Apple DESIGNING AIRPORT NETWORKS 10.5, AIRPORT NETWORKS 10.5 User Manual

0 (0)

Designing

AirPort Networks

Using AirPort Utility

Mac OS X v10.5 + Windows

1 Contents

Chapter 1

3

Getting Started

 

5

Configuring an Apple Wireless Device for Internet Access Using AirPort Utility

 

6

Extending the Range of Your AirPort Network

 

6

Sharing a USB Hard Disk Connected to an AirPort Extreme Base Station or Time Capsule

 

6

Printing with an Apple Wireless Device

 

6

Sharing Your Computer’s Internet Connection

Chapter 2

9

AirPort Security

 

9

Security for AirPort Networks at Home

 

10

Security for AirPort Networks in Businesses and Classrooms

 

11

Wi-Fi Protected Access (WPA) and WPA2

Chapter 3

14

AirPort Network Designs

 

15

Using AirPort Utility

 

17

Setting Up the AirPort Extreme Network

 

24

Configuring and Sharing Internet Access

 

40

Setting Advanced Options

 

42

Setting Up a Wireless Distribution System (WDS)

 

46

Extending the Range of an 802.11n Network

 

48

Setting up a Dual-Band (2.4 GHz and 5 GHz) Network

 

49

Keeping Your Network Secure

 

54

Directing Network Traffic to a Specific Computer on Your Network (Port Mapping)

 

56

Logging

 

57

Setting up IPv6

 

58

Sharing and Securing USB Hard Disks on Your Network

 

60

Using a Time Capsule in Your Network

 

60

Connecting a USB Printer to an Apple Wireless Device

 

61

Adding a Wireless Client to Your 802.11n Network

 

62

Solving Problems

Chapter 4

64

Behind the Scenes

 

64

Basic Networking

 

67

Items That Can Cause Interference with AirPort

Glossary

69

 

2

Getting Started

1

 

 

 

AirPort offers the easiest way to provide wireless Internet access and networking anywhere in the home, classroom, or office.

AirPort is based on the latest Institute of Electrical and Electronics Engineers (IEEE) 802.11n draft specification and provides fast and reliable wireless networking in the home, classroom, or small office. You can enjoy data transfer rates of up to five times faster than data rates provided by the 802.11g standard and more than twice the network range.

The AirPort Extreme Base Station and Time Capsule are dual-band, so they can work in either the 2.4 gigahertz (GHz) or 5 GHz spectrum. And they are 100 percent backwardcompatible, so Mac computers and PCs that use 802.11a, 802.11b, 802.11g, or IEEE draft specification 802.11n wireless cards can connect to an AirPort wireless network. They also work flawlessly with the AirPort Express for wireless music streaming and more. The AirPort Extreme Base Station and Time Capsule have three additional 10/100/ 1000Base-T Gigabit Ethernet ports, so you don't need to include another router in your network.

To set up an AirPort Extreme Base Station, an AirPort Express, or a Time Capsule, you use AirPort Utility, the easy-to-use setup and management application. AirPort Utility has a simple user experience, with all software controls accessible from the same application. It provides better management of several Apple wireless devices, with client-monitoring features and logging. AirPort Utility enables guest accounts that expire, for temporary access to your network; you no longer need to give your network password to weekend visitors in your home or office. You can even set up accounts with time constraints for the best in parental controls. This version of AirPort Utility supports IPv6 and Bonjour, so you can “advertise” network services such as printing and sharing a hard disk over the WAN port.

Note: When the features discussed in this document apply to the AirPort Extreme Base Station, AirPort Express, and Time Capsule, the devices are referred to collectively as Apple wireless devices.

3

With an AirPort Extreme Base Station or a Time Capsule, you can connect a USB hard disk so that everyone on the network can back up, store, and share files. Every Time Capsule includes an internal AirPort disk, so you don’t need to connect an external one. If you want, you can connect additional USB disks to the USB port on your Time Capsule. You can also connect a USB printer to the USB port on any Apple wireless device, so that everyone on the network can access the printer or hub.

All Apple wireless devices provide strong, wireless security. They offer a built-in firewall and support industry-standard encryption technologies. Yet the simple setup utility and powerful access controls make it easy for authorized users to connect to the AirPort network they create.

You can use an Apple wireless device to provide wireless Internet access and share a single Internet connection among several computers in the following ways:

ÂSet up the device to act as a router and provide Internet Protocol (IP) addresses to computers on the network using Dynamic Host Configuration Protocol (DHCP) and Network Address Translation (NAT). When the wireless device is connected to a DSL or cable modem that is connected to the Internet, it receives webpages and email content from the Internet through its Internet connection, and then sends the content to wireless-enabled computers, using the wireless network or using Ethernet if there are computers connected to the Ethernet ports.

ÂSet up the Apple wireless device to act as a bridge on an existing network that already has Internet access and a router providing IP addresses. The device passes IP addresses and the Internet connection to AirPort or wireless-enabled computers, or computers connected to the wireless device by Ethernet.

This document provides information about the AirPort Extreme Base Station, AirPort Express, and Time Capsule, and detailed information about designing 802.11n networks with AirPort Utility for computers using Mac OS X v10.5 or later, and Windows Vista or Windows XP with Service Pack 2. You can set up an Apple wireless device and connect to the Internet without wires in minutes. But because Apple wireless devices are flexible and powerful networking products, you can also create an AirPort network that does much more. If you want to design an AirPort network that provides Internet access to non-AirPort computers via Ethernet, or take advantage of some of your wireless device’s more advanced features, use this document to design and implement your network. You can find more general wireless networking information and an overview of AirPort technology in the earlier AirPort documents, located at apple.com/ support/manuals/airport.

Note: The images of AirPort Utility in this document are from Mac OS X v10.5. If you are using a Windows computer, the images you see in this document may be slightly different from what you see on your screen.

4

Chapter 1 Getting Started

 

 

Configuring an Apple Wireless Device for Internet Access Using AirPort Utility

Like your computer, Apple wireless devices must be set up with the appropriate hardware and IP networking information to connect to the Internet. Install AirPort Utility, which came on the CD with your wireless device, and use it to provide Internet configuration information and other network settings.

This version of AirPort Utility combines the ease of use of AirPort Setup Assistant and the power of AirPort Admin Utility. It is installed in the Utilities folder in the Applications folder on a Macintosh computer using Mac OS X, and in Start > All Programs > AirPort on computers using Windows. AirPort Utility walks you through the setup process by asking a series of questions to determine how the device’s Internet connection and other interfaces should be set up. Enter the settings you received from your ISP or network administrator for Ethernet, PPP over Ethernet (PPPoE), or your local area network (LAN); give your AirPort network a name and password; set up a device as a wireless bridge to extend the range of your existing AirPort network; and set other options.

When you have finished entering the settings, AirPort Utility transfers the settings to your wireless device. Then it connects to the Internet and shares its Internet connection with computers that join its AirPort network.

You can also create an AirPort network that takes advantage of the more advanced networking features of Apple wireless devices. To set more advanced AirPort options, use AirPort Utility to manually set up your wireless device’s configuration, or make quick adjustments to one you have already set up. Some of the AirPort advanced networking features can be configured only using the manual setup features in AirPort Utility.

Set up your Apple wireless device manually using AirPort Utility when:

ÂYou want to provide Internet access to computers that connect to the wireless device using Ethernet

ÂYou have already set up your device, but you need to change one setting, such as your account credentials

ÂYou need to configure advanced settings such as channel frequency, advanced security options, closed networks, DHCP lease time, access control, WAN privacy, power controls, or port mapping or other options

For instructions on using AirPort Utility to manually set up your wireless device and network, see “Using AirPort Utility” on page 15.

Chapter 1 Getting Started

5

 

 

Extending the Range of Your AirPort Network

You can extend the range of your network by using AirPort Utility to set up wireless connections between several devices in your network, known as a Wireless Distribution System (WDS), or to connect a device using Ethernet to create a roaming network. For more information on setting up a WDS or a roaming network, see “Connecting Additional Wireless Devices to Your AirPort Network” on page 40.

Sharing a USB Hard Disk Connected to an AirPort Extreme Base Station or Time Capsule

If you’re using the newest AirPort Extreme Base Station or a Time Capsule, you can connect a USB hard disk to it, and computers connected to the network—wired or wireless, Mac or Windows—can share files using the hard disk. Every Time Capsule includes an internal AirPort disk, so you don’t need to connect an external one. If you want, you can connect additional USB disks to the USB port on your Time Capsule. See “Sharing and Securing USB Hard Disks on Your Network” on page 58.

Printing with an Apple Wireless Device

If you have a compatible USB printer connected to your Apple wireless device, computers on the AirPort network can use Bonjour (Apple’s zero-configuration networking technology) to print to the printer. For instructions about printing to a USB printer from a computer, see “Connecting a USB Printer to an Apple Wireless Device” on page 60.

Sharing Your Computer’s Internet Connection

If your computer is connected to the Internet, you can share your Internet connection with other computers using Mac OS X version 10.2 or later, or Windows XP with Service Pack 2. This is sometimes called using your computer as a software base station.

You can share your Internet connection as long as your computer is connected to the Internet. If your computer goes to sleep or is restarted, or if you lose your Internet connection, you need to restart Internet sharing.

6

Chapter 1 Getting Started

 

 

To start Internet sharing on a computer using Mac OS X v10.5: 1 Open System Preferences and click Sharing.

2Choose the port you want to use to share your Internet connection from the “Share your connection using” pop-up menu.

3Select the port you want to use to share your Internet connection in the “To computers using” list. You can choose to share your Internet connection with AirPort-enabled computers or computers with built-in Ethernet, for example.

4 Select Internet Sharing in the Services list.

5If you want to share your Internet connection with computers using AirPort, click AirPort Options to give your network a name and password.

Chapter 1 Getting Started

7

 

 

To start Internet sharing on a computer using Windows:

1 Open Control Panel from the Start menu, and then click “Network and Internet.”

2 Click “Network and Sharing Center.”

3 Click “Manage network connections” in the Tasks list.

4 Right-click the network connection you want to share, and then select Properties.

5Click Sharing and then select “Allow other network users to connect through this computer’s Internet connection.”

Note: If your Internet connection and your local network use the same port (built-in Ethernet, for example), contact your ISP before you turn on Internet sharing. In some cases (if you use a cable modem, for example) you might unintentionally affect the network settings of other ISP customers, and your ISP might terminate your service to prevent you from disrupting its network.

The following chapters explain AirPort security options, AirPort network design and setup, and other advanced options.

8

Chapter 1 Getting Started

 

 

AirPort Security

2

 

 

 

This chapter provides an overview of the security features available in AirPort.

Apple has designed its wireless devices to provide several levels of security, so you can enjoy peace of mind when you access the Internet, manage online financial transactions, or send and receive email. The AirPort Extreme Base Station and Time Capsule also include a slot for inserting a lock to deter theft.

For information and instructions for setting up these security features, see “Setting Up the AirPort Extreme Network” on page 17.

Security for AirPort Networks at Home

Apple gives you ways to protect your wireless AirPort network as well as the data that travels over it.

NAT Firewall

You can isolate your wireless network with firewall protection. Apple wireless devices have a built-in Network Address Translation (NAT) firewall that creates a barrier between your network and the Internet, protecting data from Internet-based IP attacks. The firewall is automatically turned on when you set up the device to share a single Internet connection. For computers with a cable or DSL modem, AirPort can actually be safer than a wired connection.

Closed Network

Creating a closed network keeps the network name and the very existence of your network private. Prospective users of your network must know the network name and password to access it. Use AirPort Utility, located in the Utilities folder in the Applications folder on a Macintosh computer using Mac OS X, or in Start > All Programs > AirPort on a computer using Windows, to create a closed network.

9

Password Protection and Encryption

AirPort uses password protection and encryption to deliver a level of security comparable to that of traditional wired networks. Users can be required to enter a password to log in to the AirPort network. When transmitting data and passwords,

the wireless device uses up to 128-bit encryption, through either Wi-Fi Protected Access (WPA), WPA2, or Wired Equivalent Privacy (WEP), to scramble data and help keep

it safe. If you are setting up an 802.11n-based AirPort device, you can also use WEP (Transitional Security Network) if both WEP-compatible and WPA/WPA2-compatible computers will join your network.

Note: WPA security is available only to AirPort Extreme wireless devices; AirPort and AirPort Extreme clients using Mac OS X 10.3 or later and AirPort 3.3 or later; and to non-Apple clients using other 802.11 wireless adapters that support WPA. WPA2 security requires firmware version 5.6 or later for an AirPort Extreme Base Station, firmware version 6.2 or later an AirPort Express, firmware version 7.3 or later for a Time Capsule, and a Macintosh computer with an AirPort Extreme wireless card using AirPort 4.2 or later. If your computer uses Windows XP or Windows Vista, check the documentation that came with your computer to see if your computer supports WPA2.

Security for AirPort Networks in Businesses and Classrooms

Businesses and schools need to restrict network communications to authorized users and keep data safe from prying eyes. To meet this need, Apple wireless devices and software provide a robust suite of security mechanisms. Use AirPort Utility to set up these advanced security features.

Transmitter Power Control

Because radio waves travel in all directions, they can extend outside the confines of a specific building. The Transmit Power setting in AirPort Utility lets you adjust the transmission range of your device’s network. Only users within the network vicinity have access to the network.

MAC Address Access Control

Every AirPort and wireless card has a unique Media Access Control (MAC) address. For AirPort and AirPort Extreme Cards, the MAC address is sometimes referred to as the AirPort ID. Support for MAC address access control lets administrators set up a list of MAC addresses and restrict access to the network to only those users whose MAC addresses are in the access control list.

10

Chapter 2 AirPort Security

 

 

RADIUS Support

The Remote Authentication Dial-In User Service (RADIUS) makes securing a large network easy. RADIUS is an access control protocol that allows a system administrator to create a central list of the user names and passwords of computers that can access the network. Placing this list on a centralized server allows many wireless devices to access the list and makes it easy to update. If the MAC address of a user’s computer (which is unique to each 802.11 wireless card) is not on your approved MAC address list, the user cannot join your network.

Wi-Fi Protected Access (WPA) and WPA2

There has been increasing concern about the vulnerabilities of WEP. In response, the Wi-Fi Alliance, in conjunction with the IEEE, has developed enhanced, interoperable security standards called Wi-Fi Protected Access (WPA) and WPA2.

WPA and WPA2 use specifications that bring together standards-based, interoperable security mechanisms that significantly increase the level of data protection and access control for wireless LANs. WPA and WPA2 provide wireless LAN users with a high-level assurance that their data remains protected and that only authorized network users can access the network. A wireless network that uses WPA or WPA2 requires all computers that access the wireless network to have WPA or WPA2 support. WPA provides a high level of data protection and (when used in Enterprise mode) requires user authentication.

The main standards-based technologies that constitute WPA include Temporal Key Integrity Protocol (TKIP), 802.1X, Message Integrity Check (MIC), and Extensible Authentication Protocol (EAP).

TKIP provides enhanced data encryption by addressing the WEP encryption vulnerabilities, including the frequency with which keys are used to encrypt the wireless connection. 802.1X and EAP provide the ability to authenticate a user on the wireless network.

802.1X is a port-based network access control method for wired as well as wireless networks. The IEEE adopted 802.1X as a standard in August 2001.

The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, altering them, and resending them. The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC. If they do not match, the data is assumed to have been tampered with and the packet is dropped. If multiple MIC failures occur, the network may initiate countermeasures.

Chapter 2 AirPort Security

11

 

 

The EAP protocol known as TLS (Transport Layer Security) presents a user’s credentials in the form of digital certificates. A user’s digital certificates can comprise user names and passwords, smart cards, secure IDs, or any other identity credentials that the IT administrator is comfortable using. WPA uses a wide variety of standards-based EAP implementations, including EAP-Transport Layer Security (EAP-TLS), EAP-Tunnel Transport Layer Security (EAP-TTLS), and Protected Extensible Authentication Protocol (PEAP). AirPort Extreme also supports the Lightweight Extensible Authentication Protocol (LEAP), a security protocol used by Cisco access points to dynamically assign a different WEP key to each user. AirPort Extreme is compatible with Cisco’s LEAP security protocol, enabling AirPort users to join Cisco-hosted wireless networks using LEAP.

In addition to TKIP, WPA2 supports the AES-CCMP encryption protocol. Based on the very secure AES national standard cipher, combined with sophisticated cryptographic techniques, AES-CCMP was specifically designed for wireless networks. Migrating from WEP to WPA2 requires new firmware for the AirPort Extreme Base Station (version 5.6 or later), and for AirPort Express (version 6.2 or later). Devices using WPA2 mode are not backward compatible with WEP.

WPA and WPA2 have two modes:

ÂPersonal mode, which relies on the capabilities of TKIP or AES-CCMP without requiring an authentication server

ÂEnterprise mode, which uses a separate server, such as a RADIUS server, for user authentication

WPA and WPA2 Personal

ÂFor home or Small Office/Home Office (SOHO) networks, WPA and WPA2 runs in Personal mode, taking into account that the typical household or small office does not have an authentication server. Instead of authenticating with a RADIUS server, users manually enter a password to log in to the wireless network. When a user enters the password correctly, the wireless device starts the encryption process using TKIP or AES-CCMP. TKIP or AES-CCMP take the original password and derive encryption keys mathematically from the network password. The encryption key is regularly changed and rotated so that the same encryption key is never used twice. Other than entering the network password, the user isn’t required to do anything to make WPA or WPA2 Personal work in the home.

12

Chapter 2 AirPort Security

 

 

WPA and WPA2 Enterprise

WPA is a subset of the draft IEEE 802.11i standard and effectively addresses the wireless local area network (WLAN) security requirements for the enterprise. WPA2 is a full implementation of the ratified IEEE 802.11i standard. In an enterprise with IT resources, WPA should be used in conjunction with an authentication server such as RADIUS to provide centralized access control and management. With this implementation in place, the need for add-on solutions such as virtual private networks (VPNs) may be eliminated, at least for securing wireless connections in a network.

For more information about setting up a WPA or WPA2 protected network, see “Using Wi-Fi Protected Access” on page 50.

Chapter 2 AirPort Security

13

 

 

AirPort Network Designs

3

 

 

 

This chapter provides overview information and instructions for the types of AirPort Extreme networks you can set up, and some of the advanced options of AirPort Extreme.

Use this chapter to design and set up your AirPort Extreme network.

Configuring your Apple wireless device to implement a network design requires three steps:

Step 1: Setting Up the AirPort Extreme Network

Computers communicate with the wireless device over the AirPort wireless network. When you set up the AirPort network created by the wireless device, you can name the wireless network, assign a password that will be needed to join the wireless network, and set other options.

Step 2: Configuring and Sharing Internet Access

When computers access the Internet through the AirPort Extreme network, the wireless device connects to the Internet and transmits information to the computers over the AirPort Extreme network. You provide the wireless device with settings appropriate for your ISP and configure how the device shares this connection with other computers.

Step 3: Setting Advanced Options

These settings are optional for most users. They include using the Apple wireless device as a bridge between your AirPort Extreme network and an Ethernet network, setting advanced security options, setting up a Wireless Distribution System (WDS) to extend the AirPort network to other wireless devices, and fine-tuning other settings.

For specific instructions on all these steps, refer to the sections later in this chapter.

You can do most of your setup and configuration tasks using AirPort Utility, and following the onscreen instructions to enter your ISP and network information. To set advanced options, you need to use AirPort Utility to manually set up your Apple wireless device and AirPort network.

14

Using AirPort Utility

To set up and configure your computer or Apple wireless device to use AirPort Extreme for basic wireless networking and Internet access, use AirPort Utility and answer a series of questions about your Internet settings and how you would like to set up your network.

1Open AirPort Utility, located in the Utilities folder in the Applications folder on a Mac, or in Start > All Programs > AirPort on a Windows computer.

2Select your device in the list on the left if there is more than one device in your network. Click Continue, and then follow the onscreen instructions to enter the settings from your ISP or network administrator for the type of network you want to set up. See the network diagrams later in this chapter for the types of networks you can set up using AirPort Utility.

To set up a more complicated network, or to make adjustments to a network you have already set up, use the manual setup features in AirPort Utility.

Setting AirPort preferences

Use AirPort preferences to set up your wireless device to alert you when there are updates available for your device. You can also set it up to notify you if there are problems detected, and to provide instructions to help solve the problems.

To set AirPort preferences:

1Open AirPort Utility, located in the Utilities folder inside the Applications folder on a Mac, and in Start > All Programs > AirPort on a Windows computer.

2Choose Preferences from the AirPort Utility menu on a Mac, and from the File menu on a Windows computer.

Chapter 3 AirPort Network Designs

15

 

 

Select from the following checkboxes:

ÂSelect “Check for Updates when opening AirPort Utility” to automatically check the Apple website for software and firmware updates each time you open AirPort Utility.

ÂSelect the “Check for updates” checkbox, and then choose a time interval from the pop-up menu, such as weekly, to check for software and firmware updates in the background. AirPort Utility opens if updates are available.

ÂSelect “Monitor Apple wireless devices for problems” to investigate problems that may cause the device's status light to blink amber. With the checkbox selected, AirPort Utility opens if a problem is detected, and then provides instructions to help resolve the problem. This option monitors all of the wireless devices on the network.

ÂSelect “Only Apple wireless devices that I have configured” to monitor only the devices you have set up using this computer.

Monitoring devices for problems requires an AirPort wireless device that supports firmware version 7.0 or later.

To set up your wireless device manually:

1Open AirPort Utility, located in the Utilities folder in the Applications folder on a Mac, or in Start > All Programs > AirPort on a Windows computer.

2 Select your device in the list.

3 Choose Manual Setup from the Base Station menu and enter the password if necessary. The default device password is public.

If you don’t see your wireless device in the list:

1 Open the AirPort status menu in the menu bar on a Mac and make sure that you have joined the AirPort network created by your wireless device. On a Windows computer, hover the cursor over the wireless network icon in the status tray to make sure the computer is connected to the correct network.

The default network name for an Apple wireless device is AirPort Network XXXXXX, where XXXXXX is replaced with the last six digits of the AirPort ID, (or MAC address). The AirPort ID is printed on the bottom of Apple wireless devices.

2Make sure your computer’s network and TCP/IP settings are configured properly.

On a computer using Mac OS X, choose AirPort from the Show pop-up menu in the Network pane of System Preferences. Then choose Using DHCP from the Configure IPv4 pop-up menu in the TCP/IP pane.

On a computer using Windows, right-click the wireless connection icon that displays the AirPort network, and choose Status. Click Properties, select Internet Protocol (TCP/IP), and then click Properties. Make sure “Obtain an IP address automatically” is selected.

If you can’t open the wireless device settings:

1 Make sure your network and TCP/IP settings are configured properly.

16

Chapter 3 AirPort Network Designs

 

 

On a computer using Mac OS X, select AirPort from the network connection services list in the Network pane of System Preferences. Click Advanced, and then choose Using DHCP from the Configure IPv4 pop-up menu in the TCP/IP pane.

On a computer using Windows, right-click the wireless connection icon that displays the AirPort network, and choose Status. Click Properties, select Internet Protocol (TCP/IP), and then click Properties. Make sure “Obtain an IP address automatically” is selected.

2Make sure you entered the wireless device password correctly. The default password is public. If you have forgotten the device password, you can reset it to public by resetting the device.

To temporarily reset the device password to public, press and hold the reset button for one second. To reset the device back to its default settings, hold the reset button for five full seconds.

If you are on an Ethernet network that has other devices, or you are using Ethernet to connect to the device:

AirPort Utility scans the Ethernet network to create the list of devices. As a result, when you open AirPort Utility, you may see devices that you cannot configure.

Setting Up the AirPort Extreme Network

The first step in configuring your Apple wireless device is setting up the device and the network it will create. You can set up most features using AirPort Utility and following the onscreen instructions to enter the information from your ISP or network administrator.

To configure a network manually or set advanced options, open your wireless device’s configuration in AirPort Utility and manually set up your device and network.

1Choose the network of the wireless device you want to configure from the AirPort status menu on a computer using Mac OS X, or from the wireless connection icon in the status tray on a computer using Windows.

2Open AirPort Utility and select the wireless device from the list. If you don’t see the device you want to configure, click Rescan to scan for available wireless devices, and then select the one you want from the list.

Chapter 3 AirPort Network Designs

17

 

 

Apple DESIGNING AIRPORT NETWORKS 10.5, AIRPORT NETWORKS 10.5 User Manual

3Choose Manual Setup from the Base Station menu and enter the password if necessary. The default device password is public.

You can also double-click the name of the wireless device to open its configuration in a separate window. When you open the manual setup window, the Summary pane is displayed. The summary pane provides information and status about your wireless device and network.

18

Chapter 3 AirPort Network Designs

 

 

If the wireless device reports a problem, the status icon turns yellow. Click Base Station Status to display the problem and suggestions to resolve it.

Wireless Device Settings

Click the AirPort button, and then click Base Station. Use the Base Station pane of AirPort Utility to enter information about the wireless device.

Give the Wireless Device a Name

Give the device an easily identifiable name. This makes it easy for administrators to locate a specific device on an Ethernet network with several devices.

Change the Wireless Device Password

The device password protects its configuration so that only the administrator can modify it. The default password is public. It is a good idea to change the device password to prevent unauthorized changes to it.

If the password is not changed from public, you will not be prompted for a password when you select it from the list and click Configure.

Other Information

ÂAllow configuration over the WAN port. This allows you to administer the wireless device remotely.

ÂAdvertise the wireless device over the Internet using Bonjour. If you have an account with a dynamic DNS service, you can connect to it over the Internet.

ÂSet the device time automatically. If you have access to a Network Time Protocol server, whether on your network or on the Internet, choose it from the pop-up menu. This ensures your wireless device is set to the correct time.

Chapter 3 AirPort Network Designs

19

 

 

Set Base Station Options

Click Base Station Options and set the following:

ÂEnter a contact name and location for the wireless device. The name and location are included in some logs the device generates. The contact and location fields may be helpful if you have more than one wireless device on your network.

ÂSet status light behavior to either Always On or Flash On Activity. If you choose Flash On Activity, the device status light blinks when there is network traffic.

ÂIf your wireless device supports it, select “Check for firmware updates” and choose an increment, such as Daily from the pop-up menu.

Wireless Network Settings

Click Wireless, and enter the network name, radio mode, and other wireless information.

Setting the Wireless Mode

AirPort Extreme supports three wireless modes:

ÂCreate a wireless network. Choose this option if you are creating a new AirPort Extreme network.

ÂParticipate in a WDS network. Choose this option if you are creating a new WDS network, or connecting this Apple wireless device to a WDS network that

is already set up.

ÂExtend a wireless network. Choose this option if you plan to connect another Apple wireless device to the network you are setting up.

20

Chapter 3 AirPort Network Designs

 

 

Naming the AirPort Extreme Network

Give your AirPort network a name. This name appears in the AirPort status menu on the AirPort-enabled computers that are in range of your AirPort network.

Choosing the Radio Mode

Choose “802.11n (802.11b/g compatible)” from the Radio Mode pop-up menu if computers with 802.11n, 802.11g, or 802.11b wireless cards will join the network. Each client computer will connect to the network and transmit network traffic at the highest possible speed.

Choose “802.11n only (2.4 GHz)” if only computers with 802.11n compatible wireless cards will join the network in the 2.4 GHz frequency range.

Choose “802.11n (802.11a compatible)” if computers with 802.11n and 802.11a wireless cards will join the network in the 5 GHz frequency range. Computers with 802.11g or 802.11b wireless cards will not be able to join this network.

Choose “802.11n only (5 GHz)” if computers with 802.11n wireless cards will join the network. The transmission rate of the network will be at 802.11n speed. Computers with 802.11g, 802.11b, and 802.11a wireless cards will not be able to join this network.

Note: If you don’t want to use an 802.11n radio mode, hold down the Option key and chose a radio mode that doesn’t include 802.11n.

Changing the Channel

The “channel” is the radio frequency over which your wireless device communicates. If you use only one device (for example, at home), you probably won’t need to change the channel frequency. If you set up several wireless devices in a school or office, use different channel frequencies for devices that are within approximately 150 feet of each other.

Adjacent wireless devices should have at least 4 channels between their channel frequencies. So if device A is set to channel 1, device B should be set to channel 6 or 11. For best results, use channels 1, 6, or 11 when operating your device in the 2.4 GHz range.

AirPort-enabled computers automatically tune to the channel frequency your wireless device is using when they join the AirPort network. If you change the channel frequency, AirPort client computers do not need to make any changes.

Note: If you set your wireless device’s radio mode to “802.11n only (5 GHz),” you cannot change the channel. The 5 GHz frequency mode automatically chooses the channel.

Password-protect Your Network

To password-protect your network, you can choose from a number of wireless security options. In the AirPort pane of AirPort Utility, click Wireless and choose one of the following options from the Wireless Security pop-up menu:

Chapter 3 AirPort Network Designs

21

 

 

ÂNone: Choosing this option turns off all password protection for the network. Any computer with a wireless adapter or card can join the network, unless the network is set up to use access control. See “Setting Up Access Control” on page 51.

ÂWEP: If your device supports it, choose this option and enter a password to protect your network with a Wired Equivalent Privacy (WEP) password. Your Apple wireless device supports 40-bit and 128-bit encryption. To use 40-bit WEP, don’t use an 802.11n radio mode.

ÂWEP (Transitional Security Network): If your device supports it, you can use this option to allow computers using WPA or WPA2 to join the network. Computers or devices that use WEP can also join the network. WEP (Transitional Security Network) supports 128-bit encryption. To use this option, the wireless device use an 802.11n radio mode.

ÂWPA/WPA2 Personal: Choose this option to protect your network with Wi-Fi Protected Access. You can use a password between 8 and 63 ASCII characters or a Pre-Shared Key of exactly 64 hexadecimal characters. Computers that support WPA and computers that support WPA2 can join the network. Choose WPA2 Personal if you want only computers that support WPA2 to join your network.

ÂWPA/WPA2 Enterprise: Choose this option if you are setting up a network that includes an authentication server, such as a RADIUS server, with individual user accounts. Enter the IP address and port number for the primary and optional secondary server, and enter a “shared secret,” which is the password for the server. Choose WPA2 Enterprise if you want only computers that support WPA2 to join the network.

For more information and instructions for setting up WPA or WPA2 on your network, see “Using Wi-Fi Protected Access” on page 50.

22

Chapter 3 AirPort Network Designs

 

 

Setting Wireless Options

Click Wireless Options to set additional options for your network.

Setting Additional Wireless Options

Use the Wireless Options pane to set the following:

ÂRegion: Set the region code for the location of your network.

ÂMulticast rate: Choose a multicast rate from the pop-up menu. If you set the multicast rate high, only clients on the network that are within range and can achieve the speed you set will receive transmissions.

ÂTransmit power: Choose a setting from the Transmit Power pop-up menu to set the network range (the lower the percentage, the shorter the network range).

ÂWPA Group Key Timeout: Enter a number in the text field, and choose an increment from the pop-up menu to change the frequency of key rotation.

ÂUse Wide Channels: If you set up your network to use the 5 GHz frequency range, you can use wide channels to provide higher network throughput.

Note: Using wide channels is not permitted in some countries.

ÂCreate a closed network: Selecting a closed network hides the name of the network so that users must enter the exact network name and password to join the AirPort Extreme network.

ÂUse interference robustness: Interference robustness can solve interference problems caused by other devices or networks.

To set more advanced security options, see “Keeping Your Network Secure” on page 49.

Chapter 3 AirPort Network Designs

23

 

 

Configuring and Sharing Internet Access

The next step is setting up your wireless device’s Internet connection and sharing its Internet access with client computers. The following sections tell you what to do, depending on how your device connects to the Internet.

You’re Using a DSL or Cable Modem

In most cases, you can implement this network design using AirPort Utility and following the onscreen instructions to set up your wireless device and network. You need to use AirPort Utility to manually set up your device only if you want to set up or adjust optional advanced settings.

What It Looks Like

to Ethernet port

Time Capsule

< Ethernet WAN port

DSL or cable modem

to Internet

How It Works

ÂThe Apple wireless device (in this example, a Time Capsule) connects to the Internet through its Internet WAN (<) connection to your DSL or cable modem.

ÂComputers using AirPort or computers connected to the wireless device’s Ethernet LAN port (G) connect to the Internet through the device.

ÂThe device is set up to use a single, public IP address to connect to the Internet, and uses DHCP and NAT to share the Internet connection with computers on the network using private IP addresses.

ÂAirPort computers and Ethernet computers communicate with one another through the wireless device.

Important: Connect Ethernet computers that are not connected to the Internet to the device’s LAN port (G) only. Since the device can provide network services, you must set it up carefully to avoid interfering with other services on your Ethernet network.

24

Chapter 3 AirPort Network Designs

 

 

Loading...
+ 53 hidden pages