Zyxel NWA-3100 user manual

NWA-3100
802.11a/b/g Wireless Access Point

User’s Guide

Version 3.60 10/2006 Edition 1
www.zyxel.com
About This User's Guide
Intended Audience
This manual is intended for people who want to configure the ZyXEL Device using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology.
Related Documentation
• Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains
information on setting up your network and configuring for Internet access.
• Supporting Disk Refer to the included CD for support documents.
• ZyXEL Web Site Please refer to www.zyxel.com
certifications.
for additional support documentation and product
User Guide Feedback
Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead. Thank you!
The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan.
E-mail: techwriters@zyxel.com.tw
ZyXEL NWA-3100 User’s Guide
3

Document Conventions

Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this User’s Guide.
1 Warnings tell you about things that could harm you or your device.
" Notes tell you other important information (for example, other things you may
need to configure or helpful tips) or recommendations.
Syntax Conventions
• The NWA-3100 may be referred to as the “ZyXEL Device”, the “device”, the “product” or the “system” in this User’s Guide.
• Product labels, screen names, field labels and field choices are all in bold font.
• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER] means the “enter” or “return” key on your keyboard.
• “Enter” means for you to type one or more characters and then press the [ENTER] key. “Select” or “choose” means for you to use one of the predefined choices.
• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Maintenance > Log > Log Setting means you first click Maintenance in the navigation panel, then the Log sub menu and finally the Log Setting tab to get to that screen.
• Units of measurement may denote the “metric” value or the “scientific” value. For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on.
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
4
ZyXEL NWA-3100 User’s Guide
Document Conventions
Icons Used in Figures
Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is not an exact representation of your device.
ZyXEL Device Computer Notebook computer
Server DSLAM Firewall
Telephone Switch Router
ZyXEL NWA-3100 User’s Guide
5

Safety Warnings

Safety Warnings
1 For your safety, be sure to read and follow all warning notices and instructions.
• Do NOT use this device near water, for example, in a wet basement or near a swimming pool.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT store things on the device.
• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning.
• Connect ONLY suitable accessories to the device.
• ONLY qualified service personnel should service or disassemble this device.
• Make sure to connect the cables to the correct ports.
• Place connecting cables carefully so that no one will step on them or stumble over them.
• Always disconnect all cables from this device before servicing or disassembling.
• Use ONLY an appropriate power adaptor or cord for your device.
• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe).
• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the device where anyone can walk on the power adaptor or cord.
• Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution.
• If the power adaptor or cord is damaged, remove it from the power outlet.
• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.
• Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning.
• Antenna Warning! This device meets ETSI and FCC certification requirements when using the included antenna(s). Only use the included antenna(s).
• If you wall mount your device, make sure that no electrical lines, gas or water pipes will be damaged.
• The PoE (Power over Ethernet) devices that supply or receive power and their connected Ethernet cables must all be completely indoors.
• Fuse Warning! Replace a fuse only with a fuse of the same type and rating.
6
This product is recyclable. Dispose of it properly.
ZyXEL NWA-3100 User’s Guide
Safety Warnings
ZyXEL NWA-3100 User’s Guide
7
Safety Warnings
8
ZyXEL NWA-3100 User’s Guide

Contents Overview

Contents Overview
Introduction ............................................................................................................................ 29
Introducing the ZyXEL Device ...................................................................................................31
Introducing the Web Configurator .............................................................................................. 39
Tutorial ....................................................................................................................................... 43
The Web Configurator ...........................................................................................................61
System Screens ........................................................................................................................ 63
Wireless Configuration .............................................................................................................. 67
Wireless Security Configuration ................................................................................................81
MBSSID and SSID .................................................................................................................... 97
Other Wireless Configuration .................................................................................................. 105
IP Screen ..................................................................................................................................113
Rogue AP .................................................................................................................................117
Remote Management ..............................................................................................................123
Certificates ............................................................................................................................... 133
Log Screens ............................................................................................................................ 151
VLAN ....................................................................................................................................... 157
Maintenance ............................................................................................................................ 175
SMT and Troubleshooting ...................................................................................................185
Introducing the SMT ................................................................................................................ 187
General Setup ......................................................................................................................... 191
LAN Setup ............................................................................................................................... 193
SNMP Configuration ................................................................................................................ 195
System Password .................................................................................................................... 197
System Information and Diagnosis .......................................................................................... 199
Firmware and Configuration File Maintenance ........................................................................ 205
System Maintenance and Information ..................................................................................... 217
Troubleshooting ....................................................................................................................... 223
Appendices and Index ......................................................................................................... 227
ZyXEL NWA-3100 User’s Guide
9
Contents Overview
10
ZyXEL NWA-3100 User’s Guide

Table of Contents

Table of Contents
About This User's Guide ..........................................................................................................3
Document Conventions............................................................................................................4
Safety Warnings........................................................................................................................6
Contents Overview ...................................................................................................................9
Table of Contents.................................................................................................................... 11
List of Figures ......................................................................................................................... 19
List of Tables...........................................................................................................................25
Part I: Introduction................................................................................. 29
Chapter 1
Introducing the ZyXEL Device...............................................................................................31
1.1 Introducing the ZyXEL Device ............................................................................................ 31
1.2 Applications for the ZyXEL Device ...................................................................................... 31
1.2.1 Access Point .............................................................................................................. 31
1.2.2 AP + Bridge ................................................................................................................ 32
1.2.3 Bridge / Repeater ....................................................................................................... 33
1.2.4 MBSSID ..................................................................................................................... 35
1.2.5 Pre-Configured SSID Profiles .................................................................................... 36
1.3 Ways to Manage the ZyXEL Device .................................................................................... 36
1.4 Good Habits for Managing the ZyXEL Device ..................................................................... 36
1.5 LEDs .................................................................................................................................... 37
Chapter 2
Introducing the Web Configurator ........................................................................................ 39
2.1 Accessing the Web Configurator ......................................................................................... 39
2.2 Resetting the ZyXEL Device ................................................................................................ 40
2.2.1 Methods of Restoring Factory-Defaults ...................................................................... 41
2.3 Navigating the Web Configurator ......................................................................................... 41
Chapter 3
Tutorial ..................................................................................................................................... 43
3.1 How to Configure Multiple Wireless Networks ..................................................................... 43
ZyXEL NWA-3100 User’s Guide
11
Table of Contents
3.1.1 Change the Operating Mode ...................................................................................... 44
3.1.2 Configure the VoIP Network ....................................................................................... 46
3.1.2.1 Set Up Security for the VoIP Profile .................................................................. 47
3.1.2.2 Activate the VoIP Profile ................................................................................... 49
3.1.3 Configure the Guest Network ..................................................................................... 49
3.1.3.1 Set Up Security for the Guest Profile ................................................................ 50
3.1.3.2 Set up Layer 2 Isolation .................................................................................... 51
3.1.3.3 Activate the Guest Profile ................................................................................. 51
3.1.4 Testing the Wireless Networks ................................................................................... 52
3.2 How to Set Up and Use Rogue AP Detection ..................................................................... 52
3.2.1 Set Up and Save a Friendly AP list ............................................................................ 54
3.2.2 Activate Periodic Rogue AP Detection ....................................................................... 56
3.2.3 Set Up E-mail Logs .................................................................................................... 57
3.2.4 Configure Your Other Access Points .......................................................................... 58
3.2.5 Test the Setup ............................................................................................................ 58
Part II: The Web Configurator ............................................................... 61
Chapter 4
System Screens ...................................................................................................................... 63
4.1 System Overview ................................................................................................................. 63
4.2 Configuring General Setup ..................................................................................................63
4.3 Configuring Password ......................................................................................................... 64
4.4 Configuring Time Setting ..................................................................................................... 65
Chapter 5
Wireless Configuration........................................................................................................... 67
5.1 Wireless LAN Overview ....................................................................................................... 67
5.1.1 BSS ............................................................................................................................ 67
5.1.2 ESS ............................................................................................................................ 68
5.2 Wireless LAN Basics ........................................................................................................... 68
5.3 Quality of Service ................................................................................................................ 69
5.3.1 WMM QoS ..................................................................................................................69
5.3.1.1 WMM QoS Priorities ......................................................................................... 69
5.3.2 ATC ............................................................................................................................ 69
5.3.3 ATC+WMM ................................................................................................................. 70
5.3.3.1 ATC+WMM from LAN to WLAN ........................................................................ 70
5.3.3.2 ATC+WMM from WLAN to LAN ........................................................................ 71
5.3.4 Type Of Service (ToS) ................................................................................................ 71
5.3.4.1 DiffServ ............................................................................................................. 71
5.3.4.2 DSCP and Per-Hop Behavior ........................................................................... 71
12
ZyXEL NWA-3100 User’s Guide
Table of Contents
5.3.5 ToS (Type of Service) and WMM QoS ....................................................................... 72
5.4 Spanning Tree Protocol (STP) ............................................................................................. 72
5.4.1 Rapid STP .................................................................................................................. 72
5.4.2 STP Terminology ........................................................................................................ 73
5.4.3 How STP Works ......................................................................................................... 73
5.4.4 STP Port States ..........................................................................................................73
5.5 Wireless Screen Overview .................................................................................................. 74
5.6 Configuring Wireless Settings ............................................................................................. 74
5.6.1 Access Point Mode .................................................................................................... 74
5.6.2 Bridge/Repeater Mode ............................................................................................... 76
5.6.3 AP+Bridge Mode ........................................................................................................ 80
5.6.4 MBSSID Mode ........................................................................................................... 80
Chapter 6
Wireless Security Configuration ........................................................................................... 81
6.1 Wireless Security Overview .................................................................................................81
6.1.1 Encryption .................................................................................................................. 81
6.1.2 Restricted Access ...................................................................................................... 81
6.1.3 Hide Identity ............................................................................................................... 81
6.1.4 WEP Encryption ......................................................................................................... 81
6.2 802.1x Overview .................................................................................................................. 82
6.3 EAP Authentication Overview .............................................................................................. 82
6.4 Introduction to WPA ............................................................................................................. 82
6.4.1 User Authentication ................................................................................................... 83
6.4.2 Encryption ................................................................................................................. 83
6.4.3 WPA(2)-PSK Application Example ............................................................................. 84
6.5 WPA(2) with RADIUS Application Example ......................................................................... 84
6.6 Security Modes .................................................................................................................... 85
6.7 Wireless Client WPA Supplicants ........................................................................................ 86
6.8 Wireless Security Effectiveness ........................................................................................... 86
6.9 Configuring Security ............................................................................................................ 86
6.9.1 Security: WEP ............................................................................................................87
6.9.2 Security: 802.1x Only ................................................................................................. 88
6.9.3 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ................................................... 89
6.9.4 Security: WPA ............................................................................................................91
6.9.5 Security: WPA2 or WPA2-MIX .................................................................................... 92
6.9.6 Security: WPA-PSK, WPA2-PSK, WPA2-PSK-MIX .................................................... 93
6.10 Introduction to RADIUS ..................................................................................................... 95
6.11 Configuring RADIUS .......................................................................................................... 95
Chapter 7
MBSSID and SSID ................................................................................................................... 97
7.1 Wireless LAN Infrastructures ...............................................................................................97
ZyXEL NWA-3100 User’s Guide
13
Table of Contents
7.1.1 MBSSID ..................................................................................................................... 97
7.1.2 Notes on Multiple BSS ............................................................................................... 97
7.1.3 Multiple BSS Example ................................................................................................ 97
7.1.4 Multiple BSS with VLAN Example .............................................................................. 97
7.1.5 Configuring Multiple BSSs ......................................................................................... 98
7.2 SSID .................................................................................................................................. 100
7.2.1 The SSID Screen ..................................................................................................... 100
7.2.2 Configuring SSID ..................................................................................................... 101
Chapter 8
Other Wireless Configuration..............................................................................................105
8.1 Layer-2 Isolation Introduction ............................................................................................ 105
8.2 Configuring Layer-2 Isolation ............................................................................................. 106
8.2.1 Layer-2 Isolation Examples ...................................................................................... 107
8.2.1.1 Layer-2 Isolation Example 1 ........................................................................... 108
8.2.1.2 Layer-2 Isolation Example 2 ........................................................................... 108
8.3 Configuring MAC Filter ...................................................................................................... 109
8.4 Configuring Roaming ......................................................................................................... . 111
8.4.1 Requirements for Roaming .......................................................................................112
Chapter 9
IP Screen................................................................................................................................ 113
9.1 Factory Ethernet Defaults ...................................................................................................113
9.2 TCP/IP Parameters ............................................................................................................113
9.2.1 WAN IP Address Assignment ....................................................................................113
9.3 Configuring IP .....................................................................................................................114
Chapter 10
Rogue AP............................................................................................................................... 117
10.1 Rogue AP Introduction .....................................................................................................117
10.2 Rogue AP Examples ........................................................................................................117
10.2.1 “Honeypot” Attack ...................................................................................................118
10.3 Configuring Rogue AP Detection ......................................................................................119
10.3.1 Rogue AP: Configuration ........................................................................................119
10.3.2 Rogue AP: Friendly AP .......................................................................................... 120
10.3.3 Rogue AP List ........................................................................................................ 121
Chapter 11
Remote Management............................................................................................................ 123
14
11.1 Remote Management Overview ...................................................................................... 123
11.1.1 Remote Management Limitations ........................................................................... 124
11.1.2 System Timeout ...................................................................................................... 124
11.2 SSH .................................................................................................................................. 124
ZyXEL NWA-3100 User’s Guide
Table of Contents
11.3 Telnet ............................................................................................................................. 124
11.4 Configuring FTP ............................................................................................................... 125
11.5 Configuring WWW ...........................................................................................................126
11.6 SNMP ............................................................................................................................... 128
11.6.1 Supported MIBs ...................................................................................................... 129
11.6.2 SNMP Traps ........................................................................................................... 129
11.7 SNMP Traps .................................................................................................................... 130
11.7.1 Configuring SNMP .................................................................................................. 130
Chapter 12
Certificates ............................................................................................................................133
12.1 Certificates Overview ....................................................................................................... 133
12.1.1 Advantages of Certificates ..................................................................................... 134
12.2 Self-signed Certificates .................................................................................................... 134
12.3 Verifying a Certificate ....................................................................................................... 134
12.3.1 Checking the Fingerprint of a Certificate on Your Computer .................................. 134
12.4 Configuration Summary ................................................................................................... 135
12.5 My Certificates ................................................................................................................. 135
12.6 Certificate File Formats .................................................................................................... 137
12.7 Importing a Certificate ..................................................................................................... 138
12.8 Creating a Certificate ....................................................................................................... 139
12.9 My Certificate Details ....................................................................................................... 141
12.10 Trusted CAs ................................................................................................................... 144
12.11 Importing a Trusted CA’s Certificate .............................................................................. 145
12.12 Trusted CA Certificate Details ....................................................................................... 146
Chapter 13
Log Screens ..........................................................................................................................151
13.1 Configuring View Log ....................................................................................................... 151
13.2 Configuring Log Settings ................................................................................................. 152
13.3 Example Log Messages .................................................................................................. 154
13.4 Log Commands ............................................................................................................... 155
13.4.1 Configuring What You Want the ZyXEL Device to Log .......................................... 155
13.4.2 Displaying Logs ...................................................................................................... 156
13.5 Log Command Example .................................................................................................. 156
Chapter 14
VLAN ...................................................................................................................................... 157
14.1 VLAN ............................................................................................................................... 157
14.1.1 Management VLAN ID ........................................................................................... 157
14.1.2 VLAN Tagging ........................................................................................................ 157
14.2 Configuring VLAN ............................................................................................................ 158
14.2.1 Wireless VLAN ....................................................................................................... 158
ZyXEL NWA-3100 User’s Guide
15
Table of Contents
14.2.2 RADIUS VLAN ....................................................................................................... 160
14.2.3 Configuring Management VLAN Example ............................................................. 161
14.2.4 Configuring Microsoft’s IAS Server Example ......................................................... 164
14.2.4.1 Configuring VLAN Groups ............................................................................ 164
14.2.4.2 Configuring Remote Access Policies ............................................................ 165
14.2.5 Second Rx VLAN ID Example ................................................................................ 172
14.2.5.1 Second Rx VLAN Setup Example ................................................................ 172
Chapter 15
Maintenance .......................................................................................................................... 175
15.1 Maintenance Overview .................................................................................................... 175
15.2 System Status Screen ..................................................................................................... 175
15.2.1 System Statistics .................................................................................................... 176
15.3 Association List ................................................................................................................ 177
15.4 Channel Usage ................................................................................................................ 178
15.5 F/W Upload Screen .........................................................................................................178
15.6 Configuration Screen ....................................................................................................... 180
15.6.1 Backup Configuration ............................................................................................. 181
15.6.2 Restore Configuration ........................................................................................... 181
15.6.3 Back to Factory Defaults ........................................................................................ 182
15.7 Restart Screen ................................................................................................................. 183
Part III: SMT and Troubleshooting...................................................... 185
Chapter 16
Introducing the SMT .............................................................................................................187
16.1 Connect to your ZyXEL Device Using Telnet ................................................................... 187
16.2 Changing the System Password ..................................................................................... 187
16.3 SMT Menu Overview Example ........................................................................................ 188
16.4 Navigating the SMT Interface .......................................................................................... 188
16.4.1 System Management Terminal Interface Summary ............................................... 190
Chapter 17
General Setup........................................................................................................................ 191
17.1 General Setup ................................................................................................................. 191
17.1.1 Procedure To Configure Menu 1 ............................................................................ 191
Chapter 18
LAN Setup.............................................................................................................................. 193
18.1 LAN Setup ....................................................................................................................... 193
18.2 TCP/IP Ethernet Setup .................................................................................................... 193
16
ZyXEL NWA-3100 User’s Guide
Table of Contents
Chapter 19
SNMP Configuration.............................................................................................................195
19.1 SNMP Configuration ........................................................................................................195
Chapter 20
System Password .................................................................................................................197
20.1 System Password ............................................................................................................ 197
Chapter 21
System Information and Diagnosis..................................................................................... 199
21.1 System Status .................................................................................................................. 199
21.2 System Information .......................................................................................................... 200
21.2.1 System Information ................................................................................................ 201
21.2.2 Console Port Speed ............................................................................................... 202
21.3 Log and Trace .................................................................................................................. 202
21.3.1 Viewing Error Log ................................................................................................... 202
21.4 Diagnostic ........................................................................................................................ 203
Chapter 22
Firmware and Configuration File Maintenance..................................................................205
22.1 Filename Conventions ..................................................................................................... 205
22.2 Backup Configuration ......................................................................................................206
22.2.1 Backup Configuration Using FTP ........................................................................... 206
22.2.2 Using the FTP command from the DOS Prompt .................................................... 207
22.2.3 Backup Configuration Using TFTP ......................................................................... 207
22.2.4 Example: TFTP Command ..................................................................................... 208
22.2.5 Backup Via Console Port ....................................................................................... 209
22.3 Restore Configuration ..................................................................................................... 210
22.3.1 Restore Using FTP ................................................................................................. 210
22.4 Uploading Firmware and Configuration Files .................................................................. 210
22.4.1 Firmware Upload .....................................................................................................211
22.4.2 Configuration File Upload ........................................................................................211
22.4.3 Using the FTP command from the DOS Prompt Example ..................................... 212
22.4.4 TFTP File Upload ................................................................................................... 213
22.4.5 Example: TFTP Command ..................................................................................... 213
22.4.6 Uploading Via Console Port ................................................................................... 213
22.4.7 Uploading Firmware File Via Console Port ............................................................ 214
22.4.8 Example Xmodem Firmware Upload Using HyperTerminal ................................... 214
22.4.9 Uploading Configuration File Via Console Port ...................................................... 215
22.4.10 Example Xmodem Configuration Upload Using HyperTerminal ........................... 215
Chapter 23
System Maintenance and Information ................................................................................217
ZyXEL NWA-3100 User’s Guide
17
Table of Contents
23.1 Command Interpreter Mode ............................................................................................ 217
23.1.1 Command Syntax ................................................................................................... 218
23.1.2 Command Usage ................................................................................................... 218
23.1.3 Brute-Force Password Guessing Protection .......................................................... 218
23.1.3.1 Configuring Brute-Force Password Guessing Protection: Example ............. 218
23.2 Time and Date Setting .....................................................................................................219
23.2.1 Resetting the Time ................................................................................................. 220
23.3 Remote Management Setup ............................................................................................ 220
23.3.1 Telnet ...................................................................................................................... 220
23.3.2 FTP ........................................................................................................................ 220
23.3.3 Web ........................................................................................................................ 220
23.3.4 Remote Management Setup .................................................................................. 220
23.3.5 Remote Management Limitations .......................................................................... 222
23.4 System Timeout ............................................................................................................... 222
Chapter 24
Troubleshooting.................................................................................................................... 223
24.1 Power, Hardware Connections, and LEDs ...................................................................... 223
24.2 ZyXEL Device Access and Login .................................................................................... 223
24.3 Internet Access ................................................................................................................ 225
Part IV: Appendices and Index ........................................................... 227
Appendix A Product Specifications.......................................................................................229
Appendix B Setting up Your Computer’s IP Address............................................................ 233
Appendix C IP Address Assignment Conflicts......................................................................245
Appendix D Wireless LANs .................................................................................................. 249
Appendix E Indoor Installation Recommendations............................................................... 259
Appendix F Pop-up Windows, JavaScripts and Java Permissions ...................................... 261
Appendix G IP Addresses and Subnetting ...........................................................................267
Appendix H Text File Based Auto Configuration ..................................................................275
Appendix I Legal Information................................................................................................ 283
Appendix J Customer Support .............................................................................................287
Index....................................................................................................................................... 291
18
ZyXEL NWA-3100 User’s Guide

List of Figures

List of Figures
Figure 1 Access Point Application .......................................................................................................... 32
Figure 2 AP+Bridge Application ............................................................................................................. 33
Figure 3 Bridge Application .................................................................................................................... 34
Figure 4 Repeater Application ................................................................................................................ 34
Figure 5 Multiple BSSs ........................................................................................................................... 35
Figure 6 LEDs ......................................................................................................................................... 37
Figure 7 Change Password Screen ........................................................................................................ 40
Figure 8 Replace Certificate Screen ....................................................................................................... 40
Figure 9 The MAIN MENU Screen of the Web Configurator .................................................................. 41
Figure 10 Tutorial: Example MBSSID Setup .......................................................................................... 44
Figure 11 Tutorial: Wireless LAN: Before ............................................................................................... 45
Figure 12 Tutorial: Wireless LAN: Change Mode ................................................................................... 45
Figure 13 Tutorial: WIRELESS > SSID .................................................................................................. 46
Figure 14 Tutorial: VoIP SSID Profile Edit .............................................................................................. 47
Figure 15 Tutorial: VoIP Security ............................................................................................................ 48
Figure 16 Tutorial: VoIP Security Profile Edit .......................................................................................... 48
Figure 17 Tutorial: VoIP Security: Updated ............................................................................................ 49
Figure 18 Tutorial: Activate VoIP Profile ................................................................................................. 49
Figure 19 Tutorial: Guest Edit ................................................................................................................. 50
Figure 20 Tutorial: Guest Security Profile Edit ........................................................................................ 50
Figure 21 Tutorial: Guest Security: Updated .......................................................................................... 51
Figure 22 Tutorial: Layer 2 Isolation ....................................................................................................... 51
Figure 23 Tutorial: Activate Guest Profile ............................................................................................... 52
Figure 24 Tutorial: Wireless Network Example ....................................................................................... 53
Figure 25 Tutorial: Friendly AP (Before Data Entry) ............................................................................... 54
Figure 26 Tutorial: Friendly AP (After Data Entry) ................................................................................. 55
Figure 27 Tutorial: Configuration ............................................................................................................ 55
Figure 28 Tutorial: Warning .................................................................................................................... 56
Figure 29 Tutorial: Save Friendly AP list ................................................................................................ 56
Figure 30 Tutorial: Periodic Rogue AP Detection .................................................................................. 56
Figure 31 Tutorial: Log Settings .............................................................................................................. 57
Figure 32 System General Setup ........................................................................................................... 63
Figure 33 Password. ............................................................................................................................... 64
Figure 34 Time Setting ........................................................................................................................... 65
Figure 35 Basic Service set .................................................................................................................... 67
Figure 36 Extended Service Set ............................................................................................................. 68
Figure 37 DiffServ: Differentiated Service Field ...................................................................................... 72
Figure 38 Wireless: Access Point ........................................................................................................... 75
ZyXEL NWA-3100 User’s Guide
19
List of Figures
Figure 39 Bridging Example ................................................................................................................... 77
Figure 40 Bridge Loop: Two Bridges Connected to Hub ........................................................................ 77
Figure 41 Bridge Loop: Bridge Connected to Wired LAN ....................................................................... 78
Figure 42 Wireless: Bridge/Repeater ..................................................................................................... 78
Figure 43 Wireless: AP+Bridge .............................................................................................................. 80
Figure 44 EAP Authentication ................................................................................................................ 82
Figure 45 WPA(2)-PSK Authentication ................................................................................................... 84
Figure 46 WPA(2) with RADIUS Application Example ........................................................................... 85
Figure 47 Security .................................................................................................................................. 87
Figure 48 Security: WEP ........................................................................................................................ 88
Figure 49 Security: 802.1x Only ............................................................................................................ 89
Figure 50 Security: 802.1x Static 64-bit, 802.1x Static 128-bit .............................................................. 90
Figure 51 Security: WPA ....................................................................................................................... 91
Figure 52 Security:WPA2 or WPA2-MIX ................................................................................................. 92
Figure 53 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX ............................................................. 94
Figure 54 RADIUS .................................................................................................................................. 95
Figure 55 Multiple BSS with VLAN Example .......................................................................................... 98
Figure 56 Wireless: Multiple BSS ........................................................................................................... 98
Figure 57 SSID ..................................................................................................................................... 101
Figure 58 Configuring SSID .................................................................................................................. 102
Figure 59 Layer-2 Isolation Application ................................................................................................ 106
Figure 60 Layer-2 Isolation Configuration Screen ................................................................................ 107
Figure 61 Layer-2 Isolation Example .................................................................................................... 108
Figure 62 Layer-2 Isolation Example 1 ................................................................................................. 108
Figure 63 Layer-2 Isolation Example 2 ................................................................................................. 109
Figure 64 MAC Address Filter ...............................................................................................................110
Figure 65 Roaming Example .................................................................................................................111
Figure 66 Roaming ................................................................................................................................112
Figure 67 IP Setup .................................................................................................................................114
Figure 68 Rogue AP: Example .............................................................................................................118
Figure 69 “Honeypot” Attack ..................................................................................................................119
Figure 70 ROGUE AP > Configuration ................................................................................................. 120
Figure 71 ROGUE AP > Friendly AP .................................................................................................... 121
Figure 72 ROGUE AP > Rogue AP ...................................................................................................... 122
Figure 73 Secure and Insecure Remote Management ........................................................................ 123
Figure 74 SSH Communication Example ............................................................................................. 124
Figure 75 Remote Management: Telnet ............................................................................................... 125
Figure 76 Remote Management: FTP .................................................................................................. 126
Figure 77 Remote Management: WWW ...............................................................................................127
Figure 78 SNMP Management Model .................................................................................................. 128
Figure 79 Remote Management: SNMP ..............................................................................................131
Figure 80 Certificates on Your Computer ............................................................................................. 134
Figure 81 Certificate Details ................................................................................................................ 135
20
ZyXEL NWA-3100 User’s Guide
List of Figures
Figure 82 My Certificates ...................................................................................................................... 136
Figure 83 My Certificate Import ............................................................................................................ 138
Figure 84 My Certificate Create ............................................................................................................ 139
Figure 85 My Certificate Details ........................................................................................................... 142
Figure 86 Trusted CAs .......................................................................................................................... 144
Figure 87 Trusted CA Import ................................................................................................................ 146
Figure 88 Trusted CA Details ............................................................................................................... 147
Figure 89 View Log ............................................................................................................................... 151
Figure 90 Log Settings ......................................................................................................................... 152
Figure 91 WIRELESS VLAN ................................................................................................................ 159
Figure 92 RADIUS VLAN ..................................................................................................................... 160
Figure 93 Management VLAN Configuration Example ......................................................................... 162
Figure 94 VLAN-Aware Switch - Static VLAN ....................................................................................... 162
Figure 95 VLAN-Aware Switch ............................................................................................................. 162
Figure 96 VLAN-Aware Switch - VLAN Status ......................................................................................163
Figure 97 VLAN Setup .......................................................................................................................... 163
Figure 98 New Global Security Group ................................................................................................. 165
Figure 99 Add Group Members ........................................................................................................... 165
Figure 100 New Remote Access Policy for VLAN Group .................................................................... 166
Figure 101 Specifying Windows-Group Condition ................................................................................ 166
Figure 102 Adding VLAN Group .......................................................................................................... 167
Figure 103 Granting Permissions and User Profile Screens ............................................................... 167
Figure 104 Authentication Tab Settings ................................................................................................ 168
Figure 105 Encryption Tab Settings ..................................................................................................... 168
Figure 106 Connection Attributes Screen ............................................................................................ 169
Figure 107 RADIUS Attribute Screen .................................................................................................. 169
Figure 108 802 Attribute Setting for Tunnel-Medium-Type .................................................................. 170
Figure 109 VLAN ID Attribute Setting for Tunnel-Pvt-Group-ID .......................................................... 170
Figure 110 VLAN Attribute Setting for Tunnel-Type .............................................................................171
Figure 111 Completed Advanced Tab ................................................................................................... 171
Figure 112 Second Rx VLAN ID Example ............................................................................................ 172
Figure 113 Configuring SSID: Second Rx VLAN ID Example .............................................................. 173
Figure 114 System Status ..................................................................................................................... 175
Figure 115 System Status: Show Statistics ........................................................................................... 176
Figure 116 Association List ................................................................................................................... 177
Figure 117 Channel Usage ................................................................................................................... 178
Figure 118 Firmware Upload ................................................................................................................ 179
Figure 119 Firmware Upload In Process .............................................................................................. 179
Figure 120 Network Temporarily Disconnected ....................................................................................180
Figure 121 Firmware Upload Error ....................................................................................................... 180
Figure 122 Configuration ...................................................................................................................... 181
Figure 123 Configuration Upload Successful ....................................................................................... 182
Figure 124 Network Temporarily Disconnected ....................................................................................182
ZyXEL NWA-3100 User’s Guide
21
List of Figures
Figure 125 Configuration Upload Error ................................................................................................. 182
Figure 126 Reset Warning Message .................................................................................................... 183
Figure 127 Restart Screen ................................................................................................................... 183
Figure 128 Login Screen ...................................................................................................................... 187
Figure 129 Menu 23 System Password ................................................................................................ 187
Figure 130 SMT Main Menu ................................................................................................................. 189
Figure 131 Menu 1 General Setup ....................................................................................................... 191
Figure 132 Menu 3 LAN Setup ............................................................................................................ 193
Figure 133 Menu 3.2 TCP/IP Setup ..................................................................................................... 193
Figure 134 Menu 22 SNMP Configuration ............................................................................................ 195
Figure 135 Menu 23 System Password ................................................................................................ 197
Figure 136 Menu 24 System Maintenance ........................................................................................... 199
Figure 137 Menu 24.1 System Maintenance: Status ............................................................................ 200
Figure 138 Menu 24.2 System Information and Console Port Speed .................................................. 201
Figure 139 Menu 24.2.1 System Information: Information ................................................................... 201
Figure 140 Menu 24.2.2 System Maintenance: Change Console Port Speed ..................................... 202
Figure 141 Menu 24.3 System Maintenance: Log and Trace ............................................................... 203
Figure 142 Sample Error and Information Messages ........................................................................... 203
Figure 143 Menu 24.4 System Maintenance: Diagnostic ..................................................................... 203
Figure 144 Menu 24.5 Backup Configuration ....................................................................................... 206
Figure 145 FTP Session Example ........................................................................................................ 207
Figure 146 System Maintenance: Backup Configuration ..................................................................... 209
Figure 147 System Maintenance: Starting Xmodem Download Screen ............................................... 209
Figure 148 Backup Configuration Example .......................................................................................... 209
Figure 149 Successful Backup Confirmation Screen ........................................................................... 209
Figure 150 Menu 24.6 Restore Configuration ...................................................................................... 210
Figure 151 Menu 24.7 System Maintenance: Upload Firmware ...........................................................211
Figure 152 Menu 24.7.1 System Maintenance: Upload System Firmware ...........................................211
Figure 153 Menu 24.7.2 System Maintenance: Upload System Configuration File ............................. 212
Figure 154 FTP Session Example ........................................................................................................ 212
Figure 155 Menu 24.7.1 as seen using the Console Port .................................................................... 214
Figure 156 Example Xmodem Upload .................................................................................................. 214
Figure 157 Menu 24.7.2 as seen using the Console Port ................................................................... 215
Figure 158 Example Xmodem Upload .................................................................................................. 215
Figure 159 Menu 24 System Maintenance ........................................................................................... 217
Figure 160 Valid CI Commands ............................................................................................................ 218
Figure 161 Menu 24.10 System Maintenance: Time and Date Setting ................................................ 219
Figure 162 Menu 24.11 Remote Management Control ........................................................................ 221
Figure 163 WIndows 95/98/Me: Network: Configuration ...................................................................... 234
Figure 164 Windows 95/98/Me: TCP/IP Properties: IP Address .......................................................... 235
Figure 165 Windows 95/98/Me: TCP/IP Properties: DNS Configuration .............................................. 236
Figure 166 Windows XP: Start Menu .................................................................................................... 237
Figure 167 Windows XP: Control Panel ............................................................................................... 237
22
ZyXEL NWA-3100 User’s Guide
List of Figures
Figure 168 Windows XP: Control Panel: Network Connections: Properties ......................................... 238
Figure 169 Windows XP: Local Area Connection Properties ............................................................... 238
Figure 170 Windows XP: Advanced TCP/IP Settings .......................................................................... 239
Figure 171 Windows XP: Internet Protocol (TCP/IP) Properties .......................................................... 240
Figure 172 Macintosh OS 8/9: Apple Menu .......................................................................................... 241
Figure 173 Macintosh OS 8/9: TCP/IP ................................................................................................. 241
Figure 174 Macintosh OS X: Apple Menu ............................................................................................ 242
Figure 175 Macintosh OS X: Network .................................................................................................. 243
Figure 176 IP Address Conflicts: Case A ............................................................................................. 245
Figure 177 IP Address Conflicts: Case B ............................................................................................. 246
Figure 178 IP Address Conflicts: Case C ............................................................................................. 246
Figure 179 IP Address Conflicts: Case D ............................................................................................. 247
Figure 180 Peer-to-Peer Communication in an Ad-hoc Network ......................................................... 249
Figure 181 Basic Service Set ............................................................................................................... 250
Figure 182 Infrastructure WLAN ........................................................................................................... 251
Figure 183 RTS/CTS ............................................................................................................................ 252
Figure 184 Pop-up Blocker ................................................................................................................... 261
Figure 185 Internet Options: Privacy .................................................................................................... 262
Figure 186 Internet Options: Privacy .................................................................................................... 263
Figure 187 Pop-up Blocker Settings ..................................................................................................... 263
Figure 188 Internet Options: Security ................................................................................................... 264
Figure 189 Security Settings - Java Scripting ....................................................................................... 265
Figure 190 Security Settings - Java ...................................................................................................... 265
Figure 191 Java (Sun) .......................................................................................................................... 266
Figure 192 Network Number and Host ID ............................................................................................ 268
Figure 193 Subnetting Example: Before Subnetting ............................................................................ 270
Figure 194 Subnetting Example: After Subnetting ............................................................................... 271
Figure 195 Text File Based Auto Configuration .................................................................................... 275
Figure 196 Configuration File Format ................................................................................................... 277
Figure 197 WEP Configuration File Example ....................................................................................... 278
Figure 198 802.1X Configuration File Example .................................................................................... 279
Figure 199 WPA-PSK Configuration File Example ............................................................................... 279
Figure 200 WPA Configuration File Example ....................................................................................... 280
Figure 201 wlan Configuration File Example ........................................................................................ 281
ZyXEL NWA-3100 User’s Guide
23
List of Figures
24
ZyXEL NWA-3100 User’s Guide

List of Tables

List of Tables
Table 1 LEDs ......................................................................................................................................... 37
Table 2 Tutorial: Example Information ................................................................................................... 44
Table 3 Tutorial: Rogue AP Example Information .................................................................................. 53
Table 4 Tutorial: Friendly AP Information ............................................................................................... 54
Table 5 System General Setup .............................................................................................................. 63
Table 6 Password .................................................................................................................................. 64
Table 7 Time Setting .............................................................................................................................. 65
Table 8 WMM QoS Priorities ................................................................................................................. 69
Table 9 Typical Packet Sizes ................................................................................................................. 70
Table 10 Automatic Traffic Classifier Priorities ...................................................................................... 70
Table 11 ATC + WMM Priority Assignment (LAN to WLAN) .................................................................. 71
Table 12 ATC + WMM Priority Assignment (WLAN to LAN) .................................................................. 71
Table 13 ToS and IEEE 802.1d to WMM QoS Priority Level Mapping .................................................. 72
Table 14 STP Path Costs ...................................................................................................................... 73
Table 15 STP Port States ...................................................................................................................... 73
Table 16 Wireless: Access Point ........................................................................................................... 75
Table 17 Wireless: Bridge/Repeater ...................................................................................................... 79
Table 18 Security Modes ....................................................................................................................... 85
Table 19 Wireless Security Levels ......................................................................................................... 86
Table 20 Security ................................................................................................................................... 87
Table 21 Security: WEP ......................................................................................................................... 88
Table 22 Security: 802.1x Only .............................................................................................................. 89
Table 23 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ................................................................90
Table 24 Security: WPA ......................................................................................................................... 91
Table 25 Security: WPA2 or WPA2-MIX ................................................................................................ 92
Table 26 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX ............................................................. 94
Table 27 RADIUS .................................................................................................................................. 95
Table 28 Wireless: Multiple BSS ............................................................................................................ 99
Table 29 SSID ...................................................................................................................................... 101
Table 30 Configuring SSID .................................................................................................................. 102
Table 31 Layer-2 Isolation Configuration ............................................................................................. 107
Table 32 MAC Address Filter ................................................................................................................110
Table 33 Private IP Address Ranges ....................................................................................................113
Table 34 IP Setup .................................................................................................................................114
Table 35 ROGUE AP > Configuration .................................................................................................. 120
Table 36 ROGUE AP > Friendly AP .................................................................................................... 121
Table 37 ROGUE AP > Rogue AP ....................................................................................................... 122
Table 38 Remote Management Overview ...........................................................................................123
ZyXEL NWA-3100 User’s Guide
25
List of Tables
Table 39 Remote Management: Telnet ................................................................................................ 125
Table 40 Remote Management: FTP ................................................................................................... 126
Table 41 Remote Management: WWW ...............................................................................................127
Table 42 SNMP Traps .......................................................................................................................... 129
Table 43 SNMP Interface Index to Physical Port Mapping .................................................................. 130
Table 44 Remote Management: SNMP ............................................................................................... 131
Table 45 My Certificates ...................................................................................................................... 136
Table 46 My Certificate Import ............................................................................................................. 138
Table 47 My Certificate Create ............................................................................................................ 139
Table 48 My Certificate Details ............................................................................................................ 142
Table 49 Trusted CAs .......................................................................................................................... 145
Table 50 Trusted CA Import ................................................................................................................. 146
Table 51 Trusted CA Details ................................................................................................................ 147
Table 52 View Log ............................................................................................................................... 151
Table 53 Log Settings .......................................................................................................................... 153
Table 54 System Maintenance Logs .................................................................................................... 154
Table 55 ICMP Notes ........................................................................................................................... 154
Table 56 Sys log .................................................................................................................................. 155
Table 57 Log Categories and Available Settings ................................................................................. 155
Table 58 WIRELESS VLAN ................................................................................................................. 159
Table 59 RADIUS VLAN ...................................................................................................................... 161
Table 60 Standard RADIUS Attributes ................................................................................................. 164
Table 61 System Status ....................................................................................................................... 175
Table 62 System Status: Show Statistics ............................................................................................. 176
Table 63 Association List ..................................................................................................................... 177
Table 64 Channel Usage ..................................................................................................................... 178
Table 65 Firmware Upload ................................................................................................................... 179
Table 66 Restore Configuration ........................................................................................................... 181
Table 67 SMT Menus Overview ........................................................................................................... 188
Table 68 Main Menu Commands ......................................................................................................... 189
Table 69 Main Menu Summary ............................................................................................................ 190
Table 70 Menu 1 General Setup .......................................................................................................... 191
Table 71 Menu 3.2 TCP/IP Setup ........................................................................................................ 194
Table 72 Menu 22 SNMP Configuration .............................................................................................. 195
Table 73 Menu 24.1 System Maintenance: Status .............................................................................. 200
Table 74 Menu 24.2.1 System Maintenance: Information ................................................................... 201
Table 75 Menu 24.4 System Maintenance Menu: Diagnostic .............................................................. 204
Table 76 Filename Conventions .......................................................................................................... 206
Table 77 General Commands for Third Party FTP Clients .................................................................. 207
Table 78 General Commands for Third Party TFTP Clients ............................................................... 208
Table 79 Brute-Force Password Guessing Protection Commands ..................................................... 218
Table 80 System Maintenance: Time and Date Setting ....................................................................... 219
Table 81 Menu 24.11 Remote Management Control ........................................................................... 221
26
ZyXEL NWA-3100 User’s Guide
List of Tables
Table 82 Hardware Specifications ....................................................................................................... 229
Table 83 Firmware Specifications ........................................................................................................ 229
Table 84 Power over Ethernet Injector Specifications ........................................................................ 230
Table 85 Power over Ethernet Injector RJ-45 Port Pin Assignments .................................................. 231
Table 86 North American Plug Standards ............................................................................................ 231
Table 87 European Plug Standards ..................................................................................................... 231
Table 88 United Kingdom Plug Standards ........................................................................................... 231
Table 89 Australia and New Zealand Plug Standards ......................................................................... 231
Table 90 Comparison of EAP Authentication Types ............................................................................ 256
Table 91 Wireless Security Relational Matrix ...................................................................................... 257
Table 92 Subnet Masks ....................................................................................................................... 268
Table 93 Subnet Masks ....................................................................................................................... 269
Table 94 Maximum Host Numbers ...................................................................................................... 269
Table 95 Alternative Subnet Mask Notation ......................................................................................... 269
Table 96 Subnet 1 ................................................................................................................................ 271
Table 97 Subnet 2 ................................................................................................................................ 272
Table 98 Subnet 3 ................................................................................................................................ 272
Table 99 Subnet 4 ................................................................................................................................ 272
Table 100 Eight Subnets ...................................................................................................................... 272
Table 101 24-bit Network Number Subnet Planning ............................................................................ 273
Table 102 16-bit Network Number Subnet Planning ............................................................................ 273
Table 103 Auto Configuration by DHCP .............................................................................................. 276
Table 104 Manual Configuration .......................................................................................................... 276
Table 105 Configuration via SNMP ...................................................................................................... 276
Table 106 Displaying the File Version .................................................................................................. 277
Table 107 Displaying the File Version .................................................................................................. 277
Table 108 Displaying the Auto Configuration Status ............................................................................278
ZyXEL NWA-3100 User’s Guide
27
List of Tables
28
ZyXEL NWA-3100 User’s Guide
PART I

Introduction

Introducing the ZyXEL Device (31)
Introducing the Web Configurator (39)
Tutorial (43)
29
30
Loading...
+ 264 hidden pages