Sercomm AP101NA User Manual
802.11n Wireless
Access Point
AP101nA,WNAP-3000PE
User's Guide
TABLE OF CONTENTS
㩷
CHAPTER 1 INTRODUCTION .............................................................................................1
Features of your Wireless Access Point........................................................................... 1
Package Contents ..............................................................................................................3
Physical Details.................................................................................................................. 4
CHAPTER 2 INSTALLATION............................................................................................... 6
Requirements..................................................................................................................... 6
Procedure ........................................................................................................................... 6
CHAPTER 3 ACCESS POINT SETUP .................................................................................. 8
Overview ............................................................................................................................ 8
Setup using the Windows Utility...................................................................................... 8
Setup using a Web Browser............................................................................................ 11
System Basic Settings Screen.......................................................................................... 13
System Advanced Settings Screen.................................................................................. 15
Wireless Screens .............................................................................................................. 17
Basic Screen .....................................................................................................................17
Virtual AP Settings.......................................................................................................... 20
Virtual AP Screen............................................................................................................ 21
Radius Server Settings .................................................................................................... 33
Access Control ................................................................................................................. 34
Advanced Settings ........................................................................................................... 37
Wi-Fi Protected Setup..................................................................................................... 39
CHAPTER 4 PC AND SERVER CONFIGURATION .......................................................40
Overview ..........................................................................................................................40
Using WEP .......................................................................................................................40
Using WPA-PSK/WPA2-PSK ........................................................................................ 41
Using WPA-Enterprise ...................................................................................................42
802.1x Server Setup (Windows 2000 Server)................................................................ 43
802.1x Client Setup on Windows XP ............................................................................. 53
Using 802.1x Mode (without WPA) ...............................................................................59
CHAPTER 5 OPERATION AND STATUS ......................................................................... 60
Operation ......................................................................................................................... 60
Status Screen.................................................................................................................... 60
CHAPTER 6 ACCESS POINT MANAGEMENT............................................................... 67
Overview .......................................................................................................................... 67
Admin Login Screen........................................................................................................ 67
Auto Config/Update ........................................................................................................69
Config File........................................................................................................................ 70
SNMP ............................................................................................................................... 72
Log Settings...................................................................................................................... 74
Firmware Upgrade.......................................................................................................... 76
APPENDIX A SPECIFICATIONS .......................................................................................77
Wireless Access Point...................................................................................................... 77
APPENDIX B TROUBLESHOOTING ................................................................................81
Overview ..........................................................................................................................81
General Problems............................................................................................................ 81
APPENDIX C WINDOWS TCP/IP....................................................................................... 83
Overview .......................................................................................................................... 83
Checking TCP/IP Settings - Windows 9x/ME: ............................................................. 83
Checking TCP/IP Settings - Windows NT4.0 ...............................................................85
Checking TCP/IP Settings - Windows 2000.................................................................. 87
i
Wireless Access Point User Guide
Checking TCP/IP Settings - Windows XP .................................................................... 89
Checking TCP/IP Settings - Windows Vista ................................................................. 91
APPENDIX D ABOUT WIRELESS LANS.......................................................................... 93
Overview ..........................................................................................................................93
Wireless LAN Terminology............................................................................................ 93
APPENDIX E COMMAND LINE INTERFACE ................................................................ 96
Overview ..........................................................................................................................96
Command Reference....................................................................................................... 96
P/N: 956YHZ0001
Copyright 2008. All Rights Reserved.
Document Version: 1.0
All trademarks and trade names are the properties of their respective owners.
ii
Chapter 1
Introduction
1
Congratulations on the purchase of your new Wireless Access Point. The Wireless Access
Point links your Wireless Stations to your wired LAN. The Wireless stations and devices on
the wired LAN are then on the same network, and can communicate with each other without
regard for whether they are connected to the network via a Wireless or wired connection.
This Chapter provides an overview of the Wireless Access Point's features
and capabilities.
Figure 1: Wireless Access Point
Features of your Wireless Access Point
The Wireless Access Point incorporates many advanced features, carefully designed to provide
sophisticated functions while being easy to use.
Standards Compliant. The Wireless Access Point complies with the IEEE802.11g and
x
IEEE802.11n draft 2.0 specifications for Wireless LANs.
x
Supports 11n Wireless Stations. The 802.11n Draft standard provides for backward
compatibility with the 802.11b standard, so 802.11n, 802.11b and 802.11g Wireless stations can be used simultaneously.
Bridge Mode Support. The Wireless Access Point can operate in Bridge Mode, con-
x
necting to another Access Point. Both PTP (Point to Point) and PTMP (Point to MultiPoint) Bridge modes are supported.
And you can even use both Bridge Mode and Access Point Mode simultaneously!
1
Wireless Access Point User Guide
x
WPS Support. WPS (Wi-Fi Protected Setup) can simplify the process of connecting any
device to the wireless network by using the push button configuration (PBC) on the Wireless Access Point, or entering a 8-digit PIN code if there's no button.
x
DHCP Client Support. Dynamic Host Configuration Protocol provides a dynamic IP
address to PCs and other devices upon request. The Wireless Access Point can act as a
DHCP Client, and obtain an IP address and related information from your existing DHPC
Server.
x
Upgradeable Firmware. Firmware is stored in a flash memory and can be upgraded
easily, using only your Web Browser.
x
PoE Support. You can use PoE (Power over Ethernet) to provide power to the Wireless
Access Point, so only a single cable connection is required.
Security Features
x Virtual APs. For maximum flexibility, wireless security settings are stored in Virtual AP.
Up to 4 Virtual APs can be defined and used as any time.
x
Multiple BSSIDs. Because each Virtual AP has it own SSID and beacon, and up to 4
Virtual APs can be active simultaneously, multiple SSIDs are supported. Different clients
can connect to the Wireless Access Point using different SSIDs, with different security
settings.
x
Virtual APs Isolation. If desired, PCs and devices connecting to different Virtual APs
can be isolated from each other.
x
VLAN Support. The 802.1Q VLAN standard is supported, allowing traffic from differ-
ent sources to be segmented. Combined with the multiple SSID feature, this provides a
powerful tool to control access to your LAN.
x
WEP support. Support for WEP (Wired Equivalent Privacy) is included. Both 64 Bit
128 Bit, and 152 Bit keys are supported.
x
WPA support. Support for WPA is included. WPA is more secure than WEP, and
should be used if possible. Both TKIP and AES encryption methods are supported.
x
802.1x Support. Support for 802.1x mode is included, providing for the industrial-
strength wireless security of 802.1x authentication and authorization.
x
Radius Client Support. The Wireless Access Point can login to your existing Radius
Server (as a Radius client).
x
Radius MAC Authentication. You can centralize the checking of Wireless Station
MAC addresses by using a Radius Server.
x
Rogue AP Detection. The Wireless Access Point can detect unauthorized (Rouge)
Access Points on your LAN.
x
Access Control. The Access Control feature can check the MAC address of Wireless
clients to ensure that only trusted Wireless Stations can use the Wireless Access Point to
gain access to your LAN.
x
Password - protected Configuration. Optional password protection is provided to
prevent unauthorized users from modifying the configuration data and settings.
Advanced Features
x Command Line Interface. If desired, the command line interface (CLI) can be used for
configuration. This provides the possibility of creating scripts to perform common configuration changes.
2
x
Auto Configuration. The Wireless Access Point can perform self-configuration by
copying the configuration data from another Access Point. This feature is enabled by default.
x
Auto Update. The Wireless Access Point can automatically update its firmware, by
downloading and installing new firmware from your FTP server.
x
Radius Accounting Support. If you have a Radius Server, you can use it to provide
accounting data on Wireless clients.
x
Syslog Support. If you have a Syslog Server, the Wireless Access Point can send its log
data to your Syslog Server.
x
SNMP Support. SNMP (Simple Network Management Protocol) is supported, allowing
you to use a SNMP program to manage the Wireless Access Point.
Package Contents
The following items should be included:
x Wireless Access Point
x Power Adapter
x Quick Start Guide
x CD-ROM containing the on-line manual and setup utility.
Introduction
If any of the above items are damaged or missing, please contact your dealer immediately.
3
Wireless Access Point User Guide
Physical Details
Front Panel LEDs
Figure 2: Front Panel
Power On - Normal operation.
Off - No power
WLAN On -
Status On - Error condition.
Ethernet On - The LAN (Ethernet) port is active.
Idle
Off - Wireless connection is not available.
Flashing - Data is being transmitted or received via the Wireless access
point. Data includes "network traffic" as well as user data.
Off - Normal operation.
Blinking - During start up, and when the Firmware is being upgraded.
Off - No active connection on the LAN (Ethernet) port.
Flashing - Data is being transmitted or received via the corresponding
LAN (Ethernet) port.
4
Rear Panel
Introduction
Figure 3: Rear Panel
Reset Button
LAN
Power port
This button has two (2) functions:
x Reboot. When pressed and released, the Wireless Access Point
will reboot (restart).
x Reset to Factory Defaults. This button can also be used to clear
ALL data and restore ALL settings to the factory default values.
To Clear All Data and restore the factory default values:
1. Hold the Reset Button until the Status (Red) LED blinks TWICE,
usually more than 5 seconds.
2. Release the Reset Button.
The factory default configuration has now been restored, and the
Access Point is ready for use.
Use a standard LAN cable (RJ45 connectors) to connect this port to a
10/100/1000BaseT hub/switch on your LAN.
Connect the supplied power adapter (12V@1A) here.
5
Chapter 2
Installation
This Chapter covers the physical installation of the Wireless Access Point.
Requirements
Requirements:
x TCP/IP network
x Ethernet cable with RJ-45 connectors
x Installed Wireless network adapter for each PC that will be wirelessly connected to the
network
Procedure
1. Select a suitable location for the installation of your Wireless Access Point. To maximize
reliability and performance, follow these guidelines:
x Use an elevated location, such as wall mounted or on the top of a cubicle.
x Place the Wireless Access Point near the center of your wireless coverage area.
x If possible, ensure there are no thick walls or metal shielding between the Wireless
Access Point and Wireless stations. Under ideal conditions, the Wireless Access Point
has a range of around 150 meters (450 feet). The range is reduced, and transmission
speed is lower, if there are any obstructions between Wireless devices.
Figure 4: Installation Diagram
6
Installation
2. Use a standard LAN cable to connect the "LAN" port on the Wireless Access Point to a
10/100/1000BaseT hub/switch on your LAN.
3. Connect the supplied power adapter to the Wireless Access Point and a convenient power
outlet, and power up.
4. Check the LEDs:
x The Status LED should flash, then turn OFF.
x The Power, Ethernet and WLAN LEDs should be ON.
For more information, refer to Front Panel LEDs in Chapter 1.
Using PoE (Power over Ethernet)
The Wireless Access Point supports PoE (Power over Ethernet). To use PoE:
1. Do not connect the supplied power adapter to the Wireless Access Point.
2. Connect one end of a standard (category 5) LAN cable to the Ethernet port on the Wireless Access Point.
3. Connect the other end of the LAN cable to the powered Ethernet port on a suitable PoE
Adapter. (12V DC, 1A)
4. Connect the unpowered Ethernet port on the PoE adapter to your Hub or switch.
5. Connect the power supply to the PoE adapter and power up.
6. Check the LEDs on the Wireless Access Point to see it is drawing power via the Ethernet
connection.
Figure 5: Using PoE (Power over Ethernet)
7
Chapter 3
Access Point Setup
This Chapter provides details of the Setup process for Basic Operation of
your Wireless Access Point.
Overview
This chapter describes the setup procedure to make the Wireless Access Point a valid device
on your LAN, and to function as an Access Point for your Wireless Stations.
Wireless Stations may also require configuration. For details, see Chapter 4 - PC and Server
Configuration.
The Wireless Access Point can be configured using either the supplied Windows utility or your
Web Browser
Setup using the Windows Utility
A simple Windows setup utility is supplied on the CD-ROM. This utility can be used to assign
a suitable IP address to the Wireless Access Point. Using this utility is recommended, because
it can locate the Wireless Access Point even if it has an invalid IP address.
Installation
1. Insert the supplied CD-ROM in your drive.
2. If the utility does not start automatically, run the SETUP program in the root folder.
3. Follow the prompts to complete the installation.
Main Screen
x Start the program by using the icon created by the setup program.
x When run, the program searches the network for all active Wireless Access Points, then
lists them on screen, as shown by the example below.
8
Access Point Setup
Figure 6: Management utility Screen
Wireless Access Points
The main panel displays a list of all Wireless Access Points found on the network. For each
Access Point, the following data is shown:
Name
IP address
MAC Address
IEEE Standard
The Name is shown on a sticker on the base of the device.
The IP address for the Wireless Access Point.
The hardware or physical address of the Wireless Access Point.
The wireless standard or standards used by the Wireless Access Point
(e.g. 802.11b, 802.11g)
FW Version
Description
The current Firmware version installed in the Wireless Access Point.
Any extra information for the Wireless Access Point, entered by the
administrator.
Note: If the desired Wireless Access Point is not listed, check that the device is installed and
ON, then update the list by clicking the Refresh button.
Buttons
Refresh
Detail Info
Web Management
Set IP Address
Click this button to update the Wireless Access Point device listing
after changing the name or IP Address.
When clicked, additional information about the selected Access
Point will be displayed.
Use this button to connect to the Wireless Access Point's Webbased management interface.
Click this button if you want to change the IP Address of the
Wireless Access Point.
Exit
Exit the Management utility program by clicking this button.
9
Wireless Access Point User Guide
Setup Procedure
1. Select the desired Wireless Access Point.
2. Click the Set IP Address button.
3. If prompted, enter the user name and password. The default values are admin for the
User Name, and password for the Password.
4. Ensure the IP address, Network Mask, and Gateway are correct for your LAN. Save any
changes.
5. Click the Web Management button to connect to the selected Wireless Access Point using
your Web Browser. If prompted, enter the User Name and Password again.
6. Check the following screens, and configure as necessary for your environment. Use the
on-line help if necessary.
The later sections in this Chapter also provides more details about each of these screens.
7. You may also wish to set the admin password and administration connection options.
These are on the Admin Login screen accessed from the Management menu. See Chapter
6 for details of the screens and features available on the Management menu.
8. Use the Apply and Reboot buttons on the menu to apply your changes and restart the
Wireless Access Point.
Setup is now complete.
Wireless stations must now be set to match the Wireless Access Point. See Chapter 4 for
details.
REMARK
˜˘˘˘ʳˋ˃˅ˁ˄˄˵ʳʳˋ˃˅ˁ˄˄˺ʳ˸˴˼ʳ˹ʳ˻˼ʳ˷˶ʳ˼ʳ˻˸ʳ˨ˁ˦ˁ˔ˁʳ˼ʳ˹˼˴˸ˀ˿˼˼˸˷ʳʳ˶˻˴˸˿ʳ˄ʳ˻˺˻ʳ˄˄ˁ
10
Access Point Setup
Setup using a Web Browser
Your Browser must support JavaScript. The configuration program has been tested on the
following browsers:
x Netscape V4.08 or later
x Internet Explorer V4 or later
Setup Procedure
Before commencing, install the Wireless Access Point in your LAN, as described previously.
1. Check the Wireless Access Point to determine its Default Name. This is shown on a label
on the base or rear, and is in the following format:
SCxxxxxx
Where xxxxxx is a set of 6 Hex characters (0 ~ 9, and A ~ F).
2. Use a PC which is already connected to your LAN, either by a wired connection or another Access Point.
x Until the Wireless Access Point is configured, establishing a Wireless connection to it
may be not possible.
x If your LAN contains a Router or Routers, ensure the PC used for configuration is on
the same LAN segment as the Wireless Access Point.
3. Start your Web browser.
4. In the Address box, enter "HTTP://" and the IP Address of the 11N Wireless Access Point,
as in this example, which uses the Wireless Access Point's default IP Address:
HTTP://192.168.0.228
5. You should then see a login prompt, which will ask for a User Name and Password.
Enter admin for the User Name, and password for the Password.
These are the default values. The password can and should be changed. Always enter the
current user name and password, as set on the Admin Login screen.
Figure 7: Password Dialog
6. You will then see the Status screen, which displays the current settings and status. No data
input is possible on this screen. See Chapter 5 for details of the Status screen.
11
Wireless Access Point User Guide
7. From the menu, check the following screens, and configure as necessary for your environment. Details of these screens and settings are described in the following sections of
this chapter.
x System - Basic and Advanced settings
x Wireless - Basic, Advanced, Access Control, Radius Server, Virtual APs & WIFI
Protected Setup.
8. You may also wish to set the admin password and administration connection options.
These are on the Admin Login screen accessed from the Management menu. See Chapter
6 for details of the screens and features available on the Management menu.
9. Use the Apply and Reboot buttons on the menu to apply your changes and restart the
Wireless Access Point.
Setup is now complete.
Wireless stations must now be set to match the Wireless Access Point. See Chapter 4 for
details.
If you can't connect:
It is likely that your PC’s IP address is incompatible with the Wireless Access
Point’s IP address. This can happen if your LAN does not have a DHCP Server.
The default IP address of the Wireless Access Point is 192.168.0.228, with a
Network Mask of 255.255.255.0.
If your PC’s IP address is not compatible with this, you must change your PC’s IP
address to an unused value in the range 192.168.0.1 ~ 192.168.0.254, with a
Network Mask of 255.255.255.0. See Appendix C - Windows TCP/IP for details
for this procedure.
12
System Basic Settings Screen
Click Basic Settings on the System menu to view a screen like the following.
Access Point Setup
Figure 8: System Basic Settings Screen
Data - System Basic Settings Screen
Identification
Access Point
Name
Description
Country Domain
MAC Address
IP Settings
DHCP Client
Enter a suitable name for this Access Point.
If desired, you can enter a description for the Access Point.
The country or domain which is matching your current location.
The MAC address is displayed.
Select this option if you have a DHCP Server on your LAN, and you
wish the Access Point to obtain an IP address automatically.
13
Wireless Access Point User Guide
Fixed IP Address
DHCP Server
Wins Server
Name/IP Address
TimeZone
TimeZone
If selected, the following data must be entered.
x IP Address - The IP Address of this device. Enter an unused IP
address from the address range on your LAN.
x Subnet Mask - The Network Mask associated with the IP Address
above. Enter the value used by other devices on your LAN.
x Gateway - The IP Address of your Gateway or Router. Enter the
value used by other devices on your LAN.
x DNS - Enter the DNS (Domain Name Server) used by PCs on
your LAN.
x If Enabled, the Access Point will allocate IP Addresses to PCs
(DHCP clients) on your LAN when they start up. The default (and
recommended) value is Enabled.
x The Start IP Address and Finish IP Address fields set the values
used by the DHCP server when allocating IP Addresses to DHCP
clients. This range also determines the number of DHCP clients
supported.
Enter the server name or IP address of the Wins Server.
Choose the Time Zone for your location from the drop-down list. If
your location is currently using Daylight Saving, enable the Adjust for
Daylight Saving Time checkbox.
NTP Server
Name/IP Address
You must UNCHECK this checkbox when Daylight Saving Time
finishes.
Enter the server name or IP address of the NTP.
14
Access Point Setup
System Advanced Settings Screen
Click Advanced Settings on the System menu to view a screen like the following.
Figure 9: System Advanced Settings Screen
Data - System Advanced Settings Screen
VLAN
Enable 802.1Q
VLAN
This option is only useful if the hubs/switches on your LAN support
the VLAN standard.
15
Wireless Access Point User Guide
Native VLAN
AP Management
Enter the desired value for the Native VLAN. Default value is 1.
Define the VLAN ID used for management.
VLAN
VLAN List
Define the unique ID value (1 - 4094) for each VAP.
Network Integrality Check
Enable Network
Integrality
If enabled, the AP will disable the wireless connection if the wired
connect of AP is invalid.
Check
LLTD
Enable Link
Layer Topology
Enable this if you want to use Link Layer Topology Discovery protocol (LLTD) feature.
Discovery
STP
Enable Spanning
Enable this if you want to use this feature.
tree Protocol
802.1x Supplicant
Enable 802.1x
Supplicant
Authentication
Enable this if your network requires this AP to use 802.X authentication in order to operate.
x Authentication via MAC Address
Select this if you want to Use MAC Address for Authentication.
x Authentication via Name and Password
Select this if you want to Use name and password for Authentication.
16
Wireless Screens
There are 6 configuration screens available:
x Basic
x Virtual APs
x Radius Server Settings
x Access Control
x Advanced Settings
x WIFI Protected Setup
Basic Screen
The settings on this screen must match the settings used by Wireless Stations.
Click Basic Settings on the Wireless menu to view a screen like the following.
Access Point Setup
Figure 10:Wireless Basic Screen
Data - Wireless Basic Settings Screen
Operation
Turn Radio On
Wireless Mode
Enable this to use the wireless feature.
Select the desired option:
x Disable - select this if for some reason you do not this AP to
transmit or receive at all.
x 802.11b - if selected, only 802.11b connections are allowed.
802.11g wireless stations will only be able to connect if they are
fully backward-compatible with the 802.11b standard.
x 802.11g - only 802.11g connections are allowed. If you only have
17
Wireless Access Point User Guide
802.11g, selecting this option may provide a performance improvement over using the default setting.
x 802.11n - only 802.11n connections are allowed. If you only have
802.11n, selecting this option may provide a performance improvement over using the default setting.
x 802.11b and 802.11g - this will allow connections by both
802.11b and 802.11g wireless stations.
x 802.11n and 802.11g - this will allow connections by both
802.11n and 802.11g wireless stations.
x Mixed 802.11n/802.11g/802.11b - this is the default, and will
allow connections by 802.11n, 802.11b and 802.11g wireless stations.
Auto Channel
Scan
Channel
/Frequency
Channel Bandwidth
Extension
Sub-Channel
Operation Mode
If "Enable" is selected, the Access Point will select the best available
Channel.
If you experience interference (shown by lost connections and/or slow
data transfers) you may need to experiment with manually setting
different channels to see which is the best.
Select the desired bandwidth from the list.
Select Above or Below Primary Channel from the list.
Select the desired mode:
x Access Point - operate as a normal Access Point
x Bridge (Point-to-Point) - Bridge to a single AP. You must
provide the MAC address of the other AP in the PTP Bridge AP
MAC Address field.
x Bridge (Multi-Point) - Select this only if this AP is the "Master"
for a group of Bridge-mode APs. The other Bridge-mode APs
must be set to Point-to-Point Bridge mode, using this AP's MAC
address. They then send all traffic to this "Master".
x Wireless Client/Repeater - Act as a client or repeater for another
Access Point. If selected, you must provide Remote SSID and the
address (MAC address) of the other AP in the Remote AP MAC
Address field. In this mode, all traffic is sent to the specified AP.
x Wireless Detection - This mode will turn the access point into a
wireless Monitor. A "Rouge AP" is an Access Point which should
not be in use, and so can be considered to be providing unauthorized access to your LAN.
x No Security - If checked, then any AP operating with security
disabled is considered to be a Rogue AP.
x Not in Legal AP List - If checked, then any AP not listed in
the "Legal AP List" is considered to be a Rogue AP. If
checked, you must maintain the Legal AP List.
x Define Legal AP - Click this to open a sub-screen where you
can modify the "Legal AP List". This list must contain all
known APs, so must be kept up to date.
Remote MAC
Address
You must enter the MAC address(es) of other AP(s) in the fields.
18
Access Point Setup
Select Remote
AP
If the other AP is on-line, you can click the "Select Remote AP" button
and select from a list of available APs.
19
Wireless Access Point User Guide
Virtual AP Settings
Clicking the Virtual APs link on the Wireless menu will result in a screen like the following.
Figure 11: Virtual AP Settings
Data - Virtual AP Settings Screen
VAPs
VAP List
Enable Button
Configure Button
Disable Button
Isolation
Isolate all Virtual APs
from each other
All available VAPs are listed. For each VAP, the following data
is displayed:
x *
If displayed before the name of the VAP, this indicates
the VAP is currently enabled. If not displayed, the
VAP is currently disabled.
x VAP Name
The current VAP name is displayed.
x [SSID]
The current SSID associated with this VAP.
x Security System
The current security system (e.g. WPA-PSK) is displayed.
Enable the selected VAP.
Change the settings for the selected VAP.
Disable the selected VAP.
If this option is enabled, wireless clients using different VAPs
(different SSIDs) are isolated from each other, so they will
NOT be able to communicate with each other. They will still be
able to communicate with other clients using the same profile,
unless the "Wireless Separation" setting on the "Advanced"
screen has been enabled.
20
Access Point Setup
Virtual AP Screen
This screen is displayed when you select a VAP on the Virtual AP Settings screen, and click
the Configure button.
Figure 12: Virtual AP Screen
VAP Data
Enter the desired settings for each of the following:
VAP Name
SSID
Broadcast SSID
Isolation within
VAP
Enter a suitable name for this VAP.
Enter the desired SSID. Each VAP must have a unique SSID.
If Disabled, no SSID is broadcast.
If enabled, the SSID will then be broadcast to all Wireless Stations.
Stations which have no SSID (or a "null" value) can then adopt the
correct SSID for connections to this Access Point.
If enabled, then each Wireless station using the Access Point is
invisible to other Wireless stations. In most business stations, this
setting should be Disabled.
Security Settings
Select the desired option, and then enter the settings for the selected method.
The available options are:
x None - No security is used. Anyone using the correct SSID can connect to your network.
x WEP - The 802.11b standard. Data is encrypted before transmission, but the encryption
system is not very strong.
x WPA-PSK - Like WEP, data is encrypted before transmission. WPA is more secure than
WEP, and should be used if possible. The PSK (Pre-shared Key) must be entered on each
Wireless station. The 256Bit encryption key is derived from the PSK, and changes frequently.
21
Wireless Access Point User Guide
x WPA2-PSK - This is a further development of WPA-PSK, and offers even greater secu-
rity, using the AES (Advanced Encryption Standard) method of encryption.
x WPA-PSK and WPA2-PSK - This method, sometimes called "Mixed Mode", allows
clients to use EITHER WPA-PSK (with TKIP) OR WPA2-PSK (with AES).
x WPA with Radius - This version of WPA requires a Radius Server on your LAN to
provide the client authentication according to the 802.1x standard. Data transmissions are
encrypted using the WPA standard.
If this option is selected:
x This Access Point must have a "client login" on the Radius Server.
x Each user must have a "user login" on the Radius Server.
x Each user's wireless client must support 802.1x and provide the login data when re-
quired.
x All data transmission is encrypted using the WPA standard. Keys are automatically
generated, so no key input is required.
x WPA2 with Radius - This version of WPA2 requires a Radius Server on your LAN to
provide the client authentication according to the 802.1x standard. Data transmissions are
encrypted using the WPA2 standard.
If this option is selected:
x This Access Point must have a "client login" on the Radius Server.
x Each user must authenticate on the Radius Server. This is usually done using digital
certificates.
x Each user's wireless client must support 802.1x and provide the Radius authentication
data when required.
x All data transmission is encrypted using the WPA2 standard. Keys are automatically
generated, so no key input is required.
x WPA and WPA2 with Radius - EITHER WPA or WPA2 require a Radius Server on
your LAN to provide the client authentication according to the 802.1x standard. Data
transmissions are encrypted using EITHER WPA or WPA2 standard.
If this option is selected:
x This Access Point must have a "client login" on the Radius Server.
x Each user must authenticate on the Radius Server. This is usually done using digital
certificates.
x Each user's wireless client must support 802.1x and provide the Radius authentication
data when required.
x All data transmission is encrypted using EITHER WPA or WPA2 standard. Keys are
automatically generated, so no key input is required.
x 802.1x - This uses the 802.1x standard for client authentication, and WEP for data encryp-
tion.
If this option is selected:
x This Access Point must have a "client login" on the Radius Server.
x Each user must have a "user login" on the Radius Server.
x Each user's wireless client must support 802.1x and provide the login data when re-
quired.
x All data transmission is encrypted using the WEP standard. You only have to select
the WEP key size; the WEP key is automatically generated.
22
Access Point Setup
Security Settings - None
Figure 13: Wireless Security - None
No security is used. Anyone using the correct SSID can connect to your network.
Security Settings - WEP
This is the 802.11b standard. Data is encrypted before transmission, but the encryption system
is not very strong.
Figure 14: WEP Wireless Security Screen
23
Wireless Access Point User Guide
Data - WEP Screen
WEP
Data
Encryption
Authentication
Key Input
Key Value
Passphrase
Select the desired option, and ensure your Wireless stations have the
same setting:
x 64 Bit Encryption - Keys are 10 Hex (5 ASCII) characters.
x 128 Bit Encryption - Keys are 26 Hex (13 ASCII) characters.
x 152 Bit Encryption - Keys are 32 Hex (16 ASCII) characters.
Normally, you can leave this at “Automatic”, so that Wireless Stations
can use either method ("Open System" or "Shared Key".).
If you wish to use a particular method, select the appropriate value "Open System" or "Shared Key". All Wireless stations must then be set
to use the same method.
Select "Hex" or "ASCII" depending on your input method. (All keys
are converted to Hex, ASCII input is only for convenience.)
Enter the key values you wish to use. The default key, selected by the
radio button, is required. The other keys are optional. Other stations
must have matching key values.
Use this to generate a key or keys, instead of entering them directly.
Enter a word or group of printable characters in the Passphrase box
and click the "Generate Key" button to automatically configure the
WEP Key(s).
24
Access Point Setup
Security Settings - WPA-PSK
Like WEP, data is encrypted before transmission. WPA is more secure than WEP, and should
be used if possible. The PSK (Pre-shared Key) must be entered on each Wireless station. The
256Bit encryption key is derived from the PSK, and changes frequently.
Figure 15: WPA-PSK Wireless Security Screen
Data - WPA-PSK Screen
WPA-PSK
Network Key
WPA Encryption
Group Key Update
Key Lifetime
Update Group key
when any membership
terminates
Enter the key value. Data is encrypted using a 256Bit key derived
from this key. Other Wireless Stations must use the same key.
The encryption method is TKIP. Wireless Stations must also use
TKIP.
This refers to the key used for broadcast transmissions. Enable
this if you want the keys to be updated regularly.
This field determines how often the Group key is dynamically
updated. Enter the desired value.
If enabled, the Group key will be updated whenever any member
leaves the group or disassociates from the Access Point.
25
Wireless Access Point User Guide
Security Settings - WPA2-PSK
This is a further development of WPA-PSK, and offers even greater security, using the AES
(Advanced Encryption Standard) method of encryption.
Figure 16: WPA2-PSK Wireless Security Screen
Data - WPA2-PSK Screen
WPA2-PSK
Network Key
WPA Encryption
Group Key Update
Key Lifetime
Update Group key
when any membership
terminates
Enter the key value. Data is encrypted using a 256Bit key derived
from this key. Other Wireless Stations must use the same key.
The encryption method is AES. Wireless Stations must also use
AES.
This refers to the key used for broadcast transmissions. Enable
this if you want the keys to be updated regularly.
This field determines how often the Group key is dynamically
updated. Enter the desired value.
If enabled, the Group key will be updated whenever any member
leaves the group or disassociates from the Access Point.
26
Access Point Setup
Security Settings - WPA-PSK and WPA2-PSK
This method, sometimes called "Mixed Mode", allows clients to use EITHER WPA-PSK (with
TKIP) OR WPA2-PSK (with AES).
Figure 17: WPA-PSK and WPA2-PSK Wireless Security Screen
Data - WPA-PSK and WPA2-PSK Screen
WPA-PSK and WPA2-PSK
Network Key
WPA Encryption
Group Key Update
Key Lifetime
Update Group key
when any membership
terminates
Enter the key value. Data is encrypted using this key. Other
Wireless Stations must use the same key.
The encryption method is TKIP for WPA-PSK, and AES for
WPA2-PSK.
This refers to the key used for broadcast transmissions. Enable
this if you want the keys to be updated regularly.
This field determines how often the Group key is dynamically
updated. Enter the desired value.
If enabled, the Group key will be updated whenever any member
leaves the group or disassociates from the Access Point.
27
Loading...