Zyxel NWA-3166 user manual

NWA-3166

Wireless N Dual-Band Business WLAN Access Point

Default Login Details

IP Address http://192.168.1.2
User Name
Password 1234

Firmware Version 3.6
Edition 3, 02/2009

www.zyxel.com

www.zyxel.com

Copyright © 2009
ZyXEL Communications Corporation

About This User's Guide

About This User's Guide

Intended Audience

This manual is intended for people who want to configure the NWA-3160 Series
using the web configurator. You should have at least a basic knowledge of TCP/IP
networking concepts and topology.

Related Documentation

•Quick Start Guide
The Quick Start Guide is designed to help you get up and running right away. It

contains information on setting up your network and configuring for Internet
access.

• Support Disc
Refer to the included CD for support documents.

• ZyXEL Web Site
Please refer to www.zyxel.com

product certifications.

for additional support documentation and

User Guide Feedback

Help us help you. Send all User Guide-related comments, questi ons or suggestions
for improvement to the following address, or use e-mail instead. Thank you!

The Technical Writing Team,
ZyXEL Communications Corp.,
6 Innovation Road II,
Science-Based Industrial Park,
Hsinchu, 300, Taiwan.

E-mail: techwriters@zyxel.com.tw

NWA-3166 User’s Guide

3

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

Warnings tell you about things that could harm you or your
device.

Note: Notes tell you other important information (for example, other things you may

need to configure or helpful tips) or recommendations.

Syntax Conventions

• The product in this book may be referred to as the “NWA”, the “device” or the
“system” in this User’s Guide.

Document Conventions

• Product labels, screen names, field labels and field choices are all in bold font.

• A key stroke is denoted by square brackets and uppercase text, for example,
[ENTER] means the “enter” or “ret urn” key on your keyboard.

• “Enter” means for you to type one or more characters and then press the
[ENTER] key. “Select” or “choose” means for you to use one of the predefined
choices.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For
example, Maintenance > Status > Show Statistics means you first click
Maintenance in the navigation panel, then the Status sub menu and finally
the Show Statistics button to get to that screen.

• Units of measurement may denote the “metric” value or the “scientific” value.
For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may
denote “1000000” or “1048576” and so on.

• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other
words”.

• Screens reproduced here for demonstration purposes may not exactly match
the screens on your device.

4

NWA-3166 User’s Guide

Document Conventions

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The NWA icon is
not an exact representation of your device.

NWA Computer Notebook computer

Server Printer Firewall

Telephone Switch Router

NWA-3166 User’s Guide

5

Safety Warnings

• Do NOT use this product near water, for example, in a wet basement or n ear a swimming
pool.

• Do NOT expose your device to dampness, dust or corrosive liquids.

• Do NOT store things on the device.

• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk
of electric shock from lightning.

• Connect ONLY suitable accessories to the device.

• ONLY qualified service personnel should service or disassemble this device.

• Make sure to connect the cables to the correct ports.

• Place connecting cables carefully so that no one will step on them or stumble over them.

• Always disconnect all cables from this device before servicing or disassembling.

• Use ONLY an appropriate power adaptor or cord for your device.

• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in
North America or 230V AC in Europe).

• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the
product where anyone can walk on the power adaptor or cord.

• Do NOT use the device if the power adaptor or cord is damaged as it might cause
electrocution.

• If the power adaptor or cord is damaged, remove it from the power outlet.

• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order
a new one.

• Do not use the device outside, and make sure all the connections are indoors. There is a
remote risk of electric shock from lightning.

• “Not to remove the plug and plug into a wall outlet by itself; always attach the plug to
the power supply first before insert into the wall.”

• (In other words, do NOT remove the plug and connect it to a power outlet by itself;
always attach the plug to the power adaptor first before connecting it to a power outlet.)

• Antenna Warning! This device meets ETSI and FCC certification requirements when using
the included antenna(s). Only use the included antenna(s).

• If you wall mount your device, make sure that no electrical lines, gas or water pipes will
be damaged.

• The PoE (Power over Ethernet) devices that supply or receive power and their connected
Ethernet cables must all be completely indoors.

Safety Warnings

6

This product is recyclable. Dispose of it properly.

NWA-3166 User’s Guide

Table of Contents

Table of Contents

About This User's Guide..........................................................................................................3

Document Conventions............................................................................................................4

Safety Warnings ........................................................................................................................6

Table of Contents......................................................................................................................7

Part I: Introduction................................................................................. 15

Chapter 1

Introduction.............................................................................................................................17

1.1 Overview ............... ............................................. .... ... ... ... .... ... ............................................. 17

1.2 Applications for the NWA ........... ... ... ... ... .... ... ... ... ................................................................. 18

1.2.1 Access Point .................................................... ... ... ............................................. .... ... 18

1.2.2 Bridge / Repeater ....................................................................................................... 19

1.2.2.1 Bridge / Repeater Mode Example .................................................. 20

1.2.3 AP + Bridge ......................... ... ... ... .... ... ... ............................................. .... ... ... ... ... ....... 22

1.2.4 MBSSID .............................................. ... ... .............................................. ... ... ... ..........22

1.2.5 Pre-Configured SSID Profiles ....................................................................................24

1.2.6 Configuring Dual WLAN Adaptors ....................... ............. ............. ............. ............. ... 24

1.3 CAPWAP ............................... .... ... ... ... ... .... ... ............................................. ... .... ... ... ... .......... 25

1.4 Ways to Manage the NWA ................................................................... ... ... ... .... ... ... ... ... .......25

1.5 Good Habits for Managing the NWA ................................................................................... 26

1.6 Hardware Connections ........................................................................................................ 26

1.7 LEDs ......................... .... ............................................. ... ... .... ................................................ 27

Chapter 2

The Web Configurator............................................................................................................29

2.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 29

2.2 Accessing the Web Configurator ......................................................................................... 29

2.3 Resetting the NWA ............................. ... .... ... ... ... .............................................. ... ... ... ... ....... 30

2.3.1 Methods of Restoring Factory-Defaults ............................... .................... ................... 30

2.4 Navigating the Web Configurator ............................................... .......................................... 31

Chapter 3

Tutorials...................................................................................................................................33

3.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 33

NWA-3166 User’s Guide

7

Table of Contents

3.2 How to Configure the Wireless LAN ................ ... .... ... ... ... ............................................. .... ... 33

3.2.1 Choosing the Wireless Mode ..................................................................................... 33

3.2.2 Wireless LAN Configuration Overview ................................ ... .... ................................ 34

3.2.3 Further Reading .........................................................................................................35

3.3 How to Configure Multiple Wireless Networks ..................................................................... 35

3.3.1 Change the Operating Mode ...................................................................................... 37

3.3.2 Configure the VoIP Network ....................................................................................... 39

3.3.2.1 Set Up Security for the VoIP Profile ..................................... ...........40

3.3.2.2 Activate the VoIP Profile .................................................................42

3.3.3 Configure the Guest Network ..................................................................................... 42

3.3.3.1 Set Up Security for the Guest Profile ......... ............................. ........44

3.3.3.2 Set up Layer 2 Isolation ..................................................................45

3.3.3.3 Activate the Guest Profile ...............................................................46

3.3.4 Testing the Wireless Networks ............ ....................................................................... 46

3.4 How to Set Up and Use Rogue AP Detection ..................................................................... 47

3.4.1 Set Up and Save a Friendly AP list ............................................................................ 49

3.4.2 Activate Periodic Rogue AP Detection .......................................................................52

3.4.3 Set Up E-mail Logs .................................................................................................... 53

3.4.4 Configure Your Other Access Points .......................................................................... 54

3.4.5 Test the Setup ............................................................................................................ 55

3.5 Using MAC Filters and L-2 Isolation Profiles .......................................................................55

3.5.1 Scenario ....... ... .... ... ... ... .............................................. ... ... ... ... .... ... ... .......................... 55

3.5.2 Your Requirements ........................................... ... ....................................................... 56

3.5.3 Setup ................................... ... ... ... .... ... ... ............................................. .... ... ... .............56

3.5.4 Configure the SERVER_1 Network ............................................................................ 57

3.5.5 Configure the SERVER_2 Network ............................................................................ 60

3.5.6 Checking your Settings and Testing the Configuration .............................................. 61

3.5.6.1 Checking Settings ......................................... .... ... ... ... .....................61

3.5.6.2 Testing the Configuration .............................. .... ... ... ........................62

Part II: The Web Configurator............................................................... 65

Chapter 4

Status Screen..........................................................................................................................67

4.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 67

4.2 The Status Screen ............................................................................................................... 67

Chapter 5

Management Mode..................................................................................................................71

5.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 71

5.2 About CAPWAP ............ ... ... ... .... ... ... .................................................................................... 71

8

NWA-3166 User’s Guide

Table of Contents

5.2.1 CAPWAP Discovery and Management ...................................... ... ... ... .... ... ... ... ... .... ... 72

5.2.2 CAPWAP and DHCP ..................................................... ... .......................................... 72

5.2.3 CAPWAP and IP Subnets ...... ... ... .... ... ... ................................................. ... ... ... ... .......72

5.2.4 Notes on CAPWAP .......... ... ... ... ... .... ............................................. ... ... .... ... ... ... .......... 73

5.3 The Management Mode Screen .......................................................................................... 74

Chapter 6

AP Controller Mode ................................................................................................................75

6.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 75

6.1.1 What Yo u Can Do in AP Controller Mode .................................................................. 75

6.1.2 What You Need to Know .................................. ... ... ............................................. .... ... 75

6.1.3 Before You Begin ... ... ... .... ... ... ... ... .... ... ....................................................................... 76

6.2 Controller AP Navigation Menu ........................................................................................... 76

6.3 Controller AP Status Screen ................................................................................................77

6.4 AP Lists Screen ..................................... .... ... ... ... .... .............................................................79

6.4.1 The AP Lists Edit Screen ........................................................................................... 81

6.5 Configuration Screen ....................... ... ... .... ... ... ... .... ... ... .......................................................82

6.6 The Profile Edit Screens ...................................................................................................... 83

6.6.1 The Radio Profile Screen ...........................................................................................83

6.6.2 The Radio Profile Edit Screen .................................................................................... 84

Chapter 7

System Screens......................................................................................................................87

7.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 87

7.1.1 What Yo u Can Do in the System Screens .................................................................. 87

7.1.2 What You Need To Know About the System Screens ................................... ... ... .... ... 88

7.2 General Screen ............................................ ... ... .... ... ... ... .................................................... 89

7.3 Password Screen ................................................................................... ... ... .... ... ... ... ... ....... 91

7.4 Time Setting Screen ........................................................................................................... 93

7.5 Technical Reference ........... ... .... ... ... .................................................................................... 95

7.5.1 Administrator Authentication on RADIUS ................................................................... 95

7.5.2 Pre-defined NTP Time Servers List ............................................................................ 95

Chapter 8

Wireless Screen......................................................................................................................97

8.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 97

8.1.1 What You Can Do in the Wireless Screen .................................................................. 97

8.1.2 What You Need To Know About the Wireless Screen ......................................... .... ... 98

8.2 The Wireless Screen ......................................................................................................... 101

8.2.1 Access Point Mode .................................................... ... ... ........................................ 101

8.2.2 Bridge / Repeater Mode ........................................................................................... 104

8.2.3 AP + Bridge Mode ............................ ... ... ... .... ... ... ... .... ... ... ........................................ 108

8.2.4 MBSSID Mode .............................................. ... ... ............................................. ... .... . 109

NWA-3166 User’s Guide

9

Table of Contents

8.3 Technical Reference ........... ... .... ... ... ...................................................................................112

8.3.1 WMM QoS ........................ ... ............................................. ... ... .... ... ... .........................112

8.3.1.1 WMM QoS Priorities ........................ .... ... ... ... .... ... ... ... ................... 112

8.3.2 ATC .... .... ... ... ............................................. .... ... ... ............................................. .........113

8.3.3 ATC+WMM ................................... .............................................. ... ... ... .... ... ...............114

8.3.3.1 ATC+WMM from LAN to WLAN .................................................... 114

8.3.3.2 ATC+WMM from WLAN to LAN .................................................... 115

8.3.4 Type Of Service (ToS) ...............................................................................................115

8.3.4.1 DiffServ ............ ............................................. .... ... ... ... ................... 115

8.3.4.2 DSCP and Per-Hop Behavior ....................................................... 115

8.3.4.3 ToS (Type of Service) and WMM QoS .......................................... 116

8.3.5 Spanning Tree Protocol (STP) ..................................................................................116

8.3.5.1 Rapid STP .............................................................. ... ... .... ... ... ... ... 116

8.3.5.2 STP Terminology .............................................. ... ... ... ... .... ... ......... 117

8.3.5.3 How STP Works ........................................................................... 117

8.3.5.4 STP Port States ...... ... ... ... ............................................. .... ............ 118

8.3.6 DFS ........ ... ... ... .... ............................................. ... ... .... ... ... .........................................118

8.3.7 Roaming .................................... ... .... ... ... ... .... ............................................. ... ... ... ......118

8.3.7.1 Requirements for Roaming ...........................................................120

8.3.8 Additional Wireless Terms ........................................................................................ 121

Chapter 9

SSID Screen...........................................................................................................................123

9.1 Overview ............. ............................................. ... .... ... ... ... .... .............................................. 123

9.1.1 What You Can Do in the SSID Screen .....................................................................123

9.1.2 What You Need To Know About SSID .............................................................. ... .... . 124

9.2 The SSID Screen ............................................................................................................... 125

9.2.1 Configuring SSID ................................................... .... ... ... ........................................ 126

Chapter 10

Wireless Security Screen.....................................................................................................129

10.1 Overview .......................................................................................................................... 129

10.1.1 What You Can Do in the Security Screen ..............................................................129

10.1.2 What You Need To Know About Wireless Security ................................................ 130

10.2 The Security Screen ...................................... ... .... ... ... ... .... ... ... ... ... .... .............................. 132

10.2.1 Security: WEP ........................................................................................................ 133

10.2.2 Security: 802.1x Only ............................................................................................. 134

10.2.3 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ............. .... ... ... ... .... ... .............. 135

10.2.4 Security: WPA ........................................................................................................ 137

10.2.5 Security: WPA2 or WPA2-MIX .............................. ............................................. .... . 138

10.2.6 Security: WPA-PSK, WPA2-PSK, WPA2-PSK-MIX ................................................139

10.3 Technical Reference ........................................................................................................140

10

NWA-3166 User’s Guide

Table of Contents

Chapter 11

RADIUS Screen.....................................................................................................................141

11.1 Overview .......................................................................................................................... 141

11.1.1 What You Can Do in the RADIUS Screen ................................ .............................. 1 42

11.1.2 What You Need To Know About Wireless Security ................................................142

11.2 The RADIUS Screen ........................................................................................................ 143

Chapter 12

Layer-2 Isolation Screen ......................................................................................................145

12.1 Overview .......................................................................................................................... 145

12.1.1 What You Can Do in the Layer-2 Isolation Screen ................................................. 146

12.1.2 What You Need To Know About This Chapter ....................................................... 146

12.2 The Layer-2 Isolation Screen .................................. ... ... .... ... ... ... ... .................................. 147

12.2.1 Configuring Layer-2 Isolation ................................................................................. 148

12.3 Technical Reference ........................................................................................................149

Chapter 13

MAC Filter Screen.................................................................................................................151

13.1 Overview .......................................................................................................................... 151

13.1.1 What You Can Do in the MAC Filter Screen .......................................................... 151

13.1.2 What You Should Know About MAC Filter ............................................................. 151

13.2 The MAC Filter Screen .................................................................................................... 152

13.2.1 Configuring the MAC Filter ................................ .......................................... ........... 153

Chapter 14

IP Screen................................................................................................................................155

14.1 Overview .......................................................................................................................... 155

14.1.1 What You Can Do in the IP Screen ........................................................................ 155

14.1.2 What You Need To Know About IP ........................................................................ 155

14.2 The IP Screen .................................................................................................................. 156

14.3 Technical Reference ........................................................................................................157

14.3.1 WAN IP Address Assignment ................................................................................. 157

Chapter 15

Rogue AP Detection .............................................................................................................159

15.1 Overview .......................................................................................................................... 159

15.1.1 What You Can Do in the Rogue AP Screen ............................................. ..............160

15.1.2 What You Need To Know About Rogue AP .............................................. ... ...........160

15.2 Configuration Screen ....................................................................................................... 162

15.2.1 Friendly AP Screen ................................................................................................ 163

15.2.2 Rogue AP Screen .................................................................................................. 164

NWA-3166 User’s Guide

11

Table of Contents

Chapter 16

Remote Management Screens.............................................................................................167

16.1 Overview .......................................................................................................................... 167

16.1.1 What You Can Do in the Remote Management Screens ....................................... 168

16.1.2 What You Need To Know About Remote Management ......................................... 168

16.2 The Telnet Screen ...........................................................................................................170

16.3 The FTP Screen ............ ... ... ................................................. ... ... ..................................... 171

16.4 The WWW Screen ........................................................................................................... 172

16.5 The SNMP Screen ...........................................................................................................174

16.6 Technical Reference ........................................................................................................176

16.6.1 MIB ......................................................................................................................... 176

16.6.2 Supported MIBs ..................................................................................................... 176

16.6.3 SNMP Traps ........................................................................................................... 176

Chapter 17

Internal RADIUS Server........................................................................................................179

17.1 Overview .......................................................................................................................... 179

17.1.1 What You Can Do in this Chapter .......................................................................... 180

17.1.2 What You Need To Know ....................................................................................... 180

17.2 Internal RADIUS Server Setting Screen .......................................................................... 180

17.3 The Trusted AP Screen ................................................................................................... 182

17.4 The Trusted Users Screen ............................................................................................... 183

17.5 Technical Reference ........................................................................................................184

Chapter 18

Certificates ............................................................................................................................187

18.1 Overview .......................................................................................................................... 187

18.1.1 What You Can Do in the Certificates Screen .........................................................187

18.1.2 What You Need To Know About Certificates ......................................... .................188

18.2 My Certificates Screen ....................................................................................................188

18.2.1 My Certificates Import Screen ................................................................................ 190

18.2.2 My Certificates Create Screen ............................................................................... 192

18.2.3 My Certificates Details Screen ...............................................................................195

18.3 Trusted CAs Screen ........................................................................................................198

18.3.1 Trusted CAs Import Screen .................................................................................... 199

18.3.2 Trusted CAs Details Screen ..................................................... ..............................200

18.4 Technical Reference ........................................................................................................203

18.4.1 Private-Public Certificates ........................... ........................................................... 203

18.4.2 Certification Authorities .......................................................................................... 203

18.4.3 Checking the Fingerprint of a Certificate ................................................................ 204

Chapter 19

Log Screens ..........................................................................................................................205

12

NWA-3166 User’s Guide

Table of Contents

19.1 Overview .......................................................................................................................... 205

19.1.1 What You Can Do in the Log Screens .................................................................... 205

19.1.2 What You Need To Know About Logs .................................................................... 206

19.2 The View Log Screen ...................................................................................................... 206

19.3 The Log Settings Screen ..... .... ... ...... ... .... ........................................................................ 208

19.4 Technical Reference ........................................................................................................210

19.4.1 Example Log Messages ......................................................................................... 210

19.4.2 Log Commands ...................................................................................................... 212

19.4.3 Configuring What You Want the NWA to Log ......................................................... 212

19.4.4 Displaying Logs ...................................................................................................... 212

19.4.5 Log Command Example ......................................................................................... 212

Chapter 20

VLAN......................................................................................................................................215

20.1 Overview .......................................................................................................................... 215

20.1.1 What You Can Do in the VLAN Screen .................................................................. 215

20.1.2 What You Need To Know About VLAN ................................................................... 216

20.2 Wireless VLAN Screen .................................................................................................... 217

20.2.1 RADIUS VLAN Screen ........................................................................................... 219

20.3 Technical Reference ........................................................................................................220

20.3.1 VLAN Tagging ........................................................................................................ 220

20.3.2 Configuring Management VLAN Example .................................................. ... ... .....220

20.3.3 Configuring Microsoft’s IAS Server Example ......................................................... 223

20.3.3.1 Configuring VLAN Groups .............................. ... ... ... ...................224

20.3.3.2 Configuring Remote Access Policies .... ... ... .... ... ... ... ... .... ... ... ... ... 225

20.3.4 Second Rx VLAN ID Example ................................................................................ 233

20.3.4.1 Second Rx VLAN Setup Example .............................................. 233

Chapter 21

Maintenance..........................................................................................................................237

21.1 Overview .......................................................................................................................... 237

21.1.1 What You Can Do in the Maintenance Screens ..................................................... 237

21.1.2 What You Need To Know ....................................................................................... 237

21.2 Association List Screen ...................................................................................................238

21.3 Channel Usage Screen ................................................................................................... 239

21.4 F/W Upload Screen .........................................................................................................240

21.5 Configuration Screen ....................................................................................................... 242

21.5.1 Backup Configuration ........................ ....................................... .............................. 242

21.5.2 Restore Configuration ......... ... ... .... ... ............................................. ... .... ... ... ... ... .... . 243

21.5.3 Back to Factory Defaults ...... ... ... .... ............................................. ... ... .... ... ... ... ... .....244

21.6 Restart Screen .................................................................................................................244

Chapter 22

Troubleshooting....................................................................................................................245

NWA-3166 User’s Guide

13

Table of Contents

22.1 Overview .......................................................................................................................... 245

22.2 Power, Hardware Connections, and LEDs .............................. ... ... .... ... ... ... .... ... ... ... ........245

22.3 NWA Access and Login ................................................................................................... 246

22.4 Internet Access ................................................................................................................ 249

22.5 Wireless Router/AP Troubleshooting ...............................................................................250

Appendix A Product Specifications.......................................................................................251

22.6 Wall-Mounting Instructions .............................................................................................. 253

Appendix B Wireless LANs ..................................................................................................255

Appendix C Pop-up Windows, JavaScripts and Java Permissions......................................271

Appendix D IP Addresses and Subnetting...........................................................................279

Appendix E Text File Based Auto Configuration...................................................................301

Appendix F How to Access and Use the CLI .......................................................................309

Appendix G Legal Information..............................................................................................315

Appendix H Customer Support.............................................................................................319

Index.......................................................................................................................................327

14

NWA-3166 User’s Guide

PART I

Introduction

Introduction (17)

The Web Configurator (29)

Tutorials (33)

15

16

CHAPTER 1

Introduction

1.1 Overview

Your NWA extends the range of your existing wired network without additional
wiring, providing easy network access to mobile users.

It is highly versatile, featuring dual wireless modules and supporting up to sixteen
Basic Service Set Identifiers (BSSID) simultaneously . The Quality of Service (QoS)
features allow you to prioritize time-sensitive or highly important applications
such as Voice over Internet Protocol (VoIP).

Multiple security profiles allow you to eas ily assign different types of security to
groups of users. The NWA controls network access with Media Access Control
(MAC) address filtering, rogue Access Point (AP) detection, lay er 2 isolation and an
internal authentication server. It also provides a high level of network traffic
security, supporting Institute of Electronic Engineers (IEEE) 802.1x, Wi-Fi
Protected Access (WPA), WPA2 and Wired Equivalent Privacy (WEP) data
encryption.

Your NWA is easy to install, configure and use. The embedded Web-based
configurator enables simple, straightforward management and maintenance.

See the Quick Start Guide for instructions on how to make hardware connections.

NWA-3166 User’s Guide

17

Chapter 1 Introduction

1.2 Applications for the NWA

The NWA can be configured to use the following WLAN operating modes

• Access Point

•Bridge / Repeater

•AP + Bridge

•MBSSID

Applications for each operating mode are shown below.

Note: A different channel should be configured for each WLAN interface to reduce the

effects of radio interference.

1.2.1 Access Point

The NWA is an ideal access solution for wirel ess Internet connection. A typical
Internet access application for your NWA is shown as follows. Stations A, B and C
can access the wired network through the NWAs.

Figure 1 Access Point Application

AP1

A

BSS1

AP2

B

BSS2

18

NWA-3166 User’s Guide

1.2.2 Bridge / Repeater

The NWA can act as a wireless network bridge and establish wireless links with
other APs. In the figure below, the two NWAs (A and B) are connected to
independent wired networks and have a bridge connection (A can communicate
with B) at the same time. A NWA in repeater mode (C) has no Ethernet
connection. When the NWA is in bridge mode, you should enable Spanning Tree
Protocol (STP) to prevent bridge loops.

When the NWA is in Bridge / Repeater mode, security between APs (the Wireless
Distribution System or WDS) is independent of the security between the wireless
stations and the AP. If you do not enable WDS security, traffic between APs is not
encrypted. When WDS security is enabled, both APs must use the same pre­shared key. See Section 8.2.2 on page 104 for more details.

Once the security settings of peer sides match one another, the connection
between devices is made.

At the time of writing, WDS security is compatible with other ZyXEL access points
only. Refer to your other access point’s documentation for details.

Chapter 1 Introduction

Figure 2 Bridge Application

NWA-3166 User’s Guide

19

Chapter 1 Introduction

Figure 3 Repeater Application

1.2.2.1 Bridge / Repeater Mode Example

In the example below, when both NW As are in Bridge/ Repeater mode, they form a
WDS (Wireless Distribution Syst em) allowing the computers in LAN 1 to connect to
the computers in LAN 2.

Figure 4 Bridging Example

20

Be careful to avoid bridge loops when you enable bridging in the NWA. Bridge
loops cause broadcast traffic to circle the network endlessly, resulting in possible

NWA-3166 User’s Guide

Chapter 1 Introduction

throughput degradation and disruption of communications. The following
examples show two network topologies that can lead to this problem:

• If two or more NWAs (in bridge mode) are connected to the same hub.

Figure 5 Bridge Loop: Two Bridges Connected to Hub

• If your NWA (in bridge mode) is connected to a wired LAN while communicating
with another wireless bridge that is also connected to the same wired LAN.

Figure 6 Bridge Loop: Bridge Connected to Wired LAN

To prevent bridge loops, ensure that you enable Spanning Tree Protocol (STP) in
the Wireless screen or your NWA is not set to bridge mode while connected to
both wired and wireless segments of the same LAN.

NWA-3166 User’s Guide

21

Chapter 1 Introduction

1.2.3 AP + Bridge

In AP + Bridge mode, the NWA supports both AP and bridge connection at the
same time.

In the figure below, A and B use X as an AP to access the wired network, while X
and Y communicate in bridge mode.

When the NWA is in AP + Bridge mode, security between APs (WDS) is
independent of the security between the wireless stations and the AP. If you do
not enable WDS security, traffic between APs is not encrypted. When WDS
security is enabled, both APs must use the same pre-shared key.

Unless specified, the term “security settings” refers to the traffic between the
wireless stations and the NWA.

Figure 7 AP + Bridge Application

A

1.2.4 MBSSID

A Basic Service Set (BSS) is the set of devices forming a single wireless network
(usually an access point and one or more wireless clients). The Service Set
IDentifier (SSID) is the name of a BSS. In Multiple BSS (MBSSID) mode, the NWA

22

B

X

Y

NWA-3166 User’s Guide

Chapter 1 Introduction

provides multiple virtual APs, each forming its own BSS and using its own
individual SSID profile.

You can configure up to sixteen SSID profiles, and have up to eight active at any
one time.

You can assign different wireless and security settings to each SSID profile. This
allows you to compartmentalize groups of users, set v arying access privileges, and
prioritize network traffic to and from certain BSSs.

To the wireless clients in the network, each SSID appears to be a different access
point. As in any wireless network, clients can associate only with the SSIDs for
which they have the correct security settings.

For example, you might want to set up a wireless network in your office where
Internet telephony (VoIP) users have priority. You also want a regular wireless
network for standard users, as well as a ‘guest’ wireless network for visitors. In
the following figure, VoIP_SSID users have QoS priority, SSID03 is the wireless
network for standard users, and Guest_SSID is the wireless network for guest
users. In this example, the guest user is forbidden access to the wired Land Area
Network (LAN) behind the AP and can access only the Internet.

Figure 8 Multiple BSSs

NWA-3166 User’s Guide

23

Chapter 1 Introduction

1.2.5 Pre-Configured SSID Profiles

The NWA has two pre-configured SSID profiles.

• VoIP_SSID. This profile is intended for use by wireless clients requiring the
highest QoS level for VoIP telephony and other applications requiring low
latency. The QoS level of this profile is not user-configurable.

• Guest_SSID. This profile is intended for use by visitors and others who require
access to certain resources on the network (an Internet gateway or a network
printer, for example) but must not have access to the rest of the network. Layer
2 isolation is enabled (see Section on page 146), and QoS is set to NONE.
Intra-BSS traffic blocking is also enabled (see Section 8.1.2 on pa ge 98). These
fields are all user-configurable.

1.2.6 Configuring Dual WLAN Adaptors

The NWA is equipped with dual wireless adaptors. This means yo u can configure
two different wireless networks to operate simultaneously.

In the following example, the NWA (Z) uses WLAN1 in Access Point mode to
allow IEEE 802.11b and IEEE 802.11g clients to access the wired network, and
WLAN2 in AP + Bridge mode to allow an IEEE 802.11a AP to communicate with
the wired network.

Figure 9 Dual WLAN Adaptors Example

Z

WLAN1

WLAN2

802.11b/g
Bridge

802.11b/g
Access Point

Internet

24

NWA-3166 User’s Guide

1.3 CAPWAP

The NWA supports Control And Provisioning of Wireless Access Points (CAPWAP).
This is ZyXEL’s implementation of the Internet Engineering Task Force’s (IETF)
CAPWAP protocol.

ZyXEL’s CAPWAP allows a single access point to manage up to eight other access
points. The managed APs receive all their configuration information from the
controller AP. The CAPWAP dataflow is protected by Datagram Transport Layer
Security (DTLS).

The following ZyXEL AP models can be CAPW AP managed APs:

• NWA-3160

• NWA-3163

• NWA-3500

• NWA-3550

Chapter 1 Introduction

• NWA-3166

The following figure illustrates a CAPWAP wireless network. The user (U)
configures the controller AP (C), which then automatically updates the
configurations of the managed APs (M1 ~ M4).

Figure 10 CAPWAP Network Example

U

C

M1 M2 M3 M4

NWA-3166 User’s Guide

25

Chapter 1 Introduction

1.4 Ways to Manage the NWA

Use any of the following methods to manage the NWA.

• Web Configurator. This is recommended for everyday management of the
NWA using a (supported) web browser.

• Command Line Interface (CLI). Line commands are mostly used for
troubleshooting by service engineers.

• File Transfer Protocol (FTP). This protocol can be used for firmware upgr ades
and configuration backup and restore.

• Simple Network Management Protocol (SNMP). The device can be
monitored by an SNMP manager. See the SNMP chapter in this User’s Guide.

1.5 Good Habits for Managing the NWA

Do the following things regularly to make the NWA more secure and to manage it
more effectively.

• Change the password often. Use a password that’s not easy to guess and that
consists of different types of characters, such as numbers and letters.

• Write down the password and put it in a safe place.

• Back up the configuration (and make sure you know how to restore it).
Restoring an earlier working configuration may be useful if the device becomes
unstable or even crashes. If you forget y our password, you will hav e to reset the
NWA to its factory default settings. If you backed up an earlier configur ation file,
you won’t have to totally re-configure the NWA; you can simply restore your last
configuration.

1.6 Hardware Connections

See your Quick Start Guide for information on making hardware connections.

26

NWA-3166 User’s Guide

1.7 LEDs

The following are the LED descriptions for your NWA.

Figure 11 LEDs

Chapter 1 Introduction

Table 1 LEDs

LABEL COLOR STATUS DESCRIPTION

WDS Off Either

NWA-3166 User’s Guide

• The NWA is in Access Point or MBSSID mode
and is functioning normally.

or

• The NWA is in AP+Bridge or Bridge/Repeater
mode and has not established a Wireless
Distribution System (WDS) connection.

Green On The NWA is in AP+Bridge or Bridge/Repeater

mode, and has successfully established a
Wireless Distribution System (WDS) connection.

27

Chapter 1 Introduction

Table 1 LEDs (continued)

LABEL COLOR STATUS DESCRIPTION

WLAN Green

ETHERNET Green On The NWA has a 10 Mbps Ethernet connection.

POWER/SYS Green On The NWA is receiving power and functioning

On The wireless LAN is active.

Off The wireless LAN is not active.

Yellow On The NWA has a 100 Mbps Ethernet connection.

Red Blinking Either

Blinking The wireless LAN is active, and transmitting or

receiving data.

Blinking The NWA has a 10 Mbps Ethernet connection

and is sending or receiving data.

Blinking The NWA has a 100 Mbps Ethernet connection

and is sending/receiving data.

Off The NWA does not have an Ethernet connection.

properly.

Off The NWA is not receiving power.

• If the LED blinks during the boot up process,
the system is starting up.

or

• If the LED blinks after the boot up process,
the system has failed.

Off The NWA successfully boots up.

28

NWA-3166 User’s Guide

CHAPTER 2

The Web Configurator

2.1 Overview

This chapter describes how to access the NWA’s web configurator and provides an
overview of its screens.

2.2 Accessing the Web Configurator

1 Make sure your hardware is properly connected and prepare your computer or

computer network to connect to the NWA (refer to the Quick Start Guide).

2 Launch your web browser.

3 Type "http://192.168.1.2" as the URL (default).

4 Type "1234" (default) as the password and click Login. In some versions, the

default password appea rs automatically - if this is the case, click Login.

5 You should see a screen asking you to change your password (highly

recommended) as shown next. Type a new password (and retype it to confirm)
then click Apply. Alternatively, click Ignore.

Note: If you do not change the password, this screen appears every time you login.

NWA-3166 User’s Guide

29

Chapter 2 The Web Configurator

6 Click Apply in the Replace Certificate screen to create a certificate using your

NWA’s MAC address that will be specific to this device.

You should now see the Status screen. See Chapter 2 on page 29 for details
about the Status screen.

Note: The management session automatically times out when the time period set in

the Administrator Inactivity Timer field expires (default five minutes). Simply log
back into the NWA if this happens.

2.3 Resetting the NWA

If you forget your password or cannot access the web configurator, you will need
to use the RESET button. This replaces the current configuration file with the
factory-default configuration file. This means that you will l ose all the settings you
previously configured. The password will be reset to 1234.

2.3.1 Methods of Restoring Factory-Defaults

You can erase the current configuration and restore factory defaults in three
ways:

•Use the RESET button to upload the default configuration file. Hold this button
in for about 10 seconds (the lights will begin to blink). Use this method for cases
when the password or IP address of the NWA is not known.

• Use the web configurator to restore defaults (refer to Chapter 21 on page 237).

• Transfer the configuration file to your NWA using File Transfer Protocol (FTP).

30

NWA-3166 User’s Guide