How it Works
Zyxel
Loading...
NXC5200
User Manual [ru]
720 pgs16.09 Mb0
specifications
4 pgs1.03 Mb0
specifications
6 pgs1.06 Mb0
Table of contents
Loading...

Zyxel NXC5200 User Manual [ru]

NXC5200

Wireless LAN Controller
IP Address https://192.168.1.1 User Name admin Password 1234
Version 2.20 Edition 1, 05/2010
www.zyxel.com
www.zyxel.com
Copyright © 2010 ZyXEL Communications Corporation

About This User's Guide

About This User's Guide
Intended Audience
This manual is intended for people who want to want to configure the NXC using the Web Configurator.
Related Documentation
•Quick Start Guide The Quick Start Guide is designed to show you how to make the NXC hardw a re
connections and access the Web Configurator wizards. (See the wizard real time help for information on configuring each screen.) It also contains a connection diagram and package contents list.
•CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface (CLI)
to configure the NXC.
Note: It is recommended you use the Web Configurator to configure the NXC.
• Web Configurator Online Help Click the help icon in any screen for help in configuring that screen and
supplementary information.
• ZyXEL Web Site Please refer to www.zyxel.com
product certifications.
for additional support documentation and
User Guide Feedback
Help us help you. Send all User Guide-related comments, questi ons or suggestions for improvement to the following address, or use e-mail instead. Thank you!
The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan.
E-mail: techwriters@zyxel.com.tw
NXC5200 User’s Guide
3
About This User's Guide
Need More Help?
More help is available at www.zyx el.com.
• Download Library Search for the latest product updates and documentation from this link. Read
the Tech Doc Overview to find out how to efficiently use the User Guide, Quick Start Guide and Command Line Interface Reference Guide in order to better understand how to use your product.
• Knowledge Base If you have a specific question about your product, the answer may be here.
This is a collection of answers to previously asked questions about ZyXEL products.
•Forum This contains discussions on ZyXEL prod ucts. Learn from others who use ZyXEL
products and share your experiences as well.
Customer Support
Should problems arise that cannot be solved by the methods listed above, you should conta ct your vendor. If you cannot contact your vendor, then contact a ZyXEL office for the region in which you bought the device.
See http://www.zyxel.com/web/contact_us.php for contact information. Please have the following informatio n ready when you contact an office.
• Product model and serial number.
•Warranty Information.
• Date that you received your device.
4
• Brief description of the problem and the steps you took to solve it.
NXC5200 User’s Guide
About This User's Guide
Disclaimer
Graphics in this book may differ slightly from the product due to differences in operating systems, operating system versions, or if you installed updated firmware/software fo r y our dev ice. Ev ery effort has been made to ensur e that the information in this manual is accurate.
NXC5200 User’s Guide
5

Document Conventions

Warnings and Notes
These are how warnings and notes are shown in this User’s Guide.
Warnings tell you about things that could harm you or your device.
Note: Notes tell you other important information (for example, other things you may
need to configure or helpful tips) or recommendations.
Syntax Conventions
• The product may be referred to as the “N XC”, the “device”, the “system” or the “product” in this User’s Guide.
• Product labels, screen names, field labels and field choices are all in bold font.
Document Conventions
• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER] means the “enter” or “ret urn” key on your keyboard.
• “Enter” means for you to type one or more characters and then press the [ENTER] key. “Select” or “choose” means for you to use one of the predefined choices.
• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Maintenance > Log > Log Setting means you first click
Maintenance in the navigation panel, then the Log sub menu and finally the Log Setting tab to get to that screen.
• Units of measurement may denote the “metric” value or the “scientific” value. For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on.
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
6
NXC5200 User’s Guide
Document Conventions
Icons Used in Figures
Figures in this User’s Guide may use the following generic icons. The NXC icon is not an exact representation of your device.
NXC Computer Notebook computer
Server Firewall Telephone
Switch Router
NXC5200 User’s Guide
7

Safety Warnings

• Do NOT use this product near water, for example, in a wet basement or near a swimming pool.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT store things on the device.
• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning.
• Connect ONLY suitable accessories to the device.
• Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel should service or disassemble this device. Please contact your vendor for further information.
• Make sure to connect the cables to the correct ports.
• Place connecting cables carefully so that no one will step on them or stumble over them.
• Always disconnect all cables from this device before servicing or disassembling.
• Caution: This unit has more than one power supply cord. Disconnect two power supply cords before servicing to avoid electric shock. (has multiple power cords, e.g., chassis­based Ethernet switch. Make sure you specify the correct number of power cords in both the English and the French that follows)
• Attention: Cet appareil comporte plus d'un cordon d'alimentation. Afin de prévenir les chocs électriques, debrancher les deux cordons d'alimentation avant de faire le dépannage.
• Use ONLY an appropriate power adaptor or cord for your device. Connect it to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe).
• Do NOT remove the plug and connect it to a power outlet by itself; always attach the plug to the power adaptor first before connecting it to a power outlet.
• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord.
• Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution.
• If the power adaptor or cord is damaged, remove it from the device and the power source.
• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.
• Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning.
• CAUTION: RISK OF EXPLOSION IF BATTERY (on the motherboard) IS REPLACED BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS. Dispose them at the applicable collection point for the recycling of electrical and electronic equipment. For detailed information about recycling of this product, please contact your local city office, your household waste disposal service or the store where you purchased the product.
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your device.
Safety Warnings
8
Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately.
NXC5200 User’s Guide

Table of Contents

Table of Contents
About This User's Guide..........................................................................................................3
Document Conventions............................................................................................................6
Safety Warnings ........................................................................................................................8
Table of Contents......................................................................................................................9
Part I: User’s Guide................................................................................ 23
Chapter 1
Introduction.............................................................................................................................25
1.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 25
1.2 Rack-mounted Installation ................................................................................................... 25
1.2.1 Rack-Mounted Installation Procedure ........................................................................ 26
1.2.2 LAN Module Installation Procedure ............................................................................ 27
1.3 Front and Back Panels .......... .... ... ... ................................................ .... ... ... .......................... 29
1.3.1 1000Base-T Ports ...................................................................................................... 29
1.3.2 Optional Fiber Ports ................................................................................................... 30
1.3.3 Front Panel LEDs .......................................... ............................................................. 31
1.4 Management Overview .......... .... ... ... ................................................ .... ... .............................31
1.5 Starting and Stopping the NXC ..... ... ... ... .... ... ... ... .... ... ... ... ................................................. ... 32
Chapter 2
Features and Applications.....................................................................................................35
2.1 Features ............................................. ... .... ... ............................................. ... .... ... ... .............35
2.2 Applications .................................................. ... ... .... ... ... ... .... ................................................ 37
2.2.1 AP Management .................................................... .... ... ... ... ... .... ... ... .......................... 37
2.2.2 Wireless Security ................................................... .... ... ... ... ... .... ................................ 37
2.2.3 Captive Portal ................... ............................................. ... ... ... .... ... ... ... ....................... 38
2.2.4 Load Balancing ................................................... ... ............................................. .... ... 38
2.2.5 Dynamic Channel Selection ...... ... .... ... ... ... .... ... ... ... .... ... ... ... ....................................... 38
2.2.6 User-Aware Access Control ....................................................................................... 39
2.2.7 Device HA .................... .... ............................................. ... ... ... .... ... ... ... ....................... 39
Chapter 3
The Web Configurator............................................................................................................41
3.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 41
NXC5200 User’s Guide
9
Table of Contents
3.2 Access ................................................................................. ... ... ... ....................................... 41
3.3 The Main Screen ................................................................................................................. 43
3.3.1 Title Bar .................................. ... ............................................. .... ... ... .......................... 44
3.3.2 Navigation Panel .......... .... ... ... ... ................................................................................. 44
3.3.3 Warning Messages ..................................................................................................... 49
3.3.4 Site Map .......... .... ... ... ... .... ............................................. ... ... ... .... ... ... ... ....................... 50
3.3.5 Object Reference ............. ... ... ............................................. ... .... ... ... ... .... ... ................ 50
3.3.6 Tables and Lists ..... ... ... .... ... ... ... ... .............................................. ... ... ... .... ... ... .............55
Chapter 4
Configuration Basics..............................................................................................................59
4.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 59
4.2 Object-based Configuration .......................................................................... .... ... ... .............59
4.3 Zones, Interfaces, and Physical Ports ................................................................................. 60
4.3.1 Interface Types .................................................... ... .... ... ... ... ... .... ... ... .......................... 60
4.3.2 Example Interface and Zone Configuration ............................ .... ... ... ... .... ... ... ... ... .... ... 61
4.4 Feature Configuration Overview .......................................................................................... 62
4.4.1 Feature ...................................... ... .... ... ... ... .... ... ............................................. ... ... ....... 62
4.4.2 Licensing Registration ............................ ... .... ... ... ... .... ... ... .......................................... 62
4.4.3 Licensing Update ................................................... .... ... ... ... ... .... ... ... ... ....................... 63
4.4.4 Wireless .................................................... .... ... ... ............................................. ... ....... 63
4.4.5 Interface .................... ... .............................................. ... ... ... ... .... ... ... .......................... 63
4.4.6 Policy Routes ................... ............................................. ... ... ... .... ... ... ... ....................... 63
4.4.7 Static Routes .................................... ... ... ... .............................................. ... ... ... ... ....... 64
4.4.8 Zones ............................................................ ... ... ... ............................................. ....... 64
4.4.9 NAT .............................................. .... ... ............................................. ... ....................... 64
4.4.10 ALG .......................................................................................................................... 64
4.4.11 Captive Portal ...........................................................................................................65
4.4.12 Firewall ..................................................................................................................... 65
4.4.13 Application Patrol ..................................................................................................... 65
4.4.14 Anti-Virus .................................................................................................................. 65
4.4.15 IDP ........................................................................................................................... 66
4.4.16 ADP .......................................................................................................................... 66
4.4.17 Device HA ................................................................................................................ 66
4.5 Objects ............................................ ... ... .... ............................................. ... ... .... ... ................66
4.5.1 User/Group ....................... ... ... ............................................. ... .... ... ... ... .... ................... 67
4.5.2 AP Profile .................. ... .............................................. ... ... ... ... .... ... ... .......................... 67
4.5.3 MON Profile ...................... ... ... ............................................. ... .... ... ... ... .... ................... 68
4.6 System ............. ............................................. ... ... .... ............................................. ................68
4.6.1 DNS, WWW, SSH, TELNET, FTP, and SNMP ........................................................... 68
4.6.2 Logs and Reports ....................................................................................................... 68
4.6.3 File Manager ....................... ... ... ... .............................................................................. 69
4.6.4 Diagnostics ................ ... .... ... ... ... ... .............................................. ... ... ... .... ................... 69
10
NXC5200 User’s Guide
Table of Contents
4.6.5 Shutdown .................. ... .............................................. ... ... ... ... .... ... ... .......................... 69
Chapter 5
Tutorials..................................................................................................................................71
5.1 Overview ............. ............................................. ... .... ... ... ... .... ................................................ 71
5.2 Sample Network Setup ....................... ... .... ... ... ... .... ... ... .......................................................72
5.2.1 Tutorial Tasks ...... ... ... ... .... ... ............................................. ... ... .... ... ... ... .... ................... 73
5.2.2 Set the Management VLAN (vlan99) ......................................................................... 74
5.2.3 Set the Other VLANs (vlan101, vlan102) ................................................................... 75
5.2.4 Configure the AAA Object .......................................................................................... 77
5.2.5 Configure the Auth. Method Objects (staff, guest) ..................................................... 79
5.2.6 Create the AP Profiles (staff, guest) ........................................................................... 80
5.2.7 Create the Guest User Account ................................................................................. 83
5.2.8 Configure the Captive Portal Settings ........................................................................ 84
5.2.9 Configure the Guest Firewall Rules ........................................................... ... ... ... .... ... 85
5.3 Blocking Network Protocols ................... .... ... ... ... .... .............................................................87
5.3.1 Configuring the WLAN Zone ............... ... ... .... ... ... ... .... ... ... ... ... .... ................................ 87
5.3.2 Configuring the Firewall ................................................ ... ... ... .... ... ... .......................... 88
5.3.3 Blocking Sub-Protocols ................................. ... ... ... .... ............................................. ... 90
5.4 Rogue AP Detection ..................................... ... ... .... ... ... ... .................................................... 92
5.4.1 Rogue AP Containment ............................................................................................. 96
5.5 Load Balancing .......................... ... ... ... ............................................. .... ... ... ... .... ................... 97
5.6 Dynamic Channel Selection ................................................................................................ 98
Part II: Technical Reference................................................................ 101
Chapter 6
Dashboard..........................................................................................................................103
6.1 Overview ............. ............................................. ... .... ... ... ... .... .............................................. 103
6.1.1 What Yo u Can Do in this Chapter ............................................................................ 103
6.2 Dashboard ....................................... ... ... .............................................. ... ... ... .... ... ... ...........104
6.2.1 CPU Usage .................. .... ............................................. ... ... ... .... ... ... ... ..................... 109
6.2.2 Memory Usage .................................... ... ... .... ... ... ... .... ...............................................110
6.2.3 Session Usage .... ............................................. ... ... .... ... ... ... ......................................111
6.2.4 DHCP Table .... .... ... ... ... .............................................. ... ... ... ... .... ... ............................112
6.2.5 Number of Login Users .................... ... ... ................................................. ... ... ... .........113
Chapter 7
Monitor...............................................................................................................................115
7.1 Overview ............. ............................................. ... .... ... ... ... .... ...............................................115
7.1.1 What Yo u Can Do in this Chapter .............................................................................115
NXC5200 User’s Guide
11
Table of Contents
7.2 What You Need to Know ..................................... .... ... ... ... .... ... ............................................116
7.3 Port Statistics ........ ... .... ... ... ............................................. .... ... ... .........................................117
7.3.1 Port Statistics Graph ................................................................................................118
7.4 Interface Status ................................................ ... .... ... ............................................. ............119
7.5 Traffic Statistics ...................... .... ............................................. ... ... ... .... .............................. 121
7.6 Session Monitor ........................... ... ... ... .... ... ... ... ...............................................................124
7.7 IP/MAC Binding Monitor ....................................................................................................127
7.8 Login Users ........................................................................................ ... ... ... .... ... ... ...........128
7.9 AP List ............... ... ............................................. .... ... ... ... .... ... ........................................... 129
7.9.1 Station Count of AP ................................................................................................ 130
7.10 Radio List ........................................................................................................................ 131
7.10.1 AP Mode Radio Information ........................................ ........................................... 132
7.1 1 Station List ...................................................................................................................... 133
7.12 Detected Device .............................................................................................................134
7.13 Application Patrol ............................................................................................................135
7.13.1 Application Patrol: General Settings ...................................................................... 135
7.13.2 Application Patrol: Bandwidth Statistics ................................................................. 136
7.13.3 Application Patrol: Protocol Statistics ......................................................... ........... 137
7.13.4 Application Patrol: Protocol Statistics by Rule ....................................................... 138
7.14 Anti-Virus ......................................................................................................................... 139
7.15 IDP .................................................................................................................................. 141
7.16 View Log ..........................................................................................................................143
7.17 View AP Log ................................................................................................................... 146
Chapter 8
Registration...........................................................................................................................151
8.1 Overview ............. ............................................. ... .... ... ... ... .... .............................................. 151
8.1.1 What Yo u Can Do in this Chapter ............................................................................ 151
8.1.2 What you Need to Know ............................................................... ... ... ..................... 151
8.2 Registration ........................................ ... .... ... ............................................. ... .... ... ... ...........153
8.3 Service ................ ... ............................................. .... ... ... ... .... ... ........................................... 155
Chapter 9
Signature Update..................................................................................................................157
9.1 Overview ............. ............................................. ... .... ... ... ... .... .............................................. 157
9.1.1 What Yo u Can Do in this Chapter ............................................................................ 157
9.1.2 What you Need to Know ............................................................... ... ... ..................... 157
9.2 Anti-Virus ............................... .... ... ............................................. ... ... .... ... ........................... 158
9.3 IDP/AppPatrol ........................ .... ... ... ... ... .... ... ... ... ...............................................................159
9.4 System Protect ................................................................................................................. 161
Chapter 10
Wireless.................................................................................................................................163
12
NXC5200 User’s Guide
Table of Contents
10.1 Overview .......................................................................................................................... 163
10.1.1 What You Can Do in this Chapter .......................................................................... 163
10.1.2 What You Need to Know ........................................................................................ 163
10.2 Controller ........................................................................................................................ 164
10.3 AP Management .............................................................................................................. 165
10.3.1 Edit AP List ............................................................................................................ 166
10.4 MON Mode ...................................................................................................................... 167
10.4.1 Add/Edit Rogue/Friendly List .................................................................................. 169
10.5 Load Balancing ................................................................................................................ 170
10.5.1 Disassociating and Delaying Connections ........................... ..................................171
10.6 DCS ................................................................................................................................173
10.7 Technical Reference ........................................................................................................174
10.7.1 Dynamic Channel Selection ........................... ........................................................ 174
10.7.2 Load Balancing ......................................................................................................176
Chapter 11
Interfaces...............................................................................................................................177
11.1 Interface Overview ........................................................................................................... 177
11.1.1 What You Can Do in this Chapter ................................... ........................................ 177
11.1.2 What You Need to Know ........................................................................................ 177
11.2 Ethernet Summary ..........................................................................................................178
11.2.1 Edit Ethernet ..........................................................................................................180
11.2.2 Object References .................................................................................................. 185
11.3 VLAN Interfaces .............................................................................................................. 186
11.3.1 VLAN Summary ...................................................................................................... 188
11.3.2 Add/Edit VLAN ...................................................................................................... 189
11.4 Technical Reference ........................................................................................................193
Chapter 12
Policy and Static Routes......................................................................................................197
12.1 Overview .......................................................................................................................... 197
12.1.1 What You Can Do in this Chapter .......................................................................... 197
12.1.2 What You Need to Know ....................................................................................... 197
12.2 Policy Route ................................................................................................................... 199
12.2.1 Add/Edit Policy Route ............................................................................................202
12.3 Static Route ....................................................................................................................206
12.3.1 Static Route Setting ................................................................................................ 207
12.4 Technical Reference ........................................................................................................208
Chapter 13
Zones ....................................................................................................................................213
13.1 Overview .......................................................................................................................... 213
13.1.1 What You Can Do in this Chapter .......................................................................... 214
NXC5200 User’s Guide
13
Table of Contents
13.1.2 What You Need to Know ........................................................................................ 214
13.2 Zone ................................................................................................................................ 215
13.3 Add/Edit Zone ................................................................................................................. 216
Chapter 14
NAT.........................................................................................................................................217
14.1 Overview .......................................................................................................................... 217
14.1.1 What You Can Do in this Chapter .......................................................................... 217
14.2 NAT Summary .................................................................................................................218
14.2.1 Add/Edit NAT .......................................................................................................... 219
14.3 Technical Reference ........................................................................................................222
Chapter 15
ALG .......................................................................................................................................225
15.1 Overview .......................................................................................................................... 225
15.1.1 What You Can Do in this Chapter .......................................................................... 225
15.1.2 What You Need to Know ........................................................................................ 226
15.1.3 Before You Begin ...................................................................................................227
15.2 ALG ................................................................................................................................ 228
15.3 Technical Reference ........................................................................................................230
Chapter 16
IP/MAC Binding....................................................................................................................233
16.1 Overview .......................................................................................................................... 233
16.1.1 What You Can Do in this Chapter .......................................................................... 233
16.1.2 What You Need to Know ........................................................................................ 234
16.2 IP/MAC Binding Summary ............................................................................................... 234
16.2.1 Edit IP/MAC Binding .......................................... .......... ............. ............. ............ ..... 235
16.2.2 Add/Edit Static DHCP Rule .................................................................................... 237
16.3 IP/MAC Binding Exempt List ........................................................................................... 238
Chapter 17
Captive Portal.......................................................................................................................239
17.1 Overview .......................................................................................................................... 239
17.1.1 What You Can Do in this Chapter .......................................................................... 240
17.2 Captive Portal .................................................................................................................. 240
17.2.1 Add Exceptional Services ...................................................................................... 242
17.2.2 Auth. Policy Add/Edit ...................... ......... .......... ....... ......... .......... .......... ......... ........ 243
17.3 Login Page ...................................................................................................................... 245
Chapter 18
Firewall.............................................................................................................................249
14
18.1 Overview .......................................................................................................................... 249
NXC5200 User’s Guide
Table of Contents
18.1.1 What You Can Do in this Chapter .......................................................................... 249
18.1.2 What You Need to Know ........................................................................................ 250
18.1.3 Firewall Rule Example Applications ....................................................................... 252
18.1.4 Firewall Rule Configuration Example ..................................................................... 255
18.1.5 Asymmetrical Routes ............................................................................................. 256
18.2 Firewall ............................................................................................................................ 257
18.2.1 Add/Edit Firewall Screen ........................................................................................ 260
18.3 Session Limit ................................................................................................................... 262
18.3.1 Add/Edit Session Limit ........................................................................................... 263
Chapter 19
Application Patrol...............................................................................................................265
19.1 Overview .......................................................................................................................... 265
19.1.1 What You Can Do in this Chapter .......................................................................... 265
19.1.2 What You Need to Know .......................................................................................266
19.1.3 Application Patrol Bandwidth Management Examples ........................................... 271
19.2 Application Patrol Common Applications .............................. ...................... ..................... 275
19.2.1 Edit Application ...................................................................................................... 276
19.2.2 Add/Edit Policy ......................................................................................................279
19.3 Other Applications ........................................................................................................... 281
19.3.1 Add/Edit Policy ....................................................................................................... 284
Chapter 20
Anti-Virus..............................................................................................................................287
20.1 Overview .......................................................................................................................... 287
20.1.1 What You Can Do in this Chapter .......................................................................... 287
20.1.2 What You Need to Know ........................................................................................ 288
20.1.3 Before You Begin ...................................................................................................289
20.2 Anti-Virus Summary .........................................................................................................290
20.2.1 Add/Edit Rule ......................................................................................................... 293
20.3 Black List ......................................................................................................................... 295
20.4 Add/Edit Pattern .............................................................................................................. 296
20.5 White List ......................................................................................................................... 298
20.6 Signature ......................................................................................................................... 299
20.7 Technical Reference ........................................................................................................301
Chapter 21
IDP.......................................................................................................................................303
21.1 Overview .......................................................................................................................... 303
21.1.1 What You Can Do in this Chapter .......................................................................... 303
21.1.2 What You Need To Know ....................................................................................... 303
21.1.3 Before You Begin ...................................................................................................304
21.2 IDP Summary .................................................................................................................. 304
NXC5200 User’s Guide
15
Table of Contents
21.3 Profile Summary .............................................................................................................. 307
21.3.1 Base Profiles ..........................................................................................................308
21.4 Creating New Profiles ...................................................................................................... 309
21.5 Add/Edit Profile ................................................................................................................311
21.5.1 Policy Types ........................................................................................................... 314
21.5.2 IDP Service Groups ...............................................................................................316
21.5.3 Query View Screen ................................................................................................ 317
21.5.4 Query Example ...................................................................................................... 319
21.6 Custom IDP Signatures .................................................................................................. 320
21.6.1 IP Packet Header ...................................................................................................320
21.7 Custom Signatures .......................................................................................................... 321
21.7.1 Add/Edit Custom Signature ................................................................................... 323
21.7.2 Custom Signature Example ........................................... ... ..................................... 329
21.7.3 Applying Custom Signatures ..................................................................................331
21.7.4 Verifying Custom Signatures .................................................................................. 332
21.8 Technical Reference ........................................................................................................333
Chapter 22
ADP ......................................................................................................................................337
22.1 Overview .......................................................................................................................... 337
22.1.1 What You Can Do in this Chapter ......................................................................... 337
22.1.2 What You Need To Know ....................................................................................... 337
22.1.3 Before You Begin ...................................................................................................338
22.2 ADP Summary ................................................................................................................. 339
22.3 Profile Summary .............................................................................................................. 340
22.3.1 Base Profiles ..........................................................................................................341
22.3.2 Creating New ADP Profiles ............................ ........................................................ 342
22.3.3 Traffic Anomaly Profiles ........................................................................................ 342
22.3.4 Protocol Anomaly Profiles ................................... .... ... ... ... ..................................... 345
22.3.5 Protocol Anomaly Configuration ............................................................................. 345
22.4 Technical Reference ........................................................................................................349
Chapter 23
Device HA.............................................................................................................................357
23.1 Overview .......................................................................................................................... 357
23.1.1 What You Can Do in this Chapter .......................................................................... 357
23.1.2 What You Need to Know ........................................................................................ 358
23.1.3 Before You Begin ...................................................................................................358
23.2 Device HA General ..........................................................................................................359
23.3 Active-Passive Mode .......................................................................................................361
23.3.1 Edit Monitored Interface ................. ........................................................................ 364
23.4 Technical Reference ........................................................................................................366
16
NXC5200 User’s Guide
Table of Contents
Chapter 24
User/Group..........................................................................................................................373
24.1 Overview .......................................................................................................................... 373
24.1.1 What You Can Do in this Chapter .......................................................................... 373
24.1.2 What You Need To Know ....................................................................................... 373
24.2 User Summary .................................................................................................................376
24.2.1 Add/Edit User ......................................................................................................... 376
24.3 Group Summary ..............................................................................................................379
24.3.1 Add/Edit Group ...................................................................................................... 380
24.4 Setting ............................................................................................................................ 381
24.4.1 Edit User Authentication Timeout Settings ........................................ ..................... 384
24.4.2 User Aware Login Example ............... ... ... .... ... ........................................................ 386
Chapter 25
AP Profile............................................................................................................................387
25.1 Overview .......................................................................................................................... 387
25.1.1 What You Can Do in this Chapter .......................................................................... 387
25.1.2 What You Need To Know ....................................................................................... 387
25.2 Radio ............................................................................................................................... 388
25.2.1 Add/Edit Radio Profile ............................................................................................389
25.3 SSID ............................................................................................................................... 392
25.3.1 SSID List ................................................................................................................392
25.3.2 Security List ............................................................................................................ 396
25.3.3 MAC Filter List ........................................................................................................ 399
Chapter 26
MON Profile ........................................................................................................................401
26.1 Overview .......................................................................................................................... 401
26.1.1 What You Can Do in this Chapter .......................................................................... 401
26.1.2 What You Need To Know ....................................................................................... 401
26.2 MON Profile ..................................................................................................................... 402
26.2.1 Add/Edit MON Profile ............................................................................................. 403
26.3 Technical Reference ........................................................................................................404
Chapter 27
Addresses...........................................................................................................................407
27.1 Overview .......................................................................................................................... 407
27.1.1 What You Can Do in this Chapter .......................................................................... 407
27.1.2 What You Need To Know ....................................................................................... 407
27.2 Address Summary ...........................................................................................................407
27.2.1 Add/Edit Address ..................................................................................................409
27.3 Address Group Summary ................................................................................................ 410
27.3.1 Add/Edit Address Group Rule .......... ... ... .... ... ... ... .... ............................................. ..411
NXC5200 User’s Guide
17
Table of Contents
Chapter 28
Services............................................................................................................................413
28.1 Overview .......................................................................................................................... 413
28.1.1 What You Can Do in this Chapter .......................................................................... 413
28.1.2 What You Need to Know ........................................................................................ 413
28.2 Service Summary ............................................................................................................415
28.2.1 Add/Edit Service Rule ........................................................................................... 416
28.3 Service Group Summary ................................................................................................ 417
28.3.1 Add/Edit Service Group Rule ................................................................................ 418
Chapter 29
Schedules..........................................................................................................................419
29.1 Overview .......................................................................................................................... 419
29.1.1 What You Can Do in this Chapter .......................................................................... 419
29.1.2 What You Need to Know ........................................................................................ 419
29.2 Schedule Summary ......................................................................................................... 420
29.2.1 Add/Edit Schedule One-Time Rule .................. ... .... ............................................. . 421
29.2.2 Add/Edit Schedule Recurring Rule ........................................................................ 422
Chapter 30
AAA Server.........................................................................................................................425
30.1 Overview .......................................................................................................................... 425
30.1.1 What You Can Do in this Chapter .......................................................................... 425
30.1.2 What You Need To Know ....................................................................................... 425
30.2 Active Directory / LDAP ...................................................................................................429
30.2.1 Add/Edit Active Directory / LDAP Server ............................................................... 430
30.3 RADIUS ........................................................................................................................... 433
30.3.1 Add/Edit RADIUS .................................................................................................. 434
Chapter 31
Authentication Method......................................................................................................437
31.1 Overview .......................................................................................................................... 437
31.1.1 What You Can Do in this Chapter .......................................................................... 437
31.1.2 Before You Begin ...................................................................................................437
31.2 Authentication Method .....................................................................................................437
31.2.1 Add Authentication Method ...................................... .............................................. 438
Chapter 32
Certificates .........................................................................................................................441
18
32.1 Overview .......................................................................................................................... 441
32.1.1 What You Can Do in this Chapter .......................................................................... 441
32.1.2 What You Need to Know ........................................................................................ 441
32.1.3 Verifying a Certificate .............................................................................................443
NXC5200 User’s Guide
Table of Contents
32.2 My Certificates ................................................................................................................ 445
32.2.1 Add My Certificates ................................................................................................447
32.2.2 Edit My Certificates ................................................................................................ 451
32.2.3 Import Certificates ................................................................................................. 454
32.3 Trusted Certificates .......................................................................................................... 455
32.3.1 Edit Trusted Certificates .............................. ........................................................... 457
32.3.2 Import Trusted Certificates ............................. ... ... .... ... ........................................... 460
32.4 Technical Reference ........................................................................................................461
Chapter 33
System..................................................................................................................................463
33.1 Overview .......................................................................................................................... 463
33.1.1 What You Can Do in this Chapter .......................................................................... 463
33.2 Host Name ....................................................................................................................... 464
33.3 Date and Time ................................................................................................................ 464
33.3.1 Pre-defined NTP Time Servers List ............................................. ... ... .... ... ... ... ... .... . 467
33.3.2 Time Server Synchronization ................................................................................. 468
33.4 Console Speed ................................................................................................................ 469
33.5 DNS Overview ................................................................................................................. 469
33.5.1 DNS Server Address Assignment .......................................................................... 469
33.5.2 Configuring the DNS Screen ................................ .......................................... ........ 470
33.5.3 Address Record .................................................................................................... 472
33.5.4 PTR Record ........................................................................................................... 473
33.5.5 Adding an Address/PTR Record ............................................................................ 473
33.5.6 Domain Zone Forwarder ............... ............................................. ... ... .... ................. 474
33.5.7 Add Domain Zone Forwarder ................................................................................. 474
33.5.8 MX Record ............................................................................................................475
33.5.9 Add MX Record ...................................................................................................... 476
33.5.10 Add Service Control ............................................................................................. 476
33.6 WWW Overview ..............................................................................................................477
33.6.1 Service Access Limitations .................................................................................... 477
33.6.2 System Timeout ..................................................................................................... 478
33.6.3 HTTPS ...................................................................................................................478
33.6.4 Configuring WWW Service Control ........................................................................ 479
33.6.5 Service Control Rules ............................................................................................ 483
33.6.6 HTTPS Example ....................................................................................................483
33.7 SSH .............................................................................................................................. 490
33.7.1 How SSH Works ......................................................... ... ... ... .... ... ... ........................ 491
33.7.2 SSH Implementation on the NXC ........................................................................... 492
33.7.3 Requirements for Using SSH ................................................................................. 492
33.7.4 Configuring SSH ....................................................................................................493
33.7.5 Examples of Secure Telnet Using SSH .................................................................. 494
33.8 Telnet .............................................................................................................................. 496
NXC5200 User’s Guide
19
Table of Contents
33.9 FTP ................................................................................................................................. 497
33.10 SNMP ........................................................................................................................... 500
33.10.1 Supported MIBs ................................................................................................... 501
33.10.2 SNMP Traps ......................................................................................................... 501
33.10.3 Configuring SNMP ............................................................................................... 502
33.11 Language .......................... .... ... ..................................................................................... 503
Chapter 34
Log and Report ....................................................................................................................505
34.1 Overview .......................................................................................................................... 505
34.1.1 What You Can Do In this Chapter .......................................................................... 505
34.2 Email Daily Report ........................................................................................................... 505
34.3 Log Setting ..................................................................................................................... 507
34.3.1 Log Setting Summary ............................................................................................. 508
34.3.2 Edit Log Settings ...................................................................................................510
34.3.3 Edit Remote Server ............................................................................................... 514
34.3.4 Active Log Summary ............................................................................................. 516
Chapter 35
File Manager........................................................................................................................519
35.1 Overview .......................................................................................................................... 519
35.1.1 What You Can Do in this Chapter .......................................................................... 519
35.1.2 What you Need to Know ........................................................................................ 519
35.2 Configuration File ............................................................................................................ 522
35.3 Firmware Package ..........................................................................................................525
35.4 Shell Script ..................................................................................................................... 527
Chapter 36
Diagnostics..........................................................................................................................531
36.1 Overview .......................................................................................................................... 531
36.1.1 What You Can Do in this Chapter .......................................................................... 531
36.2 Diagnostics ..................................................................................................................... 531
36.3 Packet Capture ...............................................................................................................532
36.3.1 Packet Capture Files .................................. ... ............................................. ... ... .... . 534
36.3.2 Example of Viewing a Packet Capture File .............................. ... ... ... .... ... ... ... ... .....535
36.4 Wireless Frame Capture .. ... .............................................. ... ... ... ... .................................. 536
36.4.1 Wireless Frame Capture Files ............................................................................... 538
Chapter 37
Reboot....................................................................................................................................539
37.1 Overview .......................................................................................................................... 539
37.1.1 What You Need To Know ....................................................................................... 539
37.2 Reboot .............................................................................................................................539
20
NXC5200 User’s Guide
Table of Contents
Chapter 38
Shutdown........................................................................................................................541
38.1 Overview .......................................................................................................................... 541
38.1.1 What You Need To Know ....................................................................................... 541
38.2 Shutdown .........................................................................................................................541
Chapter 39
Troubleshooting....................................................................................................................543
39.1 Overview .......................................................................................................................... 543
39.1.1 General ..................................................................................................................543
39.1.2 Wireless .................................................................................................................555
39.2 Resetting the NXC ........................................................................................................... 557
39.3 Getting More Troubleshooting Help ................................................................................. 557
Chapter 40
Product Specifications.........................................................................................................559
Appendix A Log Descriptions...............................................................................................565
Appendix B Common Services.............................................................................................613
Appendix C Displaying Anti-Virus Alert Messages in Windows............................................617
Appendix D Importing Certificates........................................................................................619
Appendix E Wireless LANs ..................................................................................................633
Appendix F Open Software Announcements.......................................................................647
Appendix G Legal Information..............................................................................................699
Index.......................................................................................................................................703
NXC5200 User’s Guide
21
Table of Contents
22
NXC5200 User’s Guide
PART I

User’s Guide

23
24
CHAPTER 1

Introduction

1.1 Overview

The NXC is a comprehensive wireless L AN controller. Its flexible con figuration helps network administrators set up wireless LAN networks and efficiently enforce security policies over them. In addition, the NXC provides excellent throughput, making it an ideal solution for reliable, secure service.
The NXC’s security features include firewall, anti-virus, Intrusion Detection and Prevention (IDP), Anomaly Detection and Protection (ADP), and certificates. It also provides bandwidth management, captive portal configuration, NAT, port forwarding, policy routing, DHCP server , extensi ve wireless AP control options, and many other powerful features. Flexible configuration helps you set up the network and enforce security policies efficiently.
The front panel physical Gigabit Ethernet ports (labeled P1, P2, P3, and so on) are mapped to Gigabit Ethernet (ge) interfaces. By default P1 is mapped to ge1, P2 is mapped to ge2 and so on.
• The default LAN IP address is 192.168.1.1.
• The default administrator login user name and password are “admin” and “1234” respectively.

1.2 Rack-mounted Installation

Note: ZyXEL provides a sliding rail accessory for your use with your device. Please
contact your local vendor for details.
The NXC can be mounted on an EIA standard si ze, 19-inch rack or in a wiring closet with other equipment. Follow the steps below to mount your NXC on a standard EIA rack using a rack-mounting kit. Make sure the rack will safely support the combined weight of all the equipment it contains and that the position of the NXC does not make the rack unstable or top-heavy. Take all necessary precautions to anchor the rack securely before installing the unit.
Note: Leave 10 cm of clearance at the sides and 20 cm in the rear.
NXC5200 User’s Guide
25
Chapter 1 Introduction
Use a #2 Phillips screwdriver to install the screws.
Note: Failure to use the proper screws may damage the unit.
1.2.1 Rack-Mounted Installation Procedure
1 Align one bracket with the holes on one side of the NXC and secure it with the
included bracket screws (smaller than the rack-mounting screws).
2 Attach the other bracket in a similar fashion.
3 After attaching both mounting brackets, position the NXC in the rack by lining up
the holes in the brackets with the appropriate holes on the rack. Secure the NXC to the rack with the rack-mounting screws.
26
NXC5200 User’s Guide
1.2.2 LAN Module Installation Procedure
1 Turn the NXC over so that its bottom side faces up, then remove the LAN module
screw.
Chapter 1 Introduction
2 Slide the empty LAN Module tray out of the NXC chassis.
NXC5200 User’s Guide
27
Chapter 1 Introduction
3 Slide the LAN Module into the empty module bay, gently but firmly pressing it into
the NXC’s logic board until you feel it snap into place.
4 Secure the newly installed LAN Module with the screw you removed in step 1.
28
NXC5200 User’s Guide

1.3 Front and Back Panels

This section gives you an overview of the front and back panels. There are three possible front panel conf igurations, depending on how the expansion bay is used. The back panel remains static across all configurations.
In configuration 1, the expansion bay is empty.
Figure 1 NXC Front Panel - Configuration 1
In configuration 2, the expansion bay utilizes an Ethernet module which provides an additional 4 Ethernet ports.
Figure 2 NXC Front Panel - Configuration 2
Chapter 1 Introduction
In configuration 3, the expansion bay utilizes a Fiber port modules, which provides fiber optic connectivity. This allows you to expand management of your APs to distances greater than allowed by pure Ethernet connections.
Figure 3 NXC Front Panel - Configuration 3
Here is the back panel for all configurations.
Figure 4 NXC Back panel - All Configurations
1.3.1 1000Base-T Ports
The 1000Base-T auto-negotiating, auto-crossover Ethernet ports support 100/ 1000 Mbps Gigabit Ethernet so the speed can be 100 Mbps or 1000 Mbps. The duplex mode can be both half or full duplex at 100 Mbps and full duplex only at 1000 Mbps. An auto-negotiating port can detect and adjust to the optimum Ethernet speed (100/1000 Mbps) and duplex mode (full duplex or half duplex) of the connected device.
NXC5200 User’s Guide
29
Chapter 1 Introduction
An auto-crossover (auto-MDI/MDI-X) port automatically works with a straight­through or crossover Ethernet cable.
Default Ethernet Settings
The factory default negotiation settings f or the Ethernet ports on the NXC are:
• Speed: Auto
•Duplex: Auto
• Flow control: On (you cannot configure the flow control setting, but the NXC can negotiate with the peer and turn it off if needed)
1.3.2 Optional Fiber Ports
Fiber connectivity requires a few additional considerations when you deploy the NXC with that in mind.
Figure 5 Fiber Connection Example
CS
PoE
NXC
AP
First, you must have a fiber-based Core Switch (CS) upstream of the NXC. It connects to one of the available fiber ports in the Fiber port module loaded into the NXC’s expansion bay. Next, an additional fiber connection is established between the NXC and a downstream fiber-based Power over Ethernet ( PoE) capable of converting Fiber-to-Ethernet data packets (s uch as the ZyXEL MC1000­SFP-FP). Finally, you connect your AP to the edge switch using an Ethernet cable.
30
NXC5200 User’s Guide
Loading...
+ 690 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use