Netgear WN203v2, WN203 User Guide

ProSAFE Single Band 802.11n Wireless Access Point WN203

Reference Manual

June 2013
202-11223-01

350 East Plumeria Drive
San Jose, CA 95134
USA

ProSAFE Single Band 802.11n Wireless Access Point WN203

Support

Thank you for selecting NETGEAR products.
After installing your device, locate the serial number on the label of your product and use it to register your product

at https://my.netgear.com. You must register your product before you can use NETGEAR telephone support.
NETGEAR recommends registering your product through the NETGEAR website. For product updates and web
support, visit http://support.netgear.com.

Phone (US & Canada only): 1-888-NETGEAR.
Phone (Other Countries): Check the list of phone numbers at

http://support.netgear.com/general/contact/default.aspx.

Trademarks

NETGEAR, the NETGEAR logo, and Connect with Innovation are trademarks and/or registered trademarks of
NETGEAR, Inc. and/or its subsidiaries in the United States and/or other countries. Information is subject to change
without notice. © NETGEAR, Inc. All rights reserved.

Revision History

Publication
Part Number

202-11230-01 June 2013 First publication

Publish Date Comments

2

Contents

Chapter 1 Introduction

Chapter 2 Installation and Basic Configuration

About the ProSAFE Single Band 802.11n Wireless Access Point WN203 .7

What Is in the Box? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7

System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8

Key Features and Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8

Supported Standards and Conventions . . . . . . . . . . . . . . . . . . . . . . . . . .8

Key Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9

802.11b/g/n Standards–Based Wireless Networking. . . . . . . . . . . . . . .10

Autosensing Ethernet Connections with Auto Uplink . . . . . . . . . . . . . . .11

Hardware Description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11

Front Panel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11

Back Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

Bottom Panel with Product Label and Reset to Factory Defaults Button13

What You Need Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

Wireless Equipment Placement and Range Guidelines. . . . . . . . . . . . .15

Ethernet Cabling Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16

LAN Configuration Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16

Hardware Requirements for Computers on Your LAN . . . . . . . . . . . . . .16

Requirements for Entering IP Addresses. . . . . . . . . . . . . . . . . . . . . . . .16

Install and Configure the Wireless Access Point . . . . . . . . . . . . . . . . . . . .16

Connect the Wireless Access Point to a Computer . . . . . . . . . . . . . . . .17

Log In to the Wireless Access Point. . . . . . . . . . . . . . . . . . . . . . . . . . . .18

Configure Basic General System Settings and Time Settings . . . . . . . .20

Configure the IP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Configure the Optional DHCP Server. . . . . . . . . . . . . . . . . . . . . . . . . . .23

Configure the Basic Wireless Settings . . . . . . . . . . . . . . . . . . . . . . . . . .25

Test Basic Wireless Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28

Chapter 3 Wireless Configuration and Security

Before You Configure Wireless Security . . . . . . . . . . . . . . . . . . . . . . . . . .31

Wireless Data Security Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

Security Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33

Security Profile Concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

Write Down Your Wireless Network Settings . . . . . . . . . . . . . . . . . . . . .35

Configure and Enable Security Profiles . . . . . . . . . . . . . . . . . . . . . . . . .36

Configure RADIUS Server Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Restrict Wireless Access by MAC Address . . . . . . . . . . . . . . . . . . . . . . . .46

3

ProSAFE Single Band 802.11n Wireless Access Point WN203

Schedule the Wireless Radios to Be Turned Off . . . . . . . . . . . . . . . . . . . .49

Configure Basic Wireless Quality of Service . . . . . . . . . . . . . . . . . . . . . . .49

Chapter 4 Management

Enable Remote Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

SNMP Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

Secure Shell and Telnet Management. . . . . . . . . . . . . . . . . . . . . . . . . .53

Upgrade the Wireless Access Point Software . . . . . . . . . . . . . . . . . . . . . .54

Web Browser Upgrade Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55

TFTP Server Upgrade Procedure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56

Manage the Configuration File or Reset to Factory Default. . . . . . . . . . . .57

Save the Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57

Restore the Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58

Restore the Wireless Access Point to the Factory Default Settings. . . .58

Reboot the Wireless Access Point without Restoring the

Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

Change the Administrator Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

Enable the Syslog Option. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

Enable Rogue AP Detection and Monitor Access Points. . . . . . . . . . . . . .62

Enable and Configure Rogue AP Detection. . . . . . . . . . . . . . . . . . . . . .63

View and Save Access Point Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64

Chapter 5 Advanced Configuration

Configure Spanning Tree Protocol and 802.1Q VLANs. . . . . . . . . . . . . . .68

Configure Hotspot Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69

Configure Advanced Wireless Settings . . . . . . . . . . . . . . . . . . . . . . . . . . .70

Configure Advanced Quality of Service Settings . . . . . . . . . . . . . . . . . . . .73

Configure Wireless Bridging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

Configure a Point-to-Point Wireless Network. . . . . . . . . . . . . . . . . . . . .76

Configure a Point-to-Multipoint Wireless Network . . . . . . . . . . . . . . . . .81

Configure the Wireless Access Point to Repeat the Wireless

Signal Using Point-to-Multipoint Bridge Mode . . . . . . . . . . . . . . . . . . . .85

Chapter 6 Monitoring

View System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92

Monitor Wireless Clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94

View the Activity Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96

Traffic Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .97

Chapter 7 Troubleshooting

Basic Functioning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100

Verify the Correct Sequence of Events at Startup . . . . . . . . . . . . . . . .100

No LEDs Are Lit on the Wireless Access Point . . . . . . . . . . . . . . . . . .100

LAN LED Is Not Lit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101

WLAN LED Is Not Lit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101

You Cannot Access the Internet or the LAN from a

4

ProSAFE Single Band 802.11n Wireless Access Point WN203

Wireless-Capable Computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101

You Cannot Configure the Wireless Access Point from a Browser . . . . .102

When You Enter a URL or IP Address a Time-Out Error Occurs. . . . . . .103

Troubleshoot a TCP/IP Network Using the Ping Utility. . . . . . . . . . . . . . .103

Test the LAN Path to Your Wireless Access Point. . . . . . . . . . . . . . . .103

Test the Path from Your Computer to a Remote Device . . . . . . . . . . .104

Problems with Date and Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105

Appendix A Supplemental Information

Technical Specifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107

Factory Default Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108

Appendix B Command-Line Reference
Appendix C Notification of Compliance
Index

5

1. Introduction

This chapter introduces the NETGEAR® ProSAFE® Single Band 802.11n Wireless Access

Point WN203, and describes some of the key features. The chapter includes the following
sections:

• About the ProSAFE Single Band 802.11n Wireless Access Point WN203

• What Is in the Box?

• System Requirements

• Key Features and Standards

• Hardware Description

Note: For more information about the topics covered in this manual, visit

the support website at support.netgear.com.

1

Note: Firmware updates with new features and bug fixes are made

available from time to time at downloadcenter.netgear.com. Some
products can regularly check the site and download new firmware,
or you can check for and download new firmware manually
features or behavior of your product do not match what is described
in this guide, you might need to update your firmware.

. If the

6

ProSAFE Single Band 802.11n Wireless Access Point WN203

About the ProSAFE Single Band 802.11n Wireless Access Point WN203

The ProSAFE Single Band 802.11n Wireless Access Point WN203, going forward in this
manual referred to as the wireless access point, is a solid building block of a wireless LAN
infrastructure. It provides 2.4 GHz 802.1 1b/g/n connectivity between wired Ethernet networks
and radio-equipped wireless notebook systems, desktop systems, print servers, and other
devices. Support for two transmit radio chains and two receive radio chains, also referred to
as 2x2 multiple input, multiple output (MIMO), can increase wireless throughput considerably .

The wireless access point provides wireless connectivity to multiple wireless network devices

T

within a fixed range or area of coverage.
point provides a maximum connectivity area with about a 500-foot radius. The wireless
access point can support a maximum of 64 clients in a range of several hundred feet. The
throughput is shared between all clients.
quality of your wireless network, install a sufficient number of wireless access points.

The wireless access point acts as a bridge between the wired LAN and wireless clients.
Connecting multiple wireless access points through a wired Ethernet backbone can further
increase the wireless network coverage. As a mobile computing device moves out of the
range of one wireless access point, it moves into the range of another
clients can freely roam from one wireless access point to another and still maintain a
seamless connection to the network.

ypically, an individual in-building wireless access

T

o meet the required coverage, throughput, and

. As a result, wireless

The autosensing capability of the wireless access point allows packet transmission at up to
300 Mbps, or at reduced speeds to compensate for distance or electromagnetic interference.

What Is in the Box?

The product package contains the following items:

• ProSAFE Single Band 802.11n Wireless

• Straight through Category 5 Ethernet cable

• Power adapter and cord (12V

• Stand

• T

wo wall mount screws and anchors

• Resource CD

• Installation guide

If any parts are missing or damaged, contact your reseller or customer support in your area.
V

isit the NETGEAR website at

the telephone number of customer support in your area.
Keep the installation guide, along with the original packing materials. If you need to return the

wireless access point for repair, use the packing materials to repack the wireless access
point.

, 1A)

http://support.netgear.com/general/contact/default.aspx for

Access Point WN203

Introduction

7

ProSAFE Single Band 802.11n Wireless Access Point WN203

External antennas do not come standard with the wireless access point but can be purchased
as an option. If you have purchased external antennas, see Configure Advanced Wireless

Settings on page 70 for information about how to enable the external antennas.

System Requirements

Before installing the wireless access point, make sure that your system meets these
requirements:

• A 10/100/1000 Mbps local area network device such as a hub, switch, or router

• The Category 5 UTP straight-through Ethernet cable with RJ-45 connector that is

included in the package, or one like it

• Either a 100–120V

Power over Ethernet (PoE)

• A computer with the TCP/IP protocol installed and a web browser for configuration, such

as Microsoft Internet Explorer 8.0 or later

, 50–60 Hz

AC power source or a hub, switch, or router that provides

, or Mozilla Firefox 18.0 or later

Key Features and Standards

This section includes the following subsections:

• Supported Standards and Conventions

• Key Features

• 802.11b/g/n Standards–Based Wireless Networking

• Autosensing Ethernet Connections with Auto Uplink

The wireless access point is easy to use and provides solid wireless and networking support.
It also of

Supported Standards and Conventions

The wireless access point supports the following standards and conventions:

• Standards compliance. The wireless access point complies with the IEEE 802.1

• WPA and WPA2. The wireless access point provides WPA and WPA2 enterprise-class

• Multiple BSSIDs.

fers a wide range of security options.

standards for wireless LANs and is Wi-Fi certified for 802.11n standard.

strong security with RADIUS and certificate authentication as well as dynamic encryption
key generation.
have the overhead of RADIUS servers but provides the strong security of WPA.

access point is connected to a wired network and a set of wireless clients, it is called a
basic service set (BSS).
attached to the header of packets sent over a WLAN that differentiates one WLAN from
another when a mobile device tries to connect to the network.

The WPA-PSK and WPA2-PSK pre-shared key authentication does not

The wireless access point supports multiple BSSIDs. When a wireless

The basic service set identifier (BSSID) is a unique identifier

1 b/g

Introduction

8

ProSAFE Single Band 802.11n Wireless Access Point WN203

The multiple BSSID feature allows you to configure up to eight SSIDs on your wireless
access point and assign different configuration settings to each SSID. All the configured
SSIDs are active, and the network devices can connect to the wireless access point by
using any of these SSIDs.

• DHCP server and client. The DHCP server of the wireless access point can provide a

dynamic IP address to wireless clients.
and obtain an IP address from a DHCP server on the LAN.

• SNMP. The wireless access point supports Simple Network Management Protocol

(SNMP) for Management Information Base (MIB) management.

• STP. The wireless access point supports Spanning Tree Protocol (STP).

• 802.1Q VLAN

network even though they might actually be physically on dif
Virtual LANs (VLANs) are configured through software rather than hardware, which
makes them very flexible. VLANs are very useful for user and host management,
bandwidth allocation, and resource optimization.

. A network of computers can behave as if they are connected to the same

The wireless access point can also act as a client

ferent segments of a LAN.

Key Features

The wireless access point provides solid functionality, including the following features:

• Multiple operating modes:

- W

ireless access point.

802.11b/g/n access point for clients.

- Point-to-point bridge. The wireless access point communicates with another access

point that functions in bridge mode.
association.

- Point-to-multipoint bridge. The wireless access point is the master for a group of

access points that function in bridge mode, that send all traf
do not communicate directly with each other. You can use this mode with or without
client association.

- Repeating the wireless signal.

access point for clients but functions only in point-to-multi
the wireless signal and send all traffic to a remote access point.

• WMM. Wi-Fi Multimedia (WMM) is a subset of the 802.11e standard. WMM allows

wireless traf
Time-dependent information, like video or audio, has a higher priority than normal traffic.
For WMM to function correctly, wireless clients also need to support WMM.

• QoS. Quality of Service (QoS) support lets you configure parameters that af

flowing from the wireless access point to the client station and traffic flowing from the
client station to the wireless access point.

• Hotspot support. Y

redirected to the URL you specify.

• Rogue AP detection

access to any part of the secured wireless and wired LAN.

fic to have a range of priorities, depending on the kind of data.

ou can allow all HTTP (TCP, port 80) requests to be captured and

. Rogue AP filtering ensures that unknown APs are not given

The wireless access point operates as a standard

You can use this mode with or without client

fic to the master, and that

The wireless access point does not function as an

point bridge mode to repeat

fect traf

fic

Introduction

9

ProSAFE Single Band 802.11n Wireless Access Point WN203

• Access control. MAC address filtering can ensure that only trusted wireless clients can

use the wireless access point to gain access to the wireless and wired LAN.

• Security profiles. When using multiple BSSIDs, you can configure unique security

settings (encryption, SSID, and so on) for each BSSID.

• Hidden mode.

correct SSID can connect.

• Telnet and SSH command-line interface. Using an application such as PuTTY

access the wireless access point over a Telnet or Secure Shell (SSH) connection and use
the command-line interface (CLI) to configure the wireless access point.

• Upgradeable firmware. Firmware is stored in flash memory.

using only your web browser, and you can upgrade it remotely. You can also use the
command-line interface.

• Configuration backup. Configuration settings can be backed up to a file and restored.

• Secure and economical operation.

economical operation.

• PoE support

end-span sources can supply power to the wireless access point over the Ethernet port.
The wireless access point can receive all required power on one Ethernet port from a
single PoE source.

• Autosensing Ethernet connection with

10/100/1000 Mbps IEEE 802.3 Ethernet networks.

• LED indicators. Power,

• VLAN security profiles. Each security profile is automatically allocated a VLAN ID when

the security profile is modified.

The SSID is not broadcast, assuring that only clients configured with the

, you can

You can upgrade it easily,

Adjustable power output allows more secure or

. Using Power over Ethernet (PoE), any 802.3af-compliant midspan or

Auto Uplink™ interface. Connects to

Test, LAN, and WLAN LEDs are easily identified.

802.11b/g/n Standards–Based Wireless Networking

The wireless access point provides a bridge between wired Ethernet LANs and

802.11b/g/n-compatible wireless LAN networks. It provides connectivity between wired

Ethernet networks and radio-equipped wireless notebook systems, desktop systems, print
servers, RFID tags, and other devices.

In addition, the wireless access point supports the following wireless features:

• Aggregation support

• Reduced InterFrame spacing support

• 2x2 multiple input, multiple output (MIMO) support

• Distributed coordinated function (CSMA/CA, back-of

retransmission of unacknowledged frames)

• RTS/CTS handshake

• Beacon generation

• Packet fragmentation and reassembly

• Auto or long preamble

Introduction

f procedure,

ACK procedure,

10

ProSAFE Single Band 802.11n Wireless Access Point WN203

• Roaming among wireless access points on the same subnet

Autosensing Ethernet Connections with Auto Uplink

The wireless access point can connect to a standard Ethernet network. The LAN interface is
autosensing and capable of full-duplex or half-duplex operation.

The wireless access point incorporates Auto Uplink technology. The Ethernet port
automatically senses whether the Ethernet cable plugged into the port should have a
“normal” connection such as to a computer or an “uplink” connection such as to a switch or

That port then configures itself correctly. This feature also eliminates any concerns

hub.
about crossover cables, because Auto Uplink accommodates either type of cable to make
the right connection.

Hardware Description

This section describes the front and back hardware functions of the wireless access point.

• Front Panel

• Back Panel

• Bottom Panel with Product Label and Reset to Factory Defaults Button

Front Panel

The LEDs of the wireless access point are described in the following figure and table:

1

Figure 1. Front panel with LEDs

23

4

Introduction

11

ProSAFE Single Band 802.11n Wireless Access Point WN203

Table 1. Front panel LEDs

Item LED Description
1

2

3

4

Power Off Power is off.

Test Off The wireless access point functions normally.

LAN Off No link is detected on the LAN port.

WLAN Off The wireless LAN is not ready, or no wireless activity is

Back Panel

Green Power is on.

Amber The wireless access point is starting. After about one

minute, the LED turns off.

Blinking amber New firmware is being loaded.

Amber A 100 Mbps or 10 Mbps link is detected on the LAN port.
Green A 1000 Mbps link is detected on the LAN port.

detected.
Blue The wireless LAN is ready.
Blinking Blue Wireless activity is detected.

1

2

3

4

5

Figure 2. Back panel

The back panel components of the wireless access point, from left to right, are described in
the following list:

1. Reverse SMA connector for an optional 2.4 GHz antenna.

2. Console port for connecting to an optional console terminal. The port has an RJ-45

connector and supports the following settings: 115200 K default baud rate, (8) data bits, no
(N) parity bit, and one (1) stop bit.

3. 10/100/1000BASE-T Gigabit Ethernet RJ-45 LAN port with Auto Uplink (Auto MDI-X) and

IEEE 802.3af Power over Ethernet (PoE) support for connection to a switch or router.

Introduction

12

ProSAFE Single Band 802.11n Wireless Access Point WN203

4. Power socket for a 12 VDC, 1A power adapter.

5. Reverse SMA connector for an optional 2.4 GHz antenna.

If you have purchased external antennas, see Configure Advanced Wireless Settings on
page 70 for information about how to enable the external antennas.

Bottom Panel with Product Label and Reset to Factory Defaults Button

The product label on the bottom of the wireless access point’s enclosure displays factory
default settings, regulatory compliance, and other information. The bottom panel also
contains the recessed Reset to Factory Defaults button, which is indicated on the product
label.

ProSAFE

Single Band 802.11n Wireless Access Point

WN203

This device complies with part 15 of the FCC Rules and Canada ICES-003.

Reset to
Factory Defaults

Designed by NETGEAR in California

Operation is subject to the following two conditions: (1) this device may not
cause harmful interference, and (2) this device must accept any interference
received, including interference that may cause undesired operation.

FCC ID: PY312400222
IC: 4054A-12400221

http://192.168.0.100
user name: admin
password: password

MAC

SERIAL

Made in China

Power

12V 1.0A

2.4 Ghz2.4 Ghz Console LAN

272-11850-02

Reset to Factory Defaults button

Figure 3. Product label on the bottom

 To reset the wireless access point to factory default settings:

Use a sharp object to press and hold the Reset to Factory Defaults button for about
10 seconds.

All custom configuration settings are lost, and the default password is restored. For more
information, see Restore the Wireless Access Point to the Factory Default Settings on
page 58.

Introduction

13

2. Installation and Basic Configuration

This chapter describes how to install and configure the wireless access point for wireless

connectivity to your LAN. This basic configuration enables computers with 2.4 GHz 802.11b/g/n
wireless adapters to connect to the Internet or access printers and files on your LAN. In planning
your wireless network, consider the level of security required. Chapter 3, Wireless Configuration

and Security, describes how to set up wireless security for your network. This chapter includes

the following sections:

• What You Need Before You Begin

• Install and Configure the Wireless Access Point

• Test Basic Wireless Connectivity

2

14

ProSAFE Single Band 802.11n Wireless Access Point WN203

What You Need Before You Begin

You need to consider the guidelines and requirements in the following sections before you
can set up your wireless access point.

See also System Requirements on page 8.

• Wireless Equipment Placement and Range Guidelines

• Ethernet Cabling Requirements

• LAN Configuration Requirements

• Hardware Requirements for Computers on Your LAN

• Requirements for Entering IP Addresses

Wireless Equipment Placement and Range Guidelines

The range of your wireless connection can vary significantly based on the location of the
wireless access point. The latency, data throughput performance, and power consumption of
wireless adapters also vary depending on your configuration choices.

Note: Failure to follow these guidelines can result in significant

performance degradation or inability to connect wirelessly to the
wireless access point. For complete performance specifications, see

Appendix A, Supplemental Information.

For best results, place your wireless access point according to the following general
guidelines:

• Near the center of the area in which the wireless devices will operate.

• In an elevated location such as a high shelf where the wirelessly connected devices have

line-of-sight access (even if through walls).

• Away from sources of interference, such as computers, microwaves ovens, and 2.4 GHz

cordless phones.

• Away from large metal surfaces or water.

The time it takes to establish a wireless connection can vary depending on both your security
settings and placement. WEP connections can take slightly longer to establish. Also, WEP
encryption can consume more battery power on a notebook computer

.

Installation and Basic Configuration

15

ProSAFE Single Band 802.11n Wireless Access Point WN203

Ethernet Cabling Requirements

The wireless access point connects to your LAN using twisted-pair Category 5 Ethernet cable
with RJ-45 connectors.

LAN Configuration Requirements

For the initial configuration of your wireless access point, you need to connect a computer to
the wireless access point.

Hardware Requirements for Computers on Your LAN

To connect to the wireless access point on your network, each computer needs to have an

802.11b/g/n wireless adapter installed.

Requirements for Entering IP Addresses

The fourth octet of an IP address needs to be between 0 and 255 (both inclusive). This
requirement applies to any IP address that you enter on a screen of the web management
interface.

Install and Configure the Wireless Access Point

Install and configure your wireless access point in the order of the following sections:

1. Connect the Wireless Access Point to a Computer

2. Log In to the Wireless Access Point

3. Configure Basic General System Settings and Time Settings

4. Configure the IP Settings

5. Configure the Optional DHCP Server

6. Configure the Basic Wireless Settings

Before installing the wireless access point, make sure that your Ethernet network functions.

After you have connected the wireless access point to the Ethernet network, computers with

802.1

1b/g/n wireless adapters are able to communicate with the Ethernet network.

Before you start the installation and configuration process, verify that you have met all the
system requirements. See

System Requirements on page 8.

Installation and Basic Configuration

16

ProSAFE Single Band 802.11n Wireless Access Point WN203

Connect the Wireless Access Point to a Computer

Tip: Before you place the wireless access point in an elevated position that is

difficult to reach, first set up and test the wireless access point to verify
wireless network connectivity.

 To set up the wireless access point:

1. Unpack the box and verify the contents.

2. Prepare a computer with an Ethernet adapter:

a. If this computer is already part of your network, record its

settings.

b. Configure the computer with a static IP address of 192.168.0.210 and 255.255.255.0

as the subnet mask.

3. Connect an Ethernet cable to the Ethernet port (A) of the computer

4. Securely insert the other end of the Ethernet cable into the wireless access point’s LAN

port (B).

TCP/IP configuration

.

A

B

5. Turn on your computer.

6. Connect the power adapter to the wireless access point.

Tip: The wireless access point supports Power over Ethernet (PoE). If you

have a switch that provides PoE, you do not need to use the power
adapter to power the wireless access point. Using PoE can be especially
convenient when the wireless access point is installed in a high location
far away from a power outlet.

erify the following:

7. V

Power LED. The Power LED is green. If the Power LED is off, check the

connections, and check if the power outlet is controlled by a wall switch that is
turned off.

Installation and Basic Configuration

17

ProSAFE Single Band 802.11n Wireless Access Point WN203

T est LED. The Test LED is amber. After about one minute, the Test LED turns

off.
LAN LED. The LAN LED indicates the LAN speed for the LAN port: green for

1000 Mbps or amber for 100 Mbps or 10 Mbps.

WLAN LED. The WLAN LED is blue when the wireless LAN (WLAN) is ready.

Log In to the Wireless Access Point

The default IP address of your wireless access point is 192.168.0.100. By default, the DHCP
client on the wireless access point is disabled so you can log in using the default IP address.

 To log in to the wireless access point:

1. Open a web browser such as Microsoft Internet Explorer 8.0 or later, or Mozilla

Firefox 18.0 or later.

2. Connect to the wireless access point by entering its default address of 192.168.0.100

your browser (use http and not https).

into

The Login screen displays:

3. Enter the default user name of admin and the default password of password.

4. Click the Login button.

The web browser displays the basic General system settings screen under the
Configuration tab of the main menu:

Installation and Basic Configuration

18

ProSAFE Single Band 802.11n Wireless Access Point WN203

The navigation tabs across the top of the web management interface provide access to all
the configuration functions of the wireless access point and remain constant. The menu items
in the blue bar change according to the navigation tab that is selected.

Figure 4. Navigation tabs and menu items

The bottom right corner on all screens that allow you to make configuration changes show
the Apply and Cancel buttons.

Figure 5. Buttons

These buttons have the following functions:

• Cancel. Cancels all configuration changes that you made on the screen.

• Apply. Saves and applies all configuration changes that you made on the screen.

The following buttons can be displayed:

• Edit. Lets you edit the existing configuration.

• Save or Save As. Lets you save the information that is displayed onscreen to a file.

• Details. Provides more details for the information that is displayed in a table onscreen.

• Refresh. Refreshes the information that is displayed onscreen.

• Clear. Clears the information that is displayed onscreen.

• Back. Returns to the previous screen.

• Send. Sends a test command.

Installation and Basic Configuration

19

ProSAFE Single Band 802.11n Wireless Access Point WN203

Configure Basic General System Settings and Time Settings

After you have successfully logged in to the wireless access point, the basic General system

settings screen displays.

 To configure basic system settings:

1. Select Configuration > System >

Basic > General.

The basic General system settings screen displays:

2. Configure the settings as described in the following table:

Setting Description

AP Name This unique name is the wireless access point NetBIOS name. The name is printed

on the label of the wireless access point. The default is netgearxxxxxx
xxxxxx represents the last six digits of the wireless access point MAC address. You
can replace the default name with a unique name up to 15 characters long. The
access point name can be retrieved through SNMP.

Country / Region From the Country / Region drop-down menu, select the country where the wireless

access point is installed.

Note: It might not be legal to operate this wireless access point in a region other than

one of the regions that you can select from the drop-down menu.

, in which

3. Click the Apply button.

Installation and Basic Configuration

20

ProSAFE Single Band 802.11n Wireless Access Point WN203

 To configure time settings:

1. Select Configuration > System > Basic > Time .

The Time screen displays:

2. Configure the settings as described in the following table:

Setting Description

Time Zone Select the time zone to match your location.
Current Time This is a nonconfigurable field that displays the current date and time.
NTP Client Enable the Network Time Protocol (NTP) client to synchronize the time of the

wireless access point with an NTP server
selected.

Use Custom NTP Server Select this check box if you want to use a custom NTP server.

Note: You need to have an Internet connection to use an NTP server that is

not on your local network.

Hostname /
IP Address

Enter the host name or IP address of the custom NTP server
The default NTP server depends on the selected time zone.
For example, for China the default is time-e.netgear

Note: If you use a host name, make sure that you have

configured a DNS server. For more information, see the next
section.

. By default the Enable radio button is

3. Click the Apply button.

.

.com.

Installation and Basic Configuration

21

ProSAFE Single Band 802.11n Wireless Access Point WN203

Configure the IP Settings

WARNING:

If you enable the DHCP client, the IP address of the wireless
access point changes when you click the Apply button, causing
you to lose your connection to the wireless access point. Y ou then
need to use the new IP address to reconnect to the wireless
access point.

Tip: If you enable the DHCP client on the wireless access point, you can

discover the new IP address of the wireless access point by accessing
the DHCP server on your LAN, or by using a network IP address scanner
application.

 To configure the IP settings:

1. Select Configuration > IP > IP Settings.

The IP Settings screen displays:

Installation and Basic Configuration

22

ProSAFE Single Band 802.11n Wireless Access Point WN203

2. Configure the IP settings as described in the following table:

Setting Description

DHCP Client By default, the Dynamic Host Configuration Protocol (DHCP) client is disabled. If

you have a DHCP server on your LAN and you select the Enable radio button,
the wireless access point receives its IP address, subnet mask, and default
gateway settings automatically from the DHCP server on your network when you
connect the wireless access point to your LAN.

IP Address If you do not enable the DHCP client, enter the IP address of your wireless

access point.
enter an unused IP address from the address range that is used on your LAN.

IP Subnet Mask If you do not enable the DHCP client, enter the network number portion of an IP

address. Unless you are implementing subnetting, enter 255.255.0.0 as the
subnet mask.

Default Gateway If you do not enable the DHCP client, enter the IP address of the ISP gateway to

which the wireless access point connects.

The default IP address is 192.168.0.100. T

o change the address,

Primary DNS Server

Secondary DNS Server

Network Integrity Check Select this check box to validate that the upstream link is active before allowing

If you do not enable the DHCP client, enter the IP addresses of the primary and
secondary DNS servers.
A DNS server is a host on the Internet that translates Internet names (such as
www

.netgear.com) to numeric IP addresses.
address of one or two DNS servers to your wireless access point during login. If
the ISP does not transfer addresses, you need to obtain them from the ISP and
enter them manually in these fields.

wireless associations. Ensure that the default gateway is configured.

Typically your ISP transfers the IP

3. Click the Apply button.

Configure the Optional DHCP Server

The wireless access point provides a built-in DHCP server for wireless clients only , which can
be especially useful in small networks. By default, the DHCP server is disabled. When the
DHCP server is enabled, the wireless access point provides preconfigured TCP/IP
configurations to all connected wireless clients.

 To configure DHCP server settings:

1. Select Configuration > IP > DHCP Server Settings.

The DHCP Server Settings screen displays:

Installation and Basic Configuration

23

ProSAFE Single Band 802.11n Wireless Access Point WN203

2. Configure the settings as described in the following table:

Setting Description

Select the Enable radio button to enable the DHCP server . Use the default settings or specify the pool of IP
addresses to be assigned by setting the starting IP address and ending IP address. These addresses
should be part of the same IP address subnet as the wireless access point’

DHCP Server VLAN ID Enter the VLAN ID for the DHCP server. The VLAN ID range is from 1 to 4094.

The default VLAN is 1.

Starting IP Address Enter the first address in the range of IP addresses to be assigned to DHCP

clients.

The default address is 192.168.1.02.

Stopping IP Address Enter the last address in the range of IP addresses to be assigned to DHCP

clients. The default address is 192.168.1.50.

Subnet Mask Enter the subnet mask to be used by DHCP clients. The default mask is

255.255.255.0.

Gateway IP

Primary DNS Server Enter the IP address of the primary Domain Name System (DNS) server

Secondary DNS Server Enter the IP address of the secondary DNS server available to DHCP clients.

Address Enter the IP address of the default routing gateway to be used by DHCP clients.

The default address is 192.168.0.1.

available to DHCP clients.

s LAN IP address.

Primary WINS Server Enter the IP address of the primary WINS server for the network, if there is any.

Installation and Basic Configuration

24

ProSAFE Single Band 802.11n Wireless Access Point WN203

Setting Description

Secondary WINS Server Enter the IP address of the secondary WINS server for the network, if there is

any.

Lease

Enter the period that the DHCP server grants to DHCP clients to use the
assigned IP addresses. The default time is 1 (one day).

3. Click the Apply button.

Configure the Basic Wireless Settings

For proper compliance and compatibility between similar products in your coverage area, you
need to configure the 802.1 1b/g/n wireless adapter settings correctly, including the operating
channel and country. You also need to configure the basic wireless network settings for
wireless devices to connect to your network. For other wireless features, including wireless
security, see Chapter 3, Wireless Configuration and Security.

Operating Frequency (Channel) Guidelines

You do not need to change the operating frequency (channel) unless you notice interference
problems or you place the wireless access point near another wireless access point. If you do
change the operating frequency, observe the following guidelines:

• Wireless access points use a fixed channel. Y

least interference and best performance. In the United States and Canada, 11 channels
are available.

• If you are using multiple wireless access points, it is better if adjacent wireless access

points use different radio frequency channels to reduce interference.
channel spacing between adjacent wireless access points is five channels (for example,
use Channels 1 and 6, or 6 and 11, or 1 and 11).

ou can select a channel that provides the

The recommended

• In infrastructure mode (which is the default mode for the wireless access point), wireless

clients normally scan all channels, looking for a wireless access point. If more than one
wireless access point is available, and the wireless access points use the same SSID, a
wireless client uses the wireless access point with the strongest signal.

Configure 802.11b/bg/ng Wireless Settings

The basic Wireless Settings screen lets you configure the wireless mode, SSID, and other
wireless settings.

WARNING:

If you configure the wireless access point from a wireless computer
and you change the wireless access point’s SSID, channel, or wireless
security settings, you lose your wireless connection when you click
the Apply button. You then need to change the wireless settings of
your computer to match the wireless access point’s new settings.

Installation and Basic Configuration

25

ProSAFE Single Band 802.11n Wireless Access Point WN203

 To configure the 802.11b/g/n wireless settings:

1. Select Configuration > Wireless > Basic > Wireless Settings.

The basic Wireless Settings screen displays. The following figure shows the 11ng
settings.

Note: The radio wave icon ( ) displays next to the enabled wireless

mode (b, bg, or ng).

2. Select one of the following 2.4 GHz band radio buttons:

• 11b. Both 802.11n- and 802.1

1g-compliant devices can connect to the access point

because they are backward compatible.

•

11bg. 802.11n-compliant devices can connect to the access point because they are

backward compatible.

• 11ng. This is the default setting. 802.11b-compliant devices cannot connect to the

access point. If you keep the default setting, go to Step 5

.

When you change the wireless mode, the Turn Radio On check box is automatically
cleared, and all fields, buttons, and drop-down menus onscreen are masked out.

3. Turn on the radio by selecting the Turn Radio On check box.

A pop-up screen displays.

Installation and Basic Configuration

26

ProSAFE Single Band 802.11n Wireless Access Point WN203

Note: Under normal conditions, you want the radio to be turned on. Turning off

the radio disables access through the wireless access point, which can be
helpful for configuration, network tuning, or troubleshooting activities.

4. Click the OK button to confirm the change of wireless mode.

The change does not take effect until after you have completed the wireless configuration
and have clicked the

Apply button.

5. Specify the remaining wireless settings as described the following table:

Setting Descriptions

Wireless Network Name
(SSID)

Wireless On-Off Status This field is not configurable. It shows the status of the wireless scheduler. For

Broadcast Wireless
Network Name (SSID)

Channel / Frequency From the drop-down menu, select the channel you wish to use for your wireless

Enter a 32-character (maximum) service set identifier (SSID); the characters are
case-sensitive. The default
device needs to match the wireless access point’s SSID for the wireless device
to communicate with the wireless access point. If the SSIDs do not match, you
do not get a wireless connection to the wireless access point.

more information, see Schedule the Wireless Radios to Be Turned Off on
page 49.

Select the Ye
SSID, allowing wireless clients that have a null (blank) SSID to adopt the
wireless access point’
from being broadcast, select the No radio button.

LAN.

The wireless channels and frequencies depend on the country and

wireless mode.

Note: You should not have to change the wireless channel unless you

experience interference (indicated by lost connections or slow data transfers). If
this situation occurs, you might want to experiment with different channels to see
which is the best. For more information, see Operating Frequency (Channel)

Guidelines on page 25.

Note: For more information about available channels and frequencies, see

Technical Specifications on page 107.

s radio button to enable the wireless access point to broadcast its

The default setting is Auto.

is NETGEAR_11ng. The SSID assigned to a wireless

s SSID. Yes is the default setting. To prevent the SSID

Installation and Basic Configuration

27

ProSAFE Single Band 802.11n Wireless Access Point WN203

Setting Descriptions

MCS Index / Data Rate
11ng mode only

Note: For most

networks, the default
settings work fine.

Output Power From the drop-down menu, select the transmission power of the wireless access

From the drop-down menu, select a Modulation and Coding Scheme (MCS)
index and transmit data rate for the wireless network.
For a list of all options that you can select, see Technical Specifications on
page 107.

Channel Width From the drop-down menu, select a channel width. The

options are Dynamic 20/40 MHz, 20 MHz, and 40 MHz.
default is 20 MHz.
performance, but some legacy devices can operate only in
either 20 MHz or 40 MHz.

Guard Interval From the drop-down menu, select the guard interval to

protect transmissions from interference.
or you can select Long - 800 ns. Some legacy devices can
operate only with a long guard interval.

point: Full, Half, Quarter

Note: Increasing the power improves performance, but if two or more wireless

access points are operating in the same area and on the same channel,
interference can occur.

Note: Make sure that you comply with the regulatory requirements for total radio

frequency (RF) output power in your country.

, Eighth, Minimum.

A wider channel improves the

The default is Full.

The default setting is Best.

The default is

6. Click the Apply button.

The

Auto,

The selected wireless mode is now enabled.

Note: For information about how to configure advanced wireless settings,

see Configure Advanced Wireless Settings on page 70.

Test Basic Wireless Connectivity

After you have configured the wireless access point as described in the previous sections,

test the computers on your LAN for wireless connectivity before you position the wireless
access point at its permanent position.

 To test for wireless connectivity:

1. Configure the 802.11b/g/n wireless adapters of your computers so that they all have the

same SSID and channel that you have configured on the wireless access point.

2. Verify that your computers have a wireless link to the wireless access point. If you have

enabled the DHCP server on the wireless access point, verify that
to obtain an IP address through DHCP from the wireless access point.

your computers are able

Installation and Basic Configuration

28

ProSAFE Single Band 802.11n Wireless Access Point WN203

3. Verify network connectivity by using a browser such as Microsoft Internet Explorer 8.0 or

later, or Mozilla Firefox 18.0 or later to browse the Internet, or check for file and printer
access on your network.

Note: If you have trouble connecting to the wireless access point, see

Chapter 7, Troubleshooting.

NETGEAR recommends that you complete the following tasks before you deploy the
wireless access point in your network:

• Configure wireless security and other wireless features. See Chapter 3, Wireless
Configuration and Security.

• Configure any additional features that you might need. See Chapter 4, Management, and

Chapter 5, Advanced Configuration.

After you have completed the configuration of the wireless access point, you can reconfigure
the computer that you used for this process back to its original TCP/IP settings.

Installation and Basic Configuration

29

3. Wireless Configuration and Security

This chapter describes how to configure the wireless features of the wireless access point. The

chapter includes the following sections:

• Before You Configure Wireless Security

• Wireless Data Security Options

• Security Profiles

• Configure RADIUS Server Settings

• Restrict Wireless Access by MAC Address

• Schedule the Wireless Radios to Be Turned Off

• Configure Basic Wireless Quality of Service

3

30