ZyXEL NWA-3500 User Manual

NWA-3500

802.11a/b/g Wireless Access Point

User’s Guide

Version 3.60 3/2007 Edition 1

www.zyxel.com

About This User's Guide

Intended Audience

This manual is intended for people who want to configure the ZyXEL Device using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology.

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

1 Warnings tell you about things that could harm you or your device.

" Notes tell you other important information (for example, other things you may

need to configure or helpful tips) or recommendations.

Syntax Conventions

• The NWA-3500 may be referred to as the “ZyXEL Device”, the “device” or the “system” in this User’s Guide.

• Product labels, screen names, field labels and field choices are all in bold font.

• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER] means the “enter” or “return” key on your keyboard.

• “Enter” means for you to type one or more characters and then press the [ENTER] key. “Select” or “choose” means for you to use one of the predefined choices.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Maintenance > Log > Log Setting means you first click Maintenance in the navigation panel, then the Log sub menu and finally the Log Setting tab to get to that screen.

• Units of measurement may denote the “metric” value or the “scientific” value. For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on.

• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.

ZyXEL NWA-3500 User’s Guide

Document Conventions

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is not an exact representation of your device.

ZyXEL Device Computer Notebook computer

Server DSLAM Firewall

Telephone Switch Router

ZyXEL NWA-3500 User’s Guide

Safety Warnings

1 For your safety, be sure to read and follow all warning notices and instructions.

• Do NOT use this product near water, for example, in a wet basement or near a swimming pool.

• Do NOT expose your device to dampness, dust or corrosive liquids.

• Do NOT store things on the device.

• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning.

• Connect ONLY suitable accessories to the device.

• ONLY qualified service personnel should service or disassemble this device.

• Make sure to connect the cables to the correct ports.

• Place connecting cables carefully so that no one will step on them or stumble over them.

• Always disconnect all cables from this device before servicing or disassembling.

• Use ONLY an appropriate power adaptor or cord for your device.

• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe).

• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord.

• Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution.

• If the power adaptor or cord is damaged, remove it from the power outlet.

• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.

• Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning.

• Antenna Warning! This device meets ETSI and FCC certification requirements when using the included antenna(s). Only use the included antenna(s).

• If you wall mount your device, make sure that no electrical lines, gas or water pipes will be damaged.

• The PoE (Power over Ethernet) devices that supply or receive power and their connected Ethernet cables must all be completely indoors.

This product is recyclable. Dispose of it properly.

ZyXEL NWA-3500 User’s Guide

Safety Warnings

ZyXEL NWA-3500 User’s Guide

Safety Warnings

ZyXEL NWA-3500 User’s Guide

Contents Overview

Introduction ............................................................................................................................ 31

Introducing the ZyXEL Device ...................................................................................................33

Introducing the Web Configurator .............................................................................................. 43

Status Screens .......................................................................................................................... 47

Tutorial ....................................................................................................................................... 51

The Web Configurator ...........................................................................................................79

System Screens ........................................................................................................................ 81

Wireless Configuration .............................................................................................................. 87

Wireless Security Configuration .............................................................................................. 103

MBSSID and SSID ...................................................................................................................119

Other Wireless Configuration .................................................................................................. 127

IP Screen ................................................................................................................................. 137

Rogue AP ................................................................................................................................ 141

Remote Management Screens ................................................................................................ 147

Internal RADIUS Server .......................................................................................................... 157

Certificates ............................................................................................................................... 163

Log Screens ............................................................................................................................ 181

VLAN ....................................................................................................................................... 187

Maintenance ............................................................................................................................ 205

SMT and Troubleshooting ...................................................................................................215

Introducing the SMT ................................................................................................................ 217

General Setup ......................................................................................................................... 223

LAN Setup ............................................................................................................................... 225

SNMP Configuration ................................................................................................................ 227

System Password .................................................................................................................... 229

System Information and Diagnosis .......................................................................................... 231

Firmware and Configuration File Maintenance ........................................................................ 237

System Maintenance and Information ..................................................................................... 243

Troubleshooting ....................................................................................................................... 251

Appendices and Index ......................................................................................................... 255

ZyXEL NWA-3500 User’s Guide

Contents Overview

ZyXEL NWA-3500 User’s Guide

Table of Contents

About This User's Guide ..........................................................................................................3

Document Conventions............................................................................................................4

Safety Warnings........................................................................................................................6

Contents Overview ...................................................................................................................9

Table of Contents.................................................................................................................... 11

List of Figures ......................................................................................................................... 21

List of Tables...........................................................................................................................27

Part I: Introduction................................................................................. 31

Chapter 1

Introducing the ZyXEL Device...............................................................................................33

1.1 Introducing the ZyXEL Device ............................................................................................ 33

1.2 Applications for the ZyXEL Device ...................................................................................... 33

1.2.1 Access Point .............................................................................................................. 34

1.2.2 Bridge / Repeater ....................................................................................................... 34

1.2.3 AP + Bridge ................................................................................................................ 35

1.2.4 MBSSID ..................................................................................................................... 36

1.2.5 Pre-Configured SSID Profiles .................................................................................... 37

1.2.6 Configuring Dual WLAN Adaptors .............................................................................. 38

1.3 Ways to Manage the ZyXEL Device .................................................................................... 38

1.4 Good Habits for Managing the ZyXEL Device ..................................................................... 39

1.5 Hardware Connections ........................................................................................................ 39

1.6 LEDs .................................................................................................................................... 40

Chapter 2

Introducing the Web Configurator ........................................................................................ 43

2.1 Accessing the Web Configurator ......................................................................................... 43

2.2 Resetting the ZyXEL Device ................................................................................................ 44

2.2.1 Methods of Restoring Factory-Defaults ...................................................................... 45

2.3 Navigating the Web Configurator ......................................................................................... 45

Chapter 3

Status Screens........................................................................................................................ 47

ZyXEL NWA-3500 User’s Guide

Table of Contents

3.1 The Status Screen ............................................................................................................... 47

Chapter 4

Tutorial ..................................................................................................................................... 51

4.1 How to Configure the Wireless LAN .................................................................................... 51

4.1.1 Choosing the Wireless Mode ..................................................................................... 51

4.1.1.1 Configuring Dual WLAN Adaptors .................................................................... 51

4.1.2 Wireless LAN Configuration Overview ....................................................................... 52

4.1.3 Further Reading ......................................................................................................... 54

4.2 How to Configure Multiple Wireless Networks ..................................................................... 54

4.2.1 Change the Operating Mode ...................................................................................... 55

4.2.2 Configure the VoIP Network ....................................................................................... 57

4.2.2.1 Set Up Security for the VoIP Profile .................................................................. 58

4.2.2.2 Activate the VoIP Profile ................................................................................... 60

4.2.3 Configure the Guest Network ..................................................................................... 60

4.2.3.1 Set Up Security for the Guest Profile ................................................................ 61

4.2.3.2 Set up Layer 2 Isolation .................................................................................... 62

4.2.3.3 Activate the Guest Profile ................................................................................. 63

4.2.4 Testing the Wireless Networks ................................................................................... 63

4.3 How to Set Up and Use Rogue AP Detection ..................................................................... 64

4.3.1 Set Up and Save a Friendly AP list ............................................................................ 66

4.3.2 Activate Periodic Rogue AP Detection ....................................................................... 68

4.3.3 Set Up E-mail Logs .................................................................................................... 69

4.3.4 Configure Your Other Access Points .......................................................................... 70

4.3.5 Test the Setup ............................................................................................................ 70

4.4 Using Multiple MAC Filters and L-2 Isolation Profiles .......................................................... 71

4.4.1 Scenario ..................................................................................................................... 71

4.4.2 Your Requirements ..................................................................................................... 71

4.4.3 Setup .......................................................................................................................... 72

4.4.4 Configure the SERVER_1 Network ............................................................................ 73

4.4.5 Configure the SERVER_2 Network ............................................................................ 75

4.4.6 Checking your Settings and Testing the Configuration .............................................. 76

4.4.6.1 Checking Settings ............................................................................................. 76

4.4.6.2 Testing the Configuration .................................................................................. 76

Part II: The Web Configurator ............................................................... 79

Chapter 5

System Screens ...................................................................................................................... 81

5.1 System Overview ................................................................................................................. 81

5.2 Configuring General Setup ..................................................................................................81

ZyXEL NWA-3500 User’s Guide

Table of Contents

5.3 Administrator Authentication on RADIUS ............................................................................ 82

5.3.1 Configuring Password ................................................................................................ 82

5.4 Configuring Time Setting .................................................................................................... 84

5.5 Pre-defined NTP Time Servers List ..................................................................................... 86

Chapter 6

Wireless Configuration........................................................................................................... 87

6.1 Wireless LAN Overview ....................................................................................................... 87

6.1.1 BSS ............................................................................................................................ 87

6.1.2 ESS ............................................................................................................................ 88

6.2 Wireless LAN Basics ........................................................................................................... 88

6.3 Quality of Service ................................................................................................................ 89

6.3.1 WMM QoS ..................................................................................................................89

6.3.1.1 WMM QoS Priorities ......................................................................................... 89

6.3.2 ATC ............................................................................................................................ 89

6.3.3 ATC+WMM ................................................................................................................. 90

6.3.3.1 ATC+WMM from LAN to WLAN ........................................................................ 90

6.3.3.2 ATC+WMM from WLAN to LAN ........................................................................ 91

6.3.4 Type Of Service (ToS) ................................................................................................ 91

6.3.4.1 DiffServ ............................................................................................................. 91

6.3.4.2 DSCP and Per-Hop Behavior ........................................................................... 91

6.3.5 ToS (Type of Service) and WMM QoS ....................................................................... 92

6.4 Spanning Tree Protocol (STP) ............................................................................................. 92

6.4.1 Rapid STP .................................................................................................................. 92

6.4.2 STP Terminology ........................................................................................................ 93

6.4.3 How STP Works ......................................................................................................... 93

6.4.4 STP Port States ..........................................................................................................94

6.5 DFS ..................................................................................................................................... 94

6.6 Wireless Screen Overview .................................................................................................. 94

6.7 Configuring Wireless Settings ............................................................................................. 95

6.7.1 Access Point Mode .................................................................................................... 95

6.7.2 Bridge/Repeater Mode ............................................................................................... 97

6.7.3 AP+Bridge Mode ...................................................................................................... 101

6.7.4 MBSSID Mode ......................................................................................................... 101

Chapter 7

Wireless Security Configuration ......................................................................................... 103

7.1 Wireless Security Overview ............................................................................................... 103

7.1.1 Encryption ................................................................................................................ 103

7.1.2 Restricted Access .................................................................................................... 103

7.1.3 Hide Identity ............................................................................................................. 103

7.1.4 WEP Encryption ....................................................................................................... 103

7.2 802.1x Overview ................................................................................................................ 104

ZyXEL NWA-3500 User’s Guide

Table of Contents

7.3 EAP Authentication Overview ............................................................................................ 104

7.4 Introduction to WPA ........................................................................................................... 104

7.4.1 User Authentication ................................................................................................. 105

7.4.2 Encryption ............................................................................................................... 105

7.4.3 WPA(2)-PSK Application Example ........................................................................... 105

7.5 WPA(2) with External RADIUS Application Example ......................................................... 106

7.6 Security Modes .................................................................................................................. 107

7.7 Wireless Client WPA Supplicants ...................................................................................... 108

7.8 Wireless Security Effectiveness ......................................................................................... 108

7.9 Configuring Security .......................................................................................................... 108

7.9.1 Security: WEP .......................................................................................................... 109

7.9.2 Security: 802.1x Only ................................................................................................110

7.9.3 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ..................................................111

7.9.4 Security: WPA ...........................................................................................................113

7.9.5 Security: WPA2 or WPA2-MIX ...................................................................................113

7.9.6 Security: WPA-PSK, WPA2-PSK, WPA2-PSK-MIX ...................................................115

7.10 Introduction to RADIUS ....................................................................................................116

7.11 Configuring RADIUS .........................................................................................................116

Chapter 8

MBSSID and SSID .................................................................................................................119

8.1 Wireless LAN Infrastructures ..............................................................................................119

8.1.1 MBSSID ....................................................................................................................119

8.1.2 Notes on Multiple BSS ..............................................................................................119

8.1.3 Multiple BSS Example ...............................................................................................119

8.1.4 Multiple BSS with VLAN Example .............................................................................119

8.1.5 Configuring Multiple BSSs ....................................................................................... 120

8.2 SSID .................................................................................................................................. 122

8.2.1 The SSID Screen ..................................................................................................... 122

8.2.2 Configuring SSID ..................................................................................................... 123

Chapter 9

Other Wireless Configuration..............................................................................................127

9.1 Layer-2 Isolation Introduction ............................................................................................ 127

9.2 The Layer-2 Isolation Screen ............................................................................................ 128

9.3 Configuring Layer-2 Isolation ............................................................................................. 129

9.3.1 Layer-2 Isolation Examples ...................................................................................... 130

9.3.1.1 Layer-2 Isolation Example 1 ........................................................................... 131

9.3.1.2 Layer-2 Isolation Example 2 ........................................................................... 131

9.4 The MAC Filter Screen ......................................................................................................132

9.4.1 Configuring MAC Filtering ........................................................................................ 133

9.5 Configuring Roaming ......................................................................................................... 134

9.5.1 Requirements for Roaming ...................................................................................... 135

ZyXEL NWA-3500 User’s Guide

Table of Contents

Chapter 10

IP Screen................................................................................................................................ 137

10.1 Factory Ethernet Defaults ................................................................................................ 137

10.2 TCP/IP Parameters .........................................................................................................137

10.2.1 WAN IP Address Assignment ................................................................................. 137

10.3 Configuring IP .................................................................................................................. 138

Chapter 11

Rogue AP...............................................................................................................................141

11.1 Rogue AP Introduction .....................................................................................................141

11.2 Rogue AP Examples ........................................................................................................ 141

11.2.1 “Honeypot” Attack ................................................................................................... 142

11.3 Configuring Rogue AP Detection ..................................................................................... 143

11.3.1 Rogue AP: Configuration ........................................................................................ 143

11.3.2 Rogue AP: Friendly AP .......................................................................................... 144

11.3.3 Rogue AP List ........................................................................................................ 145

Chapter 12

Remote Management Screens............................................................................................. 147

12.1 Remote Management Overview ...................................................................................... 147

12.1.1 Remote Management Limitations .......................................................................... 147

12.1.2 System Timeout .................................................................................................... 147

12.2 Configuring Telnet ............................................................................................................ 148

12.3 Configuring FTP .............................................................................................................. 149

12.4 Configuring WWW ...........................................................................................................150

12.5 SNMP .............................................................................................................................. 151

12.5.1 Supported MIBs ..................................................................................................... 152

12.5.2 SNMP Traps ........................................................................................................... 153

12.6 SNMP Traps .................................................................................................................... 153

12.6.1 Configuring SNMP ................................................................................................. 154

Chapter 13

Internal RADIUS Server........................................................................................................157

13.1 Internal RADIUS Overview .............................................................................................. 157

13.2 Internal RADIUS Server Setting ...................................................................................... 157

13.3 Trusted AP Overview .......................................................................................................159

13.4 Configuring Trusted AP ................................................................................................... 160

13.5 Configuring Trusted Users ............................................................................................... 161

Chapter 14

Certificates ............................................................................................................................163

14.1 Certificates Overview ....................................................................................................... 163

14.1.1 Advantages of Certificates ..................................................................................... 164

ZyXEL NWA-3500 User’s Guide

Table of Contents

14.2 Self-signed Certificates .................................................................................................... 164

14.3 Verifying a Certificate ....................................................................................................... 164

14.3.1 Checking the Fingerprint of a Certificate on Your Computer .................................. 164

14.4 Configuration Summary ................................................................................................... 165

14.5 My Certificates ................................................................................................................. 165

14.6 Certificate File Formats .................................................................................................... 167

14.7 Importing a Certificate ..................................................................................................... 168

14.8 Creating a Certificate ....................................................................................................... 169

14.9 My Certificate Details ....................................................................................................... 171

14.10 Trusted CAs ................................................................................................................... 174

14.11 Importing a Trusted CA’s Certificate .............................................................................. 175

14.12 Trusted CA Certificate Details ....................................................................................... 176

Chapter 15

Log Screens ..........................................................................................................................181

15.1 Configuring View Log ....................................................................................................... 181

15.2 Configuring Log Settings ................................................................................................. 182

15.3 Example Log Messages .................................................................................................. 184

15.4 Log Commands ............................................................................................................... 185

15.4.1 Configuring What You Want the ZyXEL Device to Log .......................................... 185

15.4.2 Displaying Logs ...................................................................................................... 186

15.5 Log Command Example .................................................................................................. 186

Chapter 16

VLAN ...................................................................................................................................... 187

16.1 VLAN ............................................................................................................................... 187

16.1.1 Management VLAN ID ........................................................................................... 187

16.1.2 VLAN Tagging ........................................................................................................ 187

16.2 Configuring VLAN ............................................................................................................ 188

16.2.1 Wireless VLAN ....................................................................................................... 188

16.2.2 RADIUS VLAN ....................................................................................................... 190

16.2.3 Configuring Management VLAN Example ............................................................. 191

16.2.4 Configuring Microsoft’s IAS Server Example ......................................................... 194

16.2.4.1 Configuring VLAN Groups ............................................................................ 194

16.2.4.2 Configuring Remote Access Policies ............................................................ 195

16.2.5 Second Rx VLAN ID Example ................................................................................ 202

16.2.5.1 Second Rx VLAN Setup Example ................................................................ 202

Chapter 17

Maintenance .......................................................................................................................... 205

17.1 Maintenance Overview .................................................................................................... 205

17.2 System Status Screen ..................................................................................................... 205

17.2.1 System Statistics .................................................................................................... 206

ZyXEL NWA-3500 User’s Guide

Table of Contents

17.3 Association List ................................................................................................................ 207

17.4 Channel Usage ................................................................................................................ 208

17.5 F/W Upload Screen .........................................................................................................209

17.6 Configuration Screen ....................................................................................................... 210

17.6.1 Backup Configuration ..............................................................................................211

17.6.2 Restore Configuration ............................................................................................211

17.6.3 Back to Factory Defaults ........................................................................................ 212

17.7 Restart Screen ................................................................................................................. 213

Part III: SMT and Troubleshooting...................................................... 215

Chapter 18

Introducing the SMT .............................................................................................................217

18.1 Introduction to the SMT ...................................................................................................217

18.2 Accessing the SMT via the Console Port ........................................................................ 217

18.2.1 Initial Screen ..........................................................................................................217

18.2.2 Entering the Password ........................................................................................... 218

18.3 Connect to your ZyXEL Device Using Telnet ................................................................... 219

18.4 Changing the System Password ..................................................................................... 219

18.5 SMT Menu Overview Example ........................................................................................ 220

18.6 Navigating the SMT Interface .......................................................................................... 220

18.6.1 System Management Terminal Interface Summary ............................................... 222

Chapter 19

General Setup........................................................................................................................ 223

19.1 General Setup ................................................................................................................. 223

19.1.1 Procedure To Configure Menu 1 ............................................................................ 223

Chapter 20

LAN Setup.............................................................................................................................. 225

20.1 LAN Setup ....................................................................................................................... 225

20.2 TCP/IP Ethernet Setup .................................................................................................... 225

Chapter 21

SNMP Configuration.............................................................................................................227

21.1 SNMP Configuration ........................................................................................................227

Chapter 22

System Password .................................................................................................................229

22.1 System Password ............................................................................................................ 229

ZyXEL NWA-3500 User’s Guide

Table of Contents

Chapter 23

System Information and Diagnosis..................................................................................... 231

23.1 System Status .................................................................................................................. 231

23.2 System Information .......................................................................................................... 233

23.2.1 System Information ................................................................................................ 233

23.2.2 Console Port Speed ............................................................................................... 234

23.3 Log and Trace .................................................................................................................. 234

23.3.1 Viewing Error Log ................................................................................................... 234

23.4 Diagnostic ........................................................................................................................ 235

Chapter 24

Firmware and Configuration File Maintenance..................................................................237

24.1 Filename Conventions ..................................................................................................... 237

24.2 Backup Configuration ......................................................................................................238

24.2.1 Using the FTP command from the DOS Prompt .................................................... 238

24.2.2 Backup Configuration Using TFTP ......................................................................... 239

24.2.3 Example: TFTP Command ..................................................................................... 240

24.3 Restore Configuration ..................................................................................................... 240

24.3.1 Using the FTP command from the DOS Prompt Example ..................................... 240

24.3.2 TFTP File Upload ................................................................................................... 241

24.3.3 Example: TFTP Command ..................................................................................... 242

Chapter 25

System Maintenance and Information ................................................................................243

25.1 Command Interpreter Mode ............................................................................................ 243

25.1.1 Command Syntax ................................................................................................... 244

25.1.2 Command Usage ................................................................................................... 244

25.1.3 Brute-Force Password Guessing Protection .......................................................... 244

25.1.3.1 Configuring Brute-Force Password Guessing Protection: Example ............. 244

25.2 Time and Date Setting .....................................................................................................245

25.2.1 Resetting the Time ................................................................................................. 246

25.3 Remote Management Setup ............................................................................................ 246

25.3.1 Telnet ...................................................................................................................... 246

25.3.2 FTP ........................................................................................................................ 247

25.3.3 Web ........................................................................................................................ 247

25.3.4 Remote Management Setup .................................................................................. 247

25.3.5 Remote Management Limitations .......................................................................... 249

25.4 System Timeout ............................................................................................................... 249

Chapter 26

Troubleshooting.................................................................................................................... 251

26.1 Power, Hardware Connections, and LEDs ...................................................................... 251

26.2 ZyXEL Device Access and Login .................................................................................... 251

ZyXEL NWA-3500 User’s Guide

Table of Contents

26.3 Internet Access ................................................................................................................ 254

Part IV: Appendices and Index ........................................................... 255

Appendix A Product Specifications.......................................................................................257

Appendix B Power over Ethernet (PoE) Specifications ........................................................ 259

Appendix C Power Adaptor Specifications ........................................................................... 261

Appendix D Setting up Your Computer’s IP Address ...........................................................263

Appendix E Wireless LANs ..................................................................................................275

Appendix F Pop-up Windows, JavaScripts and Java Permissions ...................................... 289

Appendix G IP Addresses and Subnetting ...........................................................................295

Appendix H Text File Based Auto Configuration ..................................................................303

Appendix I Legal Information................................................................................................ 311

Appendix J Customer Support .............................................................................................315

Index....................................................................................................................................... 319

ZyXEL NWA-3500 User’s Guide

Table of Contents

ZyXEL NWA-3500 User’s Guide

List of Figures

Figure 1 Access Point Application .......................................................................................................... 34

Figure 2 Bridge Application .................................................................................................................... 35

Figure 3 Repeater Application ................................................................................................................ 35

Figure 4 AP+Bridge Application ............................................................................................................. 36

Figure 5 Multiple BSSs ........................................................................................................................... 37

Figure 6 Dual WLAN Adaptors Example ................................................................................................ 38

Figure 7 LEDs ......................................................................................................................................... 40

Figure 8 Change Password Screen ........................................................................................................ 44

Figure 9 Replace Certificate Screen ....................................................................................................... 44

Figure 10 The Status Screen of the Web Configurator ........................................................................... 45

Figure 11 The Status Screen .................................................................................................................. 47

Figure 12 Configuring Wireless LAN ...................................................................................................... 53

Figure 13 Tutorial: Example MBSSID Setup .......................................................................................... 55

Figure 14 Tutorial: Wireless LAN: Before ............................................................................................... 56

Figure 15 Tutorial: Wireless LAN: Change Mode ................................................................................... 56

Figure 16 Tutorial: WIRELESS > SSID .................................................................................................. 57

Figure 17 Tutorial: VoIP SSID Profile Edit .............................................................................................. 58

Figure 18 Tutorial: VoIP Security ............................................................................................................ 59

Figure 19 Tutorial: VoIP Security Profile Edit .......................................................................................... 59

Figure 20 Tutorial: VoIP Security: Updated ............................................................................................ 60

Figure 21 Tutorial: Activate VoIP Profile ................................................................................................. 60

Figure 22 Tutorial: Guest Edit ................................................................................................................. 61

Figure 23 Tutorial: Guest Security Profile Edit ........................................................................................ 61

Figure 24 Tutorial: Guest Security: Updated .......................................................................................... 62

Figure 25 Tutorial: Layer 2 Isolation ....................................................................................................... 62

Figure 26 Tutorial: Layer 2 Isolation Profile ............................................................................................ 63

Figure 27 Tutorial: Activate Guest Profile ............................................................................................... 63

Figure 28 Tutorial: Wireless Network Example ....................................................................................... 65

Figure 29 Tutorial: Friendly AP (Before Data Entry) ............................................................................... 66

Figure 30 Tutorial: Friendly AP (After Data Entry) ................................................................................. 67

Figure 31 Tutorial: Configuration ............................................................................................................ 67

Figure 32 Tutorial: Warning .................................................................................................................... 68

Figure 33 Tutorial: Save Friendly AP list ................................................................................................ 68

Figure 34 Tutorial: Periodic Rogue AP Detection .................................................................................. 68

Figure 35 Tutorial: Log Settings .............................................................................................................. 69

Figure 36 Tutorial: Example Network ..................................................................................................... 71

Figure 37 Tutorial: SSID Profile .............................................................................................................. 73

Figure 38 Tutorial: SSID Edit .................................................................................................................. 74

ZyXEL NWA-3500 User’s Guide

List of Figures

Figure 39 Tutorial: Layer-2 Isolation Edit ................................................................................................ 74

Figure 40 Tutorial: MAC Filter Edit (SERVER_1) ................................................................................... 75

Figure 41 Tutorial: SSID Profiles Activated ............................................................................................ 76

Figure 42 Tutorial: SSID Tab Correct Settings ........................................................................................ 76

Figure 43 System > General .................................................................................................................. 81

Figure 44 SYSTEM > Password. ............................................................................................................ 83

Figure 45 SYSTEM > Time Setting ........................................................................................................ 84

Figure 46 Basic Service set .................................................................................................................... 87

Figure 47 Extended Service Set ............................................................................................................. 88

Figure 48 DiffServ: Differentiated Service Field ...................................................................................... 91

Figure 49 Wireless: Access Point ........................................................................................................... 95

Figure 50 Bridging Example ................................................................................................................... 97

Figure 51 Bridge Loop: Two Bridges Connected to Hub ........................................................................ 98

Figure 52 Bridge Loop: Bridge Connected to Wired LAN ....................................................................... 98

Figure 53 Wireless: Bridge/Repeater ..................................................................................................... 99

Figure 54 Wireless: AP+Bridge ............................................................................................................ 101

Figure 55 EAP Authentication .............................................................................................................. 104

Figure 56 WPA(2)-PSK Authentication ................................................................................................. 106

Figure 57 WPA(2) with RADIUS Application Example ......................................................................... 107

Figure 58 Wireless > Security ............................................................................................................... 109

Figure 59 WIRELESS > Security: WEP .................................................................................................110

Figure 60 Security: 802.1x Only ...........................................................................................................111

Figure 61 Security: 802.1x Static 64-bit, 802.1x Static 128-bit .............................................................112

Figure 62 Security: WPA ......................................................................................................................113

Figure 63 Security:WPA2 or WPA2-MIX ................................................................................................114

Figure 64 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX ............................................................115

Figure 65 RADIUS .................................................................................................................................116

Figure 66 Multiple BSS with VLAN Example ........................................................................................ 120

Figure 67 Wireless: Multiple BSS ......................................................................................................... 120

Figure 68 SSID ..................................................................................................................................... 123

Figure 69 Configuring SSID .................................................................................................................. 124

Figure 70 Layer-2 Isolation Application ................................................................................................ 128

Figure 71 WIRELESS > Layer 2 Isolation ............................................................................................ 129

Figure 72 WIRELESS > Layer-2 Isolation Configuration Screen ......................................................... 130

Figure 73 Layer-2 Isolation Example Configuration ............................................................................. 131

Figure 74 Layer-2 Isolation Example 1 ................................................................................................. 131

Figure 75 Layer-2 Isolation Example 2 ................................................................................................. 132

Figure 76 WIRELESS > MAC Filter ...................................................................................................... 132

Figure 77 MAC Address Filter .............................................................................................................. 133

Figure 78 Roaming Example ................................................................................................................ 135

Figure 79 Roaming ............................................................................................................................... 136

Figure 80 IP Setup ................................................................................................................................ 138

Figure 81 Rogue AP: Example ............................................................................................................ 142

ZyXEL NWA-3500 User’s Guide

List of Figures

Figure 82 “Honeypot” Attack ................................................................................................................. 143

Figure 83 ROGUE AP > Configuration ................................................................................................. 144

Figure 84 ROGUE AP > Friendly AP .................................................................................................... 145

Figure 85 ROGUE AP > Rogue AP ...................................................................................................... 146

Figure 86 Telnet Configuration on a TCP/IP Network ........................................................................... 148

Figure 87 Remote Management: Telnet ............................................................................................... 148

Figure 88 Remote Management: FTP .................................................................................................. 149

Figure 89 Remote Management: WWW ...............................................................................................150

Figure 90 SNMP Management Model .................................................................................................. 152

Figure 91 Remote Management: SNMP ..............................................................................................154

Figure 92 Internal RADIUS Server Setting Screen ............................................................................... 158

Figure 93 Trusted AP Overview ............................................................................................................ 160

Figure 94 Trusted AP Screen ............................................................................................................... 161

Figure 95 Trusted Users Screen ........................................................................................................... 162

Figure 96 Certificates on Your Computer ............................................................................................. 164

Figure 97 Certificate Details ................................................................................................................ 165

Figure 98 My Certificates ...................................................................................................................... 166

Figure 99 My Certificate Import ............................................................................................................ 168

Figure 100 My Certificate Create .......................................................................................................... 169

Figure 101 My Certificate Details ......................................................................................................... 172

Figure 102 Trusted CAs ........................................................................................................................ 174

Figure 103 Trusted CA Import .............................................................................................................. 176

Figure 104 Trusted CA Details ............................................................................................................. 177

Figure 105 View Log ............................................................................................................................. 181

Figure 106 Log Settings ....................................................................................................................... 182

Figure 107 WIRELESS VLAN .............................................................................................................. 189

Figure 108 RADIUS VLAN ................................................................................................................... 190

Figure 109 Management VLAN Configuration Example ....................................................................... 192

Figure 110 VLAN-Aware Switch - Static VLAN .....................................................................................192

Figure 111 VLAN-Aware Switch ............................................................................................................ 192

Figure 112 VLAN-Aware Switch - VLAN Status .................................................................................... 193

Figure 113 VLAN Setup ........................................................................................................................ 193

Figure 114 New Global Security Group ............................................................................................... 195

Figure 115 Add Group Members ......................................................................................................... 195

Figure 116 New Remote Access Policy for VLAN Group .................................................................... 196

Figure 117 Specifying Windows-Group Condition ................................................................................ 196

Figure 118 Adding VLAN Group .......................................................................................................... 197

Figure 119 Granting Permissions and User Profile Screens ............................................................... 197

Figure 120 Authentication Tab Settings ................................................................................................ 198

Figure 121 Encryption Tab Settings ..................................................................................................... 198

Figure 122 Connection Attributes Screen ............................................................................................ 199

Figure 123 RADIUS Attribute Screen .................................................................................................. 199

Figure 124 802 Attribute Setting for Tunnel-Medium-Type .................................................................. 200

ZyXEL NWA-3500 User’s Guide

List of Figures

Figure 125 VLAN ID Attribute Setting for Tunnel-Pvt-Group-ID .......................................................... 200

Figure 126 VLAN Attribute Setting for Tunnel-Type ............................................................................ 201

Figure 127 Completed Advanced Tab .................................................................................................. 201

Figure 128 Second Rx VLAN ID Example ............................................................................................ 202

Figure 129 Configuring SSID: Second Rx VLAN ID Example .............................................................. 203

Figure 130 System Status .................................................................................................................... 205

Figure 131 System Status: Show Statistics .......................................................................................... 206

Figure 132 Association List .................................................................................................................. 207

Figure 133 Channel Usage ................................................................................................................... 208

Figure 134 Firmware Upload ................................................................................................................ 209

Figure 135 Firmware Upload In Process .............................................................................................. 210

Figure 136 Network Temporarily Disconnected ....................................................................................210

Figure 137 Firmware Upload Error ....................................................................................................... 210

Figure 138 Configuration .......................................................................................................................211

Figure 139 Configuration Upload Successful ....................................................................................... 212

Figure 140 Network Temporarily Disconnected ....................................................................................212

Figure 141 Configuration Upload Error ................................................................................................. 212

Figure 142 Reset Warning Message .................................................................................................... 213

Figure 143 Restart Screen ................................................................................................................... 213

Figure 144 Initial Screen ....................................................................................................................... 218

Figure 145 Password Screen .............................................................................................................. 219

Figure 146 Login Screen ...................................................................................................................... 219

Figure 147 Menu 23.1 System Password ............................................................................................. 220

Figure 148 SMT Main Menu ................................................................................................................. 221

Figure 149 Menu 1 General Setup ....................................................................................................... 223

Figure 150 Menu 3 LAN Setup ............................................................................................................ 225

Figure 151 Menu 3.2 TCP/IP Setup ..................................................................................................... 225

Figure 152 Menu 22 SNMP Configuration ............................................................................................ 227

Figure 153 Menu 23 System Security .................................................................................................. 229

Figure 154 Menu 24 System Maintenance ........................................................................................... 231

Figure 155 Menu 24.1 System Maintenance: Status ............................................................................ 232

Figure 156 Menu 24.2 System Information and Console Port Speed .................................................. 233

Figure 157 Menu 24.2.1 System Information: Information ................................................................... 233

Figure 158 Menu 24.2.2 System Maintenance: Change Console Port Speed ..................................... 234

Figure 159 Menu 24.3 System Maintenance: Log and Trace ............................................................... 235

Figure 160 Sample Error and Information Messages ........................................................................... 235

Figure 161 Menu 24.4 System Maintenance: Diagnostic ..................................................................... 235

Figure 162 FTP Session Example ........................................................................................................ 239

Figure 163 FTP Session Example ........................................................................................................ 241

Figure 164 Menu 24 System Maintenance ........................................................................................... 243

Figure 165 Valid CI Commands ............................................................................................................ 244

Figure 166 Menu 24.10 System Maintenance: Time and Date Setting ................................................ 245

Figure 167 Telnet Configuration on a TCP/IP Network ......................................................................... 247

ZyXEL NWA-3500 User’s Guide

List of Figures

Figure 168 Menu 24.11 Remote Management Control ........................................................................ 248

Figure 169 WIndows 95/98/Me: Network: Configuration ...................................................................... 264

Figure 170 Windows 95/98/Me: TCP/IP Properties: IP Address .......................................................... 265

Figure 171 Windows 95/98/Me: TCP/IP Properties: DNS Configuration .............................................. 266

Figure 172 Windows XP: Start Menu .................................................................................................... 267

Figure 173 Windows XP: Control Panel ............................................................................................... 267

Figure 174 Windows XP: Control Panel: Network Connections: Properties ......................................... 268

Figure 175 Windows XP: Local Area Connection Properties ............................................................... 268

Figure 176 Windows XP: Advanced TCP/IP Settings .......................................................................... 269

Figure 177 Windows XP: Internet Protocol (TCP/IP) Properties .......................................................... 270

Figure 178 Macintosh OS 8/9: Apple Menu .......................................................................................... 271

Figure 179 Macintosh OS 8/9: TCP/IP ................................................................................................. 271

Figure 180 Macintosh OS X: Apple Menu ............................................................................................ 272

Figure 181 Macintosh OS X: Network .................................................................................................. 273

Figure 182 Peer-to-Peer Communication in an Ad-hoc Network ......................................................... 275

Figure 183 Basic Service Set ............................................................................................................... 276

Figure 184 Infrastructure WLAN ........................................................................................................... 277

Figure 185 RTS/CTS ............................................................................................................................ 278

Figure 186 WPA(2) with RADIUS Application Example ....................................................................... 285

Figure 187 WPA(2)-PSK Authentication ............................................................................................... 286

Figure 188 Pop-up Blocker ................................................................................................................... 289

Figure 189 Internet Options: Privacy .................................................................................................... 290

Figure 190 Internet Options: Privacy .................................................................................................... 291

Figure 191 Pop-up Blocker Settings ..................................................................................................... 291

Figure 192 Internet Options: Security ................................................................................................... 292

Figure 193 Security Settings - Java Scripting ....................................................................................... 293

Figure 194 Security Settings - Java ...................................................................................................... 293

Figure 195 Java (Sun) .......................................................................................................................... 294

Figure 196 Network Number and Host ID ............................................................................................ 296

Figure 197 Subnetting Example: Before Subnetting ............................................................................ 298

Figure 198 Subnetting Example: After Subnetting ............................................................................... 299

Figure 199 Text File Based Auto Configuration .................................................................................... 303

Figure 200 Configuration File Format ................................................................................................... 305

Figure 201 WEP Configuration File Example ....................................................................................... 306

Figure 202 802.1X Configuration File Example .................................................................................... 307

Figure 203 WPA-PSK Configuration File Example ............................................................................... 307

Figure 204 WPA Configuration File Example ....................................................................................... 308

Figure 205 Wlan Configuration File Example ....................................................................................... 309

ZyXEL NWA-3500 User’s Guide

List of Figures

ZyXEL NWA-3500 User’s Guide

List of Tables

Table 1 LEDs ......................................................................................................................................... 40

Table 2 The Status Screen .................................................................................................................... 48

Table 3 Tutorial: Example Information ................................................................................................... 55

Table 4 Tutorial: Rogue AP Example Information .................................................................................. 65

Table 5 Tutorial: Friendly AP Information ............................................................................................... 66

Table 6 Tutorial: SSID Profile Security Settings ..................................................................................... 72

Table 7 Tutorial: Example Network MAC Addresses ............................................................................. 72

Table 8 Tutorial: Example User MAC Addresses ................................................................................... 72

Table 9 Tutorial: SERVER_2 Network Information ................................................................................75

Table 10 System > General ................................................................................................................... 81

Table 11 Password ................................................................................................................................ 83

Table 12 SYSTEM > Time Setting ......................................................................................................... 85

Table 13 Default Time Servers .............................................................................................................. 86

Table 14 WMM QoS Priorities ............................................................................................................... 89

Table 15 Typical Packet Sizes ............................................................................................................... 90

Table 16 Automatic Traffic Classifier Priorities ...................................................................................... 90

Table 17 ATC + WMM Priority Assignment (LAN to WLAN) .................................................................. 91

Table 18 ATC + WMM Priority Assignment (WLAN to LAN) .................................................................. 91

Table 19 ToS and IEEE 802.1d to WMM QoS Priority Level Mapping .................................................. 92

Table 20 STP Path Costs ...................................................................................................................... 93

Table 21 STP Port States ...................................................................................................................... 94

Table 22 Wireless: Access Point ........................................................................................................... 95

Table 23 Wireless: Bridge/Repeater ...................................................................................................... 99

Table 24 Security Modes ..................................................................................................................... 107

Table 25 Wireless Security Levels ....................................................................................................... 108

Table 26 WIRELESS > Security .......................................................................................................... 109

Table 27 Security: WEP ........................................................................................................................110

Table 28 Security: 802.1x Only .............................................................................................................111

Table 29 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ...............................................................11 2

Table 30 Security: WPA ........................................................................................................................113

Table 31 Security: WPA2 or WPA2-MIX ...............................................................................................114

Table 32 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX ............................................................115

Table 33 RADIUS .................................................................................................................................116

Table 34 Wireless: Multiple BSS .......................................................................................................... 121

Table 35 SSID ...................................................................................................................................... 123

Table 36 Configuring SSID .................................................................................................................. 124

Table 37 WIRELESS > Layer-2 Isolation ............................................................................................. 129

Table 38 WIRELESS > Layer-2 Isolation Configuration ...................................................................... 130

ZyXEL NWA-3500 User’s Guide

List of Tables

Table 39 WIRELESS > MAC Filter ...................................................................................................... 133

Table 40 MAC Address Filter ............................................................................................................... 134

Table 41 Private IP Address Ranges ................................................................................................... 137

Table 42 IP Setup ................................................................................................................................ 138

Table 43 ROGUE AP > Configuration .................................................................................................. 144

Table 44 ROGUE AP > Friendly AP .................................................................................................... 145

Table 45 ROGUE AP > Rogue AP ....................................................................................................... 146

Table 46 Remote Management Overview ...........................................................................................147

Table 47 Remote Management: Telnet ................................................................................................ 148

Table 48 Remote Management: FTP ................................................................................................... 149

Table 49 Remote Management: WWW ...............................................................................................150

Table 50 SNMP Traps .......................................................................................................................... 153

Table 51 SNMP Interface Index to Physical and Virtual Port Mapping ................................................ 153

Table 52 Remote Management: SNMP ............................................................................................... 154

Table 53 Internal RADIUS Server Setting Screen Setting ................................................................... 158

Table 54 Trusted AP ............................................................................................................................ 161

Table 55 Trusted Users ........................................................................................................................ 162

Table 56 My Certificates ...................................................................................................................... 166

Table 57 My Certificate Import ............................................................................................................. 168

Table 58 My Certificate Create ............................................................................................................ 169

Table 59 My Certificate Details ............................................................................................................ 172

Table 60 Trusted CAs .......................................................................................................................... 175

Table 61 Trusted CA Import ................................................................................................................. 176

Table 62 Trusted CA Details ................................................................................................................ 177

Table 63 View Log ............................................................................................................................... 181

Table 64 Log Settings .......................................................................................................................... 183

Table 65 System Maintenance Logs .................................................................................................... 184

Table 66 ICMP Notes ........................................................................................................................... 184

Table 67 Sys log .................................................................................................................................. 185

Table 68 Log Categories and Available Settings ................................................................................. 185

Table 69 WIRELESS VLAN ................................................................................................................. 189

Table 70 RADIUS VLAN ...................................................................................................................... 191

Table 71 Standard RADIUS Attributes ................................................................................................. 194

Table 72 System Status ....................................................................................................................... 205

Table 73 System Status: Show Statistics ............................................................................................. 206

Table 74 Association List ..................................................................................................................... 207

Table 75 Channel Usage ..................................................................................................................... 208

Table 76 Firmware Upload ................................................................................................................... 209

Table 77 Restore Configuration ............................................................................................................211

Table 78 SMT Menus Overview ........................................................................................................... 220

Table 79 Main Menu Commands ......................................................................................................... 221

Table 80 Main Menu Summary ............................................................................................................ 222

Table 81 Menu 1 General Setup .......................................................................................................... 223

ZyXEL NWA-3500 User’s Guide

List of Tables

Table 82 Menu 3.2 TCP/IP Setup ........................................................................................................ 226

Table 83 Menu 22 SNMP Configuration .............................................................................................. 227

Table 84 Menu 24.1 System Maintenance: Status .............................................................................. 232

Table 85 Menu 24.2.1 System Maintenance: Information ................................................................... 233

Table 86 Menu 24.4 System Maintenance Menu: Diagnostic .............................................................. 236

Table 87 Filename Conventions .......................................................................................................... 238

Table 88 General Commands for Third Party FTP Clients .................................................................. 239

Table 89 General Commands for Third Party TFTP Clients ................................................................ 240

Table 90 Brute-Force Password Guessing Protection Commands ..................................................... 244

Table 91 System Maintenance: Time and Date Setting ....................................................................... 245

Table 92 Menu 24.11 Remote Management Control ........................................................................... 248

Table 93 Hardware Specifications ....................................................................................................... 257

Table 94 Firmware Specifications ........................................................................................................ 257

Table 95 Power over Ethernet Injector Specifications ........................................................................ 259

Table 96 Power over Ethernet Injector RJ-45 Port Pin Assignments .................................................. 259

Table 97 North American Plug Standards ............................................................................................ 261

Table 98 European Plug Standards ..................................................................................................... 261

Table 99 United Kingdom Plug Standards ........................................................................................... 261

Table 100 Australia and New Zealand Plug Standards ....................................................................... 261

Table 101 IEEE 802.11g ...................................................................................................................... 279

Table 102 Wireless Security Levels ..................................................................................................... 280

Table 103 Comparison of EAP Authentication Types .......................................................................... 283

Table 104 Wireless Security Relational Matrix .................................................................................... 286

Table 105 Subnet Masks ..................................................................................................................... 296

Table 106 Subnet Masks ..................................................................................................................... 297

Table 107 Maximum Host Numbers .................................................................................................... 297

Table 108 Alternative Subnet Mask Notation ....................................................................................... 297

Table 109 Subnet 1 .............................................................................................................................. 299

Table 110 Subnet 2 .............................................................................................................................. 300

Table 111 Subnet 3 .............................................................................................................................. 300

Table 112 Subnet 4 .............................................................................................................................. 300

Table 113 Eight Subnets ...................................................................................................................... 300

Table 114 24-bit Network Number Subnet Planning ............................................................................ 301

Table 115 16-bit Network Number Subnet Planning ............................................................................ 301

Table 116 Auto Configuration by DHCP .............................................................................................. 304

Table 117 Manual Configuration .......................................................................................................... 304

Table 118 Configuration via SNMP ...................................................................................................... 304

Table 119 Displaying the File Version .................................................................................................. 305

Table 120 Displaying the File Version .................................................................................................. 305

Table 121 Displaying the Auto Configuration Status ............................................................................306

ZyXEL NWA-3500 User’s Guide

List of Tables

ZyXEL NWA-3500 User’s Guide

+ 294 hidden pages