network must follow these basic guidelines Every wireless client in the same wireless network must use the same SSID The SSID is the name of the wireless network It stand...

Страница 63: ...ART III Access Points and System Tools The Access Points Screen 65 The Apply Screen 68 The Reboot Screen 68 The Maintenance Screen 69 The Time Date Screen 70 The Passwords Screen 71 The Upgrade Screen...

Страница 64: ...64...

Страница 65: ...rms and concepts may help as you read through this chapter Power over Ethernet Power over Ethernet PoE is a system that allows the transfer of electrical power over an RJ 45 Ethernet cable This allows...

Страница 66: ...y to put the changes into effect Power on all Click this button to toggle all RJ 45 ports to the On position in order to receive power directly from the NXC 8160 As soon as you make your selection cli...

Страница 67: ...default configuration Section 6 4 on page 69 The Time Date screen lets you configure the NXC 8160 s time and date settings Section 6 5 on page 70 The Passwords screen lets you change the NXC 8160 s m...

Страница 68: ...next time you restart the device Figure 28 System Tools Apply The following table describes the labels in this screen 6 3 The Reboot Screen Click System Tools Reboot to open this screen This is where...

Страница 69: ...onfiguration Save Click the Save button to save your NXC 8160 s configuration settings as an ecf file When the button is clicked your web browser prompts you to save the file in a local destination Up...

Страница 70: ...nd date Once selected choose an NTP server from the Main list You can also choose a second server from the Backup list in the event that the NXC 8160 cannot connect with the Main server it will try to...

Страница 71: ...s Time Date LABEL DESCRIPTION Table 27 System Tools Passwords LABEL DESCRIPTION Level Select the user name admin operator or root you want to configure in this screen To access the web configurator us...

Страница 72: ...LABEL DESCRIPTION Upgrade File Upload the binary image file that is intended to upgrade your device s firmware here You can either enter the file path in the box or use the Browse button to locate it...

Страница 73: ...nts and Reports Network Redundancy 76 The Syslog Monitor Screen 79 The SNMP Screen 80 The Centralized Configuration Screen 82 The IDS Screen 85 The Portal Screen 86 The Others Screen 92 The Events Log...

Страница 74: ...74...

Страница 75: ...configure the NXC 8160 s response to denial of service type attacks on your network Section 7 6 on page 85 The Portal screen lets you configure your captive portal web page parameters Section 7 7 on...

Страница 76: ...o ensure the network remains stable in the event that the main servers become unreliable The NXC 8160 allows you to set up a standby NXC 8160 as a means to maintain your network intergrity in such a m...

Страница 77: ...contact with the backup NXC 8160 B then the backup takes over for the main When this happens users connected to the wireless network may experience a momentary disconnect as the backup APs take over F...

Страница 78: ...the connections to the main WLAN controller and the referenced host If the connection to the main WLAN controller is down and the connection to the referenced host is up the backup WLAN controller bec...

Страница 79: ...how often they are sent Figure 37 Advanced Syslog Monitor The following table describes the labels in this screen Table 30 Advanced Syslog Monitor LABEL DESCRIPTION Enable Syslog Select the check box...

Страница 80: ...s It executes applications that control and monitor managed devices The managed devices contain object variables managed objects that define each piece of information to be collected about a device Ex...

Страница 81: ...rom an ESSID The reason code is an IEEE 802 11 reason code Key error Client Client MAC ESSID ESSID Cipher suite Cipher This trap is sent in case of any key error during four way handshake MIC error or...

Страница 82: ...Reference Host is up This trap is sent when the reference server is up and active Sent by the main NXC 8160 Reference Host is down This trap is sent when the reference server is down Sent by the main...

Страница 83: ...guration Member LABEL DESCRIPTION Enable Master Select this option to have the NXC 8160 act as a master controller You can manage the member controllers through the master controller SSH Keys Set key...

Страница 84: ...connections Switch Table This table shows the NXC 8160s added to the centralized configuration group The master controller s entry is grayed out You cannot configure it Status This field displays whic...

Страница 85: ...ttacks Upon detection the system sends an SNMP trap message notifying you of the event and if applicable provides attacker details such as the attacker s MAC address for example You can then use this...

Страница 86: ...Select this option to limit the number of authentication messages the NXC 8160 allows itself to receive You can configure this option on a Per Station or All Stations basis De Authentication Flood Sel...

Страница 87: ...age which could for example contain Terms of Use to which a user must agree before being granted unlimited Internet access Open Access is used primarily for networks that grant open access to end user...

Страница 88: ...n of the Portal page allows you to configure a list of pre approved IP addresses outside of your network that will bypass the captive portal For example if you have a corporate website that is outside...

Страница 89: ...n button By default and if left blank this is Login but you can customize it how you see fit for example if your captive portal web page is for your Shanghai office you may want to use the localized v...

Страница 90: ...olor values Upload Apply Click this button to upload any changes to the NXC 8160 s built in captive portal web page Preview Click this button to preview a temporary copy of the changes you have made t...

Страница 91: ...must contain two text input tags one for username and one for password 6 The username tag must have the parameter name f_username 7 The password tag must have the parameter name f_password 8 If image...

Страница 92: ...obe response MAC Authentication Select this option to authenticate each ESSID connection by using a client computer s MAC address and an associated RADIUS server Even if a client computer does not sup...

Страница 93: ...ion protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network In the following figure computer A on the Internet u...

Страница 94: ...mputer 2 Encryption Method Once the identification is verified both the client and server must agree on the type of encryption method to use 3 Authentication and Data Transmission After the identifica...

Страница 95: ...rts and list of events Section 8 2 on page 95 The Events Log History screen lets you view the last 300 events logs recorded by the NXC 8160 Section 8 2 1 on page 98 The Reports screen let you iew the...

Страница 96: ...erity This displays a numerical indicator of the event severity Description This displays a description of the event Type This displays a numerical indicator of the event type Pause Click this button...

Страница 97: ...37 disassociation req 38 reassociation req 39 eapol start 40 eapol logoff 41 nav duration 42 ids end 43 ids duration attack 44 ids association flood attack 45 ids disassociation flood attack 46 ids a...

Страница 98: ...d 63 fw upgrade reconfigured 64 diagnostics report 65 ap incompatibility 66 ap compatibility Table 41 Events Logs Severity Indicators INDICATOR EVENT TYPE Table 42 Events Logs Events Log History LABEL...

Страница 99: ...og History The following table describes the labels in this screen Table 43 Events Logs Events Log History LABEL DESCRIPTION Downlink Throughput Mbps This displays the connection speed or downlink thr...

Страница 100: ...Chapter 8 Events Reports NXC 8160 User s Guide 100...

Страница 101: ...101 PART V Troubleshooting and Specifications Troubleshooting 103 Product Specifications 107...

Страница 102: ...102...

Страница 103: ...wer cord included with the NXC 8160 3 Make sure the power cord is connected to the NXC 8160 and plugged in to an appropriate power source Make sure the power source is turned on 4 Disconnect and re co...

Страница 104: ...hardware connections and make sure the LEDs are behaving as expected See the Quick Start Guide and Section 1 5 on page 26 3 Make sure your Internet browser does not block pop up windows and has JavaS...

Страница 105: ...160 3 If this does not work you have to contact your vendor V I cannot Telnet to the NXC 8160 You cannot use Telnet to access the NXC 8160 The NXC 8160 supports SSH Secure SHell and allows a secure en...

Страница 106: ...wireless adapter installed is within the transmission range of the AP s connected to the NXC 8160 7 Make sure the AP s connected to the NXC 8160 is receiving power from the NXC 8160 and working prope...

Страница 107: ...n condensing Storage Humidity 5 95 RH non condensing Certifications EMC FCC Part 15 Class B CE EMC Class B C Tick Class B Safety CSA International UL60950 1 EN60950 1 Table 45 Firmware Specifications...

Страница 108: ...f IGMP Internet Group Management Protocol used to join multicast groups see RFC 2236 Time and Date Get the current time and date from an external server when you turn on your NXC 8160 You can also set...

Страница 109: ...uct Specifications NXC 8160 User s Guide 109 1 IRD 1 OTD 1 IRD 1 IRD 2 IRD 2 OTD 2 IRD 2 IRD 3 OTD 3 IRD 3 OTD 3 OTD 6 OTD 6 IRD 6 OTD 6 OTD Table 47 Ethernet Cable Pin Assignments WAN LAN ETHERNET CA...

Страница 110: ...Chapter 10 Product Specifications NXC 8160 User s Guide 110...

Страница 111: ...ion Some details may not apply to your NXC 8160 Setting Up Your Computer s IP Address 113 Importing Certificates 137 IP Addresses and Subnetting 161 Pop up Windows JavaScripts and Java Permissions 171...

Страница 112: ...112...

Страница 113: ...cate with the other devices on your network Windows Vista XP 2000 Mac OS 9 OS X and all versions of UNIX LINUX include the software components you need to use TCP IP on your computer If you manually a...

Страница 114: ...s XP NT 2000 The following example uses the default Windows XP display theme but can also apply to Windows 2000 and Windows NT 1 Click Start Control Panel Figure 52 Windows XP Start Menu 2 In the Cont...

Страница 115: ...e 115 3 Right click Local Area Connection and then select Properties Figure 54 Windows XP Control Panel Network Connections Properties 4 On the General tab select Internet Protocol TCP IP and then cli...

Страница 116: ...ess that was assigned to you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided 7 Click OK to close the...

Страница 117: ...on shows screens from Windows Vista Professional 1 Click Start Control Panel Figure 57 Windows Vista Start Menu 2 In the Control Panel click the Network and Internet icon Figure 58 Windows Vista Contr...

Страница 118: ...connections Figure 60 Windows Vista Network and Sharing Center 5 Right click Local Area Connection and then select Properties Figure 61 Windows Vista Network and Sharing Center During this procedure c...

Страница 119: ...pendix A Setting Up Your Computer s IP Address NWD271N User s Guide 119 6 Select Internet Protocol Version 4 TCP IPv4 and then select Properties Figure 62 Windows Vista Local Area Connection Propertie...

Страница 120: ...address that was assigned to you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided Click Advanced 9 C...

Страница 121: ...1 Mac OS X 10 3 and 10 4 The screens in this section are from Mac OS X 10 4 but can also apply to 10 3 1 Click Apple System Preferences Figure 64 Mac OS X 10 4 Apple Menu 2 In the System Preferences w...

Страница 122: ...es pane opens select Built in Ethernet from the network connection type list and then click Configure Figure 66 Mac OS X 10 4 Network Preferences 4 For dynamically assigned settings select Using DHCP...

Страница 123: ...ress In the Subnet Mask field type your subnet mask In the Router field type the IP address of your device Figure 68 Mac OS X 10 4 Network Preferences Ethernet 6 Click Apply Now and close the window V...

Страница 124: ...NWD271N User s Guide 124 Mac OS X 10 5 The screens in this section are from Mac OS X 10 5 1 Click Apple System Preferences Figure 70 Mac OS X 10 5 Apple Menu 2 In System Preferences click the Network...

Страница 125: ...Figure 72 Mac OS X 10 5 Network Preferences Ethernet 4 From the Configure list select Using DHCP for dynamically assigned settings 5 For statically assigned settings do the following From the Configu...

Страница 126: ...OS X 10 5 Network Preferences Ethernet 6 Click Apply and close the window Verifying Settings Check your TCP IP properties by clicking Applications Utilities Network Utilities and then selecting the a...

Страница 127: ...al configuration The following screens use the default Ubuntu 8 installation Make sure you are logged in as the root administrator Follow the steps below to configure your computer IP address in GNOME...

Страница 128: ...e window enter your admin account name and password then click the Authenticate button Figure 77 Ubuntu 8 Administrator Account Authentication 4 In the Network Settings window select the connection th...

Страница 129: ...t select Static IP address if you have a static IP address Fill in the IP address Subnet mask and Gateway address fields 6 Click OK to save the changes and close the Properties dialog box and return t...

Страница 130: ...fying Settings Check your TCP IP properties by clicking System Administration Network Tools and then selecting the appropriate Network device from the Devices tab The Interface Statistics column shows...

Страница 131: ...epending on your specific distribution release version and individual configuration The following screens use the default openSUSE 10 3 installation Make sure you are logged in as the root administrat...

Страница 132: ...dow opens select Network Devices and then click the Network Card icon Figure 84 openSUSE 10 3 YaST Control Center 4 When the Network Settings window opens click the Overview tab select the appropriate...

Страница 133: ...k the Address tab Figure 86 openSUSE 10 3 Network Card Setup 6 Select Dynamic Address DHCP if you have a dynamic IP address Select Statically assigned IP Address if you have a static IP address Fill i...

Страница 134: ...Guide 134 8 If you know your DNS server IP address es click the Hostname DNS tab in Network Settings and then enter the DNS server information in the fields provided Figure 87 openSUSE 10 3 Network Se...

Страница 135: ...the Task bar to check your TCP IP properties From the Options sub menu select Show Connection Information Figure 88 openSUSE 10 3 KNetwork Manager When the Connection Status KNetwork Manager window op...

Страница 136: ...Appendix A Setting Up Your Computer s IP Address NWD271N User s Guide 136...

Страница 137: ...ate Many ZyXEL products such as the NSA 2401 issue their own public key certificates These can be used by web browsers on a LAN or WAN to verify that they are in fact connecting to the legitimate devi...

Страница 138: ...Vista 1 If your device s web configurator is set to use SSL certification then the first time you browse to it you are presented with a certification error Figure 90 Internet Explorer 7 Certification...

Страница 139: ...icates Document Title 139 4 In the Certificate dialog box click Install Certificate Figure 93 Internet Explorer 7 Certificate 5 In the Certificate Import Wizard click Next Figure 94 Internet Explorer...

Страница 140: ...en go to step 9 Figure 95 Internet Explorer 7 Certificate Import Wizard 7 Otherwise select Place all certificates in the following store and then click Browse Figure 96 Internet Explorer 7 Certificate...

Страница 141: ...tle 141 9 In the Completing the Certificate Import Wizard screen click Finish Figure 98 Internet Explorer 7 Certificate Import Wizard 10 If you are presented with another Security Warning click Yes Fi...

Страница 142: ...allation message Figure 100 Internet Explorer 7 Certificate Import Wizard 12 The next time you start Internet Explorer and go to a ZyXEL web configurator page a sealed padlock icon appears in the addr...

Страница 143: ...ompted you can install a stand alone certificate file if one has been issued to you 1 Double click the public key certificate file Figure 102 Internet Explorer 7 Public Key Certificate File 2 In the s...

Страница 144: ...This section shows you how to remove a public key certificate in Internet Explorer 7 1 Open Internet Explorer and click Tools Internet Options Figure 104 Internet Explorer 7 Tools Menu 2 In the Intern...

Страница 145: ...nd then click Remove Figure 106 Internet Explorer 7 Certificates 4 In the Certificates confirmation click Yes Figure 107 Internet Explorer 7 Certificates 5 In the Root Certificate Store dialog box cli...

Страница 146: ...then the first time you browse to it you are presented with a certification error 2 Select Accept this certificate permanently and click OK Figure 109 Firefox 2 Website Certified by an Unknown Author...

Страница 147: ...a ZyXEL web configurator and installing a public key certificate when prompted you can install a stand alone certificate file if one has been issued to you 1 Open Firefox and click Tools Options Figu...

Страница 148: ...rt Figure 113 Firefox 2 Certificate Manager 4 Use the Select File dialog box to locate the certificate and then click Open Figure 114 Firefox 2 Select File 5 The next time you visit the web site click...

Страница 149: ...tificate in Firefox This section shows you how to remove a public key certificate in Firefox 2 1 Open Firefox and click Tools Options Figure 115 Firefox 2 Tools Menu 2 In the Options dialog box click...

Страница 150: ...ertificate that you want to remove and then click Delete Figure 117 Firefox 2 Certificate Manager 4 In the Delete Web Site Certificates dialog box click OK Figure 118 Firefox 2 Delete Web Site Certifi...

Страница 151: ...gurator is set to use SSL certification then the first time you browse to it you are presented with a certification error 2 Click Install to accept the certificate Figure 119 Opera 9 Certificate signe...

Страница 152: ...g to a ZyXEL web configurator and installing a public key certificate when prompted you can install a stand alone certificate file if one has been issued to you 1 Open Opera and click Tools Preference...

Страница 153: ...ocument Title 153 3 In the Certificates Manager click Authorities Import Figure 123 Opera 9 Certificate manager 4 Use the Import certificate dialog box to locate the certificate and then click Open Fi...

Страница 154: ...ialog box click Install Figure 125 Opera 9 Install authority certificate 6 Next click OK Figure 126 Opera 9 Install authority certificate 7 The next time you visit the web site click the padlock in th...

Страница 155: ...ving a Certificate in Opera This section shows you how to remove a public key certificate in Opera 9 1 Open Opera and click Tools Preferences Figure 127 Opera 9 Tools Menu 2 In Preferences Advanced Se...

Страница 156: ...o remove and then click Delete Figure 129 Opera 9 Certificate manager 4 The next time you go to the web site that issued the public key certificate you just removed a certification error appears There...

Страница 157: ...to use SSL certification then the first time you browse to it you are presented with a certification error 2 Click Continue Figure 130 Konqueror 3 5 Server Authentication 3 Click Forever when prompted...

Страница 158: ...ou 1 Double click the public key certificate file Figure 133 Konqueror 3 5 Public Key Certificate File 2 In the Certificate Import Result Kleopatra dialog box click OK Figure 134 Konqueror 3 5 Certifi...

Страница 159: ...Menu 2 In the Configure dialog box select Crypto 3 On the Peer SSL Certificates tab select the certificate you want to delete and then click Remove Figure 137 Konqueror 3 5 Configure 4 The next time...

Страница 160: ...Appendix B Importing Certificates Document Title 160...

Страница 161: ...are a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the host I...

Страница 162: ...part of the host ID The following example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal By convention subnet masks always consist...

Страница 163: ...by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet This is usually specified by writing a follow...

Страница 164: ...ws the company network before subnetting Figure 139 Subnetting Example Before Subnetting You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate sub networks The sub...

Страница 165: ...1 254 Example Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need to b...

Страница 166: ...et 3 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Add...

Страница 167: ...BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 255 128 25 2 126 2 255 255 255 192 26 4 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 252 30...

Страница 168: ...ed You don t need to change the subnet mask computed by the NXC 8160 unless you are instructed to do otherwise Private IP Addresses Every machine on the Internet must have a unique address If your net...

Страница 169: ...omputer B which is a DHCP client Neither can access the Internet This problem can be solved by assigning a different static IP address to computer A or setting computer A to obtain an IP address autom...

Страница 170: ...n not use the same IP address In the following example the computer and the router s LAN port both use 192 168 1 1 as the IP address The computer cannot access the Internet This problem can be solved...

Страница 171: ...et Explorer Pop up Blockers You may have to disable pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blocking a...

Страница 172: ...eb pop up blockers you may have enabled Figure 145 Internet Options Privacy 3 Click Apply to save this setting Enable Pop up Blockers with Exceptions Alternatively if you only want to allow pop up win...

Страница 173: ...e 173 Figure 146 Internet Options Privacy 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 167 1 4 Click Add to move...

Страница 174: ...ay properly in Internet Explorer check that JavaScripts are allowed 1 In Internet Explorer click Tools Internet Options and then the Security tab Figure 148 Internet Options Security 2 Click the Custo...

Страница 175: ...ngs Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Java permissio...

Страница 176: ...d then the Advanced tab 2 Make sure that Use Java 2 for applet under Java Sun is selected 3 Click OK to close the window Figure 151 Java Sun Mozilla Firefox Mozilla Firefox 2 0 screens are used here S...

Страница 177: ...ripts and Java Permissions NXC 8160 User s Guide 177 Figure 152 Mozilla Firefox Tools Options Click Content to show the screen below Select the check boxes as shown in the following screen Figure 153...

Страница 178: ...Appendix D Pop up Windows JavaScripts and Java Permissions NXC 8160 User s Guide 178...

Страница 179: ...ndent Basic Service Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an ad hoc wireless LAN Figure 154 Peer to Peer Communication in an Ad hoc Netw...

Страница 180: ...ed connection between APs is called a Distribution System DS This type of wireless LAN topology is called an Infrastructure WLAN The Access Points not only provide communication with the wired network...

Страница 181: ...ally overlap however To avoid interference due to overlap your AP should be on a channel at least five channels away from a channel that an adjacent AP is using For example if your region has 11 chann...

Страница 182: ...quested transmission Stations can send frames smaller than the specified RTS CTS directly to the AP without the RTS Request To Send CTS Clear to Send handshake You should only configure RTS CTS if the...

Страница 183: ...ort it and to provide more efficient communications Use the dynamic setting to automatically use short preamble when all wireless devices on the network support it otherwise the NXC 8160 uses long pre...

Страница 184: ...of IEEE 802 1x are User based identification that allows for roaming Support for RADIUS Remote Authentication Dial In User Service RFC 2138 2139 for centralized user profile and accounting management...

Страница 185: ...and the RADIUS server for user accounting Accounting Request Sent by the access point requesting accounting Accounting Response Sent by the RADIUS server to indicate that it has started or stopped ac...

Страница 186: ...reless clients for mutual authentication The server presents a certificate to the client After validating the identity of the server the client sends a different certificate to the server The exchange...

Страница 187: ...defines stronger encryption authentication and key management than WPA Key differences between WPA or WPA2 and WEP are improved data encryption and user authentication If both an AP and the wireless c...

Страница 188: ...ith and the packet is dropped By generating unique data encryption keys for every data packet and by creating an integrity checking mechanism MIC with TKIP and AES it is more difficult to decrypt data...

Страница 189: ...ient s authentication request to the RADIUS server 2 The RADIUS server then checks the user s identification against its database and grants or denies network access accordingly 3 A 256 bit Pairwise M...

Страница 190: ...o this table to see what other security parameters you should configure for each authentication method or key management protocol type MAC address filters are not dependent on how you configure these...

Страница 191: ...or site each 1dB increase in gain results in a range increase of approximately 5 Actual results may vary depending on the network environment Antenna gain is sometimes specified in dBi which is how mu...

Страница 192: ...in a direct line of sight to each other to attain the best performance For omni directional antennas mounted on a table desk and so on point the antenna up For omni directional antennas mounted on a w...

Страница 193: ...CC Interference Statement The device complies with Part 15 of FCC rules Operation is subject to the following two conditions This device may not cause harmful interference This device must accept any...

Страница 194: ...FCC RF exposure compliance requirements a separation distance of at least 20 cm must be maintained between the antenna of this device and all persons 5250MHz 5350MHz Notices Changes or modifications n...

Страница 195: ...cement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or...

Страница 196: ...Appendix F Legal Information NXC 8160 User s Guide 196...

Страница 197: ...Headquarters Worldwide Support E mail support zyxel com tw Sales E mail sales zyxel com tw Telephone 886 3 578 3942 Fax 886 3 578 2439 Web www zyxel com www europe zyxel com FTP ftp zyxel com ftp eur...

Страница 198: ...Fax 358 9 4780 8448 Web www zyxel fi Regular Mail ZyXEL Communications Oy Malminkaari 10 00700 Helsinki Finland France E mail info zyxel fr Telephone 33 4 72 52 97 97 Fax 33 4 72 52 19 20 Web www zyx...

Страница 199: ...gawa ku Tokyo 141 0022 Japan Kazakhstan Support http zyxel kz support Sales E mail sales zyxel kz Telephone 7 3272 590 698 Fax 7 3272 590 689 Web www zyxel kz Regular Mail ZyXEL Kazakhstan 43 Dostyk A...

Страница 200: ...rzei 1A 03 715 Warszawa Poland Russia Support http zyxel ru support Sales E mail sales zyxel ru Telephone 7 095 542 89 29 Fax 7 095 542 89 25 Web www zyxel ru Regular Mail ZyXEL Russia Ostrovityanova...

Страница 201: ...ZyXEL Thailand Co Ltd 1 1 Moo 2 Ratchaphruk Road Bangrak Noi Muang Nonthaburi 11000 Thailand Ukraine Support E mail support ua zyxel com Sales E mail sales ua zyxel com Telephone 380 44 247 69 78 Fax...

Страница 202: ...Appendix G Customer Support NXC 8160 User s Guide 202...

Страница 203: ...tralized configuration technical reference 93 Certificate Authority See CA certifications 193 notices 194 viewing 194 channel 62 181 interference 181 client definition 42 Clustering Management ZyXEL S...

Страница 204: ...nformation Base See MIB managing the device good habits 26 master controller 82 member device 82 Message Integrity Check MIC 188 MIB 80 N NAT 39 168 navigation panel 30 network redundancy 76 NTP defin...

Страница 205: ...195 note 195 web configurator 27 WEP definition 42 WEP Wired Equivalent Privacy 49 WEP key 49 Wi Fi Protected Access 52 187 wireless client 62 wireless client WPA supplicants 189 wireless LAN introdu...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды