Zyxel NXC2500, NXC5500 User Manual

User’s Guide

NXC Series

Wireless LAN Controller

Default Login Details

LAN IP Address https://192.168.1.1

User Name admin

Password 1234

Version 5.30 Edition 1, 08/2018

IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE.

This is a User’s Guide for a series of products. Not all products support all firmware features. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate.

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this guide.

Warnings tell you about things that could harm you or your device.

Note: Notes tell you other important information (for example, other things you may need to

configure or helpful tips) or recommendations.

Syntax Conventions

• All models in this series may be referred to as the “NXC” in this guide.

• Product labels, screen names, field labels and field choices are all in bold font.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Configuration > Network > Interface means you first click Configuration in the navigation panel, then the Network sub menu and finally the Interface tab to get to that screen.

Icons Used in Figures

Figures in this guide may use the following generic icons. The NXC icon is not an exact representation of your device.

NXC AP Router Switch

Internet Server Desktop Laptop

NXC Series User’s Guide

Contents Overview

User’s Guide ..................................................................................................................................... 17

Introduction ........................................................................................................................................... 18

Hardware Installation and Connection ............................................................................................. 24

The Web Configurator ......................................................................................................................... 30

Setup Wizard ......................................................................................................................................... 44

Technical Reference ....................................................................................................................... 54

Dashboard ............................................................................................................................................ 55

Monitor ................................................................................................................................................... 67

Registration .......................................................................................................................................... 108

Wireless ................................................................................................................................................. 111

Interfaces ............................................................................................................................................. 137

Policy and Static Routes .................................................................................................................... 167

Zones .................................................................................................................................................... 176

NAT ....................................................................................................................................................... 179

ALG ....................................................................................................................................................... 186

IP/MAC Binding ................................................................................................................................... 188

Captive Portal ..................................................................................................................................... 193

RTLS ....................................................................................................................................................... 216

Firewall ................................................................................................................................................. 219

User/Group .......................................................................................................................................... 227

AP Profile .............................................................................................................................................. 246

MON Profile ......................................................................................................................................... 266

ZyMesh Profile ...................................................................................................................................... 271

Addresses ............................................................................................................................................ 275

Services ................................................................................................................................................ 280

Schedules ............................................................................................................................................ 285

AAA Server .......................................................................................................................................... 289

Authentication Method ..................................................................................................................... 300

Certificates .......................................................................................................................................... 303

DHCPv6 ................................................................................................................................................ 318

System .................................................................................................................................................. 320

Log and Report ................................................................................................................................... 362

File Manager ....................................................................................................................................... 377

Diagnostics .......................................................................................................................................... 388

Packet Flow Explore ........................................................................................................................... 402

Reboot ................................................................................................................................................. 408

Shutdown ............................................................................................................................................. 409

NXC Series User’s Guide

Contents Overview

Troubleshooting .................................................................................................................................. 410

NXC Series User’s Guide

Table of Contents

Document Conventions ..................................................................................................................... 3

Contents Overview ............................................................................................................................ 4

Table of Contents................................................................................................................................ 6

Part I: User’s Guide.......................................................................................... 17

Chapter 1

Introduction....................................................................................................................................... 18

1.1 Overview ......................................................................................................................................... 18

1.2 Zones, Interfaces, and Physical Ports ........................................................................................... 18

1.2.1 Interface Types ...................................................................................................................... 19

1.2.2 Interface and Zone Configuration ...................................................................................... 19

1.3 Applications .................................................................................................................................... 20

1.3.1 AP Management .................................................................................................................. 20

1.3.2 Wireless Security .................................................................................................................... 20

1.3.3 Captive Portal ....................................................................................................................... 20

1.3.4 Load Balancing ..................................................................................................................... 21

1.3.5 Dynamic Channel Selection ................................................................................................21

1.3.6 User-Aware Access Control ................................................................................................. 21

1.4 Management Overview ................................................................................................................ 22

1.5 Object-based Configuration ........................................................................................................ 22

1.6 Starting and Stopping the NXC .................................................................................................... 23

Chapter 2

Hardware Installation and Connection .......................................................................................... 24

2.1 Rack-mounted Installation ............................................................................................................ 24

2.1.1 Rack-Mounted Installation Procedure ............................................................................... 24

2.2 Front Panel ....................................................................................................................................... 25

2.2.1 NXC2500 ................................................................................................................................. 25

2.2.2 NXC5500 ................................................................................................................................. 25

2.2.3 Front Panel LEDs .................................................................................................................... 27

2.3 Rear Panel ....................................................................................................................................... 28

Chapter 3

The Web Configurator....................................................................................................................... 30

3.1 Overview ......................................................................................................................................... 30

NXC Series User’s Guide

Table of Contents

3.2 Access .............................................................................................................................................. 30

3.3 The Main Screen ............................................................................................................................. 31

3.3.1 Title Bar ................................................................................................................................... 32

3.3.2 Navigation Panel .................................................................................................................. 35

3.3.3 Warning Messages ................................................................................................................ 40

3.3.4 Tables and Lists ...................................................................................................................... 40

Chapter 4

Setup Wizard...................................................................................................................................... 44

4.1 Accessing the Wizard ..................................................................................................................... 44

4.2 Using the Wizard ............................................................................................................................. 44

4.2.1 Step 1 Password and Time Settings ..................................................................................... 44

4.2.2 Step 2 Uplink Connection and Management VLAN ....................................................... 45

4.2.3 Step 3 VLAN Settings ............................................................................................................. 46

4.2.4 Step 4 SSID ............................................................................................................................. 49

4.2.5 Step 5 Radio ......................................................................................................................... 51

4.2.6 Summary ............................................................................................................................... 52

Part II: Technical Reference........................................................................... 54

Chapter 5

Dashboard......................................................................................................................................... 55

5.1 Overview ......................................................................................................................................... 55

5.1.1 What You Can Do in this Chapter ....................................................................................... 55

5.2 Dashboard ...................................................................................................................................... 56

5.2.1 CPU Usage ............................................................................................................................. 60

5.2.2 Memory Usage ...................................................................................................................... 60

5.2.3 Session Usage ........................................................................................................................ 61

5.2.4 DHCP Table ............................................................................................................................ 61

5.2.5 Number of Login Users .......................................................................................................... 62

5.2.6 AP Status ................................................................................................................................ 63

5.2.7 Station Traffic ......................................................................................................................... 65

Chapter 6

Monitor............................................................................................................................................... 67

6.1 Overview ......................................................................................................................................... 67

6.1.1 What You Can Do in this Chapter ....................................................................................... 67

6.2 What You Need to Know ............................................................................................................... 68

6.3 Port Statistics ................................................................................................................................... 69

6.3.1 Port Statistics Graph ............................................................................................................. 70

6.4 Interface Status ............................................................................................................................... 71

NXC Series User’s Guide

Table of Contents

6.5 Traffic Statistics ................................................................................................................................ 73

6.6 Session Monitor .............................................................................................................................. 76

6.7 IP/MAC Binding Monitor ................................................................................................................ 78

6.8 Login Users ...................................................................................................................................... 79

6.8.1 Dynamic Guest .................................................................................................................... 80

6.8.2 Trusted MAC Address List ..................................................................................................... 81

6.9 USB Storage .................................................................................................................................... 82

6.10 Ethernet Neighbor ....................................................................................................................... 83

6.11 AP List ............................................................................................................................................ 84

6.11.1 Station Count of AP ........................................................................................................... 87

6.11.2 Config AP ............................................................................................................................ 89

6.12 Radio List ....................................................................................................................................... 95

6.12.1 AP Mode Radio Information .............................................................................................. 96

6.13 ZyMesh Link Info ............................................................................................................................ 98

6.14 SSID Info ......................................................................................................................................... 99

6.15 Station List ................................................................................................................................... 100

6.16 Detected Device ....................................................................................................................... 101

6.17 View Log ...................................................................................................................................... 103

6.18 View AP Log ............................................................................................................................... 105

Chapter 7

Registration...................................................................................................................................... 108

7.1 Overview ....................................................................................................................................... 108

7.1.1 What You Can Do in this Chapter ..................................................................................... 108

7.1.2 What you Need to Know .................................................................................................... 108

7.2 Registration .................................................................................................................................... 109

7.3 Service ........................................................................................................................................... 109

Chapter 8

Wireless............................................................................................................................................ 111

8.1 Overview ....................................................................................................................................... 111

8.1.1 What You Can Do in this Chapter ..................................................................................... 111

8.1.2 What You Need to Know ................................................................................................... 111

8.2 Controller ...................................................................................................................................... 112

8.3 AP Management .......................................................................................................................... 112

8.3.1 Mgmt. AP List ....................................................................................................................... 113

8.3.2 AP Policy .............................................................................................................................. 121

8.3.3 AP Group ............................................................................................................................. 122

8.3.4 Firmware ............................................................................................................................... 128

8.4 Rogue AP ....................................................................................................................................... 130

8.4.1 Add/Edit Rogue/Friendly List .............................................................................................. 132

8.5 Auto Healing ................................................................................................................................. 132

8.6 Technical Reference .................................................................................................................... 133

NXC Series User’s Guide

Table of Contents

8.6.1 Dynamic Channel Selection .............................................................................................. 133

8.6.2 Load Balancing ................................................................................................................... 134

8.6.3 Disassociating and Delaying Connections ...................................................................... 135

Chapter 9

Interfaces......................................................................................................................................... 137

9.1 Interface Overview ...................................................................................................................... 137

9.1.1 What You Can Do in this Chapter ..................................................................................... 137

9.1.2 What You Need to Know ................................................................................................... 137

9.2 Ethernet Summary ....................................................................................................................... 138

9.2.1 Edit Ethernet ........................................................................................................................ 139

9.2.2 Object References .............................................................................................................. 146

9.2.3 Add DHCPv6 Request Options .......................................................................................... 146

9.2.4 Add/Edit DHCP Extended Options ................................................................................... 147

9.3 VLAN Interfaces ........................................................................................................................... 149

9.3.1 VLAN Summary .................................................................................................................... 150

9.3.2 Add/Edit VLAN ................................................................................................................... 151

9.4 LAG ................................................................................................................................................ 157

9.4.1 LAG Summary Screen ......................................................................................................... 157

9.4.2 LAG Add/Edit ..................................................................................................................... 158

9.5 Technical Reference .................................................................................................................... 164

Chapter 10

Policy and Static Routes................................................................................................................. 167

10.1 Overview ..................................................................................................................................... 167

10.1.1 What You Can Do in this Chapter ................................................................................... 167

10.1.2 What You Need to Know ................................................................................................ 167

10.2 Policy Route ............................................................................................................................... 168

10.2.1 Add/Edit Policy Route ...................................................................................................... 170

10.3 Static Route ................................................................................................................................ 173

10.3.1 Static Route Setting .......................................................................................................... 174

10.4 Technical Reference .................................................................................................................. 174

Chapter 11

Zones................................................................................................................................................ 176

11.1 Overview ..................................................................................................................................... 176

11.1.1 What You Can Do in this Chapter ................................................................................... 176

11.1.2 What You Need to Know ................................................................................................. 176

11.2 Zone ............................................................................................................................................. 177

11.2.1 Add/Edit Zone .................................................................................................................. 177

Chapter 12

NAT................................................................................................................................................... 179

NXC Series User’s Guide

Table of Contents

12.1 Overview ..................................................................................................................................... 179

12.1.1 What You Can Do in this Chapter ................................................................................... 179

12.2 NAT Summary .............................................................................................................................. 179

12.2.1 Add/Edit NAT ..................................................................................................................... 180

12.3 Technical Reference .................................................................................................................. 183

Chapter 13

ALG................................................................................................................................................... 186

13.1 Overview ..................................................................................................................................... 186

13.1.1 What You Can Do in this Chapter ................................................................................... 186

13.1.2 What You Need to Know ................................................................................................. 186

13.1.3 Before You Begin ............................................................................................................... 186

13.2 ALG .............................................................................................................................................. 186

13.3 Technical Reference .................................................................................................................. 187

Chapter 14

IP/MAC Binding............................................................................................................................... 188

14.1 Overview ..................................................................................................................................... 188

14.1.1 What You Can Do in this Chapter ................................................................................... 188

14.1.2 What You Need to Know ................................................................................................. 188

14.2 IP/MAC Binding Summary ......................................................................................................... 189

14.2.1 Edit IP/MAC Binding .......................................................................................................... 190

14.2.2 Add/Edit Static DHCP Rule ............................................................................................... 191

14.3 IP/MAC Binding Exempt List ....................................................................................................... 191

Chapter 15

Captive Portal.................................................................................................................................. 193

15.1 Overview ..................................................................................................................................... 193

15.1.1 Captive Portal Type .......................................................................................................... 193

15.1.2 What You Can Do in this Chapter ................................................................................... 194

15.2 Captive Portal ............................................................................................................................. 194

15.2.1 Add Exceptional Services ................................................................................................ 196

15.3 Custom Captive Portal .............................................................................................................. 197

15.3.1 Add Customized Page ..................................................................................................... 198

15.3.2 Custom Login and Access Pages ................................................................................... 201

15.3.3 External or Uploaded Web Portal Details ....................................................................... 203

15.4 Redirect on Controller ................................................................................................................ 206

15.4.1 Auth. Policy Add/Edit ....................................................................................................... 207

15.5 Redirect on AP ............................................................................................................................ 211

15.5.1 Auth. Policy Group Add/Edit ........................................................................................... 212

15.5.2 Auth. Policy Add/Edit ....................................................................................................... 213

Chapter 16

RTLS................................................................................................................................................... 216

NXC Series User’s Guide

Table of Contents

16.1 Overview ..................................................................................................................................... 216

16.1.1 What You Can Do in this Chapter ................................................................................... 216

16.2 Before You Begin ........................................................................................................................ 217

16.3 Configuring RTLS ......................................................................................................................... 217

Chapter 17

Firewall............................................................................................................................................. 219

17.1 Overview ..................................................................................................................................... 219

17.1.1 What You Can Do in this Chapter ................................................................................... 219

17.1.2 What You Need to Know ................................................................................................. 219

17.2 Firewall ......................................................................................................................................... 221

17.2.1 Add/Edit Firewall Screen .................................................................................................. 223

17.3 Session Control ........................................................................................................................... 224

17.3.1 Add/Edit Session Limit ....................................................................................................... 225

Chapter 18

User/Group...................................................................................................................................... 227

18.1 Overview ..................................................................................................................................... 227

18.1.1 What You Can Do in this Chapter ................................................................................... 227

18.1.2 What You Need To Know ................................................................................................. 227

18.2 User Summary .............................................................................................................................. 229

18.2.1 Add/Edit User ..................................................................................................................... 230

18.3 Group Summary ......................................................................................................................... 233

18.3.1 Add/Edit Group ................................................................................................................ 234

18.4 Setting ......................................................................................................................................... 235

18.4.1 Edit User Authentication Timeout Settings ...................................................................... 239

18.4.2 Add/Edit Dynamic Guest Group ..................................................................................... 240

18.4.3 User Aware Login Example .............................................................................................. 240

18.4.4 Guest Manager Login Example ...................................................................................... 241

18.5 MAC Address .............................................................................................................................. 244

18.5.1 Add/Edit MAC Address .................................................................................................... 245

Chapter 19

AP Profile.......................................................................................................................................... 246

19.1 Overview ..................................................................................................................................... 246

19.1.1 What You Can Do in this Chapter ................................................................................... 246

19.1.2 What You Need To Know ................................................................................................. 246

19.2 Radio ............................................................................................................................................ 247

19.2.1 Add/Edit Radio Profile ...................................................................................................... 248

19.3 SSID .............................................................................................................................................. 253

19.3.1 SSID List .............................................................................................................................. 253

19.3.2 Security List ......................................................................................................................... 257

19.3.3 MAC Filter List ..................................................................................................................... 262

NXC Series User’s Guide

Table of Contents

19.3.4 Layer-2 Isolation List ........................................................................................................... 264

Chapter 20

MON Profile...................................................................................................................................... 266

20.1 Overview ..................................................................................................................................... 266

20.1.1 What You Can Do in this Chapter ................................................................................... 266

20.1.2 What You Need To Know ................................................................................................. 266

20.2 MON Profile ................................................................................................................................. 266

20.2.1 Add/Edit MON Profile ....................................................................................................... 267

20.3 Technical Reference .................................................................................................................. 269

Chapter 21

ZyMesh Profile ................................................................................................................................. 271

21.1 Overview ..................................................................................................................................... 271

21.1.1 What You Can Do in this Chapter ................................................................................... 272

21.2 ZyMesh Profile .............................................................................................................................. 272

21.2.1 Add/Edit ZyMesh Profile .................................................................................................... 274

Chapter 22

Addresses........................................................................................................................................ 275

22.1 Overview ..................................................................................................................................... 275

22.1.1 What You Can Do in this Chapter ................................................................................... 275

22.1.2 What You Need To Know ................................................................................................. 275

22.2 Address Summary ....................................................................................................................... 275

22.2.1 Add/Edit Address ............................................................................................................. 276

22.3 Address Group Summary ........................................................................................................... 277

22.3.1 Add/Edit Address Group Rule ........................................................................................ 278

Chapter 23

Services............................................................................................................................................ 280

23.1 Overview ..................................................................................................................................... 280

23.1.1 What You Can Do in this Chapter ................................................................................... 280

23.1.2 What You Need to Know ................................................................................................. 280

23.2 Service Summary ........................................................................................................................ 281

23.2.1 Add/Edit Service Rule ...................................................................................................... 282

23.3 Service Group Summary ........................................................................................................... 283

23.3.1 Add/Edit Service Group Rule .......................................................................................... 283

Chapter 24

Schedules........................................................................................................................................ 285

24.1 Overview ..................................................................................................................................... 285

24.1.1 What You Can Do in this Chapter ................................................................................... 285

24.1.2 What You Need to Know ................................................................................................. 285

NXC Series User’s Guide

Table of Contents

24.2 Schedule Summary .................................................................................................................... 285

24.2.1 Add/Edit Schedule One-Time Rule ................................................................................ 287

24.2.2 Add/Edit Schedule Recurring Rule ................................................................................ 288

Chapter 25

AAA Server ...................................................................................................................................... 289

25.1 Overview ..................................................................................................................................... 289

25.1.1 What You Can Do in this Chapter ................................................................................... 289

25.1.2 What You Need To Know ................................................................................................. 289

25.2 Active Directory / LDAP ............................................................................................................. 292

25.2.1 Add/Edit Active Directory / LDAP Server ....................................................................... 293

25.3 RADIUS ......................................................................................................................................... 296

25.3.1 Add/Edit RADIUS .............................................................................................................. 296

Chapter 26

Authentication Method .................................................................................................................. 300

26.1 Overview ..................................................................................................................................... 300

26.1.1 What You Can Do in this Chapter ................................................................................... 300

26.1.2 Before You Begin ............................................................................................................... 300

26.2 Authentication Method ............................................................................................................. 300

26.2.1 Add Authentication Method ........................................................................................... 301

Chapter 27

Certificates ...................................................................................................................................... 303

27.1 Overview ..................................................................................................................................... 303

27.1.1 What You Can Do in this Chapter ................................................................................... 303

27.1.2 What You Need to Know ................................................................................................. 303

27.1.3 Verifying a Certificate ...................................................................................................... 305

27.2 My Certificates ........................................................................................................................... 306

27.2.1 Adding My Certificates .................................................................................................... 307

27.2.2 Editing My Certificates ...................................................................................................... 309

27.2.3 Importing Certificates ...................................................................................................... 311

27.3 Trusted Certificates ..................................................................................................................... 312

27.3.1 Editing Trusted Certificates ............................................................................................... 314

27.3.2 Importing Trusted Certificates .......................................................................................... 316

27.4 Technical Reference .................................................................................................................. 317

Chapter 28

DHCPv6 ............................................................................................................................................ 318

28.1 Overview ..................................................................................................................................... 318

28.1.1 What You Can Do in this Chapter ................................................................................... 318

28.2 DHCPv6 Request ........................................................................................................................ 318

28.2.1 Add/Edit DHCPv6 Request Object ................................................................................ 319

NXC Series User’s Guide

Table of Contents

Chapter 29

System.............................................................................................................................................. 320

29.1 Overview ..................................................................................................................................... 320

29.1.1 What You Can Do in this Chapter ................................................................................... 320

29.2 Host Name ................................................................................................................................... 320

29.3 USB Storage ................................................................................................................................. 321

29.4 Date and Time ........................................................................................................................... 322

29.4.1 Pre-defined NTP Time Servers List ..................................................................................... 325

29.4.2 Time Server Synchronization ............................................................................................ 325

29.5 Console Speed ........................................................................................................................... 326

29.6 DNS Overview ............................................................................................................................ 327

29.6.1 DNS Server Address Assignment ...................................................................................... 327

29.6.2 Configuring the DNS Screen ............................................................................................ 327

29.6.3 Address Record ................................................................................................................ 329

29.6.4 PTR Record ......................................................................................................................... 329

29.6.5 Adding an Address/PTR Record ...................................................................................... 329

29.6.6 Domain Zone Forwarder ................................................................................................. 330

29.6.7 Add Domain Zone Forwarder .......................................................................................... 330

29.6.8 MX Record ........................................................................................................................ 331

29.6.9 Add MX Record ................................................................................................................. 331

29.6.10 Add Service Control ....................................................................................................... 332

29.7 WWW Overview ......................................................................................................................... 332

29.7.1 Service Access Limitations ............................................................................................... 333

29.7.2 System Timeout .................................................................................................................. 333

29.7.3 HTTPS ................................................................................................................................... 333

29.7.4 Configuring WWW Service Control ................................................................................. 334

29.7.5 Service Control Rules ........................................................................................................ 337

29.7.6 HTTPS Example ................................................................................................................... 338

29.7.7 Mozilla Firefox Warning Messages ................................................................................... 339

29.7.8 Google Chrome Warning Messages .............................................................................. 340

29.8 SSH ............................................................................................................................................. 347

29.8.1 How SSH Works .................................................................................................................. 348

29.8.2 SSH Implementation on the NXC .................................................................................... 349

29.8.3 Requirements for Using SSH .............................................................................................. 349

29.8.4 Configuring SSH ................................................................................................................. 349

29.8.5 Examples of Secure Telnet Using SSH .............................................................................. 350

29.9 Telnet ........................................................................................................................................... 351

29.10 FTP .............................................................................................................................................. 353

29.11 SNMP ......................................................................................................................................... 354

29.11.1 Supported MIBs ............................................................................................................... 355

29.11.2 SNMP Traps ....................................................................................................................... 355

29.11.3 Configuring SNMP ........................................................................................................... 356

29.11.4 Adding or Editing an SNMPv3 User Profile .................................................................... 357

NXC Series User’s Guide

Table of Contents

29.12 Authentication Server ............................................................................................................. 358

29.12.1 Add/Edit Trusted Client .................................................................................................. 359

29.13 Language ................................................................................................................................. 360

29.14 IPv6 ............................................................................................................................................. 361

Chapter 30

Log and Report................................................................................................................................ 362

30.1 Overview ..................................................................................................................................... 362

30.1.1 What You Can Do In this Chapter ................................................................................... 362

30.2 Email Daily Report ....................................................................................................................... 362

30.3 Log Settings ................................................................................................................................ 364

30.3.1 Log Settings Summary ...................................................................................................... 365

30.3.2 Editing System Log Settings ............................................................................................. 367

30.3.3 Editing USB Storage Log Settings .................................................................................... 370

30.3.4 Editing Remote Server Log Settings ............................................................................... 371

30.3.5 Log Category Settings ..................................................................................................... 373

Chapter 31

File Manager ................................................................................................................................... 377

31.1 Overview ..................................................................................................................................... 377

31.1.1 What You Can Do in this Chapter ................................................................................... 377

31.1.2 What you Need to Know .................................................................................................. 377

31.2 Configuration File ....................................................................................................................... 379

31.3 Firmware Package .................................................................................................................... 383

31.4 Shell Script ................................................................................................................................... 385

Chapter 32

Diagnostics...................................................................................................................................... 388

32.1 Overview ..................................................................................................................................... 388

32.1.1 What You Can Do in this Chapter ................................................................................... 388

32.2 Diagnostics ................................................................................................................................. 388

32.2.1 Diagnostics - AP Configuration ........................................................................................ 389

32.2.2 Diagnostics Files ................................................................................................................. 391

32.3 Packet Capture ......................................................................................................................... 392

32.3.1 Packet Capture Files ........................................................................................................ 395

32.3.2 Example of Viewing a Packet Capture File ................................................................... 396

32.4 Core Dump .................................................................................................................................. 396

32.4.1 Core Dump Files ................................................................................................................ 397

32.5 System Log ................................................................................................................................. 398

32.6 Wireless Frame Capture ............................................................................................................ 399

32.6.1 Wireless Frame Capture Files .......................................................................................... 401

Chapter 33

Packet Flow Explore ....................................................................................................................... 402

NXC Series User’s Guide

Table of Contents

33.1 Overview ..................................................................................................................................... 402

33.1.1 What You Can Do in this Chapter ................................................................................... 402

33.2 The Routing Status Screen ......................................................................................................... 402

33.3 The SNAT Status Screen .............................................................................................................. 405

Chapter 34

Reboot.............................................................................................................................................. 408

34.1 Overview ..................................................................................................................................... 408

34.1.1 What You Need To Know ................................................................................................. 408

34.2 Reboot ......................................................................................................................................... 408

Chapter 35

Shutdown......................................................................................................................................... 409

35.1 Overview ..................................................................................................................................... 409

35.1.1 What You Need To Know ................................................................................................. 409

35.2 Shutdown ..................................................................................................................................... 409

Chapter 36

Troubleshooting............................................................................................................................... 410

36.1 Overview ..................................................................................................................................... 410

36.1.1 General .............................................................................................................................. 410

36.1.2 Wireless ............................................................................................................................... 415

36.2 Resetting the NXC ...................................................................................................................... 417

36.3 Getting More Troubleshooting Help ......................................................................................... 418

Appendix A Log Descriptions......................................................................................................... 419

Appendix B Common Services...................................................................................................... 446

Appendix C Importing Certificates ............................................................................................... 449

Appendix D Wireless LANs .............................................................................................................. 462

Appendix E IPv6............................................................................................................................... 474

Appendix F Customer Support ...................................................................................................... 482

Appendix G Legal Information...................................................................................................... 488

Index................................................................................................................................................ 493

NXC Series User’s Guide

PART I

User’s Guide

1.1 Overview

This User’s Guide covers the following models: NXC2500 and NXC5500.

Table 1 NXC Series Comparison Table

FEATURES NXC2500 NXC5500

Link Aggregation Group (LAG) Support

Two USB Ports

Console Port (Serial Port) DB-9 Connector RJ-45 Connector

The NXC is a comprehensive wireless LAN controller. Its flexible configuration helps network administrators set up wireless LAN networks and efficiently enforce security policies over them. In addition, the NXC provides excellent throughput, making it an ideal solution for reliable, secure service.

CHAPTER 1

Introduction

No Yes

Yes Yes

The NXC’s security features include firewall and certificates. It also provides captive portal configuration, NAT, port forwarding, policy routing, DHCP server, extensive wireless AP control options, and many other powerful features. Flexible configuration helps you set up the network and enforce security policies efficiently.

The front panel physical Gigabit Ethernet ports (labeled P1, P2, P3, and so on) are mapped to Gigabit Ethernet (ge) interfaces. By default P1 is mapped to ge1, P2 is mapped to ge2 and so on.

• The default LAN IP address is 192.168.1.1.

• The default administrator login user name and password are “admin” and “1234” respectively.

1.2 Zones, Interfaces, and Physical Ports

Here is an overview of zones, interfaces, and physical ports in the NXC.

Table 2 Zones, Interfaces, and Physical Ethernet Ports

Zones

(LAN)

Interfaces

(Ethernet, VLAN)

Physical Ethernet Ports

(P1, P2, P3, and so on)

A zone is a group of interfaces. Use zones to apply security settings such as firewall.

Interfaces are logical entities that (layer-3) packets pass through. Use interfaces in configuring zones, policy routes, static routes, and NAT.

Port combine physical ports into interfaces.

The physical port is where you connect a cable.

NXC Series User’s Guide

Chapter 1 Introduction

1.2.1 Interface Types

There are two types of interfaces in the NXC. In addition to being used in various features, interfaces also describe the network that is directly connected to it.

• Ethernet interfaces are the foundation for defining other interfaces and network policies.

• VLAN interfaces recognize tagged frames. The NXC automatically adds or removes the tags as needed. Each VLAN can only be associated with one Ethernet interface.

Note: By default, all Ethernet interfaces are placed into vlan0, allowing the NXC to function as

a bridge device.

1.2.2 Interface and Zone Configuration

This section introduces the NXC’s default zone member physical interfaces and the default configuration of those interfaces. This section uses the NXC5500 drawings as an example.

Figure 1 Default Network Topology

Table 3 Default Interfaces Configuration

PORT INTERFACE ZONE

P1~P6 ge1~ge6 LAN

(vlan0)

CONSOLE N/A None None Local management

• The LAN zone contains the ge1~ ge6 interfaces (physical ports P1~P6). By default, all LAN interfaces are put in vlan0.

• The console port is not in a zone and can be directly accessed by a computer attached to it using a special console-to-Ethernet adapter.

IP ADDRESS AND DHCP SETTINGS

192.168.1.1, DHCP server disabled Dedicated LAN connections

NXC Series User’s Guide

SUGGESTED USE WITH DEFAULT SETTINGS

1.3 Applications

These are some example applications for your NXC.

1.3.1 AP Management

Manage multiple separate Access Points (APs) from a single, persistent location. APs can also be configured to monitor for rogue APs.

Figure 2 AP Management Example

Chapter 1 Introduction

Here, the NXC (A) connects to a number of Power over Ethernet (PoE) devices (B). They connect to the managed Access Points (C), such as NWA5123-NI, which in turn provide access to the network for the wireless clients (D) within their broadcast radius.

1.3.2 Wireless Security

Keep the connections between wireless clients and your APs secure with the NXC’s comprehensive wireless security tools. APs can be configured to require WEP and WPA encryption from all wireless clients attempting to associate with them. Furthermore, you can protect your network by monitoring for rogue APs. Rogue APs are wireless access points operating in a network’s coverage area that are not under the control of the network’s administrators, and can potentially open up critical holes in a network’s security policy.

1.3.3 Captive Portal

The NXC can be configured with a captive portal, which intercepts all network traffic, regardless of address or port, until a connecting user authenticates his or her session, through a designated login Web page.

NXC Series User’s Guide

Chapter 1 Introduction

Figure 3 Applications: Captive Portal

The captive portal page only appears once per authentication session. Unless a session times out or a user closes the connection, he or she generally will not see it again during the same session.

1.3.4 Load Balancing

With load balancing you can easily distribute wireless traffic across multiple APs to relieve strain on your network. When a station becomes overloaded, it can automatically delay a connection until the client associates with another network, or it can alternatively disassociate idle clients or those clients with weak connections from the network.

1.3.5 Dynamic Channel Selection

The NXC can automatically select the radio channel upon which its APs broadcast by scanning the area around those APs and determining what channels are currently being used by other devices not connected to the network.

1.3.6 User-Aware Access Control

Set up security policies that restrict access to sensitive information and shared resources based on the user who is trying to access it.

NXC Series User’s Guide

Chapter 1 Introduction

1.4 Management Overview

You can use the following ways to manage the NXC.

Web Configurator

The Web Configurator allows easy NXC setup and management using an Internet browser. This User’s Guide provides information about the Web Configurator.

Command-Line Interface (CLI)

The CLI allows you to use text-based commands to configure the NXC. You can access it using remote management (for example, SSH or Telnet) or via the physical or Web Configurator console port. See the Command Reference Guide for CLI details. The default settings for the console port are as follows:

Table 4 Console Port Default Settings

SETTING VALUE

Speed 115200 bps

Data Bits 8

Parity None

Stop Bit 1

Flow Control Off

1.5 Object-based Configuration

The NXC stores information or settings as objects. You use these objects to configure many of the NXC’s features and settings. Once you configure an object, you can reuse it in configuring other features.

When you change an object’s settings, the NXC automatically updates all the settings or rules that use the object.

You can create address objects based on an interface’s IP address, subnet, or gateway. The NXC automatically updates every rule or setting that uses these objects whenever the interface’s IP address settings change. For example, if you change an Ethernet interface’s IP address, the NXC automatically updates the rules or settings that use the interface-based, LAN subnet address object.

You can use the Configuration > Object screens to create objects before you configure features that use them. If you are in a screen that uses objects, you can also usually select Create new Object to be able to configure a new object.

Use the Object Reference screen to see what objects are configured and which configuration settings reference specific objects.

NXC Series User’s Guide

Chapter 1 Introduction

1.6 Starting and Stopping the NXC

Here are some of the ways to start and stop the NXC.

Always use Maintenance > Shutdown or the shutdown command before you turn off the NXC or remove the power. Not doing so can cause the firmware to become corrupt.

Table 5 Starting and Stopping the NXC

METHOD DESCRIPTION

Turning on the power A cold start occurs when you turn on the power to the NXC. The NXC powers up, checks

the hardware, and starts the system processes.

Rebooting the NXC A warm start (without powering down and powering up again) occurs when you use the

Reboot button in the Reboot screen or when you use the reboot command. The NXC writes all cached data to the local storage, stops the system processes, and then does a warm start.

Using the RESET button If you press the RESET button, the NXC sets the configuration to its default values and then

reboots.

Clicking Maintenance

> Shutdown > Shutdown or using the

shutdown command

Disconnecting the power

Clicking Maintenance > Shutdown > Shutdown or using the shutdown command writes all cached data to the local storage and stops the system processes. Wait for the device to shut down and then manually turn off or remove the power. It does not turn off the power.

Power off occurs when you turn off the power to the NXC. The NXC simply turns off. It does not stop the system processes or write cached data to local storage.

The NXC does not stop or start the system processes when you apply configuration files or run shell scripts although you may temporarily lose access to network resources.

NXC Series User’s Guide

Hardware Installation and

2.1 Rack-mounted Installation

Note: Zyxel provides a sliding rail accessory for your use with your device. Please contact your

local vendor for details.

The NXC can be mounted on an EIA standard size, 19-inch rack or in a wiring closet with other equipment. Follow the steps below to mount your NXC on a standard EIA rack using a rack-mounting kit. Make sure the rack will safely support the combined weight of all the equipment it contains and that the position of the NXC does not make the rack unstable or top-heavy. Take all necessary precautions to anchor the rack securely before installing the unit.

CHAPTER 2

Connection

Note: Leave 10 cm of clearance at the sides and 20 cm in the rear.

Use a #2 Phillips screwdriver to install the screws.

Note: Failure to use the proper screws may damage the unit.

2.1.1 Rack-Mounted Installation Procedure

This section uses the NXC5500 drawings as an example.

1 Align one bracket with the holes on one side of the NXC and secure it with the included bracket screws

(smaller than the rack-mounting screws).

2 Attach the other bracket in a similar fashion.

NXC Series User’s Guide

Chapter 2 Hardware Installation and Connection

3 After attaching both mounting brackets, position the NXC in the rack by lining up the holes in the

brackets with the appropriate holes on the rack. Secure the NXC to the rack with the rack-mounting screws.

2.2 Front Panel

This section gives you an overview of the front panel.

2.2.1 NXC2500

There are LEDs, one reset button, two USB ports and six Ethernet ports on the NXC2500 front panel.

Figure 4 Front Panel: NXC2500

2.2.2 NXC5500

There are one reset button, six Ethernet ports, one console port, two USB ports and LEDs on the NXC5500 front panel.

Figure 5 Front Panel: NXC5500

NXC Series User’s Guide

Chapter 2 Hardware Installation and Connection

Ethernet Ports

The auto-negotiating, auto-crossover Ethernet ports support 10/100/1000 Mbps Gigabit Ethernet so the speed can be 10 Mbps, 100 Mbps or 1000 Mbps. The duplex mode can be both half or full duplex at 10/ 100 Mbps and full duplex only at 1000 Mbps. An auto-negotiating port can detect and adjust to the optimum Ethernet speed and duplex mode of the connected device.

An auto-crossover (auto-MDI/MDI-X) port automatically works with a straight-through or crossover Ethernet cable.

Default Ethernet Settings

The factory default negotiation settings for the Ethernet ports on the NXC are:

• Speed: Auto

• Duplex: Auto

• Flow control: On (you cannot configure the flow control setting, but the NXC can negotiate with the peer and turn it off if needed)

Console Port (NXC5500 Only)

Connect this port to your computer (using an RJ-45-to-DB-9 console cable) if you want to configure the NXC using the command line interface (CLI) via the console port.

For local management, you can use a computer with terminal emulation software configured to the following parameters:

• VT100 terminal emulation

• 115200 bps

• No parity, 8 data bits, 1 stop bit

• No flow control

Connect the RJ-45 connector of the console cable to the console port of the NXC. Connect the female 9-pin end of the console cable to a serial port (COM1, COM2 or other COM port) of your computer.

The following table shows you the wire color codes and pin assignment for the console cable.

Table 6 RJ-45-to-DB-9 Console Cable Color Codes

DB-9 SIGNAL DB-9 PIN# WIRE COLOR RJ45 PIN#

CTS 8 White/Orange 1

DSR/DCD 6+1 Orange 2

RD 2 White/Green 3

GND 5 Blue 4

GND 5 White/Blue 5

TD 3 Green 6

NXC Series User’s Guide

Table 6 RJ-45-to-DB-9 Console Cable Color Codes

DB-9 SIGNAL DB-9 PIN# WIRE COLOR RJ45 PIN#

DTR 4 White/Brown 7

RTS 7 Brown 8

USB 2.0 Ports

Connect a USB storage device to a USB port on the NXC to archive the NXC system logs or save the NXC operating system core dump to it.

2.2.3 Front Panel LEDs

This section describes the front panel LEDs.

2.2.3.1 NXC2500

The following table describes the LEDs.

Table 7 Front Panel LEDs: NXC2500

LED COLOR STATUS DESCRIPTION

PWR Off The NXC is turned off.

Green On The NXC is turned on.

SYS Green Off The NXC is not ready or has failed.

Red On There is a hardware component failure. Shut down the device, wait for a few

P1~P6 Green

(Traffic)

Orange

(Link)

Chapter 2 Hardware Installation and Connection

On The NXC is ready and running.

Blinking The NXC is booting.

minutes and then restart the device (see Section 1.6 on page 23). If the LED turns red again, then please contact your vendor.

Blinking Firmware upgrade is in progress.

Blinking The NXC is sending or receiving packets to/from an Ethernet network on this

port.

Off The NXC is not sending or receiving packets on this port.

On This port has a successful link to an Ethernet network.

Off There is no connection on this port.

2.2.3.2 NXC5500

The following table describes the LEDs.

Table 8 Front Panel LEDs: NXC5500

LED COLOR STATUS DESCRIPTION

PWR Green Off The NXC is turned off.

On The NXC is turned on.

NXC Series User’s Guide

Chapter 2 Hardware Installation and Connection

Table 8 Front Panel LEDs: NXC5500 (continued)

LED COLOR STATUS DESCRIPTION

SYS Off The NXC is not ready or has failed.

Green On The NXC is ready and running.

Blinking The NXC is booting.

Red On There is a hardware component failure. Shut down the device, wait for a few

minutes and then restart the device (see Section 1.6 on page 23). If the LED turns red again, then please contact your vendor.

Blinking Firmware upgrade is in progress.

P1~P6

Traffic

(Left)

P1~P6

Link

(Right)

Green Blinking The NXC is sending or receiving packets to/from an Ethernet network on this

port.

Off The NXC is not sending or receiving packets on this port.

Green On This Ethernet connection speed is 100 Mbps on this port.

Orange On This Ethernet connection speed is 1000 Mbps on this port.

Off There is no connection on this port.

2.3 Rear Panel

The NXC2500 rear panel contains a console port, a power switch and a connector for the power receptacle.

Figure 6 Rear Panel: NXC2500

The NXC5500 rear panel contains a power switch, a connector for the power receptacle and a fan module.

Figure 7 Rear Panel: NXC5500

Console Port (NXC2500 Only)

Connect this port to your computer (using an RS-232 cable) if you want to configure the NXC using the command line interface (CLI) via the console port.

For local management, you can use a computer with terminal emulation software configured to the following parameters:

• VT100 terminal emulation

• 115200 bps

NXC Series User’s Guide

Chapter 2 Hardware Installation and Connection

• No parity, 8 data bits, 1 stop bit

• No flow control

Connect the male 9-pin end of the RS-232 console cable to the console port of the NXC. Connect the female end to a serial port (COM1, COM2 or other COM port) of your computer.

NXC Series User’s Guide

3.1 Overview

The NXC Web Configurator allows easy management using an Internet browser. Browsers supported are:

• Firefox 36.0.1 or later

• Chrome 41.0 or later

• IE 10 or later

The recommended screen resolution is 1024 x 768 pixels and higher.

3.2 Access

CHAPTER 3

The Web Configurator

1 Make sure your NXC hardware is properly connected. See the Quick Start Guide.

2 Browse to https://192.168.1.1. The Login screen appears.

3 Enter the user name (default: “admin”) and password (default: “1234”). Select the language you prefer

for the Web Configurator.

4 Click Login. If you logged in using the default user name and password, the Update Admin Info screen

appears. Otherwise, the dashboard appears.

NXC Series User’s Guide

+ 472 hidden pages