ZyXEL Communications G-3000H User Manual

0 (0)

G-3000H

802.11g Wireless Access Point

User’s Guide

Version 3.50

11/2005

G-3000H User’s Guide

The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.

Disclaimer

ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice.

Copyright

Trademarks

ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.

2 Copyright

G-3000H User’s Guide

Federal Communications

Commission (FCC) Interference

Statement

This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:

• This device may not cause harmful interference.

• This device must accept any interference received, including interference that may cause undesired operations.

This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.

If this equipment does cause harmful interference to radio/television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

• Reorient or relocate the receiving antenna.

• Increase the separation between the equipment and the receiver.

• Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.

• Consult the dealer or an experienced radio/TV technician for help.

Notice 1

Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.

This Class B digital apparatus complies with Canadian ICES-003.

Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.

Federal Communications Commission (FCC) Interference Statement 3

G-3000H User’s Guide

Certifications

Go to www.zyxel.com

1 Select your product from the drop-down list box on the ZyXEL home page to go to that

product's page.

2 Select the certification you wish to view from this page

4 Federal Communications Commission (FCC) Interference Statement

G-3000H User’s Guide

ZyXEL Limited Warranty

ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.

Note

Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser.

To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country.

Safety Warnings

1 To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.

2 Do not use this product near water, for example, in a wet basement or near a swimming

pool.

3 Avoid using this product during an electrical storm. There may be a remote risk of

electric shock from lightening.

This product has been designed for the WLAN 2.4 GHz network throughout the EC region and Switzerland, with restrictions in France.

ZyXEL Limited Warranty 5

G-3000H User’s Guide

Please have the following information ready when you contact customer support.

• Product model and serial number.

• Warranty Information.

• Date that you received your device.

• Brief description of the problem and the steps you took to solve it.

Customer Support

METHOD

LOCATION

CORPORATE HEADQUARTERS (WORLDWIDE)

CZECH REPUBLIC

DENMARK

FINLAND

FRANCE

GERMANY

HUNGARY

KAZAKHSTAN

NORTH AMERICA

NORWAY

SUPPORT E-MAIL TELEPHONE

SALES E-MAIL FAX FTP SITE

support@zyxel.com.tw +886-3-578-3942 www.zyxel.com

sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com

info@cz.zyxel.com +420-241-091-350 www.zyxel.cz ZyXEL Communications

info@cz.zyxel.com +420-241-091-359

support@zyxel.dk +45-39-55-07-00 www.zyxel.dk ZyXEL Communications A/S

sales@zyxel.dk +45-39-55-07-07

support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy

sales@zyxel.fi +358-9-4780 8448

info@zyxel.fr +33-4-72-52-97-97 www.zyxel.fr ZyXEL France

+33-4-72-52-19-20

support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.

sales@zyxel.de +49-2405-6909-99

support@zyxel.hu +36-1-3361649 www.zyxel.hu ZyXEL Hungary

info@zyxel.hu +36-1-3259100

http://zyxel.kz/support +7-3272-590-698 www.zyxel.kz ZyXEL Kazakhstan

sales@zyxel.kz +7-3272-590-689

support@zyxel.com 1-800-255-4101

+1-714-632-0882

sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com

support@zyxel.no +47-22-80-61-80 www.zyxel.no ZyXEL Communications A/S

sales@zyxel.no +47-22-80-61-81

WEB SITE

www.europe.zyxel.com

ftp.europe.zyxel.com

www.us.zyxel.com ZyXEL Communications Inc.

REGULAR MAIL

ZyXEL Communications Corp. 6 Innovation Road II

Science Park Hsinchu 300 Ta iw a n

Czech s.r.o. Modranská 621 143 01 Praha 4 - Modrany Ceská Republika

Columbusvej 2860 Soeborg Denmark

Malminkaari 10 00700 Helsinki Finland

1 rue des Vergers Bat. 1 / C 69760 Limonest France

Adenauerstr. 20/A2 D-52146 Wuerselen Germany

48, Zoldlomb Str. H-1025, Budapest Hungary

43, Dostyk ave.,Office 414 Dostyk Business Centre 050010, Almaty Republic of Kazakhstan

1130 N. Miller St. Anaheim CA 92806-2001 U.S.A.

Nils Hansens vei 13 0667 Oslo Norway

6 Customer Support

G-3000H User’s Guide

METHOD

LOCATION

POLAND

RUSSIA

SPAIN

SWEDEN

UKRAINE

UNITED KINGDOM

a. “+” is the (prefix) number you enter to make an international telephone call.

SUPPORT E-MAIL TELEPHONE

SALES E-MAIL FAX FTP SITE

info@pl.zyxel.com +48-22-5286603 www.pl.zyxel.com ZyXEL Communications

+48-22-5206701

http://zyxel.ru/support +7-095-542-89-29 www.zyxel.ru ZyXEL Russia

sales@zyxel.ru +7-095-542-89-25

support@zyxel.es +34-902-195-420 www.zyxel.es ZyXEL Communications

sales@zyxel.es +34-913-005-345

support@zyxel.se +46-31-744-7700 www.zyxel.se ZyXEL Communications A/S

sales@zyxel.se +46-31-744-7701

support@ua.zyxel.com +380-44-247-69-78 www.ua.zyxel.com ZyXEL Ukraine

sales@ua.zyxel.com +380-44-494-49-32

support@zyxel.co.uk +44-1344 303044

08707 555779 (UK only)

sales@zyxel.co.uk +44-1344 303034 ftp.zyxel.co.uk

WEB SITE

REGULAR MAIL

ul.Emilli Plater 53 00-113 Warszawa Poland

Ostrovityanova 37a Str. Moscow, 117279 Russia

Alejandro Villegas 33 1º, 28043 Madrid Spain

Sjöporten 4, 41764 Göteborg Sweden

13, Pimonenko Str. Kiev, 04050 Ukraine

www.zyxel.co.uk ZyXEL Communications UK

Ltd.,11 The Courtyard, Eastern Road, Bracknell, Berkshire, RG12 2XB, United Kingdom (UK)

Customer Support 7

G-3000H User’s Guide

8 Customer Support

G-3000H User’s Guide

Copyright ..................................................................................................................2

Federal Communications Commission (FCC) Interference Statement ............... 3

ZyXEL Limited Warranty.......................................................................................... 5

Customer Support.................................................................................................... 6

Table of Contents ..................................................................................................... 9

List of Figures ........................................................................................................ 17

List of Tables .......................................................................................................... 23

Preface ....................................................................................................................27

Chapter 1

Getting to Know Your ZyAIR ................................................................................. 31

1.1 Introducing the ZyAIR .......................................................................................31

1.2 ZyAIR Features ..................................................................................................31

1.2.1 Physical Features .....................................................................................31

1.2.2 Firmware Features ....................................................................................32

1.3 Applications for the ZyAIR ..................................................................................36

1.3.1 Access Point .............................................................................................37

1.3.2 Multiple ESS .............................................................................................37

1.3.3 AP + Bridge ..............................................................................................38

1.3.4 Bridge / Repeater ......................................................................................39

Chapter 2

Introducing the Web Configurator........................................................................ 41

2.1 Accessing the ZyAIR Web Configurator .............................................................41

2.2 Resetting the ZyAIR ...........................................................................................43

2.2.1 Procedure To Use The Reset Button ........................................................43

2.2.2 Method of Restoring Factory-Defaults ......................................................43

2.3 Navigating the ZyAIR Web Configurator ............................................................43

Chapter 3

Wizard Setup .......................................................................................................... 45

3.1 Wizard Setup Overview ......................................................................................45

3.1.1 Channel ....................................................................................................45

3.1.2 ESS ID ......................................................................................................45

Table of Contents 9

G-3000H User’s Guide

3.2 Wizard Setup: General Setup ............................................................................46

3.3 Wizard Setup: Wireless LAN ..............................................................................46

3.4 Wizard Setup: IP Address ..................................................................................48

3.5 Basic Setup Complete ........................................................................................50

Chapter 4

System Screens ..................................................................................................... 51

4.1 System Overview ...............................................................................................51

4.2 Configuring General Setup .................................................................................51

4.3 Configuring Password ........................................................................................52

4.4 Configuring Time Setting ...................................................................................53

Chapter 5

Wireless Configuration......................................................................................... 57

3.1.3 WEP Encryption ........................................................................................45

3.4.1 IP Address Assignment ............................................................................48

3.4.2 IP Address and Subnet Mask ...................................................................48

5.1 Wireless LAN Overview .....................................................................................57

5.1.1 BSS ...........................................................................................................57

5.1.2 ESS ...........................................................................................................58

5.2 Wireless LAN Basics ..........................................................................................59

5.3 WMM QoS ..........................................................................................................60

5.3.1 WMM QoS Priorities .................................................................................60

5.3.2 Type Of Service (ToS) ...............................................................................60

5.3.2.1 DiffServ ............................................................................................61

5.3.2.2 DSCP and Per-Hop Behavior ..........................................................61

5.3.3 ToS (Type of Service) and WMM QoS ......................................................61

5.4 Spanning Tree Protocol (STP) ...........................................................................62

5.4.1 Rapid STP ................................................................................................62

5.4.2 STP Terminology ......................................................................................62

5.4.3 How STP Works .......................................................................................63

5.4.4 STP Port States ........................................................................................63

5.5 Wireless Screen Overview .................................................................................63

5.6 Configuring Wireless ..........................................................................................64

5.6.1 Access Point Mode ...................................................................................64

5.6.2 Bridge/Repeater Mode ..............................................................................66

5.6.3 AP+Bridge Mode ......................................................................................70

5.6.4 Multiple ESS Mode ...................................................................................71

Chapter 6

Wireless Security Configuration........................................................................... 73

6.1 Wireless Security Overview ...............................................................................73

6.1.1 Encryption .................................................................................................73

10 Table of Contents

G-3000H User’s Guide

6.1.2 Authentication ...........................................................................................73

6.1.3 Restricted Access .....................................................................................73

6.1.4 Hide ZyAIR Identity ...................................................................................74

6.1.5 WEP Encryption ........................................................................................74

6.2 Configuring WEP Encryption ..............................................................................74

6.3 802.1x Overview ................................................................................................74

6.4 EAP Authentication Overview ............................................................................74

6.5 Dynamic WEP Key Exchange ............................................................................75

6.6 Introduction to WPA ...........................................................................................75

6.6.1 User Authentication .................................................................................76

6.6.2 Encryption ................................................................................................76

6.6.3 WPA(2)-PSK Application Example ...........................................................76

6.7 WPA(2) with RADIUS Application Example .......................................................77

6.8 Security Modes ..................................................................................................78

6.9 Security Modes and Wireless Client Compatibility .............................................79

6.10 Wireless Client WPA Supplicants .....................................................................79

6.11 Wireless Security Effectiveness .......................................................................80

6.12 Configuring Security .........................................................................................80

6.12.1 Security: No Access ................................................................................81

6.12.2 Security: WEP .........................................................................................82

6.12.3 Security: 802.1x Only, 802.1x Static 64-bit WEP, 128-bit WEP ..............83

6.12.4 Security: 802.1x Dynamic 64-bit WEP, 128-bit WEP ..............................85

6.12.5 Security: WPA, WPA-MIX, WPA2, WPA2-MIX ........................................86

6.12.6 Security: WPA-PSK, WPA2-PSK, WPA2-PSK-MIX ................................87

6.13 Introduction to RADIUS ....................................................................................89

6.14 Configuring RADIUS ........................................................................................89

6.15 Configuring Local User Database ....................................................................91

Chapter 7

Multiple ESS, SSID and VLAN............................................................................... 93

7.1 Wireless LAN Infrastructures .............................................................................93

7.1.1 Multiple ESS .............................................................................................93

7.1.2 Notes on Multiple-ESS ..............................................................................93

7.1.3 Multiple ESS Example ..............................................................................94

7.1.4 Multi-ESS with VLAN Example .................................................................94

7.1.5 Configuring Multiple ESS ..........................................................................94

7.2 SSID ...................................................................................................................97

7.2.1 Configuring SSID ......................................................................................98

7.2.2 Second Rx VLAN ID ...............................................................................100

Chapter 8

Other Wireless Configurations ........................................................................... 103

8.1 Layer-2 Isolation Introduction ...........................................................................103

Table of Contents 11

G-3000H User’s Guide

8.2 Configuring Layer-2 Isolation ...........................................................................104

8.3 Configuring MAC Filter .....................................................................................108

8.4 Configuring Roaming .......................................................................................109

Chapter 9

VLAN ..................................................................................................................... 113

9.1 VLAN ................................................................................................................113

9.2 Configuring VLAN ............................................................................................ 113

8.2.1 Layer-2 Isolation Examples ....................................................................105

8.2.2 Layer-2 Isolation Example 1 ...................................................................106

8.2.3 Layer-2 Isolation Example 2 ...................................................................106

8.2.4 Layer-2 Isolation Example 3 ...................................................................107

8.4.1 Requirements for Roaming ..................................................................... 111

9.1.1 Management VLAN ID ............................................................................113

9.1.2 VLAN Tagging ......................................................................................... 113

9.2.1 Configuring Management VLAN Example ..............................................115

9.2.2 Configuring Microsoft’s IAS Server Example .......................................... 117

9.2.2.1 Configuring VLAN Groups ............................................................. 118

9.2.2.2 Configuring Remote Access Policies ............................................119

Chapter 10

IP Screen............................................................................................................... 127

10.1 Factory Ethernet Defaults ..............................................................................127

10.2 TCP/IP Parameters ........................................................................................127

10.2.1 IP Address and Subnet Mask ...............................................................127

10.2.2 WAN IP Address Assignment ...............................................................127

10.3 Configuring IP ................................................................................................128

Chapter 11

Certificates............................................................................................................ 129

11.1 Certificates Overview .....................................................................................129

11.1.1 Advantages of Certificates ....................................................................130

11.2 Self-signed Certificates ..................................................................................130

11.3 Configuration Summary ..................................................................................130

11.4 My Certificates ................................................................................................130

11.5 Certificate File Formats ..................................................................................132

11.6 Importing a Certificate ....................................................................................133

11.7 Creating a Certificate ......................................................................................134

11.8 My Certificate Details ......................................................................................136

11.9 Trusted CAs ....................................................................................................139

11.10 Importing a Trusted CA’s Certificate .............................................................141

11.11 Trusted CA Certificate Details .......................................................................142

12 Table of Contents

G-3000H User’s Guide

Chapter 12

Remote Management Screens ............................................................................ 147

12.1 Remote Management Overview .....................................................................147

12.1.1 Remote Management Limitations .........................................................147

12.1.2 Remote Management and NAT ............................................................148

12.1.3 System Timeout ...................................................................................148

12.2 Configuring WWW ..........................................................................................148

12.3 Configuring Telnet ..........................................................................................150

12.4 Configuring TELNET ......................................................................................150

12.5 Configuring FTP .............................................................................................151

12.6 SNMP .............................................................................................................152

12.6.1 Supported MIBs ....................................................................................154

12.6.2 SNMP Traps .........................................................................................154

12.7 SNMP Traps ...................................................................................................155

12.7.1 Configuring SNMP ................................................................................155

Chapter 13

Log Screens.......................................................................................................... 157

13.1 Configuring View Log .....................................................................................157

13.2 Configuring Log Settings ................................................................................158

Chapter 14

Maintenance ......................................................................................................... 161

14.1 Maintenance Overview ...................................................................................161

14.2 System Status Screen ....................................................................................161

14.2.1 System Statistics ...................................................................................162

14.3 Association List ..............................................................................................163

14.4 Channel Usage ..............................................................................................164

14.5 F/W Upload Screen ........................................................................................166

14.6 Configuration Screen .....................................................................................168

14.6.1 Backup Configuration ...........................................................................168

14.6.2 Restore Configuration ..........................................................................169

14.6.3 Back to Factory Defaults .......................................................................170

14.7 Restart Screen ...............................................................................................170

Chapter 15

Introducing the SMT ............................................................................................171

15.1 Connect to your ZyAIR Using Telnet ..............................................................171

15.2 Changing the System Password ....................................................................171

15.3 ZyAIR SMT Menu Overview Example ............................................................172

15.4 Navigating the SMT Interface .........................................................................173

15.4.1 System Management Terminal Interface Summary ..............................174

Table of Contents 13

G-3000H User’s Guide

Chapter 16

General Setup....................................................................................................... 177

16.1 General Setup ................................................................................................177

Chapter 17

LAN Setup............................................................................................................. 179

17.1 LAN Setup ......................................................................................................179

17.2 TCP/IP Ethernet Setup ...................................................................................179

17.3 Wireless LAN Setup .......................................................................................180

Chapter 18

Dial-in User Setup ................................................................................................ 193

16.1.1 Procedure To Configure Menu 1 ...........................................................177

17.3.1 Configuring MAC Address Filter ...........................................................182

17.3.2 Configuring Roaming ............................................................................184

17.3.3 Configuring SSID Profiles .....................................................................186

17.3.4 Configuring Bridge Link ........................................................................187

17.3.5 Configuring Layer-2 Isolation ................................................................189

18.1 Dial-in User Setup ..........................................................................................193

Chapter 19

VLAN Setup .......................................................................................................... 195

19.1 VLAN Setup ...................................................................................................195

Chapter 20

SNMP Configuration ............................................................................................ 197

20.1 SNMP Configuration ......................................................................................197

Chapter 21

System Security ................................................................................................... 199

21.1 System Security .............................................................................................199

21.1.1 System Password .................................................................................199

21.1.2 Configuring Security Profiles ................................................................199

Chapter 22

System Information and Diagnosis .................................................................... 201

22.1 System Status ................................................................................................201

22.2 System Information ........................................................................................203

22.2.1 System Information ...............................................................................203

22.2.2 Console Port Speed ..............................................................................204

22.3 Log and Trace ................................................................................................204

22.3.1 Viewing Error Log .................................................................................204

22.4 Diagnostic ......................................................................................................205

14 Table of Contents

G-3000H User’s Guide

Chapter 23

Firmware and Configuration File Maintenance ................................................. 207

23.1 Filename Conventions ...................................................................................207

23.2 Backup Configuration .....................................................................................208

23.2.1 Backup Configuration Using FTP .........................................................208

23.2.2 Using the FTP command from the DOS Prompt ..................................209

23.2.3 Backup Configuration Using TFTP .......................................................210

23.2.4 Example: TFTP Command ................................................................... 211

23.2.5 Backup Via Console Port ......................................................................211

23.3 Restore Configuration ...................................................................................212

23.3.1 Restore Using FTP ...............................................................................213

23.4 Uploading Firmware and Configuration Files .................................................213

23.4.1 Firmware Upload ..................................................................................214

23.4.2 Configuration File Upload .....................................................................214

23.4.3 Using the FTP command from the DOS Prompt Example ...................215

23.4.4 TFTP File Upload ..................................................................................215

23.4.5 Example: TFTP Command ...................................................................216

23.4.6 Uploading Via Console Port ..................................................................216

23.4.7 Uploading Firmware File Via Console Port ...........................................216

23.4.8 Example Xmodem Firmware Upload Using HyperTerminal ..................217

23.4.9 Uploading Configuration File Via Console Port ....................................217

23.4.10 Example Xmodem Configuration Upload Using HyperTerminal .........218

Chapter 24

System Maintenance and Information ...............................................................219

24.1 Command Interpreter Mode ...........................................................................219

24.1.1 CNM ......................................................................................................220

24.1.2 Configuring Vantage CNM ....................................................................220

24.1.3 Configuration Example .........................................................................223

24.2 Time and Date Setting ....................................................................................224

24.2.1 Resetting the Time ................................................................................226

24.3 Remote Management Setup ..........................................................................226

24.3.1 Telnet ....................................................................................................226

24.3.2 FTP .......................................................................................................226

24.3.3 Web ......................................................................................................227

24.3.4 Remote Management Setup .................................................................227

24.3.5 Remote Management Limitations .........................................................229

24.4 Remote Management and NAT ......................................................................229

24.5 System Timeout .............................................................................................229

Appendix A

Troubleshooting................................................................................................... 231

Table of Contents 15

G-3000H User’s Guide

Appendix B

Specifications...................................................................................................... 233

Appendix C

Power over Ethernet (PoE) Specifications ........................................................ 235

Appendix D

Brute-Force Password Guessing Protection..................................................... 237

Appendix E

Setting up Your Computer’s IP Address............................................................ 239

Appendix F

IP Address Assignment Conflicts ......................................................................251

Appendix G

Wireless LANs ...................................................................................................... 255

Appendix H

IP Subnetting ........................................................................................................ 267

Appendix I

Command Interpreter........................................................................................... 275

Appendix J

Log Descriptions.................................................................................................. 277

Appendix K

Indoor Installation Recommendations............................................................... 281

Appendix L

Power Adaptor Specifications ............................................................................ 283

Index...................................................................................................................... 285

16 Table of Contents

G-3000H User’s Guide

List of Figures

Figure 1 PoE Installation Example ...................................................................................... 32

Figure 2 WDS Functionality Example ................................................................................. 33

Figure 3 Access Point Application ....................................................................................... 37

Figure 4 Multiple ESS Application ....................................................................................... 38

Figure 5 AP+Bridge Application ........................................................................................ 39

Figure 6 Bridge Application ................................................................................................. 40

Figure 7 Repeater Application ............................................................................................. 40

Figure 8 Change Password Screen .................................................................................... 42

Figure 9 Replace Certificate Screen ................................................................................... 42

Figure 10 The MAIN MENU Screen of the Web Configurator ............................................. 44

Figure 11 Wizard 1: General Setup ..................................................................................... 46

Figure 12 Wizard 2: Wireless LAN Setup ............................................................................ 47

Figure 13 Wizard 3: IP Address Assignment ...................................................................... 49

Figure 14 Wizard 4: Setup Complete .................................................................................. 50

Figure 15 System General Setup ........................................................................................ 51

Figure 16 Password. ........................................................................................................... 53

Figure 17 Time Setting ........................................................................................................ 54

Figure 18 Basic Service set ................................................................................................ 58

Figure 19 Extended Service Set ......................................................................................... 59

Figure 20 DiffServ: Differentiated Service Field .................................................................. 61

Figure 21 Wireless: Access Point ....................................................................................... 65

Figure 22 Bridging Example ................................................................................................ 67

Figure 23 Bridge Loop: Two Bridges Connected to Hub ..................................................... 68

Figure 24 Bridge Loop: Bridge Connected to Wired LAN ................................................... 68

Figure 25 Wireless: Bridge/Repeater .................................................................................. 69

Figure 26 Wireless: AP+Bridge ........................................................................................... 71

Figure 27 EAP Authentication ............................................................................................. 75

Figure 28 WPA(2)-PSK Authentication ............................................................................... 77

Figure 29 WPA(2) with RADIUS Application Example ........................................................ 78

Figure 30 Security ............................................................................................................... 81

Figure 31 Security: No Access or None .............................................................................. 82

Figure 32 Security: WEP ..................................................................................................... 82

Figure 33 Security: 802.1x Only, 802.1x Static 64-bit WEP, 128-bit WEP ........................... 84

Figure 34 Security: 802.1x Dynamic 64-bit WEP, 128-bit WEP .......................................... 85

Figure 35 Security: WPA, WPA-MIX, WPA2 or WPA2-MIX ................................................. 87

Figure 36 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX ......................................... 88

Figure 37 RADIUS .............................................................................................................. 90

Figure 38 Local User Database .......................................................................................... 91

List of Figures 17

G-3000H User’s Guide

Figure 39 Multi-ESS with VLAN Example ........................................................................... 94

Figure 40 Wireless: Multiple ESS ........................................................................................ 95

Figure 41 SSID .................................................................................................................... 97

Figure 42 Configuring SSID ................................................................................................ 99

Figure 43 Second Rx VLAN ID Example ............................................................................ 100

Figure 44 Configuring SSID: Second Rx VLAN ID Example ............................................... 100

Figure 45 Layer-2 Isolation Application ............................................................................... 104

Figure 46 Layer-2 Isolation Configuration Screen ............................................................... 105

Figure 47 Layer-2 Isolation Example .................................................................................. 106

Figure 48 Layer-2 Isolation Example 1 ............................................................................... 106

Figure 49 Layer-2 Isolation Example 2 ............................................................................... 107

Figure 50 Layer-2 Isolation Example 3 ............................................................................... 108

Figure 51 MAC Address Filter ............................................................................................. 109

Figure 52 Roaming Example ............................................................................................... 110

Figure 53 Roaming ..............................................................................................................111

Figure 54 VLAN ................................................................................................................... 114

Figure 55 Management VLAN Configuration Example ....................................................... 115

Figure 56 VLAN-Aware Switch - Static VLAN ..................................................................... 116

Figure 57 VLAN-Aware Switch ............................................................................................ 116

Figure 58 VLAN-Aware Switch - VLAN Status .................................................................... 116

Figure 59 VLAN Setup ........................................................................................................ 117

Figure 60 New Global Security Group ............................................................................... 118

Figure 61 Add Group Members .......................................................................................... 119

Figure 62 New Remote Access Policy for VLAN Group .................................................... 120

Figure 63 Specifying Windows-Group Condition ................................................................. 120

Figure 64 Adding VLAN Group .......................................................................................... 121

Figure 65 Granting Permissions and User Profile Screens ................................................ 121

Figure 66 Authentication Tab Settings ................................................................................ 122

Figure 67 Encryption Tab Settings ..................................................................................... 122

Figure 68 Connection Attributes Screen ............................................................................ 123

Figure 69 RADIUS Attribute Screen ................................................................................... 124

Figure 70 802 Attribute Setting for Tunnel-Medium-Type .................................................. 124

Figure 71 VLAN ID Attribute Setting for Tunnel-Pvt-Group-ID ........................................... 125

Figure 72 VLAN Attribute Setting for Tunnel-Type ............................................................. 125

Figure 73 Completed Advanced Tab .................................................................................. 126

Figure 74 IP Setup ............................................................................................................. 128

Figure 75 My Certificates .................................................................................................... 131

Figure 76 My Certificate Import ........................................................................................... 133

Figure 77 My Certificate Create .......................................................................................... 134

Figure 78 My Certificate Details .......................................................................................... 137

Figure 79 Trusted CAs ........................................................................................................ 140

Figure 80 Trusted CA Import ............................................................................................... 141

Figure 81 Trusted CA Details .............................................................................................. 143

18 List of Figures

G-3000H User’s Guide

Figure 82 Remote Management: WWW ............................................................................. 149

Figure 83 Telnet Configuration on a TCP/IP Network ......................................................... 150

Figure 84 Remote Management: Telnet .............................................................................. 151

Figure 85 Remote Management: FTP ................................................................................. 152

Figure 86 SNMP Management Model ................................................................................. 153

Figure 87 Remote Management: SNMP ............................................................................. 156

Figure 88 View Log .............................................................................................................157

Figure 89 Log Settings ........................................................................................................ 159

Figure 90 System Status ..................................................................................................... 161

Figure 91 System Status: Show Statistics ........................................................................... 162

Figure 92 Association List ................................................................................................... 163

Figure 93 Channel Usage ................................................................................................... 165

Figure 94 Firmware Upload ................................................................................................. 166

Figure 95 Firmware Upload In Process ............................................................................... 167

Figure 96 Network Temporarily Disconnected .................................................................... 167

Figure 97 Firmware Upload Error ........................................................................................ 168

Figure 98 Configuration ....................................................................................................... 168

Figure 99 Configuration Upload Successful ........................................................................ 169

Figure 100 Network Temporarily Disconnected .................................................................. 169

Figure 101 Configuration Upload Error ............................................................................... 170

Figure 102 Reset Warning Message ................................................................................... 170

Figure 103 Restart Screen .................................................................................................. 170

Figure 104 Login Screen ..................................................................................................... 171

Figure 105 Menu 23.1 System Security: Change Password ............................................... 172

Figure 106 G-3000H SMT Main Menu ................................................................................ 174

Figure 107 Menu 1 General Setup ...................................................................................... 177

Figure 108 Menu 3 LAN Setup ........................................................................................... 179

Figure 109 Menu 3.2 TCP/IP Setup .................................................................................... 180

Figure 110 Menu 3.5 Wireless LAN Setup .......................................................................... 181

Figure 111 Menu 3.5 Wireless LAN Setup .......................................................................... 183

Figure 112 Menu 3.5.1 WLAN MAC Address Filter ............................................................. 183

Figure 113 Menu 3.5 Wireless LAN Setup .......................................................................... 185

Figure 114 Menu 3.5.2 Roaming Configuration .................................................................. 185

Figure 115 Menu 3.5 Wireless LAN Setup .......................................................................... 186

Figure 116 Menu 3.5.6 - SSID Profile Edit .......................................................................... 187

Figure 117 Menu 3.5 Wireless LAN Setup .......................................................................... 188

Figure 118 Menu 3.5.4 Bridge Link Configuration ............................................................... 189

Figure 119 Menu 3.5 Wireless LAN Setup .......................................................................... 190

Figure 120 Menu 3.5.5 Layer-2 Isolation ............................................................................ 190

Figure 121 Menu 14- Dial-in User Setup ............................................................................. 193

Figure 122 Menu 14.1- Edit Dial-in User ............................................................................. 194

Figure 123 Menu 16 VLAN Setup ....................................................................................... 195

Figure 124 Menu 22 SNMP Configuration ......................................................................... 197

List of Figures 19

G-3000H User’s Guide

Figure 125 Menu 23 System Security ................................................................................. 199

Figure 126 Menu 23 - System Security ............................................................................... 200

Figure 127 Menu 23.5 Security Profile Edit ......................................................................... 200

Figure 128 Menu 24 System Maintenance ......................................................................... 201

Figure 129 Menu 24.1 System Maintenance: Status .......................................................... 202

Figure 130 Menu 24.2 System Information and Console Port Speed ................................. 203

Figure 131 Menu 24.2.1 System Information: Information .................................................. 203

Figure 132 Menu 24.2.2 System Maintenance: Change Console Port Speed .................... 204

Figure 133 Menu 24.3 System Maintenance: Log and Trace ............................................. 205

Figure 134 Sample Error and Information Messages ......................................................... 205

Figure 135 Menu 24.4 System Maintenance: Diagnostic .................................................... 205

Figure 136 Menu 24.5 Backup Configuration ...................................................................... 209

Figure 137 FTP Session Example ...................................................................................... 210

Figure 138 System Maintenance: Backup Configuration .................................................... 212

Figure 139 System Maintenance: Starting Xmodem Download Screen ............................. 212

Figure 140 Backup Configuration Example ......................................................................... 212

Figure 141 Successful Backup Confirmation Screen .......................................................... 212

Figure 142 Menu 24.6 Restore Configuration ..................................................................... 213

Figure 143 Menu 24.7 System Maintenance: Upload Firmware ......................................... 213

Figure 144 Menu 24.7.1 System Maintenance: Upload System Firmware ......................... 214

Figure 145 Menu 24.7.2 System Maintenance: Upload System Configuration File ............ 214

Figure 146 FTP Session Example ...................................................................................... 215

Figure 147 Menu 24.7.1 as seen using the Console Port ................................................... 217

Figure 148 Example Xmodem Upload ................................................................................ 217

Figure 149 Menu 24.7.2 as seen using the Console Port .................................................. 218

Figure 150 Example Xmodem Upload ................................................................................ 218

Figure 151 Menu 24 System Maintenance ......................................................................... 220

Figure 152 Valid CI Commands .......................................................................................... 220

Figure 153 CNM CL ............................................................................................................ 221

Figure 154 CNM Configuration Example ............................................................................ 224

Figure 155 Menu 24.10 System Maintenance: Time and Date Setting ............................... 225

Figure 156 Telnet Configuration on a TCP/IP Network ....................................................... 226

Figure 157 Menu 24.11 Remote Management Control ....................................................... 228

Figure 158 WIndows 95/98/Me: Network: Configuration ..................................................... 240

Figure 159 Windows 95/98/Me: TCP/IP Properties: IP Address ......................................... 241

Figure 160 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ............................ 242

Figure 161 Windows XP: Start Menu .................................................................................. 243

Figure 162 Windows XP: Control Panel .............................................................................. 243

Figure 163 Windows XP: Control Panel: Network Connections: Properties ....................... 244

Figure 164 Windows XP: Local Area Connection Properties .............................................. 244

Figure 165 Windows XP: Advanced TCP/IP Settings ......................................................... 245

Figure 166 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 246

Figure 167 Macintosh OS 8/9: Apple Menu ........................................................................ 247

20 List of Figures

G-3000H User’s Guide

Figure 168 Macintosh OS 8/9: TCP/IP ................................................................................ 247

Figure 169 Macintosh OS X: Apple Menu ........................................................................... 248

Figure 170 Macintosh OS X: Network ................................................................................. 249

Figure 171 IP Address Conflicts: Case A ............................................................................ 251

Figure 172 IP Address Conflicts: Case B ........................................................................... 252

Figure 173 IP Address Conflicts: Case C ............................................................................ 252

Figure 174 IP Address Conflicts: Case D ............................................................................ 253

Figure 175 Peer-to-Peer Communication in an Ad-hoc Network ........................................ 255

Figure 176 Basic Service Set .............................................................................................. 256

Figure 177 Infrastructure WLAN ......................................................................................... 257

Figure 178 RTS/CTS .......................................................................................................... 258

List of Figures 21

G-3000H User’s Guide

22 List of Figures

G-3000H User’s Guide

List of Tables

Table 1 IEEE 802.11b ......................................................................................................... 34

Table 2 IEEE 802.11g ......................................................................................................... 34

Table 3 Wizard 1: General Setup ....................................................................................... 46

Table 4 Wizard 2: Wireless LAN Setup .............................................................................. 47

Table 5 Private IP Address Ranges ................................................................................... 48

Table 6 Wizard 3: IP Address Assignment ......................................................................... 49

Table 7 System General Setup .......................................................................................... 51

Table 8 Password ............................................................................................................... 53

Table 9 Time Setting ..........................................................................................................54

Table 10 WMM QoS Priorities ............................................................................................ 60

Table 11 ToS and IEEE 802.1d to WMM QoS Priority Level Mapping ............................... 61

Table 12 STP Path Costs ................................................................................................... 62

Table 13 STP Port States ................................................................................................... 63

Table 14 Wireless: Access Point ........................................................................................ 65

Table 15 Wireless: Bridge/Repeater ................................................................................... 69

Table 16 Security Modes .................................................................................................... 78

Table 17 Security Modes for ZyAIR and Windows XP Wireless Client .............................. 79

Table 18 ZyAIR Wireless Security Levels .......................................................................... 80

Table 19 Security ................................................................................................................ 81

Table 20 Security: No Access or None ............................................................................... 82

Table 21 Security: WEP ..................................................................................................... 82

Table 22 Security: 802.1x Only, 802.1x Static 64-bit WEP, 128-bit WEP ........................... 84

Table 23 Security: 802.1x Dynamic 64-bit WEP, 128-bit WEP ........................................... 85

Table 24 Security: WPA, WPA-MIX, WPA2 or WPA2-MIX ................................................. 87

Table 25 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX .......................................... 88

Table 26 RADIUS ...............................................................................................................90

Table 27 Local User Database ........................................................................................... 91

Table 28 Wireless: Multiple ESS ........................................................................................ 95

Table 29 SSID .................................................................................................................... 97

Table 30 Configuring SSID ................................................................................................. 99

Table 31 Layer-2 Isolation Configuration ............................................................................ 105

Table 32 MAC Address Filter ............................................................................................. 109

Table 33 Roaming ..............................................................................................................111

Table 34 VLAN ................................................................................................................... 114

Table 35 Standard RADIUS Attributes ............................................................................... 117

Table 36 Private IP Address Ranges ................................................................................. 127

Table 37 IP Setup ............................................................................................................... 128

Table 38 My Certificates ..................................................................................................... 131

List of Tables 23

G-3000H User’s Guide

Table 39 My Certificate Import ........................................................................................... 133

Table 40 My Certificate Create ........................................................................................... 134

Table 41 My Certificate Details ........................................................................................... 137

Table 42 Trusted CAs ......................................................................................................... 140

Table 43 Trusted CA Import ............................................................................................... 141

Table 44 Trusted CA Details ............................................................................................... 143

Table 45 Remote Management: WWW .............................................................................. 149

Table 46 Remote Management: Telnet .............................................................................. 151

Table 47 Remote Management: FTP ................................................................................. 152

Table 48 SNMP Traps ........................................................................................................ 154

Table 49 SNMP Interface Index to Physical Port Mapping ................................................. 155

Table 50 Remote Management: SNMP .............................................................................. 156

Table 51 View Log .............................................................................................................. 157

Table 52 Log Settings .........................................................................................................159

Table 53 System Status ...................................................................................................... 161

Table 54 System Status: Show Statistics ........................................................................... 162

Table 55 Association List .................................................................................................... 163

Table 56 Channel Usage .................................................................................................... 165

Table 57 Firmware Upload ................................................................................................. 166

Table 58 Restore Configuration .......................................................................................... 169

Table 59 SMT Menus Overview ......................................................................................... 172

Table 60 Main Menu Commands ....................................................................................... 173

Table 61 Main Menu Summary .......................................................................................... 174

Table 62 Menu 1 General Setup ........................................................................................ 177

Table 63 Menu 3.2 TCP/IP Setup ....................................................................................... 180

Table 64 Menu 3.5 Wireless LAN Setup ............................................................................ 181

Table 65 Menu 3.5.1 WLAN MAC Address Filter ............................................................... 184

Table 66 Menu 3.5.2 Roaming Configuration ..................................................................... 185

Table 67 Menu 3.5.6 - SSID Profile Edit ............................................................................. 187

Table 68 Menu 3.5.4 Bridge Link Configuration ................................................................. 189

Table 69 Menu 3.5.5 Layer-2 Isolation ............................................................................... 191

Table 70 Menu 14.1- Edit Dial-in User ............................................................................... 194

Table 71 Menu 16 VLAN Setup .......................................................................................... 195

Table 72 Menu 22 SNMP Configuration ............................................................................. 197

Table 73 Menu 24.1 System Maintenance: Status ............................................................. 202

Table 74 Menu 24.2.1 System Maintenance: Information .................................................. 203

Table 75 Menu 24.4 System Maintenance Menu: Diagnostic ............................................ 206

Table 76 Filename Conventions ......................................................................................... 208

Table 77 General Commands for Third Party FTP Clients ................................................. 210

Table 78 General Commands for Third Party TFTP Clients .............................................. 211

Table 79 CNM Commands ................................................................................................. 221

Table 80 System Maintenance: Time and Date Setting ..................................................... 225

Table 81 Remote Management Port Control ...................................................................... 227

24 List of Tables

G-3000H User’s Guide

Table 82 Menu 24.11 Remote Management Control .......................................................... 228

Table 83 Troubleshooting the Start-Up of Your ZyAIR ....................................................... 231

Table 84 Troubleshooting the Ethernet Interface ............................................................... 231

Table 85 Troubleshooting the Password ............................................................................ 232

Table 86 Troubleshooting Telnet ........................................................................................ 232

Table 87 Troubleshooting the WLAN Interface ................................................................... 232

Table 88 Hardware .............................................................................................................233

Table 89 Firmware .............................................................................................................. 233

Table 90 Power over Ethernet Injector Specifications ....................................................... 235

Table 91 Power over Ethernet Injector RJ-45 Port Pin Assignments ................................. 235

Table 92 Brute-Force Password Guessing Protection Commands .................................... 237

Table 93 IEEE 802.11b ....................................................................................................... 259

Table 94 Comparison of EAP Authentication Types ........................................................... 263

Table 95 Wireless Security Relational Matrix ..................................................................... 264

Table 96 Classes of IP Addresses ..................................................................................... 267

Table 97 Allowed IP Address Range By Class ................................................................... 268

Table 98 “Natural” Masks .................................................................................................. 268

Table 99 Alternative Subnet Mask Notation ....................................................................... 269

Table 100 Two Subnets Example ....................................................................................... 269

Table 101 Subnet 1 ............................................................................................................270

Table 102 Subnet 2 ............................................................................................................270

Table 103 Subnet 1 ............................................................................................................271

Table 104 Subnet 2 ............................................................................................................271

Table 105 Subnet 3 ............................................................................................................271

Table 106 Subnet 4 ............................................................................................................272

Table 107 Eight Subnets .................................................................................................... 272

Table 108 Class C Subnet Planning ................................................................................... 272

Table 109 Class B Subnet Planning ................................................................................... 273

Table 110 System Maintenance Logs ................................................................................ 277

Table 111 ICMP Notes ........................................................................................................ 277

Table 112 Sys log ............................................................................................................... 278

Table 113 Log Categories and Available Settings .............................................................. 279

Table 114 North American Plug Standards ........................................................................ 283

Table 115 European Plug Standards .................................................................................. 283

Table 116 United Kingdom Plug Standards ........................................................................ 283

Table 117 Australia and New Zealand Plug Standards ...................................................... 283

List of Tables 25

G-3000H User’s Guide

26 List of Tables

G-3000H User’s Guide

Preface

Congratulations on your purchase of the G-3000H - 802.11g Wireless Access Point/Bridge/ Repeater.

An AP acts as a bridge between the wireless and wired networks, extending your existing wired network without any additional wiring.

The ZyAIR can function as a wireless network bridge/repeater and establish up to five wireless links with other APs.

The ZyAIR also supports both AP and bridge connections at the same time.

Your ZyAIR is easy to install and configure.

Note: Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com American products.

for global products, or at www.us.zyxel.com for North

About This User's Guide

This User’s Guide is designed to guide you through the configuration of your ZyAIR using the web configurator or the SMT. The web configurator parts of this guide contain background information on features configurable by web configurator. The SMT parts of this guide contain background information solely on features not configurable by web configurator

Note: Use the web configurator, System Management Terminal (SMT) or command interpreter interface to configure your ZyAIR. Not all features can be configured through all interfaces.