Apple DESIGNING AIRPORT NETWORKS User Manual

0 (0)

Designing

AirPort Networks

Contents

Chapter 1

5

Getting Started

 

6

How AirPort Works

 

6

How Wireless Internet Access Is Provided

 

7

Configuring the AirPort Extreme Base Station and AirPort Express for Internet Access

 

7

AirPort Setup Assistant

 

8

AirPort Admin Utility

 

8

Extending the Range of Your AirPort Network

 

9

AirTunes

 

9

Printing via an AirPort Extreme Base Station or AirPort Express

 

10

Sharing Your Computer’s Internet Connection

Chapter 2

13

Network Basics

 

15

Software Used for IP Networking in Mac OS X

 

16

Software Used for AirPort Networking in Mac OS X

Chapter 3

17

AirPort Security

 

17

Security for AirPort Networks at Home

 

18

Security for AirPort Networks in Business and Education

 

19

Wi-Fi Protected Access (WPA)

Chapter 4

21

AirPort Network Designs

 

22

Using the AirPort Setup Assistant

 

22

Using AirPort Admin Utility

 

23

Setting Up the AirPort Network

 

29

Configuring and Sharing Internet Access

 

48

Setting Advanced Options

 

62

Solving Problems

 

63

More Information About AirPort

Chapter 5

65

Using AirPort Express

Chapter 6

75

Behind the Scenes

3

Getting Started

1

 

 

 

AirPort offers the easiest way to provide wireless Internet access and networking anywhere in the home, classroom, or office.

Instead of using cables to create a network, AirPort uses wireless local area network (WLAN) technology to provide wireless communication between computers. Through a wireless network you can access the Internet, share files, play multiplayer games, and more. If you have an AirPort Express and use AirPort 4.0 or later, you can play iTunes music through remote speakers using AirTunes.

Note: This document contains information about AirPort and detailed information about designing AirPort networks using AirPort Extreme. If you are using AirPort Express, you can find general information in Chapter 5,“Using AirPort Express,” on page 65. See the documentation that came with your AirPort Express for more detailed information about the different ways to set up your AirPort Express network.

Using AirPort technology, you can:

Create a wireless network in your home or school using an AirPort Extreme Base Station or AirPort Express, then connect to the Internet and share the connection among several computers simultaneously. An entire family or classroom can be on the Internet at the same time.

Set up a wireless connection to your standard computer network. AirPort-equipped computers can access the entire network without being connected with a cable.

Connect multiple computers in a wireless “Computer-to-Computer” network so that you can share files or play network games.

You can set up an AirPort Extreme Base Station or AirPort Express and connect to the Internet without wires in minutes. But since they are flexible and powerful networking devices, you can also create an AirPort network that does much more. If you want to design an AirPort network that provides Internet access to non-AirPort computers via Ethernet, or take advantage of some of the base station’s more advanced features, use this document to design and implement your network.

5

Note: Some of the AirPort features described in this book are available only in Mac OS X version 10.3 or later, using AirPort 4.0 or later. If you are using an earlier version of Mac OS X or AirPort, images shown in this book may be slightly different from what you see on your screen.

How AirPort Works

In a wired network, sharing files and information between computers requires the computers to be connected by cables. With AirPort, the data is transferred between computers using radio waves through a wireless network.

There are two ways to create a wireless network:

You can use an AirPort-equipped computer to create a temporary “Computer-to-

Computer” network, which other AirPort-equipped computers within range can join.

You can create a more permanent wireless network using a base station. In this kind of network, all wireless communication goes through the base station to the Internet or to other computers on the network.

You can also incorporate AirPort technology into an existing Ethernet network by connecting an AirPort Extreme Base Station or AirPort Express to the network. This allows non-AirPort computers to communicate with AirPort computers.

The typical indoor range for an AirPort connection is up to 150 feet (45 meters). Range in a wireless network may vary with site conditions.

How Wireless Internet Access Is Provided

Wireless Internet access requires an AirPort Card or an AirPort Extreme Card, an AirPort Extreme Base Station or AirPort Express, and an account with an Internet service provider (fees may apply). Some Internet service providers (ISPs) are not currently compatible with AirPort. Some cable modem and DSL providers may not be compatible with AirPort. Contact your service provider for more information.

AirPort technology is similar to cordless telephone technology. The handset of the cordless phone makes a wireless connection to the base, which is connected to the telephone system. Likewise, with AirPort, your computer does not establish a

wireless connection with your ISP directly. You set up a wireless connection from the computer to a base station that is connected to the Internet by a wire, such as a DSL or telephone line.

6

Chapter 1 Getting Started

 

 

Use AirPort to provide wireless Internet access and share a single Internet connection among multiple computers in the following ways:

Connect the AirPort Extreme Base Station or AirPort Express to a DSL or cable modem. If you are using an AirPort Extreme Base Station that has an internal modem, you can connect it to a telephone line. Once connected to the Internet, the AirPort Extreme Base Station or AirPort Express receives webpages and email content from the Internet via its Internet connection and then sends it to AirPort-equipped computers, using the wireless network.

Connect the AirPort Extreme Base Station or AirPort Express to an existing network that already has Internet access, such as in a school or small office. AirPort-equipped computers connect wirelessly to the base station and receive network and Internet content.

Configuring the AirPort Extreme Base Station and AirPort Express for Internet Access

Like your computer, the AirPort Extreme Base Station or AirPort Express must be set up with the appropriate hardware and Internet Protocol (IP) networking information to connect to the Internet. To provide the Internet configuration information to your AirPort Extreme Base Station or AirPort Express, you can use the AirPort Setup Assistant. The AirPort Setup Assistant asks a series of questions to determine how the base station’s Internet connection and other interfaces should be set up.

To set up more complex configurations, you use AirPort Admin Utility. For more information about the AirPort Setup Assistant and AirPort Admin Utility, see the following sections.

AirPort Setup Assistant

Use the AirPort Setup Assistant to enter the settings your AirPort Extreme Base Station or AirPort Express needs to connect to the Internet. Enter the settings you received from your ISP for Ethernet, PPP over Ethernet (PPPoE), or the internal modem if your base station has one. You can also give your AirPort network a name and password. You can use the AirPort Setup Assistant to set up a base station as a wireless bridge and extend the range of your existing AirPort Extreme or AirPort Express network.

If you are using an AirPort Express, you can create a new wireless network or join an existing wireless network. If you connect AirPort Express to your stereo or powered speakers, you can set up your AirPort Express to play iTunes music using AirTunes. See Chapter 5,“Using AirPort Express,” on page 65 for more information.

When you have finished entering the settings, the AirPort Setup Assistant transfers the settings to your base station and your base station shares its Internet connection with computers that join its AirPort network.

Chapter 1 Getting Started

7

 

 

For instructions on using the AirPort Setup Assistant, see “Using the AirPort Setup

Assistant” on page 22.

AirPort Admin Utility

AirPort Admin Utility is a convenient way to make quick adjustments to your base station configuration. Some of the AirPort Extreme Base Station and AirPort Express advanced networking features can be configured only with AirPort Admin Utility.

Use AirPort Admin Utility when:

You want to provide Internet access to computers that connect to the base station using Ethernet

You have already set up your base station, but you need to change one setting, such your account credentials, or the phone number for your ISP

You need to configure advanced base station settings such as channel frequency, security options, closed networks, DHCP lease time, access control, WAN privacy, power controls, or port mapping

For instructions on using AirPort Admin Utility, see “Using AirPort Admin Utility” on page 22.

Extending the Range of Your AirPort Network

You can extend the range of your network by using AirPort Admin Utility to set up wireless connections between multiple base stations in your network, known as a Wireless Distribution System (WDS), or to connect AirPort Extreme Base Stations via Ethernet to create a roaming network. For more information on setting up a Wireless Distribution System or a roaming network, see “Connecting Additional Base Stations to Your AirPort Network” on page 49. You can also extend the range of your wireless network by connecting an Apple-certified external antenna to the antenna port on an AirPort Extreme Base Station.

If you are using AirPort Express to extend the range of your AirPort Extreme network, see Chapter 5,“Using AirPort Express,” on page 65.

Some models of the AirPort Extreme Base Station can receive power through the Ethernet WAN port when it is connected to 802.3af-compliant Power Sourcing Equipment (PSE) with a CAT 5 Ethernet cable. A PSE is a line-powered Ethernet device, like a switch or a hub, that supplies power to Powered Devices (PDs) over the Ethernet cable. Powering the base station using a PSE is known as Power over Ethernet (PoE).

8

Chapter 1 Getting Started

 

 

If your base station can receive power over Ethernet, the base station and the mounting bracket conform to UL Standard 2043,“Fire Test for Heat and Visible Smoke Release for Discrete Products and Their Accessories Installed in Air-Handling Spaces,” for placement in the air-handling space above suspended ceilings. Using Power over Ethernet allows you to install a base station in places away from a standard electrical outlet. For more information about using PoE, see the documentation that came with your base station.

To use the base station in an air-handling space above suspended ceilings, you must connect the Ethernet WAN port to an 802.3af-compliant PSE with a plenum-rated Ethernet cable. You cannot use the AC power adapter to power a base station installed in an air-handling space. When the base station receives power over Ethernet, the USB port is disabled. Do not connect an external antenna to a base station mounted in an air-handling space.

AirTunes

If you are using AirPort Express, and you have connected it to your stereo or powered speakers, you can play iTunes music on the stereo using AirTunes. AirTunes is an encoding technology that allows for CD-quality transmission of iTunes music over the air. You can stream music from your iTunes library to AirPort Express wirelessly, and AirPort Express plays the music on your stereo through cables connected to the analog and optical digital audio stereo mini-jack. The music is buffered to ensure smooth playback without skips or jumps.

Anything you play in iTunes–MP3 files, AAC files, audio books, even Dolby surround- sound–you can play using AirTunes.

To use AirTunes, you need an AirPort Express connected to your stereo or powered speakers, AirPort 4.0 or later, and iTunes 4.6 or later.

Printing via an AirPort Extreme Base Station or AirPort Express

If you have a USB printer connected to your AirPort Extreme Base Station or AirPort Express, computers on the AirPort network can print to the printer by selecting it via Rendezvous in Printer Setup Utility, located in Applications/Utilities. You must use Mac OS X version 10.2.3 or later to print to a USB printer via an AirPort Extreme Base Station.

If your AirPort Extreme Base Station supports PoE, and is receiving power from an 802.3af-compliant PSE, you cannot connect a printer to it.

Chapter 1 Getting Started

9

 

 

Sharing Your Computer’s Internet Connection

If you have an AirPort Card installed in your computer and you are connected to the Internet, you can share your Internet connection with other computers using Mac OS X version 10.2 or later. This is sometimes called using your computer as a software base station.

You can share your Internet connection as long as your computer is connected to the Internet. If your computer goes to sleep or is restarted, or if you lose your Internet connection, you need to restart Internet sharing.

To start Internet sharing:

1 Open System Preferences, click Sharing, and then click Internet.

2Select how you would like to share your Internet connection, then click Start. You can choose to share your Internet connection with AirPort-equipped computers, computers with built-in Ethernet, or both.

Note: If your Internet connection and your local network use the same port (built-in Ethernet, for example), contact your ISP before you turn on Internet sharing. In some cases (if you use a cable modem, for example) you might unintentionally affect the network settings of other ISP customers, and your ISP might terminate your service to prevent you from disrupting its network.

10

Chapter 1 Getting Started

 

 

3If you select “Share your Internet connection with AirPort-equipped computers,” click AirPort Options to give your network a name and password.

Chapter 1 Getting Started

11

 

 

Network Basics

2

 

 

 

This chapter contains information about your computer’s network settings, what they do, and how to adjust them in Mac OS X. It also describes the software used for IP and AirPort networking.

To take advantage of all the power and flexibility of AirPort, you may need to change the network settings on your computer or your base station.

If you make frequent changes to your network settings, it helps to be aware of what the settings do and what they mean. Understanding these network basics makes configuring and adjusting your computer and AirPort network settings simple and easy.

Configuring your computer involves two steps:

Selecting a network (Ethernet or AirPort)

Configuring Internet Protocol (IP)

Step 1: Select Your Network

To join an Ethernet network, connect an Ethernet cable to the Ethernet port on your computer and to an open port on your Ethernet network.

To create or join an AirPort network, use the AirPort status menu in the menu bar to turn on AirPort and choose an available AirPort network.

Once you are connected, both types of networks work the same way.

Step 2: Configure IP on Your Computer

Configuring IP consists of two steps:

Selecting a networking interface

Selecting a configuration method

13

To configure IP:

1Open the Network pane of System Preferences, and then choose Built-in Ethernet from the Show pop-up menu if you are connecting to an Ethernet network, or AirPort if you are connecting to an AirPort network.

2Click TCP/IP, and then choose the configuration method from the Configure IPv4 pop-up menu.

The three most frequently used methods are PPP, DHCP, and Manually.

PPP is used for dial-up modem connections to your ISP and the Internet.

DHCP is used frequently on Ethernet networks and by DSL or cable modem providers.

Manual configurations are used on Ethernet networks and sometimes by DSL and cable modem providers. Your network administrator or ISP should provide you with the appropriate configuration information if you configure IPv4 manually.

For example, below is the Network pane of System Preferences, configured to use

AirPort for the network interface and DHCP for the TCP/IP configuration.

If you have trouble connecting to the Internet, check these network and IP configurations on your computer first.

14

Chapter 2 Network Basics

 

 

Software Used for IP Networking in Mac OS X

You’ll frequently use several preferences and applications on your computer for networking. Here’s what each is used for:

Network Preferences

Use the Show pop-up menu to configure how you connect to the network or the Internet, for example via AirPort or Ethernet.

Use the TCP/IP pane of Network preferences to configure your computer for IP networking. The information in this pane must be correct to connect to the Internet.

To configure how you receive an IP address, for example manually or via DHCP, use the Configure IPv4 pop-up menu.

Use the remaining fields to fill in the other information you need in order to connect to the Internet. Contact your ISP or network administrator for the information to type in these fields.

Internet Connect Application

Use the Internet Connect application to specify the phone number, user name, and password for making a dial-up connection to the Internet. If you use a dial-up connection to the Internet, the AirPort Setup Assistant transfers the settings in the Internal Modem portion of the Internet Connect application to the base station.

If you use AirPort to connect to the Internet, choose AirPort from the Configuration pop-up menu.

You also use Internet Connect to authenticate with or set up a network protected by 802.1X.

AppleTalk

AppleTalk is a protocol used in local networks. Use the AppleTalk pane of Network preferences to set up AppleTalk networking.

Location Management

Use the Location pop-up menu in Network preferences to manage sets of TCP/IP, AppleTalk, and Internet Connect configurations. After you create your locations, you can switch all of your network settings by choosing a location from the Location pop-up menu in Network preferences. For more information about network locations, see Mac OS Help, available in the Help menu.

Chapter 2 Network Basics

15

 

 

Software Used for AirPort Networking in Mac OS X

You’ll use different Mac OS X and AirPort applications to create and manage your wireless network. Here’s what each is used for:

Internet Connect Application

Use the Internet Connect application to:

Turn AirPort on or off

Monitor the signal quality of the AirPort wireless connection

Find the Base Station ID (the hardware address of your AirPort Extreme Base Station or AirPort Express)

See the connection status of an AirPort Extreme Base Station that is configured to connect to a dial-up ISP

Select an AirPort network

Create or join a Computer-to-Computer network

Join a closed network

Join or set up an 802.1X protected network

AirPort Status Menu

Use the AirPort status icon in the menu bar to:

Turn AirPort on or off

Monitor the signal quality of the AirPort wireless connection

Select an AirPort network

Open the Internet Connect application

Create or join a Computer-to-Computer network

AirPort Setup Assistant

Use the AirPort Setup Assistant to:

Set up an AirPort Extreme Base Station or AirPort Express

Extend the range of your AirPort Extreme or AirPort Express network

Set up an AirPort Express to join an existing AirPort network

Set up AirPort Express to play iTunes music on your stereo using AirTunes

AirPort Admin Utility

Use AirPort Admin Utility to set optional advanced settings and to:

Download the base station configuration to your computer

Modify the configuration on your base station

Set advanced security options for the AirPort network

Upload a modified configuration to the base station

Upgrade the base station software

16

Chapter 2 Network Basics

 

 

AirPort Security

3

 

 

 

This chapter provides an overview of the security features available in AirPort for Mac OS X.

Apple has designed the AirPort Extreme Base Station and AirPort Express to provide multiple levels of security, so you can enjoy peace of mind when you access the Internet, manage online financial transactions, or send and receive email. The AirPort Extreme Base Station also includes a slot for inserting a Kensington lock to deter theft.

For information and instructions for setting up these security features, see “Setting Up the AirPort Network” on page 23.

Security for AirPort Networks at Home

Apple gives you ways to protect your wireless AirPort network as well as the data that travels over it.

Firewall

You can separate your wireless network from the outside world with firewall protection. The AirPort Extreme Base Station and AirPort Express have a built-in firewall that creates a barrier between your network and the Internet, protecting data from Internetbased IP attacks. The firewall is automatically turned on when you set up the base station to share a single Internet connection. For computers with a cable or DSL modem, AirPort can actually be safer than a wired connection.

Closed Network

Creating a closed network keeps the network name and the very existence of your network private. The network will not show up in a scan of available networks, so prospective users of your network must know the network name and password to access it. Use AirPort Admin Utility, located in Applications/Utilities, to create a closed network.

17

Password Protection and Encryption

AirPort uses password protection and encryption to deliver a level of security comparable to traditional wired networks. Users can be required to enter a password to log in to the AirPort network. When transmitting data and passwords, the base station uses up to 128-bit encryption, through either Wi-Fi Protected Access(WPA) or Wireless Equivalent Privacy (WEP), to scramble data and help keep it safe.

Note: WPA security features are available only to AirPort Extreme Base Stations; AirPort Express; AirPort and AirPort Extreme clients using Mac OS X 10.3 or later and AirPort 3.3 or later, and to non-Apple clients using other 802.11 wireless adapters that support WPA.

If you’re using AirPort in conjunction with an America Online account, you can use AOL parental controls to further restrict access. The settings you configure are used for all clients connected to that base station.

iTunes Speaker Password

If you are using AirPort Express to play iTunes music on your stereo or powered speakers using AirTunes, you can password-protect the speaker name that is displayed in the speakers pop-up menu in iTunes. Anyone trying to play music from iTunes to the stereo or speaker will need to enter the password.

Security for AirPort Networks in Business and Education

Businesses, schools, colleges, and universities want to restrict network communications to authorized users and keep data safe from prying eyes, so AirPort Extreme hardware and software provide a robust suite of security mechanisms. Use AirPort Admin Utility to set up these advanced security features.

Transmitter Power Control

Because radio waves travel in all directions, they can extend outside the confines of a specific building. The Transmitter Power setting in AirPort Admin Utility lets you adjust the transmission range of your base station’s network. Only users within the network vicinity have access to the network.

MAC Filtering

Every AirPort and wireless card has a unique MAC address. For AirPort and AirPort Extreme Cards, the MAC address is sometimes referred to as the AirPort ID. Support for MAC (Media Access Control) filtering lets administrators set up a list of MAC addresses and restrict access to the network to only those users whose MAC addresses are in the access control list.

18

Chapter 3 AirPort Security

 

 

RADIUS Support

The Remote Authentication Dial-In User Service (RADIUS) makes securing a large network easy. RADIUS is an access control protocol that allows a system administrator to create a central list of the computers that can access the network. Placing this list on a centralized server allows many base stations to access the list and makes it easy to update. If the MAC address of a user’s computer (which is unique to each 802.11 wireless card) is not on your approved MAC address list, the user cannot join your network.

LEAP Support

The Lightweight Extensible Authentication Protocol (LEAP) is a security protocol used by Cisco access points to dynamically assign a different WEP key to each user. AirPort Extreme is compatible with Cisco’s LEAP security protocol, enabling AirPort users to join Cisco-hosted wireless networks using LEAP.

Wi-Fi Protected Access (WPA)

There has been increasing concern about the vulnerabilities of WEP. In response, the Wi-Fi Alliance, in conjunction with the IEEE, has developed a strongly enhanced, interoperable security standard called Wi-Fi Protected Access (WPA).

WPA is a specification that brings together standards-based, interoperable security mechanisms that strongly increase the level of data protection and access control for wireless LANs. WPA provides wireless LAN users with a high level of assurance that their data remains protected and that only authorized network users can access the network. A wireless network that uses WPA requires that all computers that access the wireless network have WPA support. It provides a high level of data protection and (when used in Enterprise mode) requires user authentication.

The main standards-based technologies that comprise WPA include Temporal Key Integrity Protocol (TKIP), 802.1X, Message Integrity Check (MIC), and Extensible Authentication Protocol (EAP).

TKIP provides enhanced data encryption by addressing the WEP encryption vulnerabilities, including the frequency with which keys are used to encrypt the wireless connection. 802.1X and EAP provide the ability to authenticate a user on the wireless network.

802.1X is a port-based network access control method for wired as well as wireless networks. The IEEE adopted 802.1X as a standard in August 2001.

Chapter 3 AirPort Security

19

 

 

The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, altering them, and resending them. The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC. If they do not match, the data is assumed to have been tampered with and the packet is dropped. If multiple MIC failures occur, the network may initiate counter-measures.

The EAP protocol known as TLS (Transport Layer Security) presents a user’s credentials in the form of digital certificates. A user’s digital certificates can comprise user names and passwords, smart cards, secure IDs, or any other identity credentials that the IT administrator is comfortable using. WPA uses a wide variety of standards-based EAP implementations, including EAP-Transport Layer Security (EAP-TLS), EAP-Tunnel Transport Layer Security (EAP-TTLS), and Protected Extensible Authentication Protocol (PEAP).

WPA has two modes: Enterprise mode, which uses a RADIUS server for user authentication, and Personal mode, which relies on the capabilities of TKIP without requiring a RADIUS server.

Note: WPA security features are available only to AirPort Extreme Base Stations; AirPort Express; AirPort and AirPort Extreme clients using Mac OS X 10.3 or later and AirPort 3.3 or later, and clients using other 802.11 wireless adapters that support WPA.

WPA Enterprise

WPA is a subset of the draft IEEE 802.11i standard and effectively addresses the Wireless Local Area Network (WLAN) security requirements for the enterprise. It provides a strong encryption and authentication solution prior to the ratification of the 802.11i standard. In an enterprise with IT resources, WPA should be used in conjunction with an authentication server such as RADIUS to provide centralized access control and management. With this implementation in place, the need for add-on solutions such as Virtual Private Networks (VPN) may be eliminated, at least for securing wireless connections in a network.

WPA Personal

For home or Small Office/Home Office (SO/HO) networks, WPA runs in Personal mode, taking into account that the typical household or small office does not have an authentication server. Instead of authenticating with a RADIUS server, users manually enter a password to log in to the wireless network. When the user enters the password correctly, the base station starts the encryption process using TKIP. TKIP takes the original password and derives its encryption keys mathematically from the network password. TKIP then regularly changes and rotates the encryption key so that the same encryption key is never used twice. This all happens behind the scenes. Other than entering the network password, the user isn’t required to do anything to make WPA Personal work in the home.

20

Chapter 3 AirPort Security

 

 

AirPort Network Designs

4

 

 

 

This chapter provides overview information and instructions for the types of AirPort networks you can set up.

Use this chapter to design and set up your AirPort Extreme network. If you are using AirPort Express, use the information in Chapter 5,“Using AirPort Express,” to set up your AirPort Express network.

Configuring your AirPort Extreme Base Station or AirPort Express to implement a network design involves three steps:

Step 1: Setting Up the AirPort Network

Computers communicate with the AirPort Extreme Base Station or AirPort Express over the AirPort wireless network. When you set up the AirPort network created by the base station, you can name the wireless network, assign a password needed to join the wireless network, and other options.

Step 2: Configuring and Sharing Internet Access

When computers access the Internet via the AirPort network, the base station connects to the Internet and transmits information to the computers over the AirPort network. You provide the base station with settings appropriate for your ISP and configure how the base station shares this connection with other computers.

Step 3: Setting Advanced Options

These settings are optional for most users. They include using the base station as a bridge between your AirPort network and an Ethernet network, setting advanced security options, setting up a Wireless Distribution System (WDS) to extend the AirPort network to other base stations, and fine-tuning other AirPort settings.

For specific instructions on all these steps, refer to the sections later in this chapter.

You can do most of your setup and configuration tasks with the AirPort Setup Assistant. To set advanced options, you need to use AirPort Admin Utility.

21

Apple DESIGNING AIRPORT NETWORKS User Manual

Using the AirPort Setup Assistant

To set up and configure your computer or base station to use AirPort for wireless networking and Internet access, you can use the AirPort Setup Assistant.

Note: The AirPort Setup Assistant is not compatible with AirPort Express. If you are setting up AirPort Express, see Chapter 5,“Using AirPort Express,” on page 65.

1 Open the AirPort Setup Assistant, located in Applications/Utilities.

2Follow the onscreen instructions and enter the settings from your ISP or network administrator. for the type of network you want to set up.

Using AirPort Admin Utility

To modify the base station configuration, open the configuration with

AirPort Admin Utility.

To open your base station’s configuration:

1 Open AirPort Admin Utility, located in Applications/Utilities.

2 Select your base station and click Configure.

3Enter the base station password if necessary. The default base station password is public.

If you don’t see your base station in the Select Base Station window:

1Open the AirPort status menu and make sure that you have joined the AirPort network created by your base station.

2 Make sure your network and TCP/IP settings are configured properly.

22

Chapter 4 AirPort Network Designs

 

 

Choose AirPort from the Show pop-up menu in the Network pane of System Preferences. Then choose Using DHCP from the Configure IPv4 pop-up menu in the TCP/IP pane.

If you can’t open the base station’s configuration:

1Make sure your network and TCP/IP settings are configured properly.

Choose AirPort from the Show pop-up menu in the Network pane of System Preferences. Choose Using DHCP from the Configure IPv4 pop-up menu in the TCP/IP pane.

2Make sure you entered the AirPort Extreme Base Station or AirPort Express password correctly. The default password is public. If you have forgotten the base station password, you can reset it to public by resetting the base station.

To temporarily reset the base station password to public, press and hold the reset button for one second. To reset the base station back to its default settings, hold the reset button for five full seconds.

If you are on an Ethernet network that has other base stations, or you are using Ethernet to connect to the base station:

AirPort Admin Utility scans the Ethernet network to create the list of base stations in the Select Base Station window. As a result, when you open AirPort Admin Utility, you may see base stations that you cannot configure.

Setting Up the AirPort Network

The first step in configuring your base station is setting up the AirPort network it will create. You can set up most AirPort networks using the AirPort Setup Assistant. Open the setup assistant, located in Applications/Utilities. Follow the onscreen instructions and enter the information from your ISP or network administrator.

To configure a network manually or set advanced options, open your base station’s configuration in AirPort Admin Utility, located in Applications/Utilities.

1Choose the network of the base station you want to configure from the AirPort status menu.

2Open AirPort Admin Utility and select the base station from the list. If you don’t see the base station you want to configure, click Rescan to scan for available base stations, then select the base station.

Chapter 4 AirPort Network Designs

23

 

 

3If you are prompted for a password, enter it, then click Configure. Enter information in the AirPort pane.

Naming the Base Station

Give the base station an easily identifiable name. This makes it easy for administrators to locate a specific base station on an Ethernet network with multiple base stations. The optional Contact and Location fields may also be helpful if you have more than one base station on your network.

Changing the Base Station Password

The base station password protects the base station configuration so that only the administrator can modify it. The default password is public. It is a good idea to change the base station password to prevent unauthorized changes to the base station.

If the base station password is not changed from public, you will not be prompted for a password when you select it from the Select Base Station list and click Configure.

Naming the AirPort Network

Give your AirPort network a name. This name appears in the AirPort status menu on the AirPort-equipped computers that are in range of your AirPort network.

24

Chapter 4 AirPort Network Designs

 

 

Password-Protecting Your Network

To password-protect your network, you can choose from a number of wireless security options. In the AirPort pane of AirPort Admin Utility, click Change Wireless Security and choose one of the following options:

Not Enabled Choosing this option turns off all password protection for the network. Any computer with a wireless adapter or card can join the network, unless the

network is set up to use access control. See “Setting Up Access Control” on page 58.

128 bit or 40 bit WEP Choose either of these options to protect your network with a Wireless Equivalent Protection password. Your AirPort Extreme Base Station and AirPort Express support 40-bit and 128-bit encryption. Choose standard 40-bit encryption for maximum compatibility, or choose 128-bit encryption, which provides more WEP security.

If you choose 128-bit encryption, only computers with 128-bit encryption-capable wireless networking cards will be able to join your network. If you choose 40-bit encryption, computers with 40-bit and 128-bit encryption-capable wireless networking cards will be able to join your wireless network, but they will join with only 40-bit encryption.

WPA Personal Choose this option and enter a password for the wireless network. When a wireless client enters the password correctly, the base station starts the encryption process using TKIP.

The password you choose can be between 8 and 63 ASCII characters, or if you choose to enter a Pre-Shared Key, it must be exactly 64 hexadecimal characters.

WPA Enterprise Choose this option if you are setting up a network that includes a RADIUS server with individual user accounts. Enter the IP address and port number for the RADIUS server, and enter a “shared secret,” which is the password for the server.

Note: WPA security features are available only to AirPort Extreme Base Stations; AirPort Express; AirPort and AirPort Extreme clients using Mac OS X 10.3 or later and AirPort 3.3 or later, and clients using other 802.11 wireless adapters that support WPA.

For more information and instructions for setting up WPA on your network, see “Using Wi-Fi Protected Access (WPA)” on page 56.

Chapter 4 AirPort Network Designs

25

 

 

Loading...
+ 57 hidden pages