ZyAIR G-5100
Outdoor 802.11g Business Access Point/Bridge/Repeater
User’s Guide
Version 3.50
11/2004
ZyAIR G-5100 User’s Guide
Copyright
Copyright © 2004 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed,
stored in a retrieval system, translated into any language, or transmitted in any form or by any
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or
software described herein. Neither does it convey any license under its patent rights nor the
patent rights of others. ZyXEL further reserves the right to make changes in any products
described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identification purposes only and may be properties of their respective owners.
Copyright 2
ZyAIR G-5100 User’s Guide
Federal Communications
Commission (FCC) Interference
Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two
conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause
undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital
device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a commercial environment. This equipment
generates, uses, and can radiate radio frequency energy, and if not installed and used in
accordance with the instructions, may cause harmful interference to radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be
determined by turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and the receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver
is connected.
• Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate the equipment.
Certifications
Go to www.zyxel.com
1 Select your product from the drop-down list box on the ZyXEL home page to go to that
product's page.
2 Select the certification you wish to view from this page
3 Federal Communications Commission (FCC) Interference Statement
ZyAIR G-5100 User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects
in materials or workmanship for a period of up to two years from the date of purchase. During
the warranty period, and upon proof of purchase, should the product have indications of failure
due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the
defective products or components without charge for either parts or labor, and to whatever
extent it shall deem necessary to restore the product or components to proper operating
condition. Any replacement will consist of a new or re-manufactured functionally equivalent
product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not
apply if the product is modified, misused, tampered with, damaged by an act of God, or
subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the
purchaser. This warranty is in lieu of all other warranties, express or implied, including any
implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in
no event be held liable for indirect or consequential damages of any kind of character to the
purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return
Material Authorization number (RMA). Products must be returned Postage Prepaid. It is
recommended that the unit be insured when shipped. Any returned products without proof of
purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of
ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products
will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty
gives you specific legal rights, and you may also have other rights that vary from country to
country.
ZyXEL Limited Warranty 4
ZyAIR G-5100 User’s Guide
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
Customer Support
METHOD
LOCATION
WORLDWIDE
NORTH
AMERICA
GERMANY
FRANCE
SPAIN
DENMARK
NORWAY
SWEDEN
FINLAND
a. “+” is the (prefix) number you enter to make an international telephone call.
SUPPORT E-MAIL TELEPHONE
SALES E-MAIL FAX FTP SITE
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com
support@zyxel.com +1-800-255-4101
+1 -714 -632-0882
sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com
support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.
sales@zyxel.de +49-2405-6909-99
info@zyxel.fr +33 (0)4 72 52 97 97 www.zyxel.fr Z yX E L F r an c e
+33 (0)4 72 52 19 20
support@zyxel.es +34 902 195 420 www.zyxel.es Z yX E L C o m m un i c a t i o n s
sales@zyxel.es +34 913 005 345
support@zyxel.dk +45 39 55 07 00 www.zyxel.dk Z y X E L C o m m u n i c a t i o n s A / S
sales@zyxel.dk +45 39 55 07 07
support@zyxel.no +47 22 80 61 80 www.zyxel.no Z y X E L C o m m u n i c a t i o n s A / S
sales@zyxel.no +47 22 80 61 81
support@zyxel.se +46 31 744 7700 www.zyxel.se ZyXEL Communications A/S
sales@zyxel.se +46 31 744 7701
support@zyxel.fi +358-9-4780-8411 www.zyxel.fi Z yXEL Comm un i cations O y
sales@zyxel.fi +358-9-4780 8448
A
WEB SITE
www.europe.zyxel.com
ftp.europe.zyxel.com
www.us.zyxel.com ZyXEL Communications Inc.
REGULAR MAIL
ZyXEL Communications Corp.
6 Innov ati on Roa d II
Sc ience Park
Hs inchu 3 00
Ta iw a n
1130 N. Miller St.
Ana hei m
CA 92806- 2001
U.S.A.
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany
1 rue de s Ve rg er s
Ba t. 1 / C
69760 Limonest
France
A l e j a n d r o V i l l e g a s 3 3
1 º , 2 8 0 4 3 M a d r i d
Spain
Col um bu sv ej 5
2860 Soeborg
Denmark
Ni ls Hansens vei 13
0667 Oslo
Norway
Sjöporten 4, 41764 Göteborg
Sweden
Mal mi nk aa ri 10
00700 Helsinki
Finland
5 Customer Support
ZyAIR G-5100 User’s Guide
Table of Contents
Copyright .................................................................................................................. 2
Federal Communications Commission (FCC) Interference Statement ............... 3
ZyXEL Limited Warranty.......................................................................................... 4
Customer Support.................................................................................................... 5
Preface .................................................................................................................... 22
Chapter 1
Getting to Know Your ZyAIR ................................................................................. 26
1.1 Introducing the ZyAIR .......................................................................................26
1.2 ZyAIR Features ..................................................................................................26
1.3 Applications for the ZyAIR ..................................................................................30
1.3.1 Access Point .............................................................................................31
1.3.2 AP + Bridge ..............................................................................................31
1.3.3 Bridge / Repeater ......................................................................................32
Chapter 2
Introducing the Web Configurator........................................................................ 34
2.1 Accessing the ZyAIR Web Configurator .............................................................34
2.2 Resetting the ZyAIR ...........................................................................................35
2.3 Navigating the ZyAIR Web Configurator ............................................................36
Chapter 3
Wizard Setup .......................................................................................................... 40
3.1 Wizard Setup Overview ......................................................................................40
3.1.1 Channel ....................................................................................................40
3.1.2 SS ID ........................................................................................................40
3.1.3 WEP Encryption ........................................................................................40
3.2 Wizard Setup: General Setup ............................................................................41
3.3 Wizard Setup: Wireless LAN ..............................................................................42
3.4 Wizard Setup: IP Address ..................................................................................43
3.4.1 IP Address Assignment ............................................................................43
3.4.2 IP Address and Subnet Mask ...................................................................44
3.5 Basic Setup Complete ........................................................................................46
Table of Contents 6
ZyAIR G-5100 User’s Guide
Chapter 4
System Screens ..................................................................................................... 48
4.1 System Overview ...............................................................................................48
4.2 Configuring General Setup .................................................................................48
4.3 Configuring Password ........................................................................................49
4.4 Configuring Time Setting ...................................................................................50
Chapter 5
Wireless Configuration and Roaming ................................................................. 54
5.1 Wireless LAN Overview .....................................................................................54
5.1.1 IBSS ..........................................................................................................54
5.1.2 BSS ...........................................................................................................54
5.1.3 ESS ...........................................................................................................55
5.2 Wireless LAN Basics ..........................................................................................56
5.2.1 RTS/CTS .................................................................................................56
5.2.2 Fragmentation Threshold ..........................................................................57
5.3 Spanning Tree Protocol (STP) ...........................................................................58
5.3.1 Rapid STP ................................................................................................58
5.3.2 STP Terminology ......................................................................................58
5.3.3 How STP Works .......................................................................................59
5.3.4 STP Port States ........................................................................................59
5.4 Configuring Wireless ..........................................................................................59
5.4.1 Access Point Mode ...................................................................................60
5.4.2 Bridge/Repeater Mode ..............................................................................62
5.4.3 AP+Bridge Mode ......................................................................................66
5.5 Configuring Roaming .........................................................................................68
5.5.1 Requirements for Roaming .......................................................................69
Chapter 6
Wireless Security ................................................................................................... 72
6.1 Wireless Security Overview ...............................................................................72
6.2 WEP Overview ...................................................................................................72
6.2.1 Data Encryption .......................................................................................73
6.2.2 Authentication ...........................................................................................73
6.3 Configuring WEP Encryption ..............................................................................74
6.4 MAC Filter ..........................................................................................................76
6.5 IEEE 802.1x Overview .......................................................................................78
6.6 Introduction to Internal RADIUS Server .............................................................78
6.7 Introduction to RADIUS ......................................................................................78
6.7.1 Types of RADIUS Messages ....................................................................78
6.8 EAP Authentication Overview ............................................................................79
6.9 Dynamic WEP Key Exchange ............................................................................80
6.10 Introduction to WPA .........................................................................................81
7 Table of Contents
ZyAIR G-5100 User’s Guide
6.10.1 User Authentication ...............................................................................81
6.10.2 Encryption ..............................................................................................81
6.11 WPA-PSK Application Example ........................................................................81
6.12 WPA with RADIUS Application Example ..........................................................82
6.13 Security Parameters Summary ........................................................................83
6.14 Wireless Client WPA Supplicants .....................................................................84
6.15 Configuring 802.1x and WPA ...........................................................................84
6.16 Authentication Required: 802.1x ......................................................................85
6.17 Authentication Required: WPA .........................................................................89
6.18 Authentication Required: WPA-PSK ................................................................91
Chapter 7
IP Screen................................................................................................................. 94
7.1 Factory Ethernet Defaults ..................................................................................94
7.2 TCP/IP Parameters ............................................................................................94
7.2.1 IP Address and Subnet Mask ...................................................................94
7.2.2 WAN IP Address Assignment ...................................................................94
7.3 Configuring IP ....................................................................................................95
Chapter 8
Authentication Server............................................................................................ 98
8.1 Authentication Server Overview .........................................................................98
8.2 Configuring Authentication Server .....................................................................98
8.3 Configuring Trusted AP ......................................................................................99
8.4 Configuring Trusted Users ...............................................................................100
Chapter 9
Certificates............................................................................................................ 102
9.1 Certificates Overview .......................................................................................102
9.1.1 Advantages of Certificates ......................................................................103
9.2 Self-signed Certificates ....................................................................................103
9.3 Configuration Summary ...................................................................................103
9.4 My Certificates .................................................................................................103
9.5 Certificate File Formats ....................................................................................105
9.6 Importing a Certificate ......................................................................................106
9.7 Creating a Certificate .......................................................................................107
9.8 My Certificate Details .......................................................................................110
9.9 Trusted CAs .....................................................................................................113
9.10 Importing a Trusted CA’s Certificate ...............................................................115
9.11 Trusted CA Certificate Details ........................................................................ 116
Table of Contents 8
ZyAIR G-5100 User’s Guide
Chapter 10
Log Screens.......................................................................................................... 120
10.1 Configuring View Log .....................................................................................120
10.2 Configuring Log Settings ................................................................................122
Chapter 11
Maintenance ......................................................................................................... 126
11.1 Maintenance Overview ...................................................................................126
11.2 System Status Screen ....................................................................................126
11.2.1 System Statistics ...................................................................................127
11.3 Association List ..............................................................................................128
11.4 Channel Usage ...............................................................................................129
11.5 F/W Upload Screen ........................................................................................130
11.6 Configuration Screen ......................................................................................132
11.6.1 Backup Configuration ............................................................................133
11.6.2 Restore Configuration ..........................................................................134
11.6.3 Back to Factory Defaults .......................................................................135
11.7 Restart Screen ................................................................................................135
Chapter 12
Introducing the SMT ............................................................................................138
12.1 Introduction to the SMT ..................................................................................138
12.2 Accessing the SMT via the Console Port .......................................................138
12.2.1 Initial Screen .........................................................................................138
12.2.2 Entering the Password ..........................................................................139
12.3 Accessing the SMT via Telnet ........................................................................139
12.4 Navigating the SMT Interface .........................................................................140
12.4.1 System Management Terminal Interface Summary ..............................141
12.4.2 SMT Menus at a Glance .......................................................................141
12.5 Changing the System Password ....................................................................142
Chapter 13
General Setup....................................................................................................... 144
13.1 General Setup ................................................................................................144
13.1.1 Procedure To Configure Menu 1 ...........................................................144
Chapter 14
LAN Setup............................................................................................................. 146
14.1 LAN Setup ......................................................................................................146
14.2 TCP/IP Ethernet Setup ...................................................................................146
14.3 Wireless LAN Setup .......................................................................................147
14.3.1 Configuring MAC Address Filter ...........................................................150
14.3.2 Configuring Roaming ............................................................................152
9 Table of Contents
ZyAIR G-5100 User’s Guide
14.3.3 Configuring Bridge Link ........................................................................154
Chapter 15
Dial-in User Setup ................................................................................................ 158
15.1 Dial-in User Setup ..........................................................................................158
Chapter 16
SNMP Configuration ............................................................................................ 160
16.1 About SNMP ..................................................................................................160
16.2 Supported MIBs ............................................................................................161
16.3 SNMP Configuration ......................................................................................161
16.4 SNMP Traps ...................................................................................................162
Chapter 17
System Security ................................................................................................... 164
17.1 System Security .............................................................................................164
17.1.1 System Password .................................................................................164
17.1.2 Configuring External RADIUS Server ...................................................164
17.1.3 802.1x ...................................................................................................166
Chapter 18
System Information and Diagnosis .................................................................... 170
18.1 System Status ................................................................................................170
18.2 System Information ........................................................................................172
18.2.1 System Information ...............................................................................172
18.2.2 Console Port Speed ..............................................................................173
18.3 Log and Trace ................................................................................................173
18.3.1 Viewing Error Log .................................................................................174
18.4 Diagnostic ......................................................................................................174
Chapter 19
Firmware and Configuration File Maintenance ................................................. 176
19.1 Filename Conventions ...................................................................................176
19.2 Backup Configuration .....................................................................................177
19.2.1 Backup Configuration Using FTP .........................................................177
19.2.2 Using the FTP command from the DOS Prompt ..................................178
19.2.3 Backup Configuration Using TFTP .......................................................179
19.2.4 Example: TFTP Command ...................................................................179
19.2.5 Backup Via Console Port ......................................................................180
19.3 Restore Configuration ...................................................................................181
19.3.1 Restore Using FTP ...............................................................................181
19.4 Uploading Firmware and Configuration Files .................................................182
19.4.1 Firmware Upload ..................................................................................182
Table of Contents 10
ZyAIR G-5100 User’s Guide
19.4.2 Configuration File Upload .....................................................................183
19.4.3 Using the FTP command from the DOS Prompt Example ...................183
19.4.4 TFTP File Upload ..................................................................................184
19.4.5 Example: TFTP Command ...................................................................185
19.4.6 Uploading Via Console Port ..................................................................185
19.4.7 Uploading Firmware File Via Console Port ...........................................185
19.4.8 Example Xmodem Firmware Upload Using HyperTerminal ..................186
19.4.9 Uploading Configuration File Via Console Port ....................................186
19.4.10 Example Xmodem Configuration Upload Using HyperTerminal .........187
Chapter 20
System Maintenance and Information ...............................................................188
20.1 Command Interpreter Mode ...........................................................................188
20.2 Time and Date Setting ....................................................................................189
20.2.1 Resetting the Time ................................................................................191
Chapter 21
Troubleshooting ................................................................................................... 192
21.1 Problems Starting Up the ZyAIR ....................................................................192
21.2 Problems with Console Port Access ..............................................................192
21.3 Problems with the Ethernet Interface .............................................................193
21.4 Problems with the Password ..........................................................................193
21.5 Problems with Telnet ......................................................................................193
21.6 Problems with the WLAN Interface ................................................................194
Appendix A
Specifications...................................................................................................... 196
Appendix B
Packaging Specifications.................................................................................... 202
Appendix C
Power over Ethernet Specifications................................................................... 204
Appendix D
Setting up Your Computer’s IP Address............................................................ 206
Appendix E
IP Subnetting ........................................................................................................ 218
Appendix F
Wireless LAN and IEEE 802.11 ...........................................................................226
Appendix G
Wireless LAN With IEEE 802.1x .......................................................................... 230
11 Table of Contents
ZyAIR G-5100 User’s Guide
Appendix H
Types of EAP Authentication.............................................................................. 232
Appendix I
Outdoor Site Planning ......................................................................................... 234
Appendix J
Outdoor Installation Recommendations............................................................ 240
Appendix K
Command Interpreter........................................................................................... 244
Appendix L
Brute-Force Password Guessing Protection..................................................... 246
Appendix M
Log Descriptions.................................................................................................. 248
Index...................................................................................................................... 252
Table of Contents 12
ZyAIR G-5100 User’s Guide
13 Table of Contents
ZyAIR G-5100 User’s Guide
List of Figures
Figure 1 PoE Installation Example ...................................................................................... 27
Figure 2 WDS Functionality Example ................................................................................. 27
Figure 3 Access Point Application ....................................................................................... 31
Figure 4 AP+Bridge Application ........................................................................................ 32
Figure 5 Bridge Application ................................................................................................. 33
Figure 6 Repeater Application ............................................................................................. 33
Figure 7 Change Password Screen .................................................................................... 34
Figure 8 Replace Certificate Screen. .................................................................................. 35
Figure 9 Example Xmodem Upload .................................................................................... 36
Figure 10 The MAIN MENU Screen of the Web Configurator ............................................. 37
Figure 11 Wizard 1: General Setup ..................................................................................... 41
Figure 12 Wizard 2: Wireless LAN Setup ............................................................................ 42
Figure 13 Wizard 3: IP Address Assignment ...................................................................... 45
Figure 14 Wizard 4: Setup Complete .................................................................................. 46
Figure 15 System General .................................................................................................. 48
Figure 16 Password. ........................................................................................................... 50
Figure 17 Time Setting ........................................................................................................ 51
Figure 18 IBSS (Ad-hoc) Wireless LAN .............................................................................. 54
Figure 19 Basic Service Set ................................................................................................ 55
Figure 20 Extended Service Set ......................................................................................... 56
Figure 21 RTS/CTS ............................................................................................................. 57
Figure 22 Wireless: Access Point ....................................................................................... 60
Figure 23 Bridging Example ................................................................................................ 63
Figure 24 Bridge Loop: Two Bridges Connected to Hub ..................................................... 63
Figure 25 Bridge Loop: Bridge Connected to Wired LAN ................................................... 64
Figure 26 Wireless: Bridge/Repeater .................................................................................. 65
Figure 27 Wireless: AP+Bridge ........................................................................................... 67
Figure 28 Roaming Example ............................................................................................... 69
Figure 29 Roaming ..............................................................................................................70
Figure 30 ZyAIR Wireless Security Levels .......................................................................... 72
Figure 31 WEP Authentication Steps .................................................................................. 73
Figure 32 Wireless: WEP ................................................................................................... 75
Figure 33 MAC Address Filter ............................................................................................. 77
Figure 34 EAP Authentication ............................................................................................. 80
Figure 35 WPA - PSK Authentication .................................................................................. 82
Figure 36 WPA with RADIUS Application Example ............................................................ 83
List of Figures 14
ZyAIR G-5100 User’s Guide
Figure 37 Wireless LAN: 802.1x/WPA ................................................................................ 85
Figure 38 Wireless LAN: 802.1x/WPA for 802.1x Protocol ................................................. 86
Figure 39 Wireless LAN: 802.1x/WPA for WPA Protocol .................................................... 90
Figure 40 Wireless LAN: 802.1x/WPA for WPA-PSK Protocol ............................................ 92
Figure 41 IP Setup ............................................................................................................. 95
Figure 42 AUTH. SERVER: Setting .................................................................................... 98
Figure 43 AUTH. SERVER: Trusted AP .............................................................................. 100
Figure 44 AUTH. SERVER: Trusted Users ......................................................................... 101
Figure 45 Certificate Configuration Overview ..................................................................... 103
Figure 46 My Certificates .................................................................................................... 104
Figure 47 My Certificate Import ........................................................................................... 107
Figure 48 My Certificate Create .......................................................................................... 108
Figure 49 My Certificate Details .......................................................................................... 111
Figure 50 Trusted CAs ........................................................................................................ 114
Figure 51 Trusted CA Import ............................................................................................... 115
Figure 52 Trusted CA Details .............................................................................................. 117
Figure 53 View Log .............................................................................................................121
Figure 54 Log Settings ........................................................................................................ 123
Figure 55 System Status ..................................................................................................... 126
Figure 56 System Status: Show Statistics ........................................................................... 127
Figure 57 Association List ................................................................................................... 129
Figure 58 Channel Usage ................................................................................................... 130
Figure 59 Firmware Upload ................................................................................................. 131
Figure 60 Firmware Upload In Process ............................................................................... 132
Figure 61 Network Temporarily Disconnected .................................................................... 132
Figure 62 Firmware Upload Error ........................................................................................ 132
Figure 63 Configuration ....................................................................................................... 133
Figure 64 Configuration Upload Successful ........................................................................ 134
Figure 65 Network Temporarily Disconnected .................................................................... 134
Figure 66 Configuration Upload Error ................................................................................. 135
Figure 67 Reset Warning Message ..................................................................................... 135
Figure 68 Restart Screen .................................................................................................... 136
Figure 69 Initial Screen .......................................................................................................139
Figure 70 Login Screen ....................................................................................................... 140
Figure 71 SMT Main Menu ................................................................................................. 141
Figure 72 SMT Menu Overview Example ........................................................................... 142
Figure 73 Menu 23.1 System Security: Change Password ................................................. 143
Figure 74 Menu 1 General Setup ........................................................................................ 145
Figure 75 Menu 3 LAN Setup ............................................................................................. 146
Figure 76 Menu 3.2 TCP/IP Setup ...................................................................................... 147
Figure 77 Menu 3.5 Wireless LAN Setup ............................................................................ 148
Figure 78 Menu 3.5 Wireless LAN Setup ............................................................................ 151
Figure 79 Menu 3.5.1 WLAN MAC Address Filter .............................................................. 151
15 List of Figures
ZyAIR G-5100 User’s Guide
Figure 80 Menu 3.5 Wireless LAN Setup ............................................................................ 153
Figure 81 Menu 3.5.2 - Roaming Configuration .................................................................. 154
Figure 82 Menu 3.5 Wireless LAN Setup ............................................................................ 155
Figure 83 Menu 3.5.4 - Bridge Link Configuration .............................................................. 156
Figure 84 Menu 14- Dial-in User Setup ............................................................................... 158
Figure 85 Menu 14.1- Edit Dial-in User ............................................................................... 159
Figure 86 SNMP Management Model ................................................................................. 160
Figure 87 Menu 22 SNMP Configuration ........................................................................... 162
Figure 88 Menu 23 System Security ................................................................................... 164
Figure 89 Menu 23 System Security ................................................................................... 165
Figure 90 Menu 23.2 System Security: RADIUS Server ..................................................... 165
Figure 91 Menu 23 System Security ................................................................................... 166
Figure 92 Menu 23.4 System Security: IEEE802.1x ........................................................... 167
Figure 93 Menu 24 System Maintenance ........................................................................... 170
Figure 94 Menu 24.1 System Maintenance: Status ............................................................ 171
Figure 95 Menu 24.2 System Information and Console Port Speed ................................... 172
Figure 96 Menu 24.2.1 System Information: Information .................................................... 172
Figure 97 Menu 24.2.2 System Maintenance: Change Console Port Speed ...................... 173
Figure 98 Menu 24.3 System Maintenance: Log and Trace ............................................... 174
Figure 99 Sample Error and Information Messages ........................................................... 174
Figure 100 Menu 24.4 System Maintenance: Diagnostic .................................................... 175
Figure 101 Menu 24.5 Backup Configuration ...................................................................... 177
Figure 102 FTP Session Example ...................................................................................... 178
Figure 103 System Maintenance: Backup Configuration .................................................... 180
Figure 104 System Maintenance: Starting Xmodem Download Screen ............................. 180
Figure 105 Backup Configuration Example ......................................................................... 180
Figure 106 Successful Backup Confirmation Screen .......................................................... 181
Figure 107 Menu 24.6 Restore Configuration ..................................................................... 181
Figure 108 Menu 24.7 System Maintenance: Upload Firmware ......................................... 182
Figure 109 Menu 24.7.1 System Maintenance: Upload System Firmware ......................... 183
Figure 110 Menu 24.7.2 System Maintenance: Upload System Configuration File ............ 183
Figure 111 FTP Session Example ....................................................................................... 184
Figure 112 Menu 24.7.1 as Seen Using the Console Port .................................................. 186
Figure 113 Example Xmodem Upload ................................................................................ 186
Figure 114 Menu 24.7.2 as Seen Using the Console Port ................................................. 187
Figure 115 Example Xmodem Upload ................................................................................ 187
Figure 116 Menu 24 System Maintenance .......................................................................... 189
Figure 117 Valid CI Commands ........................................................................................... 189
Figure 118 Menu 24.10 System Maintenance: Time and Date Setting ............................... 190
Figure 119 Inspection Cosmetic and Function .................................................................... 199
Figure 120 WIndows 95/98/Me: Network: Configuration ..................................................... 207
Figure 121 Windows 95/98/Me: TCP/IP Properties: IP Address ......................................... 208
Figure 122 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ............................ 209
List of Figures 16
ZyAIR G-5100 User’s Guide
Figure 123 Windows XP: Start Menu .................................................................................. 210
Figure 124 Windows XP: Control Panel .............................................................................. 210
Figure 125 Windows XP: Control Panel: Network Connections: Properties ....................... 211
Figure 126 Windows XP: Local Area Connection Properties .............................................. 211
Figure 127 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 212
Figure 128 Windows XP: Advanced TCP/IP Properties ...................................................... 213
Figure 129 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 214
Figure 130 Macintosh OS 8/9: Apple Menu ........................................................................ 215
Figure 131 Macintosh OS 8/9: TCP/IP ................................................................................ 215
Figure 132 Macintosh OS X: Apple Menu ........................................................................... 216
Figure 133 Macintosh OS X: Network ................................................................................. 217
Figure 134 Peer-to-Peer Communication in an Ad-hoc Network ........................................ 227
Figure 135 ESS Provides Campus-Wide Coverage ........................................................... 228
Figure 136 Sequences for EAP MD5–Challenge Authentication ........................................ 231
17 List of Figures
ZyAIR G-5100 User’s Guide
List of Tables
Table 1 IEEE 802.11g ......................................................................................................... 28
Table 2 IEEE 802.11b ......................................................................................................... 28
Table 3 Screens Summary ................................................................................................. 37
Table 4 Wizard 1: General Setup ....................................................................................... 41
Table 5 Wizard 2: Wireless LAN Setup .............................................................................. 42
Table 6 Private IP Address Ranges ................................................................................... 43
Table 7 Wizard 3: IP Address Assignment ......................................................................... 45
Table 8 System General Setup .......................................................................................... 48
Table 9 Password ............................................................................................................... 50
Table 10 Time Setting ........................................................................................................ 51
Table 11 STP Path Costs ................................................................................................... 58
Table 12 STP Port States ................................................................................................... 59
Table 13 Wireless: Access Point ........................................................................................ 61
Table 14 Wireless: Bridge/Repeater ................................................................................... 65
Table 15 Roaming ..............................................................................................................70
Table 16 Wireless: WEP ..................................................................................................... 75
Table 17 MAC Address Filter ............................................................................................. 77
Table 18 Wireless Security Relational Matrix ..................................................................... 83
Table 19 Wireless LAN: 802.1x/WPA ................................................................................. 85
Table 20 Wireless LAN: 802.1x/WPA for 802.1x Protocol .................................................. 87
Table 21 Wireless LAN: 802.1x/WPA for WPA Protocol ..................................................... 91
Table 22 Wireless LAN: 802.1x/WPA for WPA-PSK Protocol ............................................ 92
Table 23 Private IP Address Ranges ................................................................................. 94
Table 24 IP Setup ............................................................................................................... 95
Table 25 AUTH. SERVER: Setting ..................................................................................... 99
Table 26 AUTH. SERVER: Trusted AP .............................................................................. 100
Table 27 AUTH. SERVER: Trusted Users .......................................................................... 101
Table 28 My Certificates ..................................................................................................... 104
Table 29 My Certificate Import ........................................................................................... 107
Table 30 My Certificate Create ........................................................................................... 108
Table 31 My Certificate Details ........................................................................................... 112
Table 32 Trusted CAs ......................................................................................................... 114
Table 33 Trusted CA Import ............................................................................................... 116
Table 34 Trusted CA Details ............................................................................................... 118
Table 35 View Log .............................................................................................................. 121
Table 36 Log Settings .........................................................................................................123
List of Tables 18
ZyAIR G-5100 User’s Guide
Table 37 System Status ...................................................................................................... 126
Table 38 System Status: Show Statistics ........................................................................... 127
Table 39 Association List .................................................................................................... 129
Table 40 Channel Usage .................................................................................................... 130
Table 41 Firmware Upload ................................................................................................. 131
Table 42 Restore Configuration .......................................................................................... 134
Table 43 Main Menu Commands ....................................................................................... 140
Table 44 Main Menu Summary .......................................................................................... 141
Table 45 Menu 1 General Setup ........................................................................................ 145
Table 46 Menu 3.2 TCP/IP Setup ....................................................................................... 147
Table 47 Menu 3.5 Wireless LAN Setup ............................................................................ 148
Table 48 Menu 3.5.1 WLAN MAC Address Filter ............................................................... 152
Table 49 Menu 3.5.2 - Roaming Configuration .................................................................. 154
Table 50 Menu 3.5.4 Bridge Link Configuration ................................................................. 156
Table 51 Menu 14.1- Edit Dial-in User ............................................................................... 159
Table 52 Menu 22 SNMP Configuration ............................................................................. 162
Table 53 SNMP Traps ........................................................................................................ 162
Table 54 Ports and Interface Types .................................................................................... 163
Table 55 Menu 23.2 System Security: RADIUS Server ..................................................... 165
Table 56 Menu 23.4 System Security: IEEE802.1x ............................................................ 167
Table 57 Menu 24.1 System Maintenance: Status ............................................................. 171
Table 58 Menu 24.2.1 System Maintenance: Information .................................................. 173
Table 59 Menu 24.4 System Maintenance Menu: Diagnostic ............................................ 175
Table 60 Filename Conventions ......................................................................................... 177
Table 61 General Commands for Third Party FTP Clients ................................................. 178
Table 62 General Commands for Third Party TFTP Clients .............................................. 179
Table 63 System Maintenance: Time and Date Setting ..................................................... 190
Table 64 Troubleshooting the Start-Up of Your ZyAIR ....................................................... 192
Table 65 Troubleshooting Console Port Access ................................................................. 192
Table 66 Troubleshooting the Ethernet Interface ............................................................... 193
Table 67 Troubleshooting the Password ............................................................................ 193
Table 68 Troubleshooting Telnet ........................................................................................ 193
Table 69 Troubleshooting the WLAN Interface ................................................................... 194
Table 70 Environmental Conditions .................................................................................... 196
Table 71 Inspection Channel (CH1, CH7, CH13) ............................................................... 196
Table 72 Hardware Specifications ...................................................................................... 196
Table 73 Radio Specifications ............................................................................................ 197
Table 74 Rx Sensitivity (@ FER = 0.08) ............................................................................. 197
Table 75 Transmitting System ............................................................................................ 198
Table 76 Receiving System ................................................................................................ 198
Table 77 Current Consumption .......................................................................................... 198
Table 78 Approvals ............................................................................................................. 199
Table 79 Packaging Specifications ..................................................................................... 202
19 List of Tables
ZyAIR G-5100 User’s Guide
Table 80 Power over Ethernet Injector Specifications ....................................................... 204
Table 81 Power over Ethernet Injector RJ-45 Port Pin Assignments ................................. 204
Table 82 Classes of IP Addresses ..................................................................................... 218
Table 83 Allowed IP Address Range By Class ................................................................... 219
Table 84 “Natural” Masks .................................................................................................. 219
Table 85 Alternative Subnet Mask Notation ....................................................................... 220
Table 86 Two Subnets Example ......................................................................................... 220
Table 87 Subnet 1 .............................................................................................................. 221
Table 88 Subnet 2 .............................................................................................................. 221
Table 89 Subnet 1 .............................................................................................................. 222
Table 90 Subnet 2 .............................................................................................................. 222
Table 91 Subnet 3 .............................................................................................................. 222
Table 92 Subnet 4 .............................................................................................................. 223
Table 93 Eight Subnets ...................................................................................................... 223
Table 94 Class C Subnet Planning ..................................................................................... 223
Table 95 Class B Subnet Planning ..................................................................................... 224
Table 96 Comparison of EAP Authentication Types ........................................................... 233
Table 97 Brute-Force Password Guessing Protection Commands .................................... 246
Table 98 System Maintenance Logs .................................................................................. 248
Table 99 ICMP Notes ......................................................................................................... 248
Table 100 Sys log ............................................................................................................... 249
Table 101 Log Categories and Available Settings .............................................................. 250
List of Tables 20
ZyAIR G-5100 User’s Guide
21 List of Tables
ZyAIR G-5100 User’s Guide
Preface
Congratulations on your purchase of the ZyAIR G-5100 Outdoor 802.11g Business Access
Point/Bridge/Repeater.
The ZyAIR is an AP through which wireless stations can communicate and/or access a wired
network.
The ZyAIR can also function as a wireless network bridge/repeater and establish up to six
wireless links with other APs.
The ZyAIR also supports both AP and bridge connections at the same time.
Your ZyAIR is easy to install and configure.
Note: Register your product online to receive e-mail notices of
firmware upgrades and information at www.zyxel.com
products, or at www.us.zyxel.com
for North American products.
for global
About This User's Guide
This User’s Guide is designed to guide you through the configuration of your ZyAIR using the
web configurator or the SMT. The web configurator parts of this guide contain background
information on features configurable by web configurator. The SMT parts of this guide
contain background information solely on features not configurable by web configurator
Note: Use the web configurator, System Management Terminal (SMT) or
command interpreter interface to configure your ZyAIR. Not all features can
be configured through all interfaces.
Related Documentation
• Supporting Disk
Refer to the included CD for support documents.
• Compact Guide
The Compact Guide is designed to help you get up and running right away. They contain
connection information and instructions on getting started.
• Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary
information.
• ZyXEL Glossary and Web Site
Please refer to www.zyxel.com for an online glossary of networking terms and additional
support documentation.
Preface 22
ZyAIR G-5100 User’s Guide
User Guide Feedback
Help us help you. E-mail all User Guide-related comments, questions or suggestions for
improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing
Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park,
Hsinchu, 300, Taiwan. Thank you.
Syntax Conventions
• “Enter” means for you to type one or more characters. “Select” or “Choose” means for
you to use one predefined choices.
• The SMT menu titles and labels are in Bold Times New Roman font. Predefined field
choices are in Bold Arial font. Command and arrow keys are enclosed in square
brackets. [ENTER] means the Enter, or carriage return key; [ESC] means the Escape key
and [SPACE BAR] means the Space Bar.
• Mouse action sequences are denoted using a comma. For example, “click the Apple icon,
Control Panels and then Modem ” means first click the Apple icon, then point your
mouse pointer to Control Panels and then click Modem.
• For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for
“that is” or “in other words” throughout this manual.
• The ZyAIR G-5100 may be referred to simply as the ZyAIR in the user’s guide.
23 Preface
Graphics Icons Key
ZyAIR Computer Notebook computer
Server DSLAM Firewall
Modem Switch Router
ZyAIR G-5100 User’s Guide
Wireless Signal
Preface 24
ZyAIR G-5100 User’s Guide
25 Preface
Getting to Know Your ZyAIR
This chapter introduces the main features and applications of the ZyAIR.
1.1 Introducing the ZyAIR
The ZyAIR G-5100 is an enterprise level, outdoor IEEE 802.11g compliant business access
point, bridge and repeater with excellent wireless performance. Wireless Distribution System
(WDS) support provides flexibility in building an extended wireless network with bridge and
repeater applications. IEEE 802.1x, Wi-Fi Protected Access, WEP data encryption and MAC
address filtering offer highly secured wireless connectivity.
Rugged die-cast, watertight construction, built-in lightening protection, and grounding make
the ZyAIR perfect for outdoors applications.
ZyAIR G-5100 User’s Guide
CHAPTER 1
It is easy to install and configure the ZyAIR. The embedded web-based configurator includes a
wireless link test that you can use to help you align the device. The web-based configurator
allows remote configuration and management of your ZyAIR. The Power over Ethernet (PoE)
feature means that power can be delivered to the ZyAIR over an Ethernet line. This allows you
to mount the ZyAIR in areas where there are no nearby power sources.
1.2 ZyAIR Features
The following sections describe the features of the ZyAIR
10/100M Auto-negotiating Ethernet/Fast Ethernet Interface
This auto-negotiating feature allows the ZyAIR to detect the speed of incoming transmissions
and adjust appropriately without manual intervention. It allows data transfer of either 10 Mbps
or 100 Mbps in either half-duplex or full-duplex mode depending on your Ethernet network.
Power over Ethernet (PoE)
Power over Ethernet (PoE) is the ability to provide power to your ZyAIR via an 8-pin CAT 5
Ethernet cable, eliminating the need for a nearby power source. The ZyAIR G-5100 includes a
special high current power injector that allows the ZyAIR to be located farther away. This
feature allows increased flexibility in the locating of your ZyAIR.
Chapter 1 Getting to Know Your ZyAIR 26
ZyAIR G-5100 User’s Guide
Figure 1 PoE Installation Example
Wi-Fi Protected Access
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification draft.
Key differences between WPA and WEP are user authentication and improved data
encryption.
WDS Functionality
A Distribution System (DS) is a wired connection between two or more APs, while a Wireless
Distribution System (WDS) is a wireless connection. Your ZyAIR supports WDS, providing a
cost-effective solution for wireless network expansion.
Figure 2 WDS Functionality Example
27 Chapter 1 Getting to Know Your ZyAIR
ZyAIR G-5100 User’s Guide
IEEE 802.11g Wireless LAN Standard
The ZyAIR complies with the IEEE 802.11g wireless standard. IEEE 802.11g has several
intermediate rate steps between the maximum and minimum data rates. The IEEE 802.11g
data rate and modulation are as follows. The modulation technique defines how bits are
encoded onto radio waves.
Table 1 IEEE 802.11g
DATA RATE
(MBPS)
6/9/12/18/24/36/48/54 OFDM (Orthogonal Frequency Division Multiplexing)
MODULATION
Note: The ZyAIR may be prone to RF (Radio Frequency)
interference from other 2.4 GHz devices such as microwave
ovens, wireless phones, Bluetooth enabled devices, and other
wireless LANs.
IEEE 802.11b Wireless LAN Standard
The ZyAIR also fully complies with the IEEE 802.11b standard. This means an IEEE 802.11b
radio card can interface directly with an IEEE 802.11g device (and vice versa) at 11 Mbps or
lower depending on range.
The IEEE 802.11b data rate and corresponding modulation techniques are shown in the table
below.
Table 2 IEEE 802.11b
DATA RATE (MBPS) MODULATION
1 DBPSK (Differential Binary Phase Shift Keyed)
2 DQPSK (Differential Quadrature Phase Shift Keying)
5.5 / 11 CCK (Complementary Code Keying)
STP (Spanning Tree Protocol) / RSTP (Rapid STP)
(R)STP detects and breaks network loops and provides backup links between switches,
bridges or routers. It allows a bridge to interact with other (R)STP -compliant bridges in your
network to ensure that only one path exists between any two stations on the network.
Limit the Number of Client Connections
You may set a maximum number of wireless stations that may connect to the ZyAIR. This
may be necessary if for example, there is interference or difficulty with channel assignment
due to a high density of APs within a coverage area.
Chapter 1 Getting to Know Your ZyAIR 28
ZyAIR G-5100 User’s Guide
SSL Passthrough
SSL (Secure Sockets Layer) uses a public key to encrypt data that's transmitted over an SSL
connection. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites
use the protocol to obtain confidential user information, such as credit card numbers. By
convention, URLs that require an SSL connection start with “https” instead of “http”. The
ZyAIR allows SSL connections to take place through the ZyAIR.
VPN Passthrough
VPN (Virtual Private Network) connections use data encryption to provide secure
communications over unsecure networks (like the Internet). The ZyAIR allows VPN
connections to go through it.
Brute-Force Password Guessing Protection
The ZyAIR has a special protection mechanism to discourage brute-force password guessing
attacks on the ZyAIR's management interfaces. You can specify a wait-time that must expire
before entering a fourth password after three incorrect passwords have been entered. Please
see Appendix L on page 246 for details about this feature.
Wireless LAN MAC Address Filtering
Your ZyAIR checks the MAC address of the wireless station against a list of allowed or
denied MAC addresses.
WEP Encryption
WEP (Wired Equivalent Privacy) encrypts data frames before transmitting over the wireless
network to help keep network communications private.
IEEE 802.1x Network Security
The ZyAIR supports the IEEE 802.1x standard to enhance user authentication. This allows
you to use a RADIUS (RFC2138, 2139 - Remote Authentication Dial In User Service) server
to authenticate users.
Embedded RADIUS Server
The ZyAIR’s embedded RADIUS server eliminates the need to purchase and maintain a
standalone external RADIUS server. Use the embedded RADIUS server to authenticate up to
32 users. You can also use an external RADIUS server to authenticate a potentially unlimited
number of users.
Backup RADIUS Server
You can configure the ZyAIR to use backup external RADIUS servers and accounting servers
in case the primary external RADIUS or accounting server does not respond.
29 Chapter 1 Getting to Know Your ZyAIR
ZyAIR G-5100 User’s Guide
SNMP
SNMP (Simple Network Management Protocol) is a protocol used for exchanging
management information between network devices. SNMP is a member of the TCP/IP
protocol suite. Your ZyAIR supports SNMP agent functionality, which allows a manger
station to manage and monitor the ZyAIR through the network. The ZyAIR supports SNMP
version one (SNMPv1) and version two c (SNMPv2c).
Full Network Management
The web configurator is an HTML-based management interface that allows easy setup and
management via Internet browser. Most functions of the ZyAIR are also software configurable
via the SMT (System Management Terminal) interface. The SMT is a menu-driven interface
that you can access from a terminal emulator over a telnet connection.
Vantage WLC 200 Manageable
You can use the Vantage WLC 200 (not included) for centralized management of multiple
ZyAIRs.
Logging and Tracing
• Built-in message logging and packet tracing.
• Syslog facility support.
Embedded FTP and TFTP Servers
The ZyAIR’s embedded FTP and TFTP servers enable fast firmware upgrades as well as
configuration file backups and restoration.
Wireless Association List
With the wireless association list, you can see the list of the wireless stations that are currently
using the ZyAIR to access your wired network.
Wireless LAN Channel Usage
The Wireless Channel Usage screen displays which radio channels are being used by other
wireless devices within the transmission range of the ZyAIR. This allows you to select the
channel with minimum interference for your ZyAIR.
1.3 Applications for the ZyAIR
The ZyAIR can be configured using the following WLAN operating modes
1 AP
2 AP+Bridge
Chapter 1 Getting to Know Your ZyAIR 30